diff --git a/CHANGELOG.md b/CHANGELOG.md index c8fdffa53..95aed7843 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ All notable changes to this project will be documented in this file. This project adheres to [WebDevOps.io Dockerfile](https://github.com/webdevops/Dockerfile). +## [0.22.0] - 2016-04-03 +### Changed +- Introduced base-app for application images +- Added alpine-3 images +- Added sphinx image + ## [0.21.6] - 2016-03-25 ### Changed - Refactored directory layout (container -> docker/, .bin -> bin, testsuite -> test/ diff --git a/FIXME.md b/FIXME.md index 3d71229d8..206fe834a 100644 --- a/FIXME.md +++ b/FIXME.md @@ -20,3 +20,6 @@ Mostly upstream issues (eg. missing or broken packages) ## Debian 9 (PHP 7) - Missing memcached + +## Alpine 3 (PHP5) +- Missing mhash diff --git a/Makefile b/Makefile index f66fb1b49..31ca227c8 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ list: all: bootstrap base web php hhvm service misc applications bootstrap: webdevops/bootstrap webdevops/ansible -base: webdevops/base webdevops/storage +base: webdevops/base webdevops/base-app webdevops/storage service: webdevops/ssh webdevops/vsftp webdevops/postfix php: webdevops/php webdevops/php-apache webdevops/php-nginx @@ -21,7 +21,7 @@ web: webdevops/apache webdevops/nginx applications: webdevops/typo3 webdevops/piwik -misc: webdevops/mail-sandbox +misc: webdevops/mail-sandbox webdevops/sphinx test: cd "test/" && make all @@ -44,6 +44,7 @@ dist-update: docker pull debian:7 docker pull debian:8 docker pull debian:stretch + docker pull alpine:3.3 rebuild: # Rebuild all containers but use caching for duplicates @@ -73,6 +74,9 @@ webdevops/ansible: webdevops/base: bash bin/build.sh base "${DOCKER_REPOSITORY}/base" "${DOCKER_TAG_LATEST}" +webdevops/base-app: + bash bin/build.sh base-app "${DOCKER_REPOSITORY}/base-app" "${DOCKER_TAG_LATEST}" + webdevops/php: bash bin/build.sh php "${DOCKER_REPOSITORY}/php" "${DOCKER_TAG_LATEST}" @@ -120,3 +124,6 @@ webdevops/piwik: webdevops/samson-deployment: bash bin/build.sh samson-deployment "${DOCKER_REPOSITORY}/samson-deployment" "${DOCKER_TAG_LATEST}" + +webdevops/sphinx: + bash bin/build.sh sphinx "${DOCKER_REPOSITORY}/sphinx" "${DOCKER_TAG_LATEST}" diff --git a/bin/provision.sh b/bin/provision.sh index 4e0190483..6e9787716 100755 --- a/bin/provision.sh +++ b/bin/provision.sh @@ -215,6 +215,14 @@ function header() { clearConfiguration base '*' deployConfiguration base/general base '*' deployConfiguration base/centos base 'centos-*' + deployConfiguration base/alpine base 'alpine-*' +} + +## Build base-app +[[ $(checkBuildTarget base-app) ]] && { + header "base-app" + clearConfiguration base-app '*' + deployConfiguration base-app/general base-app '*' } ## Build apache @@ -223,6 +231,7 @@ function header() { clearConfiguration apache '*' deployConfiguration apache/general apache '*' deployConfiguration apache/centos apache 'centos-*' + deployConfiguration apache/alpine apache 'alpine-*' } ## Build nginx @@ -231,6 +240,7 @@ function header() { clearConfiguration nginx '*' deployConfiguration nginx/general nginx '*' deployConfiguration nginx/centos nginx 'centos-*' + deployConfiguration nginx/alpine nginx 'alpine-*' } ## Build hhvm @@ -263,6 +273,7 @@ function header() { clearConfiguration php '*' deployConfiguration php/general php '*' deployConfiguration php/ubuntu-12.04 php 'ubuntu-12.04' + deployConfiguration php/alpine php 'alpine-*' # deploy php7 configuration to *-php7 containers clearConfiguration php 'debian-*-php7' @@ -275,6 +286,7 @@ function header() { clearConfiguration php-apache '*' deployConfiguration apache/general php-apache '*' deployConfiguration apache/centos php-apache 'centos-*' + deployConfiguration apache/alpine php-apache 'alpine-*' deployConfiguration php-apache/general php-apache '*' } @@ -284,6 +296,7 @@ function header() { clearConfiguration php-nginx '*' deployConfiguration nginx/general php-nginx '*' deployConfiguration nginx/centos php-nginx 'centos-*' + deployConfiguration nginx/alpine php-nginx 'alpine-*' deployConfiguration php-nginx/general php-nginx '*' } diff --git a/docker/ansible/alpine-3/Dockerfile b/docker/ansible/alpine-3/Dockerfile new file mode 100644 index 000000000..8c275a5d1 --- /dev/null +++ b/docker/ansible/alpine-3/Dockerfile @@ -0,0 +1,9 @@ +#++++++++++++++++++++++++++++++++++++++ +# Alpine 3 Ansible Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/bootstrap:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.22.0 diff --git a/docker/ansible/centos-7/Dockerfile b/docker/ansible/centos-7/Dockerfile index a08f6c817..a45e5c861 100644 --- a/docker/ansible/centos-7/Dockerfile +++ b/docker/ansible/centos-7/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:centos-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/debian-7/Dockerfile b/docker/ansible/debian-7/Dockerfile index 9f9f61ab6..d9aedf2f4 100644 --- a/docker/ansible/debian-7/Dockerfile +++ b/docker/ansible/debian-7/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:debian-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/debian-8/Dockerfile b/docker/ansible/debian-8/Dockerfile index ac47a5f15..2dee18314 100644 --- a/docker/ansible/debian-8/Dockerfile +++ b/docker/ansible/debian-8/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/debian-9/Dockerfile b/docker/ansible/debian-9/Dockerfile index 04cf687b7..d393eedae 100644 --- a/docker/ansible/debian-9/Dockerfile +++ b/docker/ansible/debian-9/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/ubuntu-12.04/Dockerfile b/docker/ansible/ubuntu-12.04/Dockerfile index e7efd255f..38f1d9b89 100644 --- a/docker/ansible/ubuntu-12.04/Dockerfile +++ b/docker/ansible/ubuntu-12.04/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:ubuntu-12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/ubuntu-14.04/Dockerfile b/docker/ansible/ubuntu-14.04/Dockerfile index cc2c371cb..d07fda24c 100644 --- a/docker/ansible/ubuntu-14.04/Dockerfile +++ b/docker/ansible/ubuntu-14.04/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/ubuntu-15.04/Dockerfile b/docker/ansible/ubuntu-15.04/Dockerfile index 43cefb34b..894871344 100644 --- a/docker/ansible/ubuntu-15.04/Dockerfile +++ b/docker/ansible/ubuntu-15.04/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:ubuntu-15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/ubuntu-15.10/Dockerfile b/docker/ansible/ubuntu-15.10/Dockerfile index b197bb281..ac42924d5 100644 --- a/docker/ansible/ubuntu-15.10/Dockerfile +++ b/docker/ansible/ubuntu-15.10/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:ubuntu-15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/ansible/ubuntu-16.04/Dockerfile b/docker/ansible/ubuntu-16.04/Dockerfile index 0b1219f39..ae799f479 100644 --- a/docker/ansible/ubuntu-16.04/Dockerfile +++ b/docker/ansible/ubuntu-16.04/Dockerfile @@ -5,5 +5,5 @@ FROM webdevops/bootstrap:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 diff --git a/docker/apache/alpine-3/Dockerfile b/docker/apache/alpine-3/Dockerfile new file mode 100644 index 000000000..55d5d516b --- /dev/null +++ b/docker/apache/alpine-3/Dockerfile @@ -0,0 +1,34 @@ +#++++++++++++++++++++++++++++++++++++++ +# Alpine 3 Apache Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV WEB_DOCUMENT_ROOT /app +ENV WEB_DOCUMENT_INDEX index.php +ENV WEB_ALIAS_DOMAIN *.vm + +# Install apache +RUN /usr/local/bin/apk-install \ + apache2 \ + apache2-utils \ + apache2-proxy \ + apache2-ssl \ + && sed -ri ' \ + s!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g; \ + s!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g; \ + ' /etc/apache2/httpd.conf + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-apache \ + && bash /opt/docker/bin/bootstrap.sh + +EXPOSE 80 443 + +CMD ["supervisord"] + diff --git a/docker/apache/alpine-3/conf/bin/service.d/httpd.sh b/docker/apache/alpine-3/conf/bin/service.d/httpd.sh new file mode 100644 index 000000000..33f6f6ca2 --- /dev/null +++ b/docker/apache/alpine-3/conf/bin/service.d/httpd.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +set -e + +if [[ ! -e "$WEB_DOCUMENT_ROOT" ]]; then + echo "" + echo "[WARNING] WEB_DOCUMENT_ROOT does not exists with path \"$WEB_DOCUMENT_ROOT\"!" + echo "" +fi + +# Apache gets grumpy about PID files pre-existing +rm -f /var/run/httpd/httpd.pid + +rpl --quiet "" "$WEB_DOCUMENT_INDEX" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$WEB_DOCUMENT_ROOT" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$WEB_ALIAS_DOMAIN" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$HOSTNAME" /opt/docker/etc/httpd/*.conf + +exec /usr/sbin/apachectl -DFOREGROUND diff --git a/docker/apache/alpine-3/conf/etc/httpd/global.conf b/docker/apache/alpine-3/conf/etc/httpd/global.conf new file mode 100644 index 000000000..080fe7816 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/global.conf @@ -0,0 +1,39 @@ +# Settings +TimeOut 1000 +ServerName "" + +DirectoryIndex +DocumentRoot "" + +"> + Options Indexes FollowSymLinks + AllowOverride All + + + Allow from all + + = 2.4> + Require all granted + + + + +LogFormat "[httpd:access] %V:%p %h %l %u %t \"%r\" %>s bytesIn:%I bytesOut:%O reqTime:%T" dockerlog +CustomLog /proc/self/fd/1 dockerlog +ErrorLog /proc/self/fd/2 + +####################################### +# Faster error documents +####################################### + + ErrorDocument 400 "400 Bad Request" + ErrorDocument 401 "401 Unauthorized" + ErrorDocument 403 "403 Forbidden" + ErrorDocument 404 "404 Not Found" + ErrorDocument 405 "405 Method Not Allowed" + + ErrorDocument 500 "500 Internal Server Error" + ErrorDocument 501 "501 Not Implemented" + ErrorDocument 502 "502 Bad Gateway" + ErrorDocument 503 "503 Service Unavailable" + diff --git a/docker/apache/alpine-3/conf/etc/httpd/main.conf b/docker/apache/alpine-3/conf/etc/httpd/main.conf new file mode 100644 index 000000000..5575b94e2 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/main.conf @@ -0,0 +1,3 @@ +Include /opt/docker/etc/httpd/global.conf +Include /opt/docker/etc/httpd/php.conf +Include /opt/docker/etc/httpd/vhost.conf diff --git a/docker/apache/alpine-3/conf/etc/httpd/php.conf b/docker/apache/alpine-3/conf/etc/httpd/php.conf new file mode 100644 index 000000000..bd4ff3971 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/php.conf @@ -0,0 +1,8 @@ + + + ProxySet connectiontimeout=5 timeout=600 + + + + SetHandler "proxy:fcgi://127.0.0.1:9000" + diff --git a/docker/apache/alpine-3/conf/etc/httpd/ssl/server.crt b/docker/apache/alpine-3/conf/etc/httpd/ssl/server.crt new file mode 100644 index 000000000..6b0694907 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/ssl/server.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIE1DCCArwCCQDMMwGnSuK0tTANBgkqhkiG9w0BAQsFADAsMRswGQYDVQQKExJE +b2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wHhcNMTUwNTA0MTcxNDQw +WhcNMjUwNTAxMTcxNDQwWjAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUx +DTALBgNVBAMUBCoudm0wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDK +3TIUiyDvXelWeY9VXMrpjuZtYpVSDsACLpjFUhMnsP5/iKT0VbeZyqHvmwZjAg4G +Y10d+yZDdgv/xeu0HPOFbtR6pCp10d1tdLHZto5Cyuxu7IQsAVjnD6Ko7XFwtNk7 +9o6JZfAFaGL4w5MokrVmCtspnsMZH7/7zU4f96cbF39zLopnpuXGD6t6DA8Qj3gy +0duaTjs42bYRN+rwLzVKAev99iQ4kPMJn4vV6/Xk6rtoSzC67GQyVZYaFypicD1S +NtsRmgEVvjCBDbrLOneUiRwff6qxEsZi7Hxv7BKFj4iUWnII7K/nP7T6uBHQjHO+ +FpsGkU9lCMrCeVFBe8kKz/cbhd+yLUxXwAPr6gSOPmwn232Gy4tozvqZHpbUxsgx +7sT3ej9K66h1D7J+BjNFWYM1hbnC1r7H/xS7EBzBV8qRoQCVe08Juf5xsouXFakD +clLV4+L+1cxkpwsCQDly5g3tm/TBqA2O+ZJ+YHQDHKkzMyhLs6i0X/M5qvJBiLg1 +GLTCS20rpQ5gXTEGuINqHgwXQWkUO6bhgSYqdHGX3zbZ5+qWpI4eui3dHZ1Ll0VH +6Icpb7ORTQwhc6W8KBlybssYPSlGOEBGUjYGNheoz9FpoSkxCis+P8ZNKtrmpPoq +Su0eOOGFOFHG02eOgPVxSwrDeN9MVJo7BPysGMHJmQIDAQABMA0GCSqGSIb3DQEB +CwUAA4ICAQC63g6NHmQKbiy3G6iaDkpUSbr5Mq2YgU61XnvWVyREqDcy/BXCw9oY +SJ/KUvCpqPnACNOFqjadRAmPiA9nf2WduoCgwQGV/YRFGswSuVvh/3X2TX5NWvbS +t8MQDttQg1dxpiMUjlu3rqhfohBdWJvp2lVSdpDb/MOlXBc/+p7HfOHwhqB7wwPN +NNbSKUbZqZxmD8cOf1X0hASr1yfFPj+2vST3ESaON8S0T2p63YX/sD5jvOUiEuyw +I5WcvLmiRZA07SH8nWyckLY3qWL+OlhSZrlAnolWS00b+7h5LNuRYEjKzwVgntoA +aCopyQih6wIk0+AfJO4sfhJBmQhnIrAaP/zwBH5g9zVizLf5H7U+hNXrMwgw55Sq +vjMdkZHvPKUXTvVit/rYE9H+PY3brkRWzOl4V/i/ZLJJm5805H/NyTbz9kPMJw2Q +nn+KOpfXXySD39f8iuRgSKXsYNul38hxWgcZZ6g+sOOp2n/VUmf0eZUWNnJ8i7AP +4Qif7aDKMcibOwSwsB+DKZXDvZ5XSdnMphtuLS5rPSL81rVRmWC2DMfQ2eP8j0WN +VTroSk0xedQ7Qr+9TNooi9IyzX6n1a2S1UiciEZ3ZcDbXPl/P01m+IYZyPnLv0+9 +ZeioZYh1JLv3/OKsMrMLTfh2ZCj3aXwmc2Owi/wU2LS5QUOMcHH7CQ== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/docker/apache/alpine-3/conf/etc/httpd/ssl/server.csr b/docker/apache/alpine-3/conf/etc/httpd/ssl/server.csr new file mode 100644 index 000000000..8a9909f77 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/ssl/server.csr @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEcTCCAlkCAQAwLDEbMBkGA1UEChMSRG9ja2VyIEJvaWxlcnBsYXRlMQ0wCwYD +VQQDFAQqLnZtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyt0yFIsg +713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik9FW3mcqh75sGYwIOBmNdHfsm +Q3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyELAFY5w+iqO1xcLTZO/aOiWXw +BWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6KZ6blxg+regwPEI94MtHbmk47 +ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEswuuxkMlWWGhcqYnA9UjbbEZoB +Fb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpyCOyv5z+0+rgR0IxzvhabBpFP +ZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9hsuLaM76mR6W1MbIMe7E93o/ +SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEAlXtPCbn+cbKLlxWpA3JS1ePi +/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMoS7OotF/zOaryQYi4NRi0wktt +K6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efqlqSOHrot3R2dS5dFR+iHKW+z +kU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEpMQorPj/GTSra5qT6KkrtHjjh +hThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4ICAQBsEBgC2YepuZq/8UqvKMZKVy/etDKXj7BB+QPb+leNiKD7p4LDxHJsZSH8 +Ku9uMPeLfiQDn5jA41k5SlGttzvObd65RdEbO3yHpqsg05EGSDDLfaE1k2Al/qmX +/o8roPZF7+2kZthgMAgkcokS54LYqEYTGqOf3J9Ss0yRIZwhaOVebfFIbIOdpw0B +JNMIJPHTMdZrcuRVI+wR1uPLIlEJzBvxTGbTrvPU25WJFtu+EajKqXO0SHdy0yx8 +uH4ykRBJRc36+oYo7nZ5D56dh7pZn3+9J64FKAOV0Q3KqMFieGy053ezuhJd70eZ +UozTgfjs3WpMzoYmKETSyl3XZSdInRe+sUlKPruTsKyg69oYxjPlrGfAmmGcCFca +TnZinT18dI92zK7OtOVkmYeYKC1lwuhftVrNMXzZuHOGpS9NNYtc4nDqDMIEOfV3 +6rCdu03WjEgJ+Z67tJs16xOx9du4/EHxS2Ijn9DPfVJvYy0TgzDi1BUpjWx0KTLx +C4OQbEZ/QTWmHVbSch/hcZhzbf7SNh5RpnW4EtmcpDFjIKMfxJmoKeiTf7qnilx0 +7uRvsZFKoDKRDOFiPfgMg5AOtLHziYsd9m0tJjC2GHvFuPjzOtzhnUUjmmvht170 +2aqKakjST4amg7jzLcs871HX0/WjOtt29NpOz140blkKf1bisg== +-----END CERTIFICATE REQUEST----- \ No newline at end of file diff --git a/docker/apache/alpine-3/conf/etc/httpd/ssl/server.key b/docker/apache/alpine-3/conf/etc/httpd/ssl/server.key new file mode 100644 index 000000000..c9eec145f --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/ssl/server.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAyt0yFIsg713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik +9FW3mcqh75sGYwIOBmNdHfsmQ3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyE +LAFY5w+iqO1xcLTZO/aOiWXwBWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6K +Z6blxg+regwPEI94MtHbmk47ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEsw +uuxkMlWWGhcqYnA9UjbbEZoBFb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpy +COyv5z+0+rgR0IxzvhabBpFPZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9 +hsuLaM76mR6W1MbIMe7E93o/SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEA +lXtPCbn+cbKLlxWpA3JS1ePi/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMo +S7OotF/zOaryQYi4NRi0wkttK6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efq +lqSOHrot3R2dS5dFR+iHKW+zkU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEp +MQorPj/GTSra5qT6KkrtHjjhhThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEA +AQKCAgAbZPdoUsllyZbC+LNkYZ19ILD5QIDNjfRb1xMGQmkXyQz1B+zOmeyrNfPc +OWEJabOfJTfj3pByN7SzG3US4333HNpQnW6mbmqqZ0HFFqPrXR/Ecuf+UUhCG5hp +m3bgM2vKbyccYsmg0VHcKfzrU7RvTTP/UNMjx2fThwvvwS+ttuSdF0HVcXJB5sfP +OWWnZNhkdHZlRf81VCED/jsZqCZYEh5eMyj9AoXvXL4zayPPf+tC0DSKaXW2Xlxg +tZQhqup8+a9nlxZia0Z9hu8clo6jXkiP8FuKgfCMV0cOjiCKLLHS5svTbLLsVWwJ +F2ZAdVcD6mWQ43qHOEK5NEzGvQKO14CaOLnVT2yAkMcyNohsEgoDP9oCBGDJQbBH +NmtZfpVjjtuTr9P9TEkU1FcBRo0x6Il/DkzamGbOeFAmgnaGElhJ5c/CAG7whaIf +mUfFOBGPH/wESY3gBOACDofeSh27RrlvbLaPiCGKivDUTBmhBsIuso6XqOKbvtfV +/HhhndpdRVfIj4DdE7gIrLIGN977JMVAXFCNz7KrvAWwcOXrCHCoWpklJ9repq8l +26ICY8K7VXktzDHQUmhd88ZWR+9ASURsJghUgZUOcMrEGyvci6Y8hpLhHiNVPHuQ ++ps7tpPsXSntBUqWBzhRZh74+nJlOOV6oYykl30JT2JzB6lwiQKCAQEA9ecn8N2z +20tR2UEiTv/MjVSepQtAAajegvcd1iasvvQKXnh3XLmoZHzH2tTa0lp5RIZpUQPl +lOTwko0lYTBnYblt65AJQ3FTgisNobIpoqE8BFXLm6wggz7CbabjmPGDe173lPGR +sI0YSKYvzrdn4zw8Fh6WULJyZHLi58zJYL3r0WBDiOoxpGaGA1GlmkuIWjhKHaX2 +OvF1vOuQDJ2eDyTc5TYFC0NKG76Mvanov5L/yrhNM/umbmp0SPspzHGZobAKUr20 +OazFT8S+2TA1OTxWNbiPbSimFoaZbEdqsNACGfVJWO8Sh8iqlt5RmEcSiSvGBj6L +QKprRO9Fsp2GawKCAQEA0zGhRsnux4JTNsdUSYsEJtITMj6eE+nl7CoZ9DAOwC5X +6/aSpUE4TT+pWNrt9iluXiGL0j89UJ7r/L1OcsiyzGb8ig9NU4zr1NIGTZ0DstHi +HPYINjeiBJEFIy17kOQn+9/I5c4hBUwz6ihwNoEomymVB/EsLJKAML0AudJGKg+Z +/f/qrS40eab5SAiaKgsh0MZnj+vIxyGBydt6r2HGmjfNITVbXIu6IpO+6NXDwM/e +7v10AAZ3j9+gb1RedLg2ghuIuYU90hmMhtVWsh9nVmaOkMW9/WFgOPYvt/mHH/hR +d4pePZ9kACGmqo/b9sHvHw1YEubtCt1VUiNuFxnJCwKCAQBWnxz0vkRTJY8phsY9 +KeK2jm5sGTBs5T2syLwb6ffENFdKvAjgAw6Mh2And/+1ReWd+/MxdLv03UjZdxsJ +x3FDfXx5FH4O4ebW3a+pnAcKoN1xcX+N0O6LDRqUYcue3sTAOs3gC9CUbr91KAWD +Phw8ccWAzTmKJ7IgLFA982ekyoI9eTmRC159WRgwJxy844qerWF+XC4GyXP+HsTZ +jNRW5Vdi7sqMEyIR7+fIEAhLI88zbATWIPmZv6pC4ybwO7wwtsCMMQNBpdjDprzL +6S12ggikV+U+QKlxGe0FtYqhykRTPJKf32eZqVheWOZJTA/9fgv9ux52oxGycM8O +gmsNAoIBAQC60m5uZnd5uYnPLWkcXYNgq/kbO1UvHHut/FhVMKX7z4MrU0XKNfWO +MECoP5K9bU0aq+Y6KIMe7FapjvT0iSHRu1Cu+HZY8JI2A0xcIAeDijLRl7sP6wrB +q1+2DKgANjRAlWfsEfoX658JBpitPngjOheBnRCMpVQMyUT5HE/BKWf5zwdUB0mY +S+K8nA90HcDeJIS8RcGolbVwUV0oBABhr/cf50lYhqozqCr7YQ33ZGs7Uq3oz8+4 +UARmN2YPLl3Znm3GX12em8c6B0LX8vvA7Jw06Rf2Ksup1+3Ce1PTLiEy9A4FyRf3 +Hc2HmBbnJAtZlr5QikMqlzzAmmLqwH6dAoIBAC+ryaQGJFsijCSuaDfRp/uy9xnd +DjgMdTwjl5WLBmyudChVMANl8eqCbvVO41CN84yORk03oQ4cx0eKxAZaLaSzgkb3 +W0X2nFQe7VJSYMQswCQ+1WfJvEFrIdkEKIa//uQdhqNrgUKSNVhhSTMbNEkDTIWn +ssbv2H9hvUaFt/J/vP9zCKuU5oYvNU7Oi6ZXRYezRn9atlJYanLFoJnHUBRzGms5 +K0vhdCPDXQq87z5Yudoh0jLUQF9Nx0GTWeBceQ9n5hZeRUNQWxP4AJThQX9KSPTS +mbL3Kh4XNRmAUJ2N+Njh+3dg91s+JkKvC1wcspLsmLPQe+9AxBSH9y5JE/8= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/docker/apache/alpine-3/conf/etc/httpd/vhost.common.conf b/docker/apache/alpine-3/conf/etc/httpd/vhost.common.conf new file mode 100644 index 000000000..e69de29bb diff --git a/docker/apache/alpine-3/conf/etc/httpd/vhost.conf b/docker/apache/alpine-3/conf/etc/httpd/vhost.conf new file mode 100644 index 000000000..fb15ccda8 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/vhost.conf @@ -0,0 +1,23 @@ +####################################### +# Vhost +####################################### + + + ServerName docker.vm + ServerAlias + DocumentRoot "" + + UseCanonicalName Off + + Include /opt/docker/etc/httpd/vhost.common.conf + + + + ServerName docker.vm + ServerAlias + DocumentRoot "" + + UseCanonicalName Off + Include /opt/docker/etc/httpd/vhost.common.conf + Include /opt/docker/etc/httpd/vhost.ssl.conf + diff --git a/docker/apache/alpine-3/conf/etc/httpd/vhost.ssl.conf b/docker/apache/alpine-3/conf/etc/httpd/vhost.ssl.conf new file mode 100644 index 000000000..1261fd747 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/httpd/vhost.ssl.conf @@ -0,0 +1,27 @@ + ############ + # SSL + ############ + + SSLEngine on + SSLCertificateFile /opt/docker/etc/httpd/ssl/server.crt + SSLCertificateKeyFile /opt/docker/etc/httpd/ssl/server.key + + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + # MSIE 7 and newer should be able to use keepalive + # This regexp is ok with 17-9! + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + + ## SSL Hardening + SSLProtocol All -SSLv2 -SSLv3 + SSLHonorCipherOrder on + SSLCompression off + SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA' diff --git a/docker/apache/alpine-3/conf/etc/supervisor.d/apache.conf b/docker/apache/alpine-3/conf/etc/supervisor.d/apache.conf new file mode 100644 index 000000000..12a6f86f7 --- /dev/null +++ b/docker/apache/alpine-3/conf/etc/supervisor.d/apache.conf @@ -0,0 +1,14 @@ +[group:apache] +programs=apached +priority=20 + +[program:apached] +command = /opt/docker/bin/service.d/httpd.sh +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/defaults/main.yml new file mode 100644 index 000000000..69cba1cb4 --- /dev/null +++ b/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml new file mode 100644 index 000000000..8e60c0ba5 --- /dev/null +++ b/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -0,0 +1,114 @@ +--- + +- name: Set apache vhost file [RedHat family] + set_fact: + apache_docker_vhost: /etc/httpd/conf.d/docker.conf + when: ansible_os_family == 'RedHat' + +- name: Set apache vhost file [Debian family] + set_fact: + apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf + when: ansible_os_family == 'Debian' + +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + +- name: Enable apache main config + file: + src: '/opt/docker/etc/httpd/main.conf' + dest: '{{ apache_docker_vhost }}' + state: link + force: yes + +- name: Ensure document root is available + file: + path: "{{ DOCUMENT_ROOT }}" + state: directory + recurse: yes + +- name: Ensure /var/run/apache2 exists + file: + path: '/var/run/apache2' + state: directory + recurse: yes + +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + +- name: Switch MPM to worker [RedHat family] + lineinfile: + dest: '/etc/httpd/conf.modules.d/00-mpm.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + when: ansible_os_family == 'RedHat' + +- name: Switch MPM to event for Apache 2.4 and higher [Ubuntu family] + command: "{{ item }}" + with_items: + - 'a2dismod mpm_event' + - 'a2enmod mpm_event' + when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) + +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + +- name: Fix rights of ssl files + file: + path: "{{ item.path }}" + state: "{{ item.state }}" + mode: "{{ item.mode }}" + owner: "root" + group: "root" + with_items: + - { path: '/opt/docker/etc/httpd/ssl', state: 'directory', mode: '0750' } + - { path: '/opt/docker/etc/httpd/ssl/server.crt', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/httpd/ssl/server.csr', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/httpd/ssl/server.key', state: 'file', mode: '0640' } diff --git a/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/main.yml b/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/apache/centos-7/Dockerfile b/docker/apache/centos-7/Dockerfile index 900f7c67b..8e4b862da 100644 --- a/docker/apache/centos-7/Dockerfile +++ b/docker/apache/centos-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:centos-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/debian-7/Dockerfile b/docker/apache/debian-7/Dockerfile index 36eb9920b..9a3018dda 100644 --- a/docker/apache/debian-7/Dockerfile +++ b/docker/apache/debian-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:debian-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/debian-8/Dockerfile b/docker/apache/debian-8/Dockerfile index 95cbbcf86..30c51b0c3 100644 --- a/docker/apache/debian-8/Dockerfile +++ b/docker/apache/debian-8/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/debian-9/Dockerfile b/docker/apache/debian-9/Dockerfile index 6fd4bd992..277539d7b 100644 --- a/docker/apache/debian-9/Dockerfile +++ b/docker/apache/debian-9/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/ubuntu-12.04/Dockerfile b/docker/apache/ubuntu-12.04/Dockerfile index 158de2d6c..af3407b18 100644 --- a/docker/apache/ubuntu-12.04/Dockerfile +++ b/docker/apache/ubuntu-12.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/ubuntu-14.04/Dockerfile b/docker/apache/ubuntu-14.04/Dockerfile index 9781c7f85..6c5aa56e7 100644 --- a/docker/apache/ubuntu-14.04/Dockerfile +++ b/docker/apache/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/ubuntu-15.04/Dockerfile b/docker/apache/ubuntu-15.04/Dockerfile index 0cc15f2ee..ffd3fa288 100644 --- a/docker/apache/ubuntu-15.04/Dockerfile +++ b/docker/apache/ubuntu-15.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/ubuntu-15.10/Dockerfile b/docker/apache/ubuntu-15.10/Dockerfile index 48f3db681..8767a061a 100644 --- a/docker/apache/ubuntu-15.10/Dockerfile +++ b/docker/apache/ubuntu-15.10/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/apache/ubuntu-16.04/Dockerfile b/docker/apache/ubuntu-16.04/Dockerfile index a6d24937a..689d3b2da 100644 --- a/docker/apache/ubuntu-16.04/Dockerfile +++ b/docker/apache/ubuntu-16.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/base-app/README.md b/docker/base-app/README.md new file mode 100644 index 000000000..4f0d09ce4 --- /dev/null +++ b/docker/base-app/README.md @@ -0,0 +1,105 @@ +# Base container layout + +## Containers +Container | Distribution name +----------------------------------- | ------------------------- +`webdevops/base:ubuntu-12.04` | precise +`webdevops/base:ubuntu-14.04` | trusty (LTS) +`webdevops/base:ubuntu-15.04` | vivid +`webdevops/base:ubuntu-15.10` | wily +`webdevops/base:debian-7` | wheezy +`webdevops/base:debian-8` | jessie +`webdevops/base:centos-7` | + +## Environment variables + +Variable | Description +------------------- | ------------------------------------------------------------------------------ +`CLI_SCRIPT` | Predefined CLI script for service +`APPLICATION_UID` | Application UID (Effective user ID) +`APPLICATION_GID` | Application GID (Effective group ID) + +## Filesystem layout + +The whole docker directroy is deployed into `/opt/docker/`. + + +Directory | Description +------------------------------------ | ------------------------------------------------------------------------------ +`/opt/docker/bin` | Script directory for various script eg. `entrypoint.sh` +`/opt/docker/bin/entrypoint.d` | Entrypoint scripts +`/opt/docker/bin/service.d` | Service (wrapper) scripts for supervisord +
| +`/opt/docker/etc` | Configuration directory +`/opt/docker/etc/supervisor.d` | Supervisor service configuration `*.conf` directory +
| +`/opt/docker/provision` | Ansible provisioning configuration directory +`/opt/docker/provision/roles` | Ansible roles configuration directory +`/opt/docker/provision/bootstrap.d` | Directory for bash `*.sh` scripts which will automatcally run by `bootstrrap.sh` (will be removed after run, for usage in `Dockerfile`) +`/opt/docker/provision/entrypoint.d` | Directory for bash `*.sh` scripts which will automatcally run by `entrypoint.sh` +`/opt/docker/provision/onbuild.d` | Directory for bash `*.sh` scripts which will automatcally run by `onbuild` (`bootstrap.sh onbuild` must be called for execution with ONBUILD RUN) + + +File | Description +-------------------------------------------- | ------------------------------------------------------------------------------ +`/opt/docker/bin/config.sh` | Config for `entrypoint.sh` and other scripts (eg. `/opt/docker/bin/entrypoint.d`). All bash functions/variables can be used in custom scripts. +`/opt/docker/bin/entrypoint.sh` | Main entrypoint for docker container +`/opt/docker/bin/logwatch.sh` | Log reader for childen processes (can be used with named pipes) +`/opt/docker/bin/provision.sh` | Ansible provision wrapper script +`/opt/docker/bin/control.sh` | Control script for container and provisioning registration handling +
