Merge pull request #1 from GaetanOff/main

d9beuD · web-flow · commit 32350eb5830d · 2024-10-29T11:31:46.000+01:00
Optimize Docker Configuration for Improved Performance and Security
diff --git a/Dockerfile b/Dockerfile
@@ -1,12 +1,14 @@
 FROM php:8.3.11-apache
 
 WORKDIR /var/www
-ENV DEBIAN_FRONTEND noninteractive
-ENV WWW_ROOT="/var/www"
+ENV DEBIAN_FRONTEND=noninteractive
 
-# Install dependencies
-RUN apt-get clean && apt-get update -y --allow-insecure-repositories
-RUN apt-get install -y \
+ARG WWW_ROOT="/var/www"
+ENV WWW_ROOT=$WWW_ROOT
+
+# Updating packages and installing dependencies in a single layer with cache cleaning
+RUN apt-get update -y --allow-insecure-repositories && \
+    apt-get install -y --no-install-recommends \
     git \
     libfreetype6-dev \
     libicu-dev \
@@ -17,11 +19,12 @@ RUN apt-get install -y \
     rsync \
     unzip \
     sudo \
-    zip
+    zip && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
 
-# Install PHP extensions
-RUN docker-php-ext-configure gd --with-freetype --with-jpeg
-RUN docker-php-ext-install -j$(nproc) \
+# Installing PHP extensions with cache cleaning
+RUN docker-php-ext-configure gd --with-freetype --with-jpeg && \
+    docker-php-ext-install -j$(nproc) \
     gd \
     intl \
     mbstring \
@@ -31,18 +34,16 @@ RUN docker-php-ext-install -j$(nproc) \
 
 RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
 
-# Install Symfony CLI
-RUN curl -1sLf 'https://dl.cloudsmith.io/public/symfony/stable/setup.deb.sh' | sudo -E bash
-RUN apt-get install symfony-cli
-RUN symfony server:ca:install
+# Installation of Symfony CLI with cache cleaning
+RUN curl -1sLf 'https://dl.cloudsmith.io/public/symfony/stable/setup.deb.sh' | sudo -E bash && \
+    apt-get install -y symfony-cli && \
+    symfony server:ca:install && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
 
 # Configure Apache
 ADD docker/apache/entrypoint.sh /entrypoint.sh
-RUN chmod a+x /entrypoint.sh
-
-RUN a2enmod rewrite
-RUN a2enmod remoteip
-RUN a2enmod ssl
+RUN chmod a+x /entrypoint.sh && \
+    a2enmod rewrite remoteip ssl
 
 CMD ["/entrypoint.sh"]
 
diff --git a/Makefile b/Makefile
@@ -20,7 +20,8 @@ init-symfony:
 
 init: build up init-symfony
 
-rm:
+# Command to remove Symfony project files only
+rm-symfony:
 	docker compose exec apache sh -c \
 	"rm -rf \
 	./assets \
@@ -42,3 +43,11 @@ rm:
 	./.env.test \
 	./.gitignore \
 	./importmap.php"
+
+# Command to remove Docker containers and volumes
+rm-containers:
+	docker compose down -v
+
+# Command to prune unused Docker data
+prune:
+	docker system prune -f --volumes
diff --git a/compose.yaml b/compose.yaml
@@ -1,35 +1,45 @@
 name: project-name
 
 services:
-###> doctrine/doctrine-bundle ###
+  ###> doctrine/doctrine-bundle ###
   database:
     image: bitnami/mariadb:10.6.19
+    container_name: project-database
     environment:
-      - ALLOW_EMPTY_PASSWORD=yes
-      - MARIADB_USER=app
-      - MARIADB_DATABASE=app
+      - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD:-root_password}
+      - MARIADB_USER=${MARIADB_USER:-app}
+      - MARIADB_PASSWORD=${MARIADB_PASSWORD:-app_password}
+      - MARIADB_DATABASE=${MARIADB_DATABASE:-app}
     volumes:
-      - ./docker/database:/bitnami/mariadb:rw
+      - database_data:/bitnami/mariadb
+    networks:
+      - project_network
     ports:
       - 3306:3306
-###< doctrine/doctrine-bundle ###
+    restart: unless-stopped
+  ###< doctrine/doctrine-bundle ###
 
   phpmyadmin:
-    image: phpmyadmin:latest
+    image: phpmyadmin:5.2.1
+    container_name: project-phpmyadmin
     ports:
       - 8080:80
     environment:
       - PMA_ARBITRARY=1
       - PMA_HOST=database
-      - PMA_USER=app
-      - PMA_PASSWORD=
+      - PMA_USER=${MARIADB_USER:-app}
+      - PMA_PASSWORD=${MARIADB_PASSWORD:-app_password}
     depends_on:
       - database
+    networks:
+      - project_network
+    restart: unless-stopped
 
   apache:
     build:
       context: .
       dockerfile: ./Dockerfile
+    container_name: project-apache
     volumes:
       - .:/var/www/
       - ./docker/apache/apache.conf:/etc/apache2/sites-enabled/000-default.conf
@@ -38,4 +48,15 @@ services:
     ports:
       - 8000:80
     depends_on:
-      - database
+      - database
+    networks:
+      - project_network
+    restart: unless-stopped
+
+networks:
+  project_network:
+    driver: bridge
+
+volumes:
+  database_data:
+    driver: local
diff --git a/docker/apache/entrypoint.sh b/docker/apache/entrypoint.sh
@@ -2,11 +2,13 @@
 
 OWNER_UID="$(stat -c %u ${WWW_ROOT})"
 OWNER_GID="$(stat -c %g ${WWW_ROOT})"
+
 if [[ "$OWNER_UID" != "0" ]]; then
-    usermod -o --uid ${OWNER_UID} www-data
+    usermod -o --uid ${OWNER_UID} www-data || echo "Warning: Failed to set UID for www-data"
 fi
 if [[ "$OWNER_GID" != "0" ]]; then
-    groupmod -o --gid ${OWNER_GID} www-data
+    groupmod -o --gid ${OWNER_GID} www-data || echo "Warning: Failed to set GID for www-data"
 fi
 
-apache2-foreground
+echo "Starting Apache as www-data (UID: ${OWNER_UID}, GID: ${OWNER_GID})"
+exec apache2-foreground
