diff options
author | nodiscc <nodiscc@gmail.com> | 2020-05-16 12:54:51 +0200 |
---|---|---|
committer | nodiscc <nodiscc@gmail.com> | 2020-09-12 14:31:45 +0200 |
commit | 91a21c272960889afd4eaa431a3d29b7785b6efc (patch) | |
tree | 26e3ba62319964c5fd48d93fdfe47813d5dc9bf5 /doc/md/docker | |
parent | 6128ab6a55430a2b705be31ff417c0c552a0db1f (diff) | |
download | Shaarli-91a21c272960889afd4eaa431a3d29b7785b6efc.tar.gz Shaarli-91a21c272960889afd4eaa431a3d29b7785b6efc.tar.zst Shaarli-91a21c272960889afd4eaa431a3d29b7785b6efc.zip |
**General rewording, proof-reading, deduplication, shortening, reordering, simplification, cleanup/formatting/standardization**
- standardize page names, rework documentation structure, update TOC
- use same example paths everywhere
- level 1 titles on all pages
- fix broken links
- .md suffix on all page links (works both from readthedocs and github repository views)
**Server:**
A full and concise installation guide with examples is a frequent request. The documentation should provide such a guide for basic installation needs, while explaining alternative/advanced configuration at the end. Links to reference guides and documentation should be used more frequently to avoid recommending an outdated or excessively complex configuration.
- server: move most server-related info to server-configuration.md, cleanup/shorten
- server: update list of php dependencies/libraries, link to composer.json
- server: installation: support 3 install methods (from release zip, from sources, using docker)
- server: installation: use rsync instead of mv as mv results will change depending of taget directory already existing or not
- server: add example/basic usage of certbot
- server, upgrade, installation: update file permissions setup, use sudo for upgrade operations in webserver document root
- server: apache: add comments to configuration, fix and factorize file permissions setup, set cache-control header, deny access to dotfiles, add missing apache config steps, add http->https redirect example
- server: nginx: refactor nginx configuration, add comments, DO log access to denied/protected files
- server: add links to MDN for x-forwarded-* http headers explanation, cleanup/clarify robots.txt and crawlers section
- server: bump file upload size limit to 100MB we have reports of bookmark exports weighing +40MB - i have a 13MB one here
- server: simplify phpinfo documentation
- server: move backup and restore information to dedicated page
- docker: move all docker docs to Docker.md, simplify/ docker setup, add docker-compose.yml example, replace docker-101 with docker cheatsheet
- troubleshooting: move all troubleshooting documentation to troubleshooting.md
**Usage:**
- index: add getting started section on index page
- features/usage: move all usage-related documentation to usage.md, add links from the main feature list to corresponding usage docs, clarify/reword features list
- shaarli configuration: add note about configuring from web interface
**Removed:**
- remove obsolete/orphan images
- remove obsolete shaarchiver example
- remove outdated "decode datastore content" snippet
**Development:**
- development: move development-related docs (static analysis, CI, unit tests, 3rd party libs, link structure/directory, guidelines, security....) to dev/ directory
- development: Merge several pages to development.md
