village-hall
/
opnform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reworked docker scripts for new nuxt infrastructure (#285) 

* Reworked docker scripts for new nuxt infrastructure

* Switched to log mailer for default docker config

---------

Co-authored-by: Julien Nahum <julien@nahum.net>
This commit is contained in:
Don Benjamin 2024-01-18 15:35:45 +00:00 committed by GitHub
parent a651c60808
commit 129e7feb5f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 144 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.dockerignore
View File

@ -1,2 +1,3 @@
.git /.git
Dockerfile /Dockerfile
/data

16
.env.docker
View File

@ -28,14 +28,14 @@ REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null REDIS_PASSWORD=null
REDIS_PORT=6379 REDIS_PORT=6379
MAIL_MAILER=smtp MAIL_MAILER=log
MAIL_HOST=smtp.mailtrap.io MAIL_HOST=
MAIL_PORT=2525 MAIL_PORT=
MAIL_USERNAME=null MAIL_USERNAME=
MAIL_PASSWORD=null MAIL_PASSWORD=
MAIL_ENCRYPTION=null MAIL_ENCRYPTION=
MAIL_FROM_ADDRESS=null MAIL_FROM_ADDRESS=
MAIL_FROM_NAME="${APP_NAME}" MAIL_FROM_NAME=
AWS_ACCESS_KEY_ID= AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY= AWS_SECRET_ACCESS_KEY=

29
Dockerfile
View File

@ -2,7 +2,7 @@ ARG PHP_PACKAGES="php8.1 composer php8.1-common php8.1-pgsql php8.1-redis php8.1
php8.1-simplexml php8.1-bcmath php8.1-gd php8.1-curl php8.1-zip\ php8.1-simplexml php8.1-bcmath php8.1-gd php8.1-curl php8.1-zip\
php8.1-imagick php8.1-bz2 php8.1-gmp php8.1-int php8.1-pcov php8.1-soap php8.1-xsl" php8.1-imagick php8.1-bz2 php8.1-gmp php8.1-int php8.1-pcov php8.1-soap php8.1-xsl"
FROM node:16 AS javascript-builder FROM node:20-alpine AS javascript-builder
WORKDIR /app WORKDIR /app
# It's best to add as few files as possible before running the build commands # It's best to add as few files as possible before running the build commands
@ -10,15 +10,12 @@ WORKDIR /app
# #
# It's possible to run npm install with only the package.json and package-lock.json file. # It's possible to run npm install with only the package.json and package-lock.json file.
ADD package.json package-lock.json ./ ADD client/package.json client/package-lock.json ./
RUN npm install RUN npm install
ADD resources /app/resources ADD client /app/
ADD public /app/public
ADD tailwind.config.js vite.config.js postcss.config.js /app/
RUN npm run build RUN npm run build
# syntax=docker/dockerfile:1.3-labs # syntax=docker/dockerfile:1.3-labs
FROM --platform=linux/amd64 ubuntu:23.04 AS php-dependency-installer FROM --platform=linux/amd64 ubuntu:23.04 AS php-dependency-installer
@ -29,10 +26,18 @@ RUN apt-get update \
WORKDIR /app WORKDIR /app
ADD composer.json composer.lock artisan ./ ADD composer.json composer.lock artisan ./
# NOTE: The project would build more reliably if all php files were added before running
# composer install. This would though introduce a dependency which would cause every
# dependency to be re-installed each time any php file is edited. It may be necessary in
# future to remove this 'optimisation' by moving the `RUN composer install` line after all
# the following ADD commands.
# Running artisan requires the full php app to be installed so we need to remove the # Running artisan requires the full php app to be installed so we need to remove the
# post-autoload command from the composer file if we want to run composer without # post-autoload command from the composer file if we want to run composer without
# adding a dependency to all the php files. # adding a dependency to all the php files.
RUN sed 's_@php artisan package:discover_/bin/true_;' -i composer.json RUN sed 's_@php artisan package:discover_/bin/true_;' -i composer.json
ADD app/helpers.php /app/app/helpers.php
RUN composer install --ignore-platform-req=php RUN composer install --ignore-platform-req=php
ADD app /app/app ADD app /app/app
@ -61,18 +66,22 @@ ARG PHP_PACKAGES
RUN apt-get update \ RUN apt-get update \
&& apt-get install -y \ && apt-get install -y \
supervisor nginx sudo postgresql-15 redis\ supervisor nginx sudo postgresql-15 redis\
$PHP_PACKAGES php8.1-fpm\ $PHP_PACKAGES php8.1-fpm wget\
&& apt-get clean && apt-get clean
RUN wget -qO- https://raw.githubusercontent.com/creationix/nvm/v0.39.3/install.sh | bash
RUN . /root/.nvm/nvm.sh && nvm install 20
ADD docker/postgres-wrapper.sh docker/php-fpm-wrapper.sh docker/redis-wrapper.sh /usr/local/bin/ ADD docker/postgres-wrapper.sh docker/php-fpm-wrapper.sh docker/redis-wrapper.sh docker/nuxt-wrapper.sh docker/generate-api-secret.sh /usr/local/bin/
ADD docker/php-fpm.conf /etc/php/8.1/fpm/pool.d/ ADD docker/php-fpm.conf /etc/php/8.1/fpm/pool.d/
ADD docker/nginx.conf /etc/nginx/sites-enabled/default ADD docker/nginx.conf /etc/nginx/sites-enabled/default
ADD docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf ADD docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
ADD .env.docker .env
ADD . . ADD . .
ADD .env.docker .env
ADD client/.env.docker client/.env
COPY --from=javascript-builder /app/public/build/ ./public/build/ COPY --from=javascript-builder /app/.output/ ./nuxt/
RUN cp -r nuxt/public .
COPY --from=php-dependency-installer /app/vendor/ ./vendor/ COPY --from=php-dependency-installer /app/vendor/ ./vendor/
RUN chmod a+x /usr/local/bin/*.sh /app/artisan \ RUN chmod a+x /usr/local/bin/*.sh /app/artisan \

