Compare commits
17 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
972a4aeaf8 | ||
|
|
6cd2f36bbc | ||
|
|
7869fc6f50 | ||
|
|
88c1064ebd | ||
|
|
ab12261b81 | ||
|
|
ec8accdf4a | ||
|
|
8f38abdaa5 | ||
|
|
99dbe0d13d | ||
|
|
a20a865d55 | ||
|
|
34d0a7416c | ||
|
|
bc3a465c0f | ||
|
|
cd409b2002 | ||
|
|
b29603092e | ||
|
|
68c1281162 | ||
|
|
921575772f | ||
|
|
5bf33b84ee | ||
|
|
99791da0ec |
@@ -1,11 +1,11 @@
|
||||
image: docker:latest
|
||||
|
||||
stages:
|
||||
- test
|
||||
- build
|
||||
- build-test
|
||||
|
||||
variables:
|
||||
BRANCH: db2
|
||||
BRANCH: plus
|
||||
VERSION: 8.0-fpm-${BRANCH}
|
||||
CACHETAG: build-${BRANCH}
|
||||
DOCKER_HOST: tcp://docker:2375
|
||||
@@ -18,6 +18,16 @@ before_script:
|
||||
- docker version
|
||||
- echo "$CI_JOB_TOKEN" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin
|
||||
|
||||
test:
|
||||
stage: test
|
||||
script:
|
||||
- cat /etc/hosts
|
||||
- env|sort
|
||||
- docker build -t ${CI_REGISTRY_IMAGE}:${VERSION} .
|
||||
- docker images
|
||||
only:
|
||||
- debug
|
||||
|
||||
x86_64:build:
|
||||
stage: build
|
||||
script:
|
||||
@@ -26,21 +36,9 @@ x86_64:build:
|
||||
- docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} .
|
||||
- docker push ${CI_REGISTRY_IMAGE}:${VERSION}
|
||||
- docker push ${CI_REGISTRY_IMAGE}:${CACHETAG}
|
||||
- apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=ext ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline
|
||||
tags:
|
||||
- docker
|
||||
- x86_64
|
||||
only:
|
||||
- db2
|
||||
|
||||
x86_64:build-test:
|
||||
stage: build-test
|
||||
script:
|
||||
- if [ -f init ]; then chmod 500 init; fi
|
||||
- ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true
|
||||
- docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test .
|
||||
- docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test
|
||||
tags:
|
||||
- docker
|
||||
- x86_64
|
||||
only:
|
||||
- db2
|
||||
- plus
|
||||
|
||||
77
Dockerfile
77
Dockerfile
@@ -1,32 +1,57 @@
|
||||
# NAME leenooks/php
|
||||
# VERSION 8.0-fpm-db2
|
||||
# VERSION 8.0-fpm-plus
|
||||
|
||||
FROM registry.leenooks.net/leenooks/php:8.0-fpm-latest
|
||||
FROM registry.leenooks.net/leenooks/php:8.0-fpm-mp
|
||||
|
||||
# Install DB2
|
||||
RUN apt-get update && apt-get install -y ksh \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
RUN cd /usr/local/bin && curl -OsL https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions && chmod +x install-php-extensions
|
||||
|
||||
RUN mkdir /opt/ibm && cd /opt/ibm \
|
||||
&& curl -L https://yum.leenooks.net/docker/src/db2/v11.5.6_linuxx64_dsdriver.tar.gz | tar xzf - \
|
||||
&& /opt/ibm/dsdriver/installDSDriver \
|
||||
&& echo /opt/ibm/dsdriver/|pecl install ibm_db2 \
|
||||
&& docker-php-ext-enable ibm_db2 \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
# Install PDO IBM
|
||||
RUN mkdir -p /home/db2inst1 && ln -s /opt/ibm/dsdriver /home/db2inst1/sqllib \
|
||||
&& cd /tmp \
|
||||
&& curl -L http://pecl.php.net/get/PDO_IBM-1.4.1.tgz | tar xzf - \
|
||||
&& cd PDO_IBM-1.4.1 \
|
||||
&& phpize && mkdir -p include/php/ext/pdo && cp *.h include/php/ext/pdo \
|
||||
&& ln -s lib /home/db2inst1/sqllib/lib64 \
|
||||
&& ./configure --with-pdo-ibm=/home/db2inst1/sqllib \
|
||||
RUN mv /sbin/init /sbin/init.tmp \
|
||||
&& sed -Ei 's/^# deb-src /deb-src /' /etc/apt/sources.list \
|
||||
