Commit 995b56d2 authored by Emanuel Jacob's avatar Emanuel Jacob
Browse files

Initial commit

parents
Pipeline #43332 failed with stage
in 37 seconds
## General ignores
# temp files
*~
.*.marks
\#*\#
.~lock.*#
.DS_Store
# IntelliJ IDEA and similar
/*.iml
/*/*.iml
/.idea
# as a convention ignore all directories starting with "_" in the repository root
/_*/*
\ No newline at end of file
image: docker:latest
services:
- name: docker:dind
command: ["--experimental"]
stages:
- build
build73:
stage: build
only:
refs:
- master
script:
- /bin/sh build.sh 7.3
build74:
stage: build
only:
refs:
- master
script:
- /bin/sh build.sh 7.4 latest
FROM php:7.3-fpm-buster
# Add php.ini for more dev-specific PHP configuration
COPY shared/php.ini /usr/local/etc/php/
# Add composer
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
# pool configuration
COPY shared/zz-www.conf /usr/local/etc/php-fpm.d/
# Install packages with clean up
RUN set -ex; \
build_dependencies="autoconf dpkg-dev file g++ gcc make pkgconf re2c libcurl4-nss-dev \
libjpeg-dev libpng-dev libpq-dev libjpeg62-turbo-dev libxml2-dev \
libxslt1-dev libfreetype6-dev libmagickwand-dev"; \
install_packages="acl cron gifsicle git imagemagick graphicsmagick gsfonts jpegoptim libjpeg-turbo-progs libpq5 \
libbz2-dev libonig-dev libsodium-dev libxml2 libxslt1.1 libzip-dev libwebp-dev mariadb-client msmtp nano patch \
pkg-config procps openssl openssh-client optipng rsync sudo unzip vim webp zip"; \
apt-get update; \
apt-get install -y --no-install-recommends ${build_dependencies}; \
apt-get install -y ${install_packages}; \
pecl install xdebug redis imagick mongodb; \
docker-php-ext-enable imagick; \
docker-php-ext-enable redis; \
docker-php-ext-enable mongodb; \
docker-php-ext-configure gd --with-webp --with-jpeg=/usr --with-freetype=/usr/; \
docker-php-ext-install -j "$(nproc)" \
bcmath \
bz2 \
calendar \
curl \
pcntl \
gd \
mysqli \
opcache \
pdo_mysql \
pdo_pgsql \
soap \
exif \
mbstring \
intl \
xsl \
zip \
sodium \
; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false ${build_dependencies}; \
rm -rf /var/lib/apt/lists/*; \
chmod 777 /tmp
# Allow user www-data to run the xdebug enable script
RUN echo 'www-data ALL=(root) NOPASSWD:/usr/local/bin/team23-docker-php-enable-xdebug.sh' >> /etc/sudoers
# Add composer package for running composer downloads parallel
RUN composer global require hirak/prestissimo
# Install deployer
RUN curl -LO https://deployer.org/deployer.phar && mv deployer.phar /usr/local/bin/dep && chmod +x /usr/local/bin/dep
# Install node
RUN apt-get update && apt-get install -my wget gnupg && \
curl -sL https://deb.nodesource.com/setup_12.x | bash - && \
apt-get install -y nodejs build-essential libssl-dev && \
npm install -g grunt-cli gulp-cli
# Configure msmtp to use mail:1025 as a smtp server and php to use msmtp as sendmail_path
RUN echo "account default \n \
host mail \n \
from \"test@mail.de\" \n \
port 1025" >> /etc/msmtprc
RUN chmod 644 /etc/msmtprc
RUN echo "sendmail_path = /usr/bin/msmtp -t" > /usr/local/etc/php/conf.d/sendmail.ini
# Enable our own entrypoint which can be used to install/enable xdebug using env variables
COPY shared/team23-docker-php-enable-xdebug.sh shared/team23-docker-php-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["team23-docker-php-entrypoint.sh"]
# This has to be here again as ENTRYPOINT seems to reset CMD
CMD ["php-fpm"]
# Finally switch to our standard workdir
WORKDIR /app/web/
#
## Install libsodum 1.0.17
#RUN echo "deb http://deb.debian.org/debian stretch-backports main" >> /etc/apt/sources.list
