docker: build the images from the local sources

Relates to https://github.com/shaarli/Shaarli/issues/1153 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
author: VirtualTam <virtualtam@flibidi.net> 2018-06-16 23:46:33 +0200
committer: VirtualTam <virtualtam@flibidi.net> 2018-06-17 13:21:01 +0200
commit: decae8c119e0f4750d10909abc47d8afb89af362 (patch)
tree: 8a9587a53f0161fe95141d982ff4cea40075372b
parent: 865d57b84abb0fa3fc04aec7ce2d34326dac34fa (diff)
download: Shaarli-decae8c119e0f4750d10909abc47d8afb89af362.tar.gz
Shaarli-decae8c119e0f4750d10909abc47d8afb89af362.tar.zst
Shaarli-decae8c119e0f4750d10909abc47d8afb89af362.zip
11 files changed, 272 insertions, 2 deletions
diff --git a/.docker/.htaccess b/.docker/.htaccess
new file mode 100644
index 00000000..f601c1ee
--- /dev/null
+++ b/.docker/.htaccess
@@ -0,0 +1,13 @@
+<IfModule version_module>
+  <IfVersion >= 2.4>
+     Require all denied
+  </IfVersion>
+  <IfVersion < 2.4>
+     Allow from none
+     Deny from all
+  </IfVersion>
+</IfModule>
+<IfModule !version_module>
+    Require all denied
+</IfModule>
diff --git a/.docker/nginx.conf b/.docker/nginx.conf
new file mode 100644
index 00000000..07fba33f
--- /dev/null
+++ b/.docker/nginx.conf
@@ -0,0 +1,73 @@
+user nginx nginx;
+daemon off;
+worker_processes 4;
+pid /var/run/nginx.pid;
+events {
+    worker_connections  768;
+}
+http {
+    include            mime.types;
+    default_type       application/octet-stream;
+    keepalive_timeout  20;
+    client_max_body_size 10m;
+    index index.html index.php;
+    server {
+        listen       80;
+        root         /var/www/shaarli;
+        access_log  /var/log/nginx/shaarli.access.log;
+        error_log   /var/log/nginx/shaarli.error.log;
+        location ~ /\. {
+            # deny access to dotfiles
+            access_log off;
+            log_not_found off;
+            deny all;
+        }
+        
+        location ~ ~$ {
+            # deny access to temp editor files, e.g. "script.php~"
+            access_log off;
+            log_not_found off;
+            deny all;
+        }
+        location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
+            # cache static assets
+            expires    max;
+            add_header Pragma public;
+            add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+        }
+        location = /favicon.ico {
+            # serve the Shaarli favicon from its custom location
+            alias /var/www/shaarli/images/favicon.ico;
+        }
+        location / {
+            # Slim - rewrite URLs
+            try_files $uri /index.php$is_args$args;
+        }
+        location ~ (index)\.php$ {
+            # Slim - split URL path into (script_filename, path_info)
+            try_files $uri =404;
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            # filter and proxy PHP requests to PHP-FPM
+            fastcgi_pass   unix:/var/run/php-fpm.sock;
+            fastcgi_index  index.php;
+            include        fastcgi.conf;
+        }
+        location ~ \.php$ {
+            # deny access to all other PHP scripts
+            deny all;
+        }
+    }
+}
diff --git a/.docker/php-fpm.conf b/.docker/php-fpm.conf
new file mode 100644