| +`/opt/docker/etc/supervisor.conf` | Main supervisor configuration (will include other scripts in `/opt/docker/etc/supervisor.d/*.conf`) +`/opt/docker/etc/supervisor.d/cron.conf` | Cron service script _(disabled by default)_ +`/opt/docker/etc/supervisor.d/ssh.conf` | SSH server service script _(disabled by default)_ + + +## Ansible provisioning + +Whole configuration will deployed in `/opt/docker/provision`. + +Available tags: +- bootstrap (only run once) +- entrypoint (run at startup) + +If there is no `playbook.yml` it will be created dynamically based on registred roles by `control.sh`. +`bootstrap` roles will only run once (at docker build) and not again on inherited containers. +`entrypoint` roles will run at each startup also on inherited containers. + +To use the modular ansible provisioning you have to deploy your own role into `/opt/docker/provision/roles`, eg.: + +Directory: `/opt/docker/provision/roles/yourrolename/` +Main task file: `/opt/docker/provision/roles/yourrolename/tasks/main.yml` + +To register your role execute following script in your `Dockerfile`: + +For `bootstrap` and `entrypoint` tag: +`RUN bash /opt/docker/bin/control.sh provision.role.bootstrap yourrolename` + +For only `bootstrap` tag: +`RUN bash /opt/docker/bin/control.sh provision.role.bootstrap.bootstrap yourrolename` + +For only `entrypoint` tag: +`RUN bash /opt/docker/bin/control.sh provision.role.bootstrap.entrypoint yourrolename` + +## `entrypoint.sh` + +CMD | Description +--------------- | ------------------------------------------------------------------------------ +supervisord | Start supervisor and configured services +noop | Endless noop loop (endless sleep) +root | Root shell (external usage) +cli | Run predefined `CLI_SCRIPT` (env variable) as `EFFECTIVE_USER` if defined +all other | Run defined command as `EFFECTIVE_USER` if defined + +## Container info + +Image | Info +----------------------------------- | ---------------------------------------------------------------------------------- +webdevops/base:latest | [![](https://badge.imagelayers.io/webdevops/base:latest.svg)](https://imagelayers.io/?images=webdevops/base:latest 'Get your own badge on imagelayers.io') +webdevops/base:ubuntu-12.04 | [![](https://badge.imagelayers.io/webdevops/base:ubuntu-12.04.svg)](https://imagelayers.io/?images=webdevops/base:ubuntu-12.04 'Get your own badge on imagelayers.io') +webdevops/base:ubuntu-14.04 | [![](https://badge.imagelayers.io/webdevops/base:ubuntu-14.04.svg)](https://imagelayers.io/?images=webdevops/base:ubuntu-14.04 'Get your own badge on imagelayers.io') +webdevops/base:ubuntu-15.04 | [![](https://badge.imagelayers.io/webdevops/base:ubuntu-15.04.svg)](https://imagelayers.io/?images=webdevops/base:ubuntu-15.04 'Get your own badge on imagelayers.io') +webdevops/base:ubuntu-15.10 | [![](https://badge.imagelayers.io/webdevops/base:ubuntu-15.10.svg)](https://imagelayers.io/?images=webdevops/base:ubuntu-15.14 'Get your own badge on imagelayers.io') +webdevops/base:centos-7 | [![](https://badge.imagelayers.io/webdevops/base:centos-7.svg)](https://imagelayers.io/?images=webdevops/base:centos-7 'Get your own badge on imagelayers.io') +webdevops/base:debian-7 | [![](https://badge.imagelayers.io/webdevops/base:debian-7.svg)](https://imagelayers.io/?images=webdevops/base:debian-7 'Get your own badge on imagelayers.io') +webdevops/base:debian-8 | [![](https://badge.imagelayers.io/webdevops/base:debian-8.svg)](https://imagelayers.io/?images=webdevops/base:debian-8 'Get your own badge on imagelayers.io') diff --git a/docker/base-app/alpine-3/Dockerfile b/docker/base-app/alpine-3/Dockerfile new file mode 100644 index 000000000..4056b2cc1 --- /dev/null +++ b/docker/base-app/alpine-3/Dockerfile @@ -0,0 +1,47 @@ +#++++++++++++++++++++++++++++++++++++++ +# Alpine 3 Bootstrap Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.22.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +RUN /usr/local/bin/apk-install \ + # Install services + openssh \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + drill \ + ldns \ + openssh-client \ + rsync \ + git \ + nano \ + vim + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/alpine-3/conf/bin/service.d/dnsmasq.sh b/docker/base-app/alpine-3/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/alpine-3/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/alpine-3/conf/bin/service.d/postfix.sh b/docker/base-app/alpine-3/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/alpine-3/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/centos-7/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/alpine-3/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/centos-7/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/alpine-3/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/centos-7/conf/etc/supervisor.d/postfix.conf b/docker/base-app/alpine-3/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/centos-7/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/alpine-3/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/alpine-3/conf/etc/supervisor.d/ssh.conf b/docker/base-app/alpine-3/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/alpine-3/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/alpine-3/conf/provision/onbuild.d/.gitkeep b/docker/base-app/alpine-3/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml similarity index 86% rename from docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml rename to docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml index fd58b329f..cf6968a01 100644 --- a/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -1,5 +1,11 @@ --- +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + - name: Create application group group: name: "{{ APPLICATION_GROUP }}" diff --git a/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/alpine-3/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/centos-7/Dockerfile b/docker/base-app/centos-7/Dockerfile new file mode 100644 index 000000000..24ad4e520 --- /dev/null +++ b/docker/base-app/centos-7/Dockerfile @@ -0,0 +1,48 @@ +#++++++++++++++++++++++++++++++++++++++ +# CentOS 7 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:centos-7 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +RUN /usr/local/bin/yum-install \ + # Install services + openssh-server \ + mysql \ + sqlite \ + dnsmasq \ + postfix \ + # Install tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + bind-utils \ + rsync \ + git \ + pygpgme \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/centos-7/conf/bin/service.d/dnsmasq.sh b/docker/base-app/centos-7/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/centos-7/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/centos-7/conf/bin/service.d/postfix.sh b/docker/base-app/centos-7/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/centos-7/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/debian-7/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/centos-7/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/debian-7/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/centos-7/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/debian-7/conf/etc/supervisor.d/postfix.conf b/docker/base-app/centos-7/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/debian-7/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/centos-7/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/centos-7/conf/etc/supervisor.d/ssh.conf b/docker/base-app/centos-7/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/centos-7/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/centos-7/conf/provision/onbuild.d/.gitkeep b/docker/base-app/centos-7/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml similarity index 86% rename from docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml rename to docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml index fd58b329f..cf6968a01 100644 --- a/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -1,5 +1,11 @@ --- +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + - name: Create application group group: name: "{{ APPLICATION_GROUP }}" diff --git a/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/centos-7/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/debian-7/Dockerfile b/docker/base-app/debian-7/Dockerfile new file mode 100644 index 000000000..87e3e48dc --- /dev/null +++ b/docker/base-app/debian-7/Dockerfile @@ -0,0 +1,48 @@ +#++++++++++++++++++++++++++++++++++++++ +# Debian 7 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:debian-7 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +RUN sed -ri 's/(deb.*\/debian wheezy main)/\1 contrib non-free /' -- /etc/apt/sources.list \ + && /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/debian-7/conf/bin/service.d/dnsmasq.sh b/docker/base-app/debian-7/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/debian-7/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/debian-7/conf/bin/service.d/postfix.sh b/docker/base-app/debian-7/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/debian-7/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/debian-8/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/debian-7/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/debian-8/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/debian-7/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/debian-8/conf/etc/supervisor.d/postfix.conf b/docker/base-app/debian-7/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/debian-8/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/debian-7/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/debian-7/conf/etc/supervisor.d/ssh.conf b/docker/base-app/debian-7/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/debian-7/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/debian-7/conf/provision/onbuild.d/.gitkeep b/docker/base-app/debian-7/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml similarity index 86% rename from docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml rename to docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml index fd58b329f..cf6968a01 100644 --- a/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -1,5 +1,11 @@ --- +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + - name: Create application group group: name: "{{ APPLICATION_GROUP }}" diff --git a/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/debian-7/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/debian-8/Dockerfile b/docker/base-app/debian-8/Dockerfile new file mode 100644 index 000000000..0aae1b2dc --- /dev/null +++ b/docker/base-app/debian-8/Dockerfile @@ -0,0 +1,48 @@ +#++++++++++++++++++++++++++++++++++++++ +# Debian 8 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:debian-8 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +RUN sed -ri 's/(deb.*\/debian jessie main)/\1 contrib non-free /' -- /etc/apt/sources.list \ + && /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/debian-8/conf/bin/service.d/dnsmasq.sh b/docker/base-app/debian-8/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/debian-8/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/debian-8/conf/bin/service.d/postfix.sh b/docker/base-app/debian-8/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/debian-8/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/debian-9/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/debian-8/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/debian-9/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/debian-8/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/debian-9/conf/etc/supervisor.d/postfix.conf b/docker/base-app/debian-8/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/debian-9/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/debian-8/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/debian-8/conf/etc/supervisor.d/ssh.conf b/docker/base-app/debian-8/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/debian-8/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/debian-8/conf/provision/onbuild.d/.gitkeep b/docker/base-app/debian-8/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml similarity index 86% rename from docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml rename to docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml index fd58b329f..cf6968a01 100644 --- a/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -1,5 +1,11 @@ --- +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + - name: Create application group group: name: "{{ APPLICATION_GROUP }}" diff --git a/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/debian-8/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/debian-9/Dockerfile b/docker/base-app/debian-9/Dockerfile new file mode 100644 index 000000000..157cd7099 --- /dev/null +++ b/docker/base-app/debian-9/Dockerfile @@ -0,0 +1,49 @@ +#++++++++++++++++++++++++++++++++++++++ +# Debian 9 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:debian-9 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +# Install services +RUN sed -ri 's/(deb.*\/debian stretch main)/\1 contrib non-free /' -- /etc/apt/sources.list \ + && /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/debian-9/conf/bin/service.d/dnsmasq.sh b/docker/base-app/debian-9/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/debian-9/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/debian-9/conf/bin/service.d/postfix.sh b/docker/base-app/debian-9/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/debian-9/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/ubuntu-12.04/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/debian-9/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/ubuntu-12.04/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/debian-9/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/ubuntu-12.04/conf/etc/supervisor.d/postfix.conf b/docker/base-app/debian-9/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/ubuntu-12.04/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/debian-9/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/debian-9/conf/etc/supervisor.d/ssh.conf b/docker/base-app/debian-9/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/debian-9/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/debian-9/conf/provision/onbuild.d/.gitkeep b/docker/base-app/debian-9/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml new file mode 100644 index 000000000..cf6968a01 --- /dev/null +++ b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -0,0 +1,41 @@ +--- + +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + +- name: Create application group + group: + name: "{{ APPLICATION_GROUP }}" + gid: "{{ APPLICATION_GID }}" + +- name: Create application user + user: + name: "{{ APPLICATION_USER }}" + uid: "{{ APPLICATION_UID }}" + group: "{{ APPLICATION_GROUP }}" + shell: "/bin/bash" + home: "/home/{{ APPLICATION_USER }}" + +- name: Init home directory + file: + path: "/home/{{ APPLICATION_USER }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes + +- name: Init bashrc + lineinfile: + dest: "/home/{{ APPLICATION_USER }}/.bashrc" + mode: 0770 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + create: yes + regexp: "export TERM=xterm" + line: "export TERM=xterm" + +- action: setup diff --git a/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/debian-9/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/ubuntu-12.04/Dockerfile b/docker/base-app/ubuntu-12.04/Dockerfile new file mode 100644 index 000000000..bf21e65a1 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/Dockerfile @@ -0,0 +1,49 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu 12.04 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:ubuntu-12.04 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +# Install services +RUN /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && mkdir -p /var/lib/syslog-ng/ \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/ubuntu-12.04/conf/bin/service.d/dnsmasq.sh b/docker/base-app/ubuntu-12.04/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/ubuntu-12.04/conf/bin/service.d/postfix.sh b/docker/base-app/ubuntu-12.04/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/ubuntu-14.04/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/ubuntu-12.04/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/ubuntu-14.04/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/ubuntu-12.04/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/ubuntu-14.04/conf/etc/supervisor.d/postfix.conf b/docker/base-app/ubuntu-12.04/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/ubuntu-14.04/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/ubuntu-12.04/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/ubuntu-12.04/conf/etc/supervisor.d/ssh.conf b/docker/base-app/ubuntu-12.04/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/ubuntu-12.04/conf/provision/onbuild.d/.gitkeep b/docker/base-app/ubuntu-12.04/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml new file mode 100644 index 000000000..cf6968a01 --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -0,0 +1,41 @@ +--- + +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + +- name: Create application group + group: + name: "{{ APPLICATION_GROUP }}" + gid: "{{ APPLICATION_GID }}" + +- name: Create application user + user: + name: "{{ APPLICATION_USER }}" + uid: "{{ APPLICATION_UID }}" + group: "{{ APPLICATION_GROUP }}" + shell: "/bin/bash" + home: "/home/{{ APPLICATION_USER }}" + +- name: Init home directory + file: + path: "/home/{{ APPLICATION_USER }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes + +- name: Init bashrc + lineinfile: + dest: "/home/{{ APPLICATION_USER }}/.bashrc" + mode: 0770 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + create: yes + regexp: "export TERM=xterm" + line: "export TERM=xterm" + +- action: setup diff --git a/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/ubuntu-12.04/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/ubuntu-14.04/Dockerfile b/docker/base-app/ubuntu-14.04/Dockerfile new file mode 100644 index 000000000..11529b264 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/Dockerfile @@ -0,0 +1,48 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu 14.04 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:ubuntu-14.04 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +# Install services +RUN /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/ubuntu-14.04/conf/bin/service.d/dnsmasq.sh b/docker/base-app/ubuntu-14.04/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/ubuntu-14.04/conf/bin/service.d/postfix.sh b/docker/base-app/ubuntu-14.04/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/ubuntu-15.04/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/ubuntu-14.04/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/ubuntu-15.04/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/ubuntu-14.04/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/ubuntu-15.04/conf/etc/supervisor.d/postfix.conf b/docker/base-app/ubuntu-14.04/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/ubuntu-15.04/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/ubuntu-14.04/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/ubuntu-14.04/conf/etc/supervisor.d/ssh.conf b/docker/base-app/ubuntu-14.04/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/ubuntu-14.04/conf/provision/onbuild.d/.gitkeep b/docker/base-app/ubuntu-14.04/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml new file mode 100644 index 000000000..cf6968a01 --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -0,0 +1,41 @@ +--- + +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + +- name: Create application group + group: + name: "{{ APPLICATION_GROUP }}" + gid: "{{ APPLICATION_GID }}" + +- name: Create application user + user: + name: "{{ APPLICATION_USER }}" + uid: "{{ APPLICATION_UID }}" + group: "{{ APPLICATION_GROUP }}" + shell: "/bin/bash" + home: "/home/{{ APPLICATION_USER }}" + +- name: Init home directory + file: + path: "/home/{{ APPLICATION_USER }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes + +- name: Init bashrc + lineinfile: + dest: "/home/{{ APPLICATION_USER }}/.bashrc" + mode: 0770 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + create: yes + regexp: "export TERM=xterm" + line: "export TERM=xterm" + +- action: setup diff --git a/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/ubuntu-14.04/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/ubuntu-15.04/Dockerfile b/docker/base-app/ubuntu-15.04/Dockerfile new file mode 100644 index 000000000..a9461a05a --- /dev/null +++ b/docker/base-app/ubuntu-15.04/Dockerfile @@ -0,0 +1,48 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu 15.04 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:ubuntu-15.04 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +# Install services +RUN /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/ubuntu-15.04/conf/bin/service.d/dnsmasq.sh b/docker/base-app/ubuntu-15.04/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/ubuntu-15.04/conf/bin/service.d/postfix.sh b/docker/base-app/ubuntu-15.04/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/ubuntu-15.10/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/ubuntu-15.04/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/ubuntu-15.10/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/ubuntu-15.04/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/ubuntu-15.10/conf/etc/supervisor.d/postfix.conf b/docker/base-app/ubuntu-15.04/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/ubuntu-15.10/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/ubuntu-15.04/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/ubuntu-15.04/conf/etc/supervisor.d/ssh.conf b/docker/base-app/ubuntu-15.04/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/ubuntu-15.04/conf/provision/onbuild.d/.gitkeep b/docker/base-app/ubuntu-15.04/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml new file mode 100644 index 000000000..cf6968a01 --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -0,0 +1,41 @@ +--- + +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + +- name: Create application group + group: + name: "{{ APPLICATION_GROUP }}" + gid: "{{ APPLICATION_GID }}" + +- name: Create application user + user: + name: "{{ APPLICATION_USER }}" + uid: "{{ APPLICATION_UID }}" + group: "{{ APPLICATION_GROUP }}" + shell: "/bin/bash" + home: "/home/{{ APPLICATION_USER }}" + +- name: Init home directory + file: + path: "/home/{{ APPLICATION_USER }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes + +- name: Init bashrc + lineinfile: + dest: "/home/{{ APPLICATION_USER }}/.bashrc" + mode: 0770 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + create: yes + regexp: "export TERM=xterm" + line: "export TERM=xterm" + +- action: setup diff --git a/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/ubuntu-15.04/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/ubuntu-15.10/Dockerfile b/docker/base-app/ubuntu-15.10/Dockerfile new file mode 100644 index 000000000..f8f0221f1 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/Dockerfile @@ -0,0 +1,48 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu 15.10 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:ubuntu-15.10 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +# Install services +RUN /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/ubuntu-15.10/conf/bin/service.d/dnsmasq.sh b/docker/base-app/ubuntu-15.10/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/ubuntu-15.10/conf/bin/service.d/postfix.sh b/docker/base-app/ubuntu-15.10/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/ubuntu-16.04/conf/etc/supervisor.d/dnsmasq.conf b/docker/base-app/ubuntu-15.10/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from docker/base/ubuntu-16.04/conf/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/ubuntu-15.10/conf/etc/supervisor.d/dnsmasq.conf diff --git a/docker/base/ubuntu-16.04/conf/etc/supervisor.d/postfix.conf b/docker/base-app/ubuntu-15.10/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from docker/base/ubuntu-16.04/conf/etc/supervisor.d/postfix.conf rename to docker/base-app/ubuntu-15.10/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/ubuntu-15.10/conf/etc/supervisor.d/ssh.conf b/docker/base-app/ubuntu-15.10/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/ubuntu-15.10/conf/provision/onbuild.d/.gitkeep b/docker/base-app/ubuntu-15.10/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml new file mode 100644 index 000000000..cf6968a01 --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -0,0 +1,41 @@ +--- + +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + +- name: Create application group + group: + name: "{{ APPLICATION_GROUP }}" + gid: "{{ APPLICATION_GID }}" + +- name: Create application user + user: + name: "{{ APPLICATION_USER }}" + uid: "{{ APPLICATION_UID }}" + group: "{{ APPLICATION_GROUP }}" + shell: "/bin/bash" + home: "/home/{{ APPLICATION_USER }}" + +- name: Init home directory + file: + path: "/home/{{ APPLICATION_USER }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes + +- name: Init bashrc + lineinfile: + dest: "/home/{{ APPLICATION_USER }}/.bashrc" + mode: 0770 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + create: yes + regexp: "export TERM=xterm" + line: "export TERM=xterm" + +- action: setup diff --git a/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/ubuntu-15.10/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base-app/ubuntu-16.04/Dockerfile b/docker/base-app/ubuntu-16.04/Dockerfile new file mode 100644 index 000000000..27dc07c39 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/Dockerfile @@ -0,0 +1,48 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu 16.04 Base Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:ubuntu-16.04 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV APPLICATION_USER application +ENV APPLICATION_GROUP application +ENV APPLICATION_PATH /app +ENV APPLICATION_UID 1000 +ENV APPLICATION_GID 1000 + +# Install services +RUN /usr/local/bin/apt-install \ + # Install services + openssh-server \ + mysql-client \ + sqlite \ + dnsmasq \ + postfix \ + # Install common tools + sudo \ + zip \ + unzip \ + bzip2 \ + wget \ + curl \ + net-tools \ + moreutils \ + dnsutils \ + openssh-client \ + rsync \ + git \ + nano \ + vim \ + && /usr/local/bin/generate-locales + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base-app/ubuntu-16.04/conf/bin/service.d/dnsmasq.sh b/docker/base-app/ubuntu-16.04/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base-app/ubuntu-16.04/conf/bin/service.d/postfix.sh b/docker/base-app/ubuntu-16.04/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/provisioning/base/general/etc/supervisor.d/dnsmasq.conf b/docker/base-app/ubuntu-16.04/conf/etc/supervisor.d/dnsmasq.conf similarity index 100% rename from provisioning/base/general/etc/supervisor.d/dnsmasq.conf rename to docker/base-app/ubuntu-16.04/conf/etc/supervisor.d/dnsmasq.conf diff --git a/provisioning/base/general/etc/supervisor.d/postfix.conf b/docker/base-app/ubuntu-16.04/conf/etc/supervisor.d/postfix.conf similarity index 100% rename from provisioning/base/general/etc/supervisor.d/postfix.conf rename to docker/base-app/ubuntu-16.04/conf/etc/supervisor.d/postfix.conf diff --git a/docker/base-app/ubuntu-16.04/conf/etc/supervisor.d/ssh.conf b/docker/base-app/ubuntu-16.04/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base-app/ubuntu-16.04/conf/provision/onbuild.d/.gitkeep b/docker/base-app/ubuntu-16.04/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/defaults/main.yml b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml similarity index 100% rename from provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap/dnsmasq.yml rename to docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml diff --git a/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml similarity index 100% rename from provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap/postfix.yml rename to docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml diff --git a/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml new file mode 100644 index 000000000..cf6968a01 --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -0,0 +1,41 @@ +--- + +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + +- name: Create application group + group: + name: "{{ APPLICATION_GROUP }}" + gid: "{{ APPLICATION_GID }}" + +- name: Create application user + user: + name: "{{ APPLICATION_USER }}" + uid: "{{ APPLICATION_UID }}" + group: "{{ APPLICATION_GROUP }}" + shell: "/bin/bash" + home: "/home/{{ APPLICATION_USER }}" + +- name: Init home directory + file: + path: "/home/{{ APPLICATION_USER }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes + +- name: Init bashrc + lineinfile: + dest: "/home/{{ APPLICATION_USER }}/.bashrc" + mode: 0770 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + create: yes + regexp: "export TERM=xterm" + line: "export TERM=xterm" + +- action: setup diff --git a/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/main.yml b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/base-app/ubuntu-16.04/conf/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/base/alpine-3/Dockerfile b/docker/base/alpine-3/Dockerfile new file mode 100644 index 000000000..09233a8b6 --- /dev/null +++ b/docker/base/alpine-3/Dockerfile @@ -0,0 +1,29 @@ +#++++++++++++++++++++++++++++++++++++++ +# Alpine 3 Bootstrap Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/bootstrap:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.22.0 + +ENV DOCKER_CONF_HOME /opt/docker/ + +# Install services +RUN /usr/local/bin/apk-install \ + supervisor \ + syslog-ng \ + logrotate \ + wget \ + curl \ + sed + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base \ + && bash /opt/docker/bin/control.sh provision.role.finish.build webdevops-cleanup \ + && bash /opt/docker/bin/bootstrap.sh + +ENTRYPOINT ["/opt/docker/bin/entrypoint.sh"] +CMD ["noop"] diff --git a/docker/base/alpine-3/conf/VERSION b/docker/base/alpine-3/conf/VERSION new file mode 100644 index 000000000..62f945751 --- /dev/null +++ b/docker/base/alpine-3/conf/VERSION @@ -0,0 +1 @@ +6 \ No newline at end of file diff --git a/docker/base/alpine-3/conf/bin/bootstrap.sh b/docker/base/alpine-3/conf/bin/bootstrap.sh new file mode 100644 index 000000000..8e0d9c8f8 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/bootstrap.sh @@ -0,0 +1,49 @@ +#!/usr/bin/env bash + +BOOTSTRAP_MODE="bootstrap" + +if [ -n "$1" ]; then + BOOTSTRAP_MODE="$1" +fi + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +source /opt/docker/bin/config.sh + +rootCheck + +# Save the buildtime +date +%s > /opt/docker/BUILDTIME + +# Make all scripts executable +find /opt/docker/bin/ -type f -iname '*.sh' -print0 | xargs --no-run-if-empty -0 chmod +x + + +case "$BOOTSTRAP_MODE" in + ################################### + # When container will be build next time + ################################### + "onbuild") + # Init and run bootstrap system + runProvisionOnBuild + ;; + + ################################### + # When container is build this time + ################################### + "bootstrap") + # Init and run bootstrap system + runProvisionBootstrap + runProvisionBuild + ;; + + *) + echo "[ERROR] Bootstrap mode '$BOOTSTRAP_MODE' not defined" + exit 1 + ;; + +esac + diff --git a/docker/base/alpine-3/conf/bin/config.sh b/docker/base/alpine-3/conf/bin/config.sh new file mode 100644 index 000000000..b45829dc2 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/config.sh @@ -0,0 +1,228 @@ +#!/usr/bin/env bash + +shopt -s nullglob + +PROVISION_REGISTRY_PATH="/opt/docker/etc/.registry" +PROVISION_REGISTRY_PATH="/opt/docker/etc/.registry" + +### + # Check if current user is root + # + ## +function rootCheck() { + # Root check + if [ "$(/usr/bin/whoami)" != "root" ]; then + echo "[ERROR] Must be run as root" + exit 1 + fi +} + +### + # Create named pipe + # + # $1 -> name of file + # + ## +function createNamedPipe() { + rm --force -- "$1" + mknod "$1" p +} + +### + # Escape value for sed usage + # + # $1 -> value + # STDOUT -> escaped value + # + ## +function sedEscape() { + echo "$(echo $* |sed -e 's/[]\/$*.^|[]/\\&/g')" +} + +### + # Replace text inside a file + # + # $1 -> source value + # $2 -> target value + # $3 -> path to file + # + ## +function replaceTextInFile() { + SOURCE="$(sedEscape $1)" + REPLACE="$(sedEscape $2)" + TARGET="$3" + + sed -i "s/${SOURCE}/${REPLACE}/" "${TARGET}" +} + +### + # Run "entrypoint" scripts + ## +function runEntrypoints() { + ############### + # Try to find entrypoint + ############### + + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" + + if [ -f "$ENTRYPOINT_SCRIPT" ]; then + . "$ENTRYPOINT_SCRIPT" + fi + + ############### + # Run default + ############### + if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then + . /opt/docker/bin/entrypoint.d/default.sh + fi + + exit +} + +### + # Run "bootstrap" provisioning + ## +function runProvisionBootstrap() { + for FILE in /opt/docker/provision/bootstrap.d/*.sh; do + # run custom scripts, only once + . "$FILE" + rm -f -- "$FILE" + done + + runDockerProvision bootstrap + + ## Reset bootstrap provision list (prevent re-run) + rm -f ${PROVISION_REGISTRY_PATH}/provision.*.bootstrap +} + +### + # Run "build" provisioning + ## +function runProvisionBuild() { + for FILE in /opt/docker/provision/build.d/*.sh; do + # run custom scripts, only once + . "$FILE" + rm -f -- "$FILE" + done + + runDockerProvision build +} + +### + # Run "onbuild" provisioning + ## +function runProvisionOnBuild() { + for FILE in /opt/docker/provision/onbuild.d/*.sh; do + # run custom scripts + . "$FILE" + done + + runDockerProvision onbuild +} + +### + # Run "entrypoint" provisioning + ## +function runProvisionEntrypoint() { + for FILE in /opt/docker/provision/entrypoint.d/*.sh; do + # run custom scripts + . "$FILE" + done + + runDockerProvision entrypoint +} + +### + # Add role to provision registry + # + # $1 -> registry type (bootstrap, onbuild, entrypoint...) + # $2 -> role + # + ## +function provisionRoleAdd() { + PROVISION_FILE="${PROVISION_REGISTRY_PATH}/$1" + PROVISION_ROLE="$2" + + mkdir -p -- "${PROVISION_REGISTRY_PATH}" + touch -- "${PROVISION_FILE}" + + echo "${PROVISION_ROLE}" >> "${PROVISION_FILE}" +} + +### + # Build list of roles for this registry provision type (playbook building) + # + # $1 -> registry type (bootstrap, onbuild, entrypoint...) + # + ## +function buildProvisionRoleList() { + PROVISION_FILE="${PROVISION_REGISTRY_PATH}/$1" + + if [ -s "${PROVISION_FILE}" ]; then + # Add registered roles + for ROLE in $(cat "$PROVISION_FILE"); do + echo " - { role: \"$ROLE\" }" + done + fi +} + +### + # Run docker provisioning with dyniamic playbook generation + # + # $1 -> playbook tag (bootstrap, onbuild, entrypoint) + # + ## +function runDockerProvision() { + ANSIBLE_PLAYBOOK="/opt/docker/provision/playbook.yml" + ANSIBLE_TAG="$1" + ANSIBLE_DYNAMIC_PLAYBOOK=0 + + + ## Create dynamic ansible playbook file + if [ ! -f "$ANSIBLE_PLAYBOOK" ]; then + TMP_PLAYBOOK=$(mktemp /tmp/docker.build.XXXXXXXXXX) + TMP_PLAYBOOK_ROLES=$(mktemp /tmp/docker.build.XXXXXXXXXX) + + ## Create dynamic playbook file + echo "--- + +- hosts: all + vars_files: + - "./variables.yml" + roles: +" > "$TMP_PLAYBOOK" + + ROLES_FILE=$(mktemp /tmp/docker.build.XXXXXXXXXX) + + buildProvisionRoleList "provision.startup.${ANSIBLE_TAG}" >> "$TMP_PLAYBOOK_ROLES" + buildProvisionRoleList "provision.main.${ANSIBLE_TAG}" >> "$TMP_PLAYBOOK_ROLES" + buildProvisionRoleList "provision.finish.