#RUN apt-get update && apt-get -t stretch-backports install -y \
# libsodium-dev
#RUN pecl install -f libsodium-1.0.17
#
## Install xdebug
#RUN apt-get update && \
# apt-get install -y autoconf dpkg dpkg-dev file g++ gcc make pkgconf re2c && \
# pecl install xdebug && \
# chmod 777 /usr/local/etc/php/conf.d/ && \
# rm -rf /var/lib/apt/lists/*
# # TODO: Remove packages again, currently apt will bail out with:
# # "WARNING: The following essential packages will be removed.
# # This should NOT be done unless you know exactly what you are doing!"
# #apt-get remove -y autoconf dpkg dpkg-dev file g++ gcc make pkgconf re2c && \
#
#COPY shared/team23-docker-php-enable-xdebug.sh /usr/local/bin/
#
#RUN apt-get update && \
# apt-get install -y openssl git mariadb-client openssh-client libfreetype6 libpng16-16 libjpeg62-turbo gettext libmcrypt4 libxslt1.1 libicu57 && \
# apt-get install -y libfreetype6-dev libpng-dev libjpeg62-turbo-dev libxslt1-dev libicu-dev libzip-dev sudo zip unzip && \
# docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ && \
# docker-php-ext-install -j$(getconf _NPROCESSORS_ONLN) gd bcmath soap gettext mysqli pdo_mysql opcache xsl zip intl calendar && \
# apt-get remove -y libfreetype6-dev libpng-dev libjpeg62-turbo-dev libxslt1-dev libicu-dev && \
# rm -rf /var/lib/apt/lists/*
#
#RUN apt-get update && apt-get install -my wget gnupg && \
# curl -sL https://deb.nodesource.com/setup_12.x | bash - && \
# apt-get install -y nodejs build-essential libssl-dev && \
# npm install -g grunt-cli gulp-cli
#
#RUN a2enmod proxy proxy_http proxy_http2 proxy_fcgi rewrite http2 expires deflate alias headers negotiation
#
#COPY shared/apache-default-vhost.conf /etc/apache2/sites-enabled/000-default.conf
#
## Enable our own entrypoint which can be used to install/enable xdebug using env variables
#COPY shared/team23-docker-php-entrypoint.sh /usr/local/bin/
#ENTRYPOINT ["team23-docker-php-entrypoint.sh"]
## This has to be here again as ENTRYPOINT seems to reset CMD
#CMD ["apache2-foreground"]
#
## Finally switch to our standard workdir
#WORKDIR /app/web/
#
FROM php:7.4-fpm-buster
# Add php.ini for more dev-specific PHP configuration
COPY shared/php.ini /usr/local/etc/php/
# Add composer
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
# pool configuration
COPY shared/zz-www.conf /usr/local/etc/php-fpm.d/
# Install packages with clean up
RUN set -ex; \
build_dependencies="autoconf dpkg-dev file g++ gcc make pkgconf re2c libcurl4-nss-dev \
libjpeg-dev libpng-dev libpq-dev libjpeg62-turbo-dev libxml2-dev \
libxslt1-dev libfreetype6-dev libmagickwand-dev"; \
install_packages="acl cron gifsicle git imagemagick graphicsmagick gsfonts jpegoptim libjpeg-turbo-progs libpq5 \
libbz2-dev libonig-dev libsodium-dev libxml2 libxslt1.1 libzip-dev libwebp-dev mariadb-client msmtp nano patch \
pkg-config procps openssl openssh-client optipng rsync sudo unzip vim webp zip"; \
apt-get update; \
apt-get install -y --no-install-recommends ${build_dependencies}; \
apt-get install -y ${install_packages}; \
pecl install xdebug redis imagick mongodb; \
docker-php-ext-enable imagick; \
docker-php-ext-enable redis; \
docker-php-ext-enable mongodb; \
docker-php-ext-configure gd --with-webp --with-jpeg=/usr --with-freetype=/usr/; \
docker-php-ext-install -j "$(nproc)" \
bcmath \
bz2 \
calendar \
curl \
pcntl \
gd \
mysqli \
opcache \
pdo_mysql \
pdo_pgsql \
soap \
exif \
mbstring \
intl \
xsl \
zip \
sodium \
; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false ${build_dependencies}; \
rm -rf /var/lib/apt/lists/*; \
chmod 777 /tmp
# Allow user www-data to run the xdebug enable script
RUN echo 'www-data ALL=(root) NOPASSWD:/usr/local/bin/team23-docker-php-enable-xdebug.sh' >> /etc/sudoers
