diff --git a/Dockerfile b/Dockerfile index 8d10b4aaed..42f3940486 100644 --- a/Dockerfile +++ b/Dockerfile @@ -38,7 +38,7 @@ RUN yarn config set network-timeout 300000 \ FROM --platform=$TARGETOS/$TARGETARCH composer AS composerbuild # Copy full code to optimize autoload -COPY --exclude=Caddyfile --exclude=docker/ . ./ +COPY --exclude=docker/ . ./ RUN composer dump-autoload --optimize @@ -50,7 +50,7 @@ FROM --platform=$TARGETOS/$TARGETARCH yarn AS yarnbuild WORKDIR /build # Copy full code -COPY --exclude=Caddyfile --exclude=docker/ . ./ +COPY --exclude=docker/ . ./ COPY --from=composer /build . RUN yarn run build @@ -62,38 +62,34 @@ FROM --platform=$TARGETOS/$TARGETARCH localhost:5000/base-php:$TARGETARCH AS fin WORKDIR /var/www/html -# Install additional required libraries RUN apk add --no-cache \ - caddy ca-certificates supervisor supercronic fcgi - -COPY --chown=root:www-data --chmod=640 --from=composerbuild /build . -COPY --chown=root:www-data --chmod=640 --from=yarnbuild /build/public ./public - -# Set permissions -# First ensure all files are owned by root and restrict www-data to read access -RUN chown root:www-data ./ \ - && chmod 750 ./ \ - # Files should not have execute set, but directories need it - && find ./ -type d -exec chmod 750 {} \; \ - # Create necessary directories - && mkdir -p /pelican-data/storage /pelican-data/plugins /var/www/html/storage/app/public /var/run/supervisord /etc/supercronic \ - # Symlinks for env, database, storage, and plugins - && ln -s /pelican-data/.env ./.env \ - && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \ - && ln -sf /var/www/html/storage/app/public /var/www/html/public/storage \ - && ln -s /pelican-data/storage/avatars /var/www/html/storage/app/public/avatars \ - && ln -s /pelican-data/storage/fonts /var/www/html/storage/app/public/fonts \ - && ln -s /pelican-data/plugins /var/www/html/plugins \ - # Allow www-data write permissions where necessary - && chown -R www-data:www-data /pelican-data ./storage ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \ - && chmod -R u+rwX,g+rwX,o-rwx /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \ - && chown -R www-data: /usr/local/etc/php/ + # packages for running the panel + caddy ca-certificates supervisor supercronic fcgi \ + # required for installing plugins. Pulled from https://github.com/pelican-dev/panel/pull/2034 + zip unzip 7zip bzip2-dev yarn git + +COPY --chown=root:www-data --chmod=770 --from=composerbuild /build . +COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public + +# Create and remove directories +RUN mkdir -p /pelican-data/storage /pelican-data/plugins /var/run/supervisord \ + && rm -rf /var/www/html/plugins \ +# Symlinks for env, database, storage, and plugins + && ln -s /pelican-data/.env /var/www/html/.env \ + && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \ + && ln -s /pelican-data/storage /var/www/html/public/storage \ + && ln -s /pelican-data/storage /var/www/html/storage/app/public \ + && ln -s /pelican-data/plugins /var/www/html \ +# Allow www-data write permissions where necessary + && chown -R www-data: /pelican-data .env ./storage ./plugins ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \ + && chmod -R 770 /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \ + && chown -R www-data: /usr/local/etc/php/ /usr/local/etc/php-fpm.d/ # Configure Supervisor COPY docker/supervisord.conf /etc/supervisord.conf COPY docker/Caddyfile /etc/caddy/Caddyfile # Add Laravel scheduler to crontab -COPY docker/crontab /etc/supercronic/crontab +COPY docker/crontab /etc/crontabs/crontab COPY docker/entrypoint.sh /entrypoint.sh COPY docker/healthcheck.sh /healthcheck.sh diff --git a/Dockerfile.base b/Dockerfile.base index 42b6923cfb..f01323ebca 100644 --- a/Dockerfile.base +++ b/Dockerfile.base @@ -5,6 +5,6 @@ FROM --platform=$TARGETOS/$TARGETARCH php:8.4-fpm-alpine ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/ -RUN install-php-extensions bcmath gd intl zip opcache pcntl posix pdo_mysql pdo_pgsql +RUN install-php-extensions bcmath gd intl zip pcntl pdo_mysql pdo_pgsql bz2 RUN rm /usr/local/bin/install-php-extensions diff --git a/Dockerfile.dev b/Dockerfile.dev index 008e55d6e8..158927f3c2 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -5,7 +5,7 @@ FROM --platform=$TARGETOS/$TARGETARCH php:8.4-fpm-alpine AS base ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/ -RUN install-php-extensions bcmath gd intl zip opcache pcntl posix pdo_mysql pdo_pgsql +RUN install-php-extensions bcmath gd intl zip pcntl pdo_mysql pdo_pgsql bz2 RUN rm /usr/local/bin/install-php-extensions @@ -42,7 +42,7 @@ RUN yarn config set network-timeout 300000 \ FROM --platform=$TARGETOS/$TARGETARCH composer AS composerbuild # Copy full code to optimize autoload -COPY --exclude=Caddyfile --exclude=docker/ . ./ +COPY --exclude=docker/ . ./ RUN composer dump-autoload --optimize @@ -54,7 +54,7 @@ FROM --platform=$TARGETOS/$TARGETARCH yarn AS yarnbuild WORKDIR /build # Copy full code -COPY --exclude=Caddyfile --exclude=docker/ . ./ +COPY --exclude=docker/ . ./ COPY --from=composer /build . RUN yarn run build @@ -68,36 +68,33 @@ WORKDIR /var/www/html # Install additional required libraries RUN apk add --no-cache \ - caddy ca-certificates supervisor supercronic fcgi coreutils - -COPY --chown=root:www-data --chmod=640 --from=composerbuild /build . -COPY --chown=root:www-data --chmod=640 --from=yarnbuild /build/public ./public - -# Set permissions -# First ensure all files are owned by root and restrict www-data to read access -RUN chown root:www-data ./ \ - && chmod 750 ./ \ - # Files should not have execute set, but directories need it - && find ./ -type d -exec chmod 750 {} \; \ - # Create necessary directories - && mkdir -p /pelican-data/storage /pelican-data/plugins /var/www/html/storage/app/public /var/run/supervisord /etc/supercronic \ - # Symlinks for env, database, storage, and plugins - && ln -s /pelican-data/.env ./.env \ - && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \ - && ln -sf /var/www/html/storage/app/public /var/www/html/public/storage \ - && ln -s /pelican-data/storage/avatars /var/www/html/storage/app/public/avatars \ - && ln -s /pelican-data/storage/fonts /var/www/html/storage/app/public/fonts \ - && ln -s /pelican-data/plugins /var/www/html/plugins \ - # Allow www-data write permissions where necessary - && chown -R www-data:www-data /pelican-data ./storage ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \ - && chmod -R u+rwX,g+rwX,o-rwx /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \ - && chown -R www-data: /usr/local/etc/php/ + # packages for running the panel + caddy ca-certificates supervisor supercronic fcgi coreutils \ + # required for installing plugins. Pulled from https://github.com/pelican-dev/panel/pull/2034 + zip unzip 7zip bzip2-dev yarn git + +COPY --chown=root:www-data --chmod=770 --from=composerbuild /build . +COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public + +# Create and remove directories +RUN mkdir -p /pelican-data/storage /pelican-data/plugins /var/run/supervisord \ + && rm -rf /var/www/html/plugins \ +# Symlinks for env, database, storage, and plugins + && ln -s /pelican-data/.env /var/www/html/.env \ + && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \ + && ln -s /pelican-data/storage /var/www/html/public/storage \ + && ln -s /pelican-data/storage /var/www/html/storage/app/public \ + && ln -s /pelican-data/plugins /var/www/html \ +# Allow www-data write permissions where necessary + && chown -R www-data: /pelican-data .env ./storage ./plugins ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \ + && chmod -R 770 /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \ + && chown -R www-data: /usr/local/etc/php/ /usr/local/etc/php-fpm.d/ # Configure Supervisor COPY docker/supervisord.conf /etc/supervisord.conf COPY docker/Caddyfile /etc/caddy/Caddyfile # Add Laravel scheduler to crontab -COPY docker/crontab /etc/supercronic/crontab +COPY docker/crontab /etc/crontabs/crontab COPY docker/entrypoint.sh /entrypoint.sh COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 1d53caa0c9..0611978bdf 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -2,8 +2,8 @@ # check for .env file or symlink and generate app keys if missing if [ -f /var/www/html/.env ]; then echo "external vars exist." - # load env vars from .env - export $(grep -v '^#' .env | xargs) + # load specific env vars from .env used in the entrypoint and they are not already set + for VAR in "APP_KEY" "APP_INSTALLED" "DB_CONNECTION" "DB_HOST" "DB_PORT"; do if ! (printenv | grep -q ${VAR}); then export $(grep ${VAR} .env | grep -ve "^#"); fi; done else echo "external vars don't exist." # webroot .env is symlinked to this path @@ -25,7 +25,7 @@ else fi # create directories for volumes -mkdir -p /pelican-data/database /pelican-data/storage/avatars /pelican-data/storage/fonts /var/www/html/storage/logs/supervisord 2>/dev/null +mkdir -p /pelican-data/database /pelican-data/storage/avatars /pelican-data/storage/fonts /pelican-data/storage/icons /var/www/html/storage/logs/supervisord 2>/dev/null # if the app is installed then we need to run migrations on start. New installs will run migrations when you run the installer. if [ "${APP_INSTALLED}" == "true" ]; then diff --git a/docker/supervisord.conf b/docker/supervisord.conf index 793bb564c9..870814f485 100644 --- a/docker/supervisord.conf +++ b/docker/supervisord.conf @@ -41,7 +41,7 @@ stdout_logfile_maxbytes=0 redirect_stderr=true [program:supercronic] -command=supercronic -overlapping /etc/supercronic/crontab +command=supercronic -overlapping /etc/crontabs/crontab autostart=true autorestart=true redirect_stderr=true