From 7989be371bab0d29e06ba1262f9af5f1d06e1dea Mon Sep 17 00:00:00 2001 From: Alexis Saettler Date: Tue, 12 May 2020 21:06:40 +0200 Subject: [PATCH] Integrate feedback from tianon (#10) --- .../docker-compose.yml | 5 -- .../web/Dockerfile | 6 +++ .examples/nginx-proxy/docker-compose.yml | 5 -- .examples/nginx-proxy/web/Dockerfile | 6 +++ .examples/supervisor/apache/app/Dockerfile | 2 +- .../supervisor/apache/docker-compose.yml | 2 - .../supervisor/fpm-alpine/app/Dockerfile | 2 +- .../supervisor/fpm-alpine/docker-compose.yml | 5 +- .../supervisor/fpm-alpine/web/Dockerfile | 6 +++ .examples/supervisor/fpm/app/Dockerfile | 2 +- .examples/supervisor/fpm/docker-compose.yml | 3 -- .examples/supervisor/fpm/web/Dockerfile | 6 +++ Dockerfile-alpine.template | 46 ++++++----------- Dockerfile-debian.template | 40 ++++++--------- README.md | 14 +++--- apache/Dockerfile | 43 ++++++---------- apache/entrypoint.sh | 24 +-------- apache/upgrade.exclude | 1 - build.sh | 10 ++++ docker-entrypoint.sh | 24 +-------- fpm-alpine/Dockerfile | 49 +++++++------------ fpm-alpine/entrypoint.sh | 24 +-------- fpm-alpine/upgrade.exclude | 1 - fpm/Dockerfile | 43 ++++++---------- fpm/entrypoint.sh | 24 +-------- fpm/upgrade.exclude | 1 - update.sh | 5 +- upgrade.exclude | 1 - 28 files changed, 133 insertions(+), 267 deletions(-) delete mode 100644 apache/upgrade.exclude create mode 100755 build.sh delete mode 100644 fpm-alpine/upgrade.exclude delete mode 100644 fpm/upgrade.exclude delete mode 100644 upgrade.exclude diff --git a/.examples/nginx-proxy-self-signed-ssl/docker-compose.yml b/.examples/nginx-proxy-self-signed-ssl/docker-compose.yml index 036f1dc..c10b87c 100644 --- a/.examples/nginx-proxy-self-signed-ssl/docker-compose.yml +++ b/.examples/nginx-proxy-self-signed-ssl/docker-compose.yml @@ -26,7 +26,6 @@ services: env_file: .env volumes: - data:/var/www/html/storage - - www:/var/www/html restart: always depends_on: - db @@ -53,7 +52,6 @@ services: restart: always volumes: - data:/var/www/html/storage - - www:/var/www/html:ro command: cron.sh depends_on: - db @@ -65,7 +63,6 @@ services: restart: always volumes: - data:/var/www/html/storage - - www:/var/www/html:ro command: queue.sh depends_on: - db @@ -78,7 +75,6 @@ services: - VIRTUAL_HOST=monica.local volumes: - data:/var/www/html/storage:ro - - www:/var/www/html:ro depends_on: - app networks: @@ -115,7 +111,6 @@ services: volumes: data: - www: db: certs: diff --git a/.examples/nginx-proxy-self-signed-ssl/web/Dockerfile b/.examples/nginx-proxy-self-signed-ssl/web/Dockerfile index 9e620af..91f9a21 100644 --- a/.examples/nginx-proxy-self-signed-ssl/web/Dockerfile +++ b/.examples/nginx-proxy-self-signed-ssl/web/Dockerfile @@ -1,3 +1,9 @@ +FROM monica:fpm AS monica + FROM nginx:alpine COPY nginx.conf /etc/nginx/nginx.conf + +# Copy content of monica image +COPY --from=monica /var/www/html /var/www/html +RUN ln -sf /var/www/html/storage/app/public /var/www/html/public/storage diff --git a/.examples/nginx-proxy/docker-compose.yml b/.examples/nginx-proxy/docker-compose.yml index 6964fdb..5fc55ca 100644 --- a/.examples/nginx-proxy/docker-compose.yml +++ b/.examples/nginx-proxy/docker-compose.yml @@ -25,7 +25,6 @@ services: env_file: .env volumes: - data:/var/www/html/storage - - www:/var/www/html restart: always depends_on: - db @@ -52,7 +51,6 @@ services: restart: always volumes: - data:/var/www/html/storage - - www:/var/www/html:ro command: cron.sh depends_on: - db @@ -64,7 +62,6 @@ services: restart: always volumes: - data:/var/www/html/storage - - www:/var/www/html:ro command: queue.sh depends_on: - db @@ -79,7 +76,6 @@ services: - LETSENCRYPT_EMAIL= volumes: - data:/var/www/html/storage:ro - - www:/var/www/html:ro depends_on: - app networks: @@ -117,7 +113,6 @@ services: volumes: data: - www: mysql: certs: vhost.d: diff --git a/.examples/nginx-proxy/web/Dockerfile b/.examples/nginx-proxy/web/Dockerfile index 9e620af..91f9a21 100644 --- a/.examples/nginx-proxy/web/Dockerfile +++ b/.examples/nginx-proxy/web/Dockerfile @@ -1,3 +1,9 @@ +FROM monica:fpm