index 00000000..0843c164
--- /dev/null
+++ b/.docker/php-fpm.conf
@@ -0,0 +1,16 @@
+[global]
+daemonize = no
+[www]
+user = nginx
+group = nginx
+listen.owner = nginx
+listen.group = nginx
+catch_workers_output = yes
+listen = /var/run/php-fpm.sock
+pm = dynamic
+pm.max_children = 20
+pm.start_servers = 1
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+pm.max_requests = 2048
diff --git a/.docker/services.d/.s6-svscan/finish b/.docker/services.d/.s6-svscan/finish
new file mode 100755
index 00000000..1dadeeaf
--- /dev/null
+++ b/.docker/services.d/.s6-svscan/finish
@@ -0,0 +1,2 @@
+#!/bin/sh
+/bin/true
diff --git a/.docker/services.d/nginx/run b/.docker/services.d/nginx/run
new file mode 100755
index 00000000..21e7b0d6
--- /dev/null
+++ b/.docker/services.d/nginx/run
@@ -0,0 +1,2 @@
+#!/bin/execlineb -P
+nginx
diff --git a/.docker/services.d/php-fpm/run b/.docker/services.d/php-fpm/run
new file mode 100755
index 00000000..21dd0107
--- /dev/null
+++ b/.docker/services.d/php-fpm/run
@@ -0,0 +1,2 @@
+#!/bin/execlineb -P
+php-fpm7 -F
diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 00000000..cdd0a894
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,44 @@
+# Docker-ignore
+.dev
+.git
+.github
+tests
+# Shaarli runtime resources
+cache/*
+data/*
+pagecache/*
+tmp/*
+# Eclipse project files
+.settings
+.buildpath
+.project
+# Raintpl generated pages
+*.rtpl.php
+# 3rd-party dependencies
+vendor/
+# Release archives
+*.tar.gz
+*.zip
+inc/languages/*/LC_MESSAGES/shaarli.mo
+# Development and test resources
+coverage
+doxygen
+sandbox
+phpmd.html
+# User plugin configuration
+plugins/*/config.php
+# HTML documentation
+doc/html/
+# 3rd party themes
+tpl/*
+!tpl/default
+!tpl/vintage
diff --git a/.gitattributes b/.gitattributes
index b191e227..00070561 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -32,7 +32,9 @@ Dockerfile      text
 .travis.yml     export-ignore
 doc/**/*.json   export-ignore
 doc/**/*.md     export-ignore
-docker/         export-ignore
+.docker/        export-ignore
+.dockerignore   export-ignore
+Dockerfile*     export-ignore
 Doxyfile        export-ignore
 Makefile        export-ignore
 mkdocs.yml      export-ignore
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 14a4f143..4f72436b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,8 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
+## [v0.9.7](https://github.com/shaarli/Shaarli/releases/tag/v0.9.7) - UNPUBLISHED
+### Changed
+- Build the Docker images from the local Git sources
 ## [v0.9.6](https://github.com/shaarli/Shaarli/releases/tag/v0.9.6) - 2018-03-25
-## Changed
+### Changed
 - htaccess: prevent accessing resources not managed by SCM
 - htaccess: always forward the 'Authorization' HTTP header
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..93146c52
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,61 @@
+# Stage 1:
+# - Copy Shaarli sources
+# - Build documentation
+FROM python:3-alpine as docs
+ADD . /usr/src/app/shaarli
+RUN cd /usr/src/app/shaarli \
+    && pip install --no-cache-dir mkdocs \
+    && mkdocs build
+# Stage 2:
+# - Resolve PHP dependencies with Composer
+FROM composer:latest as composer
+COPY --from=docs /usr/src/app/shaarli /app/shaarli
+RUN cd shaarli \
