Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added #9313: Add new fpm-alpine docker image and docker secrets support #9331

Merged
merged 7 commits into from
Apr 21, 2021
Merged

Added #9313: Add new fpm-alpine docker image and docker secrets support #9331

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
6c25d12
Add docker secret support
Mateus-Romera Mar 22, 2021
906738d
Add docker secret support to selected environment variables below:
Mateus-Romera Mar 22, 2021
862ffeb
Add env file for docker secrets
Mateus-Romera Mar 22, 2021
c1523ae
Added #9313: add new fpm-image using docker secrets
Mateus-Romera Mar 23, 2021
0c17e1b
Fix broken symlinks
Mateus-Romera Mar 23, 2021
ecde829
Add docker secrets support using shell script
Mateus-Romera Mar 31, 2021
604ba6f
Remove old docker config php files
Mateus-Romera Mar 31, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Added #9313: add new fpm-image using docker secrets
  • Loading branch information
@Mateus-Romera
Mateus-Romera committed Mar 23, 2021
commit c1523aeb749edcfb25fb458014057fd34ed5140c
108 changes: 108 additions & 0 deletions Dockerfile.fpm-alpine
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
ARG ENVIRONMENT=production
ARG SNIPEIT_RELEASE=5.1.3
ARG PHP_VERSION=7.4.16
ARG PHP_ALPINE_VERSION=3.13
ARG COMPOSER_VERSION=2.0.11

# Cannot use arguments with 'COPY --from' workaround
# https://github.com/moby/moby/issues/34482#issuecomment-454716952
FROM composer:${COMPOSER_VERSION} AS composer

# Final stage
FROM php:${PHP_VERSION}-fpm-alpine${PHP_ALPINE_VERSION} AS source
LABEL maintainer="Mateus Villar <[email protected]>"

ARG PACKAGES="\
mysql-client \
"
ARG DEV_PACKAGES="\
git \
"
ARG ENVIRONMENT
ENV ENVIRONMENT ${ENVIRONMENT}
ARG SNIPEIT_RELEASE
ENV SNIPEIT_RELEASE ${SNIPEIT_RELEASE}

# Cribbed from wordpress-fpm-alpine image
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN set -eux; \
docker-php-ext-enable opcache; \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
# https://wordpress.org/support/article/editing-wp-config-php/#configure-error-logging
RUN { \
# https://www.php.net/manual/en/errorfunc.constants.php
# https://github.com/docker-library/wordpress/issues/420#issuecomment-517839670
echo 'error_reporting = E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_COMPILE_WARNING | E_RECOVERABLE_ERROR'; \
echo 'display_errors = Off'; \
echo 'display_startup_errors = Off'; \
echo 'log_errors = On'; \
echo 'error_log = /dev/stderr'; \
echo 'log_errors_max_len = 1024'; \
echo 'ignore_repeated_errors = On'; \
echo 'ignore_repeated_source = Off'; \
echo 'html_errors = Off'; \
} > /usr/local/etc/php/conf.d/error-logging.ini

# Install php extensions inside docker containers easily
# https://github.com/mlocati/docker-php-extension-installer
COPY --from=mlocati/php-extension-installer:1.2.19 /usr/bin/install-php-extensions /usr/local/bin/
RUN set -eux; \
install-php-extensions \
bcmath \
gd \
ldap \
mysqli \
pdo_mysql \
zip; \
rm -f /usr/local/bin/install-php-extensions; \
# Install prerequisites packages
apk add --no-cache \
${PACKAGES};

COPY --from=composer /usr/bin/composer /usr/local/bin
ARG COMPOSER_ALLOW_SUPERUSER=1
RUN set -eux; \
# Download and extract snipeit tarball
curl -o snipeit.tar.gz -fL "https://github.com/snipe/snipe-it/archive/v$SNIPEIT_RELEASE.tar.gz"; \
tar -xzf snipeit.tar.gz --strip-components=1 -C /var/www/html/; \
rm snipeit.tar.gz; \
# Install composer php dependencies
if [ "$ENVIRONMENT" = "production" ]; then \
echo "production enviroment detected!"; \
composer update \
--no-cache \
--no-dev \
--optimize-autoloader \
--working-dir=/var/www/html; \
else \
echo "development enviroment detected!"; \
apk add --no-cache \
${DEV_PACKAGES}; \
composer update \
--no-cache \
--prefer-source \
--optimize-autoloader \
--working-dir=/var/www/html; \
fi; \
rm -f /usr/local/bin/composer; \
chown -R www-data:www-data /var/www/html;

# Docker config files
COPY --chown=www-data:www-data docker/env-docker.php /var/www/html/config/
COPY --chown=www-data:www-data docker/app-docker.php /var/www/html/config/app.php
COPY --chown=www-data:www-data docker/database-docker.php /var/www/html/config/database.php
COPY --chown=www-data:www-data docker/mail-docker.php /var/www/html/config/mail.php
COPY --chown=www-data:www-data docker/docker-secrets.env /var/www/html/.env

VOLUME [ "/var/lib/snipeit" ]

COPY --chmod=655 docker/docker-entrypoint.sh /usr/local/bin/docker-snipeit-entrypoint
ENTRYPOINT [ "/usr/local/bin/docker-snipeit-entrypoint" ]
CMD [ "/usr/local/bin/docker-php-entrypoint", "php-fpm" ]
76 changes: 76 additions & 0 deletions docker/docker-entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
#!/bin/sh

set -eo pipefail;

echo [INFO docker entrypoint] Start script execution

# Generate new app key if none is provided
if [ -z "$APP_KEY" -a -z "$APP_KEY_FILE" ]
then
echo "Please re-run this container with an environment variable \$APP_KEY"
echo "An example APP_KEY you could use is: "
php artisan key:generate --show
exit
fi

# Directory configuration
rm -rf \
"/var/www/html/storage/private_uploads" \
"/var/www/html/public/uploads" \
"/var/www/html/storage/app/backups"

# Create data directories
for dir in \
'data/private_uploads' \
'data/uploads/accessories' \
'data/uploads/avatars' \
'data/uploads/barcodes' \
'data/uploads/categories' \
'data/uploads/companies' \
'data/uploads/components' \
'data/uploads/consumables' \
'data/uploads/departments' \
'data/uploads/locations' \
'data/uploads/manufacturers' \
'data/uploads/models' \
'data/uploads/suppliers' \
'dumps' \
'keys'
do
[ ! -d "/var/lib/snipeit/$dir" ] && mkdir -p "/var/lib/snipeit/$dir"
done

# Sync var/lib/snipeit with /var/www/html directory
ln -fs \
"/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads" \
ln -fs \
"/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads" \
ln -fs \
"/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups" \
ln -fs \
"/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key"

# If the Oauth DB files are not present copy the vendor files over to the db migrations
if [ ! -f "/var/www/html/database/migrations/*create_oauth*" ]
then
cp -a /var/www/html/vendor/laravel/passport/database/migrations/* /var/www/html/database/migrations/
fi

# Create laravel log file
touch /var/www/html/storage/logs/laravel.log
# Add correct permissions for files and directories
chown www-data:www-data /var/www/html/storage/logs/laravel.log
chown -R www-data:www-data \
/var/lib/snipeit/data \
/var/lib/snipeit/dumps \
/var/lib/snipeit/keys

# Migrate/create database
php artisan migrate --force
# Clear cache files
php artisan config:clear
php artisan config:cache

echo [INFO docker entrypoint] End script execution

exec "$@"