From 6c25d12f98deb29dc293c540de9d79c7b8104521 Mon Sep 17 00:00:00 2001 From: Mateus Romera Villar Date: Mon, 22 Mar 2021 20:07:35 -0300 Subject: [PATCH 1/7] Add docker secret support --- docker/env-docker.php | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 docker/env-docker.php diff --git a/docker/env-docker.php b/docker/env-docker.php new file mode 100644 index 000000000000..1c77447c8393 --- /dev/null +++ b/docker/env-docker.php @@ -0,0 +1,29 @@ + Date: Mon, 22 Mar 2021 20:07:55 -0300 Subject: [PATCH 2/7] Add docker secret support to selected environment variables below: - APP_KEY_FILE -> APP_KEY; - DB_HOST_FILE -> DB_HOST; - DB_PORT_FILE -> DB_PORT; - DB_DATABASE_FILE -> DB_DATABASE; - DB_USERNAME_FILE -> DB_USERNAME; - DB_PASSWORD_FILE -> DB_PASSWORD; - REDIS_HOST_FILE -> REDIS_HOST; - REDIS_PASSWORD_FILE -> REDIS_PASSWORD; - REDIS_PORT_FILE -> REDIS_PORT; - MAIL_HOST_FILE -> MAIL_HOST; - MAIL_PORT_FILE -> MAIL_PORT; - MAIL_USERNAME_FILE -> MAIL_USERNAME; - MAIL_PASSWORD_FILE -> MAIL_PASSWORD; --- docker/app-docker.php | 421 +++++++++++++++++++++++++++++++++++++ docker/database-docker.php | 170 +++++++++++++++ docker/mail-docker.php | 163 ++++++++++++++ 3 files changed, 754 insertions(+) create mode 100755 docker/app-docker.php create mode 100644 docker/database-docker.php create mode 100755 docker/mail-docker.php diff --git a/docker/app-docker.php b/docker/app-docker.php new file mode 100755 index 000000000000..0d2ce21d56b6 --- /dev/null +++ b/docker/app-docker.php @@ -0,0 +1,421 @@ + env('SITE_NAME', 'Snipe-IT'), + + /* + |-------------------------------------------------------------------------- + | Application Environment + |-------------------------------------------------------------------------- + | + | This value determines the "environment" your application is currently + | running in. This may determine how you prefer to configure various + | services your application utilizes. Set this in your ".env" file. + | + */ + + 'env' => env('APP_ENV', 'production'), + + /* + |-------------------------------------------------------------------------- + | Result Limit + |-------------------------------------------------------------------------- + | + | This value determines the max number of results to return, even if a higher limit + | is passed in the API request. This is done to prevent server timeouts when + | custom scripts are requesting 100k assets at a time. + | + */ + + 'max_results' => env('MAX_RESULTS', 500), + + /* + |-------------------------------------------------------------------------- + | Application Debug Mode + |-------------------------------------------------------------------------- + | + | When your application is in debug mode, detailed error messages with + | stack traces will be shown on every error that occurs within your + | application. If disabled, a simple generic error page is shown. + | + */ + + 'debug' => env('APP_DEBUG', false), + 'warn_debug' => env('WARN_DEBUG', true), + + /* + |-------------------------------------------------------------------------- + | Application URL + |-------------------------------------------------------------------------- + | + | This URL is used by the console to properly generate URLs when using + | the Artisan command line tool. You should set this to the root of + | your application so that it is used when running Artisan tasks. + | + */ + + 'url' => env('APP_URL', 'http://localhost'), + + /* + |-------------------------------------------------------------------------- + | Application Timezone + |-------------------------------------------------------------------------- + | + | Here you may specify the default timezone for your application, which + | will be used by the PHP date and date-time functions. We have gone + | ahead and set this to a sensible default for you out of the box. + | + */ + + 'timezone' => env('APP_TIMEZONE', 'UTC'), + + /* + |-------------------------------------------------------------------------- + | Application Locale Configuration + |-------------------------------------------------------------------------- + | + | The application locale determines the default locale that will be used + | by the translation service provider. You are free to set this value + | to any of the locales which will be supported by the application. + | + */ + + 'locale' => env('APP_LOCALE', 'en'), + + /* + |-------------------------------------------------------------------------- + | Application Fallback Locale + |-------------------------------------------------------------------------- + | + | The fallback locale determines the locale to use when the current one + | is not available. You may change the value to correspond to any of + | the language folders that are provided through your application. + | + */ + + 'fallback_locale' => 'en', + + /* + |-------------------------------------------------------------------------- + | Encryption Key + |-------------------------------------------------------------------------- + | + | This key is used by the Illuminate encrypter service and should be set + | to a random, 32 character string, otherwise these encrypted strings + | will not be safe. Please do this before deploying an application! + | + */ + + 'key' => getenv_docker('APP_KEY', 'null'), + + 'cipher' => env('APP_CIPHER', 'AES-256-CBC'), + + /* + |-------------------------------------------------------------------------- + | Logging Configuration + |-------------------------------------------------------------------------- + | + | Here you may configure the log settings for your application. Out of + | the box, Laravel uses the Monolog PHP logging library. This gives + | you a variety of powerful log handlers / formatters to utilize. + | + | Available Settings: "single", "daily", "syslog", "errorlog" + | + */ + + 'log' => env('APP_LOG', 'single'), + + /* + |-------------------------------------------------------------------------- + | Logging Max Files + |-------------------------------------------------------------------------- + | + | When using the daily log mode, Laravel will only retain 5 + | days of log files by default. + | + | To change this, set the APP_LOG_MAX_FILES option in your .env. + | + */ + + 'log_max_files' => env('APP_LOG_MAX_FILES', 5), + + /* + |-------------------------------------------------------------------------- + | Logging Detail + |-------------------------------------------------------------------------- + | + | By default, Laravel writes all log levels to storage. However, in your + | production environment, you may wish to configure the minimum severity that + | should be logged by editing your APP_LOG_LEVEL env config. + | + | Laravel will log all levels greater than or equal to the specified severity. + | For example, a default log_level of error will log error, critical, alert, + | and emergency messages. + | + | APP_LOG_LEVEL options are: + | "debug", "info", "notice", "warning", "error", "critical", "alert", "emergency" + | + */ + + 'log_level' => env('APP_LOG_LEVEL', 'error'), + + + /* + |-------------------------------------------------------------------------- + | Default Storage path for private uploads + |-------------------------------------------------------------------------- + | This is the path for any uploaded files that have to be run through the + | auth system to ensure they are not visible to the public. These should be + | stored somewhere outside of the web root so that an unauthenticated user + | cannot access them. + | + | For example: license keys, contracts, etc. + | + */ + + 'private_uploads' => storage_path().'