12
README.md
View File

@ -84,12 +84,18 @@ The `-v` argument creates a local directory called `my-opnform-data` which will
The `--name` argument names the running container so that you can refer back to it later, with e.g. `docker stop opnform`. You can use any name you'd like. The `--name` argument names the running container so that you can refer back to it later, with e.g. `docker stop opnform`. You can use any name you'd like.
#### Using a custom .env file #### Using custom .env files
If you have a custom env file you can use this like so: If you have custom env file you can use them like so:
Custom Laravel .env file:
``` ```
docker run --name opnform -v $PWD/my-custom-env-file.env:/app/.env -v $PWD/my-opnform-data:/persist -p 80:80 jhumanj/opnform docker run --name opnform -v $PWD/custom-laravel-env-file.env:/app/.env -v $PWD/my-opnform-data:/persist -p 80:80 jhumanj/opnform
```
Custom Nuxt .env file:
```
docker run --name opnform -v $PWD/custom-nuxt-env-file.env:/app/client/.env -v $PWD/my-opnform-data:/persist -p 80:80 jhumanj/opnform
``` ```
This would load load in the env file located at `my-custom-env-file.env`, note that if you are creating a .env file for use like this it's best to start from the `.docker.env` example file as there are slightly different defaults for the dockerized setup. This would load load in the env file located at `my-custom-env-file.env`, note that if you are creating a .env file for use like this it's best to start from the `.docker.env` example file as there are slightly different defaults for the dockerized setup.

13
client/.env.docker Normal file
View File

@ -0,0 +1,13 @@
NUXT_LOG_LEVEL=
NUXT_PUBLIC_APP_URL=http://localhost/
NUXT_PUBLIC_API_BASE=http://localhost/api
NUXT_PUBLIC_AI_ENABLED=
NUXT_PUBLIC_AMPLITUDE_CODE=
NUXT_PUBLIC_CRISP_WEBSITE_ID=
NUXT_PUBLIC_CUSTOM_DOMAINS_ENABLED=
NUXT_PUBLIC_ENV=local
NUXT_PUBLIC_GOOGLE_ANALYTICS_CODE=
NUXT_PUBLIC_H_CAPTCHA_SITE_KEY=
NUXT_PUBLIC_PAID_PLANS_ENABLED=
NUXT_PUBLIC_S3_ENABLED=
NUXT_API_SECRET=

