Compare commits
133 Commits
923b4e72ca
...
3b17ab1549
Author | SHA1 | Date | |
---|---|---|---|
3b17ab1549 | |||
|
5c4566f419 | ||
b665751711 | |||
f86ce8e8a8 | |||
0cf1719488 | |||
853f0b69d1 | |||
74ffc27e6c | |||
232037d3ad | |||
98210c41a9 | |||
cd26c07099 | |||
3056a63348 | |||
4a1d0e8e56 | |||
d778b2599a | |||
f5e4c8e300 | |||
|
4ac8e00528 | ||
|
59064cc03e | ||
|
6cd78fc2ad | ||
|
fca7560fa8 | ||
|
0c0d80472b | ||
|
999a5e5bf6 | ||
|
31a2b03d89 | ||
|
12431f6c2e | ||
|
e266319386 | ||
|
d7b97dfce7 | ||
|
c56a9e6a53 | ||
|
88503c81a2 | ||
|
80a8203985 | ||
|
2ce07e2c9a | ||
|
26c30cb5cb | ||
|
a0a0c7e1e2 | ||
|
546ebcc610 | ||
|
6d37d4ae78 | ||
|
4e50257a63 | ||
|
d3b84db0e9 | ||
|
8cf481d733 | ||
|
6da5ac5983 | ||
|
3302b0d6d4 | ||
|
b1a333ea4d | ||
|
06c6152085 | ||
|
194a6cfa99 | ||
|
471e5df45c | ||
|
fa61e00cf0 | ||
|
abe7be2afd | ||
|
d4e83d0c0a | ||
|
627b48852a | ||
|
4d86334839 | ||
|
9600a556ad | ||
|
afe65b2618 | ||
|
1111afcb5f | ||
|
45d16b63cb | ||
|
d6de32b198 | ||
|
ac0cda2818 | ||
|
38bd78f594 | ||
|
2e1edc3966 | ||
|
0c0f172782 | ||
|
f81815e789 | ||
|
8d8da2f5ad | ||
|
8d34685aaa | ||
|
3868365626 | ||
|
f505457e9b | ||
|
1667116257 | ||
|
e047287407 | ||
|
c4de84d51a | ||
|
f2602bd98a | ||
|
e037baadeb | ||
|
0d799f28c7 | ||
|
c05c67ec02 | ||
|
8cc6e595e3 | ||
|
c90446b059 | ||
|
b3ae5f32a3 | ||
|
27eb813e57 | ||
|
1a95ead792 | ||
|
1cc72feebe | ||
|
f072369597 | ||
|
677d57b4bf | ||
|
74afe07a7b | ||
|
d752fa113f | ||
|
7b9bd41c00 | ||
|
a62d434cef | ||
|
81b970b53b | ||
|
90ed5a1da6 | ||
|
90b27476b1 | ||
|
c8cc79dbb3 | ||
|
e87698b30c | ||
|
b244577c76 | ||
|
584e56aceb | ||
|
5943f0df5a | ||
|
f8bda40162 | ||
|
8237c6270c | ||
|
d23d97f9dd | ||
|
06e4f0dfcd | ||
|
f99cd2f308 | ||
|
3bddae369e | ||
|
cb2da835a3 | ||
|
235df69f19 | ||
|
ab31f9a71b | ||
|
139946ed1a | ||
|
41b4b633e2 | ||
|
528051fe04 | ||
|
c6f4d4835b | ||
|
fc50334ccf | ||
|
1850eb68c0 | ||
|
680ab60f7a | ||
|
ee45868bf9 | ||
|
8e23589589 | ||
|
9b4df6abb1 | ||
|
851daf659e | ||
|
6983db70d8 | ||
|
deb99f9b10 | ||
|
005f6b1161 | ||
|
55e8429e75 | ||
|
c66b95e414 | ||
|
31d5266266 | ||
|
2a35efec11 | ||
|
2976938437 | ||
|
8ca1a9a192 | ||
|
ba4e01f18d | ||
|
4c56b5723d | ||
|
9fb30c0958 | ||
|
42586535f4 | ||
|
b3e39f7cc9 | ||
|
2e0860713d | ||
|
9652a4baf9 | ||
|
ee72137f96 | ||
|
b48c38cee1 | ||
|
3df8ec4de2 | ||
|
fc28d4fe09 | ||
|
5852061063 | ||
|
1322c5f0f5 | ||
|
77c7e70428 | ||
|
7ca57c02ab | ||
|
39fdc2f940 | ||
|
ea8f8a2334 |
190
.gitea/workflows/build_docker.yaml
Normal file
190
.gitea/workflows/build_docker.yaml
Normal file
@ -0,0 +1,190 @@
|
|||||||
|
name: Create Docker Image
|
||||||
|