/private_uploads', + + + /* + |-------------------------------------------------------------------------- + | ALLOW I-FRAMING + |-------------------------------------------------------------------------- + | + | Normal users will never need to edit this. This option lets you run + | Snipe-IT within an I-Frame, which is normally disabled by default for + | security reasons, to prevent clickjacking. It should normally be set to false. + | + */ + + 'allow_iframing' => env('ALLOW_IFRAMING', false), + + + /* + |-------------------------------------------------------------------------- + | ENABLE HTTP Strict Transport Security (HSTS) + |-------------------------------------------------------------------------- + | + | This is set to default false for backwards compatibilty but should be + | set to true if the hosting environment allows it. + | + | See https://scotthelme.co.uk/hsts-the-missing-link-in-tls/ + | + */ + + 'enable_hsts' => env('ENABLE_HSTS', false), + + /* + |-------------------------------------------------------------------------- + | REFERRER-POLICY + |-------------------------------------------------------------------------- + | + | This is an additional security header that browsers use to determine + | whether they should report back URL referrer information. + | + | Read more: https://www.w3.org/TR/referrer-policy/ + | + */ + + 'referrer_policy' => env('REFERRER_POLICY', 'same-origin'), + + /* + |-------------------------------------------------------------------------- + | CSP + |-------------------------------------------------------------------------- + | + | Disable the content security policy that restricts what scripts, images + | and styles can load. (This should be left as false if you don't know + | what this means.) + | + | Read more: https://www.w3.org/TR/CSP/ + | Read more: https://content-security-policy.com + | + */ + + 'enable_csp' => env('ENABLE_CSP', false), + + + + + /* + |-------------------------------------------------------------------------- + | Demo Mode Lockdown + |-------------------------------------------------------------------------- + | + | Normal users will never need to edit this. This option lets you run a + | version of Snipe-IT with limited functionality to prevent demo abuse. + | + */ + + 'lock_passwords' => env('APP_LOCKED', false), + + + /* + |-------------------------------------------------------------------------- + | Minimum PHP version + |-------------------------------------------------------------------------- + | + | Do not change this variable. + | + */ + + 'min_php' => '7.2.5', + + + /* + |-------------------------------------------------------------------------- + | Autoloaded Service Providers + |-------------------------------------------------------------------------- + | + | The service providers listed here will be automatically loaded on the + | request to your application. Feel free to add your own services to + | this array to grant expanded functionality to your applications. + | + */ + + 'providers' => [ + + /* + * Laravel Framework Service Providers... + */ + Illuminate\Auth\AuthServiceProvider::class, + Illuminate\Broadcasting\BroadcastServiceProvider::class, + Illuminate\Bus\BusServiceProvider::class, + Illuminate\Cache\CacheServiceProvider::class, + Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class, + Illuminate\Cookie\CookieServiceProvider::class, + Illuminate\Database\DatabaseServiceProvider::class, + Illuminate\Encryption\EncryptionServiceProvider::class, + Illuminate\Filesystem\FilesystemServiceProvider::class, + Illuminate\Foundation\Providers\FoundationServiceProvider::class, + Illuminate\Hashing\HashServiceProvider::class, + Illuminate\Mail\MailServiceProvider::class, + Illuminate\Notifications\NotificationServiceProvider::class, + Illuminate\Pagination\PaginationServiceProvider::class, + Illuminate\Pipeline\PipelineServiceProvider::class, + Illuminate\Queue\QueueServiceProvider::class, + Illuminate\Redis\RedisServiceProvider::class, + Illuminate\Auth\Passwords\PasswordResetServiceProvider::class, + Illuminate\Session\SessionServiceProvider::class, + Illuminate\Translation\TranslationServiceProvider::class, + Illuminate\Validation\ValidationServiceProvider::class, + Illuminate\View\ViewServiceProvider::class, + + /* + * Package Service Providers... + */ + + Intervention\Image\ImageServiceProvider::class, + Collective\Html\HtmlServiceProvider::class, + Spatie\Backup\BackupServiceProvider::class, + Fideloper\Proxy\TrustedProxyServiceProvider::class, + PragmaRX\Google2FALaravel\ServiceProvider::class, + Laravel\Passport\PassportServiceProvider::class, + Laravel\Tinker\TinkerServiceProvider::class, + Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class, + Tightenco\Ziggy\ZiggyServiceProvider::class, // Laravel routes in vue + Eduardokum\LaravelMailAutoEmbed\ServiceProvider::class, + + /* + * Application Service Providers... + */ + App\Providers\AppServiceProvider::class, + App\Providers\AuthServiceProvider::class, + App\Providers\EventServiceProvider::class, + App\Providers\RouteServiceProvider::class, + App\Providers\SettingsServiceProvider::class, + App\Providers\ValidationServiceProvider::class, + + + /* + * Custom service provider + */ + App\Providers\MacroServiceProvider::class, + App\Providers\LdapServiceProvider::class, + App\Providers\SamlServiceProvider::class, + + + ], + + /* + |-------------------------------------------------------------------------- + | Class Aliases + |-------------------------------------------------------------------------- + | + | This array of class aliases will be registered when this application + | is started. However, feel free to register as many as you wish as + | the aliases are "lazy" loaded so they don't hinder performance. + | + */ + + 'aliases' => [ + + 'App' => Illuminate\Support\Facades\App::class, + 'Artisan' => Illuminate\Support\Facades\Artisan::class, + 'Auth' => Illuminate\Support\Facades\Auth::class, + 'Blade' => Illuminate\Support\Facades\Blade::class, + 'Bus' => Illuminate\Support\Facades\Bus::class, + 'Cache' => Illuminate\Support\Facades\Cache::class, + 'Config' => Illuminate\Support\Facades\Config::class, + 'Cookie' => Illuminate\Support\Facades\Cookie::class, + 'Crypt' => Illuminate\Support\Facades\Crypt::class, + 'DB' => Illuminate\Support\Facades\DB::class, + 'Eloquent' => Illuminate\Database\Eloquent\Model::class, + 'Event' => Illuminate\Support\Facades\Event::class, + 'File' => Illuminate\Support\Facades\File::class, + 'Gate' => Illuminate\Support\Facades\Gate::class, + 'Hash' => Illuminate\Support\Facades\Hash::class, + 'Lang' => Illuminate\Support\Facades\Lang::class, + 'Log' => Illuminate\Support\Facades\Log::class, + 'Mail' => Illuminate\Support\Facades\Mail::class, + 'Notification' => Illuminate\Support\Facades\Notification::class, + 'Password' => Illuminate\Support\Facades\Password::class, + 'Queue' => Illuminate\Support\Facades\Queue::class, + 'Redirect' => Illuminate\Support\Facades\Redirect::class, + 'Redis' => Illuminate\Support\Facades\Redis::class, + 'Request' => Illuminate\Support\Facades\Request::class, + 'Response' => Illuminate\Support\Facades\Response::class, + 'Route' => Illuminate\Support\Facades\Route::class, + 'Schema' => Illuminate\Support\Facades\Schema::class, + 'Session' => Illuminate\Support\Facades\Session::class, + 'Storage' => Illuminate\Support\Facades\Storage::class, + 