From 453f4653c325dc23193e16432170bf634c42e8a2 Mon Sep 17 00:00:00 2001 From: VirtualTam Date: Thu, 24 Dec 2015 17:17:46 +0100 Subject: [PATCH] Docker: move Dockerfiles to the main repository Relates to #420 Fixes: - [all] remove Nginx' 'server_name' attribute - [dev] create the phpinfo() script from the Dockerfile Modifications: - [all] remove documentation/guide (to be added to the wiki) - [all] update maintainer information - [prod] differentiate 'master' (:latest) and 'stable' (:stable) images Signed-off-by: VirtualTam --- .gitattributes | 3 ++ docker/.htaccess | 2 + docker/development/Dockerfile | 28 +++++++++++ docker/development/IMAGE.md | 10 ++++ docker/development/nginx.conf | 64 ++++++++++++++++++++++++ docker/development/supervised.conf | 13 +++++ docker/production/Dockerfile | 20 ++++++++ docker/production/IMAGE.md | 5 ++ docker/production/nginx.conf | 56 +++++++++++++++++++++ docker/production/stable/Dockerfile | 20 ++++++++ docker/production/stable/IMAGE.md | 5 ++ docker/production/stable/nginx.conf | 56 +++++++++++++++++++++ docker/production/stable/supervised.conf | 13 +++++ docker/production/supervised.conf | 13 +++++ 14 files changed, 308 insertions(+) create mode 100644 docker/.htaccess create mode 100644 docker/development/Dockerfile create mode 100644 docker/development/IMAGE.md create mode 100644 docker/development/nginx.conf create mode 100644 docker/development/supervised.conf create mode 100644 docker/production/Dockerfile create mode 100644 docker/production/IMAGE.md create mode 100644 docker/production/nginx.conf create mode 100644 docker/production/stable/Dockerfile create mode 100644 docker/production/stable/IMAGE.md create mode 100644 docker/production/stable/nginx.conf create mode 100644 docker/production/stable/supervised.conf create mode 100644 docker/production/supervised.conf diff --git a/.gitattributes b/.gitattributes index e616be2..aaf6a39 100644 --- a/.gitattributes +++ b/.gitattributes @@ -2,11 +2,13 @@ * text=auto eol=lf # Ensure sources are processed +*.conf text *.css text *.html text diff=html *.js text *.md text *.php text diff=php +Dockerfile text # Do not alter images nor minified scripts *.ico binary @@ -22,6 +24,7 @@ composer.json export-ignore doc/**/*.json export-ignore doc/**/*.md export-ignore +docker/ export-ignore Doxyfile export-ignore Makefile export-ignore phpunit.xml export-ignore diff --git a/docker/.htaccess b/docker/.htaccess new file mode 100644 index 0000000..b584d98 --- /dev/null +++ b/docker/.htaccess @@ -0,0 +1,2 @@ +Allow from none +Deny from all diff --git a/docker/development/Dockerfile b/docker/development/Dockerfile new file mode 100644 index 0000000..2ed59b8 --- /dev/null +++ b/docker/development/Dockerfile @@ -0,0 +1,28 @@ +FROM debian:jessie +MAINTAINER Shaarli Community + +RUN apt-get update \ + && apt-get install -y \ + nginx-light php5-fpm php5-gd supervisor \ + git nano + +ADD https://getcomposer.org/composer.phar /usr/local/bin/composer +RUN chmod 755 /usr/local/bin/composer + +COPY nginx.conf /etc/nginx/nginx.conf +COPY supervised.conf /etc/supervisor/conf.d/supervised.conf +RUN echo "" > /var/www/index.php + +WORKDIR /var/www +RUN rm -rf html \ + && git clone https://github.com/shaarli/Shaarli.git shaarli \ + && chown -R www-data:www-data . + +WORKDIR /var/www/shaarli +RUN composer install + +VOLUME /var/www/shaarli/data + +EXPOSE 80 + +CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/development/IMAGE.md b/docker/development/IMAGE.md new file mode 100644 index 0000000..e2ff0f0 --- /dev/null +++ b/docker/development/IMAGE.md @@ -0,0 +1,10 @@ +## shaarli:dev +- [Debian 8 Jessie](https://hub.docker.com/_/debian/) +- [PHP5-FPM](http://php-fpm.org/) +- [Nginx](http://nginx.org/) +- [Shaarli](https://github.com/shaarli/Shaarli) + +### Development