Docker changes

This commit is contained in:
Ashley Hull 2020-04-11 23:48:02 +08:00
parent 30c611edd5
commit 5c65b81851
11 changed files with 2311 additions and 209 deletions

143
.env.docker Normal file
View file

@ -0,0 +1,143 @@
## Crypto
APP_KEY=
## General Settings
APP_NAME="Pixelfed Prod"
APP_ENV=production
APP_DEBUG=false
APP_URL=https://real.domain
APP_DOMAIN="real.domain"
ADMIN_DOMAIN="real.domain"
SESSION_DOMAIN="real.domain"
OPEN_REGISTRATION=true
ENFORCE_EMAIL_VERIFICATION=false
PF_MAX_USERS=1000
OAUTH_ENABLED=true
APP_TIMEZONE=UTC
APP_LOCALE=en
## Pixelfed Tweaks
LIMIT_ACCOUNT_SIZE=true
MAX_ACCOUNT_SIZE=1000000
MAX_PHOTO_SIZE=15000
MAX_AVATAR_SIZE=2000
MAX_CAPTION_LENGTH=500
MAX_BIO_LENGTH=125
MAX_NAME_LENGTH=30
MAX_ALBUM_LENGTH=4
IMAGE_QUALITY=80
PF_OPTIMIZE_IMAGES=true
PF_OPTIMIZE_VIDEOS=true
ADMIN_ENV_EDITOR=false
ACCOUNT_DELETION=true
ACCOUNT_DELETE_AFTER=false
MAX_LINKS_PER_POST=0
## Instance
#INSTANCE_DESCRIPTION=
INSTANCE_PUBLIC_HASHTAGS=false
#INSTANCE_CONTACT_EMAIL=
INSTANCE_PUBLIC_LOCAL_TIMELINE=false
#BANNED_USERNAMES=
STORIES_ENABLED=false
RESTRICTED_INSTANCE=false
## Mail
MAIL_DRIVER=log
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_FROM_ADDRESS="pixelfed@example.com"
MAIL_FROM_NAME="Pixelfed"
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
## Databases (MySQL)
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=pixelfed
DB_USERNAME=pixelfed
DB_PASSWORD=pixelfed
## Databases (Postgres)
#DB_CONNECTION=pgsql
#DB_HOST=postgres
#DB_PORT=5432
#DB_DATABASE=pixelfed
#DB_USERNAME=postgres
#DB_PASSWORD=postgres
## Cache (Redis)
REDIS_CLIENT=phpredis
REDIS_SCHEME=tcp
REDIS_HOST=redis
REDIS_PASSWORD=null
REDIS_PORT=6379
REDIS_DATABASE=0
## EXPERIMENTS
EXP_LC=false
EXP_REC=false
EXP_LOOPS=false
## ActivityPub Federation
ACTIVITY_PUB=false
AP_REMOTE_FOLLOW=false
AP_SHAREDINBOX=false
AP_INBOX=false
AP_OUTBOX=false
ATOM_FEEDS=true
NODEINFO=true
WEBFINGER=true
## S3
FILESYSTEM_DRIVER=local
FILESYSTEM_CLOUD=s3
PF_ENABLE_CLOUD=false
#AWS_ACCESS_KEY_ID=
#AWS_SECRET_ACCESS_KEY=
#AWS_DEFAULT_REGION=
#AWS_BUCKET=
#AWS_URL=
#AWS_ENDPOINT=
#AWS_USE_PATH_STYLE_ENDPOINT=false
## Horizon
HORIZON_DARKMODE=false
## COSTAR - Confirm Object Sentiment Transform and Reduce
PF_COSTAR_ENABLED=false
# Media
MEDIA_EXIF_DATABASE=false
## Logging
LOG_CHANNEL=stack
## Image
IMAGE_DRIVER=imagick
## Broadcasting
BROADCAST_DRIVER=log # log driver for local development
## Cache
CACHE_DRIVER=redis
## Purify
RESTRICT_HTML_TYPES=true
## Queue
QUEUE_DRIVER=redis
## Session
SESSION_DRIVER=redis
## Trusted Proxy
TRUST_PROXIES="*"
## Passport
#PASSPORT_PRIVATE_KEY=
#PASSPORT_PUBLIC_KEY=