'URL' => Illuminate\Support\Facades\URL::class, + 'Validator' => Illuminate\Support\Facades\Validator::class, + 'View' => Illuminate\Support\Facades\View::class, + 'Form' => Collective\Html\FormFacade::class, + 'Html' => Collective\Html\HtmlFacade::class, + 'Google2FA' => PragmaRX\Google2FALaravel\Facade::class, + 'Image' => Intervention\Image\ImageServiceProvider::class, + 'Carbon' => Carbon\Carbon::class, + + + ], + +]; diff --git a/docker/database-docker.php b/docker/database-docker.php new file mode 100644 index 000000000000..4872f337d5d5 --- /dev/null +++ b/docker/database-docker.php @@ -0,0 +1,170 @@ + PDO::FETCH_CLASS, + + /* + |-------------------------------------------------------------------------- + | Default Database Connection Name + |-------------------------------------------------------------------------- + | + | Here you may specify which of the database connections below you wish + | to use as your default connection for all database work. Of course + | you may use many connections at once using the Database library. + | + */ + + 'default' => env('DB_CONNECTION', 'mysql'), + + /* + |-------------------------------------------------------------------------- + | Database Connections + |-------------------------------------------------------------------------- + | + | Here are each of the database connections setup for your application. + | Of course, examples of configuring each database platform that is + | supported by Laravel is shown below to make development simple. + | + | + | All database work in Laravel is done through the PHP PDO facilities + | so make sure you have the driver for your particular database of + | choice installed on your machine before you begin development. + | + */ + + 'connections' => [ + + 'sqlite' => [ + 'driver' => 'sqlite', + 'database' => database_path('database.sqlite'), + 'prefix' => '', + ], + + 'sqlite_testing' => [ + 'driver' => 'sqlite', + 'database' => ':memory:', + 'prefix' => '', + ], + + 'mysql' => [ + 'driver' => 'mysql', + 'host' => getenv_docker('DB_HOST', 'localhost'), + 'port' => getenv_docker('DB_PORT', '3306'), + 'database' => getenv_docker('DB_DATABASE', 'forge'), + 'username' => getenv_docker('DB_USERNAME', 'forge'), + 'password' => getenv_docker('DB_PASSWORD', ''), + 'charset' => env('DB_CHARSET', 'utf8mb4'), + 'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'), + 'prefix' => env('DB_PREFIX', null), + 'strict' => false, + 'engine' => 'InnoDB', + 'unix_socket' => env('DB_SOCKET',''), + 'dump' => [ + 'dump_binary_path' => env('DB_DUMP_PATH', '/usr/local/bin'), // only the path, so without 'mysqldump' + 'use_single_transaction' => false, + 'timeout' => 60 * 5, // 5 minute timeout + //'exclude_tables' => ['table1', 'table2'], + //'add_extra_option' => '--optionname=optionvalue', + ], + + 'dump_command_timeout' => 60 * 5, // 5 minute timeout + 'dump_using_single_transaction' => true, // perform dump using a single transaction + 'options' => (env('DB_SSL')) ? ((env('DB_SSL_IS_PAAS')) ? [ + PDO::MYSQL_ATTR_SSL_CA => env('DB_SSL_CA_PATH'), // /path/to/ca.pem + ] : [ + PDO::MYSQL_ATTR_SSL_KEY => env('DB_SSL_KEY_PATH'), // /path/to/key.pem + PDO::MYSQL_ATTR_SSL_CERT => env('DB_SSL_CERT_PATH'), // /path/to/cert.pem + PDO::MYSQL_ATTR_SSL_CA => env('DB_SSL_CA_PATH'), // /path/to/ca.pem + PDO::MYSQL_ATTR_SSL_CIPHER => env('DB_SSL_CIPHER') + ]) : [] + ], + + 'pgsql' => [ + 'driver' => 'pgsql', + 'host' => getenv_docker('DB_HOST', 'localhost'), + 'database' => getenv_docker('DB_DATABASE', 'forge'), + 'username' => getenv_docker('DB_USERNAME', 'forge'), + 'password' => getenv_docker('DB_PASSWORD', ''), + 'charset' => 'utf8', + 'prefix' => '', + 'schema' => 'public', + ], + + 'sqlsrv' => [ + 'driver' => 'sqlsrv', + 'host' => getenv_docker('DB_HOST', 'localhost'), + 'database' => getenv_docker('DB_DATABASE', 'forge'), + 'username' => getenv_docker('DB_USERNAME', 'forge'), + 'password' => getenv_docker('DB_PASSWORD', ''), + 'charset' => 'utf8', + 'prefix' => '', + ], + + ], + + /* + |-------------------------------------------------------------------------- + | Migration Repository Table + |-------------------------------------------------------------------------- + | + | This table keeps track of all the migrations that have already run for + | your application. Using this information, we can determine which of + | the migrations on disk haven't actually been run in the database. + | + */ + + 'migrations' => 'migrations', + + /* + |-------------------------------------------------------------------------- + | Redis Databases + |-------------------------------------------------------------------------- + | + | Redis is an open source, fast, and advanced key-value store that also + | provides a richer set of commands than a typical key-value systems + | such as APC or Memcached. Laravel makes it easy to dig right in. + | + */ + + 'redis' => [ + + 'cluster' => false, + + 'default' => [ + 'host' => getenv_docker('REDIS_HOST', 'localhost'), + 'password' => getenv_docker('REDIS_PASSWORD', null), + 'port' => getenv_docker('REDIS_PORT', 6379), + 'database' => 0, + ], + + ], + +]; diff --git a/docker/mail-docker.php b/docker/mail-docker.php new file mode 100755 index 000000000000..49f8ad9b1bec --- /dev/null +++ b/docker/mail-docker.php @@ -0,0 +1,163 @@ + env('MAIL_DRIVER', 'smtp'), + + /* + |-------------------------------------------------------------------------- + | SMTP Host Address + |-------------------------------------------------------------------------- + | + | Here you may provide the host address of the SMTP server used by your + | applications. A default option is provided that is compatible with + | the Mailgun mail service which will provide reliable deliveries. + | + */ + + 'host' => getenv_docker('MAIL_HOST', 'smtp.mailgun.org'), + + /* + |-------------------------------------------------------------------------- + | SMTP Host Port + |-------------------------------------------------------------------------- + | + | This is the SMTP port used by your application to deliver e-mails to + | users of the application. Like the host we have set this value to + | stay compatible with the Mailgun e-mail application by default. + | + */ + + 'port' => getenv_docker('MAIL_PORT', 587), + + /* + |-------------------------------------------------------------------------- + | Global "From" Address + |-------------------------------------------------------------------------- + | + | You may wish for all e-mails sent by your application to be sent from + | the same address. Here, you may specify a name and address that is + | used globally for all e-mails that are sent by your application. + | + */ + + 'from' => + [ + 'address' => env('MAIL_FROM_ADDR', null), + 'name' => env('MAIL_FROM_NAME', null) + ], + + + /* + |-------------------------------------------------------------------------- + | Global "Reply-To" Address + |-------------------------------------------------------------------------- + | + | You may wish for all e-mails sent by your application to have a different "Reply-to" + | address than the "From" address. If this is left blank, the application will use + | your MAIL_FROM information. + | + */ + + 'reply_to' => [ + 'address' => env('MAIL_REPLYTO_ADDR',null), + 'name' => env('MAIL_REPLYTO_NAME', null) + ], + + /* + |-------------------------------------------------------------------------- + | E-Mail Encryption Protocol + |-------------------------------------------------------------------------- + | + | Here