run-name: ${{ gitea.actor }} Building Docker Image 🐳
|
||||||
|
on: [push]
|
||||||
|
env:
|
||||||
|
VERSION: 8.3-fpm-pgsql
|
||||||
|
DOCKER_HOST: tcp://127.0.0.1:2375
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
strategy:
|
||||||
|
matrix:
|
||||||
|
arch:
|
||||||
|
- x86_64
|
||||||
|
- arm64
|
||||||
|
|
||||||
|
name: Build Docker Image
|
||||||
|
runs-on: docker-${{ matrix.arch }}
|
||||||
|
container:
|
||||||
|
image: docker:dind
|
||||||
|
privileged: true
|
||||||
|
env:
|
||||||
|
ARCH: ${{ matrix.arch }}
|
||||||
|
VERSIONARCH: ${{ env.VERSION }}-${{ env.ARCH }}
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Environment Setup
|
||||||
|
run: |
|
||||||
|
# If we have a proxy use it
|
||||||
|
if [ -n "${HTTP_PROXY}" ]; then echo "HTTP PROXY [${HTTP_PROXY}]"; sed -i -e s'/https/http/' /etc/apk/repositories; fi
|
||||||
|
# Some pre-reqs
|
||||||
|
apk add git curl nodejs
|
||||||
|
# Start docker
|
||||||
|
( dockerd --host=tcp://0.0.0.0:2375 --tls=false & ) && sleep 3
|
||||||
|
## Some debugging info
|
||||||
|
# docker info && docker version
|
||||||
|
# env|sort
|
||||||
|
|
||||||
|
- name: Registry FQDN Setup
|
||||||
|
id: registry
|
||||||
|
run: |
|
||||||
|
registry=${{ github.server_url }}
|
||||||
|
echo "registry=${registry##http*://}" >> "$GITHUB_OUTPUT"
|
||||||
|
|
||||||
|
- name: Container Registry Login
|
||||||
|
uses: docker/login-action@v2
|
||||||
|
with:
|
||||||
|
registry: ${{ steps.registry.outputs.registry }}
|
||||||
|
username: ${{ gitea.actor }}
|
||||||
|
password: ${{ secrets.PKG_WRITE_TOKEN }}
|
||||||
|
|
||||||
|
- name: Code Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Build and Push Docker Image
|
||||||
|
uses: docker/build-push-action@v5
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
file: docker/Dockerfile
|
||||||
|
push: true
|
||||||
|
tags: "${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSIONARCH }}"
|
||||||
|
|
||||||
|
manifest:
|
||||||
|
name: Final Docker Image Manifest
|
||||||
|
runs-on: docker-x86_64
|
||||||
|
container:
|
||||||
|
image: docker:dind
|
||||||
|
privileged: true
|
||||||
|
needs: [build]
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Environment Setup
|
||||||
|
run: |
|
||||||
|
# If we have a proxy use it
|
||||||
|
if [ -n "${HTTP_PROXY}" ]; then echo "HTTP PROXY [${HTTP_PROXY}]"; sed -i -e s'/https/http/' /etc/apk/repositories; fi
|
||||||
|
# Some pre-reqs
|
||||||
|
apk add git curl nodejs
|
||||||
|
# Start docker
|
||||||
|
( dockerd --host=tcp://0.0.0.0:2375 --tls=false & ) && sleep 3
|
||||||
|
|
||||||
|
- name: Registry FQDN Setup
|
||||||
|
id: registry
|
