From decdd2f1de56e33ab695465011d35e8b98675058 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Thu, 13 Aug 2020 17:10:19 -0600 Subject: [PATCH 01/11] Fix docker-compose, improve functionality for dev, resolve container race condition --- Dockerfile | 33 ++++--- app/run.sh | 18 ++++ app/setEnv.sh | 83 ++++++++++++++++ app/wait-for-it.sh | 161 ++++++++++++++++++++++++++++++++ docker-compose.override.dev.yml | 15 +++ docker-compose.yml | 57 +++++------ 6 files changed, 326 insertions(+), 41 deletions(-) create mode 100755 app/run.sh create mode 100755 app/setEnv.sh create mode 100755 app/wait-for-it.sh create mode 100644 docker-compose.override.dev.yml diff --git a/Dockerfile b/Dockerfile index c19df4b..f7b2d29 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,19 +4,13 @@ MAINTAINER Shaark contributors WORKDIR /app COPY . /app -RUN apk add --no-cache --update openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev && \ +RUN apk add --update --no-cache gmp gmp-dev \ + && docker-php-ext-install gmp bcmath + +RUN apk add --no-cache --update bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev && \ + cp .env.example .env && \ curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql && \ - cp .env.example .env && \ - \ - sed -i s/DB_HOST=127.0.0.1/DB_HOST=mariadb/ .env && \ - sed -i s/REDIS_HOST=127.0.0.1/REDIS_HOST=redis/ .env && \ - sed -i s/APP_ENV=local/APP_ENV=production/ .env && \ - sed -i s/APP_DEBUG=true/APP_DEBUG=false/ .env && \ - sed -i s/CACHE_DRIVER=file/CACHE_DRIVER=redis/ .env && \ - sed -i s/QUEUE_CONNECTION=sync/QUEUE_CONNECTION=redis/ .env && \ - sed -i s/SESSION_DRIVER=file/SESSION_DRIVER=redis/ .env && \ - sed -i s/REDIS_HOST=127.0.0.1/REDIS_HOST=redis/ .env && \ \ composer install --no-dev -o && \ php artisan optimize && \ @@ -24,8 +18,19 @@ RUN apk add --no-cache --update openssl zip unzip oniguruma-dev zlib-dev libpng- \ php artisan key:generate && \ php artisan storage:link && \ - php artisan config:cache && \ - php artisan migrate --seed + php artisan config:cache + +ENV \ + DB_HOST="mariadb" \ + REDIS_HOST="redis" \ + APP_ENV="production" \ + APP_DEBUG="false" \ + APP_URL="http://localhost" \ + APP_MIGRATE_DB="true" \ + CACHE_DRIVER="redis" \ + QUEUE_CONNECTION="redis" \ + SESSION_DRIVER="redis" \ + REDIS_HOST="redis" -CMD php artisan serve --host=0.0.0.0 --port=80 +ENTRYPOINT ["./app/run.sh"] EXPOSE 80 diff --git a/app/run.sh b/app/run.sh new file mode 100755 index 0000000..2bc76a0 --- /dev/null +++ b/app/run.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +cd /app +if [ "${APP_MIGRATE_DB} = true" ] +then + if [ "${APP_ENV} = dev" ] + then + echo "Migrating database and creating default user admin@example.com:secret." && \ + php artisan migrate --seed --force + fi + echo "Migrating database with no data; user must be created manually." && \ + php artisan migrate --force +fi +if [ "${APP_MIGRATE_DB} = false" ] +then + echo "Database migration skipped." + echo "If this is the first time running this compose file, you should run \`SHAARK_MIGRATE_DB=true eval 'docker-compose up'\` first to perform initial database migration." +php artisan serve --host=0.0.0.0 --port=80 diff --git a/app/setEnv.sh b/app/setEnv.sh new file mode 100755 index 0000000..d3320d7 --- /dev/null +++ b/app/setEnv.sh @@ -0,0 +1,83 @@ +#!/bin/bash + +# docker-compose.*.yml files names and their position compared to this script. +# Here: in parent directory. +target_dir="${0%/*}/.." +override_link='docker-compose.override.yml' +override_file_dev='docker-compose.override.dev.yml' + + +# Get the current environment and tells what are the options +function show_current { + get_current + say_switch +} + + +# Get the current environment +# Output variable: current_env +function get_current { + if [ -L ${override_link} ] + then + # Check for Mac OSX + if [[ "$OSTYPE" == "darwin"* ]]; then + # readlink is not native to mac, so this will work in it's place. + symlink=$(python3 -c "import os; print(os.path.realpath('docker-compose.override.yml'))") + else + # Maintain the cleaner way + symlink=$(readlink -f docker-compose.override.yml) + fi + current_env=$(expr $(basename symlink) : "^docker-compose.override.\(.*\).yml$") + else + current_env=production + fi +} + +# Tell to which environments we can switch +function say_switch { + echo "Using '${current_env}' configuration." + for one_env in dev production + do + if [ "${current_env}" != ${one_env} ]; then + echo "-> You can switch to '${one_env}' with '${0} ${one_env}'" + fi + done +} + + +function set_production { + get_current + if [ "${current_env}" != production ] + then + # In production configuration there is no override file + rm ${override_link} + docker-compose down + echo "Now using 'production' configuration." + else + echo "Already using 'production' configuration." + fi +} + + +function set_dev { + get_current + if [ "${current_env}" != dev ] + then + rm -f ${override_link} + ln -s ${override_file_dev} ${override_link} + docker-compose down + echo "Now using 'dev' configuration." + else + echo "Already using 'dev' configuration." + fi +} + +# Change directory to allow working with relative paths. +cd ${target_dir} + +if [ ${#} -eq 1 ] && [[ 'dev production' =~ "${1}" ]] +then + set_"${1}" +else + show_current +fi diff --git a/app/wait-for-it.sh b/app/wait-for-it.sh new file mode 100755 index 0000000..875d2bc --- /dev/null +++ b/app/wait-for-it.sh @@ -0,0 +1,161 @@ +#!