- **Breaking change?:** remove mentions of 'stable' branch, switch to new branch/release model (master=latest commit, release=latest tag)
- **Breaking change?:** refer to base sharing unit as "Shaare" everywhere (TODO: reflect changes in the code?) doc: update featues list/link to usage.md for details
- development: directory structure: add note about required file permissions
- .travis-ci.yml: add comments
- .htaccess: add comment
Diffstat (limited to 'doc/md/docker')
-rw-r--r-- | doc/md/docker/docker-101.md | 140 | ||||
-rw-r--r-- | doc/md/docker/resources.md | 19 | ||||
-rw-r--r-- | doc/md/docker/reverse-proxy-configuration.md | 123 | ||||
-rw-r--r-- | doc/md/docker/shaarli-images.md | 118 |
4 files changed, 0 insertions, 400 deletions
diff --git a/doc/md/docker/docker-101.md b/doc/md/docker/docker-101.md deleted file mode 100644 index a9c00b85..00000000 --- a/doc/md/docker/docker-101.md +++ /dev/null | |||
@@ -1,140 +0,0 @@ | |||
1 | ## Basics | ||
2 | Install [Docker](https://www.docker.com/), by following the instructions relevant | ||
3 | to your OS / distribution, and start the service. | ||
4 | |||
5 | ### Search an image on [DockerHub](https://hub.docker.com/) | ||
6 | |||
7 | ```bash | ||
8 | $ docker search debian | ||
9 | |||
10 | NAME DESCRIPTION STARS OFFICIAL AUTOMATED | ||
11 | ubuntu Ubuntu is a Debian-based Linux operating s... 2065 [OK] | ||
12 | debian Debian is a Linux distribution that's comp... 603 [OK] | ||
13 | google/debian 47 [OK] | ||
14 | ``` | ||
15 | |||
16 | ### Show available tags for a repository | ||
17 | ```bash | ||
18 | $ curl https://index.docker.io/v1/repositories/debian/tags | python -m json.tool | ||
19 | |||
20 | % Total % Received % Xferd Average Speed Time Time Time Current | ||
21 | Dload Upload Total Spent Left Speed | ||
22 | 100 1283 0 1283 0 0 433 0 --:--:-- 0:00:02 --:--:-- 433 | ||
23 | ``` | ||
24 | |||
25 | Sample output: | ||
26 | ```json | ||
27 | [ | ||
28 | { | ||
29 | "layer": "85a02782", | ||
30 | "name": "stretch" | ||
31 | }, | ||
32 | { | ||
33 | "layer": "59abecbc", | ||
34 | "name": "testing" | ||
35 | }, | ||
36 | { | ||
37 | "layer": "bf0fd686", | ||
38 | "name": "unstable" | ||
39 | }, | ||
40 | { | ||
41 | "layer": "60c52dbe", | ||
42 | "name": "wheezy" | ||
43 | }, | ||
44 | { | ||
45 | "layer": "c5b806fe", | ||
46 | "name": "wheezy-backports" | ||
47 | } | ||
48 | ] | ||
49 | |||
50 | ``` | ||
51 | |||
52 | ### Pull an image from DockerHub | ||
53 | ```bash | ||
54 | $ docker pull repository[:tag] | ||
55 | |||
56 | $ docker pull debian:wheezy | ||
57 | wheezy: Pulling from debian | ||
58 | 4c8cbfd2973e: Pull complete | ||
59 | 60c52dbe9d91: Pull complete | ||
60 | Digest: sha256:c584131da2ac1948aa3e66468a4424b6aea2f33acba7cec0b631bdb56254c4fe | ||
61 | Status: Downloaded newer image for debian:wheezy | ||
62 | ``` | ||
63 | |||
64 | Docker re-uses layers already downloaded. In other words if you have images based on Alpine or some Ubuntu version for example, those can share disk space. | ||
65 | |||
66 | ### Start a container | ||
67 | A container is an instance created from an image, that can be run and that keeps running until its main process exits. Or until the user stops the container. | ||
68 | |||
69 | The simplest way to start a container from image is ``docker run``. It also pulls the image for you if it is not locally available. For more advanced use, refer to ``docker create``. | ||
70 | |||
71 | Stopped containers are not destroyed, unless you specify ``--rm``. To view all created, running and stopped containers, enter: | ||