||||||
|
run: |
|
||||||
|
registry=${{ github.server_url }}
|
||||||
|
echo "registry=${registry##http*://}" >> "$GITHUB_OUTPUT"
|
||||||
|
|
||||||
|
- name: Container Registry Login
|
||||||
|
uses: docker/login-action@v2
|
||||||
|
with:
|
||||||
|
registry: ${{ steps.registry.outputs.registry }}
|
||||||
|
username: ${{ gitea.actor }}
|
||||||
|
password: ${{ secrets.PKG_WRITE_TOKEN }}
|
||||||
|
|
||||||
|
- name: Build Docker Manifest
|
||||||
|
run: |
|
||||||
|
docker manifest create ${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }} \
|
||||||
|
${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }}-x86_64 \
|
||||||
|
${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }}-arm64
|
||||||
|
docker manifest push --purge ${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }}
|
||||||
|
|
||||||
|
test:
|
||||||
|
strategy:
|
||||||
|
matrix:
|
||||||
|
arch:
|
||||||
|
- x86_64
|
||||||
|
# arm64
|
||||||
|
|
||||||
|
name: Build Docker Test Image
|
||||||
|
runs-on: docker-${{ matrix.arch }}
|
||||||
|
container:
|
||||||
|
image: docker:dind
|
||||||
|
privileged: true
|
||||||
|
env:
|
||||||
|
ARCH: ${{ matrix.arch }}
|
||||||
|
VERSIONARCH: ${{ env.VERSION }}-test-${{ env.ARCH }}
|
||||||
|
needs: [manifest]
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Environment Setup
|
||||||
|
run: |
|
||||||
|
# If we have a proxy use it
|
||||||
|
if [ -n "${HTTP_PROXY}" ]; then echo "HTTP PROXY [${HTTP_PROXY}]"; sed -i -e s'/https/http/' /etc/apk/repositories; fi
|
||||||
|
# Some pre-reqs
|
||||||
|
apk add git curl nodejs
|
||||||
|
# Start docker
|
||||||
|
( dockerd --host=tcp://0.0.0.0:2375 --tls=false & ) && sleep 3
|
||||||
|
## Some debugging info
|
||||||
|
# docker info && docker version
|
||||||
|
# env|sort
|
||||||
|
|
||||||
|
- name: Registry FQDN Setup
|
||||||
|
id: registry
|
||||||
|
run: |
|
||||||
|
registry=${{ github.server_url }}
|
||||||
|
echo "registry=${registry##http*://}" >> "$GITHUB_OUTPUT"
|
||||||
|
|
||||||
|
- name: Container Registry Login
|
||||||
|
uses: docker/login-action@v2
|
||||||
|
with:
|
||||||
|
registry: ${{ steps.registry.outputs.registry }}
|
||||||
|
username: ${{ gitea.actor }}
|
||||||
|
password: ${{ secrets.PKG_WRITE_TOKEN }}
|
||||||
|
|
||||||
|
- name: Code Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Build and Push Docker Image
|
||||||
|
uses: docker/build-push-action@v5
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
file: docker/Dockerfile.phptest
|
||||||
|
push: true
|
||||||
|
tags: "${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSIONARCH }}"
|
||||||
|
|
||||||
|
manifest-test:
|
