diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 551575173..1cb08c905 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,11 +1,7 @@ -# shamelessly copied from https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-ghcrio -# modified to meet our needs name: "Docker Image" on: push: - branches: - - release tags: - v* @@ -26,18 +22,19 @@ jobs: run: | VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') - [ "$VERSION" == "main" ] && VERSION=main - docker build . --file Dockerfile --tag $IMAGE_NAME --label "runnumber=${{ github.run_number }}" \ - --label "org.opencontainers.image.title=The Traewelling container image" \ + echo "$VERSION" > VERSION + + docker build . --file Dockerfile \ + --tag traewelling:$VERSION \ + --tag traewelling:latest \ + --label "runnumber=${{ github.run_number }}" \ + --label "org.opencontainers.image.title=Traewelling" \ --label "org.opencontainers.image.version=$VERSION" \ - --label "org.opencontainers.image.description=Easy-to-use deployment image of the Traewelling project" \ --label "org.opencontainers.image.url=https://github.com/Traewelling/traewelling#readme" \ --label "org.opencontainers.image.source=https://github.com/Traewelling/traewelling.git" \ - --label "org.opencontainers.image.authors=Jonas Möller " \ - --label "org.opencontainers.image.vendor=The Traewelling team " \ - --label "org.opencontainers.image.license=AGPL-3.0" \ - --label "org.opencontainers.image.base.name=docker.io/library/php:8-apache" + --label "org.opencontainers.image.vendor=The Traewelling team " \ + --label "org.opencontainers.image.license=AGPL-3.0" - name: Log in to registry run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin @@ -45,16 +42,13 @@ jobs: - name: Push image run: | IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME - - # Change all uppercase to lowercase IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') - # Strip git ref prefix from version + VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') - # Strip "v" prefix from tag name [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') - # Use Docker `latest` tag convention - [ "$VERSION" == "release" ] && VERSION=latest - echo IMAGE_ID=$IMAGE_ID - echo VERSION=$VERSION + docker tag $IMAGE_NAME $IMAGE_ID:$VERSION docker push $IMAGE_ID:$VERSION + + docker tag $IMAGE_NAME $IMAGE_ID:latest + docker push $IMAGE_ID:latest diff --git a/Dockerfile b/Dockerfile index ff923c23f..a0c9aaf1f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,15 +6,21 @@ RUN npm i && npm run prod FROM composer:2 as ComposerBuildContainer COPY --from=NodeBuildContainer /usr/src/trwl /usr/src/trwl WORKDIR /usr/src/trwl -RUN composer install --ignore-platform-reqs +RUN composer install --ignore-platform-reqs --no-interaction --no-dev --no-progress --no-suggest --optimize-autoloader -FROM php:8.1-apache -RUN apt update && apt install -y zlib1g-dev libpng-dev wait-for-it -RUN docker-php-ext-install gd exif pdo pdo_mysql -RUN a2enmod rewrite +FROM php:8.1.5-apache ENV APACHE_DOCUMENT_ROOT=/var/www/html/public -RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf -RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf + +RUN apt update && \ + apt upgrade -y && \ + apt install -y zlib1g-dev libpng-dev wait-for-it && \ + docker-php-ext-install gd exif pdo pdo_mysql && \ + a2enmod rewrite && \ + a2enmod http2 && \ + sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf && \ + sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf + COPY --from=ComposerBuildContainer --chown=www-data:www-data /usr/src/trwl /var/www/html + ENTRYPOINT ["/var/www/html/docker-entrypoint.sh"] CMD ["apache2-foreground"] diff --git a/docker-compose.yml b/docker-compose.yml index 874d7b8f2..116af3da9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,54 +1,52 @@ version: '3' + services: - db: - image: mariadb:10 + app: + image: ghcr.io/traewelling/traewelling:latest restart: always + ports: + - "80:80" + depends_on: + - db + - db-rest + environment: + - CONTAINER_ROLE=app env_file: - - .env.db - command: - - --innodb-buffer-pool-size=2G - - --innodb-log-file-size=1G + - .env networks: - default: - replica: + - internal volumes: - - mariadb:/var/lib/mysql - - ./dump.sql.gz:/docker-entrypoint-initdb.d/dump.sql.gz - - # backup_replica: - # image: mariadb:10.3 - # restart: always - # env_file: - # - .env.db_backup - # networks: - # replica: - # volumes: - # - mariadb_backup:/var/lib/mysql + - ./docker/avatars:/var/www/html/public/uploads/avatars + - ./docker/storage:/var/www/html/storage - service: - image: ghcr.io/traewelling/traewelling:develop + scheduler: + image: ghcr.io/traewelling/traewelling:latest restart: always depends_on: - db - db-rest + environment: + - CONTAINER_ROLE=scheduler env_file: - - .env.trwl + - .env networks: - default: - web: - labels: - - traefik.enable=true - - traefik.http.routers.traewelling-insecure.rule=Host(`testing.traewelling.de`) - - traefik.http.routers.traewelling-insecure.middlewares=traewelling-redirectscheme - - traefik.http.middlewares.traewelling-redirectscheme.redirectscheme.scheme=https - - traefik.http.middlewares.traewelling-redirectscheme.redirectscheme.permanent=true - - traefik.http.routers.traewelling.rule=Host(`testing.traewelling.de`) - - traefik.http.routers.traewelling.tls=true - - traefik.http.routers.traewelling.tls.certresolver=lets-encrypt - #- traefik.http.services.traewelling.loadbalancer.server.port=80 + - internal + + db: + image: mariadb:10 + restart: always + environment: + - MARIADB_ROOT_PASSWORD=unsecurepassword + - MARIADB_DATABASE=traewelling + - MARIADB_USER=traewelling_u + - MARIADB_PASSWORD=unsecurepassword + command: + - --innodb-buffer-pool-size=2G + - --innodb-log-file-size=1G + networks: + - internal volumes: - - avatars:/var/www/html/public/uploads/avatars - - storage:/var/www/html/storage + - ./docker/database:/var/lib/mysql db-rest: image: derhuerst/db-rest:5 @@ -57,19 +55,15 @@ services: - redis environment: REDIS_URL: "redis://redis:6379" + networks: + - internal redis: image: redis restart: always + networks: + - internal networks: - replica: - internal: true - web: - external: true - -volumes: - mariadb: - mariadb_backup: - avatars: - storage: + internal: + external: false diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 880a2d339..8901c4434 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,13 +1,28 @@ #!/bin/bash set -e +role=${CONTAINER_ROLE:-app} -if [ "$1" = 'apache2-foreground' ]; then - wait-for-it "$DB_HOST:${DB_PORT:=3306}" - cd /var/www/html +wait-for-it "$DB_HOST:${DB_PORT:=3306}" +cd /var/www/html +runuser -u www-data -- php artisan optimize + +if [ "$role" = "app" ]; then + + echo "Running as app..." runuser -u www-data -- php artisan migrate --force runuser -u www-data -- php artisan storage:link - runuser -u www-data -- php artisan optimize apache2-foreground -fi -exec "$@" +elif [ "$role" = "scheduler" ]; then + + echo "Running as scheduler..." + while true + do + runuser -u www-data -- php artisan schedule:run --verbose --no-interaction + sleep 60 + done + +else + echo "Could not match the container role \"$role\"" + exit 1 +fi