72 | ```bash | ||
73 | $ docker ps -a | ||
74 | ``` | ||
75 | |||
76 | Some containers may be designed or configured to be restarted, others are not. Also remember both network ports and volumes of a container are created on start, and not editable later. | ||
77 | |||
78 | ### Access a running container | ||
79 | A running container is accessible using ``docker exec``, or ``docker copy``. You can use ``exec`` to start a root shell in the Shaarli container: | ||
80 | ```bash | ||
81 | $ docker exec -ti <container-name-or-id> bash | ||
82 | ``` | ||
83 | Note the names and ID's of containers are listed in ``docker ps``. You can even type only one or two letters of the ID, given they are unique. | ||
84 | |||
85 | Access can also be through one or more network ports, or disk volumes. Both are specified on and fixed on ``docker create`` or ``run``. | ||
86 | |||
87 | You can view the console output of the main container process too: | ||
88 | ```bash | ||
89 | $ docker logs -f <container-name-or-id> | ||
90 | ``` | ||
91 | |||
92 | ### Docker disk use | ||
93 | Trying out different images can fill some gigabytes of disk quickly. Besides images, the docker volumes usually take up most disk space. | ||
94 | |||
95 | If you care only about trying out docker and not about what is running or saved, the following commands should help you out quickly if you run low on disk space: | ||
96 | |||
97 | ```bash | ||
98 | $ docker rmi -f $(docker images -aq) # remove or mark all images for disposal | ||
99 | $ docker volume rm $(docker volume ls -q) # remove all volumes | ||
100 | ``` | ||
101 | |||
102 | ### Systemd config | ||
103 | Systemd is the process manager of choice on Debian-based distributions. Once you have a ``docker`` service installed, you can use the following steps to set up Shaarli to run on system start. | ||
104 | |||
105 | ```bash | ||
106 | systemctl enable /etc/systemd/system/docker.shaarli.service | ||
107 | systemctl start docker.shaarli | ||
108 | systemctl status docker.* | ||
109 | journalctl -f # inspect system log if needed | ||
110 | ``` | ||
111 | |||
112 | You will need sudo or a root terminal to perform some or all of the steps above. Here are the contents for the service file: | ||
113 | ``` | ||
114 | [Unit] | ||
115 | Description=Shaarli Bookmark Manager Container | ||
116 | After=docker.service | ||
117 | Requires=docker.service | ||
118 | |||
119 | |||
120 | [Service] | ||
121 | Restart=always | ||
122 | |||
123 | # Put any environment you want in an included file, like $host- or $domainname in this example | ||
124 | EnvironmentFile=/etc/sysconfig/box-environment | ||
125 | |||
126 | # It's just an example.. | ||
127 | ExecStart=/usr/bin/docker run \ | ||
128 | -p 28010:80 \ | ||
129 | --name ${hostname}-shaarli \ | ||
130 | --hostname shaarli.${domainname} \ | ||
131 | -v /srv/docker-volumes-local/shaarli-data:/var/www/shaarli/data:rw \ | ||
132 | -v /etc/localtime:/etc/localtime:ro \ | ||
133 | shaarli/shaarli:latest | ||
134 | |||
135 | ExecStop=/usr/bin/docker rm -f ${hostname}-shaarli | ||
136 | |||
137 | |||
138 | [Install] | ||
139 | WantedBy=multi-user.target | ||
140 | ``` | ||
diff --git a/doc/md/docker/resources.md b/doc/md/docker/resources.md deleted file mode 100644 index 082d4a46..00000000 --- a/doc/md/docker/resources.md +++ /dev/null | |||
@@ -1,19 +0,0 @@ | |||
1 | ### Docker | ||