${ANSIBLE_TAG}" >> "$TMP_PLAYBOOK_ROLES" + + # check if there is at last one role + if [ -s "$TMP_PLAYBOOK_ROLES" ]; then + cat "$TMP_PLAYBOOK" "$TMP_PLAYBOOK_ROLES" > $ANSIBLE_PLAYBOOK + ANSIBLE_DYNAMIC_PLAYBOOK=1 + fi + + rm -f -- "$TMP_PLAYBOOK" "$TMP_PLAYBOOK_ROLES" + fi + + # Only run playbook if there is one + if [ -s "${ANSIBLE_PLAYBOOK}" ]; then + bash /opt/docker/bin/provision.sh "${ANSIBLE_PLAYBOOK}" "${ANSIBLE_TAG}" + + # Remove dynamic playbook file + if [ "${ANSIBLE_DYNAMIC_PLAYBOOK}" -eq 1 ]; then + rm -f "${ANSIBLE_PLAYBOOK}" + fi + fi +} + +### + # Startup supervisord + # + ## +function startSupervisord() { + cd / + exec /opt/docker/bin/service.d/supervisor.sh +} diff --git a/docker/base/alpine-3/conf/bin/control.sh b/docker/base/alpine-3/conf/bin/control.sh new file mode 100644 index 000000000..a6bda9096 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/control.sh @@ -0,0 +1,164 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +source /opt/docker/bin/config.sh + +rootCheck + +CONTROL_COMMAND="$1" +shift + +case "$CONTROL_COMMAND" in + + ## ------------------------------------------ + ## PROVISION + ## ------------------------------------------ + + ## main roles + "provision.role") + provisionRoleAdd "provision.main.bootstrap" "$1" + provisionRoleAdd "provision.main.build" "$1" + provisionRoleAdd "provision.main.onbuild" "$1" + provisionRoleAdd "provision.main.entrypoint" "$1" + ;; + + "provision.role.bootstrap") + provisionRoleAdd "provision.main.bootstrap" "$1" + ;; + + "provision.role.build") + provisionRoleAdd "provision.main.build" "$1" + ;; + + "provision.role.onbuild") + provisionRoleAdd "provision.main.onbuild" "$1" + ;; + + "provision.role.entrypoint") + provisionRoleAdd "provision.main.entrypoint" "$1" + ;; + + ## startup roles + "provision.role.startup") + provisionRoleAdd "provision.startup.bootstrap" "$1" + provisionRoleAdd "provision.startup.build" "$1" + provisionRoleAdd "provision.startup.onbuild" "$1" + provisionRoleAdd "provision.startup.entrypoint" "$1" + ;; + + "provision.role.startup.bootstrap") + provisionRoleAdd "provision.startup.bootstrap" "$1" + ;; + + "provision.role.startup.build") + provisionRoleAdd "provision.startup.build" "$1" + ;; + + "provision.role.startup.onbuild") + provisionRoleAdd "provision.startup.onbuild" "$1" + ;; + + "provision.role.startup.entrypoint") + provisionRoleAdd "provision.startup.entrypoint" "$1" + ;; + + ## startup roles + "provision.role.finish") + provisionRoleAdd "provision.finish.bootstrap" "$1" + provisionRoleAdd "provision.finish.build" "$1" + provisionRoleAdd "provision.finish.onbuild" "$1" + provisionRoleAdd "provision.finish.entrypoint" "$1" + ;; + + "provision.role.finish.bootstrap") + provisionRoleAdd "provision.finish.bootstrap" "$1" + ;; + + "provision.role.finish.build") + provisionRoleAdd "provision.finish.build" "$1" + ;; + + "provision.role.finish.onbuild") + provisionRoleAdd "provision.finish.onbuild" "$1" + ;; + + "provision.role.finish.entrypoint") + provisionRoleAdd "provision.finish.entrypoint" "$1" + ;; + + ## ------------------------------------------ + ## Service + ## ------------------------------------------ + + "service.enable") + SERVICE_FILE="/opt/docker/etc/supervisor.d/$1.conf" + if [ -f "$SERVICE_FILE" ]; then + sed -i '/autostart = /c\autostart = true' -- "$SERVICE_FILE" + else + echo "[ERROR] Service '${1}' not found (tried ${SERVICE_FILE})" + exit 1 + fi + ;; + + "service.disable") + SERVICE_FILE="/opt/docker/etc/supervisor.d/$1.conf" + if [ -f "$SERVICE_FILE" ]; then + sed -i '/autostart = /c\autostart = false' -- "$SERVICE_FILE" + else + echo "[ERROR] Service '${1}' not found (tried ${SERVICE_FILE})" + exit 1 + fi + ;; + + ## ------------------------------------------ + ## Version + ## ------------------------------------------ + + "version.get") + cat /opt/docker/VERSION + ;; + + "version.require.min") + EXPECTED_VERSION="$1" + CURRENT_VERSION="$(cat /opt/docker/VERSION)" + if [ "$CURRENT_VERSION" -lt "$EXPECTED_VERSION" ]; then + echo "-----------------------------------------------------------" + echo "--- This docker image is not up2date!" + echo "--- " + echo "--- Version expected min: $EXPECTED_VERSION" + echo "--- Version current: $CURRENT_VERSION" + echo "--- " + echo "--- Run 'docker pull ' to update image" + echo "-----------------------------------------------------------" + exit 1 + fi + ;; + + "version.require.max") + EXPECTED_VERSION="$1" + CURRENT_VERSION="$(cat /opt/docker/VERSION)" + if [ "$CURRENT_VERSION" -gt "$EXPECTED_VERSION" ]; then + echo "-----------------------------------------------------------" + echo "--- This docker image is too new!" + echo "--- " + echo "--- Version expected max: $EXPECTED_VERSION" + echo "--- Version current: $CURRENT_VERSION" + echo "-----------------------------------------------------------" + exit 1 + fi + ;; + + + "buildtime.get") + cat /opt/docker/BUILDTIME + ;; + + *) + echo "[ERROR] Invalid controll command: \"${CONTROL_COMMAND}\"" + exit 1 + ;; +esac diff --git a/docker/base/alpine-3/conf/bin/entrypoint.d/cli.sh b/docker/base/alpine-3/conf/bin/entrypoint.d/cli.sh new file mode 100644 index 000000000..2ca68926c --- /dev/null +++ b/docker/base/alpine-3/conf/bin/entrypoint.d/cli.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +############################################# +## Run CLI_SCRIPT from environment variable +############################################# + +if [ -n "${CLI_SCRIPT}" ]; then + if [ -n "$APPLICATION_USER" ]; then + # Run as EFFECTIVE_USER + shift + exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + else + # Run as root + exec ${CLI_SCRIPT} "$@" + fi +else + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" + exit 1 +fi diff --git a/docker/base/alpine-3/conf/bin/entrypoint.d/default.sh b/docker/base/alpine-3/conf/bin/entrypoint.d/default.sh new file mode 100644 index 000000000..a1be715fe --- /dev/null +++ b/docker/base/alpine-3/conf/bin/entrypoint.d/default.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec "$@" diff --git a/docker/base/alpine-3/conf/bin/entrypoint.d/noop.sh b/docker/base/alpine-3/conf/bin/entrypoint.d/noop.sh new file mode 100644 index 000000000..fac67d34b --- /dev/null +++ b/docker/base/alpine-3/conf/bin/entrypoint.d/noop.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +############################################# +## NOOP (no operation) +############################################# + +while true; do + sleep 1 +done +exit diff --git a/docker/base/alpine-3/conf/bin/entrypoint.d/root.sh b/docker/base/alpine-3/conf/bin/entrypoint.d/root.sh new file mode 100644 index 000000000..6fa0d063e --- /dev/null +++ b/docker/base/alpine-3/conf/bin/entrypoint.d/root.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +############################################# +## Root shell +############################################# + +if [ "$#" -eq 1 ]; then + ## No command, fall back to interactive shell + exec bash +else + ## Exec root command + shift + exec "$@" +fi diff --git a/docker/base/alpine-3/conf/bin/entrypoint.d/supervisord.sh b/docker/base/alpine-3/conf/bin/entrypoint.d/supervisord.sh new file mode 100644 index 000000000..563e9380a --- /dev/null +++ b/docker/base/alpine-3/conf/bin/entrypoint.d/supervisord.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +############################################# +## Supervisord (start daemons) +############################################# + +## Start services +startSupervisord + diff --git a/docker/base/alpine-3/conf/bin/entrypoint.sh b/docker/base/alpine-3/conf/bin/entrypoint.sh new file mode 100644 index 000000000..63296b8d2 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/entrypoint.sh @@ -0,0 +1,30 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +trap 'echo sigterm ; exit' SIGTERM +trap 'echo sigkill ; exit' SIGKILL + +# sanitize input and set task +TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" + +source /opt/docker/bin/config.sh + +rootCheck + +if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then + # Visible provisioning + runProvisionEntrypoint +else + # Hidden provisioning + runProvisionEntrypoint > /dev/null +fi + +############################# +## COMMAND +############################# + +runEntrypoints "$@" diff --git a/docker/base/alpine-3/conf/bin/logwatch.sh b/docker/base/alpine-3/conf/bin/logwatch.sh new file mode 100644 index 000000000..1a5b486c7 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/logwatch.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +sleep 0.5 + +if [ -p "$2" ]; then + sed --unbuffered -e "s/^/\[$1\] /" -- "$2" +else + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" +fi diff --git a/docker/base/alpine-3/conf/bin/provision.sh b/docker/base/alpine-3/conf/bin/provision.sh new file mode 100644 index 000000000..0d700406e --- /dev/null +++ b/docker/base/alpine-3/conf/bin/provision.sh @@ -0,0 +1,29 @@ +#!/usr/bin/env bash + +# +# Example: +# provision.sh /opt/foobar/playbook.yml tag +# +# + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +export PYTHONUNBUFFERED=1 + + +if [ "$#" -lt 2 ]; then + echo "[ERROR] $0: Playbook or tag is missing" + exit 1 +fi + +ANSIBLE_PLAYBOOK="$1" +shift +ANSIBLE_TAG="$1" +shift +ANSIBLE_OPTS="$@" + +# run ansible +exec ansible-playbook "${ANSIBLE_PLAYBOOK}" -i 'localhost,' --connection=local --tags="${ANSIBLE_TAG}" $ANSIBLE_OPTS diff --git a/docker/base/alpine-3/conf/bin/service.d/dnsmasq.sh b/docker/base/alpine-3/conf/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..055b46289 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/service.d/dnsmasq.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/docker/base/alpine-3/conf/bin/service.d/postfix.sh b/docker/base/alpine-3/conf/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/docker/base/alpine-3/conf/bin/service.d/supervisor.sh b/docker/base/alpine-3/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/alpine-3/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/alpine-3/conf/bin/service.d/syslog-ng.sh b/docker/base/alpine-3/conf/bin/service.d/syslog-ng.sh new file mode 100644 index 000000000..9a3351c64 --- /dev/null +++ b/docker/base/alpine-3/conf/bin/service.d/syslog-ng.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash +set -e + +# If /dev/log is either a named pipe or it was placed there accidentally, +# e.g. because of the issue documented at https://github.com/phusion/baseimage-docker/pull/25, +# then we remove it. +if [ ! -S /dev/log ]; then rm -f /dev/log; fi +if [ ! -S /var/lib/syslog-ng/syslog-ng.ctl ]; then rm -f /var/lib/syslog-ng/syslog-ng.ctl; fi + +SYSLOGNG_OPTS="" + +[ -r /etc/default/syslog-ng ] && . /etc/default/syslog-ng + +case "x$CONSOLE_LOG_LEVEL" in + x[1-8]) + dmesg -n $CONSOLE_LOG_LEVEL + ;; + x) + ;; + *) + echo "CONSOLE_LOG_LEVEL is of unaccepted value." + ;; +esac + +if [ ! -e /dev/xconsole ] +then + mknod -m 640 /dev/xconsole p + chown root:adm /dev/xconsole + [ -x /sbin/restorecon ] && /sbin/restorecon $XCONSOLE +fi + +exec syslog-ng -F -p /var/run/syslog-ng.pid $SYSLOGNG_OPTS \ No newline at end of file diff --git a/docker/base/alpine-3/conf/etc/logrotate.d/syslog-ng b/docker/base/alpine-3/conf/etc/logrotate.d/syslog-ng new file mode 100644 index 000000000..4a6f9c54e --- /dev/null +++ b/docker/base/alpine-3/conf/etc/logrotate.d/syslog-ng @@ -0,0 +1,38 @@ +/var/log/syslog +{ + rotate 7 + daily + missingok + notifempty + delaycompress + compress + postrotate + /bin/kill -HUP `cat /var/run/syslog-ng.pid 2> /dev/null` > /dev/null + endscript +} + +/var/log/mail.info +/var/log/mail.warn +/var/log/mail.err +/var/log/mail.log +/var/log/daemon.log +/var/log/kern.log +/var/log/auth.log +/var/log/user.log +/var/log/lpr.log +/var/log/cron.log +/var/log/debug +/var/log/messages +{ + rotate 4 + weekly + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + /bin/kill -HUP `cat /var/run/syslog-ng.pid 2> /dev/null` > /dev/null + supervisorctl restart syslog-ng-stdout > /dev/null + endscript +} \ No newline at end of file diff --git a/docker/base/alpine-3/conf/etc/supervisor.conf b/docker/base/alpine-3/conf/etc/supervisor.conf new file mode 100644 index 000000000..14a6223fc --- /dev/null +++ b/docker/base/alpine-3/conf/etc/supervisor.conf @@ -0,0 +1,11 @@ +[supervisord] +nodaemon=true + +[unix_http_server] +file = /run/supervisord.sock + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[include] +files = /opt/docker/etc/supervisor.d/*.conf diff --git a/docker/base/alpine-3/conf/etc/supervisor.d/.gitkeep b/docker/base/alpine-3/conf/etc/supervisor.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base/alpine-3/conf/etc/supervisor.d/cron.conf b/docker/base/alpine-3/conf/etc/supervisor.d/cron.conf new file mode 100644 index 000000000..fc95b8d0a --- /dev/null +++ b/docker/base/alpine-3/conf/etc/supervisor.d/cron.conf @@ -0,0 +1,14 @@ +[group:cron] +programs=crond +priority=30 + +[program:crond] +command = /usr/sbin/crond -f +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base/alpine-3/conf/etc/supervisor.d/ssh.conf b/docker/base/alpine-3/conf/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/docker/base/alpine-3/conf/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base/alpine-3/conf/etc/supervisor.d/syslog-ng.conf b/docker/base/alpine-3/conf/etc/supervisor.d/syslog-ng.conf new file mode 100644 index 000000000..014fee132 --- /dev/null +++ b/docker/base/alpine-3/conf/etc/supervisor.d/syslog-ng.conf @@ -0,0 +1,23 @@ +[group:syslog] +programs=syslogd +priority=10 + +[program:syslogd] +command = bash /opt/docker/bin/service.d/syslog-ng.sh +process_name=%(program_name)s +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:syslog-log] +command = bash /opt/docker/bin/logwatch.sh syslog /var/log/syslog +process_name=%(program_name)s +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/base/alpine-3/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/alpine-3/conf/etc/syslog-ng/syslog-ng.conf new file mode 100644 index 000000000..0f1638471 --- /dev/null +++ b/docker/base/alpine-3/conf/etc/syslog-ng/syslog-ng.conf @@ -0,0 +1,146 @@ +@version: 3.7 + +# Syslog-ng configuration file, compatible with default Debian syslogd +# installation. + +# First, set some global options. +options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); + owner("root"); group("adm"); perm(0640); stats_freq(0); + bad_hostname("^gconfd$"); +}; + +######################## +# Sources +######################## +# This is the default behavior of sysklogd package +# Logs may come from unix stream, but not from another machine. +# +source s_src { + unix-stream("/dev/log"); + internal(); +}; + +# If you wish to get logs from remote machine you should uncomment +# this and comment the above source line. +# +#source s_net { tcp(ip(127.0.0.1) port(1000)); }; + +######################## +# Destinations +######################## +# First some standard logfile +# +destination d_auth { file("/var/log/auth.log"); }; +destination d_cron { file("/var/log/cron.log"); }; +destination d_daemon { file("/var/log/daemon.log"); }; +destination d_kern { file("/var/log/kern.log"); }; +destination d_lpr { file("/var/log/lpr.log"); }; +destination d_mail { file("/var/log/mail.log"); }; +destination d_syslog { file("/var/log/syslog"); }; +destination d_user { file("/var/log/user.log"); }; +destination d_uucp { file("/var/log/uucp.log"); }; + +# This files are the log come from the mail subsystem. +# +destination d_mailinfo { file("/var/log/mail.info"); }; +destination d_mailwarn { file("/var/log/mail.warn"); }; +destination d_mailerr { file("/var/log/mail.err"); }; + +# Logging for INN news system +# +destination d_newscrit { file("/var/log/news/news.crit"); }; +destination d_newserr { file("/var/log/news/news.err"); }; +destination d_newsnotice { file("/var/log/news/news.notice"); }; + +# Some 'catch-all' logfiles. +# +destination d_debug { file("/var/log/debug"); }; +destination d_error { file("/var/log/error"); }; +destination d_messages { file("/var/log/messages"); }; + +# The named pipe /dev/xconsole is for the nsole' utility. To use it, +# you must invoke nsole' with the -file' option: +# +# $ xconsole -file /dev/xconsole [...] +# +destination d_xconsole { pipe("/dev/xconsole"); }; + +# Send the messages to an other host +# +#destination d_net { tcp("127.0.0.1" port(1000) log_fifo_size(1000)); }; + +# Debian only +destination d_ppp { file("/var/log/ppp.log"); }; + +######################## +# Filters +######################## +# Here's come the filter options. With this rules, we can set which +# message go where. + +filter f_dbg { level(debug); }; +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_err { level(err); }; +filter f_crit { level(crit .. emerg); }; + +filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; +filter f_error { level(err .. emerg) ; }; +filter f_messages { level(info,notice,warn) and + not facility(auth,authpriv,cron,daemon,mail,news); }; + +filter f_auth { facility(auth, authpriv) and not filter(f_debug); }; +filter f_cron { facility(cron) and not filter(f_debug); }; +filter f_daemon { facility(daemon) and not filter(f_debug); }; +filter f_kern { facility(kern) and not filter(f_debug); }; +filter f_lpr { facility(lpr) and not filter(f_debug); }; +filter f_local { facility(local0, local1, local3, local4, local5, + local6, local7) and not filter(f_debug); }; +filter f_mail { facility(mail) and not filter(f_debug); }; +filter f_news { facility(news) and not filter(f_debug); }; +filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; +filter f_user { facility(user) and not filter(f_debug); }; +filter f_uucp { facility(uucp) and not filter(f_debug); }; + +filter f_cnews { level(notice, err, crit) and facility(news); }; +filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; + +filter f_ppp { facility(local2) and not filter(f_debug); }; +filter f_console { level(warn .. emerg); }; + +######################## +# Log paths +######################## +log { source(s_src); filter(f_auth); destination(d_auth); }; +log { source(s_src); filter(f_cron); destination(d_cron); }; +log { source(s_src); filter(f_daemon); destination(d_daemon); }; +log { source(s_src); filter(f_kern); destination(d_kern); }; +log { source(s_src); filter(f_lpr); destination(d_lpr); }; +log { source(s_src); filter(f_syslog3); destination(d_syslog); }; +log { source(s_src); filter(f_user); destination(d_user); }; +log { source(s_src); filter(f_uucp); destination(d_uucp); }; + +log { source(s_src); filter(f_mail); destination(d_mail); }; +#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; +#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; +#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; + +log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); }; +log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); }; +log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); }; + +#log { source(s_src); filter(f_ppp); destination(d_ppp); }; + +log { source(s_src); filter(f_debug); destination(d_debug); }; +log { source(s_src); filter(f_error); destination(d_error); }; +log { source(s_src); filter(f_messages); destination(d_messages); }; + +# All messages send to a remote site +# +#log { source(s_src); destination(d_net); }; + +### +# Include all config files in /etc/syslog-ng/conf.d/ +### +#@include "/etc/syslog-ng/conf.d/*.conf" diff --git a/docker/base/alpine-3/conf/provision/ansible.cfg b/docker/base/alpine-3/conf/provision/ansible.cfg new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base/alpine-3/conf/provision/bootstrap.d/.gitkeep b/docker/base/alpine-3/conf/provision/bootstrap.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base/alpine-3/conf/provision/build.d/.gitkeep b/docker/base/alpine-3/conf/provision/build.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base/alpine-3/conf/provision/entrypoint.d/.gitkeep b/docker/base/alpine-3/conf/provision/entrypoint.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base/alpine-3/conf/provision/entrypoint.d/05-permissions.sh b/docker/base/alpine-3/conf/provision/entrypoint.d/05-permissions.sh new file mode 100644 index 000000000..6f77d8e40 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/entrypoint.d/05-permissions.sh @@ -0,0 +1,2 @@ +# Fix rights of /tmp (can be a volume) +chmod 1777 /tmp diff --git a/docker/base/alpine-3/conf/provision/onbuild.d/.gitkeep b/docker/base/alpine-3/conf/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/defaults/main.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/defaults/main.yml new file mode 100644 index 000000000..81f5b7efd --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/defaults/main.yml @@ -0,0 +1,6 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap.yml new file mode 100644 index 000000000..297ec7128 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/misc.yml +- include: bootstrap/supervisor.yml +- include: bootstrap/syslog-ng.yml +- include: bootstrap/logrotate.yml diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/logrotate.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/logrotate.yml new file mode 100644 index 000000000..70593afb7 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/logrotate.yml @@ -0,0 +1,16 @@ +--- + +- name: Configure logrotate running user + lineinfile: + dest: /etc/logrotate.conf + regexp: '^su [-_a-zA-Z0-9]+ [-_a-zA-Z0-9]+' + line: 'su root adm' + +- name: Register logrotate configurations + file: + src: '{{ item }}' + dest: '/etc/logrotate.d/{{ item | basename }}' + state: link + force: yes + with_fileglob: + - /opt/docker/etc/logrotate.d/* diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/misc.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/misc.yml new file mode 100644 index 000000000..4eed695b1 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/misc.yml @@ -0,0 +1,8 @@ +--- + +- file: + path: "/var/log/wtmp" + state: touch + mode: 0664 + owner: "root" + group: "root" diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/supervisor.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/supervisor.yml new file mode 100644 index 000000000..bda0394b6 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/supervisor.yml @@ -0,0 +1,6 @@ +--- + +- name: Remove /usr/sbin/service + file: + path: '/usr/sbin/service' + state: absent diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/syslog-ng.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/syslog-ng.yml new file mode 100644 index 000000000..c6746f273 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/bootstrap/syslog-ng.yml @@ -0,0 +1,23 @@ +--- + +- name: Configure syslog-ng (default) + lineinfile: + dest: /etc/default/syslog-ng + regexp: '^[\s]*{{ item.key }}[\s]*=' + line: '{{ item.key }}="{{ item.value }}"' + create: yes + with_items: + - { key: 'SYSLOGNG_OPTS', value: '--no-caps' } + +- name: Enable syslog-n config + file: + src: '/opt/docker/etc/syslog-ng/syslog-ng.conf' + dest: '/etc/syslog-ng/syslog-ng.conf' + state: link + force: yes + +- name: Ensure /var/lib/syslog-ng exists + file: + path: '/var/lib/syslog-ng' + state: directory + recurse: yes diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/build.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/build.yml new file mode 100644 index 000000000..8a56f9ba9 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/build.yml @@ -0,0 +1,3 @@ +--- + +- include: bootstrap/logrotate.yml diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/build/logrotate.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/build/logrotate.yml new file mode 100644 index 000000000..10f7e6644 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/build/logrotate.yml @@ -0,0 +1,10 @@ +--- + +- name: Register logrotate configurations + file: + src: '{{ item }}' + dest: '/etc/logrotate.d/{{ item | basename }}' + state: link + force: yes + with_fileglob: + - /opt/docker/etc/logrotate.d/* diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/entrypoint.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/entrypoint.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/entrypoint.yml @@ -0,0 +1 @@ +--- diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/entrypoint/.gitkeep b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/entrypoint/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/main.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/main.yml new file mode 100644 index 000000000..66fb2e38b --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-base/tasks/main.yml @@ -0,0 +1,13 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap + +- include: build.yml + tags: + - build + +- include: entrypoint.yml + tags: + - entrypoint diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-cleanup/tasks/cleanup.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-cleanup/tasks/cleanup.yml new file mode 100644 index 000000000..ddd0abbc4 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-cleanup/tasks/cleanup.yml @@ -0,0 +1,16 @@ +--- + +- name: Filesystem cleanup [Debian family] + file: + path: "{{ item }}" + state: absent + with_fileglob: + - /var/cache/apt/archives/*.deb + - /var/cache/apt/archives/partial/* + - /var/cache/debconf/*-old + - /var/lib/apt/lists/* + when: ansible_os_family == "Debian" + +- name: Yum cleanup [RedHat family] + command: yum clean all + when: ansible_os_family == "RedHat" diff --git a/docker/base/alpine-3/conf/provision/roles/webdevops-cleanup/tasks/main.yml b/docker/base/alpine-3/conf/provision/roles/webdevops-cleanup/tasks/main.yml new file mode 100644 index 000000000..951b7fc67 --- /dev/null +++ b/docker/base/alpine-3/conf/provision/roles/webdevops-cleanup/tasks/main.yml @@ -0,0 +1,6 @@ +--- + +- include: cleanup.yml + tags: + - bootstrap + - onbuild diff --git a/docker/base/alpine-3/conf/provision/variables.yml b/docker/base/alpine-3/conf/provision/variables.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/docker/base/alpine-3/conf/provision/variables.yml @@ -0,0 +1 @@ +--- diff --git a/docker/base/centos-7/Dockerfile b/docker/base/centos-7/Dockerfile index cf90f1f64..397451ced 100644 --- a/docker/base/centos-7/Dockerfile +++ b/docker/base/centos-7/Dockerfile @@ -5,44 +5,20 @@ FROM webdevops/bootstrap:centos-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ # Install services RUN /usr/local/bin/yum-install \ - cronie \ - supervisor \ - syslog-ng \ - logrotate \ - openssh-server \ - mysql \ - sqlite \ - dnsmasq \ - postfix - -# Install tools -RUN /usr/local/bin/yum-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - bind-utils \ - rsync \ - git \ - pygpgme \ - nano \ - vim + cronie \ + supervisor \ + syslog-ng \ + logrotate \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/centos-7/conf/VERSION b/docker/base/centos-7/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/centos-7/conf/VERSION +++ b/docker/base/centos-7/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/centos-7/conf/bin/config.sh b/docker/base/centos-7/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/centos-7/conf/bin/config.sh +++ b/docker/base/centos-7/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh b/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/centos-7/conf/bin/entrypoint.d/default.sh b/docker/base/centos-7/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/centos-7/conf/bin/entrypoint.d/default.sh +++ b/docker/base/centos-7/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/centos-7/conf/bin/logwatch.sh b/docker/base/centos-7/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/centos-7/conf/bin/logwatch.sh +++ b/docker/base/centos-7/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/centos-7/conf/bin/service.d/dnsmasq.sh b/docker/base/centos-7/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/centos-7/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/centos-7/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/centos-7/conf/bin/service.d/supervisor.sh b/docker/base/centos-7/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/centos-7/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/centos-7/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/centos-7/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/centos-7/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/centos-7/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/centos-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/debian-7/Dockerfile b/docker/base/debian-7/Dockerfile index 1a19d3e2e..4053dffe5 100644 --- a/docker/base/debian-7/Dockerfile +++ b/docker/base/debian-7/Dockerfile @@ -5,45 +5,21 @@ FROM webdevops/bootstrap:debian-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ -# Install services -RUN sed -ri 's/(deb.*\/debian wheezy main)/\1 contrib non-free /' -- /etc/apt/sources.list \ - && /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix - -# Install common tools +# Install packages RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/debian-7/conf/VERSION b/docker/base/debian-7/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/debian-7/conf/VERSION +++ b/docker/base/debian-7/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/debian-7/conf/bin/config.sh b/docker/base/debian-7/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/debian-7/conf/bin/config.sh +++ b/docker/base/debian-7/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh b/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/debian-7/conf/bin/entrypoint.d/default.sh b/docker/base/debian-7/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/debian-7/conf/bin/entrypoint.d/default.sh +++ b/docker/base/debian-7/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/debian-7/conf/bin/logwatch.sh b/docker/base/debian-7/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/debian-7/conf/bin/logwatch.sh +++ b/docker/base/debian-7/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/debian-7/conf/bin/service.d/dnsmasq.sh b/docker/base/debian-7/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/debian-7/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/debian-7/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/debian-7/conf/bin/service.d/supervisor.sh b/docker/base/debian-7/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/debian-7/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/debian-7/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/debian-7/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/debian-7/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/debian-7/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/debian-7/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/debian-8/Dockerfile b/docker/base/debian-8/Dockerfile index ade8cd302..4a07e6512 100644 --- a/docker/base/debian-8/Dockerfile +++ b/docker/base/debian-8/Dockerfile @@ -5,45 +5,22 @@ FROM webdevops/bootstrap:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ -# Install services -RUN sed -ri 's/(deb.*\/debian jessie main)/\1 contrib non-free /' -- /etc/apt/sources.list \ - && /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix - -# Install common tools +# Install packages RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools + # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/debian-8/conf/VERSION b/docker/base/debian-8/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/debian-8/conf/VERSION +++ b/docker/base/debian-8/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/debian-8/conf/bin/config.sh b/docker/base/debian-8/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/debian-8/conf/bin/config.sh +++ b/docker/base/debian-8/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh b/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/debian-8/conf/bin/entrypoint.d/default.sh b/docker/base/debian-8/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/debian-8/conf/bin/entrypoint.d/default.sh +++ b/docker/base/debian-8/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/debian-8/conf/bin/logwatch.sh b/docker/base/debian-8/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/debian-8/conf/bin/logwatch.sh +++ b/docker/base/debian-8/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/debian-8/conf/bin/service.d/dnsmasq.sh b/docker/base/debian-8/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/debian-8/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/debian-8/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/debian-8/conf/bin/service.d/supervisor.sh b/docker/base/debian-8/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/debian-8/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/debian-8/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/debian-8/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/debian-8/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/debian-8/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/debian-8/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/debian-9/Dockerfile b/docker/base/debian-9/Dockerfile index 9b3d29061..5352fdc9c 100644 --- a/docker/base/debian-9/Dockerfile +++ b/docker/base/debian-9/Dockerfile @@ -5,45 +5,21 @@ FROM webdevops/bootstrap:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ -# Install services -RUN sed -ri 's/(deb.