From c2d12052d5896a1be6e57a6318fdcc39ad4a217a Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 29 Jan 2018 13:47:25 +1100 Subject: [PATCH 01/89] Cache our builds based on branches - part 2 --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index faa62e5..fc4bd21 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -7,7 +7,7 @@ stages: variables: BRANCH: plus VERSION: 7.1-fpm-${BRANCH} - CACHETAG: build + CACHETAG: build-${BRANCH} DOCKER_REGISTRY: registry.leenooks.net DOCKER_HOST: tcp://${DOCKER_REGISTRY}-leenooks-ci-docker:2375 @@ -35,7 +35,7 @@ build: - docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG} || true - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG}-${BRANCH} + - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} tags: - docker only: From 39fdc2f940d5935fa36dadc6943bdff4ccdea85c Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 29 Jan 2018 13:52:35 +1100 Subject: [PATCH 02/89] Added mysql only branch --- .gitlab-ci.yml | 4 ++-- Dockerfile | 10 +++------- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index fc4bd21..cd2f325 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,7 +5,7 @@ stages: - build variables: - BRANCH: plus + BRANCH: mysql VERSION: 7.1-fpm-${BRANCH} CACHETAG: build-${BRANCH} DOCKER_REGISTRY: registry.leenooks.net @@ -39,4 +39,4 @@ build: tags: - docker only: - - plus + - mysql diff --git a/Dockerfile b/Dockerfile index 300efc3..7fed7fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,9 @@ # NAME leenooks/php -# VERSION 7.1-fpm-plus +# VERSION 7.1-fpm-mysql FROM php:7.1-fpm -RUN echo "deb http://deb.debian.org/debian jessie non-free" >> /etc/apt/sources.list.d/non-free.list && apt-get update \ - && apt-get install -y pkg-config libbz2-dev libgmp-dev libpng-dev libjpeg-dev libfreetype6-dev libsnmp-dev snmp-mibs-downloader libmagickwand-dev --no-install-recommends \ - && download-mibs \ - && docker-php-ext-configure gd --with-freetype-dir=/usr/include/freetype2 --with-jpeg-dir=/usr/include/ \ - && docker-php-ext-install -j$(nproc) pdo_mysql bz2 gettext sockets gmp gd pcntl snmp exif \ - && pecl install imagick && docker-php-ext-enable imagick \ +RUN apt-get update \ + && docker-php-ext-install -j$(nproc) pdo_mysql \ && rm -rf /var/lib/apt/lists/* /tmp/* RUN apt-get update && apt-get install -y openssh-server && rm -rf /var/lib/apt/lists/* \ From 7ca57c02abd54e6b72ef481ff46c461bba5b056e Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 29 Jan 2018 15:23:52 +1100 Subject: [PATCH 03/89] Reworked mysql image to better work as a base --- Dockerfile | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7fed7fb..1f765c1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,18 +2,16 @@ # VERSION 7.1-fpm-mysql FROM php:7.1-fpm -RUN apt-get update \ - && docker-php-ext-install -j$(nproc) pdo_mysql \ - && rm -rf /var/lib/apt/lists/* /tmp/* - -RUN apt-get update && apt-get install -y openssh-server && rm -rf /var/lib/apt/lists/* \ +RUN apt-get update && apt-get install -y openssh-server && rm -rf /var/lib/apt/lists/* /tmp/* \ && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp -EXPOSE 9000/tcp 22/tcp - COPY sshd_config.patch /tmp RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch +EXPOSE 9000/tcp 22/tcp + COPY start /usr/local/sbin ENTRYPOINT [ "/usr/local/sbin/start" ] -CMD ["php-fpm"] +CMD [ "php-fpm" ] + +RUN docker-php-ext-install -j$(nproc) pdo_mysql From 77c7e70428c25f7ba7b274c7732f126ac2e12838 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 27 Feb 2018 19:28:17 +1100 Subject: [PATCH 04/89] Reworked ssmtp integration, need to use fastcgi_param PHP_ADMIN_VALUE "sendmail_path=/usr/sbin/sendmail -i -t"; in nginx config, and hostname: for php container --- .gitlab-ci.yml | 2 +- Dockerfile | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index cd2f325..3fc8c22 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,7 +6,7 @@ stages: variables: BRANCH: mysql - VERSION: 7.1-fpm-${BRANCH} + VERSION: 7.2-fpm-${BRANCH} CACHETAG: build-${BRANCH} DOCKER_REGISTRY: registry.leenooks.net DOCKER_HOST: tcp://${DOCKER_REGISTRY}-leenooks-ci-docker:2375 diff --git a/Dockerfile b/Dockerfile index 1f765c1..9e81d14 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,11 @@ # NAME leenooks/php -# VERSION 7.1-fpm-mysql +# VERSION 7.2-fpm-mysql -FROM php:7.1-fpm -RUN apt-get update && apt-get install -y openssh-server && rm -rf /var/lib/apt/lists/* /tmp/* \ - && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp +FROM php:7.2-fpm + +RUN apt-get update && apt-get install -y openssh-server ssmtp && rm -rf /var/lib/apt/lists/* /tmp/* \ + && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ + && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf COPY sshd_config.patch /tmp RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch From 1322c5f0f5a6c2fb6c2b8163cad6419edc1e27b2 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 27 Feb 2018 19:40:27 +1100 Subject: [PATCH 05/89] Updated SSH patch for php-7.2 --- sshd_config.patch | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/sshd_config.patch b/sshd_config.patch index a67df94..11f3ec4 100644 --- a/sshd_config.patch +++ b/sshd_config.patch @@ -1,20 +1,18 @@ ---- /etc/ssh/sshd_config.orig 2017-12-13 10:12:21.098005827 +0000 -+++ /etc/ssh/sshd_config 2017-12-13 10:14:11.461687661 +0000 -@@ -25,7 +25,7 @@ +--- /etc/ssh/sshd_config.orig 2018-02-27 08:33:29.613104521 +0000 ++++ /etc/ssh/sshd_config 2018-02-27 08:34:43.413485512 +0000 +@@ -30,6 +30,7 @@ - # Authentication: - LoginGraceTime 120 --PermitRootLogin without-password + #LoginGraceTime 2m + #PermitRootLogin prohibit-password +PermitRootLogin no - StrictModes yes + #StrictModes yes + #MaxAuthTries 6 + #MaxSessions 10 +@@ -54,6 +55,7 @@ - RSAAuthentication yes -@@ -49,7 +49,7 @@ - ChallengeResponseAuthentication no - - # Change to no to disable tunnelled clear text passwords --#PasswordAuthentication yes + # To disable tunneled clear text passwords, change to no here! + #PasswordAuthentication yes +PasswordAuthentication no + #PermitEmptyPasswords no - # Kerberos options - #KerberosAuthentication no + # Change to yes to enable challenge-response passwords (beware issues with From 585206106303a1cd659d6850e7483ed964c9a060 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 27 Feb 2018 19:53:56 +1100 Subject: [PATCH 06/89] Update .gitlab-ci --- .gitlab-ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3fc8c22..9503b73 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,16 +8,15 @@ variables: BRANCH: mysql VERSION: 7.2-fpm-${BRANCH} CACHETAG: build-${BRANCH} - DOCKER_REGISTRY: registry.leenooks.net - DOCKER_HOST: tcp://${DOCKER_REGISTRY}-leenooks-ci-docker:2375 + DOCKER_HOST: tcp://${CI_REGISTRY}-leenooks-ci-docker:2375 services: -- ${DOCKER_REGISTRY}/leenooks/ci-docker:dind +- ${CI_REGISTRY}/leenooks/ci-docker:dind before_script: - docker info - docker version -- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN ${DOCKER_REGISTRY} +- echo "$CI_JOB_TOKEN" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin test: stage: test @@ -32,6 +31,7 @@ test: build: stage: build script: + - if [ -f init ]; then chmod 500 init; fi - docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG} || true - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} From fc28d4fe09efe40fcb145974ac634f192d741ce7 Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 4 May 2018 23:54:52 +1000 Subject: [PATCH 07/89] Added postgresql module and composer --- .gitlab-ci.yml | 2 +- Dockerfile | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9503b73..a530fa8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,7 +5,7 @@ stages: - build variables: - BRANCH: mysql + BRANCH: mp VERSION: 7.2-fpm-${BRANCH} CACHETAG: build-${BRANCH} DOCKER_HOST: tcp://${CI_REGISTRY}-leenooks-ci-docker:2375 diff --git a/Dockerfile b/Dockerfile index 9e81d14..9641ff4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM php:7.2-fpm -RUN apt-get update && apt-get install -y openssh-server ssmtp && rm -rf /var/lib/apt/lists/* /tmp/* \ +RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev && rm -rf /var/lib/apt/lists/* /tmp/* \ && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf @@ -16,4 +16,5 @@ COPY start /usr/local/sbin ENTRYPOINT [ "/usr/local/sbin/start" ] CMD [ "php-fpm" ] -RUN docker-php-ext-install -j$(nproc) pdo_mysql +RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql +RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer From 3df8ec4de2bf911fc043fc7b374324238b6b268a Mon Sep 17 00:00:00 2001 From: Deon George Date: Sun, 6 May 2018 10:01:23 +1000 Subject: [PATCH 08/89] Added git unzip, required for composer --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9641ff4..daa5685 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ # NAME leenooks/php -# VERSION 7.2-fpm-mysql +# VERSION 7.2-fpm-mp FROM php:7.2-fpm -RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev && rm -rf /var/lib/apt/lists/* /tmp/* \ +RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git && rm -rf /var/lib/apt/lists/* /tmp/* \ && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf From b48c38cee15f41cc98e52d710a141c6b252c7530 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 7 May 2018 13:34:45 +1000 Subject: [PATCH 09/89] Enabled multi-use container invocation with roles --- Dockerfile | 6 +++--- start | 31 ++++++++++++++++++++++++++++++- 2 files changed, 33 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index daa5685..f144f36 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,9 +12,9 @@ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch EXPOSE 9000/tcp 22/tcp +RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql +RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer + COPY start /usr/local/sbin ENTRYPOINT [ "/usr/local/sbin/start" ] CMD [ "php-fpm" ] - -RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql -RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer diff --git a/start b/start index 2b2c214..f873117 100755 --- a/start +++ b/start @@ -5,4 +5,33 @@ if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then start-stop-daemon --start --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- -p 22 fi -exec /usr/local/bin/docker-php-entrypoint "$@" +set -e + +role=${CONTAINER_ROLE:-app} +env=${APP_ENV:-production} + +if [ "${env}" != "local" -a -r "artisan" ]; then + echo "Caching configuration..." + (cd /var/www/html && php artisan config:cache && php artisan route:cache && php artisan view:cache) +fi + +if [ "${role}" = "app" ]; then + + exec /usr/local/bin/docker-php-entrypoint "$@" + +elif [ "$role" = "queue" ]; then + + echo "Running the queue..." + php /var/www/html/artisan queue:work --verbose --tries=3 --timeout=90 + +elif [ "$role" = "scheduler" ]; then + + while [ true ]; do + php /var/www/html/artisan schedule:run --verbose --no-interaction & + sleep 60 + done + +else + echo "Could not match the container role \"${role}\"" + exit 1 +fi From ee72137f9679658269c14f6b72e61d25a180a214 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 7 May 2018 13:45:43 +1000 Subject: [PATCH 10/89] Enabled tuning queue:work --- start | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/start b/start index f873117..13ee5e7 100755 --- a/start +++ b/start @@ -1,18 +1,19 @@ #!