Update skib_application_dockerfile.txt

skib_application_dockerfile.txt

@@ -1,65 +1,78 @@
-FROM erseco/alpine-php-webserver:3.20.5
+FROM erseco/alpine-php-webserver:3.20.5
-
+
-ARG VERSION=
+ARG VERSION=
-ARG WEBDIR=/var/www/html
+ARG WEBDIR=/var/www/html
-
+
-LABEL version="${VERSION}" \
+LABEL version="${VERSION}" \
-    Maintainer="H2 invent GmbH" \
+    Maintainer="H2 invent GmbH" \
-    Description="Docker Image der Anwendung Unsere Schulkindbetreuung" \
+    Description="Docker Image der Anwendung Unsere Schulkindbetreuung" \
-    org.opencontainers.version="${VERSION}" \
+    org.opencontainers.version="${VERSION}" \
-    org.opencontainers.image.title="Unsere Schulkindbetreuung" \
+    org.opencontainers.image.title="Unsere Schulkindbetreuung" \
-    org.opencontainers.image.license="INTERNAL" \
+    org.opencontainers.image.license="INTERNAL" \
-    org.opencontainers.image.vendor="H2 invent GmbH" \
+    org.opencontainers.image.vendor="H2 invent GmbH" \
-    org.opencontainers.image.authors="Andreas Holzmann <support@h2-invent.com>" \
+    org.opencontainers.image.authors="Andreas Holzmann <support@h2-invent.com>" \
-    org.opencontainers.image.source="https://github.com/h2-invent/skb" \
+    org.opencontainers.image.source="https://github.com/h2-invent/skb" \
-    org.opencontainers.image.documentation="https://unsere-schulkindbetreuung.de" \
+    org.opencontainers.image.documentation="https://unsere-schulkindbetreuung.de" \
-    org.opencontainers.image.url="https://unsere-schulkindbetreuung.de"
+    org.opencontainers.image.url="https://unsere-schulkindbetreuung.de"
-
+
-USER root
+USER root
-RUN apk --no-cache add \
+RUN apk --no-cache add \
-    unzip \
+    unzip \
-    cronie \
+    php83-xmlwriter \
-    libcap
+    php83-xsl \
-
+    php83-pcntl \
-RUN mkdir /etc/service/crond \
+    php83-posix \
-    && echo "#!/bin/sh -e" > /etc/service/crond/run \
+    php83-sockets \
-    && echo "exec 2>&1 /usr/sbin/crond -f" >> /etc/service/crond/run \
+    && rm -rf /var/cache/apk/*
-    && chown -R nobody:nobody /etc/service/crond \
+
-    && chmod -R +x /etc/service/crond \
+RUN sed -i 's/^date.timezone=.*$/date.timezone="Europe\/Berlin"/' /etc/php83/conf.d/custom.ini
-    && chown nobody:nobody /usr/sbin/crond \
+RUN echo "Europe/Berlin" > /etc/timezone
-    && setcap cap_setgid=ep /usr/sbin/crond \
+
-    && setcap cap_setuid=ep /usr/sbin/crond
+RUN wget https://github.com/aptible/supercronic/releases/download/v0.2.33/supercronic-linux-amd64 -O /supercronic \
-
+    && chmod +x /supercronic
-RUN echo "# Docker Cron Jobs" > /etc/crontabs/nobody \
+
-    && echo "*/10 * * * * php ${WEBDIR}/bin/console app:stats > /dev/null > 2>&1" >> /etc/crontabs/nobody \
+RUN wget https://git.h2-invent.com/Public-System-Design/Public-Helperscripts/raw/branch/main/distributed_cron.sh -O /distributed_cron.sh \
-    && chown nobody:nobody /etc/crontabs/nobody \
+    && chmod +x /distributed_cron.sh
-    && chmod +x /etc/crontabs/nobody
+
-
+RUN mkdir /etc/service/cron \
-#RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/symfony.sh \
+    && echo "#!/bin/sh" > /etc/service/cron/run \
-#    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+    && echo "exec 2>&1 /supercronic /var/crontab" >> /etc/service/cron/run \
-#    && echo "php ${WEBDIR}/bin/console doc:mig:mig --no-interaction" >> /docker-entrypoint-init.d/symfony.sh \
+    && chown -R nobody:nobody /etc/service/cron \
-#    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+    && chmod -R +x /etc/service/cron
-#    && chmod +x /docker-entrypoint-init.d/*
+
-
+RUN echo "# Docker Cron Jobs" > /var/crontab \
-RUN --mount=type=secret,id=ARTIFACT_USER \
+    && echo "*/10 * * * * php ${WEBDIR}/bin/console app:stats" >> /var/crontab \
-    --mount=type=secret,id=ARTIFACT_SECRET \
+    && echo "" >> /var/crontab \
-    --mount=type=secret,id=ARTIFACT_URL \
+    && chown nobody:nobody /var/crontab
-    ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \
+
-    ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \
+#RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/symfony.sh \
-    ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \
+#    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
-    && wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \
+#    && echo "php ${WEBDIR}/bin/console doc:mig:mig --no-interaction" >> /docker-entrypoint-init.d/symfony.sh \
-    && unzip artifact.zip -d ${WEBDIR} \
+#    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
-    && chown -R nobody ${WEBDIR}/public \
+#    && chmod +x /docker-entrypoint-init.d/*
-    && chown -R nobody ${WEBDIR}/var \
+
-    && chmod -R 700 ${WEBDIR}/public \
+RUN --mount=type=secret,id=ARTIFACT_USER \
-    && chmod -R 700 ${WEBDIR}/var
+    --mount=type=secret,id=ARTIFACT_SECRET \
-
+    --mount=type=secret,id=ARTIFACT_URL \
-RUN apk del unzip \
+    ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \
-    && rm artifact.zip \
+    ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \
-    && rm -r ${WEBDIR}/var/cache \
+    ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \
-    && rm -rf /var/cache/apk/*
+    && wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \
-
+    && unzip artifact.zip -d ${WEBDIR} \
-USER nobody
+    && chown -R nobody ${WEBDIR}/public \
-
+    && chown -R nobody ${WEBDIR}/var \
-ENV nginx_root_directory=/var/www/html/public \
+    && chmod -R 700 ${WEBDIR}/public \
-    upload_max_filesize=10M
+    && chmod -R 700 ${WEBDIR}/var
+
+RUN apk del unzip \
+    && rm artifact.zip \
+    && rm -r ${WEBDIR}/var/cache \
+    && rm -rf /var/cache/apk/*
+
+USER nobody
+
+ENV nginx_root_directory=/var/www/html/public \
+    memory_limit=1024M \
+    post_max_size=20M \
+    upload_max_filesize=10M \
+    PHP_DATE_TIMEZONE="Europe/Berlin"