*\/debian stretch main)/\1 contrib non-free /' -- /etc/apt/sources.list \ - && /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix - -# Install common tools +# Install packages RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/debian-9/conf/VERSION b/docker/base/debian-9/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/debian-9/conf/VERSION +++ b/docker/base/debian-9/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/debian-9/conf/bin/config.sh b/docker/base/debian-9/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/debian-9/conf/bin/config.sh +++ b/docker/base/debian-9/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh b/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/debian-9/conf/bin/entrypoint.d/default.sh b/docker/base/debian-9/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/debian-9/conf/bin/entrypoint.d/default.sh +++ b/docker/base/debian-9/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/debian-9/conf/bin/logwatch.sh b/docker/base/debian-9/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/debian-9/conf/bin/logwatch.sh +++ b/docker/base/debian-9/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/debian-9/conf/bin/service.d/dnsmasq.sh b/docker/base/debian-9/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/debian-9/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/debian-9/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/debian-9/conf/bin/service.d/supervisor.sh b/docker/base/debian-9/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/debian-9/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/debian-9/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/debian-9/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/debian-9/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/debian-9/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/debian-9/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/ubuntu-12.04/Dockerfile b/docker/base/ubuntu-12.04/Dockerfile index e5f984f2f..8531baf41 100644 --- a/docker/base/ubuntu-12.04/Dockerfile +++ b/docker/base/ubuntu-12.04/Dockerfile @@ -5,45 +5,21 @@ FROM webdevops/bootstrap:ubuntu-12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ # Install services RUN /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix \ - && mkdir -p /var/lib/syslog-ng/ - -# Install common tools -RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/ubuntu-12.04/conf/VERSION b/docker/base/ubuntu-12.04/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/ubuntu-12.04/conf/VERSION +++ b/docker/base/ubuntu-12.04/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/ubuntu-12.04/conf/bin/config.sh b/docker/base/ubuntu-12.04/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/ubuntu-12.04/conf/bin/config.sh +++ b/docker/base/ubuntu-12.04/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/default.sh b/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/default.sh +++ b/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/ubuntu-12.04/conf/bin/logwatch.sh b/docker/base/ubuntu-12.04/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/ubuntu-12.04/conf/bin/logwatch.sh +++ b/docker/base/ubuntu-12.04/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/ubuntu-12.04/conf/bin/service.d/dnsmasq.sh b/docker/base/ubuntu-12.04/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/ubuntu-12.04/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/ubuntu-12.04/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/ubuntu-12.04/conf/bin/service.d/supervisor.sh b/docker/base/ubuntu-12.04/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/ubuntu-12.04/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/ubuntu-12.04/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/ubuntu-12.04/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/ubuntu-12.04/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/ubuntu-12.04/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml deleted file mode 100644 index fd58b329f..000000000 --- a/docker/base/ubuntu-12.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- - -- name: Create application group - group: - name: "{{ APPLICATION_GROUP }}" - gid: "{{ APPLICATION_GID }}" - -- name: Create application user - user: - name: "{{ APPLICATION_USER }}" - uid: "{{ APPLICATION_UID }}" - group: "{{ APPLICATION_GROUP }}" - shell: "/bin/bash" - home: "/home/{{ APPLICATION_USER }}" - -- name: Init home directory - file: - path: "/home/{{ APPLICATION_USER }}" - state: directory - mode: 0755 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - recurse: yes - -- name: Init bashrc - lineinfile: - dest: "/home/{{ APPLICATION_USER }}/.bashrc" - mode: 0770 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - create: yes - regexp: "export TERM=xterm" - line: "export TERM=xterm" - -- action: setup diff --git a/docker/base/ubuntu-14.04/Dockerfile b/docker/base/ubuntu-14.04/Dockerfile index 579a02570..51389d06c 100644 --- a/docker/base/ubuntu-14.04/Dockerfile +++ b/docker/base/ubuntu-14.04/Dockerfile @@ -5,44 +5,21 @@ FROM webdevops/bootstrap:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ # Install services RUN /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix - -# Install common tools -RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/ubuntu-14.04/conf/VERSION b/docker/base/ubuntu-14.04/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/ubuntu-14.04/conf/VERSION +++ b/docker/base/ubuntu-14.04/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/ubuntu-14.04/conf/bin/config.sh b/docker/base/ubuntu-14.04/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/ubuntu-14.04/conf/bin/config.sh +++ b/docker/base/ubuntu-14.04/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/default.sh b/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/default.sh +++ b/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/ubuntu-14.04/conf/bin/logwatch.sh b/docker/base/ubuntu-14.04/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/ubuntu-14.04/conf/bin/logwatch.sh +++ b/docker/base/ubuntu-14.04/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/ubuntu-14.04/conf/bin/service.d/dnsmasq.sh b/docker/base/ubuntu-14.04/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/ubuntu-14.04/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/ubuntu-14.04/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/ubuntu-14.04/conf/bin/service.d/supervisor.sh b/docker/base/ubuntu-14.04/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/ubuntu-14.04/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/ubuntu-14.04/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/ubuntu-14.04/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/ubuntu-14.04/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/ubuntu-14.04/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml deleted file mode 100644 index fd58b329f..000000000 --- a/docker/base/ubuntu-14.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- - -- name: Create application group - group: - name: "{{ APPLICATION_GROUP }}" - gid: "{{ APPLICATION_GID }}" - -- name: Create application user - user: - name: "{{ APPLICATION_USER }}" - uid: "{{ APPLICATION_UID }}" - group: "{{ APPLICATION_GROUP }}" - shell: "/bin/bash" - home: "/home/{{ APPLICATION_USER }}" - -- name: Init home directory - file: - path: "/home/{{ APPLICATION_USER }}" - state: directory - mode: 0755 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - recurse: yes - -- name: Init bashrc - lineinfile: - dest: "/home/{{ APPLICATION_USER }}/.bashrc" - mode: 0770 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - create: yes - regexp: "export TERM=xterm" - line: "export TERM=xterm" - -- action: setup diff --git a/docker/base/ubuntu-15.04/Dockerfile b/docker/base/ubuntu-15.04/Dockerfile index 92e9a110a..8677f9c2c 100644 --- a/docker/base/ubuntu-15.04/Dockerfile +++ b/docker/base/ubuntu-15.04/Dockerfile @@ -5,44 +5,21 @@ FROM webdevops/bootstrap:ubuntu-15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ # Install services RUN /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix - -# Install common tools -RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/ubuntu-15.04/conf/VERSION b/docker/base/ubuntu-15.04/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/ubuntu-15.04/conf/VERSION +++ b/docker/base/ubuntu-15.04/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/ubuntu-15.04/conf/bin/config.sh b/docker/base/ubuntu-15.04/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/ubuntu-15.04/conf/bin/config.sh +++ b/docker/base/ubuntu-15.04/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/default.sh b/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/default.sh +++ b/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/ubuntu-15.04/conf/bin/logwatch.sh b/docker/base/ubuntu-15.04/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/ubuntu-15.04/conf/bin/logwatch.sh +++ b/docker/base/ubuntu-15.04/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/ubuntu-15.04/conf/bin/service.d/dnsmasq.sh b/docker/base/ubuntu-15.04/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/ubuntu-15.04/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/ubuntu-15.04/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/ubuntu-15.04/conf/bin/service.d/supervisor.sh b/docker/base/ubuntu-15.04/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/ubuntu-15.04/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/ubuntu-15.04/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/ubuntu-15.04/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/ubuntu-15.04/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/ubuntu-15.04/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml deleted file mode 100644 index fd58b329f..000000000 --- a/docker/base/ubuntu-15.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- - -- name: Create application group - group: - name: "{{ APPLICATION_GROUP }}" - gid: "{{ APPLICATION_GID }}" - -- name: Create application user - user: - name: "{{ APPLICATION_USER }}" - uid: "{{ APPLICATION_UID }}" - group: "{{ APPLICATION_GROUP }}" - shell: "/bin/bash" - home: "/home/{{ APPLICATION_USER }}" - -- name: Init home directory - file: - path: "/home/{{ APPLICATION_USER }}" - state: directory - mode: 0755 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - recurse: yes - -- name: Init bashrc - lineinfile: - dest: "/home/{{ APPLICATION_USER }}/.bashrc" - mode: 0770 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - create: yes - regexp: "export TERM=xterm" - line: "export TERM=xterm" - -- action: setup diff --git a/docker/base/ubuntu-15.10/Dockerfile b/docker/base/ubuntu-15.10/Dockerfile index 0c7f31d45..518436b86 100644 --- a/docker/base/ubuntu-15.10/Dockerfile +++ b/docker/base/ubuntu-15.10/Dockerfile @@ -5,44 +5,21 @@ FROM webdevops/bootstrap:ubuntu-15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ # Install services RUN /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix - -# Install common tools -RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/ubuntu-15.10/conf/VERSION b/docker/base/ubuntu-15.10/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/ubuntu-15.10/conf/VERSION +++ b/docker/base/ubuntu-15.10/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/ubuntu-15.10/conf/bin/config.sh b/docker/base/ubuntu-15.10/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/ubuntu-15.10/conf/bin/config.sh +++ b/docker/base/ubuntu-15.10/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/default.sh b/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/default.sh +++ b/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/ubuntu-15.10/conf/bin/logwatch.sh b/docker/base/ubuntu-15.10/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/ubuntu-15.10/conf/bin/logwatch.sh +++ b/docker/base/ubuntu-15.10/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/ubuntu-15.10/conf/bin/service.d/dnsmasq.sh b/docker/base/ubuntu-15.10/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/ubuntu-15.10/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/ubuntu-15.10/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/ubuntu-15.10/conf/bin/service.d/supervisor.sh b/docker/base/ubuntu-15.10/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/ubuntu-15.10/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/ubuntu-15.10/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/ubuntu-15.10/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/ubuntu-15.10/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/ubuntu-15.10/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml deleted file mode 100644 index fd58b329f..000000000 --- a/docker/base/ubuntu-15.10/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- - -- name: Create application group - group: - name: "{{ APPLICATION_GROUP }}" - gid: "{{ APPLICATION_GID }}" - -- name: Create application user - user: - name: "{{ APPLICATION_USER }}" - uid: "{{ APPLICATION_UID }}" - group: "{{ APPLICATION_GROUP }}" - shell: "/bin/bash" - home: "/home/{{ APPLICATION_USER }}" - -- name: Init home directory - file: - path: "/home/{{ APPLICATION_USER }}" - state: directory - mode: 0755 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - recurse: yes - -- name: Init bashrc - lineinfile: - dest: "/home/{{ APPLICATION_USER }}/.bashrc" - mode: 0770 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - create: yes - regexp: "export TERM=xterm" - line: "export TERM=xterm" - -- action: setup diff --git a/docker/base/ubuntu-16.04/Dockerfile b/docker/base/ubuntu-16.04/Dockerfile index e78e63d71..2be7458d3 100644 --- a/docker/base/ubuntu-16.04/Dockerfile +++ b/docker/base/ubuntu-16.04/Dockerfile @@ -5,44 +5,21 @@ FROM webdevops/bootstrap:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 -ENV APPLICATION_USER application -ENV APPLICATION_GROUP application -ENV APPLICATION_UID 1000 -ENV APPLICATION_GID 1000 ENV DOCKER_CONF_HOME /opt/docker/ # Install services RUN /usr/local/bin/apt-install \ - supervisor \ - syslog-ng \ - syslog-ng-core \ - logrotate \ - openssh-server \ - mysql-client \ - sqlite \ - cron \ - dnsmasq \ - postfix - -# Install common tools -RUN /usr/local/bin/apt-install \ - sudo \ - zip \ - unzip \ - bzip2 \ - wget \ - curl \ - net-tools \ - moreutils \ - dnsutils \ - openssh-client \ - rsync \ - git \ - nano \ - vim + supervisor \ + syslog-ng \ + syslog-ng-core \ + logrotate \ + cron \ + wget \ + curl \ + net-tools # Deploy scripts/configurations COPY conf/ /opt/docker/ diff --git a/docker/base/ubuntu-16.04/conf/VERSION b/docker/base/ubuntu-16.04/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/base/ubuntu-16.04/conf/VERSION +++ b/docker/base/ubuntu-16.04/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/base/ubuntu-16.04/conf/bin/config.sh b/docker/base/ubuntu-16.04/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/base/ubuntu-16.04/conf/bin/config.sh +++ b/docker/base/ubuntu-16.04/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/default.sh b/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/default.sh +++ b/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/base/ubuntu-16.04/conf/bin/logwatch.sh b/docker/base/ubuntu-16.04/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/base/ubuntu-16.04/conf/bin/logwatch.sh +++ b/docker/base/ubuntu-16.04/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/base/ubuntu-16.04/conf/bin/service.d/dnsmasq.sh b/docker/base/ubuntu-16.04/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/base/ubuntu-16.04/conf/bin/service.d/dnsmasq.sh +++ b/docker/base/ubuntu-16.04/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/base/ubuntu-16.04/conf/bin/service.d/supervisor.sh b/docker/base/ubuntu-16.04/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/base/ubuntu-16.04/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/base/ubuntu-16.04/conf/etc/syslog-ng/syslog-ng.conf b/docker/base/ubuntu-16.04/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/base/ubuntu-16.04/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/base/ubuntu-16.04/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml deleted file mode 100644 index fd58b329f..000000000 --- a/docker/base/ubuntu-16.04/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- - -- name: Create application group - group: - name: "{{ APPLICATION_GROUP }}" - gid: "{{ APPLICATION_GID }}" - -- name: Create application user - user: - name: "{{ APPLICATION_USER }}" - uid: "{{ APPLICATION_UID }}" - group: "{{ APPLICATION_GROUP }}" - shell: "/bin/bash" - home: "/home/{{ APPLICATION_USER }}" - -- name: Init home directory - file: - path: "/home/{{ APPLICATION_USER }}" - state: directory - mode: 0755 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - recurse: yes - -- name: Init bashrc - lineinfile: - dest: "/home/{{ APPLICATION_USER }}/.bashrc" - mode: 0770 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - create: yes - regexp: "export TERM=xterm" - line: "export TERM=xterm" - -- action: setup diff --git a/docker/bootstrap/alpine-3/Dockerfile b/docker/bootstrap/alpine-3/Dockerfile new file mode 100644 index 000000000..1cb141e47 --- /dev/null +++ b/docker/bootstrap/alpine-3/Dockerfile @@ -0,0 +1,39 @@ +#++++++++++++++++++++++++++++++++++++++ +# Alpine 3 Bootstrap Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM alpine:3.3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.22.0 + +# Ensure UTF-8 +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 + +# Add common scripts (from _localscripts) +ADD scripts.tar / + +# Init bootstrap (and install ansible) +RUN set -x \ + # Fix root terminal + && echo "export TERM=xterm" >> /root/.bashrc \ + # Add testing + && echo http://nl.alpinelinux.org/alpine/edge/testing >> /etc/apk/repositories \ + # System update + && /usr/local/bin/apk-upgrade \ + # Install base stuff + && /usr/local/bin/apk-install \ + bash \ + shadow \ + ca-certificates \ + # Install ansible + && /usr/local/bin/apk-install \ + python \ + python-dev \ + py-setuptools \ + py-crypto \ + py-pip \ + && pip install --upgrade pip \ + && pip install ansible diff --git a/docker/bootstrap/alpine-3/scripts.tar b/docker/bootstrap/alpine-3/scripts.tar new file mode 100644 index 000000000..17e201953 Binary files /dev/null and b/docker/bootstrap/alpine-3/scripts.tar differ diff --git a/docker/bootstrap/centos-7/Dockerfile b/docker/bootstrap/centos-7/Dockerfile index b266c4af2..e53e414db 100644 --- a/docker/bootstrap/centos-7/Dockerfile +++ b/docker/bootstrap/centos-7/Dockerfile @@ -5,7 +5,7 @@ FROM centos:7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Add common scripts (from _localscripts) @@ -17,467 +17,6 @@ RUN set -x \ && echo "export TERM=xterm" >> /root/.bashrc \ # System update && /usr/local/bin/yum-upgrade \ - # Generate locales - # -> locale -a|grep '\.'| while read LOCALE; do LOCALE_LANG=$(echo $LOCALE|cut -d '.' -f 1); LOCALE_CHARSET=$(echo $LOCALE|cut -d '.' -f 2); echo "&& localedef -v -c -i $LOCALE_LANG -f $LOCALE_CHARSET $LOCALE_LANG.$LOCALE_CHARSET ; \$(exit 0) \\"; done; - && localedef -v -c -i aa_DJ -f iso88591 aa_DJ.iso88591 ; $(exit 0) \ - && localedef -v -c -i aa_DJ -f utf8 aa_DJ.utf8 ; $(exit 0) \ - && localedef -v -c -i aa_ER -f utf8 aa_ER.utf8 ; $(exit 0) \ - && localedef -v -c -i aa_ER -f utf8@saaho aa_ER.utf8@saaho ; $(exit 0) \ - && localedef -v -c -i aa_ET -f utf8 aa_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i af_ZA -f iso88591 af_ZA.iso88591 ; $(exit 0) \ - && localedef -v -c -i af_ZA -f utf8 af_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i am_ET -f utf8 am_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i an_ES -f iso885915 an_ES.iso885915 ; $(exit 0) \ - && localedef -v -c -i an_ES -f utf8 an_ES.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_AE -f iso88596 ar_AE.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_AE -f utf8 ar_AE.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_BH -f iso88596 ar_BH.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_BH -f utf8 ar_BH.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_DZ -f iso88596 ar_DZ.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_DZ -f utf8 ar_DZ.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_EG -f iso88596 ar_EG.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_EG -f utf8 ar_EG.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_IN -f utf8 ar_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_IQ -f iso88596 ar_IQ.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_IQ -f utf8 ar_IQ.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_JO -f iso88596 ar_JO.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_JO -f utf8 ar_JO.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_KW -f iso88596 ar_KW.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_KW -f utf8 ar_KW.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_LB -f iso88596 ar_LB.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_LB -f utf8 ar_LB.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_LY -f iso88596 ar_LY.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_LY -f utf8 ar_LY.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_MA -f iso88596 ar_MA.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_MA -f utf8 ar_MA.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_OM -f iso88596 ar_OM.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_OM -f utf8 ar_OM.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_QA -f iso88596 ar_QA.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_QA -f utf8 ar_QA.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_SA -f iso88596 ar_SA.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_SA -f utf8 ar_SA.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_SD -f iso88596 ar_SD.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_SD -f utf8 ar_SD.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_SY -f iso88596 ar_SY.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_SY -f utf8 ar_SY.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_TN -f iso88596 ar_TN.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_TN -f utf8 ar_TN.utf8 ; $(exit 0) \ - && localedef -v -c -i ar_YE -f iso88596 ar_YE.iso88596 ; $(exit 0) \ - && localedef -v -c -i ar_YE -f utf8 ar_YE.utf8 ; $(exit 0) \ - && localedef -v -c -i as_IN -f utf8 as_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i ast_ES -f iso885915 ast_ES.iso885915 ; $(exit 0) \ - && localedef -v -c -i ast_ES -f utf8 ast_ES.utf8 ; $(exit 0) \ - && localedef -v -c -i az_AZ -f utf8 az_AZ.utf8 ; $(exit 0) \ - && localedef -v -c -i be_BY -f cp1251 be_BY.cp1251 ; $(exit 0) \ - && localedef -v -c -i be_BY -f utf8 be_BY.utf8 ; $(exit 0) \ - && localedef -v -c -i be_BY -f utf8@latin be_BY.utf8@latin ; $(exit 0) \ - && localedef -v -c -i bem_ZM -f utf8 bem_ZM.utf8 ; $(exit 0) \ - && localedef -v -c -i ber_DZ -f utf8 ber_DZ.utf8 ; $(exit 0) \ - && localedef -v -c -i ber_MA -f utf8 ber_MA.utf8 ; $(exit 0) \ - && localedef -v -c -i bg_BG -f cp1251 bg_BG.cp1251 ; $(exit 0) \ - && localedef -v -c -i bg_BG -f utf8 bg_BG.utf8 ; $(exit 0) \ - && localedef -v -c -i bho_IN -f utf8 bho_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i bn_BD -f utf8 bn_BD.utf8 ; $(exit 0) \ - && localedef -v -c -i bn_IN -f utf8 bn_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i bo_CN -f utf8 bo_CN.utf8 ; $(exit 0) \ - && localedef -v -c -i bo_IN -f utf8 bo_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i br_FR -f iso88591 br_FR.iso88591 ; $(exit 0) \ - && localedef -v -c -i br_FR -f iso885915@euro br_FR.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i br_FR -f utf8 br_FR.utf8 ; $(exit 0) \ - && localedef -v -c -i brx_IN -f utf8 brx_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i bs_BA -f iso88592 bs_BA.iso88592 ; $(exit 0) \ - && localedef -v -c -i bs_BA -f utf8 bs_BA.utf8 ; $(exit 0) \ - && localedef -v -c -i byn_ER -f utf8 byn_ER.utf8 ; $(exit 0) \ - && localedef -v -c -i ca_AD -f iso885915 ca_AD.iso885915 ; $(exit 0) \ - && localedef -v -c -i ca_AD -f utf8 ca_AD.utf8 ; $(exit 0) \ - && localedef -v -c -i ca_ES -f iso88591 ca_ES.iso88591 ; $(exit 0) \ - && localedef -v -c -i ca_ES -f iso885915@euro ca_ES.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i ca_ES -f iso885915@valencia ca_ES.iso885915@valencia ; $(exit 0) \ - && localedef -v -c -i ca_ES -f utf8 ca_ES.utf8 ; $(exit 0) \ - && localedef -v -c -i ca_ES -f utf8@valencia ca_ES.utf8@valencia ; $(exit 0) \ - && localedef -v -c -i ca_FR -f iso885915 ca_FR.iso885915 ; $(exit 0) \ - && localedef -v -c -i ca_FR -f utf8 ca_FR.utf8 ; $(exit 0) \ - && localedef -v -c -i ca_IT -f iso885915 ca_IT.iso885915 ; $(exit 0) \ - && localedef -v -c -i ca_IT -f utf8 ca_IT.utf8 ; $(exit 0) \ - && localedef -v -c -i ce_RU -f utf8 ce_RU.utf8 ; $(exit 0) \ - && localedef -v -c -i ckb_IQ -f utf8 ckb_IQ.utf8 ; $(exit 0) \ - && localedef -v -c -i crh_UA -f utf8 crh_UA.utf8 ; $(exit 0) \ - && localedef -v -c -i csb_PL -f utf8 csb_PL.utf8 ; $(exit 0) \ - && localedef -v -c -i cs_CZ -f iso88592 cs_CZ.iso88592 ; $(exit 0) \ - && localedef -v -c -i cs_CZ -f utf8 cs_CZ.utf8 ; $(exit 0) \ - && localedef -v -c -i C -f UTF-8 C.UTF-8 ; $(exit 0) \ - && localedef -v -c -i cv_RU -f utf8 cv_RU.utf8 ; $(exit 0) \ - && localedef -v -c -i cy_GB -f iso885914 cy_GB.iso885914 ; $(exit 0) \ - && localedef -v -c -i cy_GB -f utf8 cy_GB.utf8 ; $(exit 0) \ - && localedef -v -c -i da_DK -f iso88591 da_DK.iso88591 ; $(exit 0) \ - && localedef -v -c -i da_DK -f utf8 da_DK.utf8 ; $(exit 0) \ - && localedef -v -c -i de_AT -f iso88591 de_AT.iso88591 ; $(exit 0) \ - && localedef -v -c -i de_AT -f iso885915@euro de_AT.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i de_AT -f utf8 de_AT.utf8 ; $(exit 0) \ - && localedef -v -c -i de_BE -f iso88591 de_BE.iso88591 ; $(exit 0) \ - && localedef -v -c -i de_BE -f iso885915@euro de_BE.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i de_BE -f utf8 de_BE.utf8 ; $(exit 0) \ - && localedef -v -c -i de_CH -f iso88591 de_CH.iso88591 ; $(exit 0) \ - && localedef -v -c -i de_CH -f utf8 de_CH.utf8 ; $(exit 0) \ - && localedef -v -c -i de_DE -f iso88591 de_DE.iso88591 ; $(exit 0) \ - && localedef -v -c -i de_DE -f iso885915@euro de_DE.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i de_DE -f utf8 de_DE.utf8 ; $(exit 0) \ - && localedef -v -c -i de_LI -f utf8 de_LI.utf8 ; $(exit 0) \ - && localedef -v -c -i de_LU -f iso88591 de_LU.iso88591 ; $(exit 0) \ - && localedef -v -c -i de_LU -f iso885915@euro de_LU.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i de_LU -f utf8 de_LU.utf8 ; $(exit 0) \ - && localedef -v -c -i dv_MV -f utf8 dv_MV.utf8 ; $(exit 0) \ - && localedef -v -c -i dz_BT -f utf8 dz_BT.utf8 ; $(exit 0) \ - && localedef -v -c -i el_CY -f iso88597 el_CY.iso88597 ; $(exit 0) \ - && localedef -v -c -i el_CY -f utf8 el_CY.utf8 ; $(exit 0) \ - && localedef -v -c -i el_GR -f iso88597 el_GR.iso88597 ; $(exit 0) \ - && localedef -v -c -i el_GR -f utf8 el_GR.utf8 ; $(exit 0) \ - && localedef -v -c -i en_AG -f utf8 en_AG.utf8 ; $(exit 0) \ - && localedef -v -c -i en_AU -f iso88591 en_AU.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_AU -f utf8 en_AU.utf8 ; $(exit 0) \ - && localedef -v -c -i en_BW -f iso88591 en_BW.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_BW -f utf8 en_BW.utf8 ; $(exit 0) \ - && localedef -v -c -i en_CA -f iso88591 en_CA.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_CA -f utf8 en_CA.utf8 ; $(exit 0) \ - && localedef -v -c -i en_DK -f iso88591 en_DK.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_DK -f iso885915 en_DK.iso885915 ; $(exit 0) \ - && localedef -v -c -i en_DK -f utf8 en_DK.utf8 ; $(exit 0) \ - && localedef -v -c -i en_GB -f iso88591 en_GB.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_GB -f iso885915 en_GB.iso885915 ; $(exit 0) \ - && localedef -v -c -i en_GB -f utf8 en_GB.utf8 ; $(exit 0) \ - && localedef -v -c -i en_HK -f iso88591 en_HK.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_HK -f utf8 en_HK.utf8 ; $(exit 0) \ - && localedef -v -c -i en_IE -f iso88591 en_IE.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_IE -f iso885915@euro en_IE.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i en_IE -f utf8 en_IE.utf8 ; $(exit 0) \ - && localedef -v -c -i en_IN -f utf8 en_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i en_NG -f utf8 en_NG.utf8 ; $(exit 0) \ - && localedef -v -c -i en_NZ -f iso88591 en_NZ.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_NZ -f utf8 en_NZ.utf8 ; $(exit 0) \ - && localedef -v -c -i en_PH -f iso88591 en_PH.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_PH -f utf8 en_PH.utf8 ; $(exit 0) \ - && localedef -v -c -i en_SG -f iso88591 en_SG.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_SG -f utf8 en_SG.utf8 ; $(exit 0) \ - && localedef -v -c -i en_US -f iso88591 en_US.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_US -f iso885915 en_US.iso885915 ; $(exit 0) \ - && localedef -v -c -i en_US -f utf8 en_US.utf8 ; $(exit 0) \ - && localedef -v -c -i en_ZA -f iso88591 en_ZA.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_ZA -f utf8 en_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i en_ZM -f utf8 en_ZM.utf8 ; $(exit 0) \ - && localedef -v -c -i en_ZW -f iso88591 en_ZW.iso88591 ; $(exit 0) \ - && localedef -v -c -i en_ZW -f utf8 en_ZW.utf8 ; $(exit 0) \ - && localedef -v -c -i eo -f iso88593 eo.iso88593 ; $(exit 0) \ - && localedef -v -c -i eo_US -f utf8 eo_US.utf8 ; $(exit 0) \ - && localedef -v -c -i eo -f utf8 eo.utf8 ; $(exit 0) \ - && localedef -v -c -i es_AR -f iso88591 es_AR.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_AR -f utf8 es_AR.utf8 ; $(exit 0) \ - && localedef -v -c -i es_BO -f iso88591 es_BO.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_BO -f utf8 es_BO.utf8 ; $(exit 0) \ - && localedef -v -c -i es_CL -f iso88591 es_CL.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_CL -f utf8 es_CL.utf8 ; $(exit 0) \ - && localedef -v -c -i es_CO -f iso88591 es_CO.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_CO -f utf8 es_CO.utf8 ; $(exit 0) \ - && localedef -v -c -i es_CR -f iso88591 es_CR.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_CR -f utf8 es_CR.utf8 ; $(exit 0) \ - && localedef -v -c -i es_CU -f utf8 es_CU.utf8 ; $(exit 0) \ - && localedef -v -c -i es_DO -f iso88591 es_DO.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_DO -f utf8 es_DO.utf8 ; $(exit 0) \ - && localedef -v -c -i es_EC -f iso88591 es_EC.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_EC -f utf8 es_EC.utf8 ; $(exit 0) \ - && localedef -v -c -i es_ES -f iso88591 es_ES.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_ES -f iso885915@euro es_ES.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i es_ES -f utf8 es_ES.utf8 ; $(exit 0) \ - && localedef -v -c -i es_GT -f iso88591 es_GT.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_GT -f utf8 es_GT.utf8 ; $(exit 0) \ - && localedef -v -c -i es_HN -f iso88591 es_HN.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_HN -f utf8 es_HN.utf8 ; $(exit 0) \ - && localedef -v -c -i es_MX -f iso88591 es_MX.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_MX -f utf8 es_MX.utf8 ; $(exit 0) \ - && localedef -v -c -i es_NI -f iso88591 es_NI.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_NI -f utf8 es_NI.utf8 ; $(exit 0) \ - && localedef -v -c -i es_PA -f iso88591 es_PA.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_PA -f utf8 es_PA.utf8 ; $(exit 0) \ - && localedef -v -c -i es_PE -f iso88591 es_PE.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_PE -f utf8 es_PE.utf8 ; $(exit 0) \ - && localedef -v -c -i es_PR -f iso88591 es_PR.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_PR -f utf8 es_PR.utf8 ; $(exit 0) \ - && localedef -v -c -i es_PY -f iso88591 es_PY.