you may specify the encryption protocol that should be used when + | the application send e-mail messages. A sensible default using the + | transport layer security protocol should provide great security. + | + */ + + 'encryption' => env('MAIL_ENCRYPTION', 'tls'), + + /* + |-------------------------------------------------------------------------- + | SMTP Server Username + |-------------------------------------------------------------------------- + | + | If your SMTP server requires a username for authentication, you should + | set it here. This will get used to authenticate with your server on + | connection. You may also set the "password" value below this one. + | + */ + + 'username' => getenv_docker('MAIL_USERNAME', 'null'), + + /* + |-------------------------------------------------------------------------- + | SMTP Server Password + |-------------------------------------------------------------------------- + | + | Here you may set the password required by your SMTP server to send out + | messages from your application. This will be given to the server on + | connection so that the application will be able to send messages. + | + */ + + 'password' => getenv_docker('MAIL_PASSWORD', 'null'), + + /* + |-------------------------------------------------------------------------- + | Sendmail System Path + |-------------------------------------------------------------------------- + | + | When using the "sendmail" driver to send e-mails, we will need to know + | the path to where Sendmail lives on this server. A default path has + | been provided here, which will work well on most of your systems. + | + */ + + 'sendmail' => '/usr/sbin/sendmail -bs', + + + 'markdown' => [ + 'theme' => 'default', + 'paths' => [ + resource_path('views/vendor/mail'), + ], + ], + +]; From 862ffeb42180bd05df546f1d959507b7ec6001dd Mon Sep 17 00:00:00 2001 From: Mateus Romera Villar Date: Mon, 22 Mar 2021 20:08:30 -0300 Subject: [PATCH 3/7] Add env file for docker secrets --- docker/docker-secrets.env | 54 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 docker/docker-secrets.env diff --git a/docker/docker-secrets.env b/docker/docker-secrets.env new file mode 100644 index 000000000000..45a777f5d805 --- /dev/null +++ b/docker/docker-secrets.env @@ -0,0 +1,54 @@ +# -------------------------------------------- +# REQUIRED: BASIC APP SETTINGS +# -------------------------------------------- +#APP_ENV=develop +#APP_DEBUG=false +#APP_KEY=Change_this_key_or_snipe_will_get_ya +#APP_URL=http://127.0.0.1:32782 +#APP_TIMEZONE=US/Pacific +#APP_LOCALE=en + + +# -------------------------------------------- +# REQUIRED: DATABASE SETTINGS +# -------------------------------------------- +DB_CONNECTION=mysql +DB_PREFIX=null +DB_DUMP_PATH='/usr/bin' + + +# -------------------------------------------- +# REQUIRED: OUTGOING MAIL SERVER SETTINGS +# -------------------------------------------- +MAIL_DRIVER=smtp +MAIL_ENCRYPTION=${MAIL_ENV_ENCRYPTION} +MAIL_FROM_ADDR=${MAIL_ENV_FROM_ADDR} +MAIL_FROM_NAME=${MAIL_ENV_FROM_NAME} +MAIL_REPLYTO_ADDR=${MAIL_ENV_FROM_ADDR} +MAIL_REPLYTO_NAME=${MAIL_ENV_FROM_NAME} + + +# -------------------------------------------- +# REQUIRED: IMAGE LIBRARY +# This should be gd or imagick +# -------------------------------------------- +IMAGE_LIB=gd + + +# -------------------------------------------- +# OPTIONAL: SESSION SETTINGS +# -------------------------------------------- +SESSION_LIFETIME=12000 +EXPIRE_ON_CLOSE=false +ENCRYPT=false +COOKIE_NAME=snipeit_session +COOKIE_DOMAIN=null +SECURE_COOKIES=false + + +# -------------------------------------------- +# OPTIONAL: CACHE SETTINGS +# -------------------------------------------- +CACHE_DRIVER=file +SESSION_DRIVER=file +QUEUE_DRIVER=sync From c1523aeb749edcfb25fb458014057fd34ed5140c Mon Sep 17 00:00:00 2001 From: Mateus Romera Villar Date: Mon, 22 Mar 2021 22:55:38 -0300 Subject: [PATCH 4/7] Added #9313: add new fpm-image using docker secrets --- Dockerfile.fpm-alpine | 108 ++++++++++++++++++++++++++++++++++++ docker/docker-entrypoint.sh | 76 +++++++++++++++++++++++++ 2 files changed, 184 insertions(+) create mode 100644 Dockerfile.fpm-alpine create mode 100644 docker/docker-entrypoint.sh diff --git a/Dockerfile.fpm-alpine b/Dockerfile.fpm-alpine new file mode 100644 index 000000000000..aadf46c45230 --- /dev/null +++ b/Dockerfile.fpm-alpine @@ -0,0 +1,108 @@ +ARG ENVIRONMENT=production +ARG SNIPEIT_RELEASE=5.1.3 +ARG PHP_VERSION=7.4.16 +ARG PHP_ALPINE_VERSION=3.13 +ARG COMPOSER_VERSION=2.0.11 + +# Cannot use arguments with 'COPY --from' workaround +# https://github.com/moby/moby/issues/34482#issuecomment-454716952 +FROM composer:${COMPOSER_VERSION} AS composer + +# Final stage +FROM php:${PHP_VERSION}-fpm-alpine${PHP_ALPINE_VERSION} AS source +LABEL maintainer="Mateus Villar " + +ARG PACKAGES="\ + mysql-client \ +" +ARG DEV_PACKAGES="\ + git \ +" +ARG ENVIRONMENT +ENV ENVIRONMENT ${ENVIRONMENT} +ARG SNIPEIT_RELEASE +ENV SNIPEIT_RELEASE ${SNIPEIT_RELEASE} + +# Cribbed from wordpress-fpm-alpine image +# set recommended PHP.ini settings +# see https://secure.php.net/manual/en/opcache.installation.php +RUN set -eux; \ + docker-php-ext-enable opcache; \ + { \ + echo 'opcache.memory_consumption=128'; \ + echo 'opcache.interned_strings_buffer=8'; \ + echo 'opcache.max_accelerated_files=4000'; \ + echo 'opcache.revalidate_freq=2'; \ + echo 'opcache.fast_shutdown=1'; \ + } > /usr/local/etc/php/conf.d/opcache-recommended.ini +# https://wordpress.org/support/article/editing-wp-config-php/#configure-error-logging +RUN { \ +# https://www.php.net/manual/en/errorfunc.constants.php +# https://github.com/docker-library/wordpress/issues/420#issuecomment-517839670 + echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \ + echo 'display_errors = Off'; \ + echo 'display_startup_errors = Off'; \ + echo 'log_errors = On'; \ + echo 'error_log = /dev/stderr'; \ + echo 'log_errors_max_len = 1024'; \ + echo 'ignore_repeated_errors = On'; \ + echo 'ignore_repeated_source = Off'; \ + echo 'html_errors = Off'; \ + } > /usr/local/etc/php/conf.d/error-logging.ini + +# Install php extensions inside docker containers easily +# https://github.com/mlocati/docker-php-extension-installer +COPY --from=mlocati/php-extension-installer:1.2.19 /usr/bin/install-php-extensions /usr/local/bin/ +RUN set -eux; \ + install-php-extensions \ + bcmath \ + gd \ + ldap \ + mysqli \ + pdo_mysql \ + zip; \ + rm -f /usr/local/bin/install-php-extensions; \ +# Install prerequisites packages + apk add --no-cache \ + ${PACKAGES}; + +COPY --from=composer /usr/bin/composer /usr/local/bin +ARG COMPOSER_ALLOW_SUPERUSER=1 +RUN set -eux; \ +# Download and extract snipeit tarball + curl -o snipeit.tar.gz -fL "https://github.com/snipe/snipe-it/archive/v$SNIPEIT_RELEASE.tar.gz"; \ + tar -xzf snipeit.tar.gz --strip-components=1 -C /var/www/html/; \ + rm snipeit.tar.gz; \ +# Install composer php dependencies + if [ "$ENVIRONMENT" = "production" ]; then \ + echo "production enviroment detected!"; \ + composer update \ + --no-cache \ + --no-dev \ + --optimize-autoloader \ + --working-dir=/var/www/html; \ + else \ + echo "development enviroment detected!"; \ + apk add --no-cache \ + ${DEV_PACKAGES}; \ + composer update \ + --no-cache \ + --prefer-source \ + --optimize-autoloader \ + --working-dir=/var/www/html; \ + fi; \ + rm -f /usr/local/bin/composer; \ + chown -R www-data:www-data /var/www/html; + +# Docker config files +COPY --chown=www-data:www-data docker/env-docker.php /var/www/html/config/ +COPY --chown=www-data:www-data docker/app-docker.php /var/www/html/config/app.php +COPY --chown=www-data:www-data docker/database-docker.php /var/www/html/config/database.php +COPY --chown=www-data:www-data docker/mail-docker.php /var/www/html/config/mail.php +COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env + +VOLUME [ "/var/lib/snipeit" ] + +COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint +ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ] +CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ] \ No newline at end of file diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh new file mode 100644 index 000000000000..19a32bc673bb --- /dev/null +++ b/docker/docker-entrypoint.sh @@ -0,0 +1,76 @@ +#!