/usr/bin/env bash +# Use this script to test if a given TCP host/port are available + +cmdname=$(basename $0) + +echoerr() { if [[ $QUIET -ne 1 ]]; then echo "$@" 1>&2; fi } + +usage() +{ + cat << USAGE >&2 +Usage: + $cmdname host:port [-s] [-t timeout] [-- command args] + -h HOST | --host=HOST Host or IP under test + -p PORT | --port=PORT TCP port under test + Alternatively, you specify the host and port as host:port + -s | --strict Only execute subcommand if the test succeeds + -q | --quiet Don't output any status messages + -t TIMEOUT | --timeout=TIMEOUT + Timeout in seconds, zero for no timeout + -- COMMAND ARGS Execute command with args after the test finishes +USAGE + exit 1 +} + +wait_for() +{ + if [[ $TIMEOUT -gt 0 ]]; then + echoerr "$cmdname: waiting $TIMEOUT seconds for $HOST:$PORT" + else + echoerr "$cmdname: waiting for $HOST:$PORT without a timeout" + fi + start_ts=$(date +%s) + while : + do + (echo > /dev/tcp/$HOST/$PORT) >/dev/null 2>&1 + result=$? + if [[ $result -eq 0 ]]; then + end_ts=$(date +%s) + echoerr "$cmdname: $HOST:$PORT is available after $((end_ts - start_ts)) seconds" + break + fi + sleep 1 + done + return $result +} + +wait_for_wrapper() +{ + # In order to support SIGINT during timeout: http://unix.stackexchange.com/a/57692 + if [[ $QUIET -eq 1 ]]; then + timeout $TIMEOUT $0 --quiet --child --host=$HOST --port=$PORT --timeout=$TIMEOUT & + else + timeout $TIMEOUT $0 --child --host=$HOST --port=$PORT --timeout=$TIMEOUT & + fi + PID=$! + trap "kill -INT -$PID" INT + wait $PID + RESULT=$? + if [[ $RESULT -ne 0 ]]; then + echoerr "$cmdname: timeout occurred after waiting $TIMEOUT seconds for $HOST:$PORT" + fi + return $RESULT +} + +# process arguments +while [[ $# -gt 0 ]] +do + case "$1" in + *:* ) + hostport=(${1//:/ }) + HOST=${hostport[0]} + PORT=${hostport[1]} + shift 1 + ;; + --child) + CHILD=1 + shift 1 + ;; + -q | --quiet) + QUIET=1 + shift 1 + ;; + -s | --strict) + STRICT=1 + shift 1 + ;; + -h) + HOST="$2" + if [[ $HOST == "" ]]; then break; fi + shift 2 + ;; + --host=*) + HOST="${1#*=}" + shift 1 + ;; + -p) + PORT="$2" + if [[ $PORT == "" ]]; then break; fi + shift 2 + ;; + --port=*) + PORT="${1#*=}" + shift 1 + ;; + -t) + TIMEOUT="$2" + if [[ $TIMEOUT == "" ]]; then break; fi + shift 2 + ;; + --timeout=*) + TIMEOUT="${1#*=}" + shift 1 + ;; + --) + shift + CLI="$@" + break + ;; + --help) + usage + ;; + *) + echoerr "Unknown argument: $1" + usage + ;; + esac +done + +if [[ "$HOST" == "" || "$PORT" == "" ]]; then + echoerr "Error: you need to provide a host and port to test." + usage +fi + +TIMEOUT=${TIMEOUT:-60} +STRICT=${STRICT:-0} +CHILD=${CHILD:-0} +QUIET=${QUIET:-0} + +if [[ $CHILD -gt 0 ]]; then + wait_for + RESULT=$? + exit $RESULT +else + if [[ $TIMEOUT -gt 0 ]]; then + wait_for_wrapper + RESULT=$? + else + wait_for + RESULT=$? + fi +fi + +if [[ $CLI != "" ]]; then + if [[ $RESULT -ne 0 && $STRICT -eq 1 ]]; then + echoerr "$cmdname: strict mode, refusing to execute subprocess" + exit $RESULT + fi + exec $CLI +else + exit $RESULT +fi diff --git a/docker-compose.override.dev.yml b/docker-compose.override.dev.yml new file mode 100644 index 0000000..67fec57 --- /dev/null +++ b/docker-compose.override.dev.yml @@ -0,0 +1,15 @@ +version: '3.7' +services: + + shaark: + environment: + APP_ENV: "dev" + APP_DEBUG: "true" + APP_MIGRATE_DB: ${SHAARK_MIGRATE_DB:-true} + + mariadb: + ports: + - target: 3306 + published: 3306 + protocol: tcp + mode: host diff --git a/docker-compose.yml b/docker-compose.yml index cc490de..7795431 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,60 +1,63 @@ -version: '2.2' +version: '3.7' services: shaark: image: shaark build: . container_name: shaark restart: unless-stopped -# volumes: -# - "./env:/app/.env" -# ports: -# - "80:80/tcp" - networks: - - shaark - - nginx_net + ports: + - target: ${SHARK_PORT:-80} + published: ${SHARK_PORT:-80} + protocol: tcp + mode: host + depends_on: + - mariadb + - redis + entrypoint: ['./app/wait-for-it.sh', 'mariadb:3306', '-t', '30', '--', './app/run.sh'] + environment: + APP_MIGRATE_DB: ${SHAARK_MIGRATE_DB:-false} + APP_ENV: "production" + APP_DEBUG: ${SHAARK_DEBUG:-false} + APP_URL: ${SHAARK_URL:-http://localhost} + DB_ROOT_PASSWORD: ${SHAARK_MYSQL_ROOT_PASSWORD:-rootpassword9867ow3q459087w980} + DB_PASSWORD: ${SHAARK_DATABASE_PASSWORD:-secret} + DB_USER: ${SHAARK_DATABASE_USER:-homestead} + DB_DATABASE: ${SHAARK_DATABASE_NAME:-homestead} logging: driver: "json-file" options: max-size: "10m" max-file: "5" - - mariadb: + + mariadb: image: mariadb container_name: mariadb_shaark restart: unless-stopped volumes: - - /opt/shaark/mariadb:/var/lib/mysql - networks: - - shaark + - shaark_mariadb:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD: rootpassword9867ow3q459087w980 - MYSQL_PASSWORD: secret - MYSQL_USER: homestead - MYSQL_DATABASE: homestead + MYSQL_ROOT_PASSWORD: ${SHAARK_MYSQL_ROOT_PASSWORD:-rootpassword9867ow3q459087w980} + MYSQL_PASSWORD: ${SHAARK_DATABASE_PASSWORD:-secret} + MYSQL_USER: ${SHAARK_DATABASE_USER:-homestead} + MYSQL_DATABASE: ${SHAARK_DATABASE_NAME:-homestead} logging: driver: "json-file" options: max-size: "10m" max-file: "5" - redis: image: redis container_name: redis_shaark restart: unless-stopped volumes: - - /opt/shaark/redis:/data - networks: - - shaark + - shaark_redis:/data logging: driver: "json-file" options: max-size: "10m" max-file: "5" - -networks: - shaark: - name: shaark_net - nginx_net: - name: nginx_net +volumes: + shaark_redis: {} + shaark_mariadb: {} From 5cc0ea9dc0257c85f766cf0f93478740280dd839 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Thu, 13 Aug 2020 19:06:51 -0600 Subject: [PATCH 02/11] debugging container network issues --- Dockerfile | 6 ++++-- app/run.sh | 17 ++++++++--------- docker-compose.yml | 16 ++++++---------- 3 files changed, 18 insertions(+), 21 deletions(-) diff --git a/Dockerfile b/Dockerfile index f7b2d29..89d0e48 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,7 +30,9 @@ ENV \ CACHE_DRIVER="redis" \ QUEUE_CONNECTION="redis" \ SESSION_DRIVER="redis" \ - REDIS_HOST="redis" + REDIS_HOST="redis" \ + DB_USER=homestead \ + DB_PASSWORD=secret \ + DB_DATABASE=homestead -ENTRYPOINT ["./app/run.sh"] EXPOSE 80 diff --git a/app/run.sh b/app/run.sh index 2bc76a0..876cc19 100755 --- a/app/run.sh +++ b/app/run.sh @@ -1,18 +1,17 @@ #!/bin/bash cd /app -if [ "${APP_MIGRATE_DB} = true" ] -then - if [ "${APP_ENV} = dev" ] - then + +if [ "${APP_MIGRATE_DB} = 'true'" ]; then + if [ "${APP_ENV} = dev" ]; then echo "Migrating database and creating default user admin@example.com:secret." && \ php artisan migrate --seed --force + else + echo "Migrating database with no data; user must be created manually." && \ + php artisan migrate --force fi - echo "Migrating database with no data; user must be created manually." && \ - php artisan migrate --force -fi -if [ "${APP_MIGRATE_DB} = false" ] -then +else echo "Database migration skipped." echo "If this is the first time running this compose file, you should run \`SHAARK_MIGRATE_DB=true eval 'docker-compose up'\` first to perform initial database migration." +fi php artisan serve --host=0.0.0.0 --port=80 diff --git a/docker-compose.yml b/docker-compose.yml index 7795431..8fec3b4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,11 +3,10 @@ services: shaark: image: shaark build: . - container_name: shaark restart: unless-stopped ports: - - target: ${SHARK_PORT:-80} - published: ${SHARK_PORT:-80} + - target: ${SHAARK_PORT:-80} + published: ${SHAARK_PORT:-80} protocol: tcp mode: host depends_on: @@ -19,7 +18,6 @@ services: APP_ENV: "production" APP_DEBUG: ${SHAARK_DEBUG:-false} APP_URL: ${SHAARK_URL:-http://localhost} - DB_ROOT_PASSWORD: ${SHAARK_MYSQL_ROOT_PASSWORD:-rootpassword9867ow3q459087w980} DB_PASSWORD: ${SHAARK_DATABASE_PASSWORD:-secret} DB_USER: ${SHAARK_DATABASE_USER:-homestead} DB_DATABASE: ${SHAARK_DATABASE_NAME:-homestead} @@ -31,10 +29,9 @@ services: mariadb: image: mariadb - container_name: mariadb_shaark restart: unless-stopped volumes: - - shaark_mariadb:/var/lib/mysql + - mariadb:/var/lib/mysql environment: MYSQL_ROOT_PASSWORD: ${SHAARK_MYSQL_ROOT_PASSWORD:-rootpassword9867ow3q459087w980} MYSQL_PASSWORD: ${SHAARK_DATABASE_PASSWORD:-secret} @@ -48,10 +45,9 @@ services: redis: image: redis - container_name: redis_shaark restart: unless-stopped volumes: - - shaark_redis:/data + - redis:/data logging: driver: "json-file" options: @@ -59,5 +55,5 @@ services: max-file: "5" volumes: - shaark_redis: {} - shaark_mariadb: {} + redis: {} + mariadb: {} From f4a4a21a6df1f98c24888245dee61dc43aa367db Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Fri, 14 Aug 2020 01:18:14 -0600 Subject: [PATCH 03/11] Environment variables properly override .env file, mechanism to only seed once, migrate only on demand --- Dockerfile | 9 +++------ app/entrypoint-shaark.sh | 19 +++++++++++++++++++ app/run.sh | 17 ----------------- docker-compose.yml | 2 +- 4 files changed, 23 insertions(+), 24 deletions(-) create mode 100755 app/entrypoint-shaark.sh delete mode 100755 app/run.sh diff --git a/Dockerfile b/Dockerfile index 89d0e48..e10d9c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,8 +17,7 @@ RUN apk add --no-cache --update bash openssl zip unzip oniguruma-dev zlib-dev li php artisan view:clear && \ \ php artisan key:generate && \ - php artisan storage:link && \ - php artisan config:cache + php artisan storage:link ENV \ DB_HOST="mariadb" \ @@ -30,9 +29,7 @@ ENV \ CACHE_DRIVER="redis" \ QUEUE_CONNECTION="redis" \ SESSION_DRIVER="redis" \ - REDIS_HOST="redis" \ - DB_USER=homestead \ - DB_PASSWORD=secret \ - DB_DATABASE=homestead + REDIS_HOST="redis" +ENTRYPOINT [ "./app/entrypoint-shaark.sh" ] EXPOSE 80 diff --git a/app/entrypoint-shaark.sh b/app/entrypoint-shaark.sh new file mode 100755 index 0000000..70e106c --- /dev/null +++ b/app/entrypoint-shaark.sh @@ -0,0 +1,19 @@ +#!/bin/bash +FILE=.app_initialized + +cd /app +echo "Clearing any cached config." +php artisan config:clear +if [ ! -f $FILE ]; then + echo "Migrating database and creating default Admin user." + php artisan migrate --seed --force + echo "Admin Username: admin@example.com" + echo "Admin Password: secret" + touch $FILE +elif [ "${APP_MIGRATE_DB}" = 'true' ]; then + echo "Migrating database." + php artisan migrate --force +else + echo "Database migration skipped." +fi +php artisan serve --host=0.0.0.0 --port=80 diff --git a/app/run.sh b/app/run.sh deleted file mode 100755 index 876cc19..0000000 --- a/app/run.