varakh/docker-filebin
1
0
Fork 0
Code Issues Pull requests Packages 1 Activity Actions

Docker images for filebin 3.4.1

Browse source
This commit is contained in:
Varakh 2019-12-18 19:39:33 +01:00
commit 19d3ee472c
11 changed files with 645 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

120
Dockerfile Normal file
View file

@ -0,0 +1,120 @@
FROM alpine:3
LABEL maintainer="Varakh<varakh@varakh.de>"
ENV FILEBIN_VERSION 3.4.1
# Expose variables to ease overwriting
ENV RECONFIGURE true
ENV MIGRATE true
# php.ini
ENV PHP_MEMORY_LIMIT 512M
ENV MAX_UPLOAD 1024M
ENV PHP_MAX_FILE_UPLOAD 200
ENV PHP_MAX_POST 1024M
# database.php
ENV DB_DSN ''
ENV DB_HOST localhost
ENV DB_PORT 5432
ENV DB_DRIVER postgre
ENV DB_NAME fb
ENV DB_USER fb
ENV DB_PASS fb
ENV DB_PREFIX ''
ENV DB_PCONNECT '0'
ENV DB_DEBUG '1'
ENV DB_CHAR_SET utf8
ENV DB_COLLAT utf8_bin
ENV DB_SWAP_PRE ''
ENV DB_ENCRYPT '0'
ENV DB_COMPRESS '0'
ENV DB_STRICTON '0'
ENV DB_SAVE_QUERIES '0'
# config-local.php
ENV BASE_URL ''
ENV INDEX_PAGE ''
ENV ENCRYPTION_KEY ''
ENV CACHE_BACKEND dummy
ENV EMAIL_FROM ''
ENV UPLOAD_MAX_SIZE 1073741824
ENV UPLOAD_MAX_TEXT_SIZE 2097152
ENV UPLOAD_MAX_AGE 432000
ENV ACTIONS_MAX_AGE 86400
ENV SMALL_UPLOAD_SIZE 5120
ENV TARBALL_MAX_SIZE 1073741824
ENV TARBALL_CACHE_TIME 300
ENV MAX_INVITATION_KEYS 3
# add script for database
ADD src/wait-for.sh /wait-for.sh
# install dependencies
RUN chmod -x /wait-for.sh && \
apk add --update --no-cache \
git \
nginx \
s6 \
curl \
python3 \
py-pygments \
composer \
php7 \
php7-intl \
php7-fpm \
php7-cli \
php7-curl \
php7-fileinfo \
php7-mbstring \
php7-gd \
php7-json \
php7-dom \
php7-pcntl \
php7-posix \
php7-pgsql \
php7-exif \
php7-mcrypt \
php7-session \
php7-pdo \
php7-pdo_pgsql \
php7-ctype \
php7-pdo_pgsql \
php7-mysqli \
php7-mysqli \
php7-pecl-memcached \
memcached \
ca-certificates && \
rm -rf /var/cache/apk/* && \
apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ --allow-untrusted && \
rm -rf /var/www && \
# clone application and prepare www dir
git clone --branch ${FILEBIN_VERSION} https://github.com/Bluewind/filebin --depth=1 /var/www && \
cp -r /var/www/application/config/example/* /var/www/application/config && \
# set environments
sed -i "s|;*memory_limit =.*|memory_limit = ${PHP_MEMORY_LIMIT}|i" /etc/php7/php.ini && \
sed -i "s|;*upload_max_filesize =.*|upload_max_filesize = ${MAX_UPLOAD}|i" /etc/php7/php.ini && \
sed -i "s|;*max_file_uploads =.*|max_file_uploads = ${PHP_MAX_FILE_UPLOAD}|i" /etc/php7/php.ini && \
sed -i "s|;*post_max_size =.*|post_max_size = ${PHP_MAX_POST}|i" /etc/php7/php.ini && \
# clean up and permissions
rm -rf /var/cache/apk/* && \
ln -s /usr/bin/python3 /usr/bin/python && \
chown nobody:nginx -R /var/www
# Add nginx config
ADD src/filebin.nginx.conf /etc/nginx/nginx.conf
EXPOSE 80
# add templates for replace env variables in the application
ADD src/config/database.php.tpl /var/www/application/config/database.php.tpl
ADD src/config/config-local.php.tpl /var/www/application/config/config-local.php.tpl
ADD src/configure.php /configure.php
ADD src/crontab /etc/periodic/15min/crontab
# add overlay
ADD src/s6/ /etc/s6/
# expose start
CMD php /configure.php && exec s6-svscan /etc/s6/

125
README.md Normal file
View file

@ -0,0 +1,125 @@
# FileBin 🐋
A docker image for [FileBin](https://github.com/Bluewind/filebin) to have it up and running in seconds.
Visit project on [GitHub](https://github.com/v4rakh/docker-filebin).
## Getting started
Recommended way is to use the example `docker-compose.yml` file and make yourself familiar with the environment variables which can be set. Defaults should do as a starting point.
Default database is PostgreSQL. Other databases are supported and can be configured via exposed environment variables. Please refer to the original documentation of the application for further details. PHP modules for MySQL are included in the image.
## Configuration
After your database and the application docker container is up and running, add a first user by executing a command within the docker container:
```
docker exec -it filebin_app /bin/sh
php /var/www/index.php user add_user
```
### Persisting volumes
You'll probably want the `uploads/` folder to be persistent across container restarts.
Here's an example on how to persist the `data/uploads/` folder of the application.
* Create folder: `mkdir -p ./filebin_data`
* Afterwards, adjust permissions so that the folder can be used within the docker container: `chown -R 65534:102 <host-mount>` (`nobody:nginx`)
* Reference the folder as a docker volume, e.g. with `./filebin_data:/var/www/data/uploads`
### Cron jobs
Application specific cron jobs are run every 15 minutes.
### Advanced configuration: customize non-exposed configuration variables
If you need to make frequent changes or adapt configuration values which
are not exposed as environment variables, you probably want have the `config-local.php` and `database.php` or the entire `config/` folder on the hosts file system.
In order to do so, first _extract_ the current configuration, e.g. by extracting only the required `.php` files or by extracting the entire `config/` folder. In this example we'll just use entire folder.
```
docker cp filebin_app:/var/www/application/config/ ./filebin_config
chown -R 65534:102 ./filebin_config
```
Add the `./filebin_config` folder as a host bind to the application docker container, e.g. with `./filebin_config:/var/www/application/config/`
### Available environment variables
Please have a look into `Dockerfile` for available environment variables, they're all exposed there.
All variables to FileBin itself should be self-explaining. You should also be familiar with the `php.ini` variables. They're only inserted on build, if you like to increase the file limit above the used php variable values of this image, you'll need to rebuild the docker image.
There are two environment variables introduced by this image:
* `RECONFIGURE`: If all defined environment should be re-applied to the provided `.tpl` files within the image. You probably want this to be `1` unless you mounted your `config/` folder on the host
* `MIGRATE`: Calls FileBin database migration every time the container is started and updates dependencies via `composer`
### Setting up a nginx proxy
Be sure to set the environment variable `BASE_URL` to the same where you expose it, e.g. `BASE_URL=https://fb.domain.tld`.
An example nginx configuration might look like the following.
```
upstream filebin {
server 127.0.0.1:181;
}
server {
listen 80;
server_name fb.domain.tld;
return 301 https://fb.domain.tld$request_uri;
}
server {
listen 443 ssl;
server_name fb.domain.tld;
ssl_certificate /etc/letsencrypt/live/fb.domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/fb.domain.tld/privkey.pem;
gzip on;
access_log off;
location / {
proxy_redirect off;
proxy_pass http://filebin;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
client_max_body_size 100m;
client_body_buffer_size 128k;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
```
## Updates
Just use a newly released image version. Configuration should be compatible.
## Backup
Backup the host binds for `uploads/` and the database manually.
If you're using the provided `docker-compose.yml` file you probably can do something like the following and afterwards backup the extracted file from `/tmp` of your host system:
```
docker exec filebin_db bash -c "/usr/bin/pg_dumpall -U fb|gzip -c > /filebin_db.sql.gz";
docker cp filebin_db/:/var:/filebin_db.sql.gz /tmp/;
docker exec filebin_db bash -c "rm /filebin_db.sql.gz";
```

46
docker-compose.yml Normal file
View file

@ -0,0 +1,46 @@
version: "3"
networks:
fb:
external: false
services:
db:
image: postgres:11
container_name: filebin_db
environment:
- POSTGRES_PASSWORD=fb
- POSTGRES_USER=fb
- POSTGRES_DB=fb
volumes:
- ./filebin_db/:/var/lib/postgresql/data # persist postgres data on the host
restart: always
networks:
- fb
app:
image: varakh/filebin:latest
container_name: filebin_app
ports:
- 181:80
environment:
- BASE_URL=http://localhost:181/ # with trailing slash
- DB_HOST=db
- DB_PORT=5432
- DB_NAME=fb
- DB_USER=fb
- DB_PASS=fb
- ENCRYPTION_KEY=dHmFLZuoVRGZSadcRJZLfxIIYkSKNKnn # 32 character long sequence
volumes:
- "./filebin_data:/var/www/data/uploads" # persist filebin data on the host
stdin_open: true
tty: true
restart: always
networks:
- fb
command: sh -c 'sh /wait-for.sh $$DB_HOST:$$DB_PORT -- php /configure.php && exec s6-svscan /etc/s6/'
healthcheck:
test: "nc -z localhost 80"
interval: 1s
timeout: 20s
retries: 20

43
src/config/config-local.php.tpl Normal file
View file

@ -0,0 +1,43 @@
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/*
* Use this file to override any settings from config.php
*
* For descriptions of the options please refer to config.php.
*/
$config['base_url'] = %%%BASE_URL%%%; // URL to the application
$config['encryption_key'] = %%%ENCRYPTION_KEY%%%; // set this to a 32char random string
$config['cache_backend'] = %%%CACHE_BACKEND%%%;
$config['index_page'] = %%%INDEX_PAGE%%%;
$config['upload_path'] = FCPATH.'data/uploads';
// This address will be used as the sender for emails (like password recovery mails).
$config['email_from'] = %%%EMAIL_FROM%%%;
// Make sure to adjust PHP's limits (post_max_size, upload_max_filesize) if necessary
$config['upload_max_size'] = intval(%%%UPLOAD_MAX_SIZE%%%);
// Files smaller than this will be highlit, larger ones will simply be downloaded
// even if requested to be highlit.
$config['upload_max_text_size'] = intval(%%%UPLOAD_MAX_TEXT_SIZE%%%);
// Files older than this will be deleted by the cron job or when accessed.
// 0 disables deletion.
$config['upload_max_age'] = intval(%%%UPLOAD_MAX_AGE%%%);
// Action keys (invitions, password resets) will be deleted after this time by
// the cron job.
$config['actions_max_age'] = intval(%%%ACTIONS_MAX_AGE%%%);
// Files smaller than this won't be deleted (even if they are old enough)
$config['small_upload_size'] = intval(%%%SMALL_UPLOAD_SIZE%%%);
// Maximum size for multipaste tarballs. 0 disables the feature
$config['tarball_max_size'] = intval(%%%TARBALL_MAX_SIZE%%%);
// Multipaste tarballs older than this will be deleted by the cron job
// Changing this is not recommended
$config['tarball_cache_time'] = intval(%%%TARBALL_CACHE_TIME%%%);
// The maximum number of active invitation keys per account.
$config['max_invitation_keys'] = intval(%%%MAX_INVITATION_KEYS%%%);

97
src/config/database.php.tpl Normal file
View file

@ -0,0 +1,97 @@
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/*
| -------------------------------------------------------------------
| DATABASE CONNECTIVITY SETTINGS
| -------------------------------------------------------------------
| This file will contain the settings needed to access your database.
|
| For complete instructions please consult the 'Database Connection'
| page of the User Guide.
|
| -------------------------------------------------------------------
| EXPLANATION OF VARIABLES
| -------------------------------------------------------------------
|
| ['dsn'] The full DSN string describe a connection to the database.
| ['hostname'] The hostname of your database server.
| ['username'] The username used to connect to the database
| ['password'] The password used to connect to the database
| ['database'] The name of the database you want to connect to
| ['dbdriver'] The database driver. e.g.: mysqli.
| Currently supported:
| cubrid, ibase, mssql, mysql, mysqli, oci8,
| odbc, pdo, postgre, sqlite, sqlite3, sqlsrv
| ['dbprefix'] You can add an optional prefix, which will be added
| to the table name when using the Query Builder class
| ['pconnect'] TRUE/FALSE - Whether to use a persistent connection
| ['db_debug'] TRUE/FALSE - Whether database errors should be displayed.
| ['char_set'] The character set used in communicating with the database
| ['dbcollat'] The character collation used in communicating with the database
| NOTE: For MySQL and MySQLi databases, this setting is only used
| as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7
| (and in table creation queries made with DB Forge).
| There is an incompatibility in PHP with mysql_real_escape_string() which
| can make your site vulnerable to SQL injection if you are using a
| multi-byte character set and are running versions lower than these.
| Sites using Latin-1 or UTF-8 database character set and collation are unaffected.
| ['swap_pre'] A default table prefix that should be swapped with the dbprefix
| ['encrypt'] Whether or not to use an encrypted connection.
|
| 'mysql' (deprecated), 'sqlsrv' and 'pdo/sqlsrv' drivers accept TRUE/FALSE
| 'mysqli' and 'pdo/mysql' drivers accept an array with the following options:
|
| 'ssl_key' - Path to the private key file
| 'ssl_cert' - Path to the public key certificate file
| 'ssl_ca' - Path to the certificate authority file
| 'ssl_capath' - Path to a directory containing trusted CA certificates in PEM format
| 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':%%%
| 'ssl_verify' - TRUE/FALSE; Whether verify the server certificate or not
|
| ['compress'] Whether or not to use client compression (MySQL only)
| ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections
| - good for ensuring strict SQL while developing
| ['ssl_options'] Used to set various SSL options that can be used when making SSL connections.
| ['failover'] array - A array with 0 or more data for connections if the main should fail.
| ['save_queries'] TRUE/FALSE - Whether to "save" all executed queries.
| NOTE: Disabling this will also effectively disable both
| $this->db->last_query() and profiling of DB queries.
| When you run a query, with this setting set to TRUE (default),
| CodeIgniter will store the SQL statement for debugging purposes.
| However, this may cause high memory usage, especially if you run
| a lot of SQL queries ... disable this to avoid that problem.
|
| The $active_group variable lets you choose which connection group to
| make active. By default there is only one group (the 'default' group).
|
| The $query_builder variables lets you determine whether or not to load
| the query builder class.
*/
$active_group = 'default';
$query_builder = TRUE;
$db['default'] = array(
'dsn' => %%%DB_DSN%%%,
'hostname' => %%%DB_HOST%%%,
'port' => intval(%%%DB_PORT%%%),
'username' => %%%DB_USER%%%,
'password' => %%%DB_PASS%%%,
'database' => %%%DB_NAME%%%,
'dbdriver' => %%%DB_DRIVER%%%,
'dbprefix' => %%%DB_PREFIX%%%,
'pconnect' => boolval(%%%DB_PCONNECT%%%),
'db_debug' => boolval(%%%DB_DEBUG%%%),
'char_set' => %%%DB_CHAR_SET%%%,
'dbcollat' => %%%DB_COLLAT%%%,
'swap_pre' => %%%DB_SWAP_PRE%%%,
'encrypt' => boolval(%%%DB_ENCRYPT%%%),
'compress' => boolval(%%%DB_COMPRESS%%%),
'stricton' => boolval(%%%DB_STRICTON%%%),
'failover' => array(),
'save_queries' => boolval(%%%DB_SAVE_QUERIES%%%)
);
if (getenv("ENVIRONMENT") === "testsuite") {
$db['default']['database'] = "filebin_testsuite";
$db['default']['dbprefix'] = "testsuite_prefix_";
}

84
src/configure.php Normal file
View file

@ -0,0 +1,84 @@
#!/usr/bin/env php
<?php
if (getenv('RECONFIGURE') === "true") {
echo "Reconfiguring container..." . PHP_EOL;
$confPath = '/var/www/application/config/config-local.php.tpl';
$confTargetPath = '/var/www/application/config/config-local.php';
$confVars = [
'BASE_URL',
'ENCRYPTION_KEY',
'CACHE_BACKEND',
'INDEX_PAGE',
'EMAIL_FROM',
'UPLOAD_MAX_SIZE',
'UPLOAD_MAX_TEXT_SIZE',
'UPLOAD_MAX_AGE',
'ACTIONS_MAX_AGE',
'SMALL_UPLOAD_SIZE',
'TARBALL_MAX_SIZE',
'TARBALL_CACHE_TIME',
'MAX_INVITATION_KEYS'
];
contentsReplace($confVars, $confPath, $confTargetPath);
$dbPath = '/var/www/application/config/database.php.tpl';
$dbTargetPath = '/var/www/application/config/database.php';
$dbVars = [
'DB_DSN',
'DB_HOST',
'DB_PORT',
'DB_DRIVER',
'DB_NAME',
'DB_USER',
'DB_PASS',
'DB_PREFIX',
'DB_PCONNECT',
'DB_DEBUG',
'DB_CHAR_SET',
'DB_COLLAT',
'DB_SWAP_PRE',
'DB_ENCRYPT',
'DB_COMPRESS',
'DB_STRICTON',
'DB_SAVE_QUERIES'
];
contentsReplace($dbVars, $dbPath, $dbTargetPath);
} else {
echo "Will not reconfigure container..." . PHP_EOL;
}
if (getenv('MIGRATE') === "true") {
echo "Migrating..." . PHP_EOL;
exec("php /var/www/index.php tools update_database");
exec("composer --working-dir=/var/www install --no-dev --no-plugins --no-scripts");
exec("chown -R nobody:nginx /var/www");
} else {
echo "Will not migrate..." . PHP_EOL;
}
function contentsReplace($envNames = array(), $filePath, $targetFilePath)
{
$fileContent = file_get_contents($filePath);
foreach ($envNames as $env) {
$fileContent = preg_replace("/%%%" . strtoupper($env) . "%%%/", env($env), $fileContent);
}
file_put_contents($targetFilePath, $fileContent);
}
function env($name, $default = null)
{
$v = getenv($name) ?: $default;
if ($v === null) {
return "''";
}
return "'" . $v . "'";
}

4
src/crontab Executable file
View file

@ -0,0 +1,4 @@
#!/bin/sh
/usr/bin/php /var/www/index.php file cron
/usr/bin/php /var/www/index.php user cron

41
src/filebin.nginx.conf Normal file
View file

@ -0,0 +1,41 @@
daemon off;
pid /run/nginx.pid;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip off;
client_max_body_size 0;
server {
listen 80;
root /var/www;
index index.php index.html;
rewrite_log on;
location / {
try_files $uri $uri/ @ee;
}
location @ee {
rewrite ^(.*) /index.php?$1 last;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
}
}

3
src/s6/nginx/run Executable file
View file

@ -0,0 +1,3 @@
#!/bin/sh
exec /usr/sbin/nginx

3
src/s6/php-fpm/run Executable file
View file

@ -0,0 +1,3 @@
#!/bin/sh
exec /usr/sbin/php-fpm7 --nodaemonize

79
src/wait-for.sh Normal file
View file

@ -0,0 +1,79 @@
#!/bin/sh
TIMEOUT=15
QUIET=0
echoerr() {
if [ "$QUIET" -ne 1 ]; then printf "%s\n" "$*" 1>&2; fi
}
usage() {
exitcode="$1"
cat << USAGE >&2
Usage:
$cmdname host:port [-t timeout] [-- command args]
-q | --quiet Do not output any status messages
-t TIMEOUT | --timeout=timeout Timeout in seconds, zero for no timeout
-- COMMAND ARGS Execute command with args after the test finishes
USAGE
exit "$exitcode"
}
wait_for() {
for i in `seq $TIMEOUT` ; do
nc -z "$HOST" "$PORT" > /dev/null 2>&1
result=$?
if [ $result -eq 0 ] ; then
if [ $# -gt 0 ] ; then
exec "$@"
fi
exit 0
fi
sleep 1
done
echo "Operation timed out" >&2
exit 1
}
while [ $# -gt 0 ]
do
case "$1" in
*:* )
HOST=$(printf "%s\n" "$1"| cut -d : -f 1)
PORT=$(printf "%s\n" "$1"| cut -d : -f 2)
shift 1
;;
-q | --quiet)
QUIET=1
shift 1
;;
-t)
TIMEOUT="$2"
if [ "$TIMEOUT" = "" ]; then break; fi
shift 2
;;
--timeout=*)
TIMEOUT="${1#*=}"
shift 1
;;
--)
shift
break
;;
--help)
usage 0
;;
*)
echoerr "Unknown argument: $1"
usage 1
;;
esac
done
if [ "$HOST" = "" -o "$PORT" = "" ]; then
echoerr "Error: you need to provide a host and port to test."
usage 2
fi
wait_for "$@"