/bin/sh +set -e +role=${CONTAINER_ROLE:-app} +env=${APP_ENV:-production} + +# General Setup if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then [ ! -d /var/run/sshd ] && mkdir /var/run/sshd start-stop-daemon --start --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- -p 22 fi -set -e - -role=${CONTAINER_ROLE:-app} -env=${APP_ENV:-production} - +# Laravel Specific if [ "${env}" != "local" -a -r "artisan" ]; then echo "Caching configuration..." - (cd /var/www/html && php artisan config:cache && php artisan route:cache && php artisan view:cache) + (php artisan config:cache && php artisan route:cache && php artisan view:cache) fi if [ "${role}" = "app" ]; then @@ -22,12 +23,12 @@ if [ "${role}" = "app" ]; then elif [ "$role" = "queue" ]; then echo "Running the queue..." - php /var/www/html/artisan queue:work --verbose --tries=3 --timeout=90 + php artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} elif [ "$role" = "scheduler" ]; then while [ true ]; do - php /var/www/html/artisan schedule:run --verbose --no-interaction & + php artisan schedule:run --verbose --no-interaction & sleep 60 done From 9652a4baf991e1dd88432adec8f796a020802be7 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 7 May 2018 13:53:29 +1000 Subject: [PATCH 11/89] Added PHP_OPTIONS --- start | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/start b/start index 13ee5e7..86bae8e 100755 --- a/start +++ b/start @@ -23,12 +23,12 @@ if [ "${role}" = "app" ]; then elif [ "$role" = "queue" ]; then echo "Running the queue..." - php artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} + php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} elif [ "$role" = "scheduler" ]; then while [ true ]; do - php artisan schedule:run --verbose --no-interaction & + php ${PHP_OPTIONS} artisan schedule:run --verbose --no-interaction & sleep 60 done From 2e0860713da9b45c5df9b709be018ea6069d3e75 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 7 May 2018 13:58:55 +1000 Subject: [PATCH 12/89] Only run caching for the app --- start | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/start b/start index 86bae8e..7596dec 100755 --- a/start +++ b/start @@ -11,22 +11,27 @@ if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then fi # Laravel Specific -if [ "${env}" != "local" -a -r "artisan" ]; then - echo "Caching configuration..." - (php artisan config:cache && php artisan route:cache && php artisan view:cache) -fi - if [ "${role}" = "app" ]; then + if [ "${env}" != "local" -a -r "artisan" ]; then + echo "Caching configuration..." + (php artisan config:cache && php artisan route:cache && php artisan view:cache) + fi exec /usr/local/bin/docker-php-entrypoint "$@" elif [ "$role" = "queue" ]; then echo "Running the queue..." + # We'll delay starting in case the app is caching + sleep 15 php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} elif [ "$role" = "scheduler" ]; then + echo "Running the scheduler..." + # We'll delay starting in case the app is caching + sleep 15 + while [ true ]; do php ${PHP_OPTIONS} artisan schedule:run --verbose --no-interaction & sleep 60 From b3e39f7cc995082501a3fbf2aa247aa76b222a01 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 8 May 2018 15:36:11 +1000 Subject: [PATCH 13/89] Added composer (re)installation --- start | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/start b/start index 7596dec..21f1c15 100755 --- a/start +++ b/start @@ -5,7 +5,7 @@ role=${CONTAINER_ROLE:-app} env=${APP_ENV:-production} # General Setup -if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then +if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then [ ! -d /var/run/sshd ] && mkdir /var/run/sshd start-stop-daemon --start --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- -p 22 fi @@ -13,6 +13,11 @@ fi # Laravel Specific if [ "${role}" = "app" ]; then if [ "${env}" != "local" -a -r "artisan" ]; then + # See if we need to refresh our dependancies + if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then + composer install + fi + echo "Caching configuration..." (php artisan config:cache && php artisan route:cache && php artisan view:cache) fi From 42586535f4fbb06698020d3f023a6f5ca8bfdabb Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 8 May 2018 15:45:42 +1000 Subject: [PATCH 14/89] Change shell to bash --- start | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/start b/start index 21f1c15..3961798 100755 --- a/start +++ b/start @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash set -e role=${CONTAINER_ROLE:-app} From 9fb30c095894c56bf235d717a0b2b83e851a646c Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 8 May 2018 15:50:00 +1000 Subject: [PATCH 15/89] Remove .composer.refresh if it exists --- start | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/start b/start index 3961798..87cbfd3 100755 --- a/start +++ b/start @@ -15,7 +15,7 @@ if [ "${role}" = "app" ]; then if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then - composer install + composer install && ( test -e .composer.refresh && rm -f .composer.refresh ) fi echo "Caching configuration..." From 4c56b5723d099e31b445cdb99bc13bdd151c69de Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 8 May 2018 15:56:49 +1000 Subject: [PATCH 16/89] Make composer install run as www-data --- start | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/start b/start index 87cbfd3..0d1cf66 100755 --- a/start +++ b/start @@ -15,7 +15,7 @@ if [ "${role}" = "app" ]; then if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then - composer install && ( test -e .composer.refresh && rm -f .composer.refresh ) + su www-data -s /bin/sh -c "composer install" && ( test -e .composer.refresh && rm -f .composer.refresh ) fi echo "Caching configuration..." From ba4e01f18dbcb7483d91c27336550e3bc28da805 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 8 Aug 2018 14:15:35 +1000 Subject: [PATCH 17/89] Added libssl1.0-dev for barryvdh/laravel-snappy --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f144f36..b6e5540 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM php:7.2-fpm -RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git && rm -rf /var/lib/apt/lists/* /tmp/* \ +RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev && rm -rf /var/lib/apt/lists/* /tmp/* \ && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf From 8ca1a9a192ee86f336d5e775fb90c264409a9121 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 22 Jan 2019 11:06:33 +1100 Subject: [PATCH 18/89] Added ldap to base image --- .gitlab-ci.yml | 0 Dockerfile | 4 ++-- sshd_config.patch | 0 3 files changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 .gitlab-ci.yml mode change 100644 => 100755 Dockerfile mode change 100644 => 100755 sshd_config.patch diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml old mode 100644 new mode 100755 diff --git a/Dockerfile b/Dockerfile old mode 100644 new mode 100755 index b6e5540..5eecae1 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM php:7.2-fpm -RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev && rm -rf /var/lib/apt/lists/* /tmp/* \ +RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev libldap-dev && rm -rf /var/lib/apt/lists/* /tmp/* \ && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf @@ -12,7 +12,7 @@ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch EXPOSE 9000/tcp 22/tcp -RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql +RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer COPY start /usr/local/sbin diff --git a/sshd_config.patch b/sshd_config.patch old mode 100644 new mode 100755 From 2976938437cd1b2a7c0af34a395a97a31f5fc0b9 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 22 Jan 2019 11:48:13 +1100 Subject: [PATCH 19/89] Added x86_64 tags, changed docker:dind service --- .gitlab-ci.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a530fa8..284c9cb 100755 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,10 +8,10 @@ variables: BRANCH: mp VERSION: 7.2-fpm-${BRANCH} CACHETAG: build-${BRANCH} - DOCKER_HOST: tcp://${CI_REGISTRY}-leenooks-ci-docker:2375 + DOCKER_HOST: tcp://docker:2375 services: -- ${CI_REGISTRY}/leenooks/ci-docker:dind +- docker:dind before_script: - docker info @@ -28,7 +28,7 @@ test: only: - debug -build: +x86_64:build: stage: build script: - if [ -f init ]; then chmod 500 init; fi @@ -38,5 +38,6 @@ build: - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} tags: - docker + - x86_64 only: - mysql From 2a35efec117f707c3a6438ca3076abae22591ede Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 3 May 2019 12:09:47 +1000 Subject: [PATCH 20/89] Added gettext, testing for artisan and enabled migrate before starting --- Dockerfile | 9 +++++---- start => init | 14 ++++++++------ 2 files changed, 13 insertions(+), 10 deletions(-) rename start => init (77%) diff --git a/Dockerfile b/Dockerfile index 5eecae1..d5c11eb 100755 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,8 @@ FROM php:7.2-fpm -RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev libldap-dev && rm -rf /var/lib/apt/lists/* /tmp/* \ +RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev libldap-dev gettext \ + && rm -rf /var/lib/apt/lists/* /tmp/* \ && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf @@ -12,9 +13,9 @@ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch EXPOSE 9000/tcp 22/tcp -RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap +RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer -COPY start /usr/local/sbin -ENTRYPOINT [ "/usr/local/sbin/start" ] +COPY init /sbin +ENTRYPOINT [ "/sbin/init" ] CMD [ "php-fpm" ] diff --git a/start b/init similarity index 77% rename from start rename to init index 0d1cf66..106c7d4 100755 --- a/start +++ b/init @@ -2,7 +2,7 @@ set -e role=${CONTAINER_ROLE:-app} -env=${APP_ENV:-production} +env=${APP_ENV:-live} # General Setup if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then @@ -11,27 +11,29 @@ if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then fi # Laravel Specific -if [ "${role}" = "app" ]; then +if [ "${role}" = "app" -a -e artisan ]; then if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then su www-data -s /bin/sh -c "composer install" && ( test -e .composer.refresh && rm -f .composer.refresh ) fi + echo "Running migration..." + (php artisan migrate) echo "Caching configuration..." (php artisan config:cache && php artisan route:cache && php artisan view:cache) fi exec /usr/local/bin/docker-php-entrypoint "$@" -elif [ "$role" = "queue" ]; then +elif [ "$role" = "queue" -a -e artisan ]; then echo "Running the queue..." # We'll delay starting in case the app is caching sleep 15 php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} -elif [ "$role" = "scheduler" ]; then +elif [ "$role" = "scheduler" -a -e artisan ]; then echo "Running the scheduler..." # We'll delay starting in case the app is caching @@ -43,6 +45,6 @@ elif [ "$role" = "scheduler" ]; then done else - echo "Could not match the container role \"${role}\"" - exit 1 + echo "NO container role \"${role}\", AND/OR no laravel install, just starting php-fpm" + exec /usr/local/bin/docker-php-entrypoint "$@" fi From 31d52662669a83ad85daa50bc0cc7ba06af3c8c3 Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 3 May 2019 12:22:35 +1000 Subject: [PATCH 21/89] Removing gettext install - not required --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d5c11eb..475349a 100755 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM php:7.2-fpm -RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev libldap-dev gettext \ +RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev libldap-dev \ && rm -rf /var/lib/apt/lists/* /tmp/* \ && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf From c66b95e414032d3451dd2b4acde37fd079b455be Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 3 May 2019 12:53:30 +1000 Subject: [PATCH 22/89] Update to php 7.3 --- .gitlab-ci.yml | 2 +- Dockerfile | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 284c9cb..ccbc070 100755 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,7 +6,7 @@ stages: variables: BRANCH: mp - VERSION: 7.2-fpm-${BRANCH} + VERSION: 7.3-fpm-${BRANCH} CACHETAG: build-${BRANCH} DOCKER_HOST: tcp://docker:2375 diff --git a/Dockerfile b/Dockerfile index 475349a..5f3d3c2 100755 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # NAME leenooks/php -# VERSION 7.2-fpm-mp +# VERSION 7.3-fpm-mp -FROM php:7.2-fpm +FROM php:7.3-fpm RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev libldap-dev \ && rm -rf /var/lib/apt/lists/* /tmp/* \ From 55e8429e751f23947b96df85fe5f09e8f1f9eec0 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 14 May 2019 20:01:45 +1000 Subject: [PATCH 23/89] Made migration controlled by a dot file --- init | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/init b/init index 106c7d4..99602d9 100755 --- a/init +++ b/init @@ -18,8 +18,12 @@ if [ "${role}" = "app" -a -e artisan ]; then su www-data -s /bin/sh -c "composer install" && ( test -e .composer.refresh && rm -f .composer.refresh ) fi - echo "Running migration..." - (php artisan migrate) + if [ -r .migrate ]; then + echo "Running migration..." + php artisan migrate + rm -f .migrate + fi + echo "Caching configuration..." (php artisan config:cache && php artisan route:cache && php artisan view:cache) fi From 005f6b11611debc369df2d2cbdbe0f674dbbd24a Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 16 May 2019 11:57:01 +1000 Subject: [PATCH 24/89] sbin/init needs to be executable by www-data --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 5f3d3c2..9eb42cb 100755 --- a/Dockerfile +++ b/Dockerfile @@ -17,5 +17,6 @@ RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer COPY init /sbin +RUN chmod 550 /sbin/init && chown 0:33 /sbin/init ENTRYPOINT [ "/sbin/init" ] CMD [ "php-fpm" ] From deb99f9b104c230e024a910192725316ae022dcb Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 9 Sep 2019 21:22:54 +1000 Subject: [PATCH 25/89] Update PHP and add php.ini, change ssmtp to msmtp --- .gitlab-ci.yml | 1 + Dockerfile | 18 ++++++++++++++---- msmtprc | 18 ++++++++++++++++++ 3 files changed, 33 insertions(+), 4 deletions(-) mode change 100755 => 100644 .gitlab-ci.yml create mode 100644 msmtprc diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml old mode 100755 new mode 100644 index ccbc070..d488a49 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -32,6 +32,7 @@ x86_64:build: stage: build script: - if [ -f init ]; then chmod 500 init; fi + - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" - docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG} || true - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} diff --git a/Dockerfile b/Dockerfile index 9eb42cb..8918e67 100755 --- a/Dockerfile +++ b/Dockerfile @@ -3,14 +3,24 @@ FROM php:7.3-fpm -RUN apt-get update && apt-get install -y openssh-server ssmtp libpq-dev unzip git libssl1.0-dev libldap-dev \ - && rm -rf /var/lib/apt/lists/* /tmp/* \ - && useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp \ - && sed -i -e 's/^mailhub=mail$/mailhub=smtp/' -e "s/^hostname=/#hostname=/" -e 's/#FromLineOverride=YES/FromLineOverride=YES/' /etc/ssmtp/ssmtp.conf +RUN apt-get update && apt-get install -y openssh-server libpq-dev unzip git libldap-dev \ + && apt-get -y autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +RUN useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp +RUN sed -e 's/^expose_php = On/expose_php = Off/' /usr/local/etc/php/php.ini-production > /usr/local/etc/php/php.ini COPY sshd_config.patch /tmp RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch +RUN apt-get update && apt-get install -y msmtp \ + && apt-get -y autoremove \ + && apt-get clean \ + & rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +COPY msmtprc /etc/ +RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' /usr/local/etc/php/php.ini + EXPOSE 9000/tcp 22/tcp RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext diff --git a/msmtprc b/msmtprc new file mode 100644 index 0000000..505acf3 --- /dev/null +++ b/msmtprc @@ -0,0 +1,18 @@ +# A system wide configuration file is optional. +# If it exists, it usually defines a default account. +# This allows msmtp to be used like /usr/sbin/sendmail. +account default + +# The SMTP smarthost +host smtp + +# Envelope-from address +#from user@example.com +domain example.com + +# Construct envelope-from addresses of the form "user@oursite.example" +#auto_from on +#maildomain example.com + +# Syslog logging with facility LOG_MAIL instead of the default LOG_USER +syslog LOG_MAIL From 6983db70d8894a4e50aa2f7ac4dbb2c0824411e3 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 9 Sep 2019 21:41:36 +1000 Subject: [PATCH 26/89] Increased default workers config --- Dockerfile | 6 ++++-- www.conf | 9 +++++++++ 2 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 www.conf diff --git a/Dockerfile b/Dockerfile index 8918e67..5f44f3a 100755 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,9 @@ RUN apt-get update && apt-get install -y openssh-server libpq-dev unzip git libl RUN useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp RUN sed -e 's/^expose_php = On/expose_php = Off/' /usr/local/etc/php/php.ini-production > /usr/local/etc/php/php.ini -COPY sshd_config.patch /tmp +COPY www.conf /usr/local/etc/php-fpm.d/ + +COPY sshd_config.patch /tmp/ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch RUN apt-get update && apt-get install -y msmtp \ @@ -26,7 +28,7 @@ EXPOSE 9000/tcp 22/tcp RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer -COPY init /sbin +COPY init /sbin/ RUN chmod 550 /sbin/init && chown 0:33 /sbin/init ENTRYPOINT [ "/sbin/init" ] CMD [ "php-fpm" ] diff --git a/www.conf b/www.conf new file mode 100644 index 0000000..77aa955 --- /dev/null +++ b/www.conf @@ -0,0 +1,9 @@ +[www] +group = www-data +listen = 127.0.0.1:9000 +pm = dynamic +pm.max_children = 25 +pm.max_spare_servers = 10 +pm.min_spare_servers = 5 +pm.start_servers = 10 +user = www-data From 851daf659ed02cbedc0819f099b58e35fe1b895a Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 14:28:57 +1100 Subject: [PATCH 27/89] Updated init to set permissions --- init | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/init b/init index 99602d9..b3fb10a 100755 --- a/init +++ b/init @@ -3,6 +3,7 @@ set -e role=${CONTAINER_ROLE:-app} env=${APP_ENV:-live} +php=${PHP_DIR:-/var/www/html} # General Setup if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then @@ -12,32 +13,53 @@ fi # Laravel Specific if [ "${role}" = "app" -a -e artisan ]; then + if [ ! -e ${php}.env ]; then + echo "! ERROR: NO .env file..." + exec /bin/bash + fi + + # Make sure our permissions are appropraite + find ${php} -type f -exec chmod 640 {} \; + find ${php} -type d -exec chmod 750 {} \; + chown lamp:www-data ${php} + chown -R www-data:www-data ${php}/storage ${php}/bootstrap + if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then + rm -f ${php}/bootstrap/cache/*.php su www-data -s /bin/sh -c "composer install" && ( test -e .composer.refresh && rm -f .composer.refresh ) fi if [ -r .migrate ]; then echo "Running migration..." - php artisan migrate - rm -f .migrate + su www-data -s /bin/sh -c "php artisan migrate && rm -f .migrate" fi echo "Caching configuration..." - (php artisan config:cache && php artisan route:cache && php artisan view:cache) + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache && php artisan event:cache)" fi exec /usr/local/bin/docker-php-entrypoint "$@" elif [ "$role" = "queue" -a -e artisan ]; then + if [ ! -e ${php}.env ]; then + echo "! ERROR: NO .env file..." + exec /bin/bash + fi echo "Running the queue..." # We'll delay starting in case the app is caching sleep 15 - php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} + while true; do + php ${PHP_OPTIONS} artisan queue:work --verbose --once --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} + done elif [ "$role" = "scheduler" -a -e artisan ]; then + if [ ! -e ${php}.env ]; then + echo "! ERROR: NO .env file..." + exec /bin/bash + fi echo "Running the scheduler..." # We'll delay starting in case the app is caching From 9b4df6abb16391b87aaa532d43bbc36cc2a5f510 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 14:50:14 +1100 Subject: [PATCH 28/89] Fix typo in previous commit --- init | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/init b/init index b3fb10a..354f307 100755 --- a/init +++ b/init @@ -4,6 +4,7 @@ set -e role=${CONTAINER_ROLE:-app} env=${APP_ENV:-live} php=${PHP_DIR:-/var/www/html} +composer=${COMPOSER_DIR:-/var/www/.composer} # General Setup if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then @@ -13,7 +14,7 @@ fi # Laravel Specific if [ "${role}" = "app" -a -e artisan ]; then - if [ ! -e ${php}.env ]; then + if [ ! -e ${php}/.env ]; then echo "! ERROR: NO .env file..." exec /bin/bash fi @@ -28,6 +29,7 @@ if [ "${role}" = "app" -a -e artisan ]; then # See if we need to refresh our dependancies if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then rm -f ${php}/bootstrap/cache/*.php + chown -R www-data:www-data ${composer} su www-data -s /bin/sh -c "composer install" && ( test -e .composer.refresh && rm -f .composer.refresh ) fi @@ -43,7 +45,7 @@ if [ "${role}" = "app" -a -e artisan ]; then exec /usr/local/bin/docker-php-entrypoint "$@" elif [ "$role" = "queue" -a -e artisan ]; then - if [ ! -e ${php}.env ]; then + if [ ! -e ${php}/.env ]; then echo "! ERROR: NO .env file..." exec /bin/bash fi @@ -56,7 +58,7 @@ elif [ "$role" = "queue" -a -e artisan ]; then done elif [ "$role" = "scheduler" -a -e artisan ]; then - if [ ! -e ${php}.env ]; then + if [ ! -e ${php}/.env ]; then echo "! ERROR: NO .env file..." exec /bin/bash fi From 8e23589589bb25148125c525c103ef3fa170627e Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 14:54:20 +1100 Subject: [PATCH 29/89] Added recursive chown to php root dir --- init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init b/init index 354f307..a1b7854 100755 --- a/init +++ b/init @@ -22,7 +22,7 @@ if [ "${role}" = "app" -a -e artisan ]; then # Make sure our permissions are appropraite find ${php} -type f -exec chmod 640 {} \; find ${php} -type d -exec chmod 750 {} \; - chown lamp:www-data ${php} + chown -R lamp:www-data ${php} chown -R www-data:www-data ${php}/storage ${php}/bootstrap if [ "${env}" != "local" -a -r "artisan" ]; then From ee45868bf9b23b76442641347a966751f21b1e8c Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 14:59:07 +1100 Subject: [PATCH 30/89] Make vendor dir for laravel projects if it doesnt exist --- init | 1 + 1 file changed, 1 insertion(+) diff --git a/init b/init index a1b7854..3f4bc98 100755 --- a/init +++ b/init @@ -30,6 +30,7 @@ if [ "${role}" = "app" -a -e artisan ]; then if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then rm -f ${php}/bootstrap/cache/*.php chown -R www-data:www-data ${composer} + [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor su www-data -s /bin/sh -c "composer install" && ( test -e .composer.refresh && rm -f .composer.refresh ) fi From 680ab60f7a59dc1c9cb9a223da68a9c4cd646230 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 15:29:34 +1100 Subject: [PATCH 31/89] Chown vendor dir to www-data --- init | 1 + 1 file changed, 1 insertion(+) diff --git a/init b/init index 3f4bc98..437ecd6 100755 --- a/init +++ b/init @@ -24,6 +24,7 @@ if [ "${role}" = "app" -a -e artisan ]; then find ${php} -type d -exec chmod 750 {} \; chown -R lamp:www-data ${php} chown -R www-data:www-data ${php}/storage ${php}/bootstrap + [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies From 1850eb68c03c4c98102cb3baaed24627bb2dc3e5 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 15:47:25 +1100 Subject: [PATCH 32/89] Changed composer optimisation --- init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init b/init index 437ecd6..39a6b57 100755 --- a/init +++ b/init @@ -32,7 +32,7 @@ if [ "${role}" = "app" -a -e artisan ]; then rm -f ${php}/bootstrap/cache/*.php chown -R www-data:www-data ${composer} [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor - su www-data -s /bin/sh -c "composer install" && ( test -e .composer.refresh && rm -f .composer.refresh ) + su www-data -s /bin/sh -c "composer install --optimize-autoloader --no-dev" && ( test -e .composer.refresh && rm -f .composer.refresh ) fi if [ -r .migrate ]; then From fc50334ccfee1ccb3aaf3ecf3986a9fbb8fa6e47 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 17:43:25 +1100 Subject: [PATCH 33/89] More composer file/dir ownership fixes, test for nodev, dont call event:cache --- init | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/init b/init index 39a6b57..1e3fa56 100755 --- a/init +++ b/init @@ -23,7 +23,7 @@ if [ "${role}" = "app" -a -e artisan ]; then find ${php} -type f -exec chmod 640 {} \; find ${php} -type d -exec chmod 750 {} \; chown -R lamp:www-data ${php} - chown -R www-data:www-data ${php}/storage ${php}/bootstrap + chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor if [ "${env}" != "local" -a -r "artisan" ]; then @@ -32,7 +32,13 @@ if [ "${role}" = "app" -a -e artisan ]; then rm -f ${php}/bootstrap/cache/*.php chown -R www-data:www-data ${composer} [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor - su www-data -s /bin/sh -c "composer install --optimize-autoloader --no-dev" && ( test -e .composer.refresh && rm -f .composer.refresh ) + if [ "${env}" == "dev" ]; then + NODEV="--no-dev" + fi + + chmod g+w ${php} + su www-data -s /bin/sh -c "composer install --optimize-autoloader ${NODEV}" && ( test -e .composer.refresh && rm -f .composer.refresh ) + chmod g-w ${php} fi if [ -r .migrate ]; then @@ -41,7 +47,7 @@ if [ "${role}" = "app" -a -e artisan ]; then fi echo "Caching configuration..." - su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache && php artisan event:cache)" + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" fi exec /usr/local/bin/docker-php-entrypoint "$@" From c6f4d4835b3082ac50b5ac499d34df04bd052e32 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 17:53:50 +1100 Subject: [PATCH 34/89] Fix test for dev mode --- init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init b/init index 1e3fa56..92918a5 100755 --- a/init +++ b/init @@ -32,7 +32,7 @@ if [ "${role}" = "app" -a -e artisan ]; then rm -f ${php}/bootstrap/cache/*.php chown -R www-data:www-data ${composer} [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor - if [ "${env}" == "dev" ]; then + if [ "${env}" != "dev" ]; then NODEV="--no-dev" fi From 528051fe049979537bb5a3c727b681808004d6bf Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 15 Jan 2020 21:36:53 +1100 Subject: [PATCH 35/89] Skip permissions adjustments if dev mode or SKIP_PERM=1 --- init | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/init b/init index 92918a5..c1ced50 100755 --- a/init +++ b/init @@ -19,26 +19,29 @@ if [ "${role}" = "app" -a -e artisan ]; then exec /bin/bash fi - # Make sure our permissions are appropraite - find ${php} -type f -exec chmod 640 {} \; - find ${php} -type d -exec chmod 750 {} \; - chown -R lamp:www-data ${php} - chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* - [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor + if [ "${env}" != "dev" -a -z "${SKIP_PERM}" ]; then + echo "* Setting Permissions..." + # Make sure our permissions are appropraite + find ${php} -type f -exec chmod 640 {} \; + find ${php} -type d -exec chmod 750 {} \; + chown -R lamp:www-data ${php} + chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* + [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor + fi if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then rm -f ${php}/bootstrap/cache/*.php - chown -R www-data:www-data ${composer} + [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor if [ "${env}" != "dev" ]; then NODEV="--no-dev" fi - chmod g+w ${php} + [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g+w ${php} su www-data -s /bin/sh -c "composer install --optimize-autoloader ${NODEV}" && ( test -e .composer.refresh && rm -f .composer.refresh ) - chmod g-w ${php} + [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g-w ${php} fi if [ -r .migrate ]; then From 41b4b633e2fc7f07b66694f4e5df1c3445bf01ba Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 16 Jan 2020 08:16:38 +1100 Subject: [PATCH 36/89] Fix public dirs for nginx --- init | 2 ++ 1 file changed, 2 insertions(+) diff --git a/init b/init index c1ced50..b6978da 100755 --- a/init +++ b/init @@ -24,6 +24,8 @@ if [ "${role}" = "app" -a -e artisan ]; then # Make sure our permissions are appropraite find ${php} -type f -exec chmod 640 {} \; find ${php} -type d -exec chmod 750 {} \; + chmod o+rx ${php} + chmod -R o+rx ${php}/public chown -R lamp:www-data ${php} chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor From 139946ed1ad1af291b696fae2ba19e102ab812c2 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 20 Jan 2020 14:28:58 +1100 Subject: [PATCH 37/89] Added phpredis --- Dockerfile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Dockerfile b/Dockerfile index 5f44f3a..64dda36 100755 --- a/Dockerfile +++ b/Dockerfile @@ -26,6 +26,11 @@ RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' /usr/lo EXPOSE 9000/tcp 22/tcp RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext + +# Enable phpredis +RUN pecl install -o -f igbinary && y | pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -f /tmp/* + +# Add composer RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer COPY init /sbin/ From ab31f9a71b2390c3fbd46e66b1ef6eaa52bd2653 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 20 Jan 2020 14:36:18 +1100 Subject: [PATCH 38/89] Clean tmp after pecl install --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 64dda36..a873f68 100755 --- a/Dockerfile +++ b/Dockerfile @@ -28,7 +28,7 @@ EXPOSE 9000/tcp 22/tcp RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext # Enable phpredis -RUN pecl install -o -f igbinary && y | pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -f /tmp/* +RUN pecl install -o -f igbinary && y | pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -rf /tmp/* # Add composer RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer From 235df69f19a7a2fd1b57353df73c68e50a018593 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 22 Jan 2020 21:41:30 +1100 Subject: [PATCH 39/89] Removed unnessary dev debs --- Dockerfile | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index a873f68..3da0374 100755 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM php:7.3-fpm -RUN apt-get update && apt-get install -y openssh-server libpq-dev unzip git libldap-dev \ +RUN apt-get update && apt-get install -y openssh-server unzip git msmtp \ && apt-get -y autoremove \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* @@ -15,24 +15,25 @@ COPY www.conf /usr/local/etc/php-fpm.d/ COPY sshd_config.patch /tmp/ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch -RUN apt-get update && apt-get install -y msmtp \ - && apt-get -y autoremove \ - && apt-get clean \ - & rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - COPY msmtprc /etc/ RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' /usr/local/etc/php/php.ini EXPOSE 9000/tcp 22/tcp -RUN docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext - -# Enable phpredis -RUN pecl install -o -f igbinary && y | pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -rf /tmp/* - # Add composer RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer +# Mysql/Postgress/LDAP +RUN apt-get update && apt-get install -y openssh-server libpq5 libpq-dev unzip git libldap2-dev \ + && docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext \ + && apt-get -y purge libpq-dev libldap2-dev \ + && apt-get -y autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +# Enable phpredis +RUN pecl install -o -f igbinary && pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -rf /tmp/* + COPY init /sbin/ RUN chmod 550 /sbin/init && chown 0:33 /sbin/init ENTRYPOINT [ "/sbin/init" ] From cb2da835a384186c766fb0ddd190089875863f3e Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 22 Jan 2020 22:02:16 +1100 Subject: [PATCH 40/89] Remove more redundant debs --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3da0374..57a62b3 100755 --- a/Dockerfile +++ b/Dockerfile @@ -26,7 +26,7 @@ RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin - # Mysql/Postgress/LDAP RUN apt-get update && apt-get install -y openssh-server libpq5 libpq-dev unzip git libldap2-dev \ && docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext \ - && apt-get -y purge libpq-dev libldap2-dev \ + && apt-get -y purge libpq-dev libldap2-dev libx11-6 dbus ncurses-term systemd \ && apt-get -y autoremove \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* From 3bddae369eddec279ebb9e918e0eef51667052df Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 24 Jan 2020 23:09:56 +1100 Subject: [PATCH 41/89] Enhancements for containers with applications --- Dockerfile | 2 +- init | 36 +++++++++++++++++++++--------------- 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index 57a62b3..958e38c 100755 --- a/Dockerfile +++ b/Dockerfile @@ -35,6 +35,6 @@ RUN apt-get update && apt-get install -y openssh-server libpq5 libpq-dev unzip g RUN pecl install -o -f igbinary && pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -rf /tmp/* COPY init /sbin/ -RUN chmod 550 /sbin/init && chown 0:33 /sbin/init +RUN chmod 550 /sbin/init && chown 0:0 /sbin/init ENTRYPOINT [ "/sbin/init" ] CMD [ "php-fpm" ] diff --git a/init b/init index b6978da..9446482 100755 --- a/init +++ b/init @@ -19,31 +19,37 @@ if [ "${role}" = "app" -a -e artisan ]; then exec /bin/bash fi - if [ "${env}" != "dev" -a -z "${SKIP_PERM}" ]; then - echo "* Setting Permissions..." - # Make sure our permissions are appropraite - find ${php} -type f -exec chmod 640 {} \; - find ${php} -type d -exec chmod 750 {} \; - chmod o+rx ${php} - chmod -R o+rx ${php}/public - chown -R lamp:www-data ${php} - chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* - [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor + # Only adjust perms if this is an external mountpoint + if mountpoint -q ${php}; then + if [ "${env}" != "dev" -a -z "${SKIP_PERM}" ]; then + echo "* Setting Permissions..." + # Make sure our permissions are appropraite + find ${php} -type f -exec chmod 640 {} \; + find ${php} -type d -exec chmod 750 {} \; + chmod o+rx ${php} + chmod -R o+rx ${php}/public + chown -R lamp:www-data ${php} + chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* + [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor + fi fi if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies - if [[ -r composer.lock && ( -e .composer.refresh || ! -d vendor ) ]]; then + if [[ -r composer.json && ( -e .composer.refresh || ! -d vendor ) ]]; then rm -f ${php}/bootstrap/cache/*.php - [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} - [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor if [ "${env}" != "dev" ]; then NODEV="--no-dev" fi - [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g+w ${php} + if mountpoint -q ${composer}; then + [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} + [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor + [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g+w ${php} + fi + su www-data -s /bin/sh -c "composer install --optimize-autoloader ${NODEV}" && ( test -e .composer.refresh && rm -f .composer.refresh ) - [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g-w ${php} + [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && mountpoint -q ${composer} && chmod g-w ${php} fi if [ -r .migrate ]; then From f99cd2f308f68e2d971e4b2553f2688026074075 Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 24 Jan 2020 23:51:41 +1100 Subject: [PATCH 42/89] Added FORCE_PERMS --- init | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/init b/init index 9446482..76ad0b7 100755 --- a/init +++ b/init @@ -19,9 +19,12 @@ if [ "${role}" = "app" -a -e artisan ]; then exec /bin/bash fi + mountpoint -q ${php} + mp=$? + # Only adjust perms if this is an external mountpoint - if mountpoint -q ${php}; then - if [ "${env}" != "dev" -a -z "${SKIP_PERM}" ]; then + if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then + if [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ]; then echo "* Setting Permissions..." # Make sure our permissions are appropraite find ${php} -type f -exec chmod 640 {} \; @@ -42,14 +45,17 @@ if [ "${role}" = "app" -a -e artisan ]; then NODEV="--no-dev" fi - if mountpoint -q ${composer}; then - [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} + mountpoint -q ${composer} + mp=$? + + if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then + [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor - [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g+w ${php} + [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g+w ${php} fi su www-data -s /bin/sh -c "composer install --optimize-autoloader ${NODEV}" && ( test -e .composer.refresh && rm -f .composer.refresh ) - [ "${env}" != "dev" -a -z "${SKIP_PERM}" ] && mountpoint -q ${composer} && chmod g-w ${php} + [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && [ ${mp} -eq 0 ] && chmod g-w ${php} fi if [ -r .migrate ]; then From 06e4f0dfcd8440069ddb671c2eb5168d676fa436 Mon Sep 17 00:00:00 2001 From: Deon George Date: Sat, 25 Jan 2020 00:02:13 +1100 Subject: [PATCH 43/89] Need to disable our error pipeline with mountpoint --- init | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/init b/init index 76ad0b7..ae77471 100755 --- a/init +++ b/init @@ -19,8 +19,10 @@ if [ "${role}" = "app" -a -e artisan ]; then exec /bin/bash fi + set +e mountpoint -q ${php} mp=$? + set -e # Only adjust perms if this is an external mountpoint if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then @@ -45,8 +47,10 @@ if [ "${role}" = "app" -a -e artisan ]; then NODEV="--no-dev" fi + set +e mountpoint -q ${composer} mp=$? + set -e if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} From d23d97f9dd16e40c02f6543e62171060738fa915 Mon Sep 17 00:00:00 2001 From: Deon George Date: Sat, 25 Jan 2020 00:21:46 +1100 Subject: [PATCH 44/89] Add marker to echo statements --- init | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/init b/init index ae77471..47fda3c 100755 --- a/init +++ b/init @@ -63,11 +63,11 @@ if [ "${role}" = "app" -a -e artisan ]; then fi if [ -r .migrate ]; then - echo "Running migration..." + echo "* Running migration..." su www-data -s /bin/sh -c "php artisan migrate && rm -f .migrate" fi - echo "Caching configuration..." + echo "* Caching configuration..." su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" fi @@ -79,7 +79,7 @@ elif [ "$role" = "queue" -a -e artisan ]; then exec /bin/bash fi - echo "Running the queue..." + echo "* Running the queue..." # We'll delay starting in case the app is caching sleep 15 while true; do @@ -92,7 +92,7 @@ elif [ "$role" = "scheduler" -a -e artisan ]; then exec /bin/bash fi - echo "Running the scheduler..." + echo "* Running the scheduler..." # We'll delay starting in case the app is caching sleep 15 @@ -102,6 +102,6 @@ elif [ "$role" = "scheduler" -a -e artisan ]; then done else - echo "NO container role \"${role}\", AND/OR no laravel install, just starting php-fpm" + echo "? NO container role \"${role}\", AND/OR no laravel install, just starting php-fpm" exec /usr/local/bin/docker-php-entrypoint "$@" fi From 8237c6270cbebc982756cadc4e9f66b8f59db610 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 28 Jan 2020 23:10:11 +1100 Subject: [PATCH 45/89] Ensure removing .migrate is run as root --- init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init b/init index 47fda3c..84c1112 100755 --- a/init +++ b/init @@ -64,7 +64,7 @@ if [ "${role}" = "app" -a -e artisan ]; then if [ -r .migrate ]; then echo "* Running migration..." - su www-data -s /bin/sh -c "php artisan migrate && rm -f .migrate" + su www-data -s /bin/sh -c "php artisan migrate" && rm -f .migrate fi echo "* Caching configuration..." From f8bda401626dd1a78bf45354cf7253363f8ce91c Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 29 Jan 2020 00:11:39 +1100 Subject: [PATCH 46/89] Make schedular and queue run as www-data --- init | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/init b/init index 84c1112..fb335d9 100755 --- a/init +++ b/init @@ -82,9 +82,12 @@ elif [ "$role" = "queue" -a -e artisan ]; then echo "* Running the queue..." # We'll delay starting in case the app is caching sleep 15 + + su www-data -s /bin/sh -c " while true; do php ${PHP_OPTIONS} artisan queue:work --verbose --once --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} done + " elif [ "$role" = "scheduler" -a -e artisan ]; then if [ ! -e ${php}/.env ]; then @@ -96,10 +99,12 @@ elif [ "$role" = "scheduler" -a -e artisan ]; then # We'll delay starting in case the app is caching sleep 15 - while [ true ]; do - php ${PHP_OPTIONS} artisan schedule:run --verbose --no-interaction & + su www-data -s /bin/sh -c " + while true; do + (php ${PHP_OPTIONS} artisan schedule:run --verbose --no-interaction &) sleep 60 done + " else echo "? NO container role \"${role}\", AND/OR no laravel install, just starting php-fpm" From 5943f0df5a67af96949937abf651de0998f7c0c0 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 29 Jan 2020 15:37:53 +1100 Subject: [PATCH 47/89] Cache config in role containers if container contains the app and change mountpoint detection routine --- init | 34 +++++++++++++++++++++++++--------- 1 file changed, 25 insertions(+), 9 deletions(-) diff --git a/init b/init index fb335d9..5f68d30 100755 --- a/init +++ b/init @@ -6,6 +6,14 @@ env=${APP_ENV:-live} php=${PHP_DIR:-/var/www/html} composer=${COMPOSER_DIR:-/var/www/.composer} +function mp() { + set +e + mountpoint -q $1 + local mp=$? + set -e + return ${mp} +} + # General Setup if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then [ ! -d /var/run/sshd ] && mkdir /var/run/sshd @@ -19,10 +27,8 @@ if [ "${role}" = "app" -a -e artisan ]; then exec /bin/bash fi - set +e - mountpoint -q ${php} + mp ${php} mp=$? - set -e # Only adjust perms if this is an external mountpoint if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then @@ -47,10 +53,8 @@ if [ "${role}" = "app" -a -e artisan ]; then NODEV="--no-dev" fi - set +e - mountpoint -q ${composer} + mp ${php} mp=$? - set -e if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} @@ -62,13 +66,13 @@ if [ "${role}" = "app" -a -e artisan ]; then [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && [ ${mp} -eq 0 ] && chmod g-w ${php} fi + echo "* Caching configuration..." + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + if [ -r .migrate ]; then echo "* Running migration..." su www-data -s /bin/sh -c "php artisan migrate" && rm -f .migrate fi - - echo "* Caching configuration..." - su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" fi exec /usr/local/bin/docker-php-entrypoint "$@" @@ -79,6 +83,12 @@ elif [ "$role" = "queue" -a -e artisan ]; then exec /bin/bash fi + # We only check for non mount points, in case this container has the app inside + if ! mp ${php}; then + echo "* Caching configuration..." + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + fi + echo "* Running the queue..." # We'll delay starting in case the app is caching sleep 15 @@ -95,6 +105,12 @@ elif [ "$role" = "scheduler" -a -e artisan ]; then exec /bin/bash fi + # We only check for non mount points, in case this container has the app inside + if ! mp ${php}; then + echo "* Caching configuration..." + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + fi + echo "* Running the scheduler..." # We'll delay starting in case the app is caching sleep 15 From 584e56aceb0a11a7fbaec8830e1780a26062dac4 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 29 Jan 2020 16:01:08 +1100 Subject: [PATCH 48/89] Changes to mountpoint logic --- init | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/init b/init index 5f68d30..35cb6ea 100755 --- a/init +++ b/init @@ -11,7 +11,7 @@ function mp() { mountpoint -q $1 local mp=$? set -e - return ${mp} + echo ${mp} } # General Setup @@ -27,8 +27,7 @@ if [ "${role}" = "app" -a -e artisan ]; then exec /bin/bash fi - mp ${php} - mp=$? + mp=$(mp ${php}) # Only adjust perms if this is an external mountpoint if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then @@ -53,8 +52,7 @@ if [ "${role}" = "app" -a -e artisan ]; then NODEV="--no-dev" fi - mp ${php} - mp=$? + mp=$(mp ${composer}) if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} @@ -84,7 +82,8 @@ elif [ "$role" = "queue" -a -e artisan ]; then fi # We only check for non mount points, in case this container has the app inside - if ! mp ${php}; then + mp=$(mp ${php}) + if [ ${mp} -eq 1 ]; then echo "* Caching configuration..." su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" fi @@ -106,7 +105,8 @@ elif [ "$role" = "scheduler" -a -e artisan ]; then fi # We only check for non mount points, in case this container has the app inside - if ! mp ${php}; then + mp=$(mp ${php}) + if [ ${mp} -eq 1 ]; then echo "* Caching configuration..." su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" fi From b244577c76812f05959bd9382fb3837ff1627aaa Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 30 Jan 2020 20:39:00 +1100 Subject: [PATCH 49/89] Change queues to run --once as optional --- init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/init b/init index 35cb6ea..d5a267e 100755 --- a/init +++ b/init @@ -94,7 +94,7 @@ elif [ "$role" = "queue" -a -e artisan ]; then su www-data -s /bin/sh -c " while true; do - php ${PHP_OPTIONS} artisan queue:work --verbose --once --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} + php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once} done " From e87698b30cf2b1e396271488a4f2ceb3524b68f8 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 5 Mar 2020 14:51:24 +1100 Subject: [PATCH 50/89] Added passport key generation --- init | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/init b/init index d5a267e..8053c37 100755 --- a/init +++ b/init @@ -71,6 +71,12 @@ if [ "${role}" = "app" -a -e artisan ]; then echo "* Running migration..." su www-data -s /bin/sh -c "php artisan migrate" && rm -f .migrate fi + + # If passport is installed + if [ -d ${php}/vendor/laravel/passport ]; then + echo "* Generating OAUTH keys ..." + su www-data -s /bin/sh -c "php artisan passport:keys" + fi fi exec /usr/local/bin/docker-php-entrypoint "$@" From c8cc79dbb3ddddf6b270be130cf4e2483c69d7aa Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 11 Mar 2020 14:43:15 +1100 Subject: [PATCH 51/89] Added nginx to server static content when app is in container --- Dockerfile | 6 ++++-- init | 14 ++++++++++++++ nginx-app.conf | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 53 insertions(+), 2 deletions(-) create mode 100644 nginx-app.conf diff --git a/Dockerfile b/Dockerfile index 958e38c..39266fe 100755 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,8 @@ FROM php:7.3-fpm -RUN apt-get update && apt-get install -y openssh-server unzip git msmtp \ +RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx \ + && rm /etc/nginx/sites-enabled/default \ && apt-get -y autoremove \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* @@ -11,6 +12,7 @@ RUN apt-get update && apt-get install -y openssh-server unzip git msmtp \ RUN useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp RUN sed -e 's/^expose_php = On/expose_php = Off/' /usr/local/etc/php/php.ini-production > /usr/local/etc/php/php.ini COPY www.conf /usr/local/etc/php-fpm.d/ +COPY nginx-app.conf /etc/nginx/conf.d/ COPY sshd_config.patch /tmp/ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch @@ -18,7 +20,7 @@ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch COPY msmtprc /etc/ RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' /usr/local/etc/php/php.ini -EXPOSE 9000/tcp 22/tcp +EXPOSE 22/tcp # Add composer RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer diff --git a/init b/init index 8053c37..2de3ee4 100755 --- a/init +++ b/init @@ -5,6 +5,8 @@ role=${CONTAINER_ROLE:-app} env=${APP_ENV:-live} php=${PHP_DIR:-/var/www/html} composer=${COMPOSER_DIR:-/var/www/.composer} +NO_NGINX=${NO_NGINX:-TRUE} +SSH_START=${SSH_START:-FALSE} function mp() { set +e @@ -14,6 +16,14 @@ function mp() { echo ${mp} } +function nginx_start() { + # Start NGINX + if [ -x /usr/sbin/nginx -a "${NO_NGINX}" != "TRUE" ]; then + echo "* Starting NGINX..." + start-stop-daemon --start --pidfile /var/run/nginx.pid --exec /usr/sbin/nginx -- -g 'daemon on; master_process on;' + fi +} + # General Setup if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then [ ! -d /var/run/sshd ] && mkdir /var/run/sshd @@ -79,6 +89,8 @@ if [ "${role}" = "app" -a -e artisan ]; then fi fi + nginx_start + exec /usr/local/bin/docker-php-entrypoint "$@" elif [ "$role" = "queue" -a -e artisan ]; then @@ -129,6 +141,8 @@ elif [ "$role" = "scheduler" -a -e artisan ]; then " else + nginx_start + echo "? NO container role \"${role}\", AND/OR no laravel install, just starting php-fpm" exec /usr/local/bin/docker-php-entrypoint "$@" fi diff --git a/nginx-app.conf b/nginx-app.conf new file mode 100644 index 0000000..280c40a --- /dev/null +++ b/nginx-app.conf @@ -0,0 +1,35 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + access_log none; + client_max_body_size 10m; + error_log none; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 16k; + index index.php index.html; + root /var/www/html; + server_tokens off; + + set $my_https "off"; + if ($http_x_forwarded_proto = "https") { + set $my_https "on"; + } + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SERVER_NAME $host; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param HTTPS $my_https; + fastcgi_param PHP_ADMIN_VALUE "sendmail_path=/usr/sbin/sendmail -i -t"; + } +} From 90b27476b1c1ac768013eda2316725d7bc68b83e Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 12 Mar 2020 09:12:58 +1100 Subject: [PATCH 52/89] Make default web root public/ --- nginx-app.