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -cd /app - -if [ "${APP_MIGRATE_DB} = 'true'" ]; then - if [ "${APP_ENV} = dev" ]; then - echo "Migrating database and creating default user admin@example.com:secret." && \ - php artisan migrate --seed --force - else - echo "Migrating database with no data; user must be created manually." && \ - php artisan migrate --force - fi -else - echo "Database migration skipped." - echo "If this is the first time running this compose file, you should run \`SHAARK_MIGRATE_DB=true eval 'docker-compose up'\` first to perform initial database migration." -fi -php artisan serve --host=0.0.0.0 --port=80 diff --git a/docker-compose.yml b/docker-compose.yml index 8fec3b4..2a14f67 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: depends_on: - mariadb - redis - entrypoint: ['./app/wait-for-it.sh', 'mariadb:3306', '-t', '30', '--', './app/run.sh'] + entrypoint: ['./app/wait-for-it.sh', 'mariadb:3306', '-t', '30', '--', './app/entrypoint-shaark.sh'] environment: APP_MIGRATE_DB: ${SHAARK_MIGRATE_DB:-false} APP_ENV: "production" From 588168560009b0e3ba410d50af6ebbeaf7ea56c3 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Fri, 14 Aug 2020 01:55:09 -0600 Subject: [PATCH 04/11] Make shaark target port static 80 --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 2a14f67..0037210 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,7 +5,7 @@ services: build: . restart: unless-stopped ports: - - target: ${SHAARK_PORT:-80} + - target: 80 published: ${SHAARK_PORT:-80} protocol: tcp mode: host From 321b81c013ffc4d40c9f82518a273dfe65af556d Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Fri, 14 Aug 2020 09:04:40 -0600 Subject: [PATCH 05/11] Add python3, pip3, nodejs, npm, puphpeteer, and youtube-dl to Dockerfile. --- Dockerfile | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index e10d9c9..8264d2d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,13 +4,12 @@ MAINTAINER Shaark contributors WORKDIR /app COPY . /app -RUN apk add --update --no-cache gmp gmp-dev \ - && docker-php-ext-install gmp bcmath - -RUN apk add --no-cache --update bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev && \ +RUN apk add --no-cache --update bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev gmp gmp-dev nodejs npm python3 python3-pip && \ cp .env.example .env && \ curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ - docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql && \ + docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql gmp bcmath&& \ + npm install @nesk/puphpeteer --no-save && \ + pip install --upgrade youtube-dl && \ \ composer install --no-dev -o && \ php artisan optimize && \ From 9ad0b647b49c3e589f40aa788979489822cda2e8 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Fri, 14 Aug 2020 12:12:45 -0600 Subject: [PATCH 06/11] Trying to resolve chromium errors. I don't think it's going to be feasable with alpine. --- Dockerfile | 13 ++++++++----- docker-compose.yml | 5 ++++- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8264d2d..e2a7a4d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,19 +4,22 @@ MAINTAINER Shaark contributors WORKDIR /app COPY . /app -RUN apk add --no-cache --update bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev gmp gmp-dev nodejs npm python3 python3-pip && \ +RUN apk add --no-cache --update bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev gmp gmp-dev nodejs npm py-pip python3-dev udev ttf-freefont chromium && \ cp .env.example .env && \ + if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && \ + if [[ ! -e /usr/bin/python ]]; then ln -sf /usr/bin/python3 /usr/bin/python; fi && \ + pip install --upgrade youtube-dl && \ curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql gmp bcmath&& \ - npm install @nesk/puphpeteer --no-save && \ - pip install --upgrade youtube-dl && \ - \ composer install --no-dev -o && \ + \ php artisan optimize && \ php artisan view:clear && \ \ php artisan key:generate && \ - php artisan storage:link + php artisan storage:link && \ + npm install @nesk/puphpeteer --no-save + ENV \ DB_HOST="mariadb" \ diff --git a/docker-compose.yml b/docker-compose.yml index 0037210..bcf204b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.7' services: shaark: - image: shaark + image: shaark:${SHAARK_IMAGE_TAG:-latest} build: . restart: unless-stopped ports: @@ -21,6 +21,8 @@ services: DB_PASSWORD: ${SHAARK_DATABASE_PASSWORD:-secret} DB_USER: ${SHAARK_DATABASE_USER:-homestead} DB_DATABASE: ${SHAARK_DATABASE_NAME:-homestead} + volumes: + - archives:/app/storage/app/archives logging: driver: "json-file" options: @@ -57,3 +59,4 @@ services: volumes: redis: {} mariadb: {} + archives: {} From 7b71d26cfd146b48940d8b0d379b69bed645d0cb Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Wed, 19 Aug 2020 10:32:03 -0600 Subject: [PATCH 07/11] compose runs, Dockerfile now using non-root user with capabilites set on entrypoint --- .gitignore | 1 + Dockerfile | 90 +++++++++++++++++++++++++++------------- app/entrypoint-shaark.sh | 2 +- docker-compose.yml | 2 +- 4 files changed, 64 insertions(+), 31 deletions(-) diff --git a/.gitignore b/.gitignore index 72ffc08..a83f22f 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ Homestead.yaml npm-debug.log package-lock.json yarn-error.log +docker-compose.override.yml diff --git a/Dockerfile b/Dockerfile index e2a7a4d..7924d25 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,37 +1,69 @@ -FROM