/bin/sh + +set -eo pipefail; + +echo [INFO docker entrypoint] Start script execution + +# Generate new app key if none is provided +if [ -z "$APP_KEY" -a -z "$APP_KEY_FILE" ] +then + echo "Please re-run this container with an environment variable \$APP_KEY" + echo "An example APP_KEY you could use is: " + php artisan key:generate --show + exit +fi + +# Directory configuration +rm -rf \ + "/var/www/html/storage/private_uploads" \ + "/var/www/html/public/uploads" \ + "/var/www/html/storage/app/backups" + +# Create data directories +for dir in \ + 'data/private_uploads' \ + 'data/uploads/accessories' \ + 'data/uploads/avatars' \ + 'data/uploads/barcodes' \ + 'data/uploads/categories' \ + 'data/uploads/companies' \ + 'data/uploads/components' \ + 'data/uploads/consumables' \ + 'data/uploads/departments' \ + 'data/uploads/locations' \ + 'data/uploads/manufacturers' \ + 'data/uploads/models' \ + 'data/uploads/suppliers' \ + 'dumps' \ + 'keys' +do + [ ! -d "/var/lib/snipeit/$dir" ] && mkdir -p "/var/lib/snipeit/$dir" +done + +# Sync var/lib/snipeit with /var/www/html directory +ln -fs \ + "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \ +ln -fs \ + "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \ +ln -fs \ + "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \ +ln -fs \ + "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" + +# If the Oauth DB files are not present copy the vendor files over to the db migrations +if [ ! -f "/var/www/html/database/migrations/*create_oauth*" ] +then + cp -a /var/www/html/vendor/laravel/passport/database/migrations/* /var/www/html/database/migrations/ +fi + +# Create laravel log file +touch /var/www/html/storage/logs/laravel.log +# Add correct permissions for files and directories +chown www-data:www-data /var/www/html/storage/logs/laravel.log +chown -R www-data:www-data \ + /var/lib/snipeit/data \ + /var/lib/snipeit/dumps \ + /var/lib/snipeit/keys + +# Migrate/create database +php artisan migrate --force +# Clear cache files +php artisan config:clear +php artisan config:cache + +echo [INFO docker entrypoint] End script execution + +exec "$@" \ No newline at end of file From 0c17e1b1ec7768cf7428940066c40a40d04e9b8c Mon Sep 17 00:00:00 2001 From: Mateus Romera Villar Date: Tue, 23 Mar 2021 16:59:19 -0300 Subject: [PATCH 5/7] Fix broken symlinks --- docker/docker-entrypoint.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) mode change 100644 => 100755 docker/docker-entrypoint.sh diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh old mode 100644 new mode 100755 index 19a32bc673bb..cce92100a48a --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -40,13 +40,15 @@ do [ ! -d "/var/lib/snipeit/$dir" ] && mkdir -p "/var/lib/snipeit/$dir" done -# Sync var/lib/snipeit with /var/www/html directory +# Sync /var/lib/snipeit (docker volume) with /var/www/html directory ln -fs \ - "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \ + "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" ln -fs \ - "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \ + "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" ln -fs \ - "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \ + "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" +ln -fs \ + "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key" ln -fs \ "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key" From ecde82926bf147f720cdf5f3c15ed53b71b6aa8d Mon Sep 17 00:00:00 2001 From: Mateus Romera Villar Date: Wed, 31 Mar 2021 19:13:40 -0300 Subject: [PATCH 6/7] Add docker secrets support using shell script --- Dockerfile.fpm-alpine | 8 +------- docker/docker-entrypoint.sh | 41 +++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 7 deletions(-) diff --git a/Dockerfile.fpm-alpine b/Dockerfile.fpm-alpine index aadf46c45230..3452a6f89bde 100644 --- a/Dockerfile.fpm-alpine +++ b/Dockerfile.fpm-alpine @@ -94,15 +94,9 @@ RUN set -eux; \ rm -f /usr/local/bin/composer; \ chown -R www-data:www-data /var/www/html; -# Docker config files -COPY --chown=www-data:www-data docker/env-docker.php /var/www/html/config/ -COPY --chown=www-data:www-data docker/app-docker.php /var/www/html/config/app.php -COPY --chown=www-data:www-data docker/database-docker.php /var/www/html/config/database.php -COPY --chown=www-data:www-data docker/mail-docker.php /var/www/html/config/mail.php -COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env - VOLUME [ "/var/lib/snipeit" ] +COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ] CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ] \ No newline at end of file diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index cce92100a48a..3b783419eb47 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -2,6 +2,47 @@ set -eo pipefail; +# Cribbed from nextcloud docker official repo +# https://github.com/nextcloud/docker/blob/master/docker-entrypoint.sh +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") + local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") + if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + if [ -n "${varValue}" ]; then + export "$var"="${varValue}" + elif [ -n "${fileVarValue}" ]; then + export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${def}" ]; then + export "$var"="$def" + fi + unset "$fileVar" +} + +# Add docker secrets support for the variables below: +file_env APP_KEY +file_env DB_HOST +file_env DB_PORT +file_env DB_DATABASE +file_env DB_USERNAME +file_env DB_PASSWORD +file_env REDIS_HOST +file_env REDIS_PASSWORD +file_env REDIS_PORT +file_env MAIL_HOST +file_env MAIL_PORT +file_env MAIL_USERNAME +file_env MAIL_PASSWORD + echo [INFO docker entrypoint] Start script execution # Generate new app key if none is provided From 604ba6f62397f799f50bc4807c0fee341d7a3f30 Mon Sep 17 00:00:00 2001 From: Mateus Romera Villar Date: Wed, 31 Mar 2021 19:14:52 -0300 Subject: [PATCH 7/7] Remove old docker config php files --- docker/app-docker.php | 421 ------------------------------------- docker/database-docker.php | 170 --------------- docker/env-docker.php | 29 --- docker/mail-docker.php | 163 -------------- 4 files changed, 783 deletions(-) delete mode 100755 docker/app-docker.php delete mode 100644 docker/database-docker.php delete mode 100644 docker/env-docker.php delete mode 100755 docker/mail-docker.php diff --git a/docker/app-docker.php b/docker/app-docker.php deleted file mode 100755 index 0d2ce21d56b6..000000000000 --- a/docker/app-docker.php +++ /dev/null @@ -1,421 +0,0 @@ - env('SITE_NAME', 'Snipe-IT'), - - /* - |-------------------------------------------------------------------------- - | Application Environment - |-------------------------------------------------------------------------- - | - | This value determines the "environment" your application is currently - | running in. This may determine how you prefer to configure various - | services your application utilizes. Set this in your ".env" file. - | - */ - - 'env' => env('APP_ENV', 'production'), - - /* - |-------------------------------------------------------------------------- - | Result Limit - |-------------------------------------------------------------------------- - | - | This value determines the max number of results to return, even if a higher limit - | is passed in the API request. This is done to prevent server timeouts when - | custom scripts are requesting 100k assets at a time. - | - */ - - 'max_results' => env('MAX_RESULTS', 500), - - /* - |-------------------------------------------------------------------------- - | Application Debug Mode - |-------------------------------------------------------------------------- - | - | When your application is in debug mode, detailed error messages with - | stack traces will be shown on every error that occurs within your - | application. If disabled, a simple generic error page is shown. - | - */ - - 'debug' => env('APP_DEBUG', false), - 'warn_debug' => env('WARN_DEBUG', true), - - /* - |-------------------------------------------------------------------------- - | Application URL - |-------------------------------------------------------------------------- - | - | This URL is used by the console to properly generate URLs when using - | the Artisan command line tool. You should set this to the root of - | your application so that it is used when running Artisan tasks. - | - */ - - 'url' => env('APP_URL', 'http://localhost'), - - /* - |-------------------------------------------------------------------------- - | Application Timezone - |-------------------------------------------------------------------------- - | - | Here you may specify the default timezone for your application, which - | will be used by the PHP date and date-time functions. We have gone - | ahead and set this to a sensible default for you out of the box. - | - */ - - 'timezone' => env('APP_TIMEZONE', 'UTC'), - - /* - |-------------------------------------------------------------------------- - | Application Locale Configuration - |-------------------------------------------------------------------------- - | - | The application locale determines the default locale that will be used - | by the translation service provider. You are free to set this value - | to any of the locales which will be supported by the application. - | - */ - - 'locale' => env('APP_LOCALE', 'en'), - - /* - |-------------------------------------------------------------------------- - | Application Fallback Locale - |-------------------------------------------------------------------------- - | - | The fallback locale determines the locale to use when the current one - | is not available. You may change the value to correspond to any of - | the language folders that are provided through your application. - | - */ - - 'fallback_locale' => 'en', - - /* - |-------------------------------------------------------------------------- - | Encryption Key - |-------------------------------------------------------------------------- - | - | This key is used by the Illuminate encrypter service and should be set - | to a random, 32 character string, otherwise these encrypted strings - | will not be safe. Please do this before deploying an application! - | - */ - - 'key' => getenv_docker('APP_KEY', 'null'), - - 'cipher' => env('APP_CIPHER', 'AES-256-CBC'), - - /* - |-------------------------------------------------------------------------- - | Logging Configuration - |-------------------------------------------------------------------------- - | - | Here you may configure the log settings for your application. Out of - | the box, Laravel uses the Monolog PHP logging library. This gives - | you a variety of powerful log handlers / formatters to utilize. - | - | Available Settings: "single", "daily", "syslog", "errorlog" - | - */ - - 'log' => env('APP_LOG', 'single'), - - /* - |-------------------------------------------------------------------------- - | Logging Max Files - |-------------------------------------------------------------------------- - | - | When using the daily log mode, Laravel will only retain 5 - | days of log files by default. - | - | To change this, set the APP_LOG_MAX_FILES option in your .env. - | - */ - - 'log_max_files' => env('APP_LOG_MAX_FILES', 5), - - /* - |-------------------------------------------------------------------------- - | Logging Detail - |-------------------------------------------------------------------------- - | - | By default, Laravel writes all log levels to storage. However, in your - | production environment, you may wish to configure the minimum severity that - | should be logged by editing your APP_LOG_LEVEL env config. - | - | Laravel will log all levels greater than or equal to the specified severity. - | For example, a default log_level of error will log error, critical, alert, - | and emergency messages. - | - | APP_LOG_LEVEL options are: - | "debug", "info", "notice", "warning", "error", "critical", "alert", "emergency" - | - */ - - 'log_level' => env('APP_LOG_LEVEL', 'error'), - - - /* - |-------------------------------------------------------------------------- - | Default Storage path for private uploads - |-------------------------------------------------------------------------- - | This is the path for any uploaded files that have to be run through the - | auth system to ensure they are not visible to the public. These should be - | stored somewhere outside of the web root so that an unauthenticated user - | cannot access them. - | - | For example: license keys, contracts, etc. - | - */ - - 'private_uploads' => storage_path().'/private_uploads', - - - /* - |-------------------------------------------------------------------------- - | ALLOW I-FRAMING - |-------------------------------------------------------------------------- - | - | Normal users will never need to edit this. This option lets you run - | Snipe-IT within an I-Frame, which is normally disabled by default for - | security reasons, to prevent clickjacking. It should normally be set to false. - | - */ - - 'allow_iframing' => env('ALLOW_IFRAMING', false), - - - /* - |-------------------------------------------------------------------------- - | ENABLE HTTP Strict Transport Security (HSTS) - |-------------------------------------------------------------------------- - | - | This is set to default false for backwards compatibilty but should be - | set to true if the hosting environment allows it. - | - | See https://scotthelme.co.uk/hsts-the-missing-link-in-tls/ - | - */ - - 'enable_hsts' => env('ENABLE_HSTS', false), - - /* - |-------------------------------------------------------------------------- - | REFERRER-POLICY - |-------------------------------------------------------------------------- - | - | This is an additional security header that browsers use to determine - | whether they should report back URL referrer information. - | - | Read more: https://www.w3.org/TR/referrer-policy/ - | - */ - - 'referrer_policy' => env('REFERRER_POLICY', 'same-origin'), - - /* - |-------------------------------------------------------------------------- - | CSP - |-------------------------------------------------------------------------- - | - | Disable the content security policy that restricts what scripts, images - | and styles can load. (This