View file

@ -1,52 +0,0 @@
APP_NAME="Pixelfed Prod"
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://localhost
APP_DOMAIN="localhost"
ADMIN_DOMAIN="localhost"
SESSION_DOMAIN="localhost"
TRUST_PROXIES="*"
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=db
DB_PORT=3306
DB_DATABASE=pixelfed
DB_USERNAME=pixelfed
DB_PASSWORD=pixelfed
BROADCAST_DRIVER=log
CACHE_DRIVER=redis
SESSION_DRIVER=redis
QUEUE_DRIVER=redis
REDIS_SCHEME=tcp
REDIS_HOST=redis
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_DRIVER=log
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS="pixelfed@example.com"
MAIL_FROM_NAME="Pixelfed"
OPEN_REGISTRATION=true
ENFORCE_EMAIL_VERIFICATION=true
PF_MAX_USERS=1000
MAX_PHOTO_SIZE=15000
MAX_CAPTION_LENGTH=150
MAX_ALBUM_LENGTH=4
ACTIVITY_PUB=false
AP_REMOTE_FOLLOW=false
AP_INBOX=false
PF_COSTAR_ENABLED=false

35
contrib/docker-nginx.conf Normal file
View file

@ -0,0 +1,35 @@
upstream fe {
server 127.0.0.1:8080;
}
server {
server_name real.domain;
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/real.domain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/real.domain/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_x_forwarded_host;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_redirect off;
proxy_pass http://fe/;
}
}
server {
if ($host = real.domain) {
return 301 https://$host$request_uri;
}
listen 80;
listen [::]:80;
server_name real.domain;
return 404;
}