php:7-alpine +FROM php:alpine MAINTAINER Shaark contributors WORKDIR /app COPY . /app -RUN apk add --no-cache --update bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev gmp gmp-dev nodejs npm py-pip python3-dev udev ttf-freefont chromium && \ - cp .env.example .env && \ - if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && \ - if [[ ! -e /usr/bin/python ]]; then ln -sf /usr/bin/python3 /usr/bin/python; fi && \ - pip install --upgrade youtube-dl && \ - curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ - docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql gmp bcmath&& \ - composer install --no-dev -o && \ - \ - php artisan optimize && \ - php artisan view:clear && \ - \ - php artisan key:generate && \ - php artisan storage:link && \ - npm install @nesk/puphpeteer --no-save - - -ENV \ - DB_HOST="mariadb" \ - REDIS_HOST="redis" \ - APP_ENV="production" \ - APP_DEBUG="false" \ - APP_URL="http://localhost" \ - APP_MIGRATE_DB="true" \ - CACHE_DRIVER="redis" \ - QUEUE_CONNECTION="redis" \ - SESSION_DRIVER="redis" \ - REDIS_HOST="redis" +RUN apk add --no-cache bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev gmp gmp-dev nodejs npm python3 git libcap + +RUN setcap cap_net_raw+eip /app/app/entrypoint-shaark.sh && \ + setcap cap_sys_admin+eip /app/app/entrypoint-shaark.sh + +# Installs latest Chromium (77) package. +RUN apk add --no-cache \ + chromium \ + nss \ + freetype \ + freetype-dev \ + harfbuzz \ + ca-certificates \ + ttf-freefont \ + nodejs \ + npm + +# Tell Puppeteer to skip installing Chrome. We'll be using the installed package. +ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \ + PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser \ + DB_HOST="mariadb" \ + REDIS_HOST="redis" \ + APP_ENV="production" \ + APP_DEBUG="false" \ + APP_URL="http://localhost" \ + APP_MIGRATE_DB="true" \ + CACHE_DRIVER="redis" \ + QUEUE_CONNECTION="redis" \ + SESSION_DRIVER="redis" \ + REDIS_HOST="redis" + +# Puppeteer v1.19.0 works with Chromium 77. +RUN npm install puppeteer@1.19.0 && \ + npm install @nesk/puphpeteer --no-save + +# Add user so we don't need --no-sandbox. +RUN addgroup -S pptruser && adduser -S -g pptruser pptruser \ + && mkdir -p /home/pptruser/Downloads /app \ + && chown -R pptruser:pptruser /home/pptruser \ + && chown -R pptruser:pptruser /app + +RUN if [ ! -e /usr/bin/python ]; then ln -sf /usr/bin/python3 /usr/bin/python; fi + +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ + docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql gmp bcmath + +# Run everything after as non-privileged user. +USER pptruser + +RUN composer install --no-dev -o + + +RUN cp .env.example .env && \ + \ + php artisan optimize && \ + php artisan view:clear && \ + \ + php artisan key:generate && \ + php artisan storage:link + ENTRYPOINT [ "./app/entrypoint-shaark.sh" ] EXPOSE 80 diff --git a/app/entrypoint-shaark.sh b/app/entrypoint-shaark.sh index 70e106c..d8a5cc7 100755 --- a/app/entrypoint-shaark.sh +++ b/app/entrypoint-shaark.sh @@ -16,4 +16,4 @@ elif [ "${APP_MIGRATE_DB}" = 'true' ]; then else echo "Database migration skipped." fi -php artisan serve --host=0.0.0.0 --port=80 +php artisan serve --host=0.0.0.0 --port=8080 diff --git a/docker-compose.yml b/docker-compose.yml index bcf204b..d216263 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,7 +5,7 @@ services: build: . restart: unless-stopped ports: - - target: 80 + - target: 8080 published: ${SHAARK_PORT:-80} protocol: tcp mode: host From 213c163859e3e9c7e5414f6bfd6d5db10fbec268 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Wed, 19 Aug 2020 10:49:41 -0600 Subject: [PATCH 08/11] Add youtube-dl to Dockerfile --- Dockerfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Dockerfile b/Dockerfile index 7924d25..3a2d5e1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,6 +6,7 @@ COPY . /app RUN apk add --no-cache bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev gmp gmp-dev nodejs npm python3 git libcap +# RUN setcap cap_net_raw+eip /app/app/entrypoint-shaark.sh && \ setcap cap_sys_admin+eip /app/app/entrypoint-shaark.sh @@ -45,6 +46,11 @@ RUN addgroup -S pptruser && adduser -S -g pptruser pptruser \ && chown -R pptruser:pptruser /home/pptruser \ && chown -R pptruser:pptruser /app +# Install youtube-dl binary +RUN curl -L https://yt-dl.org/downloads/latest/youtube-dl -o /usr/bin/youtube-dl && \ + chmod a+rx /usr/bin/youtube-dl + +# Make sure python binary is python3 RUN if [ ! -e /usr/bin/python ]; then ln -sf /usr/bin/python3 /usr/bin/python; fi RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ From 5dd4559128e73af7858ecea8796ac5faa47caad2 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Fri, 21 Aug 2020 13:17:07 -0600 Subject: [PATCH 09/11] PDF archives working with browsershot. New ENV options, customize admin password when seeding. PDF archive test gets example.com instead of app->home. Removed puphpeteer and deps. --- Dockerfile => Dockerfile.shaark | 61 ++++++++++++------- .../Api/Manage/FeaturesController.php | 6 +- .../LinkArchive/BrowsershotProvider.php | 53 ++++++++++++++++ app/Services/LinkArchive/LinkArchive.php | 2 +- .../LinkArchive/PuppeteerProvider.php | 58 ------------------ app/crontab | 10 +++ app/entrypoint-shaark.sh | 25 +++++--- composer.json | 2 +- database/seeds/DatabaseSeeder.php | 2 +- docker-compose.yml | 19 +++--- 