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_PY -f utf8 es_PY.utf8 ; $(exit 0) \ - && localedef -v -c -i es_SV -f iso88591 es_SV.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_SV -f utf8 es_SV.utf8 ; $(exit 0) \ - && localedef -v -c -i es_US -f iso88591 es_US.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_US -f utf8 es_US.utf8 ; $(exit 0) \ - && localedef -v -c -i es_UY -f iso88591 es_UY.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_UY -f utf8 es_UY.utf8 ; $(exit 0) \ - && localedef -v -c -i es_VE -f iso88591 es_VE.iso88591 ; $(exit 0) \ - && localedef -v -c -i es_VE -f utf8 es_VE.utf8 ; $(exit 0) \ - && localedef -v -c -i et_EE -f iso88591 et_EE.iso88591 ; $(exit 0) \ - && localedef -v -c -i et_EE -f iso885915 et_EE.iso885915 ; $(exit 0) \ - && localedef -v -c -i et_EE -f utf8 et_EE.utf8 ; $(exit 0) \ - && localedef -v -c -i eu_ES -f iso88591 eu_ES.iso88591 ; $(exit 0) \ - && localedef -v -c -i eu_ES -f iso885915@euro eu_ES.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i eu_ES -f utf8 eu_ES.utf8 ; $(exit 0) \ - && localedef -v -c -i eu_FR -f iso88591 eu_FR.iso88591 ; $(exit 0) \ - && localedef -v -c -i eu_FR -f iso885915@euro eu_FR.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i eu_FR -f utf8 eu_FR.utf8 ; $(exit 0) \ - && localedef -v -c -i fa_IR -f utf8 fa_IR.utf8 ; $(exit 0) \ - && localedef -v -c -i ff_SN -f utf8 ff_SN.utf8 ; $(exit 0) \ - && localedef -v -c -i fi_FI -f iso88591 fi_FI.iso88591 ; $(exit 0) \ - && localedef -v -c -i fi_FI -f iso885915@euro fi_FI.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i fi_FI -f utf8 fi_FI.utf8 ; $(exit 0) \ - && localedef -v -c -i fil_PH -f utf8 fil_PH.utf8 ; $(exit 0) \ - && localedef -v -c -i fo_FO -f iso88591 fo_FO.iso88591 ; $(exit 0) \ - && localedef -v -c -i fo_FO -f utf8 fo_FO.utf8 ; $(exit 0) \ - && localedef -v -c -i fr_BE -f iso88591 fr_BE.iso88591 ; $(exit 0) \ - && localedef -v -c -i fr_BE -f iso885915@euro fr_BE.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i fr_BE -f utf8 fr_BE.utf8 ; $(exit 0) \ - && localedef -v -c -i fr_CA -f iso88591 fr_CA.iso88591 ; $(exit 0) \ - && localedef -v -c -i fr_CA -f utf8 fr_CA.utf8 ; $(exit 0) \ - && localedef -v -c -i fr_CH -f iso88591 fr_CH.iso88591 ; $(exit 0) \ - && localedef -v -c -i fr_CH -f utf8 fr_CH.utf8 ; $(exit 0) \ - && localedef -v -c -i fr_FR -f iso88591 fr_FR.iso88591 ; $(exit 0) \ - && localedef -v -c -i fr_FR -f iso885915@euro fr_FR.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i fr_FR -f utf8 fr_FR.utf8 ; $(exit 0) \ - && localedef -v -c -i fr_LU -f iso88591 fr_LU.iso88591 ; $(exit 0) \ - && localedef -v -c -i fr_LU -f iso885915@euro fr_LU.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i fr_LU -f utf8 fr_LU.utf8 ; $(exit 0) \ - && localedef -v -c -i fur_IT -f utf8 fur_IT.utf8 ; $(exit 0) \ - && localedef -v -c -i fy_DE -f utf8 fy_DE.utf8 ; $(exit 0) \ - && localedef -v -c -i fy_NL -f utf8 fy_NL.utf8 ; $(exit 0) \ - && localedef -v -c -i ga_IE -f iso88591 ga_IE.iso88591 ; $(exit 0) \ - && localedef -v -c -i ga_IE -f iso885915@euro ga_IE.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i ga_IE -f utf8 ga_IE.utf8 ; $(exit 0) \ - && localedef -v -c -i gd_GB -f iso885915 gd_GB.iso885915 ; $(exit 0) \ - && localedef -v -c -i gd_GB -f utf8 gd_GB.utf8 ; $(exit 0) \ - && localedef -v -c -i gez_ER -f utf8 gez_ER.utf8 ; $(exit 0) \ - && localedef -v -c -i gez_ER -f utf8@abegede gez_ER.utf8@abegede ; $(exit 0) \ - && localedef -v -c -i gez_ET -f utf8 gez_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i gez_ET -f utf8@abegede gez_ET.utf8@abegede ; $(exit 0) \ - && localedef -v -c -i gl_ES -f iso88591 gl_ES.iso88591 ; $(exit 0) \ - && localedef -v -c -i gl_ES -f iso885915@euro gl_ES.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i gl_ES -f utf8 gl_ES.utf8 ; $(exit 0) \ - && localedef -v -c -i gu_IN -f utf8 gu_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i gv_GB -f iso88591 gv_GB.iso88591 ; $(exit 0) \ - && localedef -v -c -i gv_GB -f utf8 gv_GB.utf8 ; $(exit 0) \ - && localedef -v -c -i ha_NG -f utf8 ha_NG.utf8 ; $(exit 0) \ - && localedef -v -c -i he_IL -f iso88598 he_IL.iso88598 ; $(exit 0) \ - && localedef -v -c -i he_IL -f utf8 he_IL.utf8 ; $(exit 0) \ - && localedef -v -c -i hi_IN -f utf8 hi_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i hne_IN -f utf8 hne_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i hr_HR -f iso88592 hr_HR.iso88592 ; $(exit 0) \ - && localedef -v -c -i hr_HR -f utf8 hr_HR.utf8 ; $(exit 0) \ - && localedef -v -c -i hsb_DE -f iso88592 hsb_DE.iso88592 ; $(exit 0) \ - && localedef -v -c -i hsb_DE -f utf8 hsb_DE.utf8 ; $(exit 0) \ - && localedef -v -c -i ht_HT -f utf8 ht_HT.utf8 ; $(exit 0) \ - && localedef -v -c -i hu_HU -f iso88592 hu_HU.iso88592 ; $(exit 0) \ - && localedef -v -c -i hu_HU -f utf8 hu_HU.utf8 ; $(exit 0) \ - && localedef -v -c -i hy_AM -f armscii8 hy_AM.armscii8 ; $(exit 0) \ - && localedef -v -c -i hy_AM -f utf8 hy_AM.utf8 ; $(exit 0) \ - && localedef -v -c -i ia -f utf8 ia.utf8 ; $(exit 0) \ - && localedef -v -c -i id_ID -f iso88591 id_ID.iso88591 ; $(exit 0) \ - && localedef -v -c -i id_ID -f utf8 id_ID.utf8 ; $(exit 0) \ - && localedef -v -c -i ig_NG -f utf8 ig_NG.utf8 ; $(exit 0) \ - && localedef -v -c -i ik_CA -f utf8 ik_CA.utf8 ; $(exit 0) \ - && localedef -v -c -i is_IS -f iso88591 is_IS.iso88591 ; $(exit 0) \ - && localedef -v -c -i is_IS -f utf8 is_IS.utf8 ; $(exit 0) \ - && localedef -v -c -i it_CH -f iso88591 it_CH.iso88591 ; $(exit 0) \ - && localedef -v -c -i it_CH -f utf8 it_CH.utf8 ; $(exit 0) \ - && localedef -v -c -i it_IT -f iso88591 it_IT.iso88591 ; $(exit 0) \ - && localedef -v -c -i it_IT -f iso885915@euro it_IT.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i it_IT -f utf8 it_IT.utf8 ; $(exit 0) \ - && localedef -v -c -i iu_CA -f utf8 iu_CA.utf8 ; $(exit 0) \ - && localedef -v -c -i iw_IL -f iso88598 iw_IL.iso88598 ; $(exit 0) \ - && localedef -v -c -i iw_IL -f utf8 iw_IL.utf8 ; $(exit 0) \ - && localedef -v -c -i ja_JP -f eucjp ja_JP.eucjp ; $(exit 0) \ - && localedef -v -c -i ja_JP -f utf8 ja_JP.utf8 ; $(exit 0) \ - && localedef -v -c -i ka_GE -f georgianps ka_GE.georgianps ; $(exit 0) \ - && localedef -v -c -i ka_GE -f utf8 ka_GE.utf8 ; $(exit 0) \ - && localedef -v -c -i kk_KZ -f pt154 kk_KZ.pt154 ; $(exit 0) \ - && localedef -v -c -i kk_KZ -f rk1048 kk_KZ.rk1048 ; $(exit 0) \ - && localedef -v -c -i kk_KZ -f utf8 kk_KZ.utf8 ; $(exit 0) \ - && localedef -v -c -i kl_GL -f iso88591 kl_GL.iso88591 ; $(exit 0) \ - && localedef -v -c -i kl_GL -f utf8 kl_GL.utf8 ; $(exit 0) \ - && localedef -v -c -i km_KH -f utf8 km_KH.utf8 ; $(exit 0) \ - && localedef -v -c -i kn_IN -f utf8 kn_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i kok_IN -f utf8 kok_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i ko_KR -f euckr ko_KR.euckr ; $(exit 0) \ - && localedef -v -c -i ko_KR -f utf8 ko_KR.utf8 ; $(exit 0) \ - && localedef -v -c -i ks_IN -f utf8 ks_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i ks_IN -f utf8@devanagari ks_IN.utf8@devanagari ; $(exit 0) \ - && localedef -v -c -i ku_TR -f iso88599 ku_TR.iso88599 ; $(exit 0) \ - && localedef -v -c -i ku_TR -f utf8 ku_TR.utf8 ; $(exit 0) \ - && localedef -v -c -i kw_GB -f iso88591 kw_GB.iso88591 ; $(exit 0) \ - && localedef -v -c -i kw_GB -f utf8 kw_GB.utf8 ; $(exit 0) \ - && localedef -v -c -i ky_KG -f utf8 ky_KG.utf8 ; $(exit 0) \ - && localedef -v -c -i lb_LU -f utf8 lb_LU.utf8 ; $(exit 0) \ - && localedef -v -c -i lg_UG -f iso885910 lg_UG.iso885910 ; $(exit 0) \ - && localedef -v -c -i lg_UG -f utf8 lg_UG.utf8 ; $(exit 0) \ - && localedef -v -c -i li_BE -f utf8 li_BE.utf8 ; $(exit 0) \ - && localedef -v -c -i lij_IT -f utf8 lij_IT.utf8 ; $(exit 0) \ - && localedef -v -c -i li_NL -f utf8 li_NL.utf8 ; $(exit 0) \ - && localedef -v -c -i ln_CD -f utf8 ln_CD.utf8 ; $(exit 0) \ - && localedef -v -c -i lo_LA -f utf8 lo_LA.utf8 ; $(exit 0) \ - && localedef -v -c -i lt_LT -f iso885913 lt_LT.iso885913 ; $(exit 0) \ - && localedef -v -c -i lt_LT -f utf8 lt_LT.utf8 ; $(exit 0) \ - && localedef -v -c -i lv_LV -f iso885913 lv_LV.iso885913 ; $(exit 0) \ - && localedef -v -c -i lv_LV -f utf8 lv_LV.utf8 ; $(exit 0) \ - && localedef -v -c -i mai_IN -f utf8 mai_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i mg_MG -f iso885915 mg_MG.iso885915 ; $(exit 0) \ - && localedef -v -c -i mg_MG -f utf8 mg_MG.utf8 ; $(exit 0) \ - && localedef -v -c -i mhr_RU -f utf8 mhr_RU.utf8 ; $(exit 0) \ - && localedef -v -c -i mi_NZ -f iso885913 mi_NZ.iso885913 ; $(exit 0) \ - && localedef -v -c -i mi_NZ -f utf8 mi_NZ.utf8 ; $(exit 0) \ - && localedef -v -c -i mk_MK -f iso88595 mk_MK.iso88595 ; $(exit 0) \ - && localedef -v -c -i mk_MK -f utf8 mk_MK.utf8 ; $(exit 0) \ - && localedef -v -c -i ml_IN -f utf8 ml_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i mn_MN -f utf8 mn_MN.utf8 ; $(exit 0) \ - && localedef -v -c -i mr_IN -f utf8 mr_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i ms_MY -f iso88591 ms_MY.iso88591 ; $(exit 0) \ - && localedef -v -c -i ms_MY -f utf8 ms_MY.utf8 ; $(exit 0) \ - && localedef -v -c -i mt_MT -f iso88593 mt_MT.iso88593 ; $(exit 0) \ - && localedef -v -c -i mt_MT -f utf8 mt_MT.utf8 ; $(exit 0) \ - && localedef -v -c -i my_MM -f utf8 my_MM.utf8 ; $(exit 0) \ - && localedef -v -c -i nan_TW -f utf8@latin nan_TW.utf8@latin ; $(exit 0) \ - && localedef -v -c -i nb_NO -f iso88591 nb_NO.iso88591 ; $(exit 0) \ - && localedef -v -c -i nb_NO -f utf8 nb_NO.utf8 ; $(exit 0) \ - && localedef -v -c -i nds_DE -f utf8 nds_DE.utf8 ; $(exit 0) \ - && localedef -v -c -i nds_NL -f utf8 nds_NL.utf8 ; $(exit 0) \ - && localedef -v -c -i ne_NP -f utf8 ne_NP.utf8 ; $(exit 0) \ - && localedef -v -c -i nl_AW -f utf8 nl_AW.utf8 ; $(exit 0) \ - && localedef -v -c -i nl_BE -f iso88591 nl_BE.iso88591 ; $(exit 0) \ - && localedef -v -c -i nl_BE -f iso885915@euro nl_BE.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i nl_BE -f utf8 nl_BE.utf8 ; $(exit 0) \ - && localedef -v -c -i nl_NL -f iso88591 nl_NL.iso88591 ; $(exit 0) \ - && localedef -v -c -i nl_NL -f iso885915@euro nl_NL.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i nl_NL -f utf8 nl_NL.utf8 ; $(exit 0) \ - && localedef -v -c -i nn_NO -f iso88591 nn_NO.iso88591 ; $(exit 0) \ - && localedef -v -c -i nn_NO -f utf8 nn_NO.utf8 ; $(exit 0) \ - && localedef -v -c -i nr_ZA -f utf8 nr_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i nso_ZA -f utf8 nso_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i oc_FR -f iso88591 oc_FR.iso88591 ; $(exit 0) \ - && localedef -v -c -i oc_FR -f utf8 oc_FR.utf8 ; $(exit 0) \ - && localedef -v -c -i om_ET -f utf8 om_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i om_KE -f iso88591 om_KE.iso88591 ; $(exit 0) \ - && localedef -v -c -i om_KE -f utf8 om_KE.utf8 ; $(exit 0) \ - && localedef -v -c -i or_IN -f utf8 or_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i os_RU -f utf8 os_RU.utf8 ; $(exit 0) \ - && localedef -v -c -i pa_IN -f utf8 pa_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i pap_AN -f utf8 pap_AN.utf8 ; $(exit 0) \ - && localedef -v -c -i pa_PK -f utf8 pa_PK.utf8 ; $(exit 0) \ - && localedef -v -c -i pl_PL -f iso88592 pl_PL.iso88592 ; $(exit 0) \ - && localedef -v -c -i pl_PL -f utf8 pl_PL.utf8 ; $(exit 0) \ - && localedef -v -c -i ps_AF -f utf8 ps_AF.utf8 ; $(exit 0) \ - && localedef -v -c -i pt_BR -f iso88591 pt_BR.iso88591 ; $(exit 0) \ - && localedef -v -c -i pt_BR -f utf8 pt_BR.utf8 ; $(exit 0) \ - && localedef -v -c -i pt_PT -f iso88591 pt_PT.iso88591 ; $(exit 0) \ - && localedef -v -c -i pt_PT -f iso885915@euro pt_PT.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i pt_PT -f utf8 pt_PT.utf8 ; $(exit 0) \ - && localedef -v -c -i ro_RO -f iso88592 ro_RO.iso88592 ; $(exit 0) \ - && localedef -v -c -i ro_RO -f utf8 ro_RO.utf8 ; $(exit 0) \ - && localedef -v -c -i ru_RU -f cp1251 ru_RU.cp1251 ; $(exit 0) \ - && localedef -v -c -i ru_RU -f iso88595 ru_RU.iso88595 ; $(exit 0) \ - && localedef -v -c -i ru_RU -f koi8r ru_RU.koi8r ; $(exit 0) \ - && localedef -v -c -i ru_RU -f utf8 ru_RU.utf8 ; $(exit 0) \ - && localedef -v -c -i ru_UA -f koi8u ru_UA.koi8u ; $(exit 0) \ - && localedef -v -c -i ru_UA -f utf8 ru_UA.utf8 ; $(exit 0) \ - && localedef -v -c -i rw_RW -f utf8 rw_RW.utf8 ; $(exit 0) \ - && localedef -v -c -i sa_IN -f utf8 sa_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i sc_IT -f utf8 sc_IT.utf8 ; $(exit 0) \ - && localedef -v -c -i sd_IN -f utf8 sd_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i sd_IN -f utf8@devanagari sd_IN.utf8@devanagari ; $(exit 0) \ - && localedef -v -c -i sd_PK -f utf8 sd_PK.utf8 ; $(exit 0) \ - && localedef -v -c -i se_NO -f utf8 se_NO.utf8 ; $(exit 0) \ - && localedef -v -c -i shs_CA -f utf8 shs_CA.utf8 ; $(exit 0) \ - && localedef -v -c -i sid_ET -f utf8 sid_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i si_LK -f utf8 si_LK.utf8 ; $(exit 0) \ - && localedef -v -c -i sk_SK -f iso88592 sk_SK.iso88592 ; $(exit 0) \ - && localedef -v -c -i sk_SK -f utf8 sk_SK.utf8 ; $(exit 0) \ - && localedef -v -c -i sl_SI -f iso88592 sl_SI.iso88592 ; $(exit 0) \ - && localedef -v -c -i sl_SI -f utf8 sl_SI.utf8 ; $(exit 0) \ - && localedef -v -c -i so_DJ -f iso88591 so_DJ.iso88591 ; $(exit 0) \ - && localedef -v -c -i so_DJ -f utf8 so_DJ.utf8 ; $(exit 0) \ - && localedef -v -c -i so_ET -f utf8 so_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i so_KE -f iso88591 so_KE.iso88591 ; $(exit 0) \ - && localedef -v -c -i so_KE -f utf8 so_KE.utf8 ; $(exit 0) \ - && localedef -v -c -i so_SO -f iso88591 so_SO.iso88591 ; $(exit 0) \ - && localedef -v -c -i so_SO -f utf8 so_SO.utf8 ; $(exit 0) \ - && localedef -v -c -i sq_AL -f iso88591 sq_AL.iso88591 ; $(exit 0) \ - && localedef -v -c -i sq_AL -f utf8 sq_AL.utf8 ; $(exit 0) \ - && localedef -v -c -i sq_MK -f utf8 sq_MK.utf8 ; $(exit 0) \ - && localedef -v -c -i sr_ME -f utf8 sr_ME.utf8 ; $(exit 0) \ - && localedef -v -c -i sr_RS -f utf8 sr_RS.utf8 ; $(exit 0) \ - && localedef -v -c -i sr_RS -f utf8@latin sr_RS.utf8@latin ; $(exit 0) \ - && localedef -v -c -i ss_ZA -f utf8 ss_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i st_ZA -f iso88591 st_ZA.iso88591 ; $(exit 0) \ - && localedef -v -c -i st_ZA -f utf8 st_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i sv_FI -f iso88591 sv_FI.iso88591 ; $(exit 0) \ - && localedef -v -c -i sv_FI -f iso885915@euro sv_FI.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i sv_FI -f utf8 sv_FI.utf8 ; $(exit 0) \ - && localedef -v -c -i sv_SE -f iso88591 sv_SE.iso88591 ; $(exit 0) \ - && localedef -v -c -i sv_SE -f iso885915 sv_SE.iso885915 ; $(exit 0) \ - && localedef -v -c -i sv_SE -f utf8 sv_SE.utf8 ; $(exit 0) \ - && localedef -v -c -i sw_KE -f utf8 sw_KE.utf8 ; $(exit 0) \ - && localedef -v -c -i sw_TZ -f utf8 sw_TZ.utf8 ; $(exit 0) \ - && localedef -v -c -i ta_IN -f utf8 ta_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i ta_LK -f utf8 ta_LK.utf8 ; $(exit 0) \ - && localedef -v -c -i te_IN -f utf8 te_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i tg_TJ -f koi8t tg_TJ.koi8t ; $(exit 0) \ - && localedef -v -c -i tg_TJ -f utf8 tg_TJ.utf8 ; $(exit 0) \ - && localedef -v -c -i th_TH -f tis620 th_TH.tis620 ; $(exit 0) \ - && localedef -v -c -i th_TH -f utf8 th_TH.utf8 ; $(exit 0) \ - && localedef -v -c -i ti_ER -f utf8 ti_ER.utf8 ; $(exit 0) \ - && localedef -v -c -i ti_ET -f utf8 ti_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i tig_ER -f utf8 tig_ER.utf8 ; $(exit 0) \ - && localedef -v -c -i tk_TM -f utf8 tk_TM.utf8 ; $(exit 0) \ - && localedef -v -c -i tl_PH -f iso88591 tl_PH.iso88591 ; $(exit 0) \ - && localedef -v -c -i tl_PH -f utf8 tl_PH.utf8 ; $(exit 0) \ - && localedef -v -c -i tn_ZA -f utf8 tn_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i tr_CY -f iso88599 tr_CY.iso88599 ; $(exit 0) \ - && localedef -v -c -i tr_CY -f utf8 tr_CY.utf8 ; $(exit 0) \ - && localedef -v -c -i tr_TR -f iso88599 tr_TR.iso88599 ; $(exit 0) \ - && localedef -v -c -i tr_TR -f utf8 tr_TR.utf8 ; $(exit 0) \ - && localedef -v -c -i ts_ZA -f utf8 ts_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i tt_RU -f utf8 tt_RU.utf8 ; $(exit 0) \ - && localedef -v -c -i tt_RU -f utf8@iqtelif tt_RU.utf8@iqtelif ; $(exit 0) \ - && localedef -v -c -i ug_CN -f utf8 ug_CN.utf8 ; $(exit 0) \ - && localedef -v -c -i ug_CN -f utf8@latin ug_CN.utf8@latin ; $(exit 0) \ - && localedef -v -c -i uk_UA -f koi8u uk_UA.koi8u ; $(exit 0) \ - && localedef -v -c -i uk_UA -f utf8 uk_UA.utf8 ; $(exit 0) \ - && localedef -v -c -i unm_US -f utf8 unm_US.utf8 ; $(exit 0) \ - && localedef -v -c -i ur_IN -f utf8 ur_IN.utf8 ; $(exit 0) \ - && localedef -v -c -i ur_PK -f utf8 ur_PK.utf8 ; $(exit 0) \ - && localedef -v -c -i uz_UZ -f iso88591 uz_UZ.iso88591 ; $(exit 0) \ - && localedef -v -c -i uz_UZ -f utf8 uz_UZ.utf8 ; $(exit 0) \ - && localedef -v -c -i uz_UZ -f utf8@cyrillic uz_UZ.utf8@cyrillic ; $(exit 0) \ - && localedef -v -c -i ve_ZA -f utf8 ve_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i vi_VN -f tcvn vi_VN.tcvn ; $(exit 0) \ - && localedef -v -c -i vi_VN -f utf8 vi_VN.utf8 ; $(exit 0) \ - && localedef -v -c -i wa_BE -f iso88591 wa_BE.iso88591 ; $(exit 0) \ - && localedef -v -c -i wa_BE -f iso885915@euro wa_BE.iso885915@euro ; $(exit 0) \ - && localedef -v -c -i wa_BE -f utf8 wa_BE.utf8 ; $(exit 0) \ - && localedef -v -c -i wae_CH -f utf8 wae_CH.utf8 ; $(exit 0) \ - && localedef -v -c -i wal_ET -f utf8 wal_ET.utf8 ; $(exit 0) \ - && localedef -v -c -i wo_SN -f utf8 wo_SN.utf8 ; $(exit 0) \ - && localedef -v -c -i xh_ZA -f iso88591 xh_ZA.iso88591 ; $(exit 0) \ - && localedef -v -c -i xh_ZA -f utf8 xh_ZA.utf8 ; $(exit 0) \ - && localedef -v -c -i yi_US -f cp1255 yi_US.cp1255 ; $(exit 0) \ - && localedef -v -c -i yi_US -f utf8 yi_US.utf8 ; $(exit 0) \ - && localedef -v -c -i yo_NG -f utf8 yo_NG.utf8 ; $(exit 0) \ - && localedef -v -c -i yue_HK -f utf8 yue_HK.utf8 ; $(exit 0) \ - && localedef -v -c -i zh_CN -f gb18030 zh_CN.gb18030 ; $(exit 0) \ - && localedef -v -c -i zh_CN -f gb2312 zh_CN.gb2312 ; $(exit 0) \ - && localedef -v -c -i zh_CN -f gbk zh_CN.gbk ; $(exit 0) \ - && localedef -v -c -i zh_CN -f utf8 zh_CN.utf8 ; $(exit 0) \ - && localedef -v -c -i zh_HK -f big5hkscs zh_HK.big5hkscs ; $(exit 0) \ - && localedef -v -c -i zh_HK -f utf8 zh_HK.utf8 ; $(exit 0) \ - && localedef -v -c -i zh_SG -f gb2312 zh_SG.gb2312 ; $(exit 0) \ - && localedef -v -c -i zh_SG -f gbk zh_SG.gbk ; $(exit 0) \ - && localedef -v -c -i zh_SG -f utf8 zh_SG.utf8 ; $(exit 0) \ - && localedef -v -c -i zh_TW -f big5 zh_TW.big5 ; $(exit 0) \ - && localedef -v -c -i zh_TW -f euctw zh_TW.euctw ; $(exit 0) \ - && localedef -v -c -i zh_TW -f utf8 zh_TW.utf8 ; $(exit 0) \ - && localedef -v -c -i zu_ZA -f iso88591 zu_ZA.iso88591 ; $(exit 0) \ - && localedef -v -c -i zu_ZA -f utf8 zu_ZA.utf8 ; $(exit 0) \ # Install ansible && /usr/local/bin/yum-install \ epel-release \ diff --git a/docker/bootstrap/centos-7/scripts.tar b/docker/bootstrap/centos-7/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/centos-7/scripts.tar and b/docker/bootstrap/centos-7/scripts.tar differ diff --git a/docker/bootstrap/debian-7/Dockerfile b/docker/bootstrap/debian-7/Dockerfile index e786d2a00..39a8cf246 100644 --- a/docker/bootstrap/debian-7/Dockerfile +++ b/docker/bootstrap/debian-7/Dockerfile @@ -5,7 +5,7 @@ FROM debian:7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -20,14 +20,14 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && set -x \ # Fix root terminal && echo "export TERM=xterm" >> /root/.bashrc \ + # Enable non-free + && sed -ri 's/(deb.*\/debian wheezy main)/\1 contrib non-free /' -- /etc/apt/sources.list \ # System update && /usr/local/bin/apt-upgrade \ # Base stuff && /usr/local/bin/apt-install \ lsb-release \ ca-certificates \ - # Generate locales - locales-all \ # Install ansible python-dev \ python-setuptools \ diff --git a/docker/bootstrap/debian-7/scripts.tar b/docker/bootstrap/debian-7/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/debian-7/scripts.tar and b/docker/bootstrap/debian-7/scripts.tar differ diff --git a/docker/bootstrap/debian-8/Dockerfile b/docker/bootstrap/debian-8/Dockerfile index c712610a5..7f6ec3f13 100644 --- a/docker/bootstrap/debian-8/Dockerfile +++ b/docker/bootstrap/debian-8/Dockerfile @@ -5,7 +5,7 @@ FROM debian:8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -20,14 +20,14 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && set -x \ # Fix root terminal && echo "export TERM=xterm" >> /root/.bashrc \ + # Enable non-free + && sed -ri 's/(deb.*\/debian jessie main)/\1 contrib non-free /' -- /etc/apt/sources.list \ # System update && /usr/local/bin/apt-upgrade \ # Base stuff && /usr/local/bin/apt-install \ lsb-release \ ca-certificates \ - # Generate locales - locales-all \ # Install ansible python-dev \ python-setuptools \ diff --git a/docker/bootstrap/debian-8/scripts.tar b/docker/bootstrap/debian-8/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/debian-8/scripts.tar and b/docker/bootstrap/debian-8/scripts.tar differ diff --git a/docker/bootstrap/debian-9/Dockerfile b/docker/bootstrap/debian-9/Dockerfile index a2a42a185..b9d957b0f 100644 --- a/docker/bootstrap/debian-9/Dockerfile +++ b/docker/bootstrap/debian-9/Dockerfile @@ -5,7 +5,7 @@ FROM debian:stretch MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -20,14 +20,14 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && set -x \ # Fix root terminal && echo "export TERM=xterm" >> /root/.bashrc \ + # Enable non-free + && sed -ri 's/(deb.*\/debian stretch main)/\1 contrib non-free /' -- /etc/apt/sources.list \ # System update && /usr/local/bin/apt-upgrade \ # Base stuff && /usr/local/bin/apt-install \ lsb-release \ ca-certificates \ - # Generate locales - locales-all \ # Install ansible python-dev \ python-setuptools \ diff --git a/docker/bootstrap/debian-9/scripts.tar b/docker/bootstrap/debian-9/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/debian-9/scripts.tar and b/docker/bootstrap/debian-9/scripts.tar differ diff --git a/docker/bootstrap/ubuntu-12.04/Dockerfile b/docker/bootstrap/ubuntu-12.04/Dockerfile index eb6c3108f..fbe36cbb8 100644 --- a/docker/bootstrap/ubuntu-12.04/Dockerfile +++ b/docker/bootstrap/ubuntu-12.04/Dockerfile @@ -5,7 +5,7 @@ FROM ubuntu:12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -28,9 +28,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && echo "export TERM=xterm" >> /root/.bashrc \ # System update && /usr/local/bin/apt-upgrade \ - # Generate locales - && ln -s /usr/share/i18n/SUPPORTED /var/lib/locales/supported.d/all \ - && locale-gen \ # Install base stuff && /usr/local/bin/apt-install \ python-software-properties \ diff --git a/docker/bootstrap/ubuntu-12.04/scripts.tar b/docker/bootstrap/ubuntu-12.04/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/ubuntu-12.04/scripts.tar and b/docker/bootstrap/ubuntu-12.04/scripts.tar differ diff --git a/docker/bootstrap/ubuntu-14.04/Dockerfile b/docker/bootstrap/ubuntu-14.04/Dockerfile index 5bbad2ac2..6b676b8b0 100644 --- a/docker/bootstrap/ubuntu-14.04/Dockerfile +++ b/docker/bootstrap/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM ubuntu:14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -23,9 +23,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && echo "export TERM=xterm" >> /root/.bashrc \ # System update && /usr/local/bin/apt-upgrade \ - # Generate locales - && ln -s /usr/share/i18n/SUPPORTED /var/lib/locales/supported.d/all \ - && locale-gen \ # Install base stuff && /usr/local/bin/apt-install \ software-properties-common \ diff --git a/docker/bootstrap/ubuntu-14.04/scripts.tar b/docker/bootstrap/ubuntu-14.04/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/ubuntu-14.04/scripts.tar and b/docker/bootstrap/ubuntu-14.04/scripts.tar differ diff --git a/docker/bootstrap/ubuntu-15.04/Dockerfile b/docker/bootstrap/ubuntu-15.04/Dockerfile index 0a508e14a..1f005f4f5 100644 --- a/docker/bootstrap/ubuntu-15.04/Dockerfile +++ b/docker/bootstrap/ubuntu-15.04/Dockerfile @@ -5,7 +5,7 @@ FROM ubuntu:15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -23,9 +23,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && echo "export TERM=xterm" >> /root/.bashrc \ # System update && /usr/local/bin/apt-upgrade \ - # Generate locales - && ln -s /usr/share/i18n/SUPPORTED /var/lib/locales/supported.d/all \ - && locale-gen \ # Install base stuff && /usr/local/bin/apt-install \ software-properties-common \ diff --git a/docker/bootstrap/ubuntu-15.04/scripts.tar b/docker/bootstrap/ubuntu-15.04/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/ubuntu-15.04/scripts.tar and b/docker/bootstrap/ubuntu-15.04/scripts.tar differ diff --git a/docker/bootstrap/ubuntu-15.10/Dockerfile b/docker/bootstrap/ubuntu-15.10/Dockerfile index df4d66b43..fc7404e03 100644 --- a/docker/bootstrap/ubuntu-15.10/Dockerfile +++ b/docker/bootstrap/ubuntu-15.10/Dockerfile @@ -5,7 +5,7 @@ FROM ubuntu:15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -23,9 +23,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && echo "export TERM=xterm" >> /root/.bashrc \ # System update && /usr/local/bin/apt-upgrade \ - # Generate locales - && ln -s /usr/share/i18n/SUPPORTED /var/lib/locales/supported.d/all \ - && locale-gen \ # Install base stuff && /usr/local/bin/apt-install \ software-properties-common \ diff --git a/docker/bootstrap/ubuntu-15.10/scripts.tar b/docker/bootstrap/ubuntu-15.10/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/ubuntu-15.10/scripts.tar and b/docker/bootstrap/ubuntu-15.10/scripts.tar differ diff --git a/docker/bootstrap/ubuntu-16.04/Dockerfile b/docker/bootstrap/ubuntu-16.04/Dockerfile index fa08c2a7a..eb6bad5e1 100644 --- a/docker/bootstrap/ubuntu-16.04/Dockerfile +++ b/docker/bootstrap/ubuntu-16.04/Dockerfile @@ -5,7 +5,7 @@ FROM ubuntu:16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Ensure UTF-8 @@ -23,9 +23,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && echo "export TERM=xterm" >> /root/.bashrc \ # System update && /usr/local/bin/apt-upgrade \ - # Generate locales - && ln -s /usr/share/i18n/SUPPORTED /var/lib/locales/supported.d/all \ - && locale-gen \ # Install base stuff && /usr/local/bin/apt-install \ software-properties-common \ diff --git a/docker/bootstrap/ubuntu-16.04/scripts.tar b/docker/bootstrap/ubuntu-16.04/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/bootstrap/ubuntu-16.04/scripts.tar and b/docker/bootstrap/ubuntu-16.04/scripts.tar differ diff --git a/docker/hhvm-apache/ubuntu-14.04/Dockerfile b/docker/hhvm-apache/ubuntu-14.04/Dockerfile index 8f0adb8fd..c16108e46 100644 --- a/docker/hhvm-apache/ubuntu-14.04/Dockerfile +++ b/docker/hhvm-apache/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/hhvm:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/hhvm-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/hhvm-nginx/ubuntu-14.04/Dockerfile b/docker/hhvm-nginx/ubuntu-14.04/Dockerfile index 5fd587a08..a7a9c0a6e 100644 --- a/docker/hhvm-nginx/ubuntu-14.04/Dockerfile +++ b/docker/hhvm-nginx/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/hhvm:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/hhvm-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/hhvm/ubuntu-14.04/Dockerfile b/docker/hhvm/ubuntu-14.04/Dockerfile index da62c6baa..351512f6c 100644 --- a/docker/hhvm/ubuntu-14.04/Dockerfile +++ b/docker/hhvm/ubuntu-14.04/Dockerfile @@ -2,12 +2,14 @@ # Ubuntu 14.04 HHVM Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-14.04 +FROM webdevops/base-app:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 +ENV WEB_DOCUMENT_ROOT /app + # Install tools RUN /usr/local/bin/apt-install \ imagemagick \ diff --git a/docker/mail-sandbox/ubuntu-14.04/Dockerfile b/docker/mail-sandbox/ubuntu-14.04/Dockerfile index 72602d1ce..84150274a 100644 --- a/docker/mail-sandbox/ubuntu-14.04/Dockerfile +++ b/docker/mail-sandbox/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/postfix:latest MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV MAILBOX_USERNAME "sandbox" diff --git a/docker/nginx/alpine-3/Dockerfile b/docker/nginx/alpine-3/Dockerfile new file mode 100644 index 000000000..30111144b --- /dev/null +++ b/docker/nginx/alpine-3/Dockerfile @@ -0,0 +1,26 @@ +#++++++++++++++++++++++++++++++++++++++ +# CentOS 7 Nginx Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV WEB_DOCUMENT_ROOT /app +ENV WEB_DOCUMENT_INDEX index.php +ENV WEB_ALIAS_DOMAIN *.vm + +# Install nginx +RUN /usr/local/bin/apk-install \ + nginx + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-nginx \ + && bash /opt/docker/bin/bootstrap.sh + +EXPOSE 80 443 + +CMD ["supervisord"] diff --git a/docker/nginx/alpine-3/conf/bin/service.d/nginx.sh b/docker/nginx/alpine-3/conf/bin/service.d/nginx.sh new file mode 100644 index 000000000..a28a005c2 --- /dev/null +++ b/docker/nginx/alpine-3/conf/bin/service.d/nginx.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -e + +if [[ ! -e "$WEB_DOCUMENT_ROOT" ]]; then + echo "" + echo "[WARNING] WEB_DOCUMENT_ROOT does not exists with path \"$WEB_DOCUMENT_ROOT\"!" + echo "" +fi + +rpl --quiet "" "$WEB_DOCUMENT_INDEX" /opt/docker/etc/nginx/*.conf +rpl --quiet "" "$WEB_DOCUMENT_ROOT" /opt/docker/etc/nginx/*.conf +rpl --quiet "" "$WEB_ALIAS_DOMAIN" /opt/docker/etc/nginx/*.conf +rpl --quiet "" "$HOSTNAME" /opt/docker/etc/nginx/*.conf + +exec /usr/sbin/nginx diff --git a/docker/nginx/alpine-3/conf/etc/nginx/global.conf b/docker/nginx/alpine-3/conf/etc/nginx/global.conf new file mode 100644 index 000000000..e69de29bb diff --git a/docker/nginx/alpine-3/conf/etc/nginx/main.conf b/docker/nginx/alpine-3/conf/etc/nginx/main.conf new file mode 100644 index 000000000..517102d09 --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/main.conf @@ -0,0 +1,6 @@ +include /opt/docker/etc/nginx/global.conf; +include /opt/docker/etc/nginx/php.conf; +include /opt/docker/etc/nginx/vhost.conf; + + + diff --git a/docker/nginx/alpine-3/conf/etc/nginx/nginx.conf b/docker/nginx/alpine-3/conf/etc/nginx/nginx.conf new file mode 100644 index 000000000..f5609826d --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/nginx.conf @@ -0,0 +1,35 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; +} +daemon off; diff --git a/docker/nginx/alpine-3/conf/etc/nginx/php.conf b/docker/nginx/alpine-3/conf/etc/nginx/php.conf new file mode 100644 index 000000000..4cdbc305f --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/php.conf @@ -0,0 +1,3 @@ +upstream php { + server 127.0.0.1:9000; +} diff --git a/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.crt b/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.crt new file mode 100644 index 000000000..6b0694907 --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIE1DCCArwCCQDMMwGnSuK0tTANBgkqhkiG9w0BAQsFADAsMRswGQYDVQQKExJE +b2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wHhcNMTUwNTA0MTcxNDQw +WhcNMjUwNTAxMTcxNDQwWjAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUx +DTALBgNVBAMUBCoudm0wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDK +3TIUiyDvXelWeY9VXMrpjuZtYpVSDsACLpjFUhMnsP5/iKT0VbeZyqHvmwZjAg4G +Y10d+yZDdgv/xeu0HPOFbtR6pCp10d1tdLHZto5Cyuxu7IQsAVjnD6Ko7XFwtNk7 +9o6JZfAFaGL4w5MokrVmCtspnsMZH7/7zU4f96cbF39zLopnpuXGD6t6DA8Qj3gy +0duaTjs42bYRN+rwLzVKAev99iQ4kPMJn4vV6/Xk6rtoSzC67GQyVZYaFypicD1S +NtsRmgEVvjCBDbrLOneUiRwff6qxEsZi7Hxv7BKFj4iUWnII7K/nP7T6uBHQjHO+ +FpsGkU9lCMrCeVFBe8kKz/cbhd+yLUxXwAPr6gSOPmwn232Gy4tozvqZHpbUxsgx +7sT3ej9K66h1D7J+BjNFWYM1hbnC1r7H/xS7EBzBV8qRoQCVe08Juf5xsouXFakD +clLV4+L+1cxkpwsCQDly5g3tm/TBqA2O+ZJ+YHQDHKkzMyhLs6i0X/M5qvJBiLg1 +GLTCS20rpQ5gXTEGuINqHgwXQWkUO6bhgSYqdHGX3zbZ5+qWpI4eui3dHZ1Ll0VH +6Icpb7ORTQwhc6W8KBlybssYPSlGOEBGUjYGNheoz9FpoSkxCis+P8ZNKtrmpPoq +Su0eOOGFOFHG02eOgPVxSwrDeN9MVJo7BPysGMHJmQIDAQABMA0GCSqGSIb3DQEB +CwUAA4ICAQC63g6NHmQKbiy3G6iaDkpUSbr5Mq2YgU61XnvWVyREqDcy/BXCw9oY +SJ/KUvCpqPnACNOFqjadRAmPiA9nf2WduoCgwQGV/YRFGswSuVvh/3X2TX5NWvbS +t8MQDttQg1dxpiMUjlu3rqhfohBdWJvp2lVSdpDb/MOlXBc/+p7HfOHwhqB7wwPN +NNbSKUbZqZxmD8cOf1X0hASr1yfFPj+2vST3ESaON8S0T2p63YX/sD5jvOUiEuyw +I5WcvLmiRZA07SH8nWyckLY3qWL+OlhSZrlAnolWS00b+7h5LNuRYEjKzwVgntoA +aCopyQih6wIk0+AfJO4sfhJBmQhnIrAaP/zwBH5g9zVizLf5H7U+hNXrMwgw55Sq +vjMdkZHvPKUXTvVit/rYE9H+PY3brkRWzOl4V/i/ZLJJm5805H/NyTbz9kPMJw2Q +nn+KOpfXXySD39f8iuRgSKXsYNul38hxWgcZZ6g+sOOp2n/VUmf0eZUWNnJ8i7AP +4Qif7aDKMcibOwSwsB+DKZXDvZ5XSdnMphtuLS5rPSL81rVRmWC2DMfQ2eP8j0WN +VTroSk0xedQ7Qr+9TNooi9IyzX6n1a2S1UiciEZ3ZcDbXPl/P01m+IYZyPnLv0+9 +ZeioZYh1JLv3/OKsMrMLTfh2ZCj3aXwmc2Owi/wU2LS5QUOMcHH7CQ== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.csr b/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.csr new file mode 100644 index 000000000..8a9909f77 --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.csr @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEcTCCAlkCAQAwLDEbMBkGA1UEChMSRG9ja2VyIEJvaWxlcnBsYXRlMQ0wCwYD +VQQDFAQqLnZtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyt0yFIsg +713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik9FW3mcqh75sGYwIOBmNdHfsm +Q3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyELAFY5w+iqO1xcLTZO/aOiWXw +BWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6KZ6blxg+regwPEI94MtHbmk47 +ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEswuuxkMlWWGhcqYnA9UjbbEZoB +Fb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpyCOyv5z+0+rgR0IxzvhabBpFP +ZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9hsuLaM76mR6W1MbIMe7E93o/ +SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEAlXtPCbn+cbKLlxWpA3JS1ePi +/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMoS7OotF/zOaryQYi4NRi0wktt +K6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efqlqSOHrot3R2dS5dFR+iHKW+z +kU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEpMQorPj/GTSra5qT6KkrtHjjh +hThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4ICAQBsEBgC2YepuZq/8UqvKMZKVy/etDKXj7BB+QPb+leNiKD7p4LDxHJsZSH8 +Ku9uMPeLfiQDn5jA41k5SlGttzvObd65RdEbO3yHpqsg05EGSDDLfaE1k2Al/qmX +/o8roPZF7+2kZthgMAgkcokS54LYqEYTGqOf3J9Ss0yRIZwhaOVebfFIbIOdpw0B +JNMIJPHTMdZrcuRVI+wR1uPLIlEJzBvxTGbTrvPU25WJFtu+EajKqXO0SHdy0yx8 +uH4ykRBJRc36+oYo7nZ5D56dh7pZn3+9J64FKAOV0Q3KqMFieGy053ezuhJd70eZ +UozTgfjs3WpMzoYmKETSyl3XZSdInRe+sUlKPruTsKyg69oYxjPlrGfAmmGcCFca +TnZinT18dI92zK7OtOVkmYeYKC1lwuhftVrNMXzZuHOGpS9NNYtc4nDqDMIEOfV3 +6rCdu03WjEgJ+Z67tJs16xOx9du4/EHxS2Ijn9DPfVJvYy0TgzDi1BUpjWx0KTLx +C4OQbEZ/QTWmHVbSch/hcZhzbf7SNh5RpnW4EtmcpDFjIKMfxJmoKeiTf7qnilx0 +7uRvsZFKoDKRDOFiPfgMg5AOtLHziYsd9m0tJjC2GHvFuPjzOtzhnUUjmmvht170 +2aqKakjST4amg7jzLcs871HX0/WjOtt29NpOz140blkKf1bisg== +-----END CERTIFICATE REQUEST----- \ No newline at end of file diff --git a/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.key b/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.key new file mode 100644 index 000000000..c9eec145f --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/ssl/server.