2 | |||
3 | - [Interactive Docker training portal](https://www.katacoda.com/courses/docker/) on [Katakoda](https://www.katacoda.com/) | ||
4 | - [Where are Docker images stored?](http://blog.thoward37.me/articles/where-are-docker-images-stored/) | ||
5 | - [Dockerfile reference](https://docs.docker.com/reference/builder/) | ||
6 | - [Dockerfile best practices](https://docs.docker.com/articles/dockerfile_best-practices/) | ||
7 | - [Volumes](https://docs.docker.com/userguide/dockervolumes/) | ||
8 | |||
9 | ### DockerHub | ||
10 | |||
11 | - [Repositories](https://docs.docker.com/userguide/dockerrepos/) | ||
12 | - [Teams and organizations](https://docs.docker.com/docker-hub/orgs/) | ||
13 | - [GitHub automated build](https://docs.docker.com/docker-hub/github/) | ||
14 | |||
15 | ### Service management | ||
16 | |||
17 | - [Using supervisord](https://docs.docker.com/articles/using_supervisord/) | ||
18 | - [Nginx in the foreground](http://nginx.org/en/docs/ngx_core_module.html#daemon) | ||
19 | - [supervisord](http://supervisord.org/) | ||
diff --git a/doc/md/docker/reverse-proxy-configuration.md b/doc/md/docker/reverse-proxy-configuration.md deleted file mode 100644 index e53c9422..00000000 --- a/doc/md/docker/reverse-proxy-configuration.md +++ /dev/null | |||
@@ -1,123 +0,0 @@ | |||
1 | ## Foreword | ||
2 | |||
3 | This guide assumes that: | ||
4 | |||
5 | - Shaarli runs in a Docker container | ||
6 | - The host's `10080` port is mapped to the container's `80` port | ||
7 | - Shaarli's Fully Qualified Domain Name (FQDN) is `shaarli.domain.tld` | ||
8 | - HTTP traffic is redirected to HTTPS | ||
9 | |||
10 | ## Apache | ||
11 | |||
12 | - [Apache 2.4 documentation](https://httpd.apache.org/docs/2.4/) | ||
13 | - [mod_proxy](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html) | ||
14 | - [Reverse Proxy Request Headers](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#x-headers) | ||
15 | |||
16 | The following HTTP headers are set when the `ProxyPass` directive is set: | ||
17 | |||
18 | - `X-Forwarded-For` | ||
19 | - `X-Forwarded-Host` | ||
20 | - `X-Forwarded-Server` | ||
21 | |||
22 | The original `SERVER_NAME` can be sent to the proxied host by setting the [`ProxyPreserveHost`](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#ProxyPreserveHost) directive to `On`. | ||
23 | |||
24 | ```apache | ||
25 | <VirtualHost *:80> | ||
26 | ServerName shaarli.domain.tld | ||
27 | Redirect permanent / https://shaarli.domain.tld | ||
28 | </VirtualHost> | ||
29 | |||
30 | <VirtualHost *:443> | ||
31 | ServerName shaarli.domain.tld | ||
32 | |||
33 | SSLEngine on | ||
34 | SSLCertificateFile /path/to/cert | ||
35 | SSLCertificateKeyFile /path/to/certkey | ||
36 | |||
37 | LogLevel warn | ||
38 | ErrorLog /var/log/apache2/shaarli-error.log | ||
39 | CustomLog /var/log/apache2/shaarli-access.log combined | ||
40 | |||
41 | RequestHeader set X-Forwarded-Proto "https" | ||
42 | ProxyPreserveHost On | ||
43 | |||
44 | ProxyPass / http://127.0.0.1:10080/ | ||
45 | ProxyPassReverse / http://127.0.0.1:10080/ | ||
46 | </VirtualHost> | ||
47 | ``` | ||
48 | |||
49 | |||
50 | ## HAProxy | ||
51 | |||
52 | - [HAProxy documentation](https://cbonte.github.io/haproxy-dconv/) | ||
53 | |||
54 | ```conf | ||
55 | global | ||
56 | [...] | ||
57 | |||
58 | defaults | ||
59 | [...] | ||
60 | |||
61 | frontend http-in | ||
62 | bind :80 | ||
63 | redirect scheme https code 301 if !{ ssl_fc } | ||