# Add composer package for running composer downloads parallel
RUN composer global require hirak/prestissimo
# Install deployer
RUN curl -LO https://deployer.org/deployer.phar && mv deployer.phar /usr/local/bin/dep && chmod +x /usr/local/bin/dep
# Install node
RUN apt-get update && apt-get install -my wget gnupg && \
curl -sL https://deb.nodesource.com/setup_12.x | bash - && \
apt-get install -y nodejs build-essential libssl-dev && \
npm install -g grunt-cli gulp-cli
# Configure msmtp to use mail:1025 as a smtp server and php to use msmtp as sendmail_path
RUN echo "account default \n \
host mail \n \
from \"test@mail.de\" \n \
port 1025" >> /etc/msmtprc
RUN chmod 644 /etc/msmtprc
RUN echo "sendmail_path = /usr/bin/msmtp -t" > /usr/local/etc/php/conf.d/sendmail.ini
# Enable our own entrypoint which can be used to install/enable xdebug using env variables
COPY shared/team23-docker-php-enable-xdebug.sh shared/team23-docker-php-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["team23-docker-php-entrypoint.sh"]
# This has to be here again as ENTRYPOINT seems to reset CMD
CMD ["php-fpm"]
# Finally switch to our standard workdir
WORKDIR /app/web/
#
## Install libsodum 1.0.17
#RUN echo "deb http://deb.debian.org/debian stretch-backports main" >> /etc/apt/sources.list
#RUN apt-get update && apt-get -t stretch-backports install -y \
# libsodium-dev
#RUN pecl install -f libsodium-1.0.17
#
## Install xdebug
#RUN apt-get update && \
# apt-get install -y autoconf dpkg dpkg-dev file g++ gcc make pkgconf re2c && \
# pecl install xdebug && \
# chmod 777 /usr/local/etc/php/conf.d/ && \
# rm -rf /var/lib/apt/lists/*
# # TODO: Remove packages again, currently apt will bail out with:
# # "WARNING: The following essential packages will be removed.
# # This should NOT be done unless you know exactly what you are doing!"
# #apt-get remove -y autoconf dpkg dpkg-dev file g++ gcc make pkgconf re2c && \
#
#COPY shared/team23-docker-php-enable-xdebug.sh /usr/local/bin/
#
#RUN apt-get update && \
# apt-get install -y openssl git mariadb-client openssh-client libfreetype6 libpng16-16 libjpeg62-turbo gettext libmcrypt4 libxslt1.1 libicu57 && \
# apt-get install -y libfreetype6-dev libpng-dev libjpeg62-turbo-dev libxslt1-dev libicu-dev libzip-dev sudo zip unzip && \
# docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ && \
# docker-php-ext-install -j$(getconf _NPROCESSORS_ONLN) gd bcmath soap gettext mysqli pdo_mysql opcache xsl zip intl calendar && \
# apt-get remove -y libfreetype6-dev libpng-dev libjpeg62-turbo-dev libxslt1-dev libicu-dev && \
# rm -rf /var/lib/apt/lists/*
#
#RUN apt-get update && apt-get install -my wget gnupg && \
# curl -sL https://deb.nodesource.com/setup_12.x | bash - && \
# apt-get install -y nodejs build-essential libssl-dev && \
# npm install -g grunt-cli gulp-cli
#
#RUN a2enmod proxy proxy_http proxy_http2 proxy_fcgi rewrite http2 expires deflate alias headers negotiation
#
#COPY shared/apache-default-vhost.conf /etc/apache2/sites-enabled/000-default.conf
#
## Enable our own entrypoint which can be used to install/enable xdebug using env variables
#COPY shared/team23-docker-php-entrypoint.sh /usr/local/bin/
#ENTRYPOINT ["team23-docker-php-entrypoint.sh"]
## This has to be here again as ENTRYPOINT seems to reset CMD
#CMD ["apache2-foreground"]
#
## Finally switch to our standard workdir
#WORKDIR /app/web/
#
# Supported tags and respective Dockerfile links
* `7.3`: [Dockerfile](7.3/Dockerfile)
* `7.4`: [Dockerfile](7.4/Dockerfile)
# Quick reference
The images base on the official php(-fpm) images from docker. See [docker hub](https://hub.docker.com/_/php/)
for the official details. We use only the debian (stretch) versions.