10 files changed, 136 insertions(+), 102 deletions(-) rename Dockerfile => Dockerfile.shaark (56%) create mode 100644 app/Services/LinkArchive/BrowsershotProvider.php delete mode 100644 app/Services/LinkArchive/PuppeteerProvider.php create mode 100644 app/crontab diff --git a/Dockerfile b/Dockerfile.shaark similarity index 56% rename from Dockerfile rename to Dockerfile.shaark index 3a2d5e1..8cc4d32 100644 --- a/Dockerfile +++ b/Dockerfile.shaark @@ -4,13 +4,32 @@ MAINTAINER Shaark contributors WORKDIR /app COPY . /app -RUN apk add --no-cache bash openssl zip unzip oniguruma-dev zlib-dev libpng-dev libzip-dev postgresql-dev gmp gmp-dev nodejs npm python3 git libcap +# Install packages needed for shaark +RUN apk add --no-cache \ + bash \ + openssl \ + zip \ + unzip \ + oniguruma-dev \ + zlib-dev \ + libpng-dev \ + libzip-dev \ + postgresql-dev \ + gmp \ + gmp-dev \ + python3 \ + git \ + libcap \ + mariadb-client \ + nodejs \ + npm -# +# Set inheritied capabilities on entrypoint RUN setcap cap_net_raw+eip /app/app/entrypoint-shaark.sh && \ - setcap cap_sys_admin+eip /app/app/entrypoint-shaark.sh + setcap cap_sys_admin+eip /app/app/entrypoint-shaark.sh && \ + setcap cap_net_bind_service=+ep `which php` -# Installs latest Chromium (77) package. +# Installs latest Chromium (83) package. RUN apk add --no-cache \ chromium \ nss \ @@ -18,33 +37,29 @@ RUN apk add --no-cache \ freetype-dev \ harfbuzz \ ca-certificates \ - ttf-freefont \ - nodejs \ - npm + ttf-freefont -# Tell Puppeteer to skip installing Chrome. We'll be using the installed package. +# Set environment variables ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \ PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser \ DB_HOST="mariadb" \ REDIS_HOST="redis" \ APP_ENV="production" \ APP_DEBUG="false" \ - APP_URL="http://localhost" \ APP_MIGRATE_DB="true" \ CACHE_DRIVER="redis" \ QUEUE_CONNECTION="redis" \ SESSION_DRIVER="redis" \ REDIS_HOST="redis" -# Puppeteer v1.19.0 works with Chromium 77. -RUN npm install puppeteer@1.19.0 && \ - npm install @nesk/puphpeteer --no-save +# Puppeteer v3.1.0 works with Chromium 83. +RUN npm install puppeteer@3.1.0 -# Add user so we don't need --no-sandbox. -RUN addgroup -S pptruser && adduser -S -g pptruser pptruser \ - && mkdir -p /home/pptruser/Downloads /app \ - && chown -R pptruser:pptruser /home/pptruser \ - && chown -R pptruser:pptruser /app +# Add user so we don't have to run everything as root +RUN addgroup -S shaark && adduser -S -G shaark shaarkuser \ + && mkdir -p /home/shaarkuser/Downloads \ + && chown -R shaarkuser:shaark /home/shaarkuser \ + && chown -R shaarkuser:shaark /app # Install youtube-dl binary RUN curl -L https://yt-dl.org/downloads/latest/youtube-dl -o /usr/bin/youtube-dl && \ @@ -53,14 +68,17 @@ RUN curl -L https://yt-dl.org/downloads/latest/youtube-dl -o /usr/bin/youtube-dl # Make sure python binary is python3 RUN if [ ! -e /usr/bin/python ]; then ln -sf /usr/bin/python3 /usr/bin/python; fi +# Install composer and php extensions RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql gmp bcmath -# Run everything after as non-privileged user. -USER pptruser +# Configure Backups cron +RUN crontab app/crontab -RUN composer install --no-dev -o +# Run everything after as non-privileged user. +USER shaarkuser +RUN composer install --no-dev -o RUN cp .env.example .env && \ \ @@ -70,6 +88,5 @@ RUN cp .env.example .env && \ php artisan key:generate && \ php artisan storage:link - -ENTRYPOINT [ "./app/entrypoint-shaark.sh" ] EXPOSE 80 +ENTRYPOINT [ "app/entrypoint-shaark.sh" ] diff --git a/app/Http/Controllers/Api/Manage/FeaturesController.php b/app/Http/Controllers/Api/Manage/FeaturesController.php index df6548f..327c673 100644 --- a/app/Http/Controllers/Api/Manage/FeaturesController.php +++ b/app/Http/Controllers/Api/Manage/FeaturesController.php @@ -59,14 +59,14 @@ protected function checkArchivePdf(Shaark $shaark) return $this->sendError(__('Your node path is unreachable: :path', ['path' => $exec])); } - $dir = base_path('node_modules/puppeteer/.local-chromium'); + $dir = base_path('vendor/spatie/browsershot'); if (false === is_dir($dir)) { - return $this->sendError(__('Puppeteer dependencies not installed, run `npm install @nesk/puphpeteer --no-save`')); + return $this->sendError(__('Puppeteer dependencies not installed, run `composer require spatie/browsershot`')); } try { - $name = LinkArchive::archive(url()->route('home'), 'pdf'); + $name = LinkArchive::archive('http://example.com', 'pdf'); } catch (\Exception $e) { return $this->sendError(__('Unable to create archive, error is: :message', ['message' => $e->getMessage()])); } diff --git a/app/Services/LinkArchive/BrowsershotProvider.php b/app/Services/LinkArchive/BrowsershotProvider.php new file mode 100644 index 0000000..54c6731 --- /dev/null +++ b/app/Services/LinkArchive/BrowsershotProvider.php @@ -0,0 +1,53 @@ +url) . '.pdf'; + $filename = sprintf('app/archives/%s', $name); + $windowWidth = app('shaark')->getArchivePdfWidth(); + $windowHeight = app('shaark')->getArchivePdfHeight(); + $nodeBin = app('shaark')->getNodeBin(); + + try { + $browsershot = new Browsershot($this->url, true); + $browsershot + ->windowSize($windowWidth, $windowHeight) + ->margins(0,0,0,0) + ->setNodeBinary($nodeBin) + ->setNodeModulePath('node_modules/') + ->setIncludePath('/usr/bin/') + ->showBackground() + ->addChromiumArguments([ + 'disable-dev-shm-usage' + ]) + ->noSandbox() + ->ignoreHttpsErrors() + ->dismissDialogs() + ->waitUntilNetworkIdle() + ->emulateMedia('screen') + ->save(storage_path($filename)) + ; + } catch (\Exception $e) { + throw new \RuntimeException("Unable to create link archive", 0, $e); + } + + return $name; + } + + public function isEnabled(): bool + { + return app('shaark')->getLinkArchivePdf() === true; + } + + public function canArchive(): bool + { + return true; + } +} + diff --git a/app/Services/LinkArchive/LinkArchive.php b/app/Services/LinkArchive/LinkArchive.php index da39a43..303be1f 100644 --- a/app/Services/LinkArchive/LinkArchive.php +++ b/app/Services/LinkArchive/LinkArchive.php @@ -7,7 +7,7 @@ class LinkArchive /** @var array $providers */ public static $providers = [ 'media' => YoutubeDlProvider::class, - 'pdf' => PuppeteerProvider::class, + 'pdf' => BrowsershotProvider::class, ]; public static function availableFor(string $url): array diff --git a/app/Services/LinkArchive/PuppeteerProvider.php b/app/Services/LinkArchive/PuppeteerProvider.php deleted file mode 100644 index 548f673..0000000 --- a/app/Services/LinkArchive/PuppeteerProvider.php +++ /dev/null @@ -1,58 +0,0 @@ -url) . '.pdf'; - $filename = sprintf('app/archives/%s', $name); - - try { - $puppeteer = new Puppeteer([ - 'executable_path' => app('shaark')->getNodeBin() - ]); - - $browser = $puppeteer->launch([ - 'ignoreHTTPSErrors' => true, - ]); - - $page = $browser->newPage(); - $page->goto($this->url); - $page->emulateMedia('screen'); - - $page->pdf([ - 'path' => storage_path($filename), - 'width' => app('shaark')->getArchivePdfWidth(), - 'height' => app('shaark')->getArchivePdfHeight(), - 'printBackground' => true, - 'preferCSSPageSize' => true, - 'margin' => [ - 'top' => 0, - 'bottom' => 0, - 'left' => 0, - 'right' => 0, - ] - ]); - - $browser->close(); - } catch (\Exception $e) { - throw new \RuntimeException("Unable to create link pdf archive", 0, $e); - } - - return $name; - } - - public function isEnabled(): bool - { - return app('shaark')->getLinkArchivePdf() === true; - } - - public function canArchive(): bool - { - return true; - } -} diff --git a/app/crontab b/app/crontab new file mode 100644 index 0000000..eb03dcc --- /dev/null +++ b/app/crontab @@ -0,0 +1,10 @@ +# do daily/weekly/monthly maintenance +# min hour day month weekday command +*/15 * * * * run-parts /etc/periodic/15min +0 * * * * run-parts /etc/periodic/hourly +0 2 * * * run-parts /etc/periodic/daily +0 3 * * 6 run-parts /etc/periodic/weekly +0 5 1 * * run-parts /etc/periodic/monthly +# run backups configured by Shaark +* * * * * cd /app && php artisan schedule:run >> /dev/null 2>&1 + diff --git a/app/entrypoint-shaark.sh b/app/entrypoint-shaark.sh index d8a5cc7..1a7e86e 100755 --- a/app/entrypoint-shaark.sh +++ b/app/entrypoint-shaark.sh @@ -1,19 +1,26 @@ #!/bin/bash -FILE=.app_initialized cd /app echo "Clearing any cached config." php artisan config:clear -if [ ! -f $FILE ]; then - echo "Migrating database and creating default Admin user." - php artisan migrate --seed --force - echo "Admin Username: admin@example.com" - echo "Admin Password: secret" - touch $FILE -elif [ "${APP_MIGRATE_DB}" = 'true' ]; then +if [ "`php artisan migrate:status`" = "Migration table not found." ]; then + echo "Migrating database and creating default Admin user." + php artisan migrate --seed --force + echo "Admin Username: admin@example.com" + echo "Admin Password: "${APP_ADMIN_PASSWORD} +elif [ "${APP_MIGRATE_DB}" = 'true' ] && \ + [ `php artisan migrate:status|cut -d'|' -f2 |grep -c "No"` -gt 0 ]; then echo "Migrating database." php artisan migrate --force else echo "Database migration skipped." fi -php artisan serve --host=0.0.0.0 --port=8080 + +if [ "${APP_DEBUG}" = 'true' ]; then + echo "Debugging enabled: creating verbose logs at /app/storage/logs/" + php artisan serve --host=0.0.0.0 --port=80 -vvv >> storage/logs/artisan_serve.log & + php artisan queue:work >> storage/logs/artisan_queue.log & +else + php artisan serve --host=0.0.0.0 --port=80 & + php artisan queue:work & +fi diff --git a/composer.json b/composer.json index 5566021..abbbc27 100644 --- a/composer.json +++ b/composer.json @@ -34,9 +34,9 @@ "laravel/tinker": "^1.0", "maatwebsite/excel": "^3.1", "mews/captcha": "^3.0", - "nesk/puphpeteer": "^1.6", "norkunas/youtube-dl-php": "^1.6", "predis/predis": "^1.1", + "spatie/browsershot": "^3.37", "spatie/laravel-backup": "^6.11", "spatie/laravel-medialibrary": "^7.0.0", "spatie/valuestore": "^1.2", diff --git a/database/seeds/DatabaseSeeder.php b/database/seeds/DatabaseSeeder.php index c12d4bf..d8383ae 100644 --- a/database/seeds/DatabaseSeeder.php +++ b/database/seeds/DatabaseSeeder.php @@ -18,7 +18,7 @@ public function run() DB::table('users')->insert([ 'name' => 'Admin', 'email' => 'admin@example.com', - 'password' => Hash::make('secret'), + 'password' => Hash::make(env('APP_ADMIN_PASSWORD', 'secret')), 'api_token' => 'api-token-secret', 'is_admin' => 1, 'created_at' => now()->toDateTimeString(), diff --git a/docker-compose.yml b/docker-compose.yml index d216263..5e5d941 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,11 +2,13 @@ version: '3.7' services: shaark: image: shaark:${SHAARK_IMAGE_TAG:-latest} - build: . + build: + context: ./ + dockerfile: Dockerfile.shaark