64 | |||
65 | bind :443 ssl crt /path/to/cert.pem | ||
66 | |||
67 | default_backend shaarli | ||
68 | |||
69 | |||
70 | backend shaarli | ||
71 | mode http | ||
72 | option http-server-close | ||
73 | option forwardfor | ||
74 | reqadd X-Forwarded-Proto: https | ||
75 | |||
76 | server shaarli1 127.0.0.1:10080 | ||
77 | ``` | ||
78 | |||
79 | |||
80 | ## Nginx | ||
81 | |||
82 | - [Nginx documentation](https://nginx.org/en/docs/) | ||
83 | |||
84 | ```nginx | ||
85 | http { | ||
86 | [...] | ||
87 | |||
88 | index index.html index.php; | ||
89 | |||
90 | root /home/john/web; | ||
91 | access_log /var/log/nginx/access.log; | ||
92 | error_log /var/log/nginx/error.log; | ||
93 | |||
94 | server { | ||
95 | listen 80; | ||
96 | server_name shaarli.domain.tld; | ||
97 | return 301 https://shaarli.domain.tld$request_uri; | ||
98 | } | ||
99 | |||
100 | server { | ||
101 | listen 443 ssl http2; | ||
102 | server_name shaarli.domain.tld; | ||
103 | |||
104 | ssl_certificate /path/to/cert | ||
105 | ssl_certificate_key /path/to/certkey | ||
106 | |||
107 | location / { | ||
108 | proxy_set_header X-Real-IP $remote_addr; | ||
109 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
110 | proxy_set_header X-Forwarded-Proto $scheme; | ||
111 | proxy_set_header X-Forwarded-Host $host; | ||
112 | |||
113 | proxy_pass http://localhost:10080/; | ||
114 | proxy_set_header Host $host; | ||
115 | proxy_connect_timeout 30s; | ||
116 | proxy_read_timeout 120s; | ||
117 | |||
118 | access_log /var/log/nginx/shaarli.access.log; | ||
119 | error_log /var/log/nginx/shaarli.error.log; | ||
120 | } | ||
121 | } | ||
122 | } | ||
123 | ``` | ||
diff --git a/doc/md/docker/shaarli-images.md b/doc/md/docker/shaarli-images.md deleted file mode 100644 index 14971d54..00000000 --- a/doc/md/docker/shaarli-images.md +++ /dev/null | |||
@@ -1,118 +0,0 @@ | |||
1 | A brief guide on getting starting using docker is given in [Docker 101](docker-101.md). | ||
2 | To learn more about user data and how to keep it across versions, please see [Upgrade and Migration](../Upgrade-and-migration.md). | ||
3 | |||
4 | ## Get and run a Shaarli image | ||
5 | |||
6 | ### DockerHub repository | ||
7 | The images can be found in the [`shaarli/shaarli`](https://hub.docker.com/r/shaarli/shaarli/) | ||
8 | repository. | ||
9 | |||
10 | ### Available image tags | ||
11 | - `latest`: latest branch | ||
12 | - `master`: master branch | ||
13 | - `stable`: stable branch | ||
14 | |||
15 | The `latest`, `master` and `stable` images rely on: | ||
16 | |||
17 | - [Alpine Linux](https://www.alpinelinux.org/) | ||
18 | - [PHP7-FPM](http://php-fpm.org/) | ||
19 | - [Nginx](http://nginx.org/) | ||
20 | |||
21 | Additional Dockerfiles are provided for the `arm32v7` platform, relying on | ||
22 | [Linuxserver.io Alpine armhf | ||
23 | images](https://hub.docker.com/r/lsiobase/alpine.armhf/). These images must be | ||
24 | built using [`docker | ||
25 | build`](https://docs.docker.com/engine/reference/commandline/build/) on an | ||
26 | `arm32v7` machine or using an emulator such as | ||
27 | [qemu](https://resin.io/blog/building-arm-containers-on-any-x86-machine-even-dockerhub/). | ||
28 | |||
29 | ### Download from Docker Hub | ||
30 | ```shell | ||
31 | $ docker pull shaarli/shaarli | ||
32 | |||
33 | latest: Pulling from shaarli/shaarli | ||
34 | 32716d9fcddb: Pull complete | ||
35 | 84899d045435: Pull complete | ||
