nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-01-01 11:32:27 +08:00
Code Issues Projects Releases Packages Wiki Activity

migrate mastercontainer to alpine (#1577)

Browse source
This commit is contained in:
Zoey 2023-01-27 21:36:53 +01:00 committed by GitHub
parent 123c1be6b7
commit 4e74052c20
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 86 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

105
Containers/mastercontainer/Dockerfile
View file

@ -4,8 +4,15 @@ FROM docker:20.10.23-dind as dind
# Caddy is a requirement # Caddy is a requirement
FROM caddy:2.6.2-alpine as caddy FROM caddy:2.6.2-alpine as caddy
# From https://github.com/docker-library/php/blob/master/8.0/bullseye/apache/Dockerfile # From https://github.com/docker-library/php/blob/master/8.1/alpine3.17/fpm/Dockerfile
FROM php:8.1.14-apache-bullseye FROM php:8.1.14-fpm-alpine3.17
RUN set -ex; \
apk add --no-cache shadow; \
groupmod -g 333 xfs; \
usermod -u 333 -g 333 xfs; \
groupmod -g 33 www-data; \
usermod -u 33 -g 33 www-data
EXPOSE 80 EXPOSE 80
EXPOSE 8080 EXPOSE 8080
@ -19,16 +26,38 @@ RUN mkdir -p /var/www/docker-aio;
WORKDIR /var/www/docker-aio WORKDIR /var/www/docker-aio
RUN apt-get update; \ RUN set -ex; \
apt-get install -y --no-install-recommends \ apk add --no-cache \
git \ ca-certificates \
wget \
tzdata \
bash \
apache2 \
apache2-proxy \
apache2-ssl \
supervisor \ supervisor \
openssl \ openssl \
sudo \ sudo \
dpkg-dev \ netcat-openbsd \
netcat \ grep
; \
rm -rf /var/lib/apt/lists/* RUN set -ex; \
apk add --no-cache --virtual .build-deps \
autoconf \
build-base; \
pecl install APCu-5.1.22; \
docker-php-ext-enable apcu; \
rm -r /tmp/pear; \
\
runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
apk add --virtual .nextcloud-aio-rundeps $runDeps; \
apk del .build-deps; \
sed -i 's|access.log = /proc/self/fd/2|access.log = /proc/self/fd/1|' /usr/local/etc/php-fpm.d/docker.conf
COPY --from=caddy /usr/bin/caddy /usr/bin/ COPY --from=caddy /usr/bin/caddy /usr/bin/
RUN chmod +x /usr/bin/caddy RUN chmod +x /usr/bin/caddy
@ -36,14 +65,10 @@ RUN chmod +x /usr/bin/caddy
COPY --from=dind /usr/local/bin/docker /usr/local/bin/ COPY --from=dind /usr/local/bin/docker /usr/local/bin/
RUN chmod +x /usr/local/bin/docker RUN chmod +x /usr/local/bin/docker
RUN set -ex; \
pecl install APCu-5.1.22; \
docker-php-ext-enable apcu
RUN set -e && \ RUN set -e && \
curl -sS https://getcomposer.org/installer | php && \ apk add --no-cache git; \
mv composer.phar /usr/local/bin/composer && \ wget https://getcomposer.org/installer -O - | php -- --install-dir=/usr/local/bin --filename=composer; \
chmod +x /usr/local/bin/composer && \ chmod +x /usr/local/bin/composer; \
cd /var/www/docker-aio; \ cd /var/www/docker-aio; \
git clone https://github.com/nextcloud-releases/all-in-one.git --depth 1 .; \ git clone https://github.com/nextcloud-releases/all-in-one.git --depth 1 .; \
cd php; \ cd php; \
@ -54,7 +79,8 @@ RUN set -e && \
chmod 770 -R ./; \ chmod 770 -R ./; \
chown www-data:www-data -R /var/www; \ chown www-data:www-data -R /var/www; \
rm -r ./php/data; \ rm -r ./php/data; \
rm -r ./php/session rm -r ./php/session; \
apk del --no-cache git
RUN mkdir -p /etc/apache2/certs && \ RUN mkdir -p /etc/apache2/certs && \
cd /etc/apache2/certs && \ cd /etc/apache2/certs && \
@ -62,28 +88,31 @@ RUN mkdir -p /etc/apache2/certs && \
COPY mastercontainer.conf /etc/apache2/sites-available/ COPY mastercontainer.conf /etc/apache2/sites-available/
RUN a2enmod rewrite \ RUN sed -i \
headers \ -e '/^Listen /d' \
env \ -e 's/User apache/User www-data/g' \
mime \ -e 's/Group apache/Group www-data/g' \
dir \ -e 's/^#\(LoadModule .*mod_rewrite.so\)/\1/' \
authz_core \ -e 's/^#\(LoadModule .*mod_headers.so\)/\1/' \
proxy \ -e 's/^#\(LoadModule .*mod_env.so\)/\1/' \
proxy_http \ -e 's/^#\(LoadModule .*mod_mime.so\)/\1/' \
ssl -e 's/^#\(LoadModule .*mod_dir.so\)/\1/' \
-e 's/^#\(LoadModule .*mod_authz_core.so\)/\1/' \
RUN rm /etc/apache2/ports.conf; \ -e 's/^#\(LoadModule .*mod_mpm_event.so\)/\1/' \
sed -s -i -e "s/Include ports.conf//" /etc/apache2/apache2.conf; \ -e 's/\(LoadModule .*mod_mpm_worker.so\)/#\1/' \
sed -i "/^Listen /d" /etc/apache2/apache2.conf -e 's/\(LoadModule .*mod_mpm_prefork.so\)/#\1/' \
/etc/apache2/httpd.conf; \
mkdir -p /etc/apache2/logs; \
rm /etc/apache2/conf.d/ssl.conf; \
echo "ServerName localhost" | tee -a /etc/apache2/httpd.conf; \
echo "LoadModule ssl_module modules/mod_ssl.so" | tee -a /etc/apache2/httpd.conf; \
echo "LoadModule socache_shmcb_module modules/mod_socache_shmcb.so" | tee -a /etc/apache2/httpd.conf; \
echo "Include /etc/apache2/sites-available/mastercontainer.conf" | tee -a /etc/apache2/httpd.conf
RUN set -ex; \ RUN set -ex; \
a2dissite 000-default && \ rm -f /etc/apache2/conf.d/default.conf \
a2dissite default-ssl && \ /etc/apache2/conf.d/userdir.conf \
rm -f /etc/apache2/sites-enabled/000-default.conf && \ /etc/apache2/conf.d/info.conf
rm -f /etc/apache2/sites-enabled/default-ssl.conf && \
rm /etc/apache2/sites-available/000-default.conf && \
rm /etc/apache2/sites-available/default-ssl.conf && \
a2ensite mastercontainer.conf
RUN mkdir /var/log/supervisord; \ RUN mkdir /var/log/supervisord; \
mkdir /var/run/supervisord; mkdir /var/run/supervisord;
@ -109,4 +138,4 @@ USER root
ENTRYPOINT ["start.sh"] ENTRYPOINT ["start.sh"]
CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"] CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
HEALTHCHECK CMD /healthcheck.sh HEALTHCHECK CMD /healthcheck.sh

