badmanners/shimmie2
badmanners/shimmie2
Archived
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[docker] generate web server config with our own script (envsubst is terrible)

Browse source
This commit is contained in:
Shish 2024-02-21 18:42:33 +00:00 committed by Shish
parent 0a617f6292
commit 7bc8459cda
5 changed files with 103 additions and 186 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.devcontainer/devcontainer.json
View file

@ -23,12 +23,10 @@
}, },
"updateContentCommand": "composer install", "updateContentCommand": "composer install",
"postCreateCommand": "./.docker/entrypoint.sh unitd --no-daemon --control unix:/var/run/control.unit.sock", "postCreateCommand": "php ./.docker/run.php",
"containerEnv": { "containerEnv": {
"UID": "2000", "UID": "2000",
"GID": "2000", "GID": "2000",
"UPLOAD_MAX_FILESIZE": "50M",
"MAX_FILE_UPLOADS": "100",
"INSTALL_DSN": "sqlite:data/shimmie.dev.sqlite" "INSTALL_DSN": "sqlite:data/shimmie.dev.sqlite"
}, },
"customizations": { "customizations": {

82
.docker/entrypoint.d/config.json.tmpl
View file

@ -1,82 +0,0 @@
{
"listeners": {
"*:8000": {
"pass": "routes",
"forwarded": {
"client_ip": "X-Forwarded-For",
"recursive": false,
"source": [
"172.17.0.0/16"
]
}
}
},
"routes": [
{
"match": {
"uri": "~/_(thumbs|images)/.*"
},
"action": {
"share": [
"`/app/data/${uri.replace(/_(thumbs|images)\\/(..)(..)(.*?)\\/.*/, '$1/$2/$3/$2$3$4')}`",
"`/app/data/${uri.replace(/_(thumbs|images)\\/(..)(.*?)\\/.*/, '$1/$2/$2$3')}`"
],
"response_headers": {
"Cache-Control": "public, max-age=31556926"
}
}
},
{
"action": {
"share": [
"/app/$uri"
],
"types": [
"image/*",
"application/javascript",
"text/css",
"application/sourcemap",
"!"
],
"response_headers": {
"Cache-Control": "public, max-age=31556926"
},
"fallback": {
"pass": "applications/shimmie"
}
}
}
],
"applications": {
"shimmie": {
"type": "php",
"user": "shimmie",
"root": "/app/",
"script": "index.php",
"working_directory": "/app/",
"options": {
"admin": {
"memory_limit": "256M",
"max_file_uploads": "$MAX_FILE_UPLOADS",
"upload_max_filesize": "$UPLOAD_MAX_FILESIZE",
"post_max_size": "$UPLOAD_MAX_FILESIZE"
}
},
"processes": {
"max": 8,
"spare": 2,
"idle_timeout": 60
}
}
},
"settings": {
"http": {
"max_body_size": 1048576000,
"static": {
"mime_types": {
"application/sourcemap": [".map"]
}
}
}
}
}