36 | 4b6ad7444763: Pull complete | ||
37 | e0345ef7a3e0: Pull complete | ||
38 | 5c1dd344094f: Pull complete | ||
39 | 6422305a200b: Pull complete | ||
40 | 7d63f861dbef: Pull complete | ||
41 | 3eb97210645c: Pull complete | ||
42 | 869319d746ff: Already exists | ||
43 | 869319d746ff: Pulling fs layer | ||
44 | 902b87aaaec9: Already exists | ||
45 | Digest: sha256:f836b4627b958b3f83f59c332f22f02fcd495ace3056f2be2c4912bd8704cc98 | ||
46 | Status: Downloaded newer image for shaarli/shaarli:latest | ||
47 | ``` | ||
48 | |||
49 | ### Create and start a new container from the image | ||
50 | ```shell | ||
51 | # map the host's :8000 port to the container's :80 port | ||
52 | $ docker create -p 8000:80 shaarli/shaarli | ||
53 | d40b7af693d678958adedfb88f87d6ea0237186c23de5c4102a55a8fcb499101 | ||
54 | |||
55 | # launch the container in the background | ||
56 | $ docker start d40b7af693d678958adedfb88f87d6ea0237186c23de5c4102a55a8fcb499101 | ||
57 | d40b7af693d678958adedfb88f87d6ea0237186c23de5c4102a55a8fcb499101 | ||
58 | |||
59 | # list active containers | ||
60 | $ docker ps | ||
61 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | ||
62 | d40b7af693d6 shaarli/shaarli /usr/bin/supervisor 15 seconds ago Up 4 seconds 0.0.0.0:8000->80/tcp backstabbing_galileo | ||
63 | ``` | ||
64 | |||
65 | ### Stop and destroy a container | ||
66 | ```shell | ||
67 | $ docker stop backstabbing_galileo # those docker guys are really rude to physicists! | ||
68 | backstabbing_galileo | ||
69 | |||
70 | # check the container is stopped | ||
71 | $ docker ps | ||
72 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | ||
73 | |||
74 | # list ALL containers | ||
75 | $ docker ps -a | ||
76 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | ||
77 | d40b7af693d6 shaarli/shaarli /usr/bin/supervisor 5 minutes ago Exited (0) 48 seconds ago backstabbing_galileo | ||
78 | |||
79 | # destroy the container | ||
80 | $ docker rm backstabbing_galileo # let's put an end to these barbarian practices | ||
81 | backstabbing_galileo | ||
82 | |||
83 | $ docker ps -a | ||
84 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | ||
85 | ``` | ||
86 | |||
87 | ### Automatic builds | ||
88 | Docker users can start a personal instance from an | ||
89 | [autobuild image](https://hub.docker.com/r/shaarli/shaarli/). | ||
90 | For example to start a temporary Shaarli at ``localhost:8000``, and keep session | ||
91 | data (config, storage): | ||
92 | |||
93 | ```shell | ||
94 | MY_SHAARLI_VOLUME=$(cd /path/to/shaarli/data/ && pwd -P) | ||
95 | docker run -ti --rm \ | ||
96 | -p 8000:80 \ | ||
97 | -v $MY_SHAARLI_VOLUME:/var/www/shaarli/data \ | ||
98 | shaarli/shaarli | ||
99 | ``` | ||
100 | |||
101 | ### Volumes and data persistence | ||
102 | Data can be persisted by [using volumes](https://docs.docker.com/storage/volumes/). | ||
103 | Volumes allow to keep your data when renewing and/or updating container images: | ||
104 | |||
105 | ```shell | ||
106 | # Create data volumes | ||
107 | $ docker volume create shaarli-data | ||
108 | $ docker volume create shaarli-cache | ||
109 | |||
110 | # Create and start a Shaarli container using these volumes to persist data | ||
111 | $ docker create \ | ||
112 | --name shaarli \ | ||
113 | -v shaarli-cache:/var/www/shaarli/cache \ | ||
114 | -v shaarli-data:/var/www/shaarli/data \ | ||
115 | -p 8000:80 \ | ||
116 | shaarli/shaarli:master | ||
117 | $ docker start shaarli | ||
118 | ``` | ||