&& cat /etc/apt/sources.list|grep ^deb | sed -E 's/^deb/deb-src/' >> /etc/apt/sources.list \
|
||||
&& apt-get -y update \
|
||||
&& apt-get -y install wget build-essential libtool git-core libwmf0.2-7 \
|
||||
libpangocairo-1.0-0 libxt6 libjbig0 liblcms2-2 libtiff5 liblqr-1-0 libdjvulibre21 libfftw3-double3 libx265-165 \
|
||||
libwebpmux3 libwebpdemux2 libopenexr23 libilmbase23 libopenjp2-7 \
|
||||
&& apt-get -y build-dep imagemagick libmagickcore-dev libde265 libheif libfontconfig1 \
|
||||
&& cd /usr/src/ \
|
||||
&& git clone https://github.com/strukturag/libde265.git \
|
||||
&& git clone https://github.com/strukturag/libheif.git \
|
||||
&& cd libde265/ \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure \
|
||||
&& make \
|
||||
&& make install \
|
||||
&& docker-php-ext-enable pdo_ibm \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
&& cd /usr/src/libheif/ \
|
||||
&& ./autogen.sh \
|
||||
&& ./configure \
|
||||
&& make \
|
||||
&& make install \
|
||||
&& mkdir /usr/src/ImageMagick \
|
||||
&& git clone https://github.com/ImageMagick/ImageMagick.git ImageMagick-7.0.11 \
|
||||
&& cd ImageMagick-7.0.11 \
|
||||
&& ./configure --with-heic=yes --with-modules \
|
||||
&& make install \
|
||||
&& ldconfig \
|
||||
&& apt-get install -y libbz2-dev libgmp-dev libpng-dev libjpeg-dev libfreetype6-dev --no-install-recommends \
|
||||
&& docker-php-ext-configure gd --with-freetype=/usr/include/freetype2 --with-jpeg=/usr/include/ \
|
||||
&& docker-php-ext-install -j$(nproc) bz2 sockets gmp gd pcntl exif \
|
||||
&& install-php-extensions imagick \
|
||||
&& apt-get purge -y build-essential libtool wget libbz2-dev libgmp-dev libpng-dev libjpeg-dev libfreetype6-dev \
|
||||
hicolor-icon-theme texlive-base texlive-binaries libx11-dev automake autotools-dev bsdmainutils dbus-user-session dbus-user-session doxygen \
|
||||
fonts-lmodern ghostscript graphviz fonts-dejavu-core gsfonts icu-devtools jdupes groff-base chrpath dbus dmsetup libavutil-dev libblkid-dev \
|
||||
libde265-dev libdjvulibre-dev libexif-dev libfftw3-dev libheif-dev libilmbase-dev libjbig-dev libjpeg62-turbo-dev liblcms2-dev liblqr-1-0-dev \
|
||||
libopenjp2-7-dev libperl-dev libtiff-dev libwebp-dev libx265-dev man-db zlib1g-dev python python3 xsltproc python2.7-minimal python3.7-minimal \
|
||||
tex-common mime-support poppler-data preview-latex-style readline-common libgdk-pixbuf2.0-0 libgl1-mesa-dri libgtk-3-common libpaper1 libpulse0 \
|
||||
libpython2.7-minimal libpython3.7-minimal libqt5core5a libqt5gui5 libsensors-config libvdpau1 shared-mime-info libglib2.0-data libxml2-utils ttf-bitstream-vera libgvc6 \
|
||||
imagemagick-6-common \
|
||||
&& apt-get autoremove -y \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/* \
|
||||
&& rm -rf /usr/src/libde265 /usr/src/libheif /usr/src/ImageMagick \
|
||||
&& mv /sbin/init.tmp /sbin/init
|
||||
|
||||
### Install PDO ODBC
|
||||
#RUN docker-php-ext-configure pdo_odbc --with-pdo-odbc=ibm-db2 \
|
||||
# && docker-php-ext-install pdo_odbc
|
||||
RUN apt-get -y update \
|
||||
&& apt-get -y install build-essential libzip4 libzip-dev zlib1g-dev \
|
||||
&& docker-php-ext-install -j$(nproc) zip \
|
||||
&& apt-get purge -y build-essential libzip-dev zlib1g-dev \
|
||||
&& apt-get autoremove -y \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/*
|
||||
|
||||
@@ -1,12 +0,0 @@
|
||||
# NAME leenooks/php
|