97
.docker/entrypoint.sh
View file

@ -7,102 +7,5 @@ if ! id -u shimmie >/dev/null 2>&1; then
groupadd -g $GID shimmie || true groupadd -g $GID shimmie || true
useradd -ms /bin/bash -u $UID -g $GID shimmie || true useradd -ms /bin/bash -u $UID -g $GID shimmie || true
fi fi
mkdir -p /app/data
chown shimmie:shimmie /app/data
rm -rf /var/lib/unit/*
envsubst '$MAX_FILE_UPLOADS $UPLOAD_MAX_FILESIZE' < /app/.docker/entrypoint.d/config.json.tmpl > /app/.docker/entrypoint.d/config.json
WAITLOOPS=5
SLEEPSEC=1
curl_put()
{
RET=$(/usr/bin/curl -s -w '%{http_code}' -X PUT --data-binary @$1 --unix-socket /var/run/control.unit.sock http://localhost/$2)
RET_BODY=$(echo $RET | /bin/sed '$ s/...$//')
RET_STATUS=$(echo $RET | /usr/bin/tail -c 4)
if [ "$RET_STATUS" -ne "200" ]; then
echo "$0: Error: HTTP response status code is '$RET_STATUS'"
echo "$RET_BODY"
return 1
else
echo "$0: OK: HTTP response status code is '$RET_STATUS'"
echo "$RET_BODY"
fi
return 0
}
if [ "$1" = "unitd" ] || [ "$1" = "unitd-debug" ]; then
if /usr/bin/find "/var/lib/unit/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then
echo "$0: /var/lib/unit/ is not empty, skipping initial configuration..."
else
echo "$0: Launching Unit daemon to perform initial configuration..."
/usr/sbin/$1 --control unix:/var/run/control.unit.sock
for i in $(/usr/bin/seq $WAITLOOPS); do
if [ ! -S /var/run/control.unit.sock ]; then
echo "$0: Waiting for control socket to be created..."
/bin/sleep $SLEEPSEC
else
break
fi
done
# even when the control socket exists, it does not mean unit has finished initialisation
# this curl call will get a reply once unit is fully launched
/usr/bin/curl -s -X GET --unix-socket /var/run/control.unit.sock http://localhost/
if /usr/bin/find "/app/.docker/entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then
echo "$0: /app/.docker/entrypoint.d/ is not empty, applying initial configuration..."
echo "$0: Looking for certificate bundles in /app/.docker/entrypoint.d/..."
for f in $(/usr/bin/find /app/.docker/entrypoint.d/ -type f -name "*.pem"); do
echo "$0: Uploading certificates bundle: $f"
curl_put $f "certificates/$(basename $f .pem)"
done
echo "$0: Looking for JavaScript modules in /app/.docker/entrypoint.d/..."
for f in $(/usr/bin/find /app/.docker/entrypoint.d/ -type f -name "*.js"); do
echo "$0: Uploading JavaScript module: $f"
curl_put $f "js_modules/$(basename $f .js)"
done
echo "$0: Looking for configuration snippets in /app/.docker/entrypoint.d/..."
for f in $(/usr/bin/find /app/.docker/entrypoint.d/ -type f -name "*.json"); do
echo "$0: Applying configuration $f";
curl_put $f "config"
done
echo "$0: Looking for shell scripts in /app/.docker/entrypoint.d/..."
for f in $(/usr/bin/find /app/.docker/entrypoint.d/ -type f -name "*.sh"); do
echo "$0: Launching $f";
"$f"
done
# warn on filetypes we don't know what to do with
for f in $(/usr/bin/find /app/.docker/entrypoint.d/ -type f -not -name "*.sh" -not -name "*.json" -not -name "*.pem" -not -name "*.js"); do
echo "$0: Ignoring $f";
done
else
echo "$0: /app/.docker/entrypoint.d/ is empty, creating 'welcome' configuration..."
curl_put /usr/share/unit/welcome/welcome.json "config"
fi
echo "$0: Stopping Unit daemon after initial configuration..."
kill -TERM $(/bin/cat /var/run/unit.pid)
for i in $(/usr/bin/seq $WAITLOOPS); do
if [ -S /var/run/control.unit.sock ]; then
echo "$0: Waiting for control socket to be removed..."
/bin/sleep $SLEEPSEC
else
break
fi
done
if [ -S /var/run/control.unit.sock ]; then
kill -KILL $(/bin/cat /var/run/unit.pid)
rm -f /var/run/control.unit.sock
fi
echo
echo "$0: Unit initial configuration complete; ready for start up..."
echo
fi
fi
exec "$@" exec "$@"