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx-app.conf b/nginx-app.conf index 280c40a..9f86955 100644 --- a/nginx-app.conf +++ b/nginx-app.conf @@ -8,7 +8,7 @@ server { fastcgi_buffers 16 16k; fastcgi_buffer_size 16k; index index.php index.html; - root /var/www/html; + root /var/www/html/public; server_tokens off; set $my_https "off"; From 90ed5a1da6d86ad6e370f973192645ba78042c20 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 2 Apr 2020 15:56:47 +1100 Subject: [PATCH 53/89] Remove double docker pull during build --- .gitlab-ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d488a49..fa23622 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -33,7 +33,6 @@ x86_64:build: script: - if [ -f init ]; then chmod 500 init; fi - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" - - docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG} || true - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} From 81b970b53b647d5b05b08a4ec80e822f047250f7 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 7 May 2020 21:29:21 +1000 Subject: [PATCH 54/89] Added wait-for-it to wait for DB for laravel --- Dockerfile | 2 +- init | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 39266fe..f225dac 100755 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM php:7.3-fpm -RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx \ +RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx wait-for-it \ && rm /etc/nginx/sites-enabled/default \ && apt-get -y autoremove \ && apt-get clean \ diff --git a/init b/init index 2de3ee4..e5b558c 100755 --- a/init +++ b/init @@ -79,6 +79,17 @@ if [ "${role}" = "app" -a -e artisan ]; then if [ -r .migrate ]; then echo "* Running migration..." + # If DB_HOST not set, source the env file + [ -z "${DB_HOST}" -a -r .env ] && . .env + + if [ -n "${DB_HOST}" -a -n "${DB_PORT}" ]; then + while ! wait-for-it -h ${DB_HOST} -p ${DB_PORT} -t 5 -q; do + echo "? Waiting for database at ${DB_HOST}:${DB_PORT}" + sleep 1; + done + echo "- DB is active on ${DB_HOST}:${DB_PORT}" + fi + su www-data -s /bin/sh -c "php artisan migrate" && rm -f .migrate fi From a62d434cef142605ff9939340c2fa819c7b44ad8 Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 31 Jul 2020 16:42:40 +1000 Subject: [PATCH 55/89] Added Lumen detection --- init | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/init b/init index e5b558c..718ce5f 100755 --- a/init +++ b/init @@ -74,8 +74,12 @@ if [ "${role}" = "app" -a -e artisan ]; then [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && [ ${mp} -eq 0 ] && chmod g-w ${php} fi - echo "* Caching configuration..." - su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + if [ -e .lumen ]; then + echo "* Lumen detected..." + else + echo "* Caching configuration..." + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + fi if [ -r .migrate ]; then echo "* Running migration..." From 7b9bd41c008bc22c9deb898e08afef009961e0d1 Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 31 Jul 2020 16:50:14 +1000 Subject: [PATCH 56/89] Update to PHP 7.4 --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index f225dac..a97fc9f 100755 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # NAME leenooks/php -# VERSION 7.3-fpm-mp +# VERSION 7.4-fpm-mp -FROM php:7.3-fpm +FROM php:7.4-fpm RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx wait-for-it \ && rm /etc/nginx/sites-enabled/default \ From d752fa113f86edc2dd1dca3748eb03bae433f17c Mon Sep 17 00:00:00 2001 From: Deon George Date: Fri, 31 Jul 2020 16:57:05 +1000 Subject: [PATCH 57/89] Update to PHP 7.4 - missed .gitlab-ci --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index fa23622..4e1e980 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,7 +6,7 @@ stages: variables: BRANCH: mp - VERSION: 7.3-fpm-${BRANCH} + VERSION: 7.4-fpm-${BRANCH} CACHETAG: build-${BRANCH} DOCKER_HOST: tcp://docker:2375 From 74afe07a7b9e4efc0480ba89785144aea4d70342 Mon Sep 17 00:00:00 2001 From: Deon George Date: Sun, 23 Aug 2020 12:54:50 +1000 Subject: [PATCH 58/89] Add building additional test container --- .gitlab-ci.yml | 14 ++++++++++++++ Dockerfile.phptest | 12 ++++++++++++ 2 files changed, 26 insertions(+) create mode 100755 Dockerfile.phptest diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4e1e980..d7decba 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,6 +3,7 @@ image: docker:latest stages: - test - build +- build-test variables: BRANCH: mp @@ -41,3 +42,16 @@ x86_64:build: - x86_64 only: - mysql + +x86_64:build-test: + stage: build-test + script: + - if [ -f init ]; then chmod 500 init; fi + - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" + - docker build --file Docker.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . + - docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test + tags: + - docker + - x86_64 + only: + - mysql diff --git a/Dockerfile.phptest b/Dockerfile.phptest new file mode 100755 index 0000000..479cf5e --- /dev/null +++ b/Dockerfile.phptest @@ -0,0 +1,12 @@ +# NAME leenooks/php +# VERSION 7.4-fpm-mp + +FROM registry.leenook.net/leenooks/php:7.4-fpm + +RUN apt-get update && apt-get install -y autoconf \ + && pecl install xdebug \ + && docker-php-ext-enable xdebug \ + && apt-get purge autoonf \ + && apt-get -y autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ From 677d57b4bf13721a9a107f7da21ef5fab069dcd2 Mon Sep 17 00:00:00 2001 From: Deon George Date: Sun, 23 Aug 2020 13:01:49 +1000 Subject: [PATCH 59/89] Fixed typo in previous commit to Dockerfile --- .gitlab-ci.yml | 2 +- Dockerfile | 0 Dockerfile.phptest | 0 sshd_config.patch | 0 4 files changed, 1 insertion(+), 1 deletion(-) mode change 100755 => 100644 Dockerfile mode change 100755 => 100644 Dockerfile.phptest mode change 100755 => 100644 sshd_config.patch diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d7decba..ebdc31c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -48,7 +48,7 @@ x86_64:build-test: script: - if [ -f init ]; then chmod 500 init; fi - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" - - docker build --file Docker.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . + - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test tags: - docker diff --git a/Dockerfile b/Dockerfile old mode 100755 new mode 100644 diff --git a/Dockerfile.phptest b/Dockerfile.phptest old mode 100755 new mode 100644 diff --git a/sshd_config.patch b/sshd_config.patch old mode 100755 new mode 100644 From f0723695973d4055b511b7e25aac0ce39cebe8c0 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 Aug 2020 15:27:06 +1000 Subject: [PATCH 60/89] More typo fixes --- Dockerfile.phptest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.phptest b/Dockerfile.phptest index 479cf5e..fc4845a 100644 --- a/Dockerfile.phptest +++ b/Dockerfile.phptest @@ -1,7 +1,7 @@ # NAME leenooks/php # VERSION 7.4-fpm-mp -FROM registry.leenook.net/leenooks/php:7.4-fpm +FROM registry.leenooks.net/leenooks/php:7.4-fpm RUN apt-get update && apt-get install -y autoconf \ && pecl install xdebug \ From 1cc72feebe2cb193c15d899909830dbcab53a7b2 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 Aug 2020 15:29:50 +1000 Subject: [PATCH 61/89] More typo fixes #2 --- Dockerfile.phptest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.phptest b/Dockerfile.phptest index fc4845a..62b5279 100644 --- a/Dockerfile.phptest +++ b/Dockerfile.phptest @@ -1,7 +1,7 @@ # NAME leenooks/php # VERSION 7.4-fpm-mp -FROM registry.leenooks.net/leenooks/php:7.4-fpm +FROM registry.leenooks.net/leenooks/php:7.4-mp RUN apt-get update && apt-get install -y autoconf \ && pecl install xdebug \ From 1a95ead7928fb4e6c50b8e65c96e9756744f7b5a Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 Aug 2020 15:34:36 +1000 Subject: [PATCH 62/89] More typo fixes #3 --- Dockerfile.phptest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.phptest b/Dockerfile.phptest index 62b5279..384fd57 100644 --- a/Dockerfile.phptest +++ b/Dockerfile.phptest @@ -1,7 +1,7 @@ # NAME leenooks/php # VERSION 7.4-fpm-mp -FROM registry.leenooks.net/leenooks/php:7.4-mp +FROM registry.leenooks.net/leenooks/php:7.4-fpm-mp RUN apt-get update && apt-get install -y autoconf \ && pecl install xdebug \ From 27eb813e57563934b793746ca15627f3e84ee762 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 Aug 2020 15:39:43 +1000 Subject: [PATCH 63/89] Autoconf alread in base image --- Dockerfile.phptest | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/Dockerfile.phptest b/Dockerfile.phptest index 384fd57..be2fb11 100644 --- a/Dockerfile.phptest +++ b/Dockerfile.phptest @@ -3,10 +3,5 @@ FROM registry.leenooks.net/leenooks/php:7.4-fpm-mp -RUN apt-get update && apt-get install -y autoconf \ - && pecl install xdebug \ - && docker-php-ext-enable xdebug \ - && apt-get purge autoonf \ - && apt-get -y autoremove \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ +RUN apt-get pecl install xdebug \ + && docker-php-ext-enable xdebug From b3ae5f32a346f838a7e53974ad65366caf7dbd77 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 Aug 2020 15:51:21 +1000 Subject: [PATCH 64/89] More silly errors --- Dockerfile.phptest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.phptest b/Dockerfile.phptest index be2fb11..3c3e63a 100644 --- a/Dockerfile.phptest +++ b/Dockerfile.phptest @@ -3,5 +3,5 @@ FROM registry.leenooks.net/leenooks/php:7.4-fpm-mp -RUN apt-get pecl install xdebug \ +RUN pecl install xdebug \ && docker-php-ext-enable xdebug From c90446b05971131f8b38995fe58f482b6acb8484 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 Aug 2020 15:58:49 +1000 Subject: [PATCH 65/89] CI fixes for test tagging --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ebdc31c..e59fbf3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -48,7 +48,7 @@ x86_64:build-test: script: - if [ -f init ]; then chmod 500 init; fi - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" - - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . + - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test - docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test tags: - docker From 8cc6e595e3b0e63060a379451761f8b4fc78bd66 Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 Aug 2020 16:02:28 +1000 Subject: [PATCH 66/89] More silly fixes for CI --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e59fbf3..acdcbf8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -48,7 +48,7 @@ x86_64:build-test: script: - if [ -f init ]; then chmod 500 init; fi - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" - - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test + - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test . - docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test tags: - docker From c05c67ec0268e079d126e21d3206239d5aeffa96 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 17 Sep 2020 13:24:57 +1000 Subject: [PATCH 67/89] Add lumen detection to queue,schedule contianers --- init | 28 ++++++++++++++++++---------- nginx-app.conf | 3 +-- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/init b/init index 718ce5f..cfcc7f8 100755 --- a/init +++ b/init @@ -114,11 +114,15 @@ elif [ "$role" = "queue" -a -e artisan ]; then exec /bin/bash fi - # We only check for non mount points, in