||||
# VERSION 8.0-fpm-test
|
||||
|
||||
FROM registry.leenooks.net/leenooks/php:8.0-fpm-db2
|
||||
|
||||
RUN pecl install xdebug \
|
||||
&& docker-php-ext-enable xdebug
|
||||
|
||||
RUN apt-get update && apt-get install -y npm \
|
||||
&& apt-get -y autoremove \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
206
init
206
init
@@ -1,206 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
role=${CONTAINER_ROLE:-app}
|
||||
env=${APP_ENV:-live}
|
||||
php=${PHP_DIR:-/var/www/html}
|
||||
composer=${COMPOSER_DIR:-/var/www/.composer}
|
||||
|
||||
NGINX_START=${NGINX_START:-TRUE}
|
||||
SSH_START=${SSH_START:-FALSE}
|
||||
REDIS_START=${REDIS_START:-FALSE}
|
||||
MEMCACHED_START=${MEMCACHED_START:-FALSE}
|
||||
|
||||
# To run a local queue, running jobs from the queue "hostname"
|
||||
LOCAL_QUEUE=${LOCAL_QUEUE:-FALSE}
|
||||
# Optional additional queues to run for
|
||||
#LOCAL_QUEUES=
|
||||
|
||||
function mp() {
|
||||
set +e
|
||||
mountpoint -q $1
|
||||
local mp=$?
|
||||
set -e
|
||||
echo ${mp}
|
||||
}
|
||||
|
||||
function nginx_start() {
|
||||
# Start NGINX
|
||||
if [ -x /usr/sbin/nginx -a "${NGINX_START}" == "TRUE" ]; then
|
||||
echo "* Starting NGINX..."
|
||||
start-stop-daemon --start --pidfile /var/run/nginx.pid --exec /usr/sbin/nginx -- -g 'daemon on; master_process on;'
|
||||
fi
|
||||
}
|
||||
|
||||
# General Setup
|
||||
if [ -x /usr/sbin/sshd -a "${SSH_START}" == "TRUE" ]; then
|
||||
echo "* Starting SSH..."
|
||||
[ ! -d /var/run/sshd ] && mkdir /var/run/sshd
|
||||
start-stop-daemon --start --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- -p 22
|
||||
fi
|
||||
|
||||
if [ -x /usr/bin/redis-server -a "${REDIS_START}" == "TRUE" ]; then
|
||||
echo "* Starting REDIS..."
|
||||
start-stop-daemon --start --quiet --oknodo --umask 007 --pidfile /var/run/redis-server.pid --chuid redis:redis --exec /usr/bin/redis-server -- /etc/redis/redis.conf
|
||||
fi
|
||||
|
||||
if [ -x /usr/bin/memcached -a "${MEMCACHED_START}" == "TRUE" ]; then
|
||||
echo "* Starting MEMCACHED..."
|
||||
start-stop-daemon --start --quiet --exec "/usr/share/memcached/scripts/start-memcached" -- /etc/memcached.conf /var/run/memcached.pid
|
||||
fi
|
||||
|
||||
# Laravel Specific
|
||||
if [ "${role}" = "app" -a -e artisan ]; then
|
||||
if [ ! -e ${php}/.env ]; then
|
||||
echo "! ERROR: NO .env file..."
|
||||
exec /bin/bash
|
||||
fi
|
||||
|
||||
mp=$(mp ${php})
|
||||
|
||||
# Only adjust perms if this is an external mountpoint
|
||||
if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then
|
||||
if [ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ]; then
|
||||
echo "* Setting Permissions..."
|
||||
# Make sure our permissions are appropraite
|
||||
find ${php} -type f -exec chmod 640 {} \;
|
||||
find ${php} -type d -exec chmod 750 {} \;
|
||||
find ${php}/public -type f -exec chmod 644 {} \;
|
||||
find ${php}/public -type d -exec chmod 755 {} \;
|
||||
chmod o+rx ${php}
|
||||
chmod a+rx ${php}/artisan
|
||||
chown -R lamp:www-data ${php}
|
||||
chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.*
|
||||
[ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "${env}" != "local" -a -r "artisan" ]; then
|
||||
# See if we need to refresh our dependancies
|
||||
if [[ -r composer.json && ( -e .composer.refresh || ! -d vendor ) ]]; then
|
||||
echo "* Composer installing dependancies..."
|
||||
|
||||
rm -f ${php}/bootstrap/cache/*.php
|
||||
if [ "${env}" != "local" ]; then
|
||||
NODEV="--no-dev"
|
||||
fi
|
||||
|
||||
mp=$(mp ${composer})
|
||||
|
||||
if [ ${mp} -eq 0 -o -n "${FORCE_PERMS}" ] ; then
|
||||
[ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && chown -R www-data:www-data ${composer}
|
||||
[ ! -d ${php}/vendor ] && mkdir -m 750 ${php}/vendor && chown www-data:www-data ${php}/vendor
|
||||
[ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && chmod g+w ${php}
|
||||
fi
|
||||
|
||||
su www-data -s /bin/sh -c "composer install --optimize-autoloader ${NODEV}" && ( test -e .composer.refresh && rm -f .composer.refresh )
|
||||
[ -n "${FORCE_PERMS}" -o "${env}" != "local" -a -z "${SKIP_PERM}" ] && [ ${mp} -eq 0 ] && chmod g-w ${php}
|
||||
fi
|
||||
|
||||
if [ -e .lumen ]; then
|
||||
echo "* Lumen detected..."
|
||||
else
|
||||
echo "* Caching configuration..."
|
||||
su www-data -s /bin/sh -c "(php artisan optimize && php artisan view:cache)"
|
||||
fi
|
||||
|
||||
if [ -r .migrate ]; then
|
||||
echo "* Running migration..."
|
||||
# If DB_HOST not set, source the env file
|
||||
[ -z "${DB_HOST}" -a -r .env ] && . .env
|
||||
|
||||
if [ -n "${DB_HOST}" -a -n "${DB_PORT}" ]; then
|
||||
while ! wait-for-it -h ${DB_HOST} -p ${DB_PORT} -t 5 -q; do
|
||||
echo "? Waiting for database at ${DB_HOST}:${DB_PORT}"
|
||||
sleep 1;
|
||||
done
|
||||
echo "- DB is active on ${DB_HOST}:${DB_PORT}"
|
||||
fi
|
||||
|
||||
su www-data -s /bin/sh -c "php artisan migrate" && rm -f .migrate
|
||||
fi
|
||||
|
||||
# If passport is installed
|
||||
if [ -d ${php}/vendor/laravel/passport ]; then
|
||||
echo "* Generating OAUTH keys ..."
|
||||
su www-data -s /bin/sh -c "php artisan passport:keys"
|
||||
fi
|
||||
fi
|
||||
|
||||
nginx_start
|
||||
|
||||
if [ "${LOCAL_QUEUE}" = "TRUE" ]; then
|
||||
echo "* Starting local queue for [$(hostname)${LOCAL_QUEUES:+,${LOCAL_QUEUES}}] with job timeout of [${WORK_TIMEOUT:-90}], trying [${WORK_TRIES:-1}] times..."
|
||||
su www-data -s /bin/sh -c "
|
||||
(while true; do php ${PHP_OPTIONS} artisan queue:work --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} --queue=$(hostname)${LOCAL_QUEUES:+,${LOCAL_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}; done) &
|
||||
"
|
||||
fi
|
||||
|
||||
exec /usr/local/bin/docker-php-entrypoint "$@"
|
||||
|
||||
elif [ "$role" = "queue" -a -e artisan ]; then
|
||||
if [ ! -e ${php}/.env ]; then
|
||||
echo "! ERROR: NO .env file..."
|
||||
exec /bin/bash
|
||||
fi
|
||||
|
||||
QUEUE_CMD=work
|
||||
if [ "${env}" == "local" ]; then
|
||||
QUEUE_CMD=listen
|
||||
fi
|
||||
|
||||
if [ -e .lumen ]; then
|
||||
echo "* Lumen detected..."
|
||||
else
|
||||
# We only check for non mount points, in case this container has the app inside
|
||||
mp=$(mp ${php})
|
||||
if [ ${mp} -eq 1 ]; then
|
||||
echo "* Caching configuration..."
|
||||
su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)"
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "* Running the queue..."
|
||||
# We'll delay starting in case the app is caching
|
||||
sleep 15
|
||||
|
||||
su www-data -s /bin/sh -c "
|
||||
while true; do
|
||||
php ${PHP_OPTIONS} artisan queue:${QUEUE_CMD} --verbose --tries=${WORK_TRIES:-1} --timeout=${WORK_TIMEOUT:-90} ${WORK_QUEUES:+--queue=${WORK_QUEUES}} ${WORK_MEMORY:+--memory=${WORK_MEMORY}} ${WORK_ONCE:+--once}
|
||||
done
|
||||
"
|
||||
|
||||
elif [ "$role" = "scheduler" -a -e artisan ]; then
|
||||
if [ ! -e ${php}/.env ]; then
|
||||
echo "! ERROR: NO .env file..."
|
||||
exec /bin/bash
|
||||
fi
|
||||
|
||||
if [ -e .lumen ]; then
|
||||
echo "* Lumen detected..."
|
||||
else
|
||||
# We only check for non mount points, in case this container has the app inside
|
||||
mp=$(mp ${php})
|
||||
if [ ${mp} -eq 1 ]; then
|
||||
echo "* Caching configuration..."
|
||||
su www-data -s /bin/sh -c "(php artisan config:cache && php artisan route:cache && php artisan view:cache)"
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "* Running the scheduler..."
|
||||
# We'll delay starting in case the app is caching
|
||||
sleep 15
|
||||
|
||||
su www-data -s /bin/sh -c "
|
||||
while true; do
|
||||
(php ${PHP_OPTIONS} artisan schedule:run --verbose --no-interaction &)
|
||||
sleep 60
|
||||
done
|
||||
"
|
||||
|
||||
else
|
||||
nginx_start
|
||||
|
||||
echo "? NO container role \"${role}\", AND/OR no laravel install, just starting php-fpm"
|
||||
exec /usr/local/bin/docker-php-entrypoint "$@"
|
||||
fi
|
||||
18
msmtprc
18
msmtprc
@@ -1,18 +0,0 @@
|
||||
# A system wide configuration file is optional.
|
||||
# If it exists, it usually defines a default account.
|
||||
# This allows msmtp to be used like /usr/sbin/sendmail.
|
||||
account default
|
||||
|
||||
# The SMTP smarthost
|
||||
host smtp
|
||||
|
||||
# Envelope-from address
|
||||
#from user@example.com
|
||||
domain example.com
|
||||
|
||||
# Construct envelope-from addresses of the form "user@oursite.example"
|
||||
#auto_from on
|
||||
#maildomain example.com
|
||||
|
||||
# Syslog logging with facility LOG_MAIL instead of the default LOG_USER
|
||||
syslog LOG_MAIL
|
||||
@@ -1,34 +0,0 @@
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
access_log off;
|
||||
client_max_body_size 10m;
|
||||
fastcgi_buffers 16 16k;
|
||||
fastcgi_buffer_size 16k;
|
||||
index index.php index.html;
|
||||
root /var/www/html/public;
|
||||
server_tokens off;
|
||||
|
||||
set $my_https "off";
|
||||
if ($http_x_forwarded_proto = "https") {
|
||||
set $my_https "on";
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param SERVER_NAME $host;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param HTTPS $my_https;
|
||||
fastcgi_param PHP_ADMIN_VALUE "sendmail_path=/usr/sbin/sendmail -i -t";
|
||||
}
|
||||
}
|
||||
@@ -1,18 +0,0 @@
|
||||
--- /etc/ssh/sshd_config.orig 2018-02-27 08:33:29.613104521 +0000
|
||||
+++ /etc/ssh/sshd_config 2018-02-27 08:34:43.413485512 +0000
|
||||
@@ -30,6 +30,7 @@
|
||||
|
||||
#LoginGraceTime 2m
|
||||
#PermitRootLogin prohibit-password
|
||||
+PermitRootLogin no
|
||||
#StrictModes yes
|
||||
#MaxAuthTries 6
|
||||
#MaxSessions 10
|
||||
@@ -54,6 +55,7 @@
|
||||
|
||||
# To disable tunneled clear text passwords, change to no here!
|
||||
#PasswordAuthentication yes
|
||||
+PasswordAuthentication no
|
||||
#PermitEmptyPasswords no
|
||||
|
||||
# Change to yes to enable challenge-response passwords (beware issues with
|
||||
Reference in New Issue
Block a user