AS monica + FROM nginx:alpine COPY nginx.conf /etc/nginx/nginx.conf + +# Copy content of monica image +COPY --from=monica /var/www/html /var/www/html +RUN ln -sf /var/www/html/storage/app/public /var/www/html/public/storage diff --git a/.examples/supervisor/apache/app/Dockerfile b/.examples/supervisor/apache/app/Dockerfile index bb016a1..590187e 100644 --- a/.examples/supervisor/apache/app/Dockerfile +++ b/.examples/supervisor/apache/app/Dockerfile @@ -10,4 +10,4 @@ RUN set -ex; \ rm -rf /var/lib/apt/lists/* COPY supervisord.conf /etc/supervisord.conf -CMD ["supervisord", "-c /etc/supervisord.conf"] +CMD ["supervisord", "-c", "/etc/supervisord.conf"] diff --git a/.examples/supervisor/apache/docker-compose.yml b/.examples/supervisor/apache/docker-compose.yml index 098bf43..4ebfa68 100644 --- a/.examples/supervisor/apache/docker-compose.yml +++ b/.examples/supervisor/apache/docker-compose.yml @@ -10,7 +10,6 @@ services: - 80:80 volumes: - data:/var/www/html/storage - - www:/var/www/html restart: always db: @@ -26,5 +25,4 @@ services: volumes: data: - www: mysql: diff --git a/.examples/supervisor/fpm-alpine/app/Dockerfile b/.examples/supervisor/fpm-alpine/app/Dockerfile index 3bf09a3..37e0091 100644 --- a/.examples/supervisor/fpm-alpine/app/Dockerfile +++ b/.examples/supervisor/fpm-alpine/app/Dockerfile @@ -8,4 +8,4 @@ RUN set -ex; \ ; COPY supervisord.conf /etc/supervisord.conf -CMD ["supervisord", "-c /etc/supervisord.conf"] +CMD ["supervisord", "-c", "/etc/supervisord.conf"] diff --git a/.examples/supervisor/fpm-alpine/docker-compose.yml b/.examples/supervisor/fpm-alpine/docker-compose.yml index cc742f2..645ed10 100644 --- a/.examples/supervisor/fpm-alpine/docker-compose.yml +++ b/.examples/supervisor/fpm-alpine/docker-compose.yml @@ -8,17 +8,15 @@ services: env_file: .env volumes: - data:/var/www/html/storage - - www:/var/www/html restart: always web: build: ./web restart: always ports: - - 80:80 + - 8880:80 volumes: - data:/var/www/html/storage:ro - - www:/var/www/html:ro depends_on: - app @@ -35,5 +33,4 @@ services: volumes: data: - www: mysql: diff --git a/.examples/supervisor/fpm-alpine/web/Dockerfile b/.examples/supervisor/fpm-alpine/web/Dockerfile index 9e620af..d5a20c3 100644 --- a/.examples/supervisor/fpm-alpine/web/Dockerfile +++ b/.examples/supervisor/fpm-alpine/web/Dockerfile @@ -1,3 +1,9 @@ +FROM monica:fpm-alpine AS monica + FROM nginx:alpine COPY nginx.conf /etc/nginx/nginx.conf + +# Copy content of monica image +COPY --from=monica /var/www/html /var/www/html +RUN ln -sf /var/www/html/storage/app/public /var/www/html/public/storage diff --git a/.examples/supervisor/fpm/app/Dockerfile b/.examples/supervisor/fpm/app/Dockerfile index 1aeedb8..ed7ddc1 100644 --- a/.examples/supervisor/fpm/app/Dockerfile +++ b/.examples/supervisor/fpm/app/Dockerfile @@ -10,4 +10,4 @@ RUN set -ex; \ rm -rf /var/lib/apt/lists/* COPY supervisord.conf /etc/supervisord.conf -CMD ["supervisord", "-c /etc/supervisord.conf"] +CMD ["supervisord", "-c", "/etc/supervisord.conf"] diff --git a/.examples/supervisor/fpm/docker-compose.yml b/.examples/supervisor/fpm/docker-compose.yml index cc742f2..627d12d 100644 --- a/.examples/supervisor/fpm/docker-compose.yml +++ b/.examples/supervisor/fpm/docker-compose.yml @@ -8,7 +8,6 @@ services: env_file: .env volumes: - data:/var/www/html/storage - - www:/var/www/html restart: always web: @@ -18,7 +17,6 @@ services: - 80:80 volumes: - data:/var/www/html/storage:ro - - www:/var/www/html:ro depends_on: - app @@ -35,5 +33,4 @@ services: volumes: data: - www: mysql: diff --git a/.examples/supervisor/fpm/web/Dockerfile b/.examples/supervisor/fpm/web/Dockerfile index 9e620af..91f9a21 100644 --- a/.examples/supervisor/fpm/web/Dockerfile +++ b/.examples/supervisor/fpm/web/Dockerfile @@ -1,3 +1,9 @@ +FROM monica:fpm AS monica + FROM nginx:alpine COPY nginx.conf /etc/nginx/nginx.conf + +# Copy content of monica image +COPY --from=monica /var/www/html /var/www/html +RUN ln -sf /var/www/html/storage/app/public /var/www/html/public/storage diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index 3fa3423..243d4ef 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -9,9 +9,7 @@ RUN set -ex; \ apk add --no-cache \ bash \ coreutils \ - rsync \ - ; \ - rm -rf /var/cache/apk/* + rsync # Install required PHP extensions RUN set -ex; \ @@ -71,9 +69,8 @@ RUN set -ex; \ | sort -u \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ )"; \ - apk add --virtual .monica-phpext-rundeps $runDeps; \ - apk del .build-deps; \ - rm -rf /var/cache/apk/* + apk add --no-network --virtual .monica-phpext-rundeps $runDeps; \ + apk del --no-network .build-deps # Set crontab for schedules RUN set -ex; \ @@ -86,14 +83,16 @@ ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS="0" \ PHP_OPCACHE_MAX_ACCELERATED_FILES="20000" \ PHP_OPCACHE_MEMORY_CONSUMPTION="192" \ PHP_OPCACHE_MAX_WASTED_PERCENTAGE="10" -RUN { \ +RUN set -ex; \ + \ + { \ echo '[opcache]'; \ echo 'opcache.enable=1'; \ echo 'opcache.revalidate_freq=0'; \ - echo "opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}"; \ - echo "opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}"; \ - echo "opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}"; \ - echo "opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}"; \ + echo 'opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}'; \ + echo 'opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ + echo 'opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}'; \ echo 'opcache.interned_strings_buffer=16'; \ echo 'opcache.fast_shutdown=1'; \ } > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \ @@ -102,21 +101,12 @@ RUN { \ \ echo 'memory_limit=512M' > $PHP_INI_DIR/conf.d/memory-limit.ini -# Sentry -RUN if [ $(uname -m) = "x86_64" ]; then \ - PLATFORM=$(uname -s); \ - if [ "$PLATFORM" = "Linux" -o "$PLATFORM" = "Windows" -o "$PLATFORM" = "Darwin" ]; then \ - mkdir -p /root/.local/bin; \ - curl -sL https://sentry.io/get-cli/ | INSTALL_DIR=/root/.local/bin bash; \ - fi \ - fi -VOLUME /var/www/html +WORKDIR /var/www/html # Define Monica version and expected SHA512 signature ENV MONICA_VERSION %%VERSION%% ENV MONICA_SHA512 %%SHA512%% -ENV MONICA_SRC /usr/src/monica RUN set -ex; \ apk add --no-cache --virtual .fetch-deps \ @@ -124,20 +114,16 @@ RUN set -ex; \ ; \ \ curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ - echo "$MONICA_SHA512 *monica.tar.bz2" | sha512sum -c -; \ + echo "$MONICA_SHA512 monica.tar.bz2" | sha512sum -c -; \ \ - mkdir $MONICA_SRC; \ - tar -xf monica.tar.bz2 -C $MONICA_SRC --strip-components=1; \ + tar -xf monica.tar.bz2 -C /var/www/html --strip-components=1; \ rm monica.tar.bz2; \ \ - cp $MONICA_SRC/.env.example $MONICA_SRC/.env; \ - chown -R www-data:www-data $MONICA_SRC; \ + cp /var/www/html/.env.example /var/www/html/.env; \ + chown -R www-data:www-data /var/www/html; \ \ - apk del .fetch-deps; \ - rm -rf /var/cache/apk/* + apk del .fetch-deps -COPY upgrade.exclude \ - /usr/local/share/ COPY entrypoint.sh \ queue.sh \ cron.sh \ diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index afed693..d172c22 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -7,7 +7,6 @@ FROM php:%%PHP_VERSION%%-%%VARIANT%% RUN set -ex; \ \ apt-get update; \ - apt-get -y autoremove; \ apt-get install -y --no-install-recommends \ rsync \ bash \ @@ -95,14 +94,16 @@ ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS="0" \ PHP_OPCACHE_MAX_ACCELERATED_FILES="20000" \ PHP_OPCACHE_MEMORY_CONSUMPTION="192" \ PHP_OPCACHE_MAX_WASTED_PERCENTAGE="10" -RUN { \ +RUN set -ex; \ + \ + { \ echo '[opcache]'; \ echo 'opcache.enable=1'; \ echo 'opcache.revalidate_freq=0'; \ - echo "opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}"; \ - echo "opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}"; \ - echo "opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}"; \ - echo "opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}"; \ + echo 'opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}'; \ + echo 'opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ + echo 'opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}'; \ echo 'opcache.interned_strings_buffer=16'; \ echo 'opcache.fast_shutdown=1'; \ } > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \ @@ -111,37 +112,26 @@ RUN { \ \ echo 'memory_limit=512M' > $PHP_INI_DIR/conf.d/memory-limit.ini -# Sentry -RUN if [ $(uname -m) = "x86_64" ]; then \ - PLATFORM=$(uname -s); \ - if [ "$PLATFORM" = "Linux" -o "$PLATFORM" = "Windows" -o "$PLATFORM" = "Darwin" ]; then \ - mkdir -p /root/.local/bin; \ - curl -sL https://sentry.io/get-cli/ | INSTALL_DIR=/root/.local/bin bash; \ - fi \ - fi -VOLUME /var/www/html +WORKDIR /var/www/html # Define Monica version and expected SHA512 signature ENV MONICA_VERSION %%VERSION%% ENV MONICA_SHA512 %%SHA512%% -ENV MONICA_SRC /usr/src/monica %%APACHE_DOCUMENT%% -RUN set -eu; \ - curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ - echo "$MONICA_SHA512 *monica.tar.bz2" | sha512sum -c -; \ +RUN set -ex; \ \ - mkdir $MONICA_SRC; \ - tar -xf monica.tar.bz2 -C $MONICA_SRC --strip-components=1; \ + curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ + echo "$MONICA_SHA512 monica.tar.bz2" | sha512sum -c -; \ + \ + tar -xf monica.tar.bz2 -C /var/www/html --strip-components=1; \ rm monica.tar.bz2; \ \ - cp $MONICA_SRC/.env.example $MONICA_SRC/.env; \ - chown -R www-data:www-data $MONICA_SRC + cp /var/www/html/.env.example /var/www/html/.env; \ + chown -R www-data:www-data /var/www/html -COPY upgrade.exclude \ - /usr/local/share/ COPY entrypoint.sh \ queue.sh \ cron.sh \ diff --git a/README.md b/README.md index 242931e..4ee1ec7 100644 --- a/README.md +++ b/README.md @@ -142,10 +142,13 @@ When using FPM image, you will need another container with a webserver to proxy The webserver will need an access to all static files from Monica container, the volumes `html` will deal with it. -1. Download `nginx.conf` file. An example can be found on the [`example section`](/.examples/nginx-proxy/web/nginx.conf) +1. Download `nginx.conf` and `Dockerfile` file for nginx image. An example can be found on the [`example section`](/.examples/nginx-proxy/web/) ```sh - curl -sSL https://raw.githubusercontent.com/monicahq/docker/master/.examples/nginx-proxy/web/nginx.conf -o nginx.conf + mkdir web + curl -sSL https://raw.githubusercontent.com/monicahq/docker/master/.examples/nginx-proxy/web/nginx.conf -o web/nginx.conf + curl -sSL https://raw.githubusercontent.com/monicahq/docker/master/.examples/nginx-proxy/web/Dockerfile -o web/Dockerfile ``` +The `web` container image should be pre-build before each deploy with: `docker-compose build` 2. Create a `docker-compose.yml` file @@ -161,19 +164,16 @@ services: - APP_KEY= - DB_HOST=db volumes: - - html:/var/www/html - data:/var/www/html/storage restart: always web: - image: nginx + build: ./web ports: - 8080:80 depends_on: - app volumes: - - ./nginx.conf:/etc/nginx/nginx.conf:ro - - html:/var/www/html:ro - data:/var/www/html/storage:ro restart: always @@ -191,8 +191,6 @@ services: volumes: data: name: data - html: - name: html mysql: name: mysql ``` diff --git a/apache/Dockerfile b/apache/Dockerfile index 2565117..3e673c2 100644 --- a/apache/Dockerfile +++ b/apache/Dockerfile @@ -1,8 +1,7 @@ FROM php:7.3-apache # opencontainers annotations https://github.com/opencontainers/image-spec/blob/master/annotations.md -LABEL maintainer="Alexis Saettler (@asbiin)" \ - org.opencontainers.image.authors="Alexis Saettler " \ +LABEL org.opencontainers.image.authors="Alexis Saettler " \ org.opencontainers.image.title="MonicaHQ, the Personal Relationship Manager" \ org.opencontainers.image.description="This is MonicaHQ, your personal memory! MonicaHQ is like a CRM but for the friends, family, and acquaintances around you." \ org.opencontainers.image.url="https://monicahq.com" \ @@ -15,7 +14,6 @@ LABEL maintainer="Alexis Saettler (@asbiin)" \ RUN set -ex; \ \ apt-get update; \ - apt-get -y autoremove; \ apt-get install -y --no-install-recommends \ rsync \ bash \ @@ -103,14 +101,16 @@ ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS="0" \ PHP_OPCACHE_MAX_ACCELERATED_FILES="20000" \ PHP_OPCACHE_MEMORY_CONSUMPTION="192" \ PHP_OPCACHE_MAX_WASTED_PERCENTAGE="10" -RUN { \ +RUN set -ex; \ + \ + { \ echo '[opcache]'; \ echo 'opcache.enable=1'; \ echo 'opcache.revalidate_freq=0'; \ - echo "opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}"; \ - echo "opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}"; \ - echo "opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}"; \ - echo "opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}"; \ + echo 'opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}'; \ + echo 'opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ + echo 'opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}'; \ echo 'opcache.interned_strings_buffer=16'; \ echo 'opcache.fast_shutdown=1'; \ } > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \ @@ -119,39 +119,28 @@ RUN { \ \ echo 'memory_limit=512M' > $PHP_INI_DIR/conf.d/memory-limit.ini -# Sentry -RUN if [ $(uname -m) = "x86_64" ]; then \ - PLATFORM=$(uname -s); \ - if [ "$PLATFORM" = "Linux" -o "$PLATFORM" = "Windows" -o "$PLATFORM" = "Darwin" ]; then \ - mkdir -p /root/.local/bin; \ - curl -sL https://sentry.io/get-cli/ | INSTALL_DIR=/root/.local/bin bash; \ - fi \ - fi -VOLUME /var/www/html +WORKDIR /var/www/html # Define Monica version and expected SHA512 signature ENV MONICA_VERSION v2.17.0 ENV MONICA_SHA512 9e208f3aee15eb8ffcd33aa834fc2a4c07ef3396234132d76e2563e0c17c596e5f505aa6527625b13be1f564f8583c4bbd2a54c44d26f8e9c8418d9636c8720b -ENV MONICA_SRC /usr/src/monica ENV APACHE_DOCUMENT_ROOT /var/www/html/public RUN set -eu; sed -ri -e "s!/var/www/html!${APACHE_DOCUMENT_ROOT}!g" /etc/apache2/sites-available/*.conf; \ sed -ri -e "s!/var/www/!${APACHE_DOCUMENT_ROOT}!g" /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf -RUN set -eu; \ - curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ - echo "$MONICA_SHA512 *monica.tar.bz2" | sha512sum -c -; \ +RUN set -ex; \ \ - mkdir $MONICA_SRC; \ - tar -xf monica.tar.bz2 -C $MONICA_SRC --strip-components=1; \ + curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ + echo "$MONICA_SHA512 monica.tar.bz2" | sha512sum -c -; \ + \ + tar -xf monica.tar.bz2 -C /var/www/html --strip-components=1; \ rm monica.tar.bz2; \ \ - cp $MONICA_SRC/.env.example $MONICA_SRC/.env; \ - chown -R www-data:www-data $MONICA_SRC + cp /var/www/html/.env.example /var/www/html/.env; \ + chown -R www-data:www-data /var/www/html -COPY upgrade.exclude \ - /usr/local/share/ COPY entrypoint.sh \ queue.sh \ cron.sh \ diff --git a/apache/entrypoint.sh b/apache/entrypoint.sh index d0bce7c..6170aab 100755 --- a/apache/entrypoint.sh +++ b/apache/entrypoint.sh @@ -1,9 +1,6 @@ #!/bin/bash -# return true if specified directory is empty -directory_empty() { - [ -z "$(ls -A "$1/")" ] -} +set -Eeuo pipefail # wait for the database to start waitfordb() { @@ -31,26 +28,9 @@ waitfordb() { if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - MONICASRC=/usr/src/monica MONICADIR=/var/www/html ARTISAN="php ${MONICADIR}/artisan" - # Update application sources - echo "Syncing sources..." - if [ "$(id -u)" = 0 ]; then - rsync_options="-rlDog --chown www-data:www-data" - else - rsync_options="-rlD" - fi - rsync $rsync_options --delete --exclude-from=/usr/local/share/upgrade.exclude $MONICASRC/ $MONICADIR/ - - for dir in storage; do - if [ ! -d "$MONICADIR/$dir" ] || directory_empty "$MONICADIR/$dir"; then - rsync $rsync_options --include "/$dir/" --exclude '/*' $MONICASRC/ $MONICADIR/ - fi - done - echo "...done!" - # Ensure storage directories are present STORAGE=${MONICADIR}/storage mkdir -p ${STORAGE}/logs @@ -86,4 +66,4 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then fi -exec $@ +exec "$@" diff --git a/apache/upgrade.exclude b/apache/upgrade.exclude deleted file mode 100644 index dbca33e..0000000 --- a/apache/upgrade.exclude +++ /dev/null @@ -1 +0,0 @@ -/storage diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..05c1f8a --- /dev/null +++ b/build.