+    && composer --prefer-dist --no-dev install
+# Stage 3:
+# - Shaarli image
+FROM alpine:3.6
+LABEL maintainer="Shaarli Community"
+RUN apk --update --no-cache add \
+        ca-certificates \
+        nginx \
+        php7 \
+        php7-ctype \
+        php7-curl \
+        php7-fpm \
+        php7-gd \
+        php7-iconv \
+        php7-intl \
+        php7-json \
+        php7-mbstring \
+        php7-openssl \
+        php7-session \
+        php7-xml \
+        php7-zlib \
+        s6
+COPY .docker/nginx.conf /etc/nginx/nginx.conf
+COPY .docker/php-fpm.conf /etc/php7/php-fpm.conf
+COPY .docker/services.d /etc/services.d
+RUN rm -rf /etc/php7/php-fpm.d/www.conf \
+    && sed -i 's/post_max_size.*/post_max_size = 10M/' /etc/php7/php.ini \
+    && sed -i 's/upload_max_filesize.*/upload_max_filesize = 10M/' /etc/php7/php.ini
+WORKDIR /var/www
+COPY --from=composer /app/shaarli shaarli
+RUN chown -R nginx:nginx . \
+    && ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
+    && ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
+VOLUME /var/www/shaarli/data
+EXPOSE 80
+ENTRYPOINT ["/bin/s6-svscan", "/etc/services.d"]
+CMD []
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
new file mode 100644
index 00000000..24695633
--- /dev/null
+++ b/Dockerfile.armhf
@@ -0,0 +1,50 @@
+FROM lsiobase/alpine.armhf:3.6
+LABEL maintainer="Shaarli Community"
+MAINTAINER Shaarli Community
+RUN apk --update --no-cache add \
+        ca-certificates \
+        curl \
+        nginx \
+        php7 \
+        php7-ctype \
+        php7-curl \
+        php7-fpm \
+        php7-gd \
+        php7-iconv \
+        php7-intl \
+        php7-json \
+        php7-mbstring \
+        php7-openssl \
+        php7-phar \
+        php7-session \
+        php7-xml \
+        php7-zlib \
+        s6
+COPY .docker/nginx.conf /etc/nginx/nginx.conf
+COPY .docker/php-fpm.conf /etc/php7/php-fpm.conf
+COPY .docker/services.d /etc/services.d
+RUN curl -sS https://getcomposer.org/installer | php7 -- --install-dir=/usr/local/bin --filename=composer \
+    && rm -rf /etc/php7/php-fpm.d/www.conf \
+    && sed -i 's/post_max_size.*/post_max_size = 10M/' /etc/php7/php.ini \
+    && sed -i 's/upload_max_filesize.*/upload_max_filesize = 10M/' /etc/php7/php.ini
+WORKDIR /var/www
+RUN curl -L https://github.com/shaarli/Shaarli/archive/latest.tar.gz | tar xzf - \
+    && mv Shaarli-latest shaarli \
+    && cd shaarli \
+    && composer --prefer-dist --no-dev install \
+    && rm -rf ~/.composer \
+    && chown -R nginx:nginx . \
+    && ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
+    && ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
+VOLUME /var/www/shaarli/data
+EXPOSE 80
+ENTRYPOINT ["/bin/s6-svscan", "/etc/services.d"]
+CMD []
author	VirtualTam <virtualtam@flibidi.net>	2018-06-16 23:46:33 +0200
committer	VirtualTam <virtualtam@flibidi.net>	2018-06-17 13:21:01 +0200
commit	decae8c119e0f4750d10909abc47d8afb89af362 (patch)
tree	8a9587a53f0161fe95141d982ff4cea40075372b
parent	865d57b84abb0fa3fc04aec7ce2d34326dac34fa (diff)
download	Shaarli-decae8c119e0f4750d10909abc47d8afb89af362.tar.gz Shaarli-decae8c119e0f4750d10909abc47d8afb89af362.tar.zst Shaarli-decae8c119e0f4750d10909abc47d8afb89af362.zip