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAyt0yFIsg713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik +9FW3mcqh75sGYwIOBmNdHfsmQ3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyE +LAFY5w+iqO1xcLTZO/aOiWXwBWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6K +Z6blxg+regwPEI94MtHbmk47ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEsw +uuxkMlWWGhcqYnA9UjbbEZoBFb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpy +COyv5z+0+rgR0IxzvhabBpFPZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9 +hsuLaM76mR6W1MbIMe7E93o/SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEA +lXtPCbn+cbKLlxWpA3JS1ePi/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMo +S7OotF/zOaryQYi4NRi0wkttK6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efq +lqSOHrot3R2dS5dFR+iHKW+zkU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEp +MQorPj/GTSra5qT6KkrtHjjhhThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEA +AQKCAgAbZPdoUsllyZbC+LNkYZ19ILD5QIDNjfRb1xMGQmkXyQz1B+zOmeyrNfPc +OWEJabOfJTfj3pByN7SzG3US4333HNpQnW6mbmqqZ0HFFqPrXR/Ecuf+UUhCG5hp +m3bgM2vKbyccYsmg0VHcKfzrU7RvTTP/UNMjx2fThwvvwS+ttuSdF0HVcXJB5sfP +OWWnZNhkdHZlRf81VCED/jsZqCZYEh5eMyj9AoXvXL4zayPPf+tC0DSKaXW2Xlxg +tZQhqup8+a9nlxZia0Z9hu8clo6jXkiP8FuKgfCMV0cOjiCKLLHS5svTbLLsVWwJ +F2ZAdVcD6mWQ43qHOEK5NEzGvQKO14CaOLnVT2yAkMcyNohsEgoDP9oCBGDJQbBH +NmtZfpVjjtuTr9P9TEkU1FcBRo0x6Il/DkzamGbOeFAmgnaGElhJ5c/CAG7whaIf +mUfFOBGPH/wESY3gBOACDofeSh27RrlvbLaPiCGKivDUTBmhBsIuso6XqOKbvtfV +/HhhndpdRVfIj4DdE7gIrLIGN977JMVAXFCNz7KrvAWwcOXrCHCoWpklJ9repq8l +26ICY8K7VXktzDHQUmhd88ZWR+9ASURsJghUgZUOcMrEGyvci6Y8hpLhHiNVPHuQ ++ps7tpPsXSntBUqWBzhRZh74+nJlOOV6oYykl30JT2JzB6lwiQKCAQEA9ecn8N2z +20tR2UEiTv/MjVSepQtAAajegvcd1iasvvQKXnh3XLmoZHzH2tTa0lp5RIZpUQPl +lOTwko0lYTBnYblt65AJQ3FTgisNobIpoqE8BFXLm6wggz7CbabjmPGDe173lPGR +sI0YSKYvzrdn4zw8Fh6WULJyZHLi58zJYL3r0WBDiOoxpGaGA1GlmkuIWjhKHaX2 +OvF1vOuQDJ2eDyTc5TYFC0NKG76Mvanov5L/yrhNM/umbmp0SPspzHGZobAKUr20 +OazFT8S+2TA1OTxWNbiPbSimFoaZbEdqsNACGfVJWO8Sh8iqlt5RmEcSiSvGBj6L +QKprRO9Fsp2GawKCAQEA0zGhRsnux4JTNsdUSYsEJtITMj6eE+nl7CoZ9DAOwC5X +6/aSpUE4TT+pWNrt9iluXiGL0j89UJ7r/L1OcsiyzGb8ig9NU4zr1NIGTZ0DstHi +HPYINjeiBJEFIy17kOQn+9/I5c4hBUwz6ihwNoEomymVB/EsLJKAML0AudJGKg+Z +/f/qrS40eab5SAiaKgsh0MZnj+vIxyGBydt6r2HGmjfNITVbXIu6IpO+6NXDwM/e +7v10AAZ3j9+gb1RedLg2ghuIuYU90hmMhtVWsh9nVmaOkMW9/WFgOPYvt/mHH/hR +d4pePZ9kACGmqo/b9sHvHw1YEubtCt1VUiNuFxnJCwKCAQBWnxz0vkRTJY8phsY9 +KeK2jm5sGTBs5T2syLwb6ffENFdKvAjgAw6Mh2And/+1ReWd+/MxdLv03UjZdxsJ +x3FDfXx5FH4O4ebW3a+pnAcKoN1xcX+N0O6LDRqUYcue3sTAOs3gC9CUbr91KAWD +Phw8ccWAzTmKJ7IgLFA982ekyoI9eTmRC159WRgwJxy844qerWF+XC4GyXP+HsTZ +jNRW5Vdi7sqMEyIR7+fIEAhLI88zbATWIPmZv6pC4ybwO7wwtsCMMQNBpdjDprzL +6S12ggikV+U+QKlxGe0FtYqhykRTPJKf32eZqVheWOZJTA/9fgv9ux52oxGycM8O +gmsNAoIBAQC60m5uZnd5uYnPLWkcXYNgq/kbO1UvHHut/FhVMKX7z4MrU0XKNfWO +MECoP5K9bU0aq+Y6KIMe7FapjvT0iSHRu1Cu+HZY8JI2A0xcIAeDijLRl7sP6wrB +q1+2DKgANjRAlWfsEfoX658JBpitPngjOheBnRCMpVQMyUT5HE/BKWf5zwdUB0mY +S+K8nA90HcDeJIS8RcGolbVwUV0oBABhr/cf50lYhqozqCr7YQ33ZGs7Uq3oz8+4 +UARmN2YPLl3Znm3GX12em8c6B0LX8vvA7Jw06Rf2Ksup1+3Ce1PTLiEy9A4FyRf3 +Hc2HmBbnJAtZlr5QikMqlzzAmmLqwH6dAoIBAC+ryaQGJFsijCSuaDfRp/uy9xnd +DjgMdTwjl5WLBmyudChVMANl8eqCbvVO41CN84yORk03oQ4cx0eKxAZaLaSzgkb3 +W0X2nFQe7VJSYMQswCQ+1WfJvEFrIdkEKIa//uQdhqNrgUKSNVhhSTMbNEkDTIWn +ssbv2H9hvUaFt/J/vP9zCKuU5oYvNU7Oi6ZXRYezRn9atlJYanLFoJnHUBRzGms5 +K0vhdCPDXQq87z5Yudoh0jLUQF9Nx0GTWeBceQ9n5hZeRUNQWxP4AJThQX9KSPTS +mbL3Kh4XNRmAUJ2N+Njh+3dg91s+JkKvC1wcspLsmLPQe+9AxBSH9y5JE/8= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/docker/nginx/alpine-3/conf/etc/nginx/vhost.common.conf b/docker/nginx/alpine-3/conf/etc/nginx/vhost.common.conf new file mode 100644 index 000000000..e69de29bb diff --git a/docker/nginx/alpine-3/conf/etc/nginx/vhost.conf b/docker/nginx/alpine-3/conf/etc/nginx/vhost.conf new file mode 100644 index 000000000..e21d9c0c4 --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/vhost.conf @@ -0,0 +1,84 @@ +server { + listen 80 default_server; + listen 8000 default_server; + + server_name _ docker; + + access_log /dev/stdout; + error_log /dev/stdout info; + + root ""; + index ; + + client_max_body_size 50m; + + location / { + try_files $uri $uri/ /?$query_string; + } + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php; + include fastcgi_params; + + fastcgi_param SCRIPT_FILENAME $request_filename; + + fastcgi_param MYSQL_USER ""; + fastcgi_param MYSQL_PASSWORD ""; + fastcgi_param MYSQL_ROOT_USER "root"; + fastcgi_param MYSQL_ROOT_PASSWORD ""; + fastcgi_param MYSQL_DATABASE ""; + + fastcgi_param POSTGRES_USER ""; + fastcgi_param POSTGRES_PASSWORD ""; + + fastcgi_read_timeout 1000; + } + + include /opt/docker/etc/nginx/vhost.common.conf; +} + +############## +# SSL +############## + +server { + listen 443 default_server; + listen 8443 default_server; + + server_name _ docker; + + access_log /dev/stdout; + error_log /dev/stdout info; + + root ""; + index ; + + client_max_body_size 50m; + + location / { + try_files $uri $uri/ /?$query_string; + } + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php; + include fastcgi_params; + + fastcgi_param SCRIPT_FILENAME $request_filename; + + fastcgi_param MYSQL_USER ""; + fastcgi_param MYSQL_PASSWORD ""; + fastcgi_param MYSQL_ROOT_USER "root"; + fastcgi_param MYSQL_ROOT_PASSWORD ""; + fastcgi_param MYSQL_DATABASE ""; + + fastcgi_param POSTGRES_USER ""; + fastcgi_param POSTGRES_PASSWORD ""; + + fastcgi_read_timeout 1000; + } + + include /opt/docker/etc/nginx/vhost.common.conf; + include /opt/docker/etc/nginx/vhost.ssl.conf; +} diff --git a/docker/nginx/alpine-3/conf/etc/nginx/vhost.ssl.conf b/docker/nginx/alpine-3/conf/etc/nginx/vhost.ssl.conf new file mode 100644 index 000000000..4ddba251d --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/nginx/vhost.ssl.conf @@ -0,0 +1,7 @@ +ssl on; +ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive +ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'; +ssl_prefer_server_ciphers on; + +ssl_certificate /opt/docker/etc/nginx/ssl/server.crt; +ssl_certificate_key /opt/docker/etc/nginx/ssl/server.key; diff --git a/docker/nginx/alpine-3/conf/etc/supervisor.d/nginx.conf b/docker/nginx/alpine-3/conf/etc/supervisor.d/nginx.conf new file mode 100644 index 000000000..657bf499b --- /dev/null +++ b/docker/nginx/alpine-3/conf/etc/supervisor.d/nginx.conf @@ -0,0 +1,14 @@ +[group:nginx] +programs=nginxd +priority=20 + +[program:nginxd] +command = /opt/docker/bin/service.d/nginx.sh +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/defaults/main.yml new file mode 100644 index 000000000..69cba1cb4 --- /dev/null +++ b/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml new file mode 100644 index 000000000..ca34d3dd3 --- /dev/null +++ b/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -0,0 +1,48 @@ +--- + +- name: Diable nginx demonize mode + lineinfile: + dest: /etc/nginx/nginx.conf + regexp: '[\s;]*{{ item.key }}[\s]*' + line: '{{ item.key }} {{ item.value }};' + with_items: + - { key: 'daemon', value: "off" } + +- name: Enable nginx main config + file: + src: '/opt/docker/etc/nginx/main.conf' + dest: '/etc/nginx/conf.d/10-docker.conf' + state: link + force: yes + +- name: Remove default vhost + file: + path: "/etc/nginx/sites-enabled/default" + state: absent + +- name: Replace default nginx.conf [RedHat/Alpine family] + file: + src: '/opt/docker/etc/nginx/nginx.conf' + dest: '/etc/nginx/nginx.conf' + state: link + force: yes + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' + +- name: Ensure document root is available + file: + path: "{{ DOCUMENT_ROOT }}" + state: directory + recurse: yes + +- name: Fix rights of ssl files + file: + path: "{{ item.path }}" + state: "{{ item.state }}" + mode: "{{ item.mode }}" + owner: "root" + group: "root" + with_items: + - { path: '/opt/docker/etc/nginx/ssl', state: 'directory', mode: '0750' } + - { path: '/opt/docker/etc/nginx/ssl/server.crt', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/nginx/ssl/server.csr', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/nginx/ssl/server.key', state: 'file', mode: '0640' } diff --git a/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/main.yml b/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/nginx/centos-7/Dockerfile b/docker/nginx/centos-7/Dockerfile index cc5a1322b..7f551dabb 100644 --- a/docker/nginx/centos-7/Dockerfile +++ b/docker/nginx/centos-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:centos-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/debian-7/Dockerfile b/docker/nginx/debian-7/Dockerfile index abd2305b9..56daca656 100644 --- a/docker/nginx/debian-7/Dockerfile +++ b/docker/nginx/debian-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:debian-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/debian-8/Dockerfile b/docker/nginx/debian-8/Dockerfile index 568bea96b..3989a4eb9 100644 --- a/docker/nginx/debian-8/Dockerfile +++ b/docker/nginx/debian-8/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/debian-9/Dockerfile b/docker/nginx/debian-9/Dockerfile index f0a8ed03a..aacc84363 100644 --- a/docker/nginx/debian-9/Dockerfile +++ b/docker/nginx/debian-9/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/ubuntu-12.04/Dockerfile b/docker/nginx/ubuntu-12.04/Dockerfile index 2253c4e5c..7cdd5c765 100644 --- a/docker/nginx/ubuntu-12.04/Dockerfile +++ b/docker/nginx/ubuntu-12.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/ubuntu-14.04/Dockerfile b/docker/nginx/ubuntu-14.04/Dockerfile index 7ba629070..014692dd8 100644 --- a/docker/nginx/ubuntu-14.04/Dockerfile +++ b/docker/nginx/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/ubuntu-15.04/Dockerfile b/docker/nginx/ubuntu-15.04/Dockerfile index 54e98aab1..90f31844a 100644 --- a/docker/nginx/ubuntu-15.04/Dockerfile +++ b/docker/nginx/ubuntu-15.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/ubuntu-15.10/Dockerfile b/docker/nginx/ubuntu-15.10/Dockerfile index 85a84e967..01fb94123 100644 --- a/docker/nginx/ubuntu-15.10/Dockerfile +++ b/docker/nginx/ubuntu-15.10/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/nginx/ubuntu-16.04/Dockerfile b/docker/nginx/ubuntu-16.04/Dockerfile index a1d9d69be..643e27417 100644 --- a/docker/nginx/ubuntu-16.04/Dockerfile +++ b/docker/nginx/ubuntu-16.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-apache/alpine-3/Dockerfile b/docker/php-apache/alpine-3/Dockerfile new file mode 100644 index 000000000..5ff7a7c3d --- /dev/null +++ b/docker/php-apache/alpine-3/Dockerfile @@ -0,0 +1,35 @@ +#++++++++++++++++++++++++++++++++++++++ +# Alpine 3 PHP-Apache Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV WEB_DOCUMENT_ROOT /app +ENV WEB_DOCUMENT_INDEX index.php +ENV WEB_ALIAS_DOMAIN *.vm + +# Install apache +RUN /usr/local/bin/apk-install \ + apache2 \ + apache2-utils \ + apache2-proxy \ + apache2-ssl \ + && sed -ri ' \ + s!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g; \ + s!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g; \ + ' /etc/apache2/httpd.conf + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-apache \ + && bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-php-apache \ + && bash /opt/docker/bin/bootstrap.sh + +EXPOSE 80 443 + +CMD ["supervisord"] + diff --git a/docker/php-apache/alpine-3/conf/bin/service.d/httpd.sh b/docker/php-apache/alpine-3/conf/bin/service.d/httpd.sh new file mode 100644 index 000000000..33f6f6ca2 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/bin/service.d/httpd.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +set -e + +if [[ ! -e "$WEB_DOCUMENT_ROOT" ]]; then + echo "" + echo "[WARNING] WEB_DOCUMENT_ROOT does not exists with path \"$WEB_DOCUMENT_ROOT\"!" + echo "" +fi + +# Apache gets grumpy about PID files pre-existing +rm -f /var/run/httpd/httpd.pid + +rpl --quiet "" "$WEB_DOCUMENT_INDEX" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$WEB_DOCUMENT_ROOT" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$WEB_ALIAS_DOMAIN" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$HOSTNAME" /opt/docker/etc/httpd/*.conf + +exec /usr/sbin/apachectl -DFOREGROUND diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/global.conf b/docker/php-apache/alpine-3/conf/etc/httpd/global.conf new file mode 100644 index 000000000..080fe7816 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/global.conf @@ -0,0 +1,39 @@ +# Settings +TimeOut 1000 +ServerName "" + +DirectoryIndex +DocumentRoot "" + +"> + Options Indexes FollowSymLinks + AllowOverride All + + + Allow from all + + = 2.4> + Require all granted + + + + +LogFormat "[httpd:access] %V:%p %h %l %u %t \"%r\" %>s bytesIn:%I bytesOut:%O reqTime:%T" dockerlog +CustomLog /proc/self/fd/1 dockerlog +ErrorLog /proc/self/fd/2 + +####################################### +# Faster error documents +####################################### + + ErrorDocument 400 "400 Bad Request" + ErrorDocument 401 "401 Unauthorized" + ErrorDocument 403 "403 Forbidden" + ErrorDocument 404 "404 Not Found" + ErrorDocument 405 "405 Method Not Allowed" + + ErrorDocument 500 "500 Internal Server Error" + ErrorDocument 501 "501 Not Implemented" + ErrorDocument 502 "502 Bad Gateway" + ErrorDocument 503 "503 Service Unavailable" + diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/main.conf b/docker/php-apache/alpine-3/conf/etc/httpd/main.conf new file mode 100644 index 000000000..5575b94e2 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/main.conf @@ -0,0 +1,3 @@ +Include /opt/docker/etc/httpd/global.conf +Include /opt/docker/etc/httpd/php.conf +Include /opt/docker/etc/httpd/vhost.conf diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/php.conf b/docker/php-apache/alpine-3/conf/etc/httpd/php.conf new file mode 100644 index 000000000..bd4ff3971 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/php.conf @@ -0,0 +1,8 @@ + + + ProxySet connectiontimeout=5 timeout=600 + + + + SetHandler "proxy:fcgi://127.0.0.1:9000" + diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.crt b/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.crt new file mode 100644 index 000000000..6b0694907 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIE1DCCArwCCQDMMwGnSuK0tTANBgkqhkiG9w0BAQsFADAsMRswGQYDVQQKExJE +b2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wHhcNMTUwNTA0MTcxNDQw +WhcNMjUwNTAxMTcxNDQwWjAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUx +DTALBgNVBAMUBCoudm0wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDK +3TIUiyDvXelWeY9VXMrpjuZtYpVSDsACLpjFUhMnsP5/iKT0VbeZyqHvmwZjAg4G +Y10d+yZDdgv/xeu0HPOFbtR6pCp10d1tdLHZto5Cyuxu7IQsAVjnD6Ko7XFwtNk7 +9o6JZfAFaGL4w5MokrVmCtspnsMZH7/7zU4f96cbF39zLopnpuXGD6t6DA8Qj3gy +0duaTjs42bYRN+rwLzVKAev99iQ4kPMJn4vV6/Xk6rtoSzC67GQyVZYaFypicD1S +NtsRmgEVvjCBDbrLOneUiRwff6qxEsZi7Hxv7BKFj4iUWnII7K/nP7T6uBHQjHO+ +FpsGkU9lCMrCeVFBe8kKz/cbhd+yLUxXwAPr6gSOPmwn232Gy4tozvqZHpbUxsgx +7sT3ej9K66h1D7J+BjNFWYM1hbnC1r7H/xS7EBzBV8qRoQCVe08Juf5xsouXFakD +clLV4+L+1cxkpwsCQDly5g3tm/TBqA2O+ZJ+YHQDHKkzMyhLs6i0X/M5qvJBiLg1 +GLTCS20rpQ5gXTEGuINqHgwXQWkUO6bhgSYqdHGX3zbZ5+qWpI4eui3dHZ1Ll0VH +6Icpb7ORTQwhc6W8KBlybssYPSlGOEBGUjYGNheoz9FpoSkxCis+P8ZNKtrmpPoq +Su0eOOGFOFHG02eOgPVxSwrDeN9MVJo7BPysGMHJmQIDAQABMA0GCSqGSIb3DQEB +CwUAA4ICAQC63g6NHmQKbiy3G6iaDkpUSbr5Mq2YgU61XnvWVyREqDcy/BXCw9oY +SJ/KUvCpqPnACNOFqjadRAmPiA9nf2WduoCgwQGV/YRFGswSuVvh/3X2TX5NWvbS +t8MQDttQg1dxpiMUjlu3rqhfohBdWJvp2lVSdpDb/MOlXBc/+p7HfOHwhqB7wwPN +NNbSKUbZqZxmD8cOf1X0hASr1yfFPj+2vST3ESaON8S0T2p63YX/sD5jvOUiEuyw +I5WcvLmiRZA07SH8nWyckLY3qWL+OlhSZrlAnolWS00b+7h5LNuRYEjKzwVgntoA +aCopyQih6wIk0+AfJO4sfhJBmQhnIrAaP/zwBH5g9zVizLf5H7U+hNXrMwgw55Sq +vjMdkZHvPKUXTvVit/rYE9H+PY3brkRWzOl4V/i/ZLJJm5805H/NyTbz9kPMJw2Q +nn+KOpfXXySD39f8iuRgSKXsYNul38hxWgcZZ6g+sOOp2n/VUmf0eZUWNnJ8i7AP +4Qif7aDKMcibOwSwsB+DKZXDvZ5XSdnMphtuLS5rPSL81rVRmWC2DMfQ2eP8j0WN +VTroSk0xedQ7Qr+9TNooi9IyzX6n1a2S1UiciEZ3ZcDbXPl/P01m+IYZyPnLv0+9 +ZeioZYh1JLv3/OKsMrMLTfh2ZCj3aXwmc2Owi/wU2LS5QUOMcHH7CQ== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.csr b/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.csr new file mode 100644 index 000000000..8a9909f77 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.csr @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEcTCCAlkCAQAwLDEbMBkGA1UEChMSRG9ja2VyIEJvaWxlcnBsYXRlMQ0wCwYD +VQQDFAQqLnZtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyt0yFIsg +713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik9FW3mcqh75sGYwIOBmNdHfsm +Q3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyELAFY5w+iqO1xcLTZO/aOiWXw +BWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6KZ6blxg+regwPEI94MtHbmk47 +ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEswuuxkMlWWGhcqYnA9UjbbEZoB +Fb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpyCOyv5z+0+rgR0IxzvhabBpFP +ZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9hsuLaM76mR6W1MbIMe7E93o/ +SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEAlXtPCbn+cbKLlxWpA3JS1ePi +/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMoS7OotF/zOaryQYi4NRi0wktt +K6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efqlqSOHrot3R2dS5dFR+iHKW+z +kU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEpMQorPj/GTSra5qT6KkrtHjjh +hThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4ICAQBsEBgC2YepuZq/8UqvKMZKVy/etDKXj7BB+QPb+leNiKD7p4LDxHJsZSH8 +Ku9uMPeLfiQDn5jA41k5SlGttzvObd65RdEbO3yHpqsg05EGSDDLfaE1k2Al/qmX +/o8roPZF7+2kZthgMAgkcokS54LYqEYTGqOf3J9Ss0yRIZwhaOVebfFIbIOdpw0B +JNMIJPHTMdZrcuRVI+wR1uPLIlEJzBvxTGbTrvPU25WJFtu+EajKqXO0SHdy0yx8 +uH4ykRBJRc36+oYo7nZ5D56dh7pZn3+9J64FKAOV0Q3KqMFieGy053ezuhJd70eZ +UozTgfjs3WpMzoYmKETSyl3XZSdInRe+sUlKPruTsKyg69oYxjPlrGfAmmGcCFca +TnZinT18dI92zK7OtOVkmYeYKC1lwuhftVrNMXzZuHOGpS9NNYtc4nDqDMIEOfV3 +6rCdu03WjEgJ+Z67tJs16xOx9du4/EHxS2Ijn9DPfVJvYy0TgzDi1BUpjWx0KTLx +C4OQbEZ/QTWmHVbSch/hcZhzbf7SNh5RpnW4EtmcpDFjIKMfxJmoKeiTf7qnilx0 +7uRvsZFKoDKRDOFiPfgMg5AOtLHziYsd9m0tJjC2GHvFuPjzOtzhnUUjmmvht170 +2aqKakjST4amg7jzLcs871HX0/WjOtt29NpOz140blkKf1bisg== +-----END CERTIFICATE REQUEST----- \ No newline at end of file diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.key b/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.key new file mode 100644 index 000000000..c9eec145f --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/ssl/server.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAyt0yFIsg713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik +9FW3mcqh75sGYwIOBmNdHfsmQ3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyE +LAFY5w+iqO1xcLTZO/aOiWXwBWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6K +Z6blxg+regwPEI94MtHbmk47ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEsw +uuxkMlWWGhcqYnA9UjbbEZoBFb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpy +COyv5z+0+rgR0IxzvhabBpFPZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9 +hsuLaM76mR6W1MbIMe7E93o/SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEA +lXtPCbn+cbKLlxWpA3JS1ePi/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMo +S7OotF/zOaryQYi4NRi0wkttK6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efq +lqSOHrot3R2dS5dFR+iHKW+zkU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEp +MQorPj/GTSra5qT6KkrtHjjhhThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEA +AQKCAgAbZPdoUsllyZbC+LNkYZ19ILD5QIDNjfRb1xMGQmkXyQz1B+zOmeyrNfPc +OWEJabOfJTfj3pByN7SzG3US4333HNpQnW6mbmqqZ0HFFqPrXR/Ecuf+UUhCG5hp +m3bgM2vKbyccYsmg0VHcKfzrU7RvTTP/UNMjx2fThwvvwS+ttuSdF0HVcXJB5sfP +OWWnZNhkdHZlRf81VCED/jsZqCZYEh5eMyj9AoXvXL4zayPPf+tC0DSKaXW2Xlxg +tZQhqup8+a9nlxZia0Z9hu8clo6jXkiP8FuKgfCMV0cOjiCKLLHS5svTbLLsVWwJ +F2ZAdVcD6mWQ43qHOEK5NEzGvQKO14CaOLnVT2yAkMcyNohsEgoDP9oCBGDJQbBH +NmtZfpVjjtuTr9P9TEkU1FcBRo0x6Il/DkzamGbOeFAmgnaGElhJ5c/CAG7whaIf +mUfFOBGPH/wESY3gBOACDofeSh27RrlvbLaPiCGKivDUTBmhBsIuso6XqOKbvtfV +/HhhndpdRVfIj4DdE7gIrLIGN977JMVAXFCNz7KrvAWwcOXrCHCoWpklJ9repq8l +26ICY8K7VXktzDHQUmhd88ZWR+9ASURsJghUgZUOcMrEGyvci6Y8hpLhHiNVPHuQ ++ps7tpPsXSntBUqWBzhRZh74+nJlOOV6oYykl30JT2JzB6lwiQKCAQEA9ecn8N2z +20tR2UEiTv/MjVSepQtAAajegvcd1iasvvQKXnh3XLmoZHzH2tTa0lp5RIZpUQPl +lOTwko0lYTBnYblt65AJQ3FTgisNobIpoqE8BFXLm6wggz7CbabjmPGDe173lPGR +sI0YSKYvzrdn4zw8Fh6WULJyZHLi58zJYL3r0WBDiOoxpGaGA1GlmkuIWjhKHaX2 +OvF1vOuQDJ2eDyTc5TYFC0NKG76Mvanov5L/yrhNM/umbmp0SPspzHGZobAKUr20 +OazFT8S+2TA1OTxWNbiPbSimFoaZbEdqsNACGfVJWO8Sh8iqlt5RmEcSiSvGBj6L +QKprRO9Fsp2GawKCAQEA0zGhRsnux4JTNsdUSYsEJtITMj6eE+nl7CoZ9DAOwC5X +6/aSpUE4TT+pWNrt9iluXiGL0j89UJ7r/L1OcsiyzGb8ig9NU4zr1NIGTZ0DstHi +HPYINjeiBJEFIy17kOQn+9/I5c4hBUwz6ihwNoEomymVB/EsLJKAML0AudJGKg+Z +/f/qrS40eab5SAiaKgsh0MZnj+vIxyGBydt6r2HGmjfNITVbXIu6IpO+6NXDwM/e +7v10AAZ3j9+gb1RedLg2ghuIuYU90hmMhtVWsh9nVmaOkMW9/WFgOPYvt/mHH/hR +d4pePZ9kACGmqo/b9sHvHw1YEubtCt1VUiNuFxnJCwKCAQBWnxz0vkRTJY8phsY9 +KeK2jm5sGTBs5T2syLwb6ffENFdKvAjgAw6Mh2And/+1ReWd+/MxdLv03UjZdxsJ +x3FDfXx5FH4O4ebW3a+pnAcKoN1xcX+N0O6LDRqUYcue3sTAOs3gC9CUbr91KAWD +Phw8ccWAzTmKJ7IgLFA982ekyoI9eTmRC159WRgwJxy844qerWF+XC4GyXP+HsTZ +jNRW5Vdi7sqMEyIR7+fIEAhLI88zbATWIPmZv6pC4ybwO7wwtsCMMQNBpdjDprzL +6S12ggikV+U+QKlxGe0FtYqhykRTPJKf32eZqVheWOZJTA/9fgv9ux52oxGycM8O +gmsNAoIBAQC60m5uZnd5uYnPLWkcXYNgq/kbO1UvHHut/FhVMKX7z4MrU0XKNfWO +MECoP5K9bU0aq+Y6KIMe7FapjvT0iSHRu1Cu+HZY8JI2A0xcIAeDijLRl7sP6wrB +q1+2DKgANjRAlWfsEfoX658JBpitPngjOheBnRCMpVQMyUT5HE/BKWf5zwdUB0mY +S+K8nA90HcDeJIS8RcGolbVwUV0oBABhr/cf50lYhqozqCr7YQ33ZGs7Uq3oz8+4 +UARmN2YPLl3Znm3GX12em8c6B0LX8vvA7Jw06Rf2Ksup1+3Ce1PTLiEy9A4FyRf3 +Hc2HmBbnJAtZlr5QikMqlzzAmmLqwH6dAoIBAC+ryaQGJFsijCSuaDfRp/uy9xnd +DjgMdTwjl5WLBmyudChVMANl8eqCbvVO41CN84yORk03oQ4cx0eKxAZaLaSzgkb3 +W0X2nFQe7VJSYMQswCQ+1WfJvEFrIdkEKIa//uQdhqNrgUKSNVhhSTMbNEkDTIWn +ssbv2H9hvUaFt/J/vP9zCKuU5oYvNU7Oi6ZXRYezRn9atlJYanLFoJnHUBRzGms5 +K0vhdCPDXQq87z5Yudoh0jLUQF9Nx0GTWeBceQ9n5hZeRUNQWxP4AJThQX9KSPTS +mbL3Kh4XNRmAUJ2N+Njh+3dg91s+JkKvC1wcspLsmLPQe+9AxBSH9y5JE/8= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/vhost.common.conf b/docker/php-apache/alpine-3/conf/etc/httpd/vhost.common.conf new file mode 100644 index 000000000..e69de29bb diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/vhost.conf b/docker/php-apache/alpine-3/conf/etc/httpd/vhost.conf new file mode 100644 index 000000000..fb15ccda8 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/vhost.conf @@ -0,0 +1,23 @@ +####################################### +# Vhost +####################################### + + + ServerName docker.vm + ServerAlias + DocumentRoot "" + + UseCanonicalName Off + + Include /opt/docker/etc/httpd/vhost.common.conf + + + + ServerName docker.vm + ServerAlias + DocumentRoot "" + + UseCanonicalName Off + Include /opt/docker/etc/httpd/vhost.common.conf + Include /opt/docker/etc/httpd/vhost.ssl.conf + diff --git a/docker/php-apache/alpine-3/conf/etc/httpd/vhost.ssl.conf b/docker/php-apache/alpine-3/conf/etc/httpd/vhost.ssl.conf new file mode 100644 index 000000000..1261fd747 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/httpd/vhost.ssl.conf @@ -0,0 +1,27 @@ + ############ + # SSL + ############ + + SSLEngine on + SSLCertificateFile /opt/docker/etc/httpd/ssl/server.crt + SSLCertificateKeyFile /opt/docker/etc/httpd/ssl/server.key + + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + # MSIE 7 and newer should be able to use keepalive + # This regexp is ok with 17-9! + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + + ## SSL Hardening + SSLProtocol All -SSLv2 -SSLv3 + SSLHonorCipherOrder on + SSLCompression off + SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA' diff --git a/docker/php-apache/alpine-3/conf/etc/supervisor.d/apache.conf b/docker/php-apache/alpine-3/conf/etc/supervisor.d/apache.conf new file mode 100644 index 000000000..12a6f86f7 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/etc/supervisor.d/apache.conf @@ -0,0 +1,14 @@ +[group:apache] +programs=apached +priority=20 + +[program:apached] +command = /opt/docker/bin/service.d/httpd.sh +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/defaults/main.yml new file mode 100644 index 000000000..69cba1cb4 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml new file mode 100644 index 000000000..8e60c0ba5 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -0,0 +1,114 @@ +--- + +- name: Set apache vhost file [RedHat family] + set_fact: + apache_docker_vhost: /etc/httpd/conf.d/docker.conf + when: ansible_os_family == 'RedHat' + +- name: Set apache vhost file [Debian family] + set_fact: + apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf + when: ansible_os_family == 'Debian' + +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + +- name: Enable apache main config + file: + src: '/opt/docker/etc/httpd/main.conf' + dest: '{{ apache_docker_vhost }}' + state: link + force: yes + +- name: Ensure document root is available + file: + path: "{{ DOCUMENT_ROOT }}" + state: directory + recurse: yes + +- name: Ensure /var/run/apache2 exists + file: + path: '/var/run/apache2' + state: directory + recurse: yes + +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + +- name: Switch MPM to worker [RedHat family] + lineinfile: + dest: '/etc/httpd/conf.modules.d/00-mpm.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + when: ansible_os_family == 'RedHat' + +- name: Switch MPM to event for Apache 2.4 and higher [Ubuntu family] + command: "{{ item }}" + with_items: + - 'a2dismod mpm_event' + - 'a2enmod mpm_event' + when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) + +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + +- name: Fix rights of ssl files + file: + path: "{{ item.path }}" + state: "{{ item.state }}" + mode: "{{ item.mode }}" + owner: "root" + group: "root" + with_items: + - { path: '/opt/docker/etc/httpd/ssl', state: 'directory', mode: '0750' } + - { path: '/opt/docker/etc/httpd/ssl/server.crt', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/httpd/ssl/server.csr', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/httpd/ssl/server.key', state: 'file', mode: '0640' } diff --git a/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/main.yml b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-apache/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/defaults/main.yml b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/defaults/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/defaults/main.yml @@ -0,0 +1 @@ +--- diff --git a/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/tasks/bootstrap.yml b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/tasks/bootstrap.yml new file mode 100644 index 000000000..ad5fb2121 --- /dev/null +++ b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/tasks/bootstrap.yml @@ -0,0 +1,8 @@ +--- +- name: Restrict php-fpm to local connection + lineinfile: + dest: '/opt/docker/etc/php/fpm/pool.d/application.conf' + regexp: '^[\s;]*{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + - { key: 'listen', value: "127.0.0.1:9000" } diff --git a/docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/tasks/bootstrap.yml b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/tasks/entrypoint.yml similarity index 100% rename from docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/tasks/bootstrap.yml rename to docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/tasks/entrypoint.yml diff --git a/docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/tasks/main.yml b/docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/tasks/main.yml similarity index 100% rename from docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/tasks/main.yml rename to docker/php-apache/alpine-3/conf/provision/roles/webdevops-php-apache/tasks/main.yml diff --git a/docker/php-apache/centos-7/Dockerfile b/docker/php-apache/centos-7/Dockerfile index 58ee82fcb..d62b3903c 100644 --- a/docker/php-apache/centos-7/Dockerfile +++ b/docker/php-apache/centos-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:centos-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/centos-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/debian-7/Dockerfile b/docker/php-apache/debian-7/Dockerfile index 1f93f1bb3..ac1417c60 100644 --- a/docker/php-apache/debian-7/Dockerfile +++ b/docker/php-apache/debian-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/debian-7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/debian-8-php7/Dockerfile b/docker/php-apache/debian-8-php7/Dockerfile index 9c0ee9452..63ec617bd 100644 --- a/docker/php-apache/debian-8-php7/Dockerfile +++ b/docker/php-apache/debian-8-php7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-8-php7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/debian-8-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/debian-8/Dockerfile b/docker/php-apache/debian-8/Dockerfile index a26b81da3..30cdfd25a 100644 --- a/docker/php-apache/debian-8/Dockerfile +++ b/docker/php-apache/debian-8/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/debian-8/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/debian-9-php7/Dockerfile b/docker/php-apache/debian-9-php7/Dockerfile index c4e423317..daea2bd92 100644 --- a/docker/php-apache/debian-9-php7/Dockerfile +++ b/docker/php-apache/debian-9-php7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-9-php7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/debian-9-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/debian-9/Dockerfile b/docker/php-apache/debian-9/Dockerfile index 710a23635..df22c5295 100644 --- a/docker/php-apache/debian-9/Dockerfile +++ b/docker/php-apache/debian-9/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/debian-9/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/ubuntu-12.04/Dockerfile b/docker/php-apache/ubuntu-12.04/Dockerfile index 1ea3e6d0e..16b56abfc 100644 --- a/docker/php-apache/ubuntu-12.04/Dockerfile +++ b/docker/php-apache/ubuntu-12.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/ubuntu-12.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/ubuntu-14.04/Dockerfile b/docker/php-apache/ubuntu-14.04/Dockerfile index d40aa589e..d54481a20 100644 --- a/docker/php-apache/ubuntu-14.04/Dockerfile +++ b/docker/php-apache/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/ubuntu-14.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/ubuntu-15.04/Dockerfile b/docker/php-apache/ubuntu-15.04/Dockerfile index 59b57f9fc..4ffda1080 100644 --- a/docker/php-apache/ubuntu-15.04/Dockerfile +++ b/docker/php-apache/ubuntu-15.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/ubuntu-15.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/ubuntu-15.10/Dockerfile b/docker/php-apache/ubuntu-15.10/Dockerfile index fe225a4a0..5fc67611f 100644 --- a/docker/php-apache/ubuntu-15.10/Dockerfile +++ b/docker/php-apache/ubuntu-15.10/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/ubuntu-15.10/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/ubuntu-16.04-php7/Dockerfile b/docker/php-apache/ubuntu-16.04-php7/Dockerfile index 96bda7554..fab639ed2 100644 --- a/docker/php-apache/ubuntu-16.04-php7/Dockerfile +++ b/docker/php-apache/ubuntu-16.04-php7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-16.04-php7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/ubuntu-16.04-php7/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-apache/ubuntu-16.04/Dockerfile b/docker/php-apache/ubuntu-16.04/Dockerfile index 532310d12..02a441362 100644 --- a/docker/php-apache/ubuntu-16.04/Dockerfile +++ b/docker/php-apache/ubuntu-16.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml b/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml +++ b/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml b/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/docker/php-apache/ubuntu-16.04/conf/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/docker/php-nginx/alpine-3/Dockerfile b/docker/php-nginx/alpine-3/Dockerfile new file mode 100644 index 000000000..5097134ea --- /dev/null +++ b/docker/php-nginx/alpine-3/Dockerfile @@ -0,0 +1,27 @@ +#++++++++++++++++++++++++++++++++++++++ +# CentOS 7 PHP-Nginx Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +ENV WEB_DOCUMENT_ROOT /app +ENV WEB_DOCUMENT_INDEX index.php +ENV WEB_ALIAS_DOMAIN *.vm + +# Install nginx +RUN /usr/local/bin/apk-install \ + nginx + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-nginx \ + && bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-php-nginx \ + && bash /opt/docker/bin/bootstrap.sh + +EXPOSE 80 443 + +CMD ["supervisord"] diff --git a/docker/php-nginx/alpine-3/conf/bin/service.d/nginx.sh b/docker/php-nginx/alpine-3/conf/bin/service.d/nginx.sh new file mode 100644 index 000000000..a28a005c2 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/bin/service.d/nginx.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +set -e + +if [[ ! -e "$WEB_DOCUMENT_ROOT" ]]; then + echo "" + echo "[WARNING] WEB_DOCUMENT_ROOT does not exists with path \"$WEB_DOCUMENT_ROOT\"!" + echo "" +fi + +rpl --quiet "" "$WEB_DOCUMENT_INDEX" /opt/docker/etc/nginx/*.conf +rpl --quiet "" "$WEB_DOCUMENT_ROOT" /opt/docker/etc/nginx/*.conf +rpl --quiet "" "$WEB_ALIAS_DOMAIN" /opt/docker/etc/nginx/*.conf +rpl --quiet "" "$HOSTNAME" /opt/docker/etc/nginx/*.conf + +exec /usr/sbin/nginx diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/global.conf b/docker/php-nginx/alpine-3/conf/etc/nginx/global.conf new file mode 100644 index 000000000..e69de29bb diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/main.conf b/docker/php-nginx/alpine-3/conf/etc/nginx/main.conf new file mode 100644 index 000000000..517102d09 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/main.conf @@ -0,0 +1,6 @@ +include /opt/docker/etc/nginx/global.conf; +include /opt/docker/etc/nginx/php.conf; +include /opt/docker/etc/nginx/vhost.conf; + + + diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/nginx.conf b/docker/php-nginx/alpine-3/conf/etc/nginx/nginx.conf new file mode 100644 index 000000000..f5609826d --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/nginx.conf @@ -0,0 +1,35 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; +} +daemon off; diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/php.conf b/docker/php-nginx/alpine-3/conf/etc/nginx/php.conf new file mode 100644 index 000000000..4cdbc305f --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/php.conf @@ -0,0 +1,3 @@ +upstream php { + server 127.0.0.1:9000; +} diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.crt b/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.crt new file mode 100644 index 000000000..6b0694907 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIE1DCCArwCCQDMMwGnSuK0tTANBgkqhkiG9w0BAQsFADAsMRswGQYDVQQKExJE +b2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wHhcNMTUwNTA0MTcxNDQw +WhcNMjUwNTAxMTcxNDQwWjAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUx +DTALBgNVBAMUBCoudm0wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDK +3TIUiyDvXelWeY9VXMrpjuZtYpVSDsACLpjFUhMnsP5/iKT0VbeZyqHvmwZjAg4G +Y10d+yZDdgv/xeu0HPOFbtR6pCp10d1tdLHZto5Cyuxu7IQsAVjnD6Ko7XFwtNk7 +9o6JZfAFaGL4w5MokrVmCtspnsMZH7/7zU4f96cbF39zLopnpuXGD6t6DA8Qj3gy +0duaTjs42bYRN+rwLzVKAev99iQ4kPMJn4vV6/Xk6rtoSzC67GQyVZYaFypicD1S +NtsRmgEVvjCBDbrLOneUiRwff6qxEsZi7Hxv7BKFj4iUWnII7K/nP7T6uBHQjHO+ +FpsGkU9lCMrCeVFBe8kKz/cbhd+yLUxXwAPr6gSOPmwn232Gy4tozvqZHpbUxsgx +7sT3ej9K66h1D7J+BjNFWYM1hbnC1r7H/xS7EBzBV8qRoQCVe08Juf5xsouXFakD +clLV4+L+1cxkpwsCQDly5g3tm/TBqA2O+ZJ+YHQDHKkzMyhLs6i0X/M5qvJBiLg1 +GLTCS20rpQ5gXTEGuINqHgwXQWkUO6bhgSYqdHGX3zbZ5+qWpI4eui3dHZ1Ll0VH +6Icpb7ORTQwhc6W8KBlybssYPSlGOEBGUjYGNheoz9FpoSkxCis+P8ZNKtrmpPoq +Su0eOOGFOFHG02eOgPVxSwrDeN9MVJo7BPysGMHJmQIDAQABMA0GCSqGSIb3DQEB +CwUAA4ICAQC63g6NHmQKbiy3G6iaDkpUSbr5Mq2YgU61XnvWVyREqDcy/BXCw9oY +SJ/KUvCpqPnACNOFqjadRAmPiA9nf2WduoCgwQGV/YRFGswSuVvh/3X2TX5NWvbS +t8MQDttQg1dxpiMUjlu3rqhfohBdWJvp2lVSdpDb/MOlXBc/+p7HfOHwhqB7wwPN +NNbSKUbZqZxmD8cOf1X0hASr1yfFPj+2vST3ESaON8S0T2p63YX/sD5jvOUiEuyw +I5WcvLmiRZA07SH8nWyckLY3qWL+OlhSZrlAnolWS00b+7h5LNuRYEjKzwVgntoA +aCopyQih6wIk0+AfJO4sfhJBmQhnIrAaP/zwBH5g9zVizLf5H7U+hNXrMwgw55Sq +vjMdkZHvPKUXTvVit/rYE9H+PY3brkRWzOl4V/i/ZLJJm5805H/NyTbz9kPMJw2Q +nn+KOpfXXySD39f8iuRgSKXsYNul38hxWgcZZ6g+sOOp2n/VUmf0eZUWNnJ8i7AP +4Qif7aDKMcibOwSwsB+DKZXDvZ5XSdnMphtuLS5rPSL81rVRmWC2DMfQ2eP8j0WN +VTroSk0xedQ7Qr+9TNooi9IyzX6n1a2S1UiciEZ3ZcDbXPl/P01m+IYZyPnLv0+9 +ZeioZYh1JLv3/OKsMrMLTfh2ZCj3aXwmc2Owi/wU2LS5QUOMcHH7CQ== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.csr b/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.csr new file mode 100644 index 000000000..8a9909f77 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.csr @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEcTCCAlkCAQAwLDEbMBkGA1UEChMSRG9ja2VyIEJvaWxlcnBsYXRlMQ0wCwYD +VQQDFAQqLnZtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyt0yFIsg +713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik9FW3mcqh75sGYwIOBmNdHfsm +Q3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyELAFY5w+iqO1xcLTZO/aOiWXw +BWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6KZ6blxg+regwPEI94MtHbmk47 +ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEswuuxkMlWWGhcqYnA9UjbbEZoB +Fb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpyCOyv5z+0+rgR0IxzvhabBpFP +ZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9hsuLaM76mR6W1MbIMe7E93o/ +SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEAlXtPCbn+cbKLlxWpA3JS1ePi +/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMoS7OotF/zOaryQYi4NRi0wktt +K6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efqlqSOHrot3R2dS5dFR+iHKW+z +kU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEpMQorPj/GTSra5qT6KkrtHjjh +hThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEAAaAAMA0GCSqGSIb3DQEBCwUA +A4ICAQBsEBgC2YepuZq/8UqvKMZKVy/etDKXj7BB+QPb+leNiKD7p4LDxHJsZSH8 +Ku9uMPeLfiQDn5jA41k5SlGttzvObd65RdEbO3yHpqsg05EGSDDLfaE1k2Al/qmX +/o8roPZF7+2kZthgMAgkcokS54LYqEYTGqOf3J9Ss0yRIZwhaOVebfFIbIOdpw0B +JNMIJPHTMdZrcuRVI+wR1uPLIlEJzBvxTGbTrvPU25WJFtu+EajKqXO0SHdy0yx8 +uH4ykRBJRc36+oYo7nZ5D56dh7pZn3+9J64FKAOV0Q3KqMFieGy053ezuhJd70eZ +UozTgfjs3WpMzoYmKETSyl3XZSdInRe+sUlKPruTsKyg69oYxjPlrGfAmmGcCFca +TnZinT18dI92zK7OtOVkmYeYKC1lwuhftVrNMXzZuHOGpS9NNYtc4nDqDMIEOfV3 +6rCdu03WjEgJ+Z67tJs16xOx9du4/EHxS2Ijn9DPfVJvYy0TgzDi1BUpjWx0KTLx +C4OQbEZ/QTWmHVbSch/hcZhzbf7SNh5RpnW4EtmcpDFjIKMfxJmoKeiTf7qnilx0 +7uRvsZFKoDKRDOFiPfgMg5AOtLHziYsd9m0tJjC2GHvFuPjzOtzhnUUjmmvht170 +2aqKakjST4amg7jzLcs871HX0/WjOtt29NpOz140blkKf1bisg== +-----END CERTIFICATE REQUEST----- \ No newline at end of file diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.key b/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.key new file mode 100644 index 000000000..c9eec145f --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/ssl/server.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKAIBAAKCAgEAyt0yFIsg713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik +9FW3mcqh75sGYwIOBmNdHfsmQ3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyE +LAFY5w+iqO1xcLTZO/aOiWXwBWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6K +Z6blxg+regwPEI94MtHbmk47ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEsw +uuxkMlWWGhcqYnA9UjbbEZoBFb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpy +COyv5z+0+rgR0IxzvhabBpFPZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9 +hsuLaM76mR6W1MbIMe7E93o/SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEA +lXtPCbn+cbKLlxWpA3JS1ePi/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMo +S7OotF/zOaryQYi4NRi0wkttK6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efq +lqSOHrot3R2dS5dFR+iHKW+zkU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEp +MQorPj/GTSra5qT6KkrtHjjhhThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEA +AQKCAgAbZPdoUsllyZbC+LNkYZ19ILD5QIDNjfRb1xMGQmkXyQz1B+zOmeyrNfPc +OWEJabOfJTfj3pByN7SzG3US4333HNpQnW6mbmqqZ0HFFqPrXR/Ecuf+UUhCG5hp +m3bgM2vKbyccYsmg0VHcKfzrU7RvTTP/UNMjx2fThwvvwS+ttuSdF0HVcXJB5sfP +OWWnZNhkdHZlRf81VCED/jsZqCZYEh5eMyj9AoXvXL4zayPPf+tC0DSKaXW2Xlxg +tZQhqup8+a9nlxZia0Z9hu8clo6jXkiP8FuKgfCMV0cOjiCKLLHS5svTbLLsVWwJ +F2ZAdVcD6mWQ43qHOEK5NEzGvQKO14CaOLnVT2yAkMcyNohsEgoDP9oCBGDJQbBH +NmtZfpVjjtuTr9P9TEkU1FcBRo0x6Il/DkzamGbOeFAmgnaGElhJ5c/CAG7whaIf +mUfFOBGPH/wESY3gBOACDofeSh27RrlvbLaPiCGKivDUTBmhBsIuso6XqOKbvtfV +/HhhndpdRVfIj4DdE7gIrLIGN977JMVAXFCNz7KrvAWwcOXrCHCoWpklJ9repq8l +26ICY8K7VXktzDHQUmhd88ZWR+9ASURsJghUgZUOcMrEGyvci6Y8hpLhHiNVPHuQ ++ps7tpPsXSntBUqWBzhRZh74+nJlOOV6oYykl30JT2JzB6lwiQKCAQEA9ecn8N2z +20tR2UEiTv/MjVSepQtAAajegvcd1iasvvQKXnh3XLmoZHzH2tTa0lp5RIZpUQPl +lOTwko0lYTBnYblt65AJQ3FTgisNobIpoqE8BFXLm6wggz7CbabjmPGDe173lPGR +sI0YSKYvzrdn4zw8Fh6WULJyZHLi58zJYL3r0WBDiOoxpGaGA1GlmkuIWjhKHaX2 +OvF1vOuQDJ2eDyTc5TYFC0NKG76Mvanov5L/yrhNM/umbmp0SPspzHGZobAKUr20 +OazFT8S+2TA1OTxWNbiPbSimFoaZbEdqsNACGfVJWO8Sh8iqlt5RmEcSiSvGBj6L +QKprRO9Fsp2GawKCAQEA0zGhRsnux4JTNsdUSYsEJtITMj6eE+nl7CoZ9DAOwC5X +6/aSpUE4TT+pWNrt9iluXiGL0j89UJ7r/L1OcsiyzGb8ig9NU4zr1NIGTZ0DstHi +HPYINjeiBJEFIy17kOQn+9/I5c4hBUwz6ihwNoEomymVB/EsLJKAML0AudJGKg+Z +/f/qrS40eab5SAiaKgsh0MZnj+vIxyGBydt6r2HGmjfNITVbXIu6IpO+6NXDwM/e +7v10AAZ3j9+gb1RedLg2ghuIuYU90hmMhtVWsh9nVmaOkMW9/WFgOPYvt/mHH/hR +d4pePZ9kACGmqo/b9sHvHw1YEubtCt1VUiNuFxnJCwKCAQBWnxz0vkRTJY8phsY9 +KeK2jm5sGTBs5T2syLwb6ffENFdKvAjgAw6Mh2And/+1ReWd+/MxdLv03UjZdxsJ +x3FDfXx5FH4O4ebW3a+pnAcKoN1xcX+N0O6LDRqUYcue3sTAOs3gC9CUbr91KAWD +Phw8ccWAzTmKJ7IgLFA982ekyoI9eTmRC159WRgwJxy844qerWF+XC4GyXP+HsTZ +jNRW5Vdi7sqMEyIR7+fIEAhLI88zbATWIPmZv6pC4ybwO7wwtsCMMQNBpdjDprzL +6S12ggikV+U+QKlxGe0FtYqhykRTPJKf32eZqVheWOZJTA/9fgv9ux52oxGycM8O +gmsNAoIBAQC60m5uZnd5uYnPLWkcXYNgq/kbO1UvHHut/FhVMKX7z4MrU0XKNfWO +MECoP5K9bU0aq+Y6KIMe7FapjvT0iSHRu1Cu+HZY8JI2A0xcIAeDijLRl7sP6wrB +q1+2DKgANjRAlWfsEfoX658JBpitPngjOheBnRCMpVQMyUT5HE/BKWf5zwdUB0mY +S+K8nA90HcDeJIS8RcGolbVwUV0oBABhr/cf50lYhqozqCr7YQ33ZGs7Uq3oz8+4 +UARmN2YPLl3Znm3GX12em8c6B0LX8vvA7Jw06Rf2Ksup1+3Ce1PTLiEy9A4FyRf3 +Hc2HmBbnJAtZlr5QikMqlzzAmmLqwH6dAoIBAC+ryaQGJFsijCSuaDfRp/uy9xnd +DjgMdTwjl5WLBmyudChVMANl8eqCbvVO41CN84yORk03oQ4cx0eKxAZaLaSzgkb3 +W0X2nFQe7VJSYMQswCQ+1WfJvEFrIdkEKIa//uQdhqNrgUKSNVhhSTMbNEkDTIWn +ssbv2H9hvUaFt/J/vP9zCKuU5oYvNU7Oi6ZXRYezRn9atlJYanLFoJnHUBRzGms5 +K0vhdCPDXQq87z5Yudoh0jLUQF9Nx0GTWeBceQ9n5hZeRUNQWxP4AJThQX9KSPTS +mbL3Kh4XNRmAUJ2N+Njh+3dg91s+JkKvC1wcspLsmLPQe+9AxBSH9y5JE/8= +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.common.conf b/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.common.conf new file mode 100644 index 000000000..e69de29bb diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.conf b/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.conf new file mode 100644 index 000000000..e21d9c0c4 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.conf @@ -0,0 +1,84 @@ +server { + listen 80 default_server; + listen 8000 default_server; + + server_name _ docker; + + access_log /dev/stdout; + error_log /dev/stdout info; + + root ""; + index ; + + client_max_body_size 50m; + + location / { + try_files $uri $uri/ /?$query_string; + } + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php; + include fastcgi_params; + + fastcgi_param SCRIPT_FILENAME $request_filename; + + fastcgi_param MYSQL_USER ""; + fastcgi_param MYSQL_PASSWORD ""; + fastcgi_param MYSQL_ROOT_USER "root"; + fastcgi_param MYSQL_ROOT_PASSWORD ""; + fastcgi_param MYSQL_DATABASE ""; + + fastcgi_param POSTGRES_USER ""; + fastcgi_param POSTGRES_PASSWORD ""; + + fastcgi_read_timeout 1000; + } + + include /opt/docker/etc/nginx/vhost.common.conf; +} + +############## +# SSL +############## + +server { + listen 443 default_server; + listen 8443 default_server; + + server_name _ docker; + + access_log /dev/stdout; + error_log /dev/stdout info; + + root ""; + index ; + + client_max_body_size 50m; + + location / { + try_files $uri $uri/ /?$query_string; + } + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass php; + include fastcgi_params; + + fastcgi_param SCRIPT_FILENAME $request_filename; + + fastcgi_param MYSQL_USER ""; + fastcgi_param MYSQL_PASSWORD ""; + fastcgi_param MYSQL_ROOT_USER "root"; + fastcgi_param MYSQL_ROOT_PASSWORD ""; + fastcgi_param MYSQL_DATABASE ""; + + fastcgi_param POSTGRES_USER ""; + fastcgi_param POSTGRES_PASSWORD ""; + + fastcgi_read_timeout 1000; + } + + include /opt/docker/etc/nginx/vhost.common.conf; + include /opt/docker/etc/nginx/vhost.ssl.conf; +} diff --git a/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.ssl.conf b/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.ssl.conf new file mode 100644 index 000000000..4ddba251d --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/nginx/vhost.ssl.conf @@ -0,0 +1,7 @@ +ssl on; +ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive +ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'; +ssl_prefer_server_ciphers on; + +ssl_certificate /opt/docker/etc/nginx/ssl/server.crt; +ssl_certificate_key /opt/docker/etc/nginx/ssl/server.key; diff --git a/docker/php-nginx/alpine-3/conf/etc/supervisor.d/nginx.conf b/docker/php-nginx/alpine-3/conf/etc/supervisor.d/nginx.conf new file mode 100644 index 000000000..657bf499b --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/etc/supervisor.d/nginx.conf @@ -0,0 +1,14 @@ +[group:nginx] +programs=nginxd +priority=20 + +[program:nginxd] +command = /opt/docker/bin/service.d/nginx.sh +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/defaults/main.yml new file mode 100644 index 000000000..69cba1cb4 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml new file mode 100644 index 000000000..ca34d3dd3 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -0,0 +1,48 @@ +--- + +- name: Diable nginx demonize mode + lineinfile: + dest: /etc/nginx/nginx.conf + regexp: '[\s;]*{{ item.key }}[\s]*' + line: '{{ item.key }} {{ item.value }};' + with_items: + - { key: 'daemon', value: "off" } + +- name: Enable nginx main config + file: + src: '/opt/docker/etc/nginx/main.conf' + dest: '/etc/nginx/conf.d/10-docker.conf' + state: link + force: yes + +- name: Remove default vhost + file: + path: "/etc/nginx/sites-enabled/default" + state: absent + +- name: Replace default nginx.conf [RedHat/Alpine family] + file: + src: '/opt/docker/etc/nginx/nginx.conf' + dest: '/etc/nginx/nginx.conf' + state: link + force: yes + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' + +- name: Ensure document root is available + file: + path: "{{ DOCUMENT_ROOT }}" + state: directory + recurse: yes + +- name: Fix rights of ssl files + file: + path: "{{ item.path }}" + state: "{{ item.state }}" + mode: "{{ item.mode }}" + owner: "root" + group: "root" + with_items: + - { path: '/opt/docker/etc/nginx/ssl', state: 'directory', mode: '0750' } + - { path: '/opt/docker/etc/nginx/ssl/server.crt', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/nginx/ssl/server.csr', state: 'file', mode: '0640' } + - { path: '/opt/docker/etc/nginx/ssl/server.key', state: 'file', mode: '0640' } diff --git a/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/main.yml b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-nginx/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/defaults/main.yml b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/defaults/main.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/defaults/main.yml @@ -0,0 +1 @@ +--- diff --git a/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/bootstrap.yml b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/bootstrap.yml new file mode 100644 index 000000000..a2866e0d0 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/bootstrap.yml @@ -0,0 +1,9 @@ +--- + +- name: Restrict php-fpm to local connection + lineinfile: + dest: '/opt/docker/etc/php/fpm/pool.d/application.conf' + regexp: '^[\s;]*{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + - { key: 'listen', value: "127.0.0.1:9000" } diff --git a/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/entrypoint.yml b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/entrypoint.yml new file mode 100644 index 000000000..cd21505a4 --- /dev/null +++ b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/entrypoint.yml @@ -0,0 +1,2 @@ +--- + diff --git a/docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/tasks/main.yml b/docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/main.yml similarity index 100% rename from docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/tasks/main.yml rename to docker/php-nginx/alpine-3/conf/provision/roles/webdevops-php-nginx/tasks/main.yml diff --git a/docker/php-nginx/centos-7/Dockerfile b/docker/php-nginx/centos-7/Dockerfile index 77efe3a54..6f38a22e4 100644 --- a/docker/php-nginx/centos-7/Dockerfile +++ b/docker/php-nginx/centos-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:centos-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/centos-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/debian-7/Dockerfile b/docker/php-nginx/debian-7/Dockerfile index b7b411948..e8885c874 100644 --- a/docker/php-nginx/debian-7/Dockerfile +++ b/docker/php-nginx/debian-7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/debian-7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/debian-8-php7/Dockerfile b/docker/php-nginx/debian-8-php7/Dockerfile index d8b4ed00f..837e210ed 100644 --- a/docker/php-nginx/debian-8-php7/Dockerfile +++ b/docker/php-nginx/debian-8-php7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-8-php7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/debian-8-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/debian-8/Dockerfile b/docker/php-nginx/debian-8/Dockerfile index 503379cb9..dd53d7714 100644 --- a/docker/php-nginx/debian-8/Dockerfile +++ b/docker/php-nginx/debian-8/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/debian-8/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/debian-9-php7/Dockerfile b/docker/php-nginx/debian-9-php7/Dockerfile index e3dc4d497..0e5d65898 100644 --- a/docker/php-nginx/debian-9-php7/Dockerfile +++ b/docker/php-nginx/debian-9-php7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-9-php7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/debian-9-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/debian-9/Dockerfile b/docker/php-nginx/debian-9/Dockerfile index a586df306..2bd302eed 100644 --- a/docker/php-nginx/debian-9/Dockerfile +++ b/docker/php-nginx/debian-9/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/debian-9/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/ubuntu-12.04/Dockerfile b/docker/php-nginx/ubuntu-12.04/Dockerfile index 3b37030db..b14698897 100644 --- a/docker/php-nginx/ubuntu-12.04/Dockerfile +++ b/docker/php-nginx/ubuntu-12.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/ubuntu-12.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/ubuntu-14.04/Dockerfile b/docker/php-nginx/ubuntu-14.04/Dockerfile index 1e9352b59..797f06ad1 100644 --- a/docker/php-nginx/ubuntu-14.04/Dockerfile +++ b/docker/php-nginx/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/ubuntu-14.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/ubuntu-15.04/Dockerfile b/docker/php-nginx/ubuntu-15.04/Dockerfile index 6dd4bd5aa..7829de6e6 100644 --- a/docker/php-nginx/ubuntu-15.04/Dockerfile +++ b/docker/php-nginx/ubuntu-15.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/ubuntu-15.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/ubuntu-15.10/Dockerfile b/docker/php-nginx/ubuntu-15.10/Dockerfile index 2f69b6b71..73b21471d 100644 --- a/docker/php-nginx/ubuntu-15.10/Dockerfile +++ b/docker/php-nginx/ubuntu-15.10/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/ubuntu-15.10/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/ubuntu-16.04-php7/Dockerfile b/docker/php-nginx/ubuntu-16.04-php7/Dockerfile index b2c700dbb..74a14e3cc 100644 --- a/docker/php-nginx/ubuntu-16.04-php7/Dockerfile +++ b/docker/php-nginx/ubuntu-16.04-php7/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-16.04-php7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/ubuntu-16.04-php7/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php-nginx/ubuntu-16.04/Dockerfile b/docker/php-nginx/ubuntu-16.04/Dockerfile index cabae426e..49a2b01ad 100644 --- a/docker/php-nginx/ubuntu-16.04/Dockerfile +++ b/docker/php-nginx/ubuntu-16.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app diff --git a/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml b/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml +++ b/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/docker/php-nginx/ubuntu-16.04/conf/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/docker/php/alpine-3/Dockerfile b/docker/php/alpine-3/Dockerfile new file mode 100644 index 000000000..9a15d3a5d --- /dev/null +++ b/docker/php/alpine-3/Dockerfile @@ -0,0 +1,76 @@ +#++++++++++++++++++++++++++++++++++++++ +# CentOS 7 PHP Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/base-app:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.21.0 + +# Install tools +RUN /usr/local/bin/apk-install \ + imagemagick \ + graphicsmagick + +# Install php (cli/fpm) +RUN /usr/local/bin/apk-install \ + php-cli \ + php-fpm \ + php-json \ + php-intl \ + php-curl \ + php-mysql \ + php-mysqli \ + php-pdo_mysql \ + php-pdo_sqlite \ + php-xdebug \ + php-memcached \ + php-mcrypt \ + php-gd \ + php-bcmath \ + php-soap \ + php-sqlite3 \ + php-bz2 \ + php-calendar \ + php-ctype \ + php-pcntl \ + php-posix \ + php-sockets \ + php-sysvmsg \ + php-sysvsem \ + php-sysvshm \ + php-xmlreader \ + php-exif \ + php-ftp \ + php-gettext \ + php-iconv \ + php-zip \ + php-zlib \ + php-shmop \ + php-wddx \ + sqlite \ + php-xmlrpc \ + php-xsl \ + geoip \ + php-ldap \ + php-memcache \ + php-redis \ + php-pear \ + php-phar \ + php-openssl \ + && pear channel-update pear.php.net \ + && pear upgrade-all \ + && pear config-set auto_discover 1 \ + && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer + +# Deploy scripts/configurations +COPY conf/ /opt/docker/ +RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-php \ + && bash /opt/docker/bin/bootstrap.sh + + + +EXPOSE 9000 + +CMD ["supervisord"] diff --git a/docker/php/alpine-3/conf/etc/logrotate.d/php5-fpm b/docker/php/alpine-3/conf/etc/logrotate.d/php5-fpm new file mode 100644 index 000000000..e6ef4b123 --- /dev/null +++ b/docker/php/alpine-3/conf/etc/logrotate.d/php5-fpm @@ -0,0 +1,12 @@ +/var/log/php5-fpm/fpm.log +/var/log/php5-fpm/access.log +/var/log/php5-fpm/slow.log +/var/log/php5-fpm/error.log { + missingok + notifempty + sharedscripts + delaycompress + postrotate + /bin/kill -SIGUSR1 `cat /var/run/php5-fpm.pid` 2>/dev/null || true + endscript +} diff --git a/docker/php/alpine-3/conf/etc/php/fpm/php-fpm.conf b/docker/php/alpine-3/conf/etc/php/fpm/php-fpm.conf new file mode 100644 index 000000000..596980343 --- /dev/null +++ b/docker/php/alpine-3/conf/etc/php/fpm/php-fpm.conf @@ -0,0 +1,118 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr). This prefix can be dynamically changed by using the +; '-p' argument from the command line. + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /var +; Default Value: none +;pid = run/php-fpm.pid + +; Error log file +; If it's set to "syslog", log is sent to syslogd instead of being written +; in a local file. +; Note: the default prefix is /var +; Default Value: log/php-fpm.log +error_log = /var/log/php-fpm.log + +; syslog_facility is used to specify what type of program is logging the +; message. This lets syslogd specify that messages from different facilities +; will be handled differently. +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) +; Default Value: daemon +;syslog.facility = daemon + +; syslog_ident is prepended to every message. If you have multiple FPM +; instances running on the same server, you can change the default value +; which must suit common needs. +; Default Value: php-fpm +;syslog.ident = php-fpm + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; The maximum number of processes FPM will fork. This has been design to control +; the global number of processes when using dynamic PM within a lot of pools. +; Use it with caution. +; Note: A value of 0 indicates no limit +; Default Value: 0 +; process.max = 128 + +; Specify the nice(2) priority to apply to the master process (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool process will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +; Set open file descriptor rlimit for the master process. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit for the master process. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Specify the event mechanism FPM will use. The following is available: +; - select (any POSIX os) +; - poll (any POSIX os) +; - epoll (linux >= 2.5.44) +; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) +; - /dev/poll (Solaris >= 7) +; - port (Solaris >= 10) +; Default Value: not set (auto detection) +;events.mechanism = epoll + +; When FPM is build with systemd integration, specify the interval, +; in second, between health report notification to systemd. +; Set to 0 to disable. +; Available Units: s(econds), m(inutes), h(ours) +; Default Unit: seconds +; Default value: 10 +;systemd_interval = 10 + + + + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p argument) +; - /usr otherwise +include=/etc/php/fpm.d/*.conf diff --git a/docker/php/alpine-3/conf/etc/php/fpm/pool.d/application.conf b/docker/php/alpine-3/conf/etc/php/fpm/pool.d/application.conf new file mode 100644 index 000000000..527108c80 --- /dev/null +++ b/docker/php/alpine-3/conf/etc/php/fpm/pool.d/application.conf @@ -0,0 +1,420 @@ +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = nobody +group = nobody + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all IPv4 addresses on a +; specific port; +; '[::]:port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 65535 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 65535 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = nobody +;listen.group = nobody +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; exectute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/docker/php/alpine-3/conf/etc/php/php.ini b/docker/php/alpine-3/conf/etc/php/php.ini new file mode 100644 index 000000000..44168d270 --- /dev/null +++ b/docker/php/alpine-3/conf/etc/php/php.ini @@ -0,0 +1,28 @@ +; ------------------------------------- +; Docker PHP configuration +; ------------------------------------- + +; this file will overwrite default php.ini settings + +display_errors = 0 + +short_open_tag = Off +variables_order = 'GPCS' +request_order = 'GP' + +allow_url_fopen = On +allow_url_include = Off + +memory_limit = 512M +max_execution_time = 300 +max_input_time = 300 +post_max_size = 50M +upload_max_filesize = 50M +max_input_vars = 5000 + +expose_php = Off + +date.timezone = UTC + +mysql.default_host = mysql +mysqli.default_host = mysql diff --git a/docker/php/alpine-3/conf/etc/supervisor.d/php-fpm.conf b/docker/php/alpine-3/conf/etc/supervisor.d/php-fpm.conf new file mode 100644 index 000000000..696ff6d16 --- /dev/null +++ b/docker/php/alpine-3/conf/etc/supervisor.d/php-fpm.conf @@ -0,0 +1,54 @@ +[group:php-fpm] +programs=php-fpmd,php-fpm-log-fpm,php-fpm-log-slow,php-fpm-log-error,php-fpm-log-access +priority=20 + +[program:php-fpmd] +command = /usr/bin/php-fpm --nodaemonize +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-fpm] +command = bash /opt/docker/bin/logwatch.sh php:fpm /var/log/php5-fpm/fpm.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-slow] +command = bash /opt/docker/bin/logwatch.sh php:slow /var/log/php5-fpm/slow.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-error] +command = bash /opt/docker/bin/logwatch.sh php:error /var/log/php5-fpm/error.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-access] +command = bash /opt/docker/bin/logwatch.sh php:access /var/log/php5-fpm/access.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/defaults/main.