||||||
|
name: Final Docker Test Image Manifest
|
||||||
|
runs-on: docker-x86_64
|
||||||
|
container:
|
||||||
|
image: docker:dind
|
||||||
|
privileged: true
|
||||||
|
needs: [test]
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Environment Setup
|
||||||
|
run: |
|
||||||
|
# If we have a proxy use it
|
||||||
|
if [ -n "${HTTP_PROXY}" ]; then echo "HTTP PROXY [${HTTP_PROXY}]"; sed -i -e s'/https/http/' /etc/apk/repositories; fi
|
||||||
|
# Some pre-reqs
|
||||||
|
apk add git curl nodejs
|
||||||
|
# Start docker
|
||||||
|
( dockerd --host=tcp://0.0.0.0:2375 --tls=false & ) && sleep 3
|
||||||
|
|
||||||
|
- name: Registry FQDN Setup
|
||||||
|
id: registry
|
||||||
|
run: |
|
||||||
|
registry=${{ github.server_url }}
|
||||||
|
echo "registry=${registry##http*://}" >> "$GITHUB_OUTPUT"
|
||||||
|
|
||||||
|
- name: Container Registry Login
|
||||||
|
uses: docker/login-action@v2
|
||||||
|
with:
|
||||||
|
registry: ${{ steps.registry.outputs.registry }}
|
||||||
|
username: ${{ gitea.actor }}
|
||||||
|
password: ${{ secrets.PKG_WRITE_TOKEN }}
|
||||||
|
|
||||||
|
- name: Build Docker Manifest
|
||||||
|
run: |
|
||||||
|
docker manifest create ${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }}-test \
|
||||||
|
${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }}-test-x86_64
|
||||||
|
#${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }}-test-arm64
|
||||||
|
docker manifest push --purge ${{ steps.registry.outputs.registry }}/${{ env.GITHUB_REPOSITORY }}:${{ env.VERSION }}-test
|
@ -1,42 +0,0 @@
|
|||||||
image: docker:latest
|
|
||||||
|
|
||||||
stages:
|
|
||||||
- test
|
|
||||||
- build
|
|
||||||
|
|
||||||
variables:
|
|
||||||
BRANCH: plus
|
|
||||||
VERSION: 7.1-fpm-${BRANCH}
|
|
||||||
CACHETAG: build-${BRANCH}
|
|
||||||
DOCKER_REGISTRY: registry.leenooks.net
|
|
||||||
DOCKER_HOST: tcp://${DOCKER_REGISTRY}-leenooks-ci-docker:2375
|
|
||||||
|
|
||||||
services:
|
|
||||||
- ${DOCKER_REGISTRY}/leenooks/ci-docker:dind
|
|
||||||
|
|
||||||
before_script:
|
|
||||||
- docker info
|
|
||||||
- docker version
|
|
||||||
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN ${DOCKER_REGISTRY}
|
|
||||||
|
|
||||||
test:
|
|
||||||
stage: test
|
|
||||||
script:
|
|
||||||
- cat /etc/hosts
|
|
||||||
- env|sort
|
|
||||||
- docker build -t ${CI_REGISTRY_IMAGE}:${VERSION} .
|
|
||||||
- docker images
|
|
||||||
only:
|
|
||||||
- debug
|
|
||||||
|
|
||||||
build:
|
|
||||||
stage: build
|
|
||||||
script:
|
|
||||||
- docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG} || true
|
|
||||||
- docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} .
