Merge pull request #8 from uasoft-indonesia/task/docker-file-config

Docker file config

Author: rizkiheryandi

.gitignore

@@ -14,7 +14,9 @@ yarn-error.log
 /.vscode
 storage/api-docs
 
-# JS third party & generated 
+/badaso
+
+# JS third party & generated
 /node_modules
 /public/js/*
 
@@ -24,4 +26,4 @@ storage/api-docs
 # Package manager history (you can delete it for your own project)
 yarn.lock
 package-lock.json
-composer.lock
+composer.lock

Dockerfile

@@ -0,0 +1,79 @@
+# reference from https://github.com/jabardigitalservice/docker-phpfpm-nginx
+FROM alpine:latest
+
+ADD https://packages.whatwedo.ch/php-alpine.rsa.pub /etc/apk/keys/php-alpine.rsa.pub
+RUN apk --update-cache add ca-certificates
+
+# Install packages
+RUN apk --no-cache add php8 php8-fpm php8-opcache php8-openssl php8-curl \
+    nginx supervisor curl php8-json php8-phar php8-iconv \
+    php8-exif php8-sodium php8-pdo php8-mbstring php8-dom \
+    php8-zip php8-mysqli php8-sqlite3 php8-session php8-bcmath \
+    php8-common php8-gd php8-intl php8-fileinfo php8-pdo_mysql \
+    php8-tokenizer php8-xml php8-xmlwriter php8-simplexml \
+    php8-ctype php8-xmlreader nodejs npm
+
+RUN ln -s /usr/bin/php8 /usr/bin/php
+
+# install composer
+RUN curl -s https://getcomposer.org/installer | php
+RUN mv composer.phar /usr/local/bin/composer
+
+# Configure nginx
+COPY docker/config/nginx.conf /etc/nginx/nginx.conf
+
+# Configure PHP
+RUN mkdir -p /run/php/
+RUN touch /run/php/php8.0-fpm.pid
+
+# Configure PHP-FPM
+COPY docker/config/fpm-pool.conf /etc/php8/php-fpm.d/www.conf
+COPY docker/config/php.ini /etc/php8/conf.d/custom.ini
+
+# Configure supervisord
+COPY docker/config/supervisord.conf /etc/supervisord.conf
+
+# Setup document root
+RUN mkdir -p /var/www/badaso
+
+# Add application
+WORKDIR /var/www/badaso
+COPY --chown=nobody . /var/www/badaso/
+# COPY .env.example .env
+
+RUN composer install --prefer-dist --no-ansi --no-interaction --no-progress --no-scripts
+
+RUN chmod -R 755 /var/www/badaso/storage
+RUN chmod -R 755 /var/www/badaso/public
+
+RUN composer dump-autoload
+
+RUN php artisan key:generate
+RUN php artisan config:clear
+RUN php artisan cache:clear
+RUN php artisan view:clear
+RUN php artisan route:clear
+RUN php artisan stroage:link
+RUN php artisan badaso:setup
+
+RUN npm install -g yarn
+RUN yarn && yarn prod
+
+RUN chown -R nobody.nobody /var/www/badaso && \
+    chown -R nobody.nobody /run && \
+    chown -R nobody.nobody /var/lib/nginx && \
+    chown -R nobody.nobody /var/log/nginx
+
+# Switch to use a non-root user from here on
+USER nobody
+# USER root
+
+# Expose the port nginx is reachable on
+EXPOSE 8080
+EXPOSE 443
+
+# Let supervisord start nginx & php-fpm
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
+
+# Configure a healthcheck to validate that everything is up&running
+HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping

docker-compose.yml docker-compose.dev.ymldocker-compose.yml renamed to docker-compose.dev.yml

@@ -0,0 +1,51 @@
+version: "3.7"
+
+services:
+  db:
+    container_name: badaso-db
+    image: mysql:8.0
+    command:
+      [
+        "--character-set-server=utf8mb4",
+        "--collation-server=utf8mb4_unicode_ci",
+        "--default-authentication-plugin=mysql_native_password",
+      ]
+    restart: always
+    volumes:
+      - ./badaso/:/var/lib/mysql
+    environment:
+      MYSQL_DATABASE: badaso
+      MYSQL_USER: sail
+      MYSQL_PASSWORD: password
+      MYSQL_ROOT_HOST: "%"
+      MYSQL_ROOT_PASSWORD: password
+    ports:
+      - 3300:3306
+  web:
+    container_name: badaso-app
+    build:
+      context: .
+      dockerfile: Dockerfile
+    volumes:
+      - /var/log/docker-data/badaso:/app/storage/logs
+    environment:
+      - DB_CONNECTION=mysql
+      - DB_HOST=db
+      - DB_PORT=3306
+      - DB_DATABASE=badaso
+      - DB_USERNAME=sail
+      - DB_PASSWORD=password
+    depends_on:
+      - db
+    ports:
+      - 8080:8080
+  # if your not use phpmyadmin in prodution comment this
+  phpmyadmin:
+    container_name: badaso-phpmyadmin
+    image: phpmyadmin/phpmyadmin:4.7
+    environment:
+      PMA_HOST: db
+    depends_on:
+      - db
+    ports:
+      - 8081:80