case this container has the app inside - mp=$(mp ${php}) - if [ ${mp} -eq 1 ]; then - echo "* Caching configuration..." - su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + if [ -e .lumen ]; then + echo "* Lumen detected..." + else + # We only check for non mount points, in case this container has the app inside + mp=$(mp ${php}) + if [ ${mp} -eq 1 ]; then + echo "* Caching configuration..." + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + fi fi echo "* Running the queue..." @@ -137,11 +141,15 @@ elif [ "$role" = "scheduler" -a -e artisan ]; then exec /bin/bash fi - # We only check for non mount points, in case this container has the app inside - mp=$(mp ${php}) - if [ ${mp} -eq 1 ]; then - echo "* Caching configuration..." - su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + if [ -e .lumen ]; then + echo "* Lumen detected..." + else + # We only check for non mount points, in case this container has the app inside + mp=$(mp ${php}) + if [ ${mp} -eq 1 ]; then + echo "* Caching configuration..." + su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + fi fi echo "* Running the scheduler..." diff --git a/nginx-app.conf b/nginx-app.conf index 9f86955..dc3deb4 100644 --- a/nginx-app.conf +++ b/nginx-app.conf @@ -2,9 +2,8 @@ server { listen 80 default_server; listen [::]:80 default_server; - access_log none; + access_log off; client_max_body_size 10m; - error_log none; fastcgi_buffers 16 16k; fastcgi_buffer_size 16k; index index.php index.html; From 0d799f28c7cf16cf98b6d7a622a350855c4810ed Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 15 Oct 2020 12:28:50 +1100 Subject: [PATCH 68/89] Added npm to test image --- Dockerfile.phptest | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Dockerfile.phptest b/Dockerfile.phptest index 3c3e63a..2d8b511 100644 --- a/Dockerfile.phptest +++ b/Dockerfile.phptest @@ -1,7 +1,12 @@ # NAME leenooks/php -# VERSION 7.4-fpm-mp +# VERSION 7.4-fpm-test FROM registry.leenooks.net/leenooks/php:7.4-fpm-mp RUN pecl install xdebug \ && docker-php-ext-enable xdebug + +RUN apt-get update && apt-get install -y npm \ + && apt-get -y autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* From e037baadebc31eeb8db35e23b11946c004f6efd0 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 3 Mar 2021 13:38:02 +1100 Subject: [PATCH 69/89] Enable queue running for dev environments to update with current code without needing to be restarted --- init | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/init b/init index cfcc7f8..1506a45 100755 --- a/init +++ b/init @@ -114,6 +114,11 @@ elif [ "$role" = "queue" -a -e artisan ]; then exec /bin/bash fi + QUEUE_CMD=work + if [ "${env}" == "dev" ]; then + QUEUE_CMD=listen + fi + if [ -e .lumen ]; then echo "* Lumen detected..." else @@ -131,7 +136,7 @@ elif [ "$role" = "queue" -a -e artisan ]; then su www-data -s /bin/sh -c " while true; do - php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once} + php ${PHP_OPTIONS} artisan queue:${QUEUE_CMD} --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once} done " From f2602bd98a708c1048e593e67c6ac66f90b2ccc5 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 3 Mar 2021 13:53:44 +1100 Subject: [PATCH 70/89] Update to PHP 8.0 --- .gitlab-ci.yml | 6 +++--- Dockerfile | 4 ++-- Dockerfile.phptest | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index acdcbf8..a9f8539 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -7,7 +7,7 @@ stages: variables: BRANCH: mp - VERSION: 7.4-fpm-${BRANCH} + VERSION: 8.0-fpm-${BRANCH} CACHETAG: build-${BRANCH} DOCKER_HOST: tcp://docker:2375 @@ -33,7 +33,7 @@ x86_64:build: stage: build script: - if [ -f init ]; then chmod 500 init; fi - - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" + - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} @@ -47,7 +47,7 @@ x86_64:build-test: stage: build-test script: - if [ -f init ]; then chmod 500 init; fi - - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" + - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test . - docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test tags: diff --git a/Dockerfile b/Dockerfile index a97fc9f..bdf4bad 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # NAME leenooks/php -# VERSION 7.4-fpm-mp +# VERSION 8.0-fpm-mp -FROM php:7.4-fpm +FROM php:8.0-fpm RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx wait-for-it \ && rm /etc/nginx/sites-enabled/default \ diff --git a/Dockerfile.phptest b/Dockerfile.phptest index 2d8b511..fb8181d 100644 --- a/Dockerfile.phptest +++ b/Dockerfile.phptest @@ -1,7 +1,7 @@ # NAME leenooks/php -# VERSION 7.4-fpm-test +# VERSION 8.0-fpm-test -FROM registry.leenooks.net/leenooks/php:7.4-fpm-mp +FROM registry.leenooks.net/leenooks/php:8.0-fpm-mp RUN pecl install xdebug \ && docker-php-ext-enable xdebug From c4de84d51a536fba25c3f64ddfe24a5d231a77e4 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 25 Mar 2021 14:13:54 +1100 Subject: [PATCH 71/89] Add LOCAL_QUEUE process for jobs on the 'hostname' queue --- init | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/init b/init index 1506a45..6b89f38 100755 --- a/init +++ b/init @@ -7,6 +7,7 @@ php=${PHP_DIR:-/var/www/html} composer=${COMPOSER_DIR:-/var/www/.composer} NO_NGINX=${NO_NGINX:-TRUE} SSH_START=${SSH_START:-FALSE} +LOCAL_QUEUE=${LOCAL_QUEUE:-FALSE} function mp() { set +e @@ -105,6 +106,12 @@ if [ "${role}" = "app" -a -e artisan ]; then fi nginx_start + if [ "${LOCAL_QUEUE}" = "TRUE" ]; then + echo "* Starting local queue ..." + su www-data -s /bin/sh -c " + (while true; do php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} --queue=$(hostname) ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}; done) & + " + fi exec /usr/local/bin/docker-php-entrypoint "$@" From e047287407b69aa6233c786fc991435371dd6a9a Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 4 May 2021 09:41:22 +1000 Subject: [PATCH 72/89] Enabled specifying additional queues to run locally --- init | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/init b/init index 6b89f38..283223a 100755 --- a/init +++ b/init @@ -5,9 +5,13 @@ role=${CONTAINER_ROLE:-app} env=${APP_ENV:-live} php=${PHP_DIR:-/var/www/html} composer=${COMPOSER_DIR:-/var/www/.composer} + NO_NGINX=${NO_NGINX:-TRUE} SSH_START=${SSH_START:-FALSE} + +# To run a local queue, running jobs from the queue "hostname" LOCAL_QUEUE=${LOCAL_QUEUE:-FALSE} +#LOCAL_QUEUES= Optional additional queues to run for function mp() { set +e @@ -107,9 +111,9 @@ if [ "${role}" = "app" -a -e artisan ]; then nginx_start if [ "${LOCAL_QUEUE}" = "TRUE" ]; then - echo "* Starting local queue ..." + echo "* Starting local queue for [${LOCAL_QUEUES}]..." su www-data -s /bin/sh -c " - (while true; do php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} --queue=$(hostname) ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}; done) & + (while true; do php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} --queue=$(hostname)${LOCAL_QUEUES:+,${LOCAL_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}; done) & " fi From 166711625722185d7c2fba2107e2186eafd53b50 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 4 May 2021 10:05:12 +1000 Subject: [PATCH 73/89] Try trigger of ext after successful build --- .gitlab-ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index a9f8539..0c88b49 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -43,6 +43,12 @@ x86_64:build: only: - mysql +x86_64:trigger: + stage: build + trigger: + project: $CI_PROJECT_PATH + branch: ext + x86_64:build-test: stage: build-test script: From f505457e9bed9cd2f225ac4670f5eed390d47b1e Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 4 May 2021 11:14:16 +1000 Subject: [PATCH 74/89] Go back to PHP 8.0.3 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index bdf4bad..d93c70f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # NAME leenooks/php # VERSION 8.0-fpm-mp -FROM php:8.0-fpm +FROM php:8.0.3-fpm RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx wait-for-it \ && rm /etc/nginx/sites-enabled/default \ From 38683656269b2c8eba2d173c2c7350a391a80e73 Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 4 May 2021 11:31:21 +1000 Subject: [PATCH 75/89] Revert "Go back to PHP 8.0.3" This reverts commit f505457e9bed9cd2f225ac4670f5eed390d47b1e. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d93c70f..bdf4bad 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # NAME leenooks/php # VERSION 8.0-fpm-mp -FROM php:8.0.3-fpm +FROM php:8.0-fpm RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx wait-for-it \ && rm /etc/nginx/sites-enabled/default \ From 8d34685aaa43ff04e139fe3c18798b1c269c973b Mon Sep 17 00:00:00 2001 From: Deon George Date: Mon, 24 May 2021 15:39:07 +1000 Subject: [PATCH 76/89] Changed dev to local, since laravel uses local for non-production deployments --- init | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/init b/init index 283223a..c138e3b 100755 --- a/init +++ b/init @@ -46,7 +46,7 @@ if [ "${role}" = "app" -a -e artisan ]; then # Only adjust perms if this is an external mountpoint if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then - if [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ]; then + if [ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ]; then echo "* Setting Permissions..." # Make sure our permissions are appropraite find ${php} -type f -exec chmod 640 {} \; @@ -63,20 +63,20 @@ if [ "${role}" = "app" -a -e artisan ]; then # See if we need to refresh our dependancies if [[ -r composer.json && ( -e .composer.refresh || ! -d vendor ) ]]; then rm -f ${php}/bootstrap/cache/*.php - if [ "${env}" != "dev" ]; then + if [ "${env}" != "local" ]; then NODEV="--no-dev" fi mp=$(mp ${composer}) if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then - [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} + [ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer} [ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor - [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && chmod g+w ${php} + [ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && chmod g+w ${php} fi su www-data -s /bin/sh -c "composer install --optimize-autoloader ${NODEV}" && ( test -e .composer.refresh && rm -f .composer.refresh ) - [ -n "${FORCE_PERMS}" -o "${env}" != "dev" -a -z "${SKIP_PERM}" ] && [ ${mp} -eq 0 ] && chmod g-w ${php} + [ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && [ ${mp} -eq 0 ] && chmod g-w ${php} fi if [ -e .lumen ]; then @@ -126,7 +126,7 @@ elif [ "$role" = "queue" -a -e artisan ]; then fi QUEUE_CMD=work - if [ "${env}" == "dev" ]; then + if [ "${env}" == "local" ]; then QUEUE_CMD=listen fi From 8d8da2f5ad407e431acdba457ca49a6209237a96 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 27 May 2021 09:06:49 +1000 Subject: [PATCH 77/89] Increase PHP default memory limit to 256M --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index bdf4bad..81822a0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ COPY sshd_config.patch /tmp/ RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch COPY msmtprc /etc/ -RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' /usr/local/etc/php/php.ini +RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' /usr/local/etc/php/php.ini && sed -i -e 's#^memory_limit = 128M#memory_limit = 256M#' /usr/local/etc/php/php.ini EXPOSE 22/tcp From f81815e78929c794ec9e1bbb4962ccbdd175d93a Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 27 May 2021 09:30:34 +1000 Subject: [PATCH 78/89] Alternative attempt to trigger next branch builds --- .gitlab-ci.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0c88b49..50a3dce 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,6 +3,7 @@ image: docker:latest stages: - test - build +- build-next - build-test variables: @@ -43,18 +44,19 @@ x86_64:build: only: - mysql -x86_64:trigger: - stage: build - trigger: - project: $CI_PROJECT_PATH - branch: ext +x86_64:build-next: + stage: build-next + script: + - curl -X POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline + only: + - mysql x86_64:build-test: stage: build-test script: - if [ -f init ]; then chmod 500 init; fi - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true - - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test . + - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test . - docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test tags: - docker From 0c0f1727825364cf54f673669ca1cf37b9e237c7 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 27 May 2021 09:44:36 +1000 Subject: [PATCH 79/89] Alternative attempt to trigger next branch builds --- .gitlab-ci.