|
|
||||||
- docker push ${CI_REGISTRY_IMAGE}:${VERSION}
|
|
||||||
- docker push ${CI_REGISTRY_IMAGE}:${CACHETAG}
|
|
||||||
tags:
|
|
||||||
- docker
|
|
||||||
only:
|
|
||||||
- plus
|
|
23
Dockerfile
23
Dockerfile
@ -1,23 +0,0 @@
|
|||||||
# NAME leenooks/php
|
|
||||||
# VERSION 7.1-fpm-plus
|
|
||||||
|
|
||||||
FROM php:7.1-fpm
|
|
||||||
RUN echo "deb http://deb.debian.org/debian jessie non-free" >> /etc/apt/sources.list.d/non-free.list && apt-get update \
|
|
||||||
&& apt-get install -y pkg-config libbz2-dev libgmp-dev libpng-dev libjpeg-dev libfreetype6-dev libsnmp-dev snmp-mibs-downloader libmagickwand-dev --no-install-recommends \
|
|
||||||
&& download-mibs \
|
|
||||||
&& docker-php-ext-configure gd --with-freetype-dir=/usr/include/freetype2 --with-jpeg-dir=/usr/include/ \
|
|
||||||
&& docker-php-ext-install -j$(nproc) pdo_mysql bz2 gettext sockets gmp gd pcntl snmp exif \
|
|
||||||
&& pecl install imagick && docker-php-ext-enable imagick \
|
|
||||||
&& rm -rf /var/lib/apt/lists/* /tmp/*
|
|
||||||
|
|
||||||
RUN apt-get update && apt-get install -y openssh-server && rm -rf /var/lib/apt/lists/* \
|
|
||||||
&& useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp
|
|
||||||
|
|
||||||
EXPOSE 9000/tcp 22/tcp
|
|
||||||
|
|
||||||
COPY sshd_config.patch /tmp
|
|
||||||
RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch
|
|
||||||
|
|
||||||
COPY start /usr/local/sbin
|
|
||||||
ENTRYPOINT [ "/usr/local/sbin/start" ]
|
|
||||||
CMD ["php-fpm"]
|
|
11
docker/Dockerfile
Normal file
11
docker/Dockerfile
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# NAME docker/php
|
||||||
|
# VERSION 8.3-fpm-pgsql-image
|
||||||
|
|
||||||
|
FROM gitea.dege.au/docker/php:8.3-fpm-pgsql
|
||||||
|
|
||||||
|
# Images
|
||||||
|
RUN apk add --no-cache imagemagick libheif libde265 php83-pecl-imagick \
|
||||||
|
&& ln /usr/lib/php83/modules/imagick.so /usr/local/lib/php/extensions/no-debug-non-zts-20230831/ \
|
||||||
|
&& ln /etc/php83/conf.d/imagick.ini /usr/local/etc/php/conf.d/
|
||||||
|
RUN apk add --no-cache gmp-dev \
|
||||||
|
&& docker-php-ext-install -j$(nproc) gmp
|
9
docker/Dockerfile.phptest
Normal file
9
docker/Dockerfile.phptest
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
# NAME docker/php
|
||||||
|
# VERSION 8.3-fpm-pgsql-test
|
||||||
|
|
||||||
|
FROM gitea.dege.au/docker/php:8.3-fpm-pgsql
|
||||||
|
|
||||||
|
# Add xdebug
|
||||||
|
RUN apk --no-cache add linux-headers \
|
||||||
|
&& pecl_install xdebug \
|
||||||
|
&& apk --no-cache del linux-headers
|
175
docker/init
Executable file
175
docker/init
Executable file
@ -0,0 +1,175 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
role=${CONTAINER_ROLE:-app}
|
||||||
|
env=${APP_ENV:-production}
|
||||||
|
php=${PHP_DIR:-/var/www/html}
|
||||||
|
composer=${COMPOSER_HOME:-/var/cache/composer}
|
||||||
|
|
||||||
|
SITE_USER=${SITE_USER:-www-data}
|
||||||
|
NGINX_START=${NGINX_START:-TRUE}
|
||||||
|
MEMCACHED_START=${MEMCACHED_START:-FALSE}
|
||||||
|
|
||||||
|
# To run a local queue, running jobs from the queue "hostname"
|
||||||
|
LOCAL_QUEUE=${LOCAL_QUEUE:-FALSE}
|
||||||
|
# Optional additional queues to run for
|
||||||
|
#LOCAL_QUEUES=
|
||||||
|
|
||||||
|
function mp() {
|
||||||
|
set +e
|
||||||
|
mountpoint -q $1
|
||||||
|
local mp=$?
|
||||||
|
set -e
|
||||||
|
echo ${mp}
|
||||||
|
}
|
||||||
|
|
||||||
|
function nginx_start() {
|
||||||
|
# Start NGINX
|
||||||
|
if [ -x /usr/sbin/nginx -a "${NGINX_START}" == "TRUE" ]; then
|
||||||
|
echo "* Starting NGINX..."