View file

@ -1,25 +1,79 @@
FROM php:7.4-apache-buster
ARG COMPOSER_VERSION="1.9.1"
ARG COMPOSER_CHECKSUM="1f210b9037fcf82670d75892dfc44400f13fe9ada7af9e787f93e50e3b764111"
# Use the default production configuration
COPY contrib/docker/php.production.ini "$PHP_INI_DIR/php.ini"
RUN apt-get update \
&& apt-get install -y --no-install-recommends apt-utils \
&& apt-get install -y --no-install-recommends git gosu ffmpeg \
optipng pngquant jpegoptim gifsicle libpq-dev libsqlite3-dev locales zip unzip libzip-dev libcurl4-openssl-dev \
libfreetype6 libicu-dev libjpeg62-turbo libpng16-16 libxpm4 libwebp6 libmagickwand-6.q16-6 \
libfreetype6-dev libjpeg62-turbo-dev libpng-dev libxpm-dev libwebp-dev libmagickwand-dev mariadb-client\
&& sed -i '/en_US/s/^#//g' /etc/locale.gen \
&& locale-gen && update-locale \
&& docker-php-source extract \
&& docker-php-ext-configure gd \
# Install Composer
ENV COMPOSER_VERSION 1.9.2
ENV COMPOSER_HOME /var/www/.composer
RUN curl -o /tmp/composer-setup.php https://getcomposer.org/installer \
&& curl -o /tmp/composer-setup.sig https://composer.github.io/installer.sig \
&& php -r "if (hash('SHA384', file_get_contents('/tmp/composer-setup.php')) !== trim(file_get_contents('/tmp/composer-setup.sig'))) { unlink('/tmp/composer-setup.php'); echo 'Invalid installer' . PHP_EOL; exit(1); }" \
&& php /tmp/composer-setup.php --no-ansi --install-dir=/usr/local/bin --filename=composer --version=${COMPOSER_VERSION} && rm -rf /tmp/composer-setup.php
# Update OS Packages
RUN apt-get update
# Install OS Packages
RUN apt-get install -y --no-install-recommends apt-utils
RUN apt-get install -y --no-install-recommends \
## Standard
locales locales-all \
git \
gosu \
zip \
unzip \
libzip-dev \
libcurl4-openssl-dev \
## Image Optimization
optipng \
pngquant \
jpegoptim \
gifsicle \
## Image Processing
libjpeg62-turbo-dev \
libpng-dev \
# Required for GD
libxpm4 \
libxpm-dev \
libwebp6 \
libwebp-dev \
## Video Processing
ffmpeg
# Update Local data
RUN sed -i '/en_US/s/^#//g' /etc/locale.gen && locale-gen && update-locale
# Install PHP extensions
RUN docker-php-source extract
#PHP Imagemagick extensions
RUN apt-get install -y --no-install-recommends libmagickwand-dev
RUN pecl install imagick
RUN docker-php-ext-enable imagick
# PHP GD extensions
RUN docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
--with-xpm \
&& docker-php-ext-install pdo_mysql pdo_pgsql pdo_sqlite pcntl gd exif bcmath intl zip curl \
&& docker-php-ext-enable pcntl gd exif zip curl \
&& a2enmod rewrite remoteip \
--with-xpm
RUN docker-php-ext-install "-j$(nproc) gd"
#PHP Redis extensions
RUN pecl install redis
RUN docker-php-ext-enable redis
#PHP Database extensions
RUN apt-get install -y --no-install-recommends libpq-dev libsqlite3-dev
RUN docker-php-ext-install pdo_mysql pdo_pgsql pdo_sqlite
#PHP extensions (dependencies)
RUN docker-php-ext-configure intl
RUN docker-php-ext-install "-j$(nproc) intl bcmath zip pcntl exif curl"
#APACHE Bootstrap
RUN a2enmod rewrite remoteip \
&& {\
echo RemoteIPHeader X-Real-IP ;\
echo RemoteIPTrustedProxy 10.0.0.0/8 ;\
@ -27,45 +81,26 @@ RUN apt-get update \
echo RemoteIPTrustedProxy 192.168.0.0/16 ;\
echo SetEnvIf X-Forwarded-Proto "https" HTTPS=on ;\
} > /etc/apache2/conf-available/remoteip.conf \
&& a2enconf remoteip \
&& curl -LsS https://getcomposer.org/download/${COMPOSER_VERSION}/composer.phar -o /usr/bin/composer \
&& echo "${COMPOSER_CHECKSUM} /usr/bin/composer" | sha256sum -c - \
&& chmod 755 /usr/bin/composer \
&& apt-get autoremove --purge -y \
libfreetype6-dev libjpeg62-turbo-dev libpng-dev libxpm-dev libvpx-dev libmagickwand-dev \
&& rm -rf /var/cache/apt \
&& docker-php-source delete
&& a2enconf remoteip
#Cleanup
RUN docker-php-source delete
RUN apt-get autoremove --purge -y
RUN apt-get clean
RUN rm -rf /var/cache/apt
RUN rm -rf /var/lib/apt/lists/*
ENV PATH="~/.composer/vendor/bin:./vendor/bin:${PATH}"
COPY . /var/www/
WORKDIR /var/www/
RUN cp -r storage storage.skel \
&& cp contrib/docker/php.ini /usr/local/etc/php/conf.d/pixelfed.ini \
&& composer global require hirak/prestissimo --no-interaction --no-suggest --prefer-dist \
&& composer install --prefer-dist --no-interaction \
&& composer global remove hirak/prestissimo \
&& rm -rf html && ln -s public html
RUN cp -r storage storage.skel
RUN composer global require hirak/prestissimo --no-interaction --no-suggest --prefer-dist
RUN composer install --prefer-dist --no-interaction --no-ansi --optimize-autoloader
RUN composer global remove hirak/prestissimo
RUN rm -rf html && ln -s public html
VOLUME /var/www/storage /var/www/bootstrap
ENV APP_ENV=production \
APP_DEBUG=false \
LOG_CHANNEL=stderr \
DB_CONNECTION=mysql \
DB_PORT=3306 \
DB_HOST=db \
BROADCAST_DRIVER=log \
QUEUE_DRIVER=redis \
HORIZON_PREFIX=horizon-pixelfed \
REDIS_HOST=redis \
SESSION_SECURE_COOKIE=true \
API_BASE="/api/1/" \
API_SEARCH="/api/search" \
OPEN_REGISTRATION=true \
ENFORCE_EMAIL_VERIFICATION=true \
REMOTE_FOLLOW=false \
ACTIVITY_PUB=false
CMD /var/www/contrib/docker/start.sh
CMD ["/var/www/contrib/docker/start.apache.sh"]

