From: Vincent Vanwaelscappel Date: Fri, 7 Apr 2023 07:01:40 +0000 (+0200) Subject: wip #5851 X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=f04ab161757b244fb598773634008281b3ac266b;p=fluidbook-toolbox.git wip #5851 --- diff --git a/.docker/dev/docker-compose.yml b/.docker/dev/docker-compose.yml index 950cf399a..02dd2e366 100644 --- a/.docker/dev/docker-compose.yml +++ b/.docker/dev/docker-compose.yml @@ -32,7 +32,7 @@ services: php-fpm: container_name: fluidbook-toolbox-dev - build: /home/toolbox/dev/.docker/images/php + build: /home/toolbox/dev/.docker/images/php-dev working_dir: /application hostname: fluidbook-toolbox-dev environment: diff --git a/.docker/images/php-dev/Dockerfile b/.docker/images/php-dev/Dockerfile new file mode 100644 index 000000000..a25b4db83 --- /dev/null +++ b/.docker/images/php-dev/Dockerfile @@ -0,0 +1,106 @@ +############################################ +# PHPDocker.io PHP 8.1 / CLI and FPM image # +############################################ + +FROM ubuntu:latest AS cli + +WORKDIR "/application" + +# Fixes some weird terminal issues such as broken clear / CTRL+L +ENV TERM=linux + +# Ensure apt doesn't ask questions when installing stuff +ENV DEBIAN_FRONTEND=noninteractive + +# Compile NSISbi +RUN apt update && apt -y --no-install-recommends install build-essential scons mingw-w64 zlib1g-dev curl unzip ca-certificates wget gnupg +RUN cd /root && curl -L https://master.dl.sourceforge.net/project/nsisbi/nsisbi3.08.1/nsis-code-7336-1-NSIS-trunk.zip -o /root/nsis.zip && unzip -o /root/nsis.zip && cd /root/nsis-code-7336-1-NSIS-trunk && scons SKIPUTILS="zip2exe","NSIS Menu" && scons install SKIPUTILS="zip2exe","NSIS Menu" + +# Add additional repositories +RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - +RUN sh -c 'echo "deb [arch=amd64] https://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list' +RUN wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - +RUN echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu jammy main" > /etc/apt/sources.list.d/ondrej-php.list \ + && apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 4F4EA0AAE5267A6C + +RUN apt update && apt -y --no-install-recommends install \ + git git-restore-mtime \ + php8.2-fpm \ + php8.2-apcu \ + php8.2-cli \ + php8.2-curl \ + php8.2-mbstring \ + php8.2-opcache \ + php8.2-readline \ + php8.2-xml \ + php8.2-zip \ + php8.2-bz2 \ + php8.2-gd \ + php8.2-igbinary \ + php8.2-imap \ + php8.2-imagick \ + php8.2-intl \ + php8.2-memcached \ + php8.2-mysql \ + php8.2-redis \ + php8.2-soap \ + php8.2-ssh2 \ + php8.2-tidy \ + php8.2-xsl \ + php8.2-curl \ + php8.2-mcrypt \ + php8.2-bcmath \ + less nano wget bash lynx + +COPY --from=composer:2 /usr/bin/composer /usr/bin/composer +STOPSIGNAL SIGQUIT + +# Toolbox +RUN apt -y --no-install-recommends install nodejs google-chrome-stable +RUN apt -y --no-install-recommends install sudo +RUN apt -y --no-install-recommends install supervisor ssh rsync +RUN apt update && apt -y --no-install-recommends install default-jre pdftk poppler-utils inkscape mupdf-tools ghostscript imagemagick netpbm libjpeg-turbo8 libjpeg-turbo-progs +RUN apt -y --no-install-recommends install zip unzip gzip 7zip +RUN apt -y --no-install-recommends install icoutils fontforge icnsutils +RUN apt -y --no-install-recommends install ffmpeg python3 lame x264 vorbis-tools +RUN apt -y --no-install-recommends install inkscape mupdf-tools librsvg2-bin +RUN apt -y --no-install-recommends install cron monit locate telnet +RUN apt -y --no-install-recommends install mariadb-client +RUN apt -y --no-install-recommends install build-essential chrpath libssl-dev libxft-dev libfreetype6 libfreetype6-dev libfontconfig1 libfontconfig1-dev +RUN apt -y --no-install-recommends install libreoffice +RUN apt -y --no-install-recommends install lftp rclone +RUN apt -y --no-install-recommends install sshfs python3 python3-pip +RUN apt -y --no-install-recommends install openssh-server rsyslog +RUN apt -y --no-install-recommends install wine libwine wine64 +RUN apt -y --no-install-recommends install pdfposter rename + +RUN apt -y --no-install-recommends install locales +RUN sed -i '/fr_FR.UTF-8/s/^# //g' /etc/locale.gen && \ + locale-gen +ENV LANG fr_FR.UTF-8 +ENV LANGUAGE fr_FR:fr +ENV LC_ALL fr_FR.UTF-8 + +RUN cd /root;wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2;tar xvjf phantomjs-2.1.1-linux-x86_64.tar.bz2;mv phantomjs-2.1.1-linux-x86_64 /usr/local/share;ln -sf /usr/local/share/phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/local/bin +RUN cd /root;wget https://github.com/RazrFalcon/svgcleaner/releases/download/v0.9.5/svgcleaner_linux_x86_64_0.9.5.tar.gz; tar xvzf svgcleaner_linux_x86_64_0.9.5.tar.gz;mv svgcleaner /usr/local/bin + +RUN curl -L https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp -o /usr/local/bin/yt-dlp + +RUN apt clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* + +ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD true +RUN npm install --unsafe-perm --global uglify-js less sass puppeteer favicons crx3 oslllo-svg-fixer terser nw-builder@^4 +RUN pip3 install font-line + +RUN groupadd sudo;useradd -d /application -g 33 -G sudo -s /bin/bash -u 1001 toolbox + +# PHP-FPM packages need a nudge to make them docker-friendly +COPY overrides.conf /etc/php/8.2/fpm/pool.d/z-overrides.conf + +#CMD ["/usr/sbin/php-fpm8.1", "-O" ] +COPY startup /usr/bin/startup +CMD exec /usr/bin/startup + +# Open up fcgi port +EXPOSE 9000 +EXPOSE 8123 diff --git a/.docker/images/php-dev/overrides.conf b/.docker/images/php-dev/overrides.conf new file mode 100644 index 000000000..4a99e3e4e --- /dev/null +++ b/.docker/images/php-dev/overrides.conf @@ -0,0 +1,37 @@ +[global] +; Override default pid file +pid = /run/php-fpm.pid + +; Avoid logs being sent to syslog +error_log = /proc/self/fd/2 + +; Set this to php default's max_execution_time to allow children to stop gracefully when fpm is commanded to stop +; This helps avoiding 502's +process_control_timeout = 30 + +; Do not daemonize (eg send process to the background) +daemonize = no + +[www] +; Access from webserver container is via network, not socket file +listen = [::]:9000 + +; Redirect logs to stdout - FPM closes /dev/std* on startup +access.log = /proc/self/fd/1 +catch_workers_output = yes + +; Remove "pool www" decoration from log output (older phpdocker.io containers for php use sed for this) +decorate_workers_output = no + +; Required to allow config-by-environment +clear_env = no + +user = 1001 +group = 33 + +pm = dynamic +pm.max_children = 160 +pm.start_servers = 48 +pm.min_spare_servers = 40 +pm.max_spare_servers = 80 +pm.max_requests = 1000 diff --git a/.docker/images/php-dev/startup b/.docker/images/php-dev/startup new file mode 100644 index 000000000..494a93bd6 --- /dev/null +++ b/.docker/images/php-dev/startup @@ -0,0 +1,39 @@ +#!/bin/sh + +# Set file rights +umask 0000 +chmod -R 777 /tmp + +chown -R root:root /etc/sudoers.d +chown -R toolbox:www-data /application/storage/framework +chmod 755 /etc/ssh/*.d +chmod 600 /etc/ssh/*_key +chmod 750 /application +chmod 600 /application/.ssh/id_rsa +chmod 700 /application/.ssh/ +chmod 600 /application/.ssh/authorized_keys2 +chmod 600 /root/.ssh/id_rsa +chmod 700 /root/.ssh/ +chmod 600 /root/.ssh/authorized_keys2 + +# Rsyslog +start-stop-daemon --start -b -x /usr/sbin/rsyslogd -- -n + +# SSH Server +/usr/sbin/service ssh start + +# Supervisor +/usr/sbin/service supervisor start + +# Cron +chmod 0644 /etc/crontab && crontab -u root /etc/crontab && /usr/sbin/service cron start + +# Set user password +chpasswd < /root/passwords + +# Launch monit +chmod -R 700 /etc/monit;chown -R root:root /etc/monit;/usr/bin/monit +chown -R root:root /etc/monit && /usr/bin/monit + +# Launch PHP +/usr/sbin/php-fpm8.1 -O