|
||||||
|
/usr/sbin/nginx -g 'daemon on; master_process on;'
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Run any container setup
|
||||||
|
[ -x /sbin/init-container ] && /sbin/init-container
|
||||||
|
|
||||||
|
# General Setup
|
||||||
|
if [ -x /usr/bin/memcached -a "${MEMCACHED_START}" == "TRUE" ]; then
|
||||||
|
echo "* Starting MEMCACHED..."
|
||||||
|
/usr/bin/memcached -d -P /run/memcached/memcached.pid -u memcached
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Laravel Specific
|
||||||
|
if [ -r artisan -a -e ${php}/.env ]; then
|
||||||
|
mp=$(mp ${php})
|
||||||
|
|
||||||
|
# Only adjust perms if this is an external mountpoint
|
||||||
|
if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then
|
||||||
|
if [ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ]; then
|
||||||
|
echo "* Setting Permissions..."
|
||||||
|
# Make sure our permissions are appropraite
|
||||||
|
find ${php} -type f -exec chmod 640 {} \;
|
||||||
|
find ${php} -type d -exec chmod 750 {} \;
|
||||||
|
find ${php}/public -type f -exec chmod 644 {} \;
|
||||||
|
find ${php}/public -type d -exec chmod 755 {} \;
|
||||||
|
chmod o+rx ${php}
|
||||||
|
chmod a+rx ${php}/artisan
|
||||||
|
chown -R ${SITE_USER}:www-data ${php}
|
||||||
|
chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.*
|
||||||
|
[ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# See if we need to refresh our dependancies
|
||||||
|
if [[ -r composer.json && ( -e .composer.refresh || ! -d vendor ) ]]; then
|
||||||
|
echo "* Composer installing dependancies..."
|
||||||
|
|
||||||
|
rm -f ${php}/bootstrap/cache/*.php
|
||||||
|
if [ "${env}" != "local" ]; then
|
||||||
|
NODEV="--no-dev"
|
||||||
|
fi
|
||||||
|
|
||||||
|
mp=$(mp ${composer})
|
||||||
|
|
||||||
|
if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then
|
||||||
|
[ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer}
|
||||||
|
[ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor
|
||||||
|
[ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && chmod g+w ${php}
|
||||||
|
fi
|
||||||
|
|
||||||
|
su www-data -s /bin/sh -c "composer install --optimize-autoloader ${NODEV}" && ( test -e .composer.refresh && rm -f .composer.refresh )
|
||||||
|
[ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && [ ${mp} -eq 0 ] && chmod g-w ${php}
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -e .lumen ]; then
|
||||||
|
echo "* Lumen detected, not caching configuration..."
|
||||||
|
else
|
||||||
|
# We only check for non mount points, in case this container has the app inside
|
||||||
|
mp=$(mp ${php})
|
||||||
|
if [ ${mp} -eq 1 ]; then
|
||||||
|
echo "* Caching configuration..."
|
||||||
|
su www-data -s /bin/sh -c "(php artisan optimize)"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${role}" = "app" ]; then
|
||||||
|
if [ "${env}" != "local" ]; then
|
||||||
|
if [ -z "${IGNORE_MIGRATION}" ]; then
|
||||||
|
if [ -r .migrate ]; then
|
||||||
|
echo "* Running migration..."
|
||||||
|
# If DB_HOST not set, source the env file
|
||||||
|
[ -z "${DB_HOST}" -a -r .env ] && . .env
|
||||||
|
|
||||||
|
if [ -n "${DB_HOST}" -a -n "${DB_PORT}" ]; then
|
||||||
|
while ! wait-for-it -h ${DB_HOST} -p ${DB_PORT} -t 5 -q; do
|
||||||
|
echo "? Waiting for database at ${DB_HOST}:${DB_PORT}"
|
||||||
|
sleep 1;
|
||||||
|
done
|
||||||
|
echo "- DB is active on ${DB_HOST}:${DB_PORT}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
su www-data -s /bin/sh -c "php artisan migrate" && rm -f .migrate
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
[ -r .migrate ] && echo "! NOTE: Migration ignored due to IGNORE_MIGRATION"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If passport is installed
|
||||||
|
if [ -d ${php}/vendor/laravel/passport ]; then
|
||||||
|
echo "* Generating OAUTH keys ..."