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -ex + +for variant in apache fpm fpm-alpine; do + pushd $variant + docker build --no-cache -t monica:$variant . + popd +done + +docker images diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index d0bce7c..6170aab 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,9 +1,6 @@ #!/bin/bash -# return true if specified directory is empty -directory_empty() { - [ -z "$(ls -A "$1/")" ] -} +set -Eeuo pipefail # wait for the database to start waitfordb() { @@ -31,26 +28,9 @@ waitfordb() { if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - MONICASRC=/usr/src/monica MONICADIR=/var/www/html ARTISAN="php ${MONICADIR}/artisan" - # Update application sources - echo "Syncing sources..." - if [ "$(id -u)" = 0 ]; then - rsync_options="-rlDog --chown www-data:www-data" - else - rsync_options="-rlD" - fi - rsync $rsync_options --delete --exclude-from=/usr/local/share/upgrade.exclude $MONICASRC/ $MONICADIR/ - - for dir in storage; do - if [ ! -d "$MONICADIR/$dir" ] || directory_empty "$MONICADIR/$dir"; then - rsync $rsync_options --include "/$dir/" --exclude '/*' $MONICASRC/ $MONICADIR/ - fi - done - echo "...done!" - # Ensure storage directories are present STORAGE=${MONICADIR}/storage mkdir -p ${STORAGE}/logs @@ -86,4 +66,4 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then fi -exec $@ +exec "$@" diff --git a/fpm-alpine/Dockerfile b/fpm-alpine/Dockerfile index 8c4945f..663bdc4 100644 --- a/fpm-alpine/Dockerfile +++ b/fpm-alpine/Dockerfile @@ -1,8 +1,7 @@ FROM php:7.3-fpm-alpine # opencontainers annotations https://github.com/opencontainers/image-spec/blob/master/annotations.md -LABEL maintainer="Alexis Saettler (@asbiin)" \ - org.opencontainers.image.authors="Alexis Saettler " \ +LABEL org.opencontainers.image.authors="Alexis Saettler " \ org.opencontainers.image.title="MonicaHQ, the Personal Relationship Manager" \ org.opencontainers.image.description="This is MonicaHQ, your personal memory! MonicaHQ is like a CRM but for the friends, family, and acquaintances around you." \ org.opencontainers.image.url="https://monicahq.com" \ @@ -17,9 +16,7 @@ RUN set -ex; \ apk add --no-cache \ bash \ coreutils \ - rsync \ - ; \ - rm -rf /var/cache/apk/* + rsync # Install required PHP extensions RUN set -ex; \ @@ -79,9 +76,8 @@ RUN set -ex; \ | sort -u \ | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ )"; \ - apk add --virtual .monica-phpext-rundeps $runDeps; \ - apk del .build-deps; \ - rm -rf /var/cache/apk/* + apk add --no-network --virtual .monica-phpext-rundeps $runDeps; \ + apk del --no-network .build-deps # Set crontab for schedules RUN set -ex; \ @@ -94,14 +90,16 @@ ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS="0" \ PHP_OPCACHE_MAX_ACCELERATED_FILES="20000" \ PHP_OPCACHE_MEMORY_CONSUMPTION="192" \ PHP_OPCACHE_MAX_WASTED_PERCENTAGE="10" -RUN { \ +RUN set -ex; \ + \ + { \ echo '[opcache]'; \ echo 'opcache.enable=1'; \ echo 'opcache.revalidate_freq=0'; \ - echo "opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}"; \ - echo "opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}"; \ - echo "opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}"; \ - echo "opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}"; \ + echo 'opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}'; \ + echo 'opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ + echo 'opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}'; \ echo 'opcache.interned_strings_buffer=16'; \ echo 'opcache.fast_shutdown=1'; \ } > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \ @@ -110,21 +108,12 @@ RUN { \ \ echo 'memory_limit=512M' > $PHP_INI_DIR/conf.d/memory-limit.ini -# Sentry -RUN if [ $(uname -m) = "x86_64" ]; then \ - PLATFORM=$(uname -s); \ - if [ "$PLATFORM" = "Linux" -o "$PLATFORM" = "Windows" -o "$PLATFORM" = "Darwin" ]; then \ - mkdir -p /root/.local/bin; \ - curl -sL https://sentry.io/get-cli/ | INSTALL_DIR=/root/.local/bin bash; \ - fi \ - fi -VOLUME /var/www/html +WORKDIR /var/www/html # Define Monica version and expected SHA512 signature ENV MONICA_VERSION v2.17.0 ENV MONICA_SHA512 