diff --git a/skib_application_dockerfile.txt b/skib_application_dockerfile.txt index 597a2f5..c554976 100644 --- a/skib_application_dockerfile.txt +++ b/skib_application_dockerfile.txt @@ -1,65 +1,78 @@ -FROM erseco/alpine-php-webserver:3.20.5 - -ARG VERSION= -ARG WEBDIR=/var/www/html - -LABEL version="${VERSION}" \ - Maintainer="H2 invent GmbH" \ - Description="Docker Image der Anwendung Unsere Schulkindbetreuung" \ - org.opencontainers.version="${VERSION}" \ - org.opencontainers.image.title="Unsere Schulkindbetreuung" \ - org.opencontainers.image.license="INTERNAL" \ - org.opencontainers.image.vendor="H2 invent GmbH" \ - org.opencontainers.image.authors="Andreas Holzmann " \ - org.opencontainers.image.source="https://github.com/h2-invent/skb" \ - org.opencontainers.image.documentation="https://unsere-schulkindbetreuung.de" \ - org.opencontainers.image.url="https://unsere-schulkindbetreuung.de" - -USER root -RUN apk --no-cache add \ - unzip \ - cronie \ - libcap - -RUN mkdir /etc/service/crond \ - && echo "#!/bin/sh -e" > /etc/service/crond/run \ - && echo "exec 2>&1 /usr/sbin/crond -f" >> /etc/service/crond/run \ - && chown -R nobody:nobody /etc/service/crond \ - && chmod -R +x /etc/service/crond \ - && chown nobody:nobody /usr/sbin/crond \ - && setcap cap_setgid=ep /usr/sbin/crond \ - && setcap cap_setuid=ep /usr/sbin/crond - -RUN echo "# Docker Cron Jobs" > /etc/crontabs/nobody \ - && echo "*/10 * * * * php ${WEBDIR}/bin/console app:stats > /dev/null > 2>&1" >> /etc/crontabs/nobody \ - && chown nobody:nobody /etc/crontabs/nobody \ - && chmod +x /etc/crontabs/nobody - -#RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/symfony.sh \ -# && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \ -# && echo "php ${WEBDIR}/bin/console doc:mig:mig --no-interaction" >> /docker-entrypoint-init.d/symfony.sh \ -# && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \ -# && chmod +x /docker-entrypoint-init.d/* - -RUN --mount=type=secret,id=ARTIFACT_USER \ - --mount=type=secret,id=ARTIFACT_SECRET \ - --mount=type=secret,id=ARTIFACT_URL \ - ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \ - ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \ - ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \ - && wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \ - && unzip artifact.zip -d ${WEBDIR} \ - && chown -R nobody ${WEBDIR}/public \ - && chown -R nobody ${WEBDIR}/var \ - && chmod -R 700 ${WEBDIR}/public \ - && chmod -R 700 ${WEBDIR}/var - -RUN apk del unzip \ - && rm artifact.zip \ - && rm -r ${WEBDIR}/var/cache \ - && rm -rf /var/cache/apk/* - -USER nobody - -ENV nginx_root_directory=/var/www/html/public \ - upload_max_filesize=10M \ No newline at end of file +FROM erseco/alpine-php-webserver:3.20.5 + +ARG VERSION= +ARG WEBDIR=/var/www/html + +LABEL version="${VERSION}" \ + Maintainer="H2 invent GmbH" \ + Description="Docker Image der Anwendung Unsere Schulkindbetreuung" \ + org.opencontainers.version="${VERSION}" \ + org.opencontainers.image.title="Unsere Schulkindbetreuung" \ + org.opencontainers.image.license="INTERNAL" \ + org.opencontainers.image.vendor="H2 invent GmbH" \ + org.opencontainers.image.authors="Andreas Holzmann " \ + org.opencontainers.image.source="https://github.com/h2-invent/skb" \ + org.opencontainers.image.documentation="https://unsere-schulkindbetreuung.de" \ + org.opencontainers.image.url="https://unsere-schulkindbetreuung.de" + +USER root +RUN apk --no-cache add \ + unzip \ + php83-xmlwriter \ + php83-xsl \ + php83-pcntl \ + php83-posix \ + php83-sockets \ + && rm -rf /var/cache/apk/* + +RUN sed -i 's/^date.timezone=.*$/date.timezone="Europe\/Berlin"/' /etc/php83/conf.d/custom.ini +RUN echo "Europe/Berlin" > /etc/timezone + +RUN wget https://github.com/aptible/supercronic/releases/download/v0.2.33/supercronic-linux-amd64 -O /supercronic \ + && chmod +x /supercronic + +RUN wget https://git.h2-invent.com/Public-System-Design/Public-Helperscripts/raw/branch/main/distributed_cron.sh -O /distributed_cron.sh \ + && chmod +x /distributed_cron.sh + +RUN mkdir /etc/service/cron \ + && echo "#!/bin/sh" > /etc/service/cron/run \ + && echo "exec 2>&1 /supercronic /var/crontab" >> /etc/service/cron/run \ + && chown -R nobody:nobody /etc/service/cron \ + && chmod -R +x /etc/service/cron + +RUN echo "# Docker Cron Jobs" > /var/crontab \ + && echo "*/10 * * * * php ${WEBDIR}/bin/console app:stats" >> /var/crontab \ + && echo "" >> /var/crontab \ + && chown nobody:nobody /var/crontab + +#RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/symfony.sh \ +# && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \ +# && echo "php ${WEBDIR}/bin/console doc:mig:mig --no-interaction" >> /docker-entrypoint-init.d/symfony.sh \ +# && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \ +# && chmod +x /docker-entrypoint-init.d/* + +RUN --mount=type=secret,id=ARTIFACT_USER \ + --mount=type=secret,id=ARTIFACT_SECRET \ + --mount=type=secret,id=ARTIFACT_URL \ + ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \ + ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \ + ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \ + && wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \ + && unzip artifact.zip -d ${WEBDIR} \ + && chown -R nobody ${WEBDIR}/public \ + && chown -R nobody ${WEBDIR}/var \ + && chmod -R 700 ${WEBDIR}/public \ + && chmod -R 700 ${WEBDIR}/var + +RUN apk del unzip \ + && rm artifact.zip \ + && rm -r ${WEBDIR}/var/cache \ + && rm -rf /var/cache/apk/* + +USER nobody + +ENV nginx_root_directory=/var/www/html/public \ + memory_limit=1024M \ + post_max_size=20M \ + upload_max_filesize=10M \ + PHP_DATE_TIMEZONE="Europe/Berlin" \ No newline at end of file