|
||||||
|
set +e
|
||||||
|
su www-data -s /bin/sh -c "php artisan passport:keys"
|
||||||
|
set -e
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
nginx_start
|
||||||
|
|
||||||
|
if [ "${LOCAL_QUEUE}" = "TRUE" ]; then
|
||||||
|
echo "* Starting local queue for [$(hostname)${LOCAL_QUEUES:+,${LOCAL_QUEUES}}] with job timeout of [${WORK_TIMEOUT:-90}], trying [${WORK_TRIES:-1}] times..."
|
||||||
|
su www-data -s /bin/sh -c "
|
||||||
|
(while true; do php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} --queue=$(hostname)${LOCAL_QUEUES:+,${LOCAL_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}; done) &
|
||||||
|
"
|
||||||
|
fi
|
||||||
|
|
||||||
|
set +e
|
||||||
|
[ -x init-php.sh ] && su www-data -s /bin/bash "init-php.sh" &
|
||||||
|
|
||||||
|
exec /usr/local/bin/docker-php-entrypoint "$@"
|
||||||
|
|
||||||
|
elif [ "$role" = "queue" ]; then
|
||||||
|
QUEUE_CMD=work
|
||||||
|
|
||||||
|
if [ "${env}" == "local" ]; then
|
||||||
|
QUEUE_CMD=listen
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "* Running the queue..."
|
||||||
|
# We'll delay starting in case the app is caching
|
||||||
|
sleep 15
|
||||||
|
|
||||||
|
su www-data -s /bin/sh -c "
|
||||||
|
while true; do
|
||||||
|
php ${PHP_OPTIONS} artisan queue:${QUEUE_CMD} --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}
|
||||||
|
done
|
||||||
|
"
|
||||||
|
|
||||||
|
elif [ "$role" = "scheduler" ]; then
|
||||||
|
echo "* Running the scheduler..."
|
||||||
|
# We'll delay starting in case the app is caching
|
||||||
|
sleep 15
|
||||||
|
|
||||||
|
su www-data -s /bin/sh -c "
|
||||||
|
while true; do
|
||||||
|
(php ${PHP_OPTIONS} artisan schedule:work --verbose --no-interaction &)
|
||||||
|
done
|
||||||
|
"
|
||||||
|
fi
|
||||||
|
|
||||||
|
else
|
||||||
|
nginx_start
|
||||||
|
|
||||||
|
echo "? NO container role \"${role}\", AND/OR no laravel install, just starting php-fpm"
|
||||||
|
exec /usr/local/bin/docker-php-entrypoint "$@"
|
||||||
|
fi
|
43
docker/nginx-app.conf
Normal file
43
docker/nginx-app.conf
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
server {
|
||||||
|
listen 80 default_server;
|
||||||
|
listen [::]:80 default_server;
|
||||||
|
|
||||||
|
access_log off;
|
||||||
|
client_max_body_size 64m;
|
||||||
|
error_log /dev/stdout info;
|
||||||
|
fastcgi_buffering off;
|
||||||
|
fastcgi_request_buffering off;
|
||||||
|
gzip_vary on;
|
||||||
|
gzip_min_length 10240;
|
||||||
|
gzip_proxied expired no-cache no-store private auth;
|
||||||
|
gzip_types text/plain text/css application/javascript;
|
||||||
|
index index.php index.html;
|
||||||
|
root /var/www/html/public;
|
||||||
|
server_tokens off;
|
||||||
|
|
||||||
|
set $my_https "off";
|
||||||
|
if ($http_x_forwarded_proto = "https") {
|
||||||
|
set $my_https "on";
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ /index.php?$query_string;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
try_files $uri =404;
|
||||||
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
|
fastcgi_pass 127.0.0.1:9000;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
|
||||||
|