9e208f3aee15eb8ffcd33aa834fc2a4c07ef3396234132d76e2563e0c17c596e5f505aa6527625b13be1f564f8583c4bbd2a54c44d26f8e9c8418d9636c8720b -ENV MONICA_SRC /usr/src/monica RUN set -ex; \ apk add --no-cache --virtual .fetch-deps \ @@ -132,20 +121,16 @@ RUN set -ex; \ ; \ \ curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ - echo "$MONICA_SHA512 *monica.tar.bz2" | sha512sum -c -; \ + echo "$MONICA_SHA512 monica.tar.bz2" | sha512sum -c -; \ \ - mkdir $MONICA_SRC; \ - tar -xf monica.tar.bz2 -C $MONICA_SRC --strip-components=1; \ + tar -xf monica.tar.bz2 -C /var/www/html --strip-components=1; \ rm monica.tar.bz2; \ \ - cp $MONICA_SRC/.env.example $MONICA_SRC/.env; \ - chown -R www-data:www-data $MONICA_SRC; \ + cp /var/www/html/.env.example /var/www/html/.env; \ + chown -R www-data:www-data /var/www/html; \ \ - apk del .fetch-deps; \ - rm -rf /var/cache/apk/* + apk del .fetch-deps -COPY upgrade.exclude \ - /usr/local/share/ COPY entrypoint.sh \ queue.sh \ cron.sh \ diff --git a/fpm-alpine/entrypoint.sh b/fpm-alpine/entrypoint.sh index d0bce7c..6170aab 100755 --- a/fpm-alpine/entrypoint.sh +++ b/fpm-alpine/entrypoint.sh @@ -1,9 +1,6 @@ #!/bin/bash -# return true if specified directory is empty -directory_empty() { - [ -z "$(ls -A "$1/")" ] -} +set -Eeuo pipefail # wait for the database to start waitfordb() { @@ -31,26 +28,9 @@ waitfordb() { if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - MONICASRC=/usr/src/monica MONICADIR=/var/www/html ARTISAN="php ${MONICADIR}/artisan" - # Update application sources - echo "Syncing sources..." - if [ "$(id -u)" = 0 ]; then - rsync_options="-rlDog --chown www-data:www-data" - else - rsync_options="-rlD" - fi - rsync $rsync_options --delete --exclude-from=/usr/local/share/upgrade.exclude $MONICASRC/ $MONICADIR/ - - for dir in storage; do - if [ ! -d "$MONICADIR/$dir" ] || directory_empty "$MONICADIR/$dir"; then - rsync $rsync_options --include "/$dir/" --exclude '/*' $MONICASRC/ $MONICADIR/ - fi - done - echo "...done!" - # Ensure storage directories are present STORAGE=${MONICADIR}/storage mkdir -p ${STORAGE}/logs @@ -86,4 +66,4 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then fi -exec $@ +exec "$@" diff --git a/fpm-alpine/upgrade.exclude b/fpm-alpine/upgrade.exclude deleted file mode 100644 index dbca33e..0000000 --- a/fpm-alpine/upgrade.exclude +++ /dev/null @@ -1 +0,0 @@ -/storage diff --git a/fpm/Dockerfile b/fpm/Dockerfile index 242be00..ca8675b 100644 --- a/fpm/Dockerfile +++ b/fpm/Dockerfile @@ -1,8 +1,7 @@ FROM php:7.3-fpm # opencontainers annotations https://github.com/opencontainers/image-spec/blob/master/annotations.md -LABEL maintainer="Alexis Saettler (@asbiin)" \ - org.opencontainers.image.authors="Alexis Saettler " \ +LABEL org.opencontainers.image.authors="Alexis Saettler " \ org.opencontainers.image.title="MonicaHQ, the Personal Relationship Manager" \ org.opencontainers.image.description="This is MonicaHQ, your personal memory! MonicaHQ is like a CRM but for the friends, family, and acquaintances around you." \ org.opencontainers.image.url="https://monicahq.com" \ @@ -15,7 +14,6 @@ LABEL maintainer="Alexis Saettler (@asbiin)" \ RUN set -ex; \ \ apt-get update; \ - apt-get -y autoremove; \ apt-get install -y --no-install-recommends \ rsync \ bash \ @@ -103,14 +101,16 @@ ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS="0" \ PHP_OPCACHE_MAX_ACCELERATED_FILES="20000" \ PHP_OPCACHE_MEMORY_CONSUMPTION="192" \ PHP_OPCACHE_MAX_WASTED_PERCENTAGE="10" -RUN { \ +RUN set -ex; \ + \ + { \ echo '[opcache]'; \ echo 'opcache.enable=1'; \ echo 'opcache.revalidate_freq=0'; \ - echo "opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}"; \ - echo "opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}"; \ - echo "opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}"; \ - echo "opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}"; \ + echo 'opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS}'; \ + echo 'opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ + echo 'opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE}'; \ echo 