View file

@ -1,66 +1,94 @@
FROM php:7.4-fpm-buster
ARG COMPOSER_VERSION="1.9.1"
ARG COMPOSER_CHECKSUM="1f210b9037fcf82670d75892dfc44400f13fe9ada7af9e787f93e50e3b764111"
RUN apt-get update \
&& apt-get install -y --no-install-recommends apt-utils \
&& apt-get install -y --no-install-recommends git gosu ffmpeg \
optipng pngquant jpegoptim gifsicle libpq-dev libsqlite3-dev locales zip unzip libzip-dev libcurl4-openssl-dev \
libfreetype6 libicu-dev libjpeg62-turbo libpng16-16 libxpm4 libwebp6 libmagickwand-6.q16-6 \
libfreetype6-dev libjpeg62-turbo-dev libpng-dev libxpm-dev libwebp-dev libmagickwand-dev mariadb-client\
&& sed -i '/en_US/s/^#//g' /etc/locale.gen \
&& locale-gen && update-locale \
&& docker-php-source extract \
&& docker-php-ext-configure gd \
# Use the default production configuration
COPY contrib/docker/php.production.ini "$PHP_INI_DIR/php.ini"
# Install Composer
ENV COMPOSER_VERSION 1.9.2
ENV COMPOSER_HOME /var/www/.composer
RUN curl -o /tmp/composer-setup.php https://getcomposer.org/installer \
&& curl -o /tmp/composer-setup.sig https://composer.github.io/installer.sig \
&& php -r "if (hash('SHA384', file_get_contents('/tmp/composer-setup.php')) !== trim(file_get_contents('/tmp/composer-setup.sig'))) { unlink('/tmp/composer-setup.php'); echo 'Invalid installer' . PHP_EOL; exit(1); }" \
&& php /tmp/composer-setup.php --no-ansi --install-dir=/usr/local/bin --filename=composer --version=${COMPOSER_VERSION} && rm -rf /tmp/composer-setup.php
# Update OS Packages
RUN apt-get update
# Install OS Packages
RUN apt-get install -y --no-install-recommends apt-utils
RUN apt-get install -y --no-install-recommends \
## Standard
locales locales-all \
git \
gosu \
zip \
unzip \
libzip-dev \
libcurl4-openssl-dev \
## Image Optimization
optipng \
pngquant \
jpegoptim \
gifsicle \
## Image Processing
libjpeg62-turbo-dev \
libpng-dev \
# Required for GD
libxpm4 \
libxpm-dev \
libwebp6 \
libwebp-dev \
## Video Processing
ffmpeg
# Update Local data
RUN sed -i '/en_US/s/^#//g' /etc/locale.gen && locale-gen && update-locale
# Install PHP extensions
RUN docker-php-source extract
#PHP Imagemagick extensions
RUN apt-get install -y --no-install-recommends libmagickwand-dev
RUN pecl install imagick
RUN docker-php-ext-enable imagick
# PHP GD extensions
RUN docker-php-ext-configure gd \
--with-freetype \
--with-jpeg \
--with-webp \
--with-xpm \
&& docker-php-ext-install pdo_mysql pdo_pgsql pdo_sqlite pcntl gd exif bcmath intl zip curl \
&& docker-php-ext-enable pcntl gd exif zip curl \
&& curl -LsS https://getcomposer.org/download/${COMPOSER_VERSION}/composer.phar -o /usr/bin/composer \
&& echo "${COMPOSER_CHECKSUM} /usr/bin/composer" | sha256sum -c - \
&& chmod 755 /usr/bin/composer \
&& apt-get autoremove --purge -y \
libfreetype6-dev libjpeg62-turbo-dev libpng-dev libxpm-dev libvpx-dev libmagickwand-dev \
&& rm -rf /var/cache/apt \
&& docker-php-source delete
--with-xpm
RUN docker-php-ext-install -j$(nproc) gd
#PHP Redis extensions
RUN pecl install redis
RUN docker-php-ext-enable redis
#PHP Database extensions
RUN apt-get install -y --no-install-recommends libpq-dev libsqlite3-dev
RUN docker-php-ext-install pdo_mysql pdo_pgsql pdo_sqlite
#PHP extensions (dependencies)
RUN docker-php-ext-configure intl
RUN docker-php-ext-install -j$(nproc) intl bcmath zip pcntl exif curl
#Cleanup
RUN docker-php-source delete
RUN apt-get autoremove --purge -y
RUN rm -rf /var/cache/apt
RUN rm -rf /var/lib/apt/lists/*
ENV PATH="~/.composer/vendor/bin:./vendor/bin:${PATH}"
COPY . /var/www/
WORKDIR /var/www/
RUN cp -r storage storage.skel \
&& cp contrib/docker/php.ini /usr/local/etc/php/conf.d/pixelfed.ini \
&& composer global require hirak/prestissimo --no-interaction --no-suggest --prefer-dist \
&& composer install --prefer-dist --no-interaction \
&& composer global remove hirak/prestissimo \
&& rm -rf html && ln -s public html
RUN cp -r storage storage.skel
RUN composer global require hirak/prestissimo --no-interaction --no-suggest --prefer-dist
RUN composer install --prefer-dist --no-interaction --no-ansi --optimize-autoloader
RUN composer global remove hirak/prestissimo
RUN rm -rf html && ln -s public html
VOLUME /var/www/storage /var/www/bootstrap
ENV APP_ENV=production \
APP_DEBUG=false \
LOG_CHANNEL=stderr \
DB_CONNECTION=mysql \
DB_PORT=3306 \
DB_HOST=db \
BROADCAST_DRIVER=log \
QUEUE_DRIVER=redis \
HORIZON_PREFIX=horizon-pixelfed \
REDIS_HOST=redis \
SESSION_SECURE_COOKIE=true \
API_BASE="/api/1/" \
API_SEARCH="/api/search" \
OPEN_REGISTRATION=true \
ENFORCE_EMAIL_VERIFICATION=true \
REMOTE_FOLLOW=false \
ACTIVITY_PUB=false
CMD cp -r storage.skel/* storage/ \
&& chown -R www-data:www-data storage/ \
&& php artisan storage:link \
&& php artisan migrate --force \
&& php artisan update \
&& exec php-fpm
CMD ["/var/www/contrib/docker/start.fpm.sh"]