99
.docker/run.php Executable file
View file

@ -0,0 +1,99 @@
#!/bin/env php
<?php
// Check install is valid and dirs exist
if (!is_dir('/app/data')) {
mkdir('/app/data', 0755, true);
}
chown('/app/data', 'shimmie');
chgrp('/app/data', 'shimmie');
// Look at docker environment variables
$MAX_FILE_UPLOADS = getenv('MAX_FILE_UPLOADS') ?: "20";
$UPLOAD_MAX_FILESIZE = getenv('UPLOAD_MAX_FILESIZE') ?: '20M';
$MAX_TOTAL_UPLOAD = ini_parse_quantity($UPLOAD_MAX_FILESIZE) * intval($MAX_FILE_UPLOADS);
// Generate a config file for whatever web server we are using today
$config = [
"listeners" => [
"*:8000" => [
"pass" => "routes",
"forwarded" => [
"client_ip" => "X-Forwarded-For",
"recursive" => false,
"source" => [
"172.17.0.0/16"
]
]
]
],
"routes" => [
[
"match" => [
"uri" => "~/_(thumbs|images)/.*"
],
"action" => [
"share" => [
'`/app/data/${uri.replace(/_(thumbs|images)\\/(..)(..)(.*?)\\/.*/, "$1/$2/$3/$2$3$4")}`',
'`/app/data/${uri.replace(/_(thumbs|images)\\/(..)(.*?)\\/.*/, "$1/$2/$2$3")}`'
],
"response_headers" => [
"Cache-Control" => "public, max-age=31556926"
]
]
],
[
"action" => [
"share" => '/app/$uri',
"types" => [
"image/*",
"application/javascript",
"text/css",
"application/sourcemap",
"!"
],
"response_headers" => [
"Cache-Control" => "public, max-age=31556926"
],
"fallback" => [
"pass" => "applications/shimmie"
]
]
]
],
"applications" => [
"shimmie" => [
"type" => "php",
"user" => "shimmie",
"root" => "/app/",
"script" => "index.php",
"working_directory" => "/app/",
"options" => [
"admin" => [
"memory_limit" => "256M",
"max_file_uploads" => "$MAX_FILE_UPLOADS",
"upload_max_filesize" => "$UPLOAD_MAX_FILESIZE",
"post_max_size" => "$MAX_TOTAL_UPLOAD",
]
],
"processes" => [
"max" => 8,
"spare" => 2,
"idle_timeout" => 60
]
]
],
"settings" => [
"http" => [
"max_body_size" => $MAX_TOTAL_UPLOAD,
"static" => [
"mime_types" => [
"application/sourcemap" => [".map"]
]
]
]
]
];
file_put_contents('/var/lib/unit/conf.json', json_encode($config, JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES));
// Start the web server
pcntl_exec('/usr/sbin/unitd', ['--no-daemon', '--control', 'unix:/var/run/control.unit.sock', '--log', '/dev/stderr']);

7
Dockerfile
View file

@ -22,9 +22,8 @@ RUN apt update && \
php${PHP_VERSION}-gd php${PHP_VERSION}-zip php${PHP_VERSION}-xml php${PHP_VERSION}-mbstring php${PHP_VERSION}-curl \ php${PHP_VERSION}-gd php${PHP_VERSION}-zip php${PHP_VERSION}-xml php${PHP_VERSION}-mbstring php${PHP_VERSION}-curl \
php${PHP_VERSION}-pgsql php${PHP_VERSION}-mysql php${PHP_VERSION}-sqlite3 \ php${PHP_VERSION}-pgsql php${PHP_VERSION}-mysql php${PHP_VERSION}-sqlite3 \
php${PHP_VERSION}-memcached \ php${PHP_VERSION}-memcached \
curl imagemagick zip unzip unit unit-php gettext && \ curl imagemagick zip unzip unit unit-php && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
RUN ln -sf /dev/stderr /var/log/unit.log
# Install dev packages # Install dev packages
# Things which are only needed during development - Composer has 100MB of # Things which are only needed during development - Composer has 100MB of
@ -68,10 +67,10 @@ FROM base AS run
EXPOSE 8000 EXPOSE 8000
# HEALTHCHECK --interval=1m --timeout=3s CMD curl --fail http://127.0.0.1:8000/ || exit 1 # HEALTHCHECK --interval=1m --timeout=3s CMD curl --fail http://127.0.0.1:8000/ || exit 1
ARG BUILD_TIME=unknown BUILD_HASH=unknown ARG BUILD_TIME=unknown BUILD_HASH=unknown
ENV UID=1000 GID=1000 UPLOAD_MAX_FILESIZE=50M MAX_FILE_UPLOADS=100 ENV UID=1000 GID=1000
COPY --from=build /app /app COPY --from=build /app /app
WORKDIR /app WORKDIR /app
RUN echo "_d('BUILD_TIME', '$BUILD_TIME');" >> core/sys_config.php && \ RUN echo "_d('BUILD_TIME', '$BUILD_TIME');" >> core/sys_config.php && \
echo "_d('BUILD_HASH', '$BUILD_HASH');" >> core/sys_config.php echo "_d('BUILD_HASH', '$BUILD_HASH');" >> core/sys_config.php
ENTRYPOINT ["/app/.docker/entrypoint.sh"] ENTRYPOINT ["/app/.docker/entrypoint.sh"]
CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] CMD ["php", "/app/.docker/run.php"]