The following changes were made:
* Increased many of the default limits (execution time, upload size, …)
* Enabled logging on stderr, so errors are visible in the docker logs
* Installed composer (from [composer:latest](https://hub.docker.com/_/composer/))
* Install common php extensions
* install command line utilities for image optimizing (jpegoptim, optipng, webp, gifsicle)
* changes php-fpm process manager to ondemand
See our [apache images](https://git.team23.de/docker/apache) ("php") for usage example.
# Sendmail
PHP's sendmail is configured to use ssmtp which is configured to send everything to mail:1025.
# Debugging using xdebug
xdebug in installed by default, but not enabled. A script `team23-docker-php-enable-xdebug.sh` is provided to
enable xdebug. Default config for xdebug is:
```ini
xdebug.remote_host=10.254.254.254
xdebug.remote_port=9000
xdebug.remote_enable=1
xdebug.remote_connect_back=0
xdebug.max_nesting_level=400
```
You may overwrite these settings using Environment variables (see below).
This allows for remote xdebug connections and will in the above configuration send xdebug packages to 10.254.254.254.
**!! IMPORTANT (REALLY) !!**
This IP needs to be added to your localhost interface, see https://gist.github.com/ralphschindler/535dc5916ccbd06f53c1b0ee5a868c93
for how to do that. Also make sure no firewall is blocking incoming connection on 10.254.254.254:9000.
Also FYI: using xdebug.remote_connect_back only works on GNU/Linux. The virtual machine and missing direct networking
makes this not usable with MacOS.
### Enable xdebug using environment variables
docker-compose.yml:
```yaml
version: "3.0"
services:
php:
image: docker.team23.de/docker/php-shopware:7.4
environment:
TEAM23_DOCKER_PHP_ENABLE_XDEBUG: 1
XDEBUG_REMOTE_ENABLE: 1
XDEBUG_REMOTE_CONNECT_BACK: 0
XDEBUG_REMOTE_PORT: 9000
XDEBUG_REMOTE_HOST: 10.254.254.254
XDEBUG_MAX_NESTING_LEVEL: 400
TEAM23_DOCKER_PHP_ENABLE_MSMTP: 1
MSMTP_PORT: 1025
MSMTP_HOST: mail
MSMTP_FROM: dev@team23.de
```
### Set umask for all commands run in the container
```yaml
version: "3.0"
services:
php:
image: docker.team23.de/docker/php-shopware:7.4
environment:
UMASK: 0002
Or just start the container using `docker … -e UMASK=0002 …` in your shell.
#!/bin/bash
VERSION="${1:-}"
ADDITIONAL="${2:-}"
if [ -z "$VERSION" ]
then
echo "Error: No version supplied"
echo "Usage: $0 <version> [additional]"
exit 1
fi
set -o errexit
set -o pipefail
if [ -z "$CI_REGISTRY" ]
then # outside gitlab ci runner
docker login docker.team23.de
BUILD_PROJECT_NAME=$( basename $( pwd ) )
BUILD_IMAGE_BASE="docker.team23.de/docker/$BUILD_PROJECT_NAME"
else # inside gitlab ci runner
docker login -u gitlab-ci-token -p "$CI_JOB_TOKEN" "$CI_REGISTRY"
BUILD_IMAGE_BASE="$CI_REGISTRY/$CI_PROJECT_PATH"
fi
SHARED_DIR="$VERSION/shared"
mkdir -p "${SHARED_DIR}"
# Copy shared files
cp -vrp shared/* "${SHARED_DIR}"
# Build Image
docker build --pull -t "$BUILD_IMAGE_BASE:$VERSION" "$VERSION"
# only CI should be allowed push images
[ -n "$CI_REGISTRY" ] && docker push "$BUILD_IMAGE_BASE:$VERSION"
if [ ! -z "$ADDITIONAL" ]
then
# Build additional image (usually latest)
docker build --pull -t "$BUILD_IMAGE_BASE:$ADDITIONAL" "$VERSION"
[ -n "$CI_REGISTRY" ] && docker push "$BUILD_IMAGE_BASE:$ADDITIONAL"
fi
# Remove shared files again
rm -rfv "${SHARED_DIR}"
[PHP]
max_execution_time = 3600
max_input_vars = 1500
upload_max_filesize = 512M
post_max_size=512M
always_populate_raw_post_data=-1
memory_limit=2G
; show errors in docker log
log_errors = On
error_log = /dev/stderr
[www]
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = ondemand
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 20
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 5
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 2
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 4
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
pm.process_idle_timeout = 3600s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 1000
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200