'opcache.interned_strings_buffer=16'; \ echo 'opcache.fast_shutdown=1'; \ } > $PHP_INI_DIR/conf.d/opcache-recommended.ini; \ @@ -119,37 +119,26 @@ RUN { \ \ echo 'memory_limit=512M' > $PHP_INI_DIR/conf.d/memory-limit.ini -# Sentry -RUN if [ $(uname -m) = "x86_64" ]; then \ - PLATFORM=$(uname -s); \ - if [ "$PLATFORM" = "Linux" -o "$PLATFORM" = "Windows" -o "$PLATFORM" = "Darwin" ]; then \ - mkdir -p /root/.local/bin; \ - curl -sL https://sentry.io/get-cli/ | INSTALL_DIR=/root/.local/bin bash; \ - fi \ - fi -VOLUME /var/www/html +WORKDIR /var/www/html # Define Monica version and expected SHA512 signature ENV MONICA_VERSION v2.17.0 ENV MONICA_SHA512 9e208f3aee15eb8ffcd33aa834fc2a4c07ef3396234132d76e2563e0c17c596e5f505aa6527625b13be1f564f8583c4bbd2a54c44d26f8e9c8418d9636c8720b -ENV MONICA_SRC /usr/src/monica -RUN set -eu; \ - curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ - echo "$MONICA_SHA512 *monica.tar.bz2" | sha512sum -c -; \ +RUN set -ex; \ \ - mkdir $MONICA_SRC; \ - tar -xf monica.tar.bz2 -C $MONICA_SRC --strip-components=1; \ + curl -fsSL -o monica.tar.bz2 "https://github.com/monicahq/monica/releases/download/${MONICA_VERSION}/monica-${MONICA_VERSION}.tar.bz2"; \ + echo "$MONICA_SHA512 monica.tar.bz2" | sha512sum -c -; \ + \ + tar -xf monica.tar.bz2 -C /var/www/html --strip-components=1; \ rm monica.tar.bz2; \ \ - cp $MONICA_SRC/.env.example $MONICA_SRC/.env; \ - chown -R www-data:www-data $MONICA_SRC + cp /var/www/html/.env.example /var/www/html/.env; \ + chown -R www-data:www-data /var/www/html -COPY upgrade.exclude \ - /usr/local/share/ COPY entrypoint.sh \ queue.sh \ cron.sh \ diff --git a/fpm/entrypoint.sh b/fpm/entrypoint.sh index d0bce7c..6170aab 100755 --- a/fpm/entrypoint.sh +++ b/fpm/entrypoint.sh @@ -1,9 +1,6 @@ #!/bin/bash -# return true if specified directory is empty -directory_empty() { - [ -z "$(ls -A "$1/")" ] -} +set -Eeuo pipefail # wait for the database to start waitfordb() { @@ -31,26 +28,9 @@ waitfordb() { if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - MONICASRC=/usr/src/monica MONICADIR=/var/www/html ARTISAN="php ${MONICADIR}/artisan" - # Update application sources - echo "Syncing sources..." - if [ "$(id -u)" = 0 ]; then - rsync_options="-rlDog --chown www-data:www-data" - else - rsync_options="-rlD" - fi - rsync $rsync_options --delete --exclude-from=/usr/local/share/upgrade.exclude $MONICASRC/ $MONICADIR/ - - for dir in storage; do - if [ ! -d "$MONICADIR/$dir" ] || directory_empty "$MONICADIR/$dir"; then - rsync $rsync_options --include "/$dir/" --exclude '/*' $MONICASRC/ $MONICADIR/ - fi - done - echo "...done!" - # Ensure storage directories are present STORAGE=${MONICADIR}/storage mkdir -p ${STORAGE}/logs @@ -86,4 +66,4 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then fi -exec $@ +exec "$@" diff --git a/fpm/upgrade.exclude b/fpm/upgrade.exclude deleted file mode 100644 index dbca33e..0000000 --- a/fpm/upgrade.exclude +++ /dev/null @@ -1 +0,0 @@ -/storage diff --git a/update.sh b/update.sh index 0e51751..086e5ff 100755 --- a/update.sh +++ b/update.sh @@ -28,8 +28,7 @@ RUN set -eu; sed -ri -e \"s!/var/www/html!\\\${APACHE_DOCUMENT_ROOT}!g\" /etc/ap [fpm-alpine]='' ) -label="LABEL maintainer=\"Alexis Saettler (@asbiin)\" \\\\\\n\ - org.opencontainers.image.authors=\"Alexis Saettler \" \\\\\\n\ +label="LABEL org.opencontainers.image.authors=\"Alexis Saettler \" \\\\\\n\ org.opencontainers.image.title=\"MonicaHQ, the Personal Relationship Manager\" \\\\\\n\ org.opencontainers.image.description=\"This is MonicaHQ, your personal memory! MonicaHQ is like a CRM but for the friends, family, and acquaintances around you.\" \\\\\\n\ org.opencontainers.image.url=\"https://monicahq.com\" \\\\\\n\ @@ -101,6 +100,4 @@ for variant in apache fpm fpm-alpine; do for file in entrypoint cron queue; do cp docker-$file.sh $variant/$file.sh done - - cp upgrade.exclude $variant/ done diff --git a/upgrade.exclude b/upgrade.exclude deleted file mode 100644 index dbca33e..0000000 --- a/upgrade.exclude +++ /dev/null @@ -1 +0,0 @@ -/storage