👷 Improve docker workflow (#865)

Traewelling · Apr 24, 2022 · 25aa57d · 25aa57d
1 parent f5f23a6
commit 25aa57d
Show file tree

Hide file tree

Showing 4 changed files with 89 additions and 80 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -1,11 +1,7 @@
-# shamelessly copied from https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-ghcrio
-# modified to meet our needs
 name: "Docker Image"
 
 on:
   push:
-    branches:
-      - release
     tags:
       - v*
 
@@ -26,35 +22,33 @@ jobs:
         run: |
           VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
           [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-          [ "$VERSION" == "main" ] && VERSION=main
 
-          docker build . --file Dockerfile --tag $IMAGE_NAME --label "runnumber=${{ github.run_number }}" \
-          --label "org.opencontainers.image.title=The Traewelling container image" \
+          echo "$VERSION" > VERSION
+
+          docker build . --file Dockerfile \
+          --tag traewelling:$VERSION \
+          --tag traewelling:latest \
+          --label "runnumber=${{ github.run_number }}" \
+          --label "org.opencontainers.image.title=Traewelling" \
           --label "org.opencontainers.image.version=$VERSION" \
-          --label "org.opencontainers.image.description=Easy-to-use deployment image of the Traewelling project" \
           --label "org.opencontainers.image.url=https://github.com/Traewelling/traewelling#readme" \
           --label "org.opencontainers.image.source=https://github.com/Traewelling/traewelling.git" \
-          --label "org.opencontainers.image.authors=Jonas Möller <[email protected]>" \
-          --label "org.opencontainers.image.vendor=The Traewelling team <[email protected]>" \
-          --label "org.opencontainers.image.license=AGPL-3.0" \
-          --label "org.opencontainers.image.base.name=docker.io/library/php:8-apache"
+          --label "org.opencontainers.image.vendor=The Traewelling team <[email protected]>" \
+          --label "org.opencontainers.image.license=AGPL-3.0"
 
       - name: Log in to registry
         run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
 
       - name: Push image
         run: |
           IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME
-
-          # Change all uppercase to lowercase
           IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
-          # Strip git ref prefix from version
+
           VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-          # Strip "v" prefix from tag name
           [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-          # Use Docker `latest` tag convention
-          [ "$VERSION" == "release" ] && VERSION=latest
-          echo IMAGE_ID=$IMAGE_ID
-          echo VERSION=$VERSION
+
           docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
           docker push $IMAGE_ID:$VERSION
+
+          docker tag $IMAGE_NAME $IMAGE_ID:latest
+          docker push $IMAGE_ID:latest
diff --git a/Dockerfile b/Dockerfile
@@ -6,15 +6,21 @@ RUN npm i && npm run prod
 FROM composer:2 as ComposerBuildContainer
 COPY --from=NodeBuildContainer /usr/src/trwl /usr/src/trwl
 WORKDIR /usr/src/trwl
-RUN composer install --ignore-platform-reqs
+RUN composer install --ignore-platform-reqs --no-interaction --no-dev --no-progress --no-suggest --optimize-autoloader
 
-FROM php:8.1-apache
-RUN apt update && apt install -y zlib1g-dev libpng-dev wait-for-it
-RUN docker-php-ext-install gd exif pdo pdo_mysql
-RUN a2enmod rewrite
+FROM php:8.1.5-apache
 ENV APACHE_DOCUMENT_ROOT=/var/www/html/public
-RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf
-RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf
+
+RUN apt update && \
+    apt upgrade -y && \
+    apt install -y zlib1g-dev libpng-dev wait-for-it && \
+    docker-php-ext-install gd exif pdo pdo_mysql && \
+    a2enmod rewrite && \
+    a2enmod http2 && \
+    sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf && \
+    sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf
+
 COPY --from=ComposerBuildContainer --chown=www-data:www-data /usr/src/trwl /var/www/html
+
 ENTRYPOINT ["/var/www/html/docker-entrypoint.sh"]
 CMD ["apache2-foreground"]
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,54 +1,52 @@
 version: '3'
+
 services:
-  db:
-    image: mariadb:10
+  app:
+    image: ghcr.io/traewelling/traewelling:latest
     restart: always
+    ports:
+      - "80:80"
+    depends_on:
+      - db
+      - db-rest
+    environment:
+      - CONTAINER_ROLE=app
     env_file:
-      - .env.db
-    command:
-      - --innodb-buffer-pool-size=2G
-      - --innodb-log-file-size=1G
+      - .env
     networks:
-      default:
-      replica:
+      - internal
     volumes:
-      - mariadb:/var/lib/mysql
-      - ./dump.sql.gz:/docker-entrypoint-initdb.d/dump.sql.gz
-
-  # backup_replica:
-  #   image: mariadb:10.3
-  #   restart: always
-  #   env_file:
-  #     - .env.db_backup
-  #   networks:
-  #     replica:
-  #   volumes:
-  #     - mariadb_backup:/var/lib/mysql
+      - ./docker/avatars:/var/www/html/public/uploads/avatars
+      - ./docker/storage:/var/www/html/storage
 
-  service:
-    image: ghcr.io/traewelling/traewelling:develop
+  scheduler:
+    image: ghcr.io/traewelling/traewelling:latest
     restart: always
     depends_on:
       - db
       - db-rest
+    environment:
+      - CONTAINER_ROLE=scheduler
     env_file:
-      - .env.trwl
+      - .env
     networks:
-      default:
-      web:
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.traewelling-insecure.rule=Host(`testing.traewelling.de`)
-      - traefik.http.routers.traewelling-insecure.middlewares=traewelling-redirectscheme
-      - traefik.http.middlewares.traewelling-redirectscheme.redirectscheme.scheme=https
-      - traefik.http.middlewares.traewelling-redirectscheme.redirectscheme.permanent=true
-      - traefik.http.routers.traewelling.rule=Host(`testing.traewelling.de`)
-      - traefik.http.routers.traewelling.tls=true
-      - traefik.http.routers.traewelling.tls.certresolver=lets-encrypt
-      #- traefik.http.services.traewelling.loadbalancer.server.port=80
+      - internal
+
+  db:
+    image: mariadb:10
+    restart: always
+    environment:
+      - MARIADB_ROOT_PASSWORD=unsecurepassword
+      - MARIADB_DATABASE=traewelling
+      - MARIADB_USER=traewelling_u
+      - MARIADB_PASSWORD=unsecurepassword
+    command:
+      - --innodb-buffer-pool-size=2G
+      - --innodb-log-file-size=1G
+    networks:
+      - internal
     volumes:
-      - avatars:/var/www/html/public/uploads/avatars
-      - storage:/var/www/html/storage
+      - ./docker/database:/var/lib/mysql
 
   db-rest:
     image: derhuerst/db-rest:5
@@ -57,19 +55,15 @@ services:
       - redis
     environment:
       REDIS_URL: "redis://redis:6379"
+    networks:
+      - internal
 
   redis:
     image: redis
     restart: always
+    networks:
+      - internal
 
 networks:
-  replica:
-    internal: true
-  web:
-    external: true
-
-volumes:
-  mariadb:
-  mariadb_backup:
-  avatars:
-  storage:
+  internal:
+    external: false
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -1,13 +1,28 @@
 #!/bin/bash
 set -e
+role=${CONTAINER_ROLE:-app}
 
-if [ "$1" = 'apache2-foreground' ]; then
-    wait-for-it "$DB_HOST:${DB_PORT:=3306}"
-    cd /var/www/html
+wait-for-it "$DB_HOST:${DB_PORT:=3306}"
+cd /var/www/html
+runuser -u www-data -- php artisan optimize
+
+if [ "$role" = "app" ]; then
+
+    echo "Running as app..."
     runuser -u www-data -- php artisan migrate --force
     runuser -u www-data -- php artisan storage:link
-    runuser -u www-data -- php artisan optimize
     apache2-foreground
-fi
 
-exec "$@"
+elif [ "$role" = "scheduler" ]; then
+
+    echo "Running as scheduler..."
+    while true
+    do
+        runuser -u www-data -- php artisan schedule:run --verbose --no-interaction
+        sleep 60
+    done
+
+else
+    echo "Could not match the container role \"$role\""
+    exit 1
+fi