include fastcgi_params;
|
||||||
|
|
||||||
|
fastcgi_param HTTPS $my_https;
|
||||||
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||||
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
fastcgi_param SERVER_NAME $host;
|
||||||
|
|
||||||
|
fastcgi_read_timeout 600s;
|
||||||
|
fastcgi_send_timeout 600s;
|
||||||
|
}
|
||||||
|
}
|
16
docker/pecl_install
Executable file
16
docker/pecl_install
Executable file
@ -0,0 +1,16 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# This will install our PHP modules
|
||||||
|
# call peck-install module1 module2
|
||||||
|
|
||||||
|
# First install some dependancies
|
||||||
|
apk add --no-cache autoconf gcc libc-dev make
|
||||||
|
|
||||||
|
# Install the modules
|
||||||
|
for module in $@; do
|
||||||
|
pecl install -o -f ${module} && docker-php-ext-enable ${module}
|
||||||
|
done
|
||||||
|
|
||||||
|
# Clean up
|
||||||
|
rm -rf /tmp/pear
|
||||||
|
apk del --no-cache autoconf gcc libc-dev make
|
12
docker/www.conf
Normal file
12
docker/www.conf
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
[www]
|
||||||
|
group = www-data
|
||||||
|
listen = 127.0.0.1:9000
|
||||||
|
pm = dynamic
|
||||||
|
pm.max_children = 25
|
||||||
|
pm.max_spare_servers = 10
|
||||||
|
pm.min_spare_servers = 5
|
||||||
|
pm.start_servers = 10
|
||||||
|
user = www-data
|
||||||
|
prefix = /var/www/html
|
||||||
|
php_admin_value[memory_limit] = 512M
|
||||||
|
php_admin_value[max_execution_time] = 300
|
26
msmtprc
Normal file
26
msmtprc
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
# A system wide configuration file is optional.
|
||||||
|
defaults
|
||||||
|
port 25
|
||||||
|
tls off
|
||||||
|
|
||||||
|
# If it exists, it usually defines a default account.
|
||||||
|
# This allows msmtp to be used like /usr/sbin/sendmail.
|
||||||
|
account default
|
||||||
|
|
||||||
|
# Authentication
|
||||||
|
auth off
|
||||||
|
|
||||||
|
# The SMTP smarthost
|
||||||
|
host smtp
|
||||||
|
|
||||||
|
# Envelope-from address
|
||||||
|
from nobody@%H
|
||||||
|
|
||||||
|
# Sets the argument of the SMTP EHLO
|
||||||
|
domain web
|
||||||
|
|
||||||
|
# Construct envelope-from addresses of the form "user@oursite.example"
|
||||||
|
#allow_from_override on
|
||||||
|
|
||||||
|
# Syslog logging with facility LOG_MAIL instead of the default LOG_USER
|
||||||
|
syslog LOG_MAIL
|
@ -1,20 +0,0 @@
|
|||||||
--- /etc/ssh/sshd_config.orig 2017-12-13 10:12:21.098005827 +0000
|
|
||||||
+++ /etc/ssh/sshd_config 2017-12-13 10:14:11.461687661 +0000
|
|
||||||
@@ -25,7 +25,7 @@
|
|
||||||
|
|
||||||
# Authentication:
|
|
||||||
LoginGraceTime 120
|
|
||||||
-PermitRootLogin without-password
|
|
||||||
+PermitRootLogin no
|
|
||||||
StrictModes yes
|
|
||||||
|
|
||||||
RSAAuthentication yes
|
|
||||||
@@ -49,7 +49,7 @@
|
|
||||||
ChallengeResponseAuthentication no
|
|
||||||
|
|
||||||
# Change to no to disable tunnelled clear text passwords
|
|
||||||
-#PasswordAuthentication yes
|
|
||||||
+PasswordAuthentication no
|
|
||||||
|
|
||||||
# Kerberos options
|
|
||||||
#KerberosAuthentication no
|
|
Loading…
Reference in New Issue
Block a user