6
Containers/mastercontainer/mastercontainer.conf
View file

@ -10,9 +10,13 @@ Listen 8080
<VirtualHost *:8000> <VirtualHost *:8000>
ServerName localhost ServerName localhost
# Add error log
CustomLog /proc/self/fd/1 combined
ErrorLog /proc/self/fd/2
# PHP match # PHP match
<FilesMatch "\.php$"> <FilesMatch "\.php$">
SetHandler application/x-httpd-php SetHandler "proxy:fcgi://localhost:9000"
</FilesMatch> </FilesMatch>
# Master dir # Master dir
DocumentRoot /var/www/docker-aio/php/public/ DocumentRoot /var/www/docker-aio/php/public/

7
Containers/mastercontainer/start.sh
View file

@ -239,8 +239,8 @@ chown root:root -R /mnt/docker-aio-config/certs/
# Don't allow access to the AIO interface from the Nextcloud container # Don't allow access to the AIO interface from the Nextcloud container
# Probably more cosmetic than anything but at least an attempt # Probably more cosmetic than anything but at least an attempt
if ! grep -q '# nextcloud-aio-block' /etc/apache2/apache2.conf; then if ! grep -q '# nextcloud-aio-block' /etc/apache2/httpd.conf; then
cat << APACHE_CONF >> /etc/apache2/apache2.conf cat << APACHE_CONF >> /etc/apache2/httpd.conf
# nextcloud-aio-block-start # nextcloud-aio-block-start
<Location /> <Location />
order allow,deny order allow,deny
@ -277,4 +277,7 @@ https://your-domain-that-points-to-this-server.tld:8443"
# Set the timezone to UTC # Set the timezone to UTC
export TZ=UTC export TZ=UTC
# Fix apache startup
rm -f /var/run/apache2/httpd.pid
exec "$@" exec "$@"

10
Containers/mastercontainer/supervisord.conf
View file

@ -8,12 +8,20 @@ logfile_backups=10
loglevel=error loglevel=error
user=root user=root
[program:php-fpm]
# stdout_logfile=/dev/stdout
# stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=php-fpm
user=root
[program:apache] [program:apache]
# stdout_logfile=/dev/stdout # stdout_logfile=/dev/stdout
# stdout_logfile_maxbytes=0 # stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0 stderr_logfile_maxbytes=0
command=apache2-foreground command=httpd -DFOREGROUND
user=root user=root
[program:caddy] [program:caddy]