diff --git a/.docker/.htaccess b/.docker/.htaccess new file mode 100644 index 00000000..f601c1ee --- /dev/null +++ b/.docker/.htaccess
@@ -0,0 +1,13 @@
		1	<IfModule version_module>
		2	<IfVersion >= 2.4>
		3	Require all denied
		4	</IfVersion>
		5	<IfVersion < 2.4>
		6	Allow from none
		7	Deny from all
		8	</IfVersion>
		9	</IfModule>
		10
		11	<IfModule !version_module>
		12	Require all denied
		13	</IfModule>


diff --git a/.docker/nginx.conf b/.docker/nginx.conf new file mode 100644 index 00000000..07fba33f --- /dev/null +++ b/.docker/nginx.conf
@@ -0,0 +1,73 @@
		1	user nginx nginx;
		2	daemon off;
		3	worker_processes 4;
		4	pid /var/run/nginx.pid;
		5
		6	events {
		7	worker_connections 768;
		8	}
		9
		10	http {
		11	include mime.types;
		12	default_type application/octet-stream;
		13	keepalive_timeout 20;
		14
		15	client_max_body_size 10m;
		16
		17	index index.html index.php;
		18
		19	server {
		20	listen 80;
		21	root /var/www/shaarli;
		22
		23	access_log /var/log/nginx/shaarli.access.log;
		24	error_log /var/log/nginx/shaarli.error.log;
		25
		26	location ~ /\. {
		27	# deny access to dotfiles
		28	access_log off;
		29	log_not_found off;
		30	deny all;
		31	}
		32
		33	location ~ ~$ {
		34	# deny access to temp editor files, e.g. "script.php~"
		35	access_log off;
		36	log_not_found off;
		37	deny all;
		38	}
		39
		40	location ~* \.(?:ico\|css\|js\|gif\|jpe?g\|png)$ {
		41	# cache static assets
		42	expires max;
		43	add_header Pragma public;
		44	add_header Cache-Control "public, must-revalidate, proxy-revalidate";
		45	}
		46
		47	location = /favicon.ico {
		48	# serve the Shaarli favicon from its custom location
		49	alias /var/www/shaarli/images/favicon.ico;
		50	}
		51
		52	location / {
		53	# Slim - rewrite URLs
		54	try_files $uri /index.php$is_args$args;
		55	}
		56
		57	location ~ (index)\.php$ {
		58	# Slim - split URL path into (script_filename, path_info)
		59	try_files $uri =404;
		60	fastcgi_split_path_info ^(.+\.php)(/.+)$;
		61
		62	# filter and proxy PHP requests to PHP-FPM
		63	fastcgi_pass unix:/var/run/php-fpm.sock;
		64	fastcgi_index index.php;
		65	include fastcgi.conf;
		66	}
		67
		68	location ~ \.php$ {
		69	# deny access to all other PHP scripts
		70	deny all;
		71	}
		72	}
		73	}


diff --git a/.docker/php-fpm.conf b/.docker/php-fpm.conf new file mode 100644 index 00000000..0843c164 --- /dev/null +++ b/.docker/php-fpm.conf
@@ -0,0 +1,16 @@
		1	[global]
		2	daemonize = no
		3
		4	[www]
		5	user = nginx
		6	group = nginx
		7	listen.owner = nginx
		8	listen.group = nginx
		9	catch_workers_output = yes
		10	listen = /var/run/php-fpm.sock
		11	pm = dynamic
		12	pm.max_children = 20
		13	pm.start_servers = 1
		14	pm.min_spare_servers = 1
		15	pm.max_spare_servers = 3
		16	pm.max_requests = 2048


diff --git a/.docker/services.d/.s6-svscan/finish b/.docker/services.d/.s6-svscan/finish new file mode 100755 index 00000000..1dadeeaf --- /dev/null +++ b/.docker/services.d/.s6-svscan/finish
@@ -0,0 +1,2 @@
		1	#!/bin/sh
		2	/bin/true


diff --git a/.docker/services.d/nginx/run b/.docker/services.d/nginx/run new file mode 100755 index 00000000..21e7b0d6 --- /dev/null +++ b/.docker/services.d/nginx/run
@@ -0,0 +1,2 @@
		1	#!/bin/execlineb -P
		2	nginx


diff --git a/.docker/services.d/php-fpm/run b/.docker/services.d/php-fpm/run new file mode 100755 index 00000000..21dd0107 --- /dev/null +++ b/.docker/services.d/php-fpm/run
@@ -0,0 +1,2 @@
		1	#!/bin/execlineb -P
		2	php-fpm7 -F


diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..cdd0a894 --- /dev/null +++ b/.dockerignore
@@ -0,0 +1,44 @@
		1	# Docker-ignore
		2	.dev
		3	.git
		4	.github
		5	tests
		6
		7	# Shaarli runtime resources
		8	cache/*
		9	data/*
		10	pagecache/*
		11	tmp/*
		12
		13	# Eclipse project files
		14	.settings
		15	.buildpath
		16	.project
		17
		18	# Raintpl generated pages
		19	*.rtpl.php
		20
		21	# 3rd-party dependencies
		22	vendor/
		23
		24	# Release archives
		25	*.tar.gz
		26	*.zip
		27	inc/languages/*/LC_MESSAGES/shaarli.mo
		28
		29	# Development and test resources
		30	coverage
		31	doxygen
		32	sandbox
		33	phpmd.html
		34
		35	# User plugin configuration
		36	plugins/*/config.php
		37
		38	# HTML documentation
		39	doc/html/
		40
		41	# 3rd party themes
		42	tpl/*
		43	!tpl/default
		44	!tpl/vintage


diff --git a/.gitattributes b/.gitattributes index b191e227..00070561 100644 --- a/.gitattributes +++ b/.gitattributes
@@ -32,7 +32,9 @@ Dockerfile text
32	.travis.yml export-ignore	32	.travis.yml export-ignore
33	doc/*/.json export-ignore	33	doc/*/.json export-ignore
34	doc/*/.md export-ignore	34	doc/*/.md export-ignore
35	docker/ export-ignore	35	.docker/ export-ignore
		36	.dockerignore export-ignore
		37	Dockerfile* export-ignore
36	Doxyfile export-ignore	38	Doxyfile export-ignore
37	Makefile export-ignore	39	Makefile export-ignore
38	mkdocs.yml export-ignore	40	mkdocs.yml export-ignore


diff --git a/CHANGELOG.md b/CHANGELOG.md index 14a4f143..4f72436b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md
@@ -4,8 +4,13 @@ All notable changes to this project will be documented in this file.
4	The format is based on [Keep a Changelog](http://keepachangelog.com/)	4	The format is based on [Keep a Changelog](http://keepachangelog.com/)
5	and this project adheres to [Semantic Versioning](http://semver.org/).	5	and this project adheres to [Semantic Versioning](http://semver.org/).
6		6
		7	## [v0.9.7](https://github.com/shaarli/Shaarli/releases/tag/v0.9.7) - UNPUBLISHED
		8	### Changed
		9	- Build the Docker images from the local Git sources
		10
		11
7	## [v0.9.6](https://github.com/shaarli/Shaarli/releases/tag/v0.9.6) - 2018-03-25	12	## [v0.9.6](https://github.com/shaarli/Shaarli/releases/tag/v0.9.6) - 2018-03-25
8	## Changed	13	### Changed
9	- htaccess: prevent accessing resources not managed by SCM	14	- htaccess: prevent accessing resources not managed by SCM
10	- htaccess: always forward the 'Authorization' HTTP header	15	- htaccess: always forward the 'Authorization' HTTP header
11		16


diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..93146c52 --- /dev/null +++ b/Dockerfile
@@ -0,0 +1,61 @@
		1	# Stage 1:
		2	# - Copy Shaarli sources
		3	# - Build documentation
		4	FROM python:3-alpine as docs
		5	ADD . /usr/src/app/shaarli
		6	RUN cd /usr/src/app/shaarli \
		7	&& pip install --no-cache-dir mkdocs \
		8	&& mkdocs build
		9
		10	# Stage 2:
		11	# - Resolve PHP dependencies with Composer
		12	FROM composer:latest as composer
		13	COPY --from=docs /usr/src/app/shaarli /app/shaarli
		14	RUN cd shaarli \
		15	&& composer --prefer-dist --no-dev install
		16
		17	# Stage 3:
		18	# - Shaarli image
		19	FROM alpine:3.6
		20	LABEL maintainer="Shaarli Community"
		21
		22	RUN apk --update --no-cache add \
		23	ca-certificates \
		24	nginx \
		25	php7 \
		26	php7-ctype \
		27	php7-curl \
		28	php7-fpm \
		29	php7-gd \
		30	php7-iconv \
		31	php7-intl \
		32	php7-json \
		33	php7-mbstring \
		34	php7-openssl \
		35	php7-session \
		36	php7-xml \
		37	php7-zlib \
		38	s6
		39
		40	COPY .docker/nginx.conf /etc/nginx/nginx.conf
		41	COPY .docker/php-fpm.conf /etc/php7/php-fpm.conf
		42	COPY .docker/services.d /etc/services.d
		43
		44	RUN rm -rf /etc/php7/php-fpm.d/www.conf \
		45	&& sed -i 's/post_max_size.*/post_max_size = 10M/' /etc/php7/php.ini \
		46	&& sed -i 's/upload_max_filesize.*/upload_max_filesize = 10M/' /etc/php7/php.ini
		47
		48
		49	WORKDIR /var/www
		50	COPY --from=composer /app/shaarli shaarli
		51
		52	RUN chown -R nginx:nginx . \
		53	&& ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
		54	&& ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
		55
		56	VOLUME /var/www/shaarli/data
		57
		58	EXPOSE 80
		59
		60	ENTRYPOINT ["/bin/s6-svscan", "/etc/services.d"]
		61	CMD []


diff --git a/Dockerfile.armhf b/Dockerfile.armhf new file mode 100644 index 00000000..24695633 --- /dev/null +++ b/Dockerfile.armhf
@@ -0,0 +1,50 @@
		1	FROM lsiobase/alpine.armhf:3.6
		2	LABEL maintainer="Shaarli Community"
		3	MAINTAINER Shaarli Community
		4
		5	RUN apk --update --no-cache add \
		6	ca-certificates \
		7	curl \
		8	nginx \
		9	php7 \
		10	php7-ctype \
		11	php7-curl \
		12	php7-fpm \
		13	php7-gd \
		14	php7-iconv \
		15	php7-intl \
		16	php7-json \
		17	php7-mbstring \
		18	php7-openssl \
		19	php7-phar \
		20	php7-session \
		21	php7-xml \
		22	php7-zlib \
		23	s6
		24
		25	COPY .docker/nginx.conf /etc/nginx/nginx.conf
		26	COPY .docker/php-fpm.conf /etc/php7/php-fpm.conf
		27	COPY .docker/services.d /etc/services.d
		28
		29	RUN curl -sS https://getcomposer.org/installer \| php7 -- --install-dir=/usr/local/bin --filename=composer \
		30	&& rm -rf /etc/php7/php-fpm.d/www.conf \
		31	&& sed -i 's/post_max_size.*/post_max_size = 10M/' /etc/php7/php.ini \
		32	&& sed -i 's/upload_max_filesize.*/upload_max_filesize = 10M/' /etc/php7/php.ini
		33
		34
		35	WORKDIR /var/www
		36	RUN curl -L https://github.com/shaarli/Shaarli/archive/latest.tar.gz \| tar xzf - \
		37	&& mv Shaarli-latest shaarli \
		38	&& cd shaarli \
		39	&& composer --prefer-dist --no-dev install \
		40	&& rm -rf ~/.composer \
		41	&& chown -R nginx:nginx . \
		42	&& ln -sf /dev/stdout /var/log/nginx/shaarli.access.log \
		43	&& ln -sf /dev/stderr /var/log/nginx/shaarli.error.log
		44
		45	VOLUME /var/www/shaarli/data
		46
		47	EXPOSE 80
		48
		49	ENTRYPOINT ["/bin/s6-svscan", "/etc/services.d"]
		50	CMD []