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 50a3dce..501971d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,7 +3,6 @@ image: docker:latest stages: - test - build -- build-next - build-test variables: @@ -38,19 +37,13 @@ x86_64:build: - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} + - apt install -y curl && curl -X POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline tags: - docker - x86_64 only: - mysql -x86_64:build-next: - stage: build-next - script: - - curl -X POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline - only: - - mysql - x86_64:build-test: stage: build-test script: From 2e1edc39660b50f817d0bef8192d6680249b2aa2 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 27 May 2021 09:48:03 +1000 Subject: [PATCH 80/89] docker image uses apk not apt --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 501971d..24e4341 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -37,7 +37,7 @@ x86_64:build: - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} - - apt install -y curl && curl -X POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline + - apk add curl && curl -X POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline tags: - docker - x86_64 From 38bd78f5945d2fde3afd9539fc36e430cff73ded Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 27 May 2021 09:50:30 +1000 Subject: [PATCH 81/89] Added -L to curl for redirects --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 24e4341..3dc0461 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -37,7 +37,7 @@ x86_64:build: - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} - - apk add curl && curl -X POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline + - apk add curl && curl -LX POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline tags: - docker - x86_64 From ac0cda281814769162cda62df15adc20793485a7 Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 27 May 2021 10:01:25 +1000 Subject: [PATCH 82/89] Try with trigger token --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3dc0461..b73c6d1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -37,7 +37,7 @@ x86_64:build: - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} - - apk add curl && curl -LX POST -F token=${CI_JOB_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline + - apk add curl && curl -LX POST -F token=${TRIGGER_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline tags: - docker - x86_64 From d6de32b198a509b71a4e9307d278141e8a047c3b Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 27 May 2021 10:11:35 +1000 Subject: [PATCH 83/89] We also need --post301 for redirects --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b73c6d1..1215dc0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -37,7 +37,7 @@ x86_64:build: - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} - - apk add curl && curl -LX POST -F token=${TRIGGER_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline + - apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline tags: - docker - x86_64 From 45d16b63cbfdb81f80b78e3f41e60543a1889ec3 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 9 Jun 2021 11:37:15 +1000 Subject: [PATCH 84/89] Added memcached to php --- Dockerfile | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Dockerfile b/Dockerfile index 81822a0..9935a3b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,6 +36,14 @@ RUN apt-get update && apt-get install -y openssh-server libpq5 libpq-dev unzip g # Enable phpredis RUN pecl install -o -f igbinary && pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -rf /tmp/* +# Enable phpmemcache +RUN apt-get update && apt-get install -y memcached libmemcachedutil2 zlib1g-dev libmemcached-dev \ + && pecl install -o -f memcached && docker-php-ext-enable memcached \ + && apt-get -y purge zlib1g-dev libmemcached-dev \ + && apt-get -y autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + COPY init /sbin/ RUN chmod 550 /sbin/init && chown 0:0 /sbin/init ENTRYPOINT [ "/sbin/init" ] From 1111afcb5fe801fd85bc732305226dc843833638 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 9 Jun 2021 12:12:06 +1000 Subject: [PATCH 85/89] Changed NO_NGINX to NGINX_START, added REDIS/MEMCACHED startup --- Dockerfile | 5 ++++- init | 23 ++++++++++++++++++----- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9935a3b..cfd946a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,7 +34,10 @@ RUN apt-get update && apt-get install -y openssh-server libpq5 libpq-dev unzip g && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Enable phpredis -RUN pecl install -o -f igbinary && pecl install -o -f redis && docker-php-ext-enable redis igbinary && rm -rf /tmp/* +RUN apt-get update && apt-get install -y redis \ + && pecl install -o -f igbinary && pecl install -o -f redis && docker-php-ext-enable redis igbinary \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Enable phpmemcache RUN apt-get update && apt-get install -y memcached libmemcachedutil2 zlib1g-dev libmemcached-dev \ diff --git a/init b/init index c138e3b..230c319 100755 --- a/init +++ b/init @@ -6,12 +6,14 @@ env=${APP_ENV:-live} php=${PHP_DIR:-/var/www/html} composer=${COMPOSER_DIR:-/var/www/.composer} -NO_NGINX=${NO_NGINX:-TRUE} +NGINX_START=${NGINX_START:-TRUE} SSH_START=${SSH_START:-FALSE} +REDIS_START=${SSH_START:-FALSE} # To run a local queue, running jobs from the queue "hostname" LOCAL_QUEUE=${LOCAL_QUEUE:-FALSE} -#LOCAL_QUEUES= Optional additional queues to run for +# Optional additional queues to run for +#LOCAL_QUEUES= function mp() { set +e @@ -23,18 +25,26 @@ function mp() { function nginx_start() { # Start NGINX - if [ -x /usr/sbin/nginx -a "${NO_NGINX}" != "TRUE" ]; then + if [ -x /usr/sbin/nginx -a "${NGINX_START}" == "TRUE" ]; then echo "* Starting NGINX..." start-stop-daemon --start --pidfile /var/run/nginx.pid --exec /usr/sbin/nginx -- -g 'daemon on; master_process on;' fi } # General Setup -if [ -x /usr/sbin/sshd -a "${SSH_START}" = "TRUE" ]; then +if [ -x /usr/sbin/sshd -a "${SSH_START}" == "TRUE" ]; then [ ! -d /var/run/sshd ] && mkdir /var/run/sshd start-stop-daemon --start --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- -p 22 fi +if [ -x /usr/bin/redis-server -a "${REDIS_START}" == "TRUE" ]; then + start-stop-daemon --start --quiet --oknodo --umask 007 --pidfile /var/run/redis-server.pid --chuid redis:redis --exec /usr/bin/redis-server -- /etc/redis/redis.conf +fi + +if [ -x /usr/bin/memcached -a "${REDIS_START}" == "TRUE" ]; then + start-stop-daemon --start --quiet --exec "/usr/share/memcached/scripts/start-memcached" -- /etc/memcached.conf /var/run/memcached.pid +fi + # Laravel Specific if [ "${role}" = "app" -a -e artisan ]; then if [ ! -e ${php}/.env ]; then @@ -62,6 +72,8 @@ if [ "${role}" = "app" -a -e artisan ]; then if [ "${env}" != "local" -a -r "artisan" ]; then # See if we need to refresh our dependancies if [[ -r composer.json && ( -e .composer.refresh || ! -d vendor ) ]]; then + echo "* Composer installing dependancies..." + rm -f ${php}/bootstrap/cache/*.php if [ "${env}" != "local" ]; then NODEV="--no-dev" @@ -110,8 +122,9 @@ if [ "${role}" = "app" -a -e artisan ]; then fi nginx_start + if [ "${LOCAL_QUEUE}" = "TRUE" ]; then - echo "* Starting local queue for [${LOCAL_QUEUES}]..." + echo "* Starting local queue for [$(hostname)${LOCAL_QUEUES:+,${LOCAL_QUEUES}}] with job timeout of [${WORK_TIMEOUT:-90}], trying [${WORK_TRIES:-1}] times..." su www-data -s /bin/sh -c " (while true; do php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} --queue=$(hostname)${LOCAL_QUEUES:+,${LOCAL_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}; done) & " From afe65b26182d6ac65bc74507b5796c21c02e235a Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 9 Jun 2021 12:34:43 +1000 Subject: [PATCH 86/89] Fix ommissions in previous commit --- init | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/init b/init index 230c319..488f650 100755 --- a/init +++ b/init @@ -8,7 +8,8 @@ composer=${COMPOSER_DIR:-/var/www/.composer} NGINX_START=${NGINX_START:-TRUE} SSH_START=${SSH_START:-FALSE} -REDIS_START=${SSH_START:-FALSE} +REDIS_START=${REDIS_START:-FALSE} +MEMCACHED_START=${MEMCACHED_START:-FALSE} # To run a local queue, running jobs from the queue "hostname" LOCAL_QUEUE=${LOCAL_QUEUE:-FALSE} @@ -33,15 +34,18 @@ function nginx_start() { # General Setup if [ -x /usr/sbin/sshd -a "${SSH_START}" == "TRUE" ]; then + echo "* Starting SSH..." [ ! -d /var/run/sshd ] && mkdir /var/run/sshd start-stop-daemon --start --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- -p 22 fi if [ -x /usr/bin/redis-server -a "${REDIS_START}" == "TRUE" ]; then + echo "* Starting REDIS..." start-stop-daemon --start --quiet --oknodo --umask 007 --pidfile /var/run/redis-server.pid --chuid redis:redis --exec /usr/bin/redis-server -- /etc/redis/redis.conf fi -if [ -x /usr/bin/memcached -a "${REDIS_START}" == "TRUE" ]; then +if [ -x /usr/bin/memcached -a "${MEMCACHED_START}" == "TRUE" ]; then + echo "* Starting MEMCACHED..." start-stop-daemon --start --quiet --exec "/usr/share/memcached/scripts/start-memcached" -- /etc/memcached.conf /var/run/memcached.pid fi From 9600a556ada1d013e4c3be6a3efdac810870e0dd Mon Sep 17 00:00:00 2001 From: Deon George Date: Tue, 15 Jun 2021 22:36:13 +1000 Subject: [PATCH 87/89] Fix trigger to the right branch --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 1215dc0..7a66964 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -37,7 +37,7 @@ x86_64:build: - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} - - apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline + - apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=plus ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline tags: - docker - x86_64 From 4d86334839ca8d79f88e8f209f00b8aeb02bad6a Mon Sep 17 00:00:00 2001 From: Deon George Date: Thu, 24 Jun 2021 23:34:54 +1000 Subject: [PATCH 88/89] Change cache configuration, ensure items in public dont have +x --- init | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/init b/init index 488f650..b199af0 100755 --- a/init +++ b/init @@ -66,7 +66,8 @@ if [ "${role}" = "app" -a -e artisan ]; then find ${php} -type f -exec chmod 640 {} \; find ${php} -type d -exec chmod 750 {} \; chmod o+rx ${php} - chmod -R o+rx ${php}/public + chmod a+rx ${php}/artisan + chmod -R o+r ${php}/public chown -R lamp:www-data ${php} chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor @@ -99,7 +100,7 @@ if [ "${role}" = "app" -a -e artisan ]; then echo "* Lumen detected..." else echo "* Caching configuration..." - su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)" + su www-data -s /bin/sh -c "(php artisan optimize && php artisan view:cache)" fi if [ -r .migrate ]; then From 627b48852a7d1c3e138af3c91342e0ec13c978a8 Mon Sep 17 00:00:00 2001 From: Deon George Date: Wed, 30 Jun 2021 16:11:38 +1000 Subject: [PATCH 89/89] Changes to Permission settings, to enable NGINX to read public dirs --- init | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/init b/init index b199af0..05742c4 100755 --- a/init +++ b/init @@ -65,9 +65,10 @@ if [ "${role}" = "app" -a -e artisan ]; then # Make sure our permissions are appropraite find ${php} -type f -exec chmod 640 {} \; find ${php} -type d -exec chmod 750 {} \; + find ${php}/public -type f -exec chmod 644 {} \; + find ${php}/public -type d -exec chmod 755 {} \; chmod o+rx ${php} chmod a+rx ${php}/artisan - chmod -R o+r ${php}/public chown -R lamp:www-data ${php} chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.* [ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor