1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-15 03:17:38 +01:00

docker: extract the vichan directory and make it optionally exposable

This commit is contained in:
Zankaria 2024-03-31 23:17:38 +02:00
parent b1b28dcb90
commit 7aca69125f
6 changed files with 117 additions and 43 deletions

View File

@ -1,31 +0,0 @@
#!/bin/sh
set -eu
install -m 544 -o www-data -g www-data -d /var/www
ln -s \
/code/banners/ \
/code/static/ \
/code/stylesheets/ \
/code/tools/ \
/code/walls/ \
/code/*.php \
/code/404.html \
/code/LICENSE.* \
/code/robots.txt \
/code/install.sql \
/var/www/
install -m 540 -o www-data -g www-data -d /var/tmp/leftypol
install -m 540 -o www-data -g www-data -d /var/tmp/leftypol/cache
ln -s /var/tmp/leftypol /var/www/tmp
install -m 544 -o www-data -g www-data -d /var/www/js
ln -s /code/js/* /var/www/js/
install -m 544 -o www-data -g www-data -d /var/www/templates
install -m 544 -o www-data -g www-data -d /var/www/templates/cache
ln -s /code/templates/* /var/www/templates/
install -m 544 -o www-data -g www-data -d /var/www/inc
ln -s /code/inc/* /var/www/inc/

4
docker/doc.md Normal file
View File

@ -0,0 +1,4 @@
The `php-fpm` process runs containerized.
The php application always uses `/var/www` as it's work directory and home folder, and if `/var/www` is bind mounted it
is necessary to adjust the path passed via FastCGI to `php-fpm` by changing the root directory to `/var/www`.
This can achieved in nginx by setting the `fastcgi_param SCRIPT_FILENAME` to `/var/www/$fastcgi_script_name;`

View File

@ -2,9 +2,7 @@ FROM nginx:1.25.3-alpine
COPY . /code
RUN adduser --system www-data \
&& adduser www-data www-data \
&& /code/docker/common-setup.sh
&& adduser www-data www-data
CMD [ "nginx", "-g", "daemon off;" ]
EXPOSE 80

View File

@ -6,7 +6,7 @@ server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name leftypol;
root /var/www;
root /var/www/html;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
@ -15,9 +15,24 @@ server {
charset utf-8;
location ~ ^([^.\?]*[^\/])$ {
try_files $uri @addslash;
try_files $uri @addslash;
}
# Expire rules for static content
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
log_not_found off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
log_not_found off;
add_header Cache-Control "public";
}
# Expire rules for static content
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
@ -39,7 +54,7 @@ server {
}
location @addslash {
return 301 $uri/;
return 301 $uri/;
}
location / {

View File

@ -33,15 +33,29 @@ RUN apt-get update && apt-get upgrade -y && apt-get install -y \
&& pecl install imagick \
&& pecl install -o -f igbinary \
&& docker-php-ext-install gd zip opcache intl pdo pdo_mysql mysqli bcmath gettext iconv mbstring curl \
&& docker-php-ext-enable igbinary redis imagick
&& docker-php-ext-enable igbinary redis imagick \
&& rm -rf /var/cache/* \
&& rmdir /var/www/html \
&& install -d -m 744 -o www-data -g www-data /var/www \
&& install -d -m 700 -o www-data -g www-data /var/tmp/leftypol \
&& install -d -m 700 -o www-data -g www-data /var/cache/gen-cache \
&& install -d -m 700 -o www-data -g www-data /var/cache/template-cache
COPY --from=composer /usr/bin/composer /usr/bin/composer
COPY --from=composer /usr/bin/composer /usr/local/bin/composer
# Copy the bootstrap script.
COPY ./docker/php/bootstrap.sh /usr/local/bin/bootstrap.sh
# Copy the actual project (use .dockerignore to exclude stuff).
COPY . /code
RUN /code/docker/common-setup.sh \
&& ln -s /code/composer.json /code/composer.lock /var/www/ \
&& cd /var/www && composer install
# Make the instance configuration owned by www-data.
# Make it writable by php.
# Install the compose depedencies.
RUN chown www-data /code/inc/instance-config.php && chgrp www-data /code/inc/instance-config.php \
&& chmod 660 /code/inc/instance-config.php \
&& cd /code && composer install
WORKDIR "/var/www"
CMD [ "php-fpm" ]
CMD [ "bootstrap.sh" ]
EXPOSE 9000

74
docker/php/bootstrap.sh Executable file
View File

@ -0,0 +1,74 @@
#!/bin/sh
set -eu
if ! mountpoint -q /var/www; then
echo "WARNING: '/var/www' is not a mountpoint. All the data will remain inside the container!"
fi
if [ ! -w /var/www ] ; then
echo "ERROR: '/var/www' is not writable. Closing."
exit 1
fi
# Link the entrypoints from the exposed directory.
ln -nfs \
/code/banners/ \
/code/static/ \
/code/stylesheets/ \
/code/tools/ \
/code/walls/ \
/code/*.php \
/code/LICENSE.* \
/code/404.html \
/code/install.sql \
/var/www/
# Ensure correct permissions are set, since this might be bind mount.
chown www-data /var/www
chgrp www-data /var/www
# Initialize robots.txt with the default if it doesn't exist.
cp -n /code/robots.txt /var/www
# Link the cache and tmp files directory.
ln -nfs /var/tmp/leftypol /var/www/tmp
# Link the javascript directory.
ln -nfs /code/js /var/www/
# Link the html templates directory and it's cache.
ln -nfs /code/templates /var/www/
ln -nfs -T /var/cache/template-cache /var/www/templates/cache
chown -h www-data /var/www/templates/cache
chgrp -h www-data /var/www/templates/cache
# Link the generic cache.
ln -nfs -T /var/cache/gen-cache /var/www/tmp/cache
chown -h www-data /var/www/tmp/cache
chgrp -h www-data /var/www/tmp/cache
# Create the included files directory and link them
install -d -m 700 -o www-data -g www-data /var/www/inc
for file in /code/inc/*; do
file="${file##*/}"
if [ ! -e /var/www/inc/$file ]; then
ln -s /code/inc/$file /var/www/inc/
fi
done
# Copy an empty instance configuration if the file is a link (it was linked because it did not exist before).
if [ -L '/var/www/inc/instance-config.php' ]; then
echo 'INFO: Resetting instance configuration'
rm /var/www/inc/instance-config.php
cp /code/inc/instance-config.php /var/www/inc/instance-config.php
chown www-data /var/www/inc/instance-config.php
chgrp www-data /var/www/inc/instance-config.php
chmod 600 /var/www/inc/instance-config.php
else
echo 'INFO: Using existing instance configuration'
fi
# Link the composer dependencies.
ln -nfs /code/vendor /var/www/
# Start the php-fpm server.
exec php-fpm