docker-compose.prod.yml

@@ -0,0 +1 @@
+This folder contain docker environtment config

docker/README.md

@@ -0,0 +1,56 @@
+[global]
+; Log to stderr
+error_log = /dev/stderr
+
+[www]
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php-fpm.sock
+
+; Enable status page
+pm.status_path = /fpm-status
+
+; Ondemand process manager
+pm = static
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 100
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+pm.max_requests = 1000
+
+; Make sure the FPM workers can reach the environment variables for configuration
+clear_env = no
+
+; Catch output from PHP
+catch_workers_output = yes
+
+; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message
+decorate_workers_output = no
+
+; Enable ping page to use in healthcheck
+ping.path = /fpm-ping

docker/config/fpm-pool.conf

@@ -0,0 +1,99 @@
+worker_processes 1;
+error_log stderr warn;
+pid /run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include mime.types;
+    default_type application/octet-stream;
+
+    # Define custom log format to include reponse times
+    log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
+                          '$status $body_bytes_sent "$http_referer" '
+                          '"$http_user_agent" "$http_x_forwarded_for" '
+                          '$request_time $upstream_response_time $pipe $upstream_cache_status';
+
+    access_log /dev/stdout main_timed;
+    error_log /dev/stderr notice;
+
+    keepalive_timeout 65;
+
+    server_tokens off;
+
+    # set client body size to 8M #
+    client_max_body_size 8M;
+
+    # Write temporary files to /tmp so they can be created as a non-privileged user
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path /tmp/proxy_temp_path;
+    fastcgi_temp_path /tmp/fastcgi_temp;
+    uwsgi_temp_path /tmp/uwsgi_temp;
+    scgi_temp_path /tmp/scgi_temp;
+
+    # Default server definition
+    server {
+        listen [::]:8080 default_server;
+        listen 8080 default_server;
+        server_name _;
+
+        sendfile off;
+
+        root /var/www/badaso/public;
+        index index.php index.html;
+
+        location / {
+            # First attempt to serve request as file, then
+            # as directory, then fall back to index.php
+            try_files $uri $uri/ /index.php?$query_string;
+        }
+
+        # Redirect server error pages to the static page /50x.html
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+            root /var/lib/nginx/html;
+        }
+
+        # Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000
+        location ~ \.php$ {
+            try_files $uri =404;
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            fastcgi_pass unix:/run/php-fpm.sock;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+            fastcgi_index index.php;
+            include fastcgi_params;
+        }
+
+        location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
+            expires 5d;
+        }
+
+        # Deny access to . files, for security
+        location ~ /\. {
+            log_not_found off;
+            deny all;
+        }
+
+        # Allow fpm ping and status from localhost
+        location ~ ^/(fpm-status|fpm-ping)$ {
+            access_log off;
+            allow 127.0.0.1;
+            deny all;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include fastcgi_params;
+            fastcgi_pass unix:/run/php-fpm.sock;
+        }
+    }
+
+    gzip on;
+    gzip_proxied any;
+    gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss;
+    gzip_vary on;
+    gzip_disable "msie6";
+
+    # Include other server configs
+    include /etc/nginx/conf.d/*.conf;
+}

docker/config/nginx.conf

@@ -0,0 +1,15 @@
+expose_php = Off
+
+[Date]
+date.timezone = "Asia/Jakarta"
+
+[www]
+user = nobody
+group = nobody
+
+memory_limit = -1
+; Maximum size of POST data that PHP will accept.
+post_max_size = 0
+; Maximum allowed size for uploaded files.
+upload_max_filesize = 5M
+max_input_vars = 10000

docker/config/php.ini

@@ -0,0 +1,23 @@
+[supervisord]
+nodaemon=true
+logfile=/dev/null
+logfile_maxbytes=0
+pidfile=/run/supervisord.pid
+
+[program:php-fpm]
+command=php-fpm8 -F
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autorestart=false
+startretries=0
+
+[program:nginx]
+command=nginx -g 'daemon off;'
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autorestart=false
+startretries=0