Merge pull request #281 from TeDomum/dev

Create an Apache based Docker image ready for production
This commit is contained in:
daniel 2018-08-23 18:14:45 -06:00 committed by GitHub
commit ad5651e465
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 184 additions and 67 deletions

View file

@ -1,6 +1,6 @@
storage
data
Dockerfile
contrib/docker/Dockerfile.*
docker-compose*.yml
.dockerignore
.git

View file

@ -1,31 +0,0 @@
FROM php:7.2.6-fpm-alpine
ARG COMPOSER_VERSION="1.6.5"
ARG COMPOSER_CHECKSUM="67bebe9df9866a795078bb2cf21798d8b0214f2e0b2fd81f2e907a8ef0be3434"
RUN apk add --no-cache --virtual .build build-base autoconf imagemagick-dev libtool && \
apk --no-cache add imagemagick git && \
docker-php-ext-install pdo_mysql pcntl bcmath && \
pecl install imagick && \
docker-php-ext-enable imagick pcntl imagick && \
curl -LsS https://getcomposer.org/download/${COMPOSER_VERSION}/composer.phar -o /tmp/composer.phar && \
echo "${COMPOSER_CHECKSUM} /tmp/composer.phar" | sha256sum -c - && \
install -m0755 -o root -g root /tmp/composer.phar /usr/bin/composer.phar && \
ln -sf /usr/bin/composer.phar /usr/bin/composer && \
rm /tmp/composer.phar && \
apk --no-cache del --purge .build
COPY . /var/www/html/
WORKDIR /var/www/html
RUN install -d -m0755 -o www-data -g www-data \
/var/www/html/storage \
/var/www/html/storage/framework \
/var/www/html/storage/logs \
/var/www/html/storage/framework/sessions \
/var/www/html/storage/framework/views \
/var/www/html/storage/framework/cache && \
composer install --prefer-source --no-interaction
VOLUME ["/var/www/html"]
ENV PATH="~/.composer/vendor/bin:./vendor/bin:${PATH}"

1
Dockerfile Symbolic link
View file

@ -0,0 +1 @@
contrib/docker/Dockerfile.apache

27
config/trustedproxy.php Normal file
View file

@ -0,0 +1,27 @@
<?php
return [
/*
* Set trusted proxy IP addresses.
*
* Both IPv4 and IPv6 addresses are
* supported, along with CIDR notation.
*
* The "*" character is syntactic sugar
* within TrustedProxy to trust any proxy
* that connects directly to your server,
* a requirement when you cannot know the address
* of your proxy (e.g. if using Rackspace balancers).
*
* The "**" character is syntactic sugar within
* TrustedProxy to trust not just any proxy that
* connects directly to your server, but also
* proxies that connect to those proxies, and all
* the way back until you reach the original source
* IP. It will mean that $request->getClientIp()
* always gets the originating client IP, no matter
* how many proxies that client's request has
* subsequently passed through.
*/
'proxies' => explode(',', env('TRUST_PROXIES', '')),
];

View file

@ -0,0 +1,59 @@
FROM php:7-apache
ARG COMPOSER_VERSION="1.6.5"
ARG COMPOSER_CHECKSUM="67bebe9df9866a795078bb2cf21798d8b0214f2e0b2fd81f2e907a8ef0be3434"
RUN apt-get update \
&& apt-get install -y --no-install-recommends git \
optipng pngquant jpegoptim gifsicle \
libfreetype6 libjpeg62-turbo libpng16-16 libxpm4 libvpx4 libmagickwand-6.q16-3 \
libfreetype6-dev libjpeg62-turbo-dev libpng-dev libxpm-dev libvpx-dev libmagickwand-dev \
&& docker-php-source extract \
&& docker-php-ext-configure gd \
--with-freetype-dir=/usr/lib/x86_64-linux-gnu/ \
--with-jpeg-dir=/usr/lib/x86_64-linux-gnu/ \
--with-xpm-dir=/usr/lib/x86_64-linux-gnu/ \
--with-vpx-dir=/usr/lib/x86_64-linux-gnu/ \
&& docker-php-ext-install pdo_mysql pcntl gd exif bcmath \
&& pecl install imagick \
&& docker-php-ext-enable imagick pcntl imagick gd exif \
&& a2enmod rewrite \
&& curl -LsS https://getcomposer.org/download/${COMPOSER_VERSION}/composer.phar -o /usr/bin/composer \
&& echo "${COMPOSER_CHECKSUM} /usr/bin/composer" | sha256sum -c - \
&& chmod 755 /usr/bin/composer \
&& apt-get autoremove --purge -y \
libfreetype6-dev libjpeg62-turbo-dev libpng-dev libxpm-dev libvpx-dev libmagickwand-dev \
&& rm -rf /var/cache/apt \
&& docker-php-source delete
ENV PATH="~/.composer/vendor/bin:./vendor/bin:${PATH}"
COPY . /var/www/
WORKDIR /var/www/
RUN cp -r storage storage.skel \
&& cp contrib/docker/php.ini /usr/local/etc/php/conf.d/pixelfed.ini \
&& composer install --prefer-source --no-interaction \
&& rm -rf html && ln -s public html
VOLUME ["/var/www/storage"]
ENV APP_ENV=production \
APP_DEBUG=false \
LOG_CHANNEL=stderr \
DB_CONNECTION=mysql \
DB_PORT=3306 \
DB_HOST=db \
BROADCAST_DRIVER=log \
QUEUE_DRIVER=redis \
HORIZON_PREFIX=horizon-pixelfed \
REDIS_HOST=redis \
SESSION_SECURE_COOKIE=true \
API_BASE="/api/1/" \
API_SEARCH="/api/search" \
OPEN_REGISTRATION=true \
ENFORCE_EMAIL_VERIFICATION=true \
REMOTE_FOLLOW=false \
ACTIVITY_PUB=false
CMD /var/www/contrib/docker/start.sh