tools +- [composer](https://getcomposer.org/) +- [git](http://git-scm.com/) +- [nano](http://www.nano-editor.org/) diff --git a/docker/development/nginx.conf b/docker/development/nginx.conf new file mode 100644 index 0000000..cda09b5 --- /dev/null +++ b/docker/development/nginx.conf @@ -0,0 +1,64 @@ +user www-data www-data; +daemon off; +worker_processes 4; + +events { + worker_connections 768; +} + +http { + include mime.types; + default_type application/octet-stream; + keepalive_timeout 20; + + index index.html index.php; + + server { + listen 80; + root /var/www/shaarli; + + access_log /var/log/nginx/shaarli.access.log; + error_log /var/log/nginx/shaarli.error.log; + + location /phpinfo/ { + # add a PHP info page for convenience + fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/index.php; + include fastcgi_params; + } + + location ~ /\. { + # deny access to dotfiles + access_log off; + log_not_found off; + deny all; + } + + location ~ ~$ { + # deny access to temp editor files, e.g. "script.php~" + access_log off; + log_not_found off; + deny all; + } + + location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { + # cache static assets + expires max; + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + location ~ (index)\.php$ { + # filter and proxy PHP requests to PHP-FPM + fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_index index.php; + include fastcgi.conf; + } + + location ~ \.php$ { + # deny access to all other PHP scripts + deny all; + } + } +} diff --git a/docker/development/supervised.conf b/docker/development/supervised.conf new file mode 100644 index 0000000..5acd979 --- /dev/null +++ b/docker/development/supervised.conf @@ -0,0 +1,13 @@ +[program:php5-fpm] +command=/usr/sbin/php5-fpm -F +priority=5 +autostart=true +autorestart=true + +[program:nginx] +command=/usr/sbin/nginx +priority=10 +autostart=true +autorestart=true +stdout_events_enabled=true +stderr_events_enabled=true diff --git a/docker/production/Dockerfile b/docker/production/Dockerfile new file mode 100644 index 0000000..3db4eb5 --- /dev/null +++ b/docker/production/Dockerfile @@ -0,0 +1,20 @@ +FROM debian:jessie +MAINTAINER Shaarli Community + +RUN apt-get update \ + && apt-get install -y curl nginx-light php5-fpm php5-gd supervisor + +COPY nginx.conf /etc/nginx/nginx.conf +COPY supervised.conf /etc/supervisor/conf.d/supervised.conf + +WORKDIR /var/www +RUN rm -rf html \ + && curl -L https://github.com/shaarli/Shaarli/archive/master.tar.gz | tar xvzf - \ + && mv Shaarli-master shaarli \ + && chown -R www-data:www-data shaarli + +VOLUME /var/www/shaarli/data + +EXPOSE 80 + +CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/production/IMAGE.md b/docker/production/IMAGE.md new file mode 100644 index 0000000..6f827b3 --- /dev/null +++ b/docker/production/IMAGE.md @@ -0,0 +1,5 @@ +## shaarli:latest +- [Debian 8 Jessie](https://hub.docker.com/_/debian/) +- [PHP5-FPM](http://php-fpm.org/) +- [Nginx](http://nginx.org/) +- [Shaarli](https://github.com/shaarli/Shaarli) diff --git a/docker/production/nginx.conf b/docker/production/nginx.conf new file mode 100644 index 0000000..e23c458 --- /dev/null +++ b/docker/production/nginx.conf @@ -0,0 +1,56 @@ +user www-data www-data; +daemon off; +worker_processes 4; + +events { + worker_connections 768; +} + +http { + include mime.types; + default_type application/octet-stream; + keepalive_timeout 20; + + index index.html index.php; + + server { + listen 80; + root /var/www/shaarli; + + access_log /var/log/nginx/shaarli.access.log; + error_log /var/log/nginx/shaarli.error.log; + + location ~ /\. { + # deny access to dotfiles + access_log off; + log_not_found off; + deny all; + } + + location ~ ~$ { + # deny access to temp editor files, e.g. "script.php~" + access_log off; + log_not_found off; + deny all; + } + + location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { + # cache static assets + expires max; + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + location ~ (index)\.php$ { + # filter and proxy PHP requests to PHP-FPM + fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_index index.php; + include fastcgi.conf; + } + + location ~ \.php$ { + # deny access to all other PHP scripts + deny all; + } + } +} diff --git a/docker/production/stable/Dockerfile b/docker/production/stable/Dockerfile new file mode 100644 index 0000000..2bb3948 --- /dev/null +++ b/docker/production/stable/Dockerfile @@ -0,0 +1,20 @@ +FROM debian:jessie +MAINTAINER Shaarli Community + +RUN apt-get update \ + && apt-get install -y curl nginx-light php5-fpm php5-gd supervisor + +COPY nginx.conf /etc/nginx/nginx.conf +COPY supervised.conf /etc/supervisor/conf.d/supervised.conf + +WORKDIR /var/www +RUN rm -rf html \ + && curl -L https://github.com/shaarli/Shaarli/archive/stable.tar.gz | tar xvzf - \ + && mv Shaarli-stable shaarli \ + && chown -R www-data:www-data shaarli + +VOLUME /var/www/shaarli/data + +EXPOSE 80 + +CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"] diff --git a/docker/production/stable/IMAGE.md b/docker/production/stable/IMAGE.md new file mode 100644 index 0000000..d85b1d7 --- /dev/null +++ b/docker/production/stable/IMAGE.md @@ -0,0 +1,5 @@ +## shaarli:stable +- [Debian 8 Jessie](https://hub.docker.com/_/debian/) +- [PHP5-FPM](http://php-fpm.org/) +- [Nginx](http://nginx.org/) +- [Shaarli (stable)](https://github.com/shaarli/Shaarli/tree/stable) diff --git a/docker/production/stable/nginx.conf b/docker/production/stable/nginx.conf new file mode 100644 index 0000000..e23c458 --- /dev/null +++ b/docker/production/stable/nginx.conf @@ -0,0 +1,56 @@ +user www-data www-data; +daemon off; +worker_processes 4; + +events { + worker_connections 768; +} + +http { + include mime.types; + default_type application/octet-stream; + keepalive_timeout 20; + + index index.html index.php; + + server { + listen 80; + root /var/www/shaarli; + + access_log /var/log/nginx/shaarli.access.log; + error_log /var/log/nginx/shaarli.error.log; + + location ~ /\. { + # deny access to dotfiles + access_log off; + log_not_found off; + deny all; + } + + location ~ ~$ { + # deny access to temp editor files, e.g. "script.php~" + access_log off; + log_not_found off; + deny all; + } + + location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { + # cache static assets + expires max; + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + location ~ (index)\.php$ { + # filter and proxy PHP requests to PHP-FPM + fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_index index.php; + include fastcgi.conf; + } + + location ~ \.php$ { + # deny access to all other PHP scripts + deny all; + } + } +} diff --git a/docker/production/stable/supervised.conf b/docker/production/stable/supervised.conf new file mode 100644 index 0000000..5acd979 --- /dev/null +++ b/docker/production/stable/supervised.conf @@ -0,0 +1,13 @@ +[program:php5-fpm] +command=/usr/sbin/php5-fpm -F +priority=5 +autostart=true +autorestart=true + +[program:nginx] +command=/usr/sbin/nginx +priority=10 +autostart=true +autorestart=true +stdout_events_enabled=true +stderr_events_enabled=true diff --git a/docker/production/supervised.conf b/docker/production/supervised.conf new file mode 100644 index 0000000..5acd979 --- /dev/null +++ b/docker/production/supervised.conf @@ -0,0 +1,13 @@ +[program:php5-fpm] +command=/usr/sbin/php5-fpm -F +priority=5 +autostart=true +autorestart=true + +[program:nginx] +command=/usr/sbin/nginx +priority=10 +autostart=true +autorestart=true +stdout_events_enabled=true +stderr_events_enabled=true