1
client/.gitignore vendored
View File

@ -23,3 +23,4 @@ logs
.env .env
.env.* .env.*
!.env.example !.env.example
!.env.docker

47
docker/generate-api-secret.sh Normal file
View File

@ -0,0 +1,47 @@
#!/bin/bash
main() {
( flock -n 100 || wait_for_other_instance; generate_api_secrets) 100> /var/lock/api_secret.lock
}
generate_api_secrets() {
if ! is_configured; then
SECRET=$(random_string)
add_secret_to_env_file /app/client/.env NUXT_API_SECRET $SECRET
add_secret_to_env_file /app/.env FRONT_API_SECRET $SECRET
fi
}
random_string() {
array=()
for i in {a..z} {A..Z} {0..9};
do
array[$RANDOM]=$i
done
printf %s ${array[@]::8} $'\n'
}
add_secret_to_env_file() {
FILE=$1
TEMP_FILE=/tmp/env.$$
VAR=$2
VAL=$3
grep "^$VAR=" $FILE || ( echo $VAR= >> $FILE )
cp $FILE $TEMP_FILE
sed "s/^$VAR=.*$/$VAR=$VAL/" -i $TEMP_FILE
cat $TEMP_FILE > $FILE
}
wait_for_other_instance() {
while ! is_configured; do
sleep 1;
done
}
is_configured() {
grep -q "FRONT_API_SECRET=.\+" /app/.env
}
main

18
docker/nginx.conf
View File

@ -1,3 +1,8 @@
map $original_uri $api_uri {
~^/api(/.*$) $1;
default $original_uri;
}
server { server {
listen 80; listen 80;
server_name opnform; server_name opnform;
@ -9,7 +14,15 @@ server {
index index.html index.htm index.php; index index.html index.htm index.php;
location / { location / {
try_files $uri $uri/ /index.php$is_args$args; proxy_pass http://localhost:3000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
location /api/ {
set $original_uri $uri;
try_files $uri $uri/ /index.php$is_args$args;
} }
location ~ \.php$ { location ~ \.php$ {
@ -17,6 +30,7 @@ server {
fastcgi_pass unix:/var/run/php-fpm-opnform-site.sock; fastcgi_pass unix:/var/run/php-fpm-opnform-site.sock;
fastcgi_index index.php; fastcgi_index index.php;
include fastcgi.conf; include fastcgi.conf;
} fastcgi_param REQUEST_URI $api_uri;
}
} }

16
docker/nuxt-wrapper.sh Normal file
View File

@ -0,0 +1,16 @@
#!/bin/bash
. /root/.nvm/nvm.sh
nvm install 20
nvm use 20
cd /app/nuxt/server/
. /app/client/.env
[ "x$NUXT_API_SECRET" != "x" ] || generate-api-secret.sh
sed 's/^/export /' < /app/.nuxt.env > env.sh
. env.sh
node index.mjs

5
docker/php-fpm-wrapper.sh
View File

@ -30,6 +30,11 @@ ln -sf /persist/storage /app/storage
. /app/.env . /app/.env
} }
[ "x$FRONT_API_SECRET" != "x" ] || {
generate-api-secret.sh
. /app/.env
}
/usr/sbin/php-fpm8.1 /usr/sbin/php-fpm8.1
tail -f /var/log/opnform.log tail -f /var/log/opnform.log

7
docker/supervisord.conf
View File

@ -40,3 +40,10 @@ stderr_logfile=/dev/stderr
stdout_logfile_maxbytes=0 stdout_logfile_maxbytes=0
redirect_stderr=true redirect_stderr=true
[program:nuxt-backend]
command=/usr/local/bin/nuxt-wrapper.sh
stdout_logfile=/dev/stdout
stderr_logfile=/dev/stderr
stdout_logfile_maxbytes=0
redirect_stderr=true