View file

@ -1,5 +0,0 @@
file_uploads = On
memory_limit = 128M
upload_max_filesize = 64M
post_max_size = 64M
max_execution_time = 600

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,15 @@
#!/bin/bash
# Create the storage tree if needed and fix permissions
cp -r storage.skel/* storage/
chown -R www-data:www-data storage/ bootstrap/
# Refresh the environment
php artisan storage:link
php artisan horizon:assets
php artisan route:cache
php artisan view:cache
php artisan config:cache
# Finally run Apache
exec apache2-foreground

View file

@ -0,0 +1,15 @@
#!/bin/bash
# Create the storage tree if needed and fix permissions
cp -r storage.skel/* storage/
chown -R www-data:www-data storage/ bootstrap/
# Refresh the environment
php artisan storage:link
php artisan horizon:assets
php artisan route:cache
php artisan view:cache
php artisan config:cache
# Finally run FPM
exec php-fpm

View file

@ -1,26 +0,0 @@
#!/bin/bash
# Create the storage tree if needed and fix permissions
cp -r storage.skel/* storage/
chown -R www-data:www-data storage/ bootstrap/
# Refresh the environment
php artisan storage:link
php artisan horizon:assets
php artisan route:cache
php artisan view:cache
php artisan config:cache
# Migrate database if the app was upgraded
# gosu www-data:www-data php artisan migrate --force
# Run other specific migratins if required
# gosu www-data:www-data php artisan update
# Run a worker if it is set as embedded
if [ "$HORIZON_EMBED" = "true" ]; then
gosu www-data:www-data php artisan horizon &
fi
# Finally run Apache
exec apache2-foreground

View file

@ -12,50 +12,49 @@ version: '3'
services:
## App and Worker
app:
# Comment to use dockerhub image
build:
context: .
dockerfile: contrib/docker/Dockerfile.apache
#dockerfile: contrib/docker/Dockerfile.fpm
image: pixelfed
restart: unless-stopped
## If you have a traefik running, uncomment this to expose Pixelfed
# labels:
# - traefik.enable=true
# - traefik.frontend.rule=Host:your.url
# - traefik.port=80
## If you have a standard reverse proxy, uncommit this to expose Pixelfed
# ports:
# - "127.0.0.1:8080:80"
env_file:
- ./.env
- ./.env.docker
volumes:
- "app-storage:/var/www/storage"
- "app-bootstrap:/var/www/bootstrap"
- "./.env:/var/www/.env"
- "./.env.docker:/var/www/.env"
networks:
- external
- internal
ports:
- "8080:80"
depends_on:
- postgres
- redis
worker: # Comment this whole block if HORIZON_EMBED is true.
# Comment to use dockerhub image
worker:
build:
context: .
dockerfile: contrib/docker/Dockerfile.apache
#dockerfile: contrib/docker/Dockerfile.fpm
image: pixelfed
restart: unless-stopped
env_file:
- ./.env
- ./.env.docker
volumes:
- "app-storage:/var/www/storage"
- "app-bootstrap:/var/www/bootstrap"
networks:
- external # Required for ActivityPub
- external
- internal
command: gosu www-data php artisan horizon
depends_on:
- postgres
- redis
## DB and Cache
db:
image: mysql:8.0
restart: unless-stopped
@ -78,10 +77,9 @@ services:
networks:
- internal
# Adjust your volume data in order to store data where you wish
volumes:
redis-data:
db-data:
keydb-data:
postgres-data:
app-storage:
app-bootstrap: