Add new docker image based on latest alpine

2021-02-08 09:55:35 +01:00 · 2021-02-08 09:55:35 +01:00 · 0df0cadede
commit 0df0cadede
parent b3f201e87d
9 changed files with 2149 additions and 146 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,7 +1,7 @@
 bin/*
 !bin/.gitkeep
 config/env
-composer.lock
+composer.phar
 cache/*
 !cache/.gitkeep
 public/images/*
--- a/76
+++ b/76
@ -0,0 +1,76 @@
 FROM alpine:3
 LABEL maintainer="Varakh<varakh@varakh.de>"
 # setup folder structure
 RUN mkdir -p /var/www/data/snapshots && \
    mkdir -p /var/www/log && \
    touch /var/www/log/application.log && \
    mkdir -p /var/www/config
 # add upstream application
 ADD src /var/www/src
 ADD public /var/www/public
 ADD composer.json /var/www/composer.json
 ADD composer.lock /var/www/composer.lock
 ADD data /var/www/data
 ADD config /var/www/config
 RUN mv /var/www/config/env.example /var/www/config/env
 # php.ini
 ENV PHP_MEMORY_LIMIT    512M
 ENV MAX_UPLOAD          1024M
 ENV PHP_MAX_FILE_UPLOAD 200
 ENV PHP_MAX_POST        1024M
 # install dependencies
 RUN apk add --update --no-cache \
        nginx \
        s6 \
        curl \
        git \
        composer \
        php7 \
        php7-fpm \
        php7-cli \
        php7-intl \
        php7-curl \
        php7-json \
        php7-dom \
        php7-simplexml \
        php7-pcntl \
        php7-posix \
        php7-mcrypt \
        php7-session \
        php7-gd \
        php7-phar \
        php7-fileinfo \
        php7-mbstring \
        php7-ctype \
        php7-ldap \
        php7-pecl-memcached \
        memcached \
        ca-certificates && \
    rm -rf /var/cache/apk/* && \
    apk add gnu-libiconv --update-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ --allow-untrusted && \
    # set environments
    sed -i "s|;*memory_limit =.*|memory_limit = ${PHP_MEMORY_LIMIT}|i" /etc/php7/php.ini && \
    sed -i "s|;*upload_max_filesize =.*|upload_max_filesize = ${MAX_UPLOAD}|i" /etc/php7/php.ini && \
    sed -i "s|;*max_file_uploads =.*|max_file_uploads = ${PHP_MAX_FILE_UPLOAD}|i" /etc/php7/php.ini && \
    sed -i "s|;*post_max_size =.*|post_max_size = ${PHP_MAX_POST}|i" /etc/php7/php.ini && \
    # prepare application
    cd /var/www && composer install && \
    # clean up and permissions
    rm -rf /var/cache/apk/* && \
    chown nobody:nginx -R /var/www
 # Add nginx config
 ADD docker/nginx.conf /etc/nginx/nginx.conf
 EXPOSE 80
 # add overlay
 ADD docker/s6 /etc/s6/
 # expose start
 CMD exec s6-svscan /etc/s6/
--- a/README.md
+++ b/README.md
@ -27,8 +27,8 @@ and include it in your TeamSpeak application.
 <a name="dockerperms"></a>
 ###### I always get `no write permissions` or something similar when trying to save snapshots or when a log entry is created.
 This probably happens when you're in the docker setup. Ensure that host binds have permissions set up properly.
-The user which is used in the docker container is `www-data` with id `82`. If, e.g. logs are host bound, then execute 
+The user which is used in the docker container is `nobody` with id `82`. If, e.g. logs are host bound, then execute 
-`chown -R 82:82 host/path/to/log`. The same holds true for snapshots.
+`chown -R 65534:65534 host/path/to/log`. The same holds true for snapshots.
 ## Configuration
@ -106,7 +106,7 @@ services:
    network_mode: "host"
  web:
    container_name: teamspeak_web
-    image: teamspeak_web:latest
+    image: varakh/ts3web:latest
    volumes:
      - ./env:/var/www/html/application/config/env
      - ./snapshots:/var/www/html/application/data/snapshots
@ -262,7 +262,7 @@ If you're willing to contribute, here's some information.
    * if necessary, add GitHub access token to let composer pull dependencies within the image correctly: 
    add `&& composer config --global --auth github-oauth.github.com <token> \` before the `composer install` command, 
    where `<token>` can be retrieved from [GitHub settings](https://github.com/settings/tokens)
-    * execute `docker build -t varakh/ts3web:latest -t varakh/ts3web:<releaseTag> -f docker/Dockerfile .` to build
+    * execute `sudo docker build --no-cache -t varakh/ts3web:latest .` to build
    * publish it
 * Tag the release git commit and create a new release in the VCS web interface
--- a/composer.lock
+++ b/composer.lock
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -1,26 +0,0 @@
 FROM phpearth/php:7.4-nginx
 # install deps
 RUN apk add --no-cache git \
    && apk add --no-cache composer
 # adjust nginx
 COPY docker/default.conf /etc/nginx/conf.d/default.conf
 COPY docker/nginx.conf /etc/nginx/nginx.conf
 RUN sed -i "s|upload_max_filesize = 2M|upload_max_filesize = 1024M|g" /etc/php/7.4/php.ini \
    && sed -i "s|post_max_size = 8M|post_max_size = 1024M|g" /etc/php/7.4/php.ini \
    && sed -i "s|max_execution_time = 30|max_execution_time = 86400|g" /etc/php/7.4/php.ini
 # copy application and set permissions
 COPY config/ /var/www/html/application/config/
 COPY data/ /var/www/html/application/data/
 COPY public/ /var/www/html/application/public/
 COPY src/ /var/www/html/application/src/
 COPY composer.json /var/www/html/application/composer.json
 RUN mkdir -p /var/www/html/application/bin/ \
    && mkdir -p /var/www/html/application/cache/ \
    && chown -R www-data:www-data /var/www/html/application
 # initialize app
 RUN cd /var/www/html/application/ \
    && composer install
--- a/docker/default.conf
+++ b/docker/default.conf
@ -1,30 +0,0 @@
 # copied to /etc/nginx/conf.d/default.conf
 server {
    listen 80 default_server;
    root /var/www/html/application/public;
    index index.html index.htm index.php;
    server_name _;
    charset utf-8;
    location = /favicon.ico { log_not_found off; access_log off; }
    location = /robots.txt  { log_not_found off; access_log off; }
    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
    location ~ \.php$ {
        fastcgi_pass unix:/run/php/php-fpm.sock;
        include fastcgi.conf;
    }
    error_page 404 /index.php;
    location ~ /\.ht {
        deny all;
    }
 }
--- a/docker/nginx.conf
+++ b/docker/nginx.conf
@ -1,96 +1,41 @@
-# /etc/nginx/nginx.conf
+daemon           off;
-
+pid              /run/nginx.pid;
-user nginx;
+worker_processes 1;
 # Set number of worker processes automatically based on number of CPU cores.
 worker_processes auto;
 # Enables the use of JIT for regular expressions to speed-up their processing.
 pcre_jit on;
 # Configures default error logger.
 error_log /var/log/nginx/error.log warn;
 # Includes files with directives to load dynamic modules.
 include /etc/nginx/modules/*.conf;
 events {
-	# The maximum number of simultaneous connections that can be opened by
+    worker_connections 1024;
 	# a worker process.
 	worker_connections 1024;
 }
 http {
-	# Includes mapping of file name extensions to MIME types of responses
+    include      mime.types;
-	# and defines the default type.
+    default_type application/octet-stream;
 	include /etc/nginx/mime.types;
 	default_type application/octet-stream;
-	# Name servers used to resolve names of upstream servers into addresses.
+    sendfile          on;
-	# It's also needed when using tcpsocket and udpsocket in Lua modules.
+    keepalive_timeout 65;
-	#resolver 208.67.222.222 208.67.220.220;
+    gzip              off;
    client_max_body_size 0;
-	# Don't tell nginx version to clients.
+    server {
-	server_tokens off;
+        listen 80;
        root /var/www/public;
        index index.php index.html;
-	# Specifies the maximum accepted body size of a client request, as
+        rewrite_log on;
 	# indicated by the request header Content-Length. If the stated content
 	# length is greater than this size, then the client receives the HTTP
 	# error code 413. Set to 0 to disable.
 	client_max_body_size 1024m;
-	# Timeout for keep-alive connections. Server will close connections after
+        location / {
-	# this time.
+            try_files $uri $uri/ @ee;
-	keepalive_timeout 65;
+        }
-	# Sendfile copies data between one FD and other from within the kernel,
+        location @ee {
-	# which is more efficient than read() + write().
+            rewrite ^(.*) /index.php?$1 last;
-	sendfile on;
+        }
-	# Don't buffer data-sends (disable Nagle algorithm).
+        location ~ \.php$ {
-	# Good for sending frequent small bursts of data in real time.
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
-	tcp_nodelay on;
+            fastcgi_pass 127.0.0.1:9000;
-
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-	# Causes nginx to attempt to send its HTTP response head in one packet,
+            fastcgi_index index.php;
-	# instead of using partial frames.
+            include fastcgi_params;
-	#tcp_nopush on;
+        }
-
+    }
-
+}
 	# Path of the file with Diffie-Hellman parameters for EDH ciphers.
 	#ssl_dhparam /etc/ssl/nginx/dh2048.pem;
 	# Specifies that our cipher suits should be preferred over client ciphers.
 	ssl_prefer_server_ciphers on;
 	# Enables a shared SSL cache with size that can hold around 8000 sessions.
 	ssl_session_cache shared:SSL:2m;
 	# Enable gzipping of responses.
 	gzip on;
 	# Set the Vary HTTP header as defined in the RFC 2616.
 	gzip_vary on;
 	# Enable checking the existence of precompressed files.
 	#gzip_static on;
 	# Specifies the main log format.
 	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
 			'$status $body_bytes_sent "$http_referer" '
 			'"$http_user_agent" "$http_x_forwarded_for"';
 	# Sets the path, format, and configuration for a buffered log write.
 	access_log /var/log/nginx/access.log main;
    proxy_buffering on;
    proxy_buffer_size 128k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 256k;
    fastcgi_buffers 8 16k;
    fastcgi_buffer_size 32k;
 	# Includes virtual hosts configs.
 	include /etc/nginx/conf.d/*.conf;
 }
--- a/docker/s6/nginx/run
+++ b/docker/s6/nginx/run
@ -0,0 +1,3 @@
 #!/bin/sh
 exec /usr/sbin/nginx
--- a/docker/s6/php-fpm/run
+++ b/docker/s6/php-fpm/run
@ -0,0 +1,3 @@
 #!/bin/sh
 exec /usr/sbin/php-fpm7 --nodaemonize
		`@ -0,0 +1,3 @@`
							`#!/bin/sh`

							`exec /usr/sbin/php-fpm7 --nodaemonize`