should be left as false if you don't know - | what this means.) - | - | Read more: https://www.w3.org/TR/CSP/ - | Read more: https://content-security-policy.com - | - */ - - 'enable_csp' => env('ENABLE_CSP', false), - - - - - /* - |-------------------------------------------------------------------------- - | Demo Mode Lockdown - |-------------------------------------------------------------------------- - | - | Normal users will never need to edit this. This option lets you run a - | version of Snipe-IT with limited functionality to prevent demo abuse. - | - */ - - 'lock_passwords' => env('APP_LOCKED', false), - - - /* - |-------------------------------------------------------------------------- - | Minimum PHP version - |-------------------------------------------------------------------------- - | - | Do not change this variable. - | - */ - - 'min_php' => '7.2.5', - - - /* - |-------------------------------------------------------------------------- - | Autoloaded Service Providers - |-------------------------------------------------------------------------- - | - | The service providers listed here will be automatically loaded on the - | request to your application. Feel free to add your own services to - | this array to grant expanded functionality to your applications. - | - */ - - 'providers' => [ - - /* - * Laravel Framework Service Providers... - */ - Illuminate\Auth\AuthServiceProvider::class, - Illuminate\Broadcasting\BroadcastServiceProvider::class, - Illuminate\Bus\BusServiceProvider::class, - Illuminate\Cache\CacheServiceProvider::class, - Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class, - Illuminate\Cookie\CookieServiceProvider::class, - Illuminate\Database\DatabaseServiceProvider::class, - Illuminate\Encryption\EncryptionServiceProvider::class, - Illuminate\Filesystem\FilesystemServiceProvider::class, - Illuminate\Foundation\Providers\FoundationServiceProvider::class, - Illuminate\Hashing\HashServiceProvider::class, - Illuminate\Mail\MailServiceProvider::class, - Illuminate\Notifications\NotificationServiceProvider::class, - Illuminate\Pagination\PaginationServiceProvider::class, - Illuminate\Pipeline\PipelineServiceProvider::class, - Illuminate\Queue\QueueServiceProvider::class, - Illuminate\Redis\RedisServiceProvider::class, - Illuminate\Auth\Passwords\PasswordResetServiceProvider::class, - Illuminate\Session\SessionServiceProvider::class, - Illuminate\Translation\TranslationServiceProvider::class, - Illuminate\Validation\ValidationServiceProvider::class, - Illuminate\View\ViewServiceProvider::class, - - /* - * Package Service Providers... - */ - - Intervention\Image\ImageServiceProvider::class, - Collective\Html\HtmlServiceProvider::class, - Spatie\Backup\BackupServiceProvider::class, - Fideloper\Proxy\TrustedProxyServiceProvider::class, - PragmaRX\Google2FALaravel\ServiceProvider::class, - Laravel\Passport\PassportServiceProvider::class, - Laravel\Tinker\TinkerServiceProvider::class, - Unicodeveloper\DumbPassword\DumbPasswordServiceProvider::class, - Tightenco\Ziggy\ZiggyServiceProvider::class, // Laravel routes in vue - Eduardokum\LaravelMailAutoEmbed\ServiceProvider::class, - - /* - * Application Service Providers... - */ - App\Providers\AppServiceProvider::class, - App\Providers\AuthServiceProvider::class, - App\Providers\EventServiceProvider::class, - App\Providers\RouteServiceProvider::class, - App\Providers\SettingsServiceProvider::class, - App\Providers\ValidationServiceProvider::class, - - - /* - * Custom service provider - */ - App\Providers\MacroServiceProvider::class, - App\Providers\LdapServiceProvider::class, - App\Providers\SamlServiceProvider::class, - - - ], - - /* - |-------------------------------------------------------------------------- - | Class Aliases - |-------------------------------------------------------------------------- - | - | This array of class aliases will be registered when this application - | is started. However, feel free to register as many as you wish as - | the aliases are "lazy" loaded so they don't hinder performance. - | - */ - - 'aliases' => [ - - 'App' => Illuminate\Support\Facades\App::class, - 'Artisan' => Illuminate\Support\Facades\Artisan::class, - 'Auth' => Illuminate\Support\Facades\Auth::class, - 'Blade' => Illuminate\Support\Facades\Blade::class, - 'Bus' => Illuminate\Support\Facades\Bus::class, - 'Cache' => Illuminate\Support\Facades\Cache::class, - 'Config' => Illuminate\Support\Facades\Config::class, - 'Cookie' => Illuminate\Support\Facades\Cookie::class, - 'Crypt' => Illuminate\Support\Facades\Crypt::class, - 'DB' => Illuminate\Support\Facades\DB::class, - 'Eloquent' => Illuminate\Database\Eloquent\Model::class, - 'Event' => Illuminate\Support\Facades\Event::class, - 'File' => Illuminate\Support\Facades\File::class, - 'Gate' => Illuminate\Support\Facades\Gate::class, - 'Hash' => Illuminate\Support\Facades\Hash::class, - 'Lang' => Illuminate\Support\Facades\Lang::class, - 'Log' => Illuminate\Support\Facades\Log::class, - 'Mail' => Illuminate\Support\Facades\Mail::class, - 'Notification' => Illuminate\Support\Facades\Notification::class, - 'Password' => Illuminate\Support\Facades\Password::class, - 'Queue' => Illuminate\Support\Facades\Queue::class, - 'Redirect' => Illuminate\Support\Facades\Redirect::class, - 'Redis' => Illuminate\Support\Facades\Redis::class, - 'Request' => Illuminate\Support\Facades\Request::class, - 'Response' => Illuminate\Support\Facades\Response::class, - 'Route' => Illuminate\Support\Facades\Route::class, - 'Schema' => Illuminate\Support\Facades\Schema::class, - 'Session' => Illuminate\Support\Facades\Session::class, - 'Storage' => Illuminate\Support\Facades\Storage::class, - 'URL' => Illuminate\Support\Facades\URL::class, - 'Validator' => Illuminate\Support\Facades\Validator::class, - 'View' => Illuminate\Support\Facades\View::class, - 'Form' => Collective\Html\FormFacade::class, - 'Html' => Collective\Html\HtmlFacade::class, - 'Google2FA' => PragmaRX\Google2FALaravel\Facade::class, - 'Image' => Intervention\Image\ImageServiceProvider::class, - 'Carbon' => Carbon\Carbon::class, - - - ], - -]; diff --git a/docker/database-docker.php b/docker/database-docker.php deleted file mode 100644 index 4872f337d5d5..000000000000 --- a/docker/database-docker.php +++ /dev/null @@ -1,170 +0,0 @@ - PDO::FETCH_CLASS, - - /* - |-------------------------------------------------------------------------- - | Default Database Connection Name - |-------------------------------------------------------------------------- - | - | Here you may specify which of the database connections below you wish - | to use as your default connection for all database work. Of course - | you may use many connections at once using the Database library. - | - */ - - 'default' => env('DB_CONNECTION', 'mysql'), - - /* - |-------------------------------------------------------------------------- - | Database Connections - |-------------------------------------------------------------------------- - | - | Here are each of the database connections setup for your application. - | Of course, examples of configuring each database platform that is - | supported by Laravel is shown below to make development simple. - | - | - | All database work in Laravel is done through the PHP PDO facilities - | so make sure you have the driver for your particular database of - | choice installed on your machine before you begin development. - | - */ - - 'connections' => [ - - 'sqlite' => [ - 'driver' => 'sqlite', - 