View file

@ -0,0 +1,31 @@
FROM php:7.2.6-fpm-alpine
ARG COMPOSER_VERSION="1.6.5"
ARG COMPOSER_CHECKSUM="67bebe9df9866a795078bb2cf21798d8b0214f2e0b2fd81f2e907a8ef0be3434"
RUN apk add --no-cache --virtual .build build-base autoconf imagemagick-dev libtool && \
apk --no-cache add imagemagick git && \
docker-php-ext-install pdo_mysql pcntl && \
pecl install imagick && \
docker-php-ext-enable imagick pcntl imagick && \
curl -LsS https://getcomposer.org/download/${COMPOSER_VERSION}/composer.phar -o /tmp/composer.phar && \
echo "${COMPOSER_CHECKSUM} /tmp/composer.phar" | sha256sum -c - && \
install -m0755 -o root -g root /tmp/composer.phar /usr/bin/composer.phar && \
ln -sf /usr/bin/composer.phar /usr/bin/composer && \
rm /tmp/composer.phar && \
apk --no-cache del --purge .build
COPY . /var/www/html/
WORKDIR /var/www/html
RUN install -d -m0755 -o www-data -g www-data \
/var/www/html/storage \
/var/www/html/storage/framework \
/var/www/html/storage/logs \
/var/www/html/storage/framework/sessions \
/var/www/html/storage/framework/views \
/var/www/html/storage/framework/cache && \
composer install --prefer-source --no-interaction
VOLUME ["/var/www/html"]
ENV PATH="~/.composer/vendor/bin:./vendor/bin:${PATH}"

5
contrib/docker/php.ini Normal file
View file

@ -0,0 +1,5 @@
file_uploads = On
memory_limit = 64M
upload_max_filesize = 64M
post_max_size = 64M
max_execution_time = 600

17
contrib/docker/start.sh Executable file
View file

@ -0,0 +1,17 @@
#!/bin/bash
# Create the storage tree if needed and fix permissions
cp -r storage.skel/* storage/
chown -R www-data:www-data storage/
php artisan storage:link
# Migrate database if the app was upgraded
php artisan migrate --force
# Run a worker if it is set as embedded
if [ HORIZON_EMBED = true ]; then
php artisan horizon &
fi
# Finally run Apache
exec apache2-foreground

View file

@ -1,49 +1,56 @@
---
version: '3'
services:
nginx:
image: nginx:alpine
networks:
- internal
- external
ports:
- 3000:80
volumes:
- "php-storage:/var/www/html"
- ./contrib/nginx.conf:/etc/nginx/conf.d/default.conf
depends_on:
- php
php:
build: .
# In order to set configuration, please use a .env file in
# your compose project directory (the same directory as your
# docker-compose.yml), and set database options, application
# name, key, and other settings there.
# A list of available settings is available in .env.example
#
# The services should scale properly across a swarm cluster
# if the volumes are properly shared between cluster members.
services:
app:
# Uncomment to build a local copy of the image
# build: .
image: pixelfed
volumes:
- "php-storage:/var/www/html"
networks:
- internal
environment:
- DB_HOST=mysql
- DB_DATABASE=pixelfed
- DB_USERNAME=${DB_USERNAME:-pixelfed}
- DB_PASSWORD=${DB_PASSWORD:-pixelfed}
- REDIS_HOST=redis
- APP_KEY=${APP_KEY}
# If you have a traefik running, uncomment this to expose Pixelfed
# labels:
# - traefik.enable=true
# - traefik.frontend.rule=Host:your.url
# - traefik.port=80
env_file:
- ./.env
volumes:
- "app-storage:/var/www/storage"
networks:
- external
- internal
mysql:
# Uncomment if you set HORIZON_EMBED to false and wish to run a local worker
# worker:
# image: pixelfed
# env_file:
# - ./.env
# volumes:
# - "app-storage:/var/www/storage"
# networks:
# - internal
# command: php artisan horizon
db:
image: mysql:5.7
networks:
- internal
environment:
- MYSQL_DATABASE=pixelfed
- MYSQL_USER=${DB_USERNAME:-pixelfed}
- MYSQL_PASSWORD=${DB_PASSWORD:-pixelfed}
- MYSQL_RANDOM_ROOT_PASSWORD="true"
env_file:
- ./.env
- MYSQL_USER=${DB_USERNAME}
- MYSQL_PASSWORD=${DB_PASSWORD}
- MYSQL_RANDOM_ROOT_PASSWORD=true
volumes:
- "mysql-data:/var/lib/mysql"
- "db-data:/var/lib/mysql"
redis:
image: redis:4-alpine
@ -52,10 +59,11 @@ services:
networks:
- internal
# Adjust your volume data in order to store data where you wish
volumes:
redis-data:
mysql-data:
php-storage:
db-data:
app-storage:
networks:
internal: