andrew
/
build-grav
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

amphp

This commit is contained in:
Andrei Condurachi 2020-12-07 18:04:06 +02:00
parent 68d04e4a14
commit b5d97d9d75
4 changed files with 49 additions and 244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
Dockerfile
View File

@ -7,162 +7,38 @@ RUN apk update && \
# Install packages
RUN apk add --no-cache \
autoconf \
automake \
bash \
busybox-suid \
openssh-keygen \
mandoc \
# Init related
tini \
openrc \
busybox-initscripts \
# Apache
apache2 \
apache2-proxy \
# PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites - https://php-fpm.org
php7-fpm \
php7 \
php7-apcu \
php7-curl \
php7-ctype \
php7-dom \
php7-common \
php7-gd \
php7-iconv \
php7-json \
php7-mbstring \
php7-pecl-memcached \
php7-openssl \
php7-opcache \
php7-pdo \
php7-phar \
php7-session \
php7-simplexml \
php7-soap \
php7-tokenizer \
php7-xdebug \
php7-xml \
php7-xmlwriter \
php7-pecl-yaml \
php7-zip \
# Needed packages
composer \
grep \
git \
curl \
vim \
shadow
shadow \
supervisor \
inotify-tools \
php7
# Change shell to bash
RUN usermod -s /bin/bash root && bash --login
# Bash config updates for root user
RUN cd && bash -c "$(curl -fsSL https://raw.githubusercontent.com/ohmybash/oh-my-bash/master/tools/install.sh)"
# Syslog option '-Z' was changed to '-t', change this in /etc/conf.d/syslog so that syslog (and then cron) actually starts
# https://gitlab.alpinelinux.org/alpine/aports/-/issues/9279
RUN sed -i 's/SYSLOGD_OPTS="-Z"/SYSLOGD_OPTS="-t"/g' /etc/conf.d/syslog
# Configure to use php fpm and don't use /var/www to store everything (modules and logs)
RUN \
# Disable mpm_prefork
sed -i 's/LoadModule mpm_prefork_module/#LoadModule mpm_prefork_module/g' /etc/apache2/httpd.conf && \
# Enable mpm_event
sed -i 's/#LoadModule mpm_event_module/LoadModule mpm_event_module/g' /etc/apache2/httpd.conf && \
# Enable rewrite mod
sed -i 's/#LoadModule rewrite_module/LoadModule rewrite_module/g' /etc/apache2/httpd.conf && \
# Remove useless module bundled with proxy
sed -i 's/LoadModule lbmethod/#LoadModule lbmethod/g' /etc/apache2/conf.d/proxy.conf && \
# Enable deflate mod
sed -i 's/#LoadModule deflate_module/LoadModule deflate_module/g' /etc/apache2/httpd.conf && \
# Enable expires mod
sed -i 's/#LoadModule expires_module/LoadModule expires_module/g' /etc/apache2/httpd.conf && \
# Enable session mod
sed -i 's/#LoadModule session_module/LoadModule session_module/g' /etc/apache2/httpd.conf && \
# Do not expose PHP version to the world
sed -i 's/expose_php = On/expose_php = Off/g' /etc/php7/php.ini && \
# Disable APC - it has been replaced by APCu and opcache in PHP7 - https://pecl.php.net/package/apc
echo 'apc.enabled = Off' >> /etc/php7/php.ini && \
# Increase memory_limit
sed -i 's/memory_limit.*/memory_limit = 2G/g' /etc/php7/php.ini && \
# max_execution_time to 5min
sed -i 's/max_execution_time.*/max_execution_time = 300/g' /etc/php7/php.ini && \
# max_input_time to 2min
sed -i 's/max_input_time.*/max_input_time = 120/g' /etc/php7/php.ini && \
# Change DocumentRoot to /var/www
sed -i 's/var\/www\/localhost\/htdocs/var\/www\/html/g' /etc/apache2/httpd.conf && \
# Change ServerRoot to /usr/local/apache
sed -i 's/ServerRoot \/var\/www/ServerRoot \/usr\/local\/apache/g' /etc/apache2/httpd.conf && \
# Make sure PHP-FPM executes as apache user
sed -i 's/user = nobody/user = apache/g' /etc/php7/php-fpm.d/www.conf && \
sed -i 's/group = nobody/group = apache/g' /etc/php7/php-fpm.d/www.conf && \
# Shortcut cli commands
echo 'alias l="ls -la"; alias s="cd .."' >> ~/.profile && \
# Prepare Apache log dir
mkdir -p /var/log/apache2 && \
# Clean base directory
rm -rf /var/www/* && \
# Apache configs in one place
mkdir -p /run/apache2 /usr/local/apache && \
ln -s /usr/lib/apache2 /usr/local/apache/modules && \
ln -s /var/log/apache2 /usr/local/apache/logs
# Make sure apache can read&right to docroot
RUN chown -R apache:apache /var/www
# Make sure apache can read&right to logs
RUN chown -R apache:apache /var/log/apache2
# Allow Apache to create pid
RUN chown -R apache:apache /run/apache2
# Change shell for apache user so that it can login
RUN usermod -s /bin/bash apache
# Some shell aliases
RUN echo "alias l='ls -la' \
alias s='cd ..' \
alias grep='grep --color=auto'" > /var/www/.bashrc
### Continue execution as Apache user ###
USER apache
# Change to bash
RUN bash --login
# Bash config updates for apache user
RUN cd && bash -c "$(curl -fsSL https://raw.githubusercontent.com/ohmybash/oh-my-bash/master/tools/install.sh)"
# Define Grav specific version of Grav or use latest stable
ENV GRAV_VERSION latest
# Install grav
WORKDIR /var/www
RUN curl -o grav-admin.zip -SLk https://getgrav.org/download/core/grav-admin/${GRAV_VERSION} && \
unzip grav-admin.zip && \
mv -f /var/www/grav-admin /var/www/html && \
rm grav-admin.zip
# Update Grav plugins
RUN cd /var/www/html && bin/gpm -y update
# Create cron job for Grav maintenance scripts
RUN (crontab -l; echo "* * * * * cd /var/www/html; /usr/bin/php bin/grav scheduler 1 >> /dev/null 2>&1") | crontab -
# Cron requires that each entry in a crontab end in a newline character. If the last entry in a crontab is missing the newline, cron will consider the crontab (at least partially) broken and refuse to install it.
RUN (crontab -l; echo "") | crontab -
# Generate RSA keys to be able to use 'git clone' with a public key
RUN echo -e 'y' | /usr/bin/ssh-keygen -t rsa -b 4096 -q -N "" -f ~/.ssh/id_rsa
# Make sure no one but the owner can read the private key
RUN chmod 600 ~/.ssh/id_rsa
# AMPHP
RUN mkdir -p /var/www && \
cd /var/www && \
composer require amphp/http-server amphp/http-server-router amphp/http-server-static-content
# Accept incoming HTTP requests
EXPOSE 80
### Return to root user ###
USER root
# syslog option '-Z' was changed to '-t', change this in /etc/conf.d/syslog so that syslog (and then cron) actually starts
# https://gitlab.alpinelinux.org/alpine/aports/-/issues/9279
RUN sed -i 's/SYSLOGD_OPTS="-Z"/SYSLOGD_OPTS="-t"/g' /etc/conf.d/syslog
# Provide container inside image for data persistence
VOLUME ["/var/www"]
# vhost config
COPY vhost.conf /etc/apache2/conf.d/vhost.conf
COPY example.php /var/www
# Start PHP-FPM and Apache
CMD crond && php-fpm7 -D && httpd
CMD php /var/www/example.php

63
README.md
View File

@ -1,62 +1,3 @@
This uses the official image of Grav CMS (https://getgrav.org) with some additional configs so that it makes sense to use on a Production server.
# Official Docker Image for Grav
# amphp http server
This currently is uses the latest versions of:
* apache
* GD library
* Unzip library
* php7.4
* php7.4-opcache
* php7.4-acpu
* php7.4-yaml
* cron
* vim editor
## Persisting data
To save the Grav site data to the host file system (so that it persists even after the container has been removed), simply map the container's `/var/www/html` directory to a named Docker volume or to a directory on the host.
> If the mapped directory or named volume is empty, it will be automatically populated with a fresh install of Grav the first time that the container starts. However, once the directory/volume has been populated, the data will persist and will not be overwritten the next time the container starts.
## Building the image from Dockerfile
```
docker build -t grav:latest .
```
## Running Grav Image with Latest Grav + Admin:
```
docker run -p 8000:80 grav:latest
```
Point browser to `http://localhost:8000` and create user account...
## Running Grav Image with Latest Grav + Admin with a named volume (can be used in production)
```
docker run -d -p 8000:80 --restart always -v grav_data:/var/www/html grav:latest
```
## Running Grav Image with docker-compose and a volume mapped to a local directory
Running `docker-compose up -d` with the following docker-compose configuration will automatically build the Grav image (if the Dockerfile is in the same directory as the docker-compose.yml file). Then the Grav container will be started with all of the site data persisted to a named volume (stored in the `./grav` directory.
```.yml
volumes:
grav-data:
driver: local
driver_opts:
type: none
device: $PWD/grav
o: bind
services:
grav:
build: ./
ports:
- 8080:80
volumes:
- grav-data:/var/www/html
```
https://amphp.org/http-server

33
example.php Normal file
View File

@ -0,0 +1,33 @@
<?php
use Amp\Http\Server\RequestHandler\CallableRequestHandler;
use Amp\Http\Server\HttpServer;
use Amp\Http\Server\Request;
use Amp\Http\Server\Response;
use Amp\Http\Status;
use Amp\Socket\Server;
use Psr\Log\NullLogger;
// Run this script, then visit http://localhost:1337/ in your browser.
Amp\Loop::run(function () {
$sockets = [
Server::listen("0.0.0.0:1337"),
Server::listen("[::]:1337"),
];
$server = new HttpServer($sockets, new CallableRequestHandler(function (Request $request) {
return new Response(Status::OK, [
"content-type" => "text/plain; charset=utf-8"
], "Hello, World!");
}), new NullLogger);
yield $server->start();
// Stop the server gracefully when SIGINT is received.
// This is technically optional, but it is best to call Server::stop().
Amp\Loop::onSignal(SIGINT, function (string $watcherId) use ($server) {
Amp\Loop::cancel($watcherId);
yield $server->stop();
});
});

45
vhost.conf
View File

@ -1,45 +0,0 @@
ServerName localhost
<VirtualHost *:80>
ServerName localhost
## Vhost docroot
DocumentRoot /var/www/html
## Take .htaccess.local in priority
AccessFileName .htaccess.local .htaccess
## PHP-FPM connection
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/html/$1
DirectoryIndex index.php
## Directories,
<LocationMatch "^(.*/)\..*">
Require all denied
</LocationMatch>
<FilesMatch "^\.">
Require all denied
</FilesMatch>
<DirectoryMatch "^(.*/)\..*">
Require all denied
</DirectoryMatch>
<Directory "/var/www/html">
Options -Indexes +FollowSymLinks +IncludesNOEXEC -MultiViews
AllowOverride All
Require all granted
<FilesMatch ".+(\.php)$">
SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
</Directory>
<Proxy "fcgi://127.0.0.1:9000">
ProxySet timeout=1200
</Proxy>
## Logging : hide version
ServerSignature Off
</VirtualHost>