'database' => database_path('database.sqlite'), - 'prefix' => '', - ], - - 'sqlite_testing' => [ - 'driver' => 'sqlite', - 'database' => ':memory:', - 'prefix' => '', - ], - - 'mysql' => [ - 'driver' => 'mysql', - 'host' => getenv_docker('DB_HOST', 'localhost'), - 'port' => getenv_docker('DB_PORT', '3306'), - 'database' => getenv_docker('DB_DATABASE', 'forge'), - 'username' => getenv_docker('DB_USERNAME', 'forge'), - 'password' => getenv_docker('DB_PASSWORD', ''), - 'charset' => env('DB_CHARSET', 'utf8mb4'), - 'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'), - 'prefix' => env('DB_PREFIX', null), - 'strict' => false, - 'engine' => 'InnoDB', - 'unix_socket' => env('DB_SOCKET',''), - 'dump' => [ - 'dump_binary_path' => env('DB_DUMP_PATH', '/usr/local/bin'), // only the path, so without 'mysqldump' - 'use_single_transaction' => false, - 'timeout' => 60 * 5, // 5 minute timeout - //'exclude_tables' => ['table1', 'table2'], - //'add_extra_option' => '--optionname=optionvalue', - ], - - 'dump_command_timeout' => 60 * 5, // 5 minute timeout - 'dump_using_single_transaction' => true, // perform dump using a single transaction - 'options' => (env('DB_SSL')) ? ((env('DB_SSL_IS_PAAS')) ? [ - PDO::MYSQL_ATTR_SSL_CA => env('DB_SSL_CA_PATH'), // /path/to/ca.pem - ] : [ - PDO::MYSQL_ATTR_SSL_KEY => env('DB_SSL_KEY_PATH'), // /path/to/key.pem - PDO::MYSQL_ATTR_SSL_CERT => env('DB_SSL_CERT_PATH'), // /path/to/cert.pem - PDO::MYSQL_ATTR_SSL_CA => env('DB_SSL_CA_PATH'), // /path/to/ca.pem - PDO::MYSQL_ATTR_SSL_CIPHER => env('DB_SSL_CIPHER') - ]) : [] - ], - - 'pgsql' => [ - 'driver' => 'pgsql', - 'host' => getenv_docker('DB_HOST', 'localhost'), - 'database' => getenv_docker('DB_DATABASE', 'forge'), - 'username' => getenv_docker('DB_USERNAME', 'forge'), - 'password' => getenv_docker('DB_PASSWORD', ''), - 'charset' => 'utf8', - 'prefix' => '', - 'schema' => 'public', - ], - - 'sqlsrv' => [ - 'driver' => 'sqlsrv', - 'host' => getenv_docker('DB_HOST', 'localhost'), - 'database' => getenv_docker('DB_DATABASE', 'forge'), - 'username' => getenv_docker('DB_USERNAME', 'forge'), - 'password' => getenv_docker('DB_PASSWORD', ''), - 'charset' => 'utf8', - 'prefix' => '', - ], - - ], - - /* - |-------------------------------------------------------------------------- - | Migration Repository Table - |-------------------------------------------------------------------------- - | - | This table keeps track of all the migrations that have already run for - | your application. Using this information, we can determine which of - | the migrations on disk haven't actually been run in the database. - | - */ - - 'migrations' => 'migrations', - - /* - |-------------------------------------------------------------------------- - | Redis Databases - |-------------------------------------------------------------------------- - | - | Redis is an open source, fast, and advanced key-value store that also - | provides a richer set of commands than a typical key-value systems - | such as APC or Memcached. Laravel makes it easy to dig right in. - | - */ - - 'redis' => [ - - 'cluster' => false, - - 'default' => [ - 'host' => getenv_docker('REDIS_HOST', 'localhost'), - 'password' => getenv_docker('REDIS_PASSWORD', null), - 'port' => getenv_docker('REDIS_PORT', 6379), - 'database' => 0, - ], - - ], - -]; diff --git a/docker/env-docker.php b/docker/env-docker.php deleted file mode 100644 index 1c77447c8393..000000000000 --- a/docker/env-docker.php +++ /dev/null @@ -1,29 +0,0 @@ - env('MAIL_DRIVER', 'smtp'), - - /* - |-------------------------------------------------------------------------- - | SMTP Host Address - |-------------------------------------------------------------------------- - | - | Here you may provide the host address of the SMTP server used by your - | applications. A default option is provided that is compatible with - | the Mailgun mail service which will provide reliable deliveries. - | - */ - - 'host' => getenv_docker('MAIL_HOST', 'smtp.mailgun.org'), - - /* - |-------------------------------------------------------------------------- - | SMTP Host Port - |-------------------------------------------------------------------------- - | - | This is the SMTP port used by your application to deliver e-mails to - | users of the application. Like the host we have set this value to - | stay compatible with the Mailgun e-mail application by default. - | - */ - - 'port' => getenv_docker('MAIL_PORT', 587), - - /* - |-------------------------------------------------------------------------- - | Global "From" Address - |-------------------------------------------------------------------------- - | - | You may wish for all e-mails sent by your application to be sent from - | the same address. Here, you may specify a name and address that is - | used globally for all e-mails that are sent by your application. - | - */ - - 'from' => - [ - 'address' => env('MAIL_FROM_ADDR', null), - 'name' => env('MAIL_FROM_NAME', null) - ], - - - /* - |-------------------------------------------------------------------------- - | Global "Reply-To" Address - |-------------------------------------------------------------------------- - | - | You may wish for all e-mails sent by your application to have a different "Reply-to" - | address than the "From" address. If this is left blank, the application will use - | your MAIL_FROM information. - | - */ - - 'reply_to' => [ - 'address' => env('MAIL_REPLYTO_ADDR',null), - 'name' => env('MAIL_REPLYTO_NAME', null) - ], - - /* - |-------------------------------------------------------------------------- - | E-Mail Encryption Protocol - |-------------------------------------------------------------------------- - | - | Here you may specify the encryption protocol that should be used when - | the application send e-mail messages. A sensible default using the - | transport layer security protocol should provide great security. - | - */ - - 'encryption' => env('MAIL_ENCRYPTION', 'tls'), - - /* - |-------------------------------------------------------------------------- - | SMTP Server Username - |-------------------------------------------------------------------------- - | - | If your SMTP server requires a username for authentication, you should - | set it here. This will get used to authenticate with your server on - | connection. You may also set the "password" value below this one. - | - */ - - 'username' => getenv_docker('MAIL_USERNAME', 'null'), - - /* - |-------------------------------------------------------------------------- - | SMTP Server Password - |-------------------------------------------------------------------------- - | - | Here you may set the password required by your SMTP server to send out - | messages from your application. This will be given to the server on - | connection so that the application will be able to send messages. - | - */ - - 'password' => getenv_docker('MAIL_PASSWORD', 'null'), - - /* - |-------------------------------------------------------------------------- - | Sendmail System Path - |-------------------------------------------------------------------------- - | - | When using the "sendmail" driver to send e-mails, we will need to know - | the path to where Sendmail lives on this server. A default path has - | been provided here, which will work well on most of your systems. - | - */ - - 'sendmail' => '/usr/sbin/sendmail -bs', - - - 'markdown' => [ - 'theme' => 'default', - 'paths' => [ - resource_path('views/vendor/mail'), - ], - ], - -];