restart: unless-stopped ports: - - target: 8080 - published: ${SHAARK_PORT:-80} + - target: 80 + published: ${SHAARK_PORT:-8080} protocol: tcp mode: host depends_on: @@ -18,11 +20,13 @@ services: APP_ENV: "production" APP_DEBUG: ${SHAARK_DEBUG:-false} APP_URL: ${SHAARK_URL:-http://localhost} + APP_ADMIN_PASSWORD: ${SHAARK_ADMIN_PASSWORD:-secret} DB_PASSWORD: ${SHAARK_DATABASE_PASSWORD:-secret} DB_USER: ${SHAARK_DATABASE_USER:-homestead} DB_DATABASE: ${SHAARK_DATABASE_NAME:-homestead} volumes: - archives:/app/storage/app/archives + - backups:/app/storage/app/backups logging: driver: "json-file" options: @@ -35,7 +39,7 @@ services: volumes: - mariadb:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD: ${SHAARK_MYSQL_ROOT_PASSWORD:-rootpassword9867ow3q459087w980} + MYSQL_RANDOM_ROOT_PASSWORD: 'true' MYSQL_PASSWORD: ${SHAARK_DATABASE_PASSWORD:-secret} MYSQL_USER: ${SHAARK_DATABASE_USER:-homestead} MYSQL_DATABASE: ${SHAARK_DATABASE_NAME:-homestead} @@ -57,6 +61,7 @@ services: max-file: "5" volumes: - redis: {} - mariadb: {} - archives: {} + redis: + mariadb: + archives: + backups: From 79515bc8279f28449d887fe00f7d0f5abbc9e090 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Mon, 24 Aug 2020 23:00:18 +0000 Subject: [PATCH 10/11] Correct entrypoint causing container to stop, make app/storage a volume, fix crontab for Backups --- Dockerfile.shaark | 5 +++-- app/entrypoint-shaark.sh | 5 +++-- docker-compose.yml | 6 ++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Dockerfile.shaark b/Dockerfile.shaark index 8cc4d32..6a121bc 100644 --- a/Dockerfile.shaark +++ b/Dockerfile.shaark @@ -22,7 +22,8 @@ RUN apk add --no-cache \ libcap \ mariadb-client \ nodejs \ - npm + npm \ + busybox-suid # Set inheritied capabilities on entrypoint RUN setcap cap_net_raw+eip /app/app/entrypoint-shaark.sh && \ @@ -73,7 +74,7 @@ RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql gmp bcmath # Configure Backups cron -RUN crontab app/crontab +RUN crontab -u shaarkuser app/crontab # Run everything after as non-privileged user. USER shaarkuser diff --git a/app/entrypoint-shaark.sh b/app/entrypoint-shaark.sh index 1a7e86e..4f97a0f 100755 --- a/app/entrypoint-shaark.sh +++ b/app/entrypoint-shaark.sh @@ -18,9 +18,10 @@ fi if [ "${APP_DEBUG}" = 'true' ]; then echo "Debugging enabled: creating verbose logs at /app/storage/logs/" - php artisan serve --host=0.0.0.0 --port=80 -vvv >> storage/logs/artisan_serve.log & php artisan queue:work >> storage/logs/artisan_queue.log & + php artisan serve --host=0.0.0.0 --port=80 -vvv >> storage/logs/artisan_serve.log else - php artisan serve --host=0.0.0.0 --port=80 & + echo "Starting Shaark!" php artisan queue:work & + php artisan serve --host=0.0.0.0 --port=80 fi diff --git a/docker-compose.yml b/docker-compose.yml index 5e5d941..c354f3f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -25,8 +25,7 @@ services: DB_USER: ${SHAARK_DATABASE_USER:-homestead} DB_DATABASE: ${SHAARK_DATABASE_NAME:-homestead} volumes: - - archives:/app/storage/app/archives - - backups:/app/storage/app/backups + - storage:/app/storage logging: driver: "json-file" options: @@ -63,5 +62,4 @@ services: volumes: redis: mariadb: - archives: - backups: + storage: From 0d647dfc2454e58c9427eacd72f423d82cf218e2 Mon Sep 17 00:00:00 2001 From: squ1rr3lly Date: Sun, 26 Dec 2021 17:14:03 -0700 Subject: [PATCH 11/11] Updates Dockerfile.shaark to use new composer install process --- Dockerfile.shaark | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/Dockerfile.shaark b/Dockerfile.shaark index 6a121bc..c6b7012 100644 --- a/Dockerfile.shaark +++ b/Dockerfile.shaark @@ -1,4 +1,4 @@ -FROM php:alpine +FROM php:7.4.0-alpine MAINTAINER Shaark contributors WORKDIR /app @@ -41,7 +41,8 @@ RUN apk add --no-cache \ ttf-freefont # Set environment variables -ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \ +ENV \ + PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \ PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser \ DB_HOST="mariadb" \ REDIS_HOST="redis" \ @@ -51,7 +52,7 @@ ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \ CACHE_DRIVER="redis" \ QUEUE_CONNECTION="redis" \ SESSION_DRIVER="redis" \ - REDIS_HOST="redis" + REDIS_HOST="redis" # Puppeteer v3.1.0 works with Chromium 83. RUN npm install puppeteer@3.1.0 @@ -69,9 +70,26 @@ RUN curl -L https://yt-dl.org/downloads/latest/youtube-dl -o /usr/bin/youtube-dl # Make sure python binary is python3 RUN if [ ! -e /usr/bin/python ]; then ln -sf /usr/bin/python3 /usr/bin/python; fi -# Install composer and php extensions -RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \ - docker-php-ext-install pdo mbstring gd exif zip sockets pdo_mysql pgsql pdo_pgsql gmp bcmath +# Install composer +RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \ + php -r "if (hash_file('sha384', 'composer-setup.php') === '906a84df04cea2aa72f40b5f787e49f22d4c2f19492ac310e8cba5b96ac8b64115ac402c8cd292b8a03482574915d1a8') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \ + php composer-setup.php && \ + php -r "unlink('composer-setup.php');" && \ + mv composer.phar /usr/local/bin/composer + +# Install php extensions +RUN docker-php-ext-install \ + pdo \ + mbstring \ + gd \ + exif \ + zip \ + sockets \ + pdo_mysql \ + pgsql \ + pdo_pgsql \ + gmp \ + bcmath # Configure Backups cron RUN crontab -u shaarkuser app/crontab