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/defaults/main.yml new file mode 100644 index 000000000..81f5b7efd --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/defaults/main.yml @@ -0,0 +1,6 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap.yml new file mode 100644 index 000000000..3c2032cb5 --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap.yml @@ -0,0 +1,7 @@ +--- + +- include: bootstrap/php.yml +- include: bootstrap/php-fpm.main.yml +- include: bootstrap/php-fpm.pool.yml +- include: bootstrap/php-fpm.yml +- include: bootstrap/php-module.xdebug.yml diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml new file mode 100644 index 000000000..dcdaa60fe --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -0,0 +1,48 @@ +--- + +- name: Set php main file + set_fact: + php_main_conf: /etc/php-fpm.conf + when: ansible_os_family == 'RedHat' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php5/fpm/php-fpm.conf + when: ansible_os_family == 'Debian' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Move php-fpm main file to /opt/docker/etc/php/fpm/ + command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent + +- name: Symlink php-fpm main file + file: + path: "{{ php_main_conf }}" + src: "/opt/docker/etc/php/fpm/php-fpm.conf" + state: link + owner: "root" + group: "root" + +- name: Configure php-fpm main + lineinfile: + dest: '/opt/docker/etc/php/fpm/php-fpm.conf' + regexp: '^[\s;]*{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + - { key: 'error_log', value: "/var/log/php5-fpm/fpm.log" } + - { key: 'pid', value: "/var/run/php5-fpm.pid" } diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml new file mode 100644 index 000000000..df320c246 --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -0,0 +1,66 @@ +--- + +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php-fpm.d + when: ansible_os_family == 'RedHat' + +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php5/fpm/pool.d + when: ansible_os_family == 'Debian' + +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + +- name: Move php-fpm pool directory file to /opt/docker/etc/php/ + command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d + +- name: Rename pool file file to application.conf" + command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent + +- name: Symlink php-fpm main file + file: + path: "{{ php_pool_dir }}" + src: "/opt/docker/etc/php/fpm/pool.d" + state: link + owner: "root" + group: "root" + +- name: Configure php-fpm pool user (www.conf) + lineinfile: + dest: '/opt/docker/etc/php/fpm/pool.d/application.conf' + regexp: '^[\s;]*{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + - { key: 'listen', value: "0.0.0.0:9000" } + - { key: 'catch_workers_output', value: "yes" } + - { key: 'access.log', value: "/var/log/php5-fpm/access.log" } + - { key: 'slowlog', value: "/var/log/php5-fpm/slow.log" } + - { key: 'php_admin_value[error_log]', value: "/var/log/php5-fpm/error.log" } + - { key: 'php_admin_value[log_errors]', value: "on" } + - { key: 'user', value: "{{ APPLICATION_USER }}" } + - { key: 'group', value: "{{ APPLICATION_GROUP }}" } + +- name: Disable php-fpm connection limit + lineinfile: + dest: '/opt/docker/etc/php/fpm/pool.d/application.conf' + regexp: '^[\s;]*{{ item.key }}[\s]*=' + line: ';{{ item.key }}' + with_items: + - { key: 'listen.allowed_clients' } + diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.yml new file mode 100644 index 000000000..cac44982b --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.yml @@ -0,0 +1,36 @@ +--- + +- name: Symlink php-fpm binary + file: + path: "/usr/sbin/php5-fpm" + src: "/sbin/php-fpm" + state: link + owner: "root" + group: "root" + when: ansible_os_family == 'RedHat' + +- name: Remove default php-fpm logrotate + file: + path: "/etc/logrotate.d/php-fpm" + state: absent + when: ansible_os_family == 'RedHat' + +- name: Create php-fpm log directory + file: + path: "/var/log/php5-fpm/" + state: directory + owner: "root" + group: "root" + +- name: Create php-fpm log files + file: + path: "/var/log/php5-fpm/{{ item }}" + state: touch + owner: "root" + group: "root" + mode: 0600 + with_items: + - slow.log + - access.log + - error.log + - fpm.log diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml new file mode 100644 index 000000000..8db597ee1 --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -0,0 +1,31 @@ +--- + +- name: Set php xdebug file [RedHat family] + set_fact: + php_xdebug_conf: /etc/php.d/xdebug.ini + when: ansible_os_family == 'RedHat' + +- name: Set php xdebug file [Debian family] + set_fact: + php_xdebug_conf: /etc/php5/mods-available/xdebug.ini + when: ansible_os_family == 'Debian' + +- name: Set php xdebug file [Ubuntu 12.04] + set_fact: + php_xdebug_conf: /etc/php5/conf.d/xdebug.ini + when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" + +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + +- name: Disable xdebug + replace: + dest: '{{ php_xdebug_conf }}' + regexp: '^[\s]*({{ item }}[\s]*=.*)$' + replace: ';\1' + with_items: + - 'zend_extension' + - 'extension' + ignore_errors: yes diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml new file mode 100644 index 000000000..70f56451f --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -0,0 +1,51 @@ +--- + +- name: Create php directories + file: + path: "{{ item }}" + state: directory + mode: 0755 + owner: "root" + group: "root" + with_items: + - /opt/docker/etc/php/ + - /opt/docker/etc/php/fpm/ + +- name: Create /opt/docker/etc/php/php.ini" + file: + path: "/opt/docker/etc/php/php.ini" + state: touch + mode: 0744 + owner: root + group: root + +- name: Link php.ini for cli and fpm [Debian family] + file: + src: '{{ item.file }}' + dest: '/etc/php5/{{ item.category }}/conf.d/{{ item.target }}' + force: yes + state: link + with_items: + # PHP cli + - { category: 'cli', file: '/etc/php5/mods-available/mcrypt.ini', target: '20-mcrypt.ini' } + - { category: 'cli', file: '/opt/docker/etc/php/php.ini', target: '99-docker.ini' } + # PHP fpm + - { category: 'fpm', file: '/etc/php5/mods-available/mcrypt.ini', target: '20-mcrypt.ini' } + - { category: 'fpm', file: '/opt/docker/etc/php/php.ini', target: '99-docker.ini' } + when: ansible_os_family == 'Debian' + +- name: Create link for additional php.ini [RedHat family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php.d/zzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/main.yml b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/docker/php/alpine-3/conf/provision/roles/webdevops-php/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/docker/php/centos-7/Dockerfile b/docker/php/centos-7/Dockerfile index 971f53ad2..2c86b96f3 100644 --- a/docker/php/centos-7/Dockerfile +++ b/docker/php/centos-7/Dockerfile @@ -2,10 +2,10 @@ # CentOS 7 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:centos-7 +FROM webdevops/base-app:centos-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/centos-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/debian-7-php7/Dockerfile.disabled b/docker/php/debian-7-php7/Dockerfile.disabled index 1b24f62dc..27db0e315 100644 --- a/docker/php/debian-7-php7/Dockerfile.disabled +++ b/docker/php/debian-7-php7/Dockerfile.disabled @@ -5,6 +5,8 @@ FROM webdevops/base:debian-7 MAINTAINER info@webdevops.io +ENV WEB_DOCUMENT_ROOT /app + # Install dotdeb RUN echo "deb http://packages.dotdeb.org wheezy all" >> /etc/apt/sources.list \ && echo "deb-src http://packages.dotdeb.org wheezy all" >> /etc/apt/sources.list \ diff --git a/docker/php/debian-7/Dockerfile b/docker/php/debian-7/Dockerfile index 34df2338a..cc9a3b345 100644 --- a/docker/php/debian-7/Dockerfile +++ b/docker/php/debian-7/Dockerfile @@ -2,10 +2,10 @@ # Debian 7 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:debian-7 +FROM webdevops/base-app:debian-7 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/debian-7/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/debian-8-php7/Dockerfile b/docker/php/debian-8-php7/Dockerfile index 30facdcdb..bf8850c62 100644 --- a/docker/php/debian-8-php7/Dockerfile +++ b/docker/php/debian-8-php7/Dockerfile @@ -2,10 +2,10 @@ # Debian 8 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:debian-8 +FROM webdevops/base-app:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install dotdeb diff --git a/docker/php/debian-8/Dockerfile b/docker/php/debian-8/Dockerfile index 382bf09e1..7f6b88732 100644 --- a/docker/php/debian-8/Dockerfile +++ b/docker/php/debian-8/Dockerfile @@ -2,10 +2,10 @@ # Debian 8 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:debian-8 +FROM webdevops/base-app:debian-8 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/debian-8/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/debian-9-php7/Dockerfile b/docker/php/debian-9-php7/Dockerfile index c07ed06a2..8326b503a 100644 --- a/docker/php/debian-9-php7/Dockerfile +++ b/docker/php/debian-9-php7/Dockerfile @@ -2,10 +2,10 @@ # Debian 9 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:debian-9 +FROM webdevops/base-app:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/debian-9/Dockerfile b/docker/php/debian-9/Dockerfile index 854868395..66a72c7f4 100644 --- a/docker/php/debian-9/Dockerfile +++ b/docker/php/debian-9/Dockerfile @@ -2,10 +2,10 @@ # Debian 9 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:debian-9 +FROM webdevops/base-app:debian-9 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/debian-9/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/ubuntu-12.04/Dockerfile b/docker/php/ubuntu-12.04/Dockerfile index 221896b7a..b4205f860 100644 --- a/docker/php/ubuntu-12.04/Dockerfile +++ b/docker/php/ubuntu-12.04/Dockerfile @@ -2,10 +2,10 @@ # Ubuntu 12.04 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-12.04 +FROM webdevops/base-app:ubuntu-12.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/ubuntu-12.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/ubuntu-14.04/Dockerfile b/docker/php/ubuntu-14.04/Dockerfile index 35f8d76ba..766299fff 100644 --- a/docker/php/ubuntu-14.04/Dockerfile +++ b/docker/php/ubuntu-14.04/Dockerfile @@ -2,10 +2,10 @@ # Ubuntu 14.04 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-14.04 +FROM webdevops/base-app:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/ubuntu-14.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/ubuntu-15.04/Dockerfile b/docker/php/ubuntu-15.04/Dockerfile index b45630a89..84520eacd 100644 --- a/docker/php/ubuntu-15.04/Dockerfile +++ b/docker/php/ubuntu-15.04/Dockerfile @@ -2,10 +2,10 @@ # Ubuntu 15.04 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-15.04 +FROM webdevops/base-app:ubuntu-15.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/ubuntu-15.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/ubuntu-15.10/Dockerfile b/docker/php/ubuntu-15.10/Dockerfile index 9fdb04691..83584adb3 100644 --- a/docker/php/ubuntu-15.10/Dockerfile +++ b/docker/php/ubuntu-15.10/Dockerfile @@ -2,10 +2,10 @@ # Ubuntu 15.10 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-15.10 +FROM webdevops/base-app:ubuntu-15.10 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/ubuntu-15.10/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/php/ubuntu-16.04-php7/Dockerfile b/docker/php/ubuntu-16.04-php7/Dockerfile index 2e3a608c6..20cfc4075 100644 --- a/docker/php/ubuntu-16.04-php7/Dockerfile +++ b/docker/php/ubuntu-16.04-php7/Dockerfile @@ -2,10 +2,10 @@ # Ubuntu 16.04 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-16.04 +FROM webdevops/base-app:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/ubuntu-16.04/Dockerfile b/docker/php/ubuntu-16.04/Dockerfile index f47d697cb..d35373a77 100644 --- a/docker/php/ubuntu-16.04/Dockerfile +++ b/docker/php/ubuntu-16.04/Dockerfile @@ -2,10 +2,10 @@ # Ubuntu 16.04 PHP Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-16.04 +FROM webdevops/base-app:ubuntu-16.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Install tools diff --git a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/docker/php/ubuntu-16.04/conf/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/piwik/ubuntu-14.04/Dockerfile b/docker/piwik/ubuntu-14.04/Dockerfile index f4ffc8bec..f71be216b 100644 --- a/docker/piwik/ubuntu-14.04/Dockerfile +++ b/docker/piwik/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php-nginx:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app/piwik/ diff --git a/docker/postfix/ubuntu-14.04/Dockerfile b/docker/postfix/latest/Dockerfile similarity index 88% rename from docker/postfix/ubuntu-14.04/Dockerfile rename to docker/postfix/latest/Dockerfile index 8d63e1d76..ec991f74d 100644 --- a/docker/postfix/ubuntu-14.04/Dockerfile +++ b/docker/postfix/latest/Dockerfile @@ -2,10 +2,10 @@ # Postfix Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:latest +FROM webdevops/base-app:latest MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Deploy scripts/configurations diff --git a/docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/defaults/main.yml b/docker/postfix/latest/conf/provision/roles/webdevops-postfix/defaults/main.yml similarity index 100% rename from docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/defaults/main.yml rename to docker/postfix/latest/conf/provision/roles/webdevops-postfix/defaults/main.yml diff --git a/docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/bootstrap.yml b/docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/bootstrap.yml new file mode 100644 index 000000000..cd21505a4 --- /dev/null +++ b/docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/bootstrap.yml @@ -0,0 +1,2 @@ +--- + diff --git a/docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/tasks/entrypoint.yml b/docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/entrypoint.yml similarity index 100% rename from docker/postfix/ubuntu-14.04/conf/provision/roles/webdevops-postfix/tasks/entrypoint.yml rename to docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/entrypoint.yml diff --git a/docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/main.yml b/docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/main.yml new file mode 100644 index 000000000..7895a52a9 --- /dev/null +++ b/docker/postfix/latest/conf/provision/roles/webdevops-postfix/tasks/main.yml @@ -0,0 +1,9 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap + +- include: entrypoint.yml + tags: + - entrypoint diff --git a/docker/samson-deployment/latest/Dockerfile b/docker/samson-deployment/latest/Dockerfile index d783aecc2..12084b435 100644 --- a/docker/samson-deployment/latest/Dockerfile +++ b/docker/samson-deployment/latest/Dockerfile @@ -1,7 +1,7 @@ FROM zendesk/samson MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ############################################################################### diff --git a/docker/samson-deployment/latest/conf/VERSION b/docker/samson-deployment/latest/conf/VERSION index 7813681f5..62f945751 100644 --- a/docker/samson-deployment/latest/conf/VERSION +++ b/docker/samson-deployment/latest/conf/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/docker/samson-deployment/latest/conf/bin/config.sh b/docker/samson-deployment/latest/conf/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/docker/samson-deployment/latest/conf/bin/config.sh +++ b/docker/samson-deployment/latest/conf/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh b/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh +++ b/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/docker/samson-deployment/latest/conf/bin/entrypoint.d/default.sh b/docker/samson-deployment/latest/conf/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/docker/samson-deployment/latest/conf/bin/entrypoint.d/default.sh +++ b/docker/samson-deployment/latest/conf/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/docker/samson-deployment/latest/conf/bin/logwatch.sh b/docker/samson-deployment/latest/conf/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/docker/samson-deployment/latest/conf/bin/logwatch.sh +++ b/docker/samson-deployment/latest/conf/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/docker/samson-deployment/latest/conf/bin/service.d/dnsmasq.sh b/docker/samson-deployment/latest/conf/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/docker/samson-deployment/latest/conf/bin/service.d/dnsmasq.sh +++ b/docker/samson-deployment/latest/conf/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/docker/samson-deployment/latest/conf/bin/service.d/supervisor.sh b/docker/samson-deployment/latest/conf/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/docker/samson-deployment/latest/conf/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/docker/samson-deployment/latest/conf/etc/syslog-ng/syslog-ng.conf b/docker/samson-deployment/latest/conf/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/docker/samson-deployment/latest/conf/etc/syslog-ng/syslog-ng.conf +++ b/docker/samson-deployment/latest/conf/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap.yml b/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml index fd58b329f..01b0c19cb 100644 --- a/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ b/docker/samson-deployment/latest/conf/provision/roles/webdevops-base/tasks/bootstrap/user.yml @@ -1,5 +1,11 @@ --- +- name: Move dnsmasq group + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + - name: Create application group group: name: "{{ APPLICATION_GROUP }}" diff --git a/docker/samson-deployment/latest/scripts.tar b/docker/samson-deployment/latest/scripts.tar index ae8760f3c..17e201953 100644 Binary files a/docker/samson-deployment/latest/scripts.tar and b/docker/samson-deployment/latest/scripts.tar differ diff --git a/docker/sphinx/latest/Dockerfile b/docker/sphinx/latest/Dockerfile new file mode 100644 index 000000000..33d9b6ad9 --- /dev/null +++ b/docker/sphinx/latest/Dockerfile @@ -0,0 +1,21 @@ +#++++++++++++++++++++++++++++++++++++++ +# Sphinx Docker container +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/bootstrap:alpine-3 +MAINTAINER info@webdevops.io +LABEL vendor=WebDevOps.io +LABEL io.webdevops.layout=6 +LABEL io.webdevops.version=0.22.0 + +RUN /usr/local/bin/apk-install \ + py-pillow \ + py-yaml \ + py-sphinx \ + py-sphinx_rtd_theme \ + && pip install --upgrade sphinxcontrib-googlechart \ + && pip install --upgrade sphinxcontrib-googlemaps \ + && pip install --upgrade sphinxcontrib-httpdomain \ + && pip install --upgrade sphinxcontrib-slide \ + && pip install --upgrade sphinx-autobuild \ + && pip install --upgrade recommonmark diff --git a/docker/sphinx/latest/README.md b/docker/sphinx/latest/README.md new file mode 100644 index 000000000..fc09ce484 --- /dev/null +++ b/docker/sphinx/latest/README.md @@ -0,0 +1,22 @@ +# Postfix container layout + +## Environment variables + +Variable | Description +-------------------- | ------------------------------------------------------------------------------ +`POSTFIX_MYNETWORKS` | Postfix mynetwork setting +`POSTFIX_RELAYHOST` | Postfix relayhost setting + +## Container info + +Image | Info +----------------------------------- | ---------------------------------------------------------------------------------- +webdevops/postfix:latest | [![](https://badge.imagelayers.io/webdevops/postfix:latest.svg)](https://imagelayers.io/?images=webdevops/postfix:latest 'Get your own badge on imagelayers.io') + +## Example usage + +Running a sphinx-autobuild server for Live preview. + +```bash +docker run -t -i --rm -p 8080:8000 -v :/opt/docs webdevops/sphinx sphinx-autobuild -H 0.0.0.0 /opt/docs html +``` diff --git a/docker/ssh/ubuntu-14.04/Dockerfile b/docker/ssh/latest/Dockerfile similarity index 86% rename from docker/ssh/ubuntu-14.04/Dockerfile rename to docker/ssh/latest/Dockerfile index 8b093a8e7..55d2f76dd 100644 --- a/docker/ssh/ubuntu-14.04/Dockerfile +++ b/docker/ssh/latest/Dockerfile @@ -2,10 +2,10 @@ # SSH Docker container #++++++++++++++++++++++++++++++++++++++ -FROM webdevops/base:ubuntu-14.04 +FROM webdevops/base-app:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 RUN mkdir -p /var/run/sshd \ diff --git a/docker/storage/ubuntu-14.04/Dockerfile b/docker/storage/latest/Dockerfile similarity index 93% rename from docker/storage/ubuntu-14.04/Dockerfile rename to docker/storage/latest/Dockerfile index ff644cfb5..cb854393d 100644 --- a/docker/storage/ubuntu-14.04/Dockerfile +++ b/docker/storage/latest/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:latest MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 # Deploy scripts/configurations diff --git a/docker/storage/ubuntu-14.04/README.md b/docker/storage/latest/README.md similarity index 100% rename from docker/storage/ubuntu-14.04/README.md rename to docker/storage/latest/README.md diff --git a/docker/typo3/ubuntu-14.04/Dockerfile b/docker/typo3/ubuntu-14.04/Dockerfile index 3ed773b44..151749c4d 100644 --- a/docker/typo3/ubuntu-14.04/Dockerfile +++ b/docker/typo3/ubuntu-14.04/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/php-apache:ubuntu-14.04 MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV WEB_DOCUMENT_ROOT /app/web/ diff --git a/docker/vsftp/ubuntu-14.04/Dockerfile b/docker/vsftp/latest/Dockerfile similarity index 96% rename from docker/vsftp/ubuntu-14.04/Dockerfile rename to docker/vsftp/latest/Dockerfile index 8909a3b8c..f33f9bd1d 100644 --- a/docker/vsftp/ubuntu-14.04/Dockerfile +++ b/docker/vsftp/latest/Dockerfile @@ -5,7 +5,7 @@ FROM webdevops/base:latest MAINTAINER info@webdevops.io LABEL vendor=WebDevOps.io -LABEL io.webdevops.layout=5 +LABEL io.webdevops.layout=6 LABEL io.webdevops.version=0.21.0 ENV FTP_USER application diff --git a/docker/vsftp/ubuntu-14.04/conf/etc/supervisor.d/vsftp.conf b/docker/vsftp/latest/conf/etc/supervisor.d/vsftp.conf similarity index 100% rename from docker/vsftp/ubuntu-14.04/conf/etc/supervisor.d/vsftp.conf rename to docker/vsftp/latest/conf/etc/supervisor.d/vsftp.conf diff --git a/docker/vsftp/ubuntu-14.04/conf/etc/vsftpd/vsftpd.conf b/docker/vsftp/latest/conf/etc/vsftpd/vsftpd.conf similarity index 100% rename from docker/vsftp/ubuntu-14.04/conf/etc/vsftpd/vsftpd.conf rename to docker/vsftp/latest/conf/etc/vsftpd/vsftpd.conf diff --git a/docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/defaults/main.yml b/docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/defaults/main.yml similarity index 100% rename from docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/defaults/main.yml rename to docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/defaults/main.yml diff --git a/docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/tasks/bootstrap.yml b/docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/tasks/bootstrap.yml similarity index 100% rename from docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/tasks/bootstrap.yml rename to docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/tasks/bootstrap.yml diff --git a/docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/tasks/entrypoint.yml b/docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/tasks/entrypoint.yml similarity index 100% rename from docker/vsftp/ubuntu-14.04/conf/provision/roles/webdevops-vsftp/tasks/entrypoint.yml rename to docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/tasks/entrypoint.yml diff --git a/docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/tasks/main.yml b/docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/tasks/main.yml new file mode 100644 index 000000000..7895a52a9 --- /dev/null +++ b/docker/vsftp/latest/conf/provision/roles/webdevops-vsftp/tasks/main.yml @@ -0,0 +1,9 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap + +- include: entrypoint.yml + tags: + - entrypoint diff --git a/localscripts/usr/local/bin/apk-install b/localscripts/usr/local/bin/apk-install new file mode 100755 index 000000000..e0458b31a --- /dev/null +++ b/localscripts/usr/local/bin/apk-install @@ -0,0 +1,13 @@ +#!/bin/sh + +set -o pipefail # trace ERR through pipes +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +apk update + +# Install packages +apk add --upgrade --force $* + +# Clear files (reduce snapshot size) +rm -rf var/cache/apk/* diff --git a/localscripts/usr/local/bin/apk-upgrade b/localscripts/usr/local/bin/apk-upgrade new file mode 100755 index 000000000..f577b464a --- /dev/null +++ b/localscripts/usr/local/bin/apk-upgrade @@ -0,0 +1,14 @@ +#!/bin/sh + +set -o pipefail # trace ERR through pipes +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +# Update apk cache +apk update + +# Install packages +apk upgrade --force + +# Clear files (reduce snapshot size) +rm -rf var/cache/apk/* diff --git a/localscripts/usr/local/bin/generate-locales b/localscripts/usr/local/bin/generate-locales new file mode 100755 index 000000000..e23112532 --- /dev/null +++ b/localscripts/usr/local/bin/generate-locales @@ -0,0 +1,501 @@ +#!/bin/bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + + +####################################### +## Debian +####################################### + +if [[ -f /etc/os-release ]] && [[ -n "$(awk -F= '/^NAME/{print $2}' /etc/os-release|grep -i Debian)" ]]; then + /usr/local/bin/apt-install locales-all +fi + +####################################### +## Ubuntu +####################################### + +if [[ -f /etc/os-release ]] && [[ -n "$(awk -F= '/^NAME/{print $2}' /etc/os-release|grep -i Ubuntu)" ]]; then + ln -s /usr/share/i18n/SUPPORTED /var/lib/locales/supported.d/all + locale-gen +fi + +####################################### +## RedHat family +####################################### + +function localedefdebug() { + echo $* + localedef "$@" +} + +if [[ -f /etc/redhat-release ]]; then + + # Failing locales + ## && localedefdebug -c -i bo_CN -f UTF-8 bo_CN.utf8 \ + ## && localedefdebug -c -i bo_IN -f UTF-8 bo_IN.utf8 \ + ## && localedefdebug -c -i ca_ES -f ISO-8859-15@valencia ca_ES.iso885915@valencia \ + ## && localedefdebug -c -i ca_ES@valencia -f UTF-8 ca_ES.utf8@valencia \ + ## && localedefdebug -c -i ce_RU -f UTF-8 ce_RU.utf8 \ + ## && localedefdebug -c -i ckb_IQ -f UTF-8 ckb_IQ.utf8 \ + ## && localedefdebug -c -i de_LI -f UTF-8 de_LI.utf8 \ + ## && localedefdebug -c -i ug_CN@latin -f UTF-8 ug_CN.utf8@latin \ + ## && localedefdebug -c -i en_DK -f ISO-8859-1 en_DK.iso88591 \ + ## && localedefdebug -c -i en_DK -f ISO-8859-15 en_DK.iso885915 \ + ## && localedefdebug -c -i en_DK -f UTF-8 en_DK.utf8 \ + ## && localedefdebug -c -i eo -f ISO-8859-3 eo.iso88593 \ + ## && localedefdebug -c -i eo_US -f UTF-8 eo_US.utf8 \ + ## && localedefdebug -c -i eo -f UTF-8 eo.utf8 \ + ## && localedefdebug -c -i eu_FR -f ISO-8859-1 eu_FR.iso88591 \ + ## && localedefdebug -c -i eu_FR@euro -f ISO-8859-15 eu_FR.iso885915@euro \ + ## && localedefdebug -c -i eu_FR -f UTF-8 eu_FR.utf8 \ + ## && localedefdebug -c -i ia -f UTF-8 ia.utf8 \ + ## && localedefdebug -c -i ln_CD -f UTF-8 ln_CD.utf8 \ + ## && localedefdebug -c -i sd_PK -f UTF-8 sd_PK.utf8 \ + ## && localedefdebug -c -i zh_HK -f BIG5HKSCS zh_HK.big5hkscs \ + + # Generate localeslocale -a|grep '\.'| while read LOCALE; do LOCALE_LANG=$(echo $LOCALE|cut -d '.' -f 1); LOCALE_CHARSET=$(echo $LOCALE|cut -d '.' -f 2); echo "&& localedefdebug -c -i $LOCALE_LANG -f $LOCALE_CHARSET $LOCALE_LANG.$LOCALE_CHARSET ; \$(exit 0) \\"; done; + # -> + /bin/true \ + && localedefdebug -c -i aa_DJ -f ISO-8859-1 aa_DJ.iso88591 \ + && localedefdebug -c -i aa_DJ -f UTF-8 aa_DJ.utf8 \ + && localedefdebug -c -i aa_ER -f UTF-8 aa_ER.utf8 \ + && localedefdebug -c -i aa_ER@saaho -f UTF-8 aa_ER.utf8@saaho \ + && localedefdebug -c -i aa_ET -f UTF-8 aa_ET.utf8 \ + && localedefdebug -c -i af_ZA -f ISO-8859-1 af_ZA.iso88591 \ + && localedefdebug -c -i af_ZA -f UTF-8 af_ZA.utf8 \ + && localedefdebug -c -i am_ET -f UTF-8 am_ET.utf8 \ + && localedefdebug -c -i an_ES -f ISO-8859-15 an_ES.iso885915 \ + && localedefdebug -c -i an_ES -f UTF-8 an_ES.utf8 \ + && localedefdebug -c -i ar_AE -f ISO-8859-6 ar_AE.iso88596 \ + && localedefdebug -c -i ar_AE -f UTF-8 ar_AE.utf8 \ + && localedefdebug -c -i ar_BH -f ISO-8859-6 ar_BH.iso88596 \ + && localedefdebug -c -i ar_BH -f UTF-8 ar_BH.utf8 \ + && localedefdebug -c -i ar_DZ -f ISO-8859-6 ar_DZ.iso88596 \ + && localedefdebug -c -i ar_DZ -f UTF-8 ar_DZ.utf8 \ + && localedefdebug -c -i ar_EG -f ISO-8859-6 ar_EG.iso88596 \ + && localedefdebug -c -i ar_EG -f UTF-8 ar_EG.utf8 \ + && localedefdebug -c -i ar_IN -f UTF-8 ar_IN.utf8 \ + && localedefdebug -c -i ar_IQ -f ISO-8859-6 ar_IQ.iso88596 \ + && localedefdebug -c -i ar_IQ -f UTF-8 ar_IQ.utf8 \ + && localedefdebug -c -i ar_JO -f ISO-8859-6 ar_JO.iso88596 \ + && localedefdebug -c -i ar_JO -f UTF-8 ar_JO.utf8 \ + && localedefdebug -c -i ar_KW -f ISO-8859-6 ar_KW.iso88596 \ + && localedefdebug -c -i ar_KW -f UTF-8 ar_KW.utf8 \ + && localedefdebug -c -i ar_LB -f ISO-8859-6 ar_LB.iso88596 \ + && localedefdebug -c -i ar_LB -f UTF-8 ar_LB.utf8 \ + && localedefdebug -c -i ar_LY -f ISO-8859-6 ar_LY.iso88596 \ + && localedefdebug -c -i ar_LY -f UTF-8 ar_LY.utf8 \ + && localedefdebug -c -i ar_MA -f ISO-8859-6 ar_MA.iso88596 \ + && localedefdebug -c -i ar_MA -f UTF-8 ar_MA.utf8 \ + && localedefdebug -c -i ar_OM -f ISO-8859-6 ar_OM.iso88596 \ + && localedefdebug -c -i ar_OM -f UTF-8 ar_OM.utf8 \ + && localedefdebug -c -i ar_QA -f ISO-8859-6 ar_QA.iso88596 \ + && localedefdebug -c -i ar_QA -f UTF-8 ar_QA.utf8 \ + && localedefdebug -c -i ar_SA -f ISO-8859-6 ar_SA.iso88596 \ + && localedefdebug -c -i ar_SA -f UTF-8 ar_SA.utf8 \ + && localedefdebug -c -i ar_SD -f ISO-8859-6 ar_SD.iso88596 \ + && localedefdebug -c -i ar_SD -f UTF-8 ar_SD.utf8 \ + && localedefdebug -c -i ar_SY -f ISO-8859-6 ar_SY.iso88596 \ + && localedefdebug -c -i ar_SY -f UTF-8 ar_SY.utf8 \ + && localedefdebug -c -i ar_TN -f ISO-8859-6 ar_TN.iso88596 \ + && localedefdebug -c -i ar_TN -f UTF-8 ar_TN.utf8 \ + && localedefdebug -c -i ar_YE -f ISO-8859-6 ar_YE.iso88596 \ + && localedefdebug -c -i ar_YE -f UTF-8 ar_YE.utf8 \ + && localedefdebug -c -i as_IN -f UTF-8 as_IN.utf8 \ + && localedefdebug -c -i ast_ES -f ISO-8859-15 ast_ES.iso885915 \ + && localedefdebug -c -i ast_ES -f UTF-8 ast_ES.utf8 \ + && localedefdebug -c -i az_AZ -f UTF-8 az_AZ.utf8 \ + && localedefdebug -c -i be_BY -f CP1251 be_BY.cp1251 \ + && localedefdebug -c -i be_BY -f UTF-8 be_BY.utf8 \ + && localedefdebug -c -i be_BY@latin -f UTF-8 be_BY.utf8@latin \ + && localedefdebug -c -i bem_ZM -f UTF-8 bem_ZM.utf8 \ + && localedefdebug -c -i ber_DZ -f UTF-8 ber_DZ.utf8 \ + && localedefdebug -c -i ber_MA -f UTF-8 ber_MA.utf8 \ + && localedefdebug -c -i bg_BG -f CP1251 bg_BG.cp1251 \ + && localedefdebug -c -i bg_BG -f UTF-8 bg_BG.utf8 \ + && localedefdebug -c -i bho_IN -f UTF-8 bho_IN.utf8 \ + && localedefdebug -c -i bn_BD -f UTF-8 bn_BD.utf8 \ + && localedefdebug -c -i bn_IN -f UTF-8 bn_IN.utf8 \ + && localedefdebug -c -i br_FR -f ISO-8859-1 br_FR.iso88591 \ + && localedefdebug -c -i br_FR@euro -f ISO-8859-15 br_FR.iso885915@euro \ + && localedefdebug -c -i br_FR -f UTF-8 br_FR.utf8 \ + && localedefdebug -c -i brx_IN -f UTF-8 brx_IN.utf8 \ + && localedefdebug -c -i bs_BA -f ISO-8859-2 bs_BA.iso88592 \ + && localedefdebug -c -i bs_BA -f UTF-8 bs_BA.utf8 \ + && localedefdebug -c -i byn_ER -f UTF-8 byn_ER.utf8 \ + && localedefdebug -c -i ca_AD -f ISO-8859-15 ca_AD.iso885915 \ + && localedefdebug -c -i ca_AD -f UTF-8 ca_AD.utf8 \ + && localedefdebug -c -i ca_ES -f ISO-8859-1 ca_ES.iso88591 \ + && localedefdebug -c -i ca_ES@euro -f ISO-8859-15 ca_ES.iso885915@euro \ + && localedefdebug -c -i ca_ES -f UTF-8 ca_ES.utf8 \ + && localedefdebug -c -i ca_FR -f ISO-8859-15 ca_FR.iso885915 \ + && localedefdebug -c -i ca_FR -f UTF-8 ca_FR.utf8 \ + && localedefdebug -c -i ca_IT -f ISO-8859-15 ca_IT.iso885915 \ + && localedefdebug -c -i ca_IT -f UTF-8 ca_IT.utf8 \ + && localedefdebug -c -i crh_UA -f UTF-8 crh_UA.utf8 \ + && localedefdebug -c -i csb_PL -f UTF-8 csb_PL.utf8 \ + && localedefdebug -c -i cs_CZ -f ISO-8859-2 cs_CZ.iso88592 \ + && localedefdebug -c -i cs_CZ -f UTF-8 cs_CZ.utf8 \ + && localedefdebug -c -i cv_RU -f UTF-8 cv_RU.utf8 \ + && localedefdebug -c -i cy_GB -f ISO-8859-14 cy_GB.iso885914 \ + && localedefdebug -c -i cy_GB -f UTF-8 cy_GB.utf8 \ + && localedefdebug -c -i da_DK -f ISO-8859-1 da_DK.iso88591 \ + && localedefdebug -c -i da_DK -f UTF-8 da_DK.utf8 \ + && localedefdebug -c -i de_AT -f ISO-8859-1 de_AT.iso88591 \ + && localedefdebug -c -i de_AT@euro -f ISO-8859-15 de_AT.iso885915@euro \ + && localedefdebug -c -i de_AT -f UTF-8 de_AT.utf8 \ + && localedefdebug -c -i de_BE -f ISO-8859-1 de_BE.iso88591 \ + && localedefdebug -c -i de_BE@euro -f ISO-8859-15 de_BE.iso885915@euro \ + && localedefdebug -c -i de_BE -f UTF-8 de_BE.utf8 \ + && localedefdebug -c -i de_CH -f ISO-8859-1 de_CH.iso88591 \ + && localedefdebug -c -i de_CH -f UTF-8 de_CH.utf8 \ + && localedefdebug -c -i de_DE -f ISO-8859-1 de_DE.iso88591 \ + && localedefdebug -c -i de_DE@euro -f ISO-8859-15 de_DE.iso885915@euro \ + && localedefdebug -c -i de_DE -f UTF-8 de_DE.utf8 \ + && localedefdebug -c -i de_LU -f ISO-8859-1 de_LU.iso88591 \ + && localedefdebug -c -i de_LU@euro -f ISO-8859-15 de_LU.iso885915@euro \ + && localedefdebug -c -i de_LU -f UTF-8 de_LU.utf8 \ + && localedefdebug -c -i dv_MV -f UTF-8 dv_MV.utf8 \ + && localedefdebug -c -i dz_BT -f UTF-8 dz_BT.utf8 \ + && localedefdebug -c -i el_CY -f ISO-8859-7 el_CY.iso88597 \ + && localedefdebug -c -i el_CY -f UTF-8 el_CY.utf8 \ + && localedefdebug -c -i el_GR -f ISO-8859-7 el_GR.iso88597 \ + && localedefdebug -c -i el_GR -f UTF-8 el_GR.utf8 \ + && localedefdebug -c -i en_AG -f UTF-8 en_AG.utf8 \ + && localedefdebug -c -i en_AU -f ISO-8859-1 en_AU.iso88591 \ + && localedefdebug -c -i en_AU -f UTF-8 en_AU.utf8 \ + && localedefdebug -c -i en_BW -f ISO-8859-1 en_BW.iso88591 \ + && localedefdebug -c -i en_BW -f UTF-8 en_BW.utf8 \ + && localedefdebug -c -i en_CA -f ISO-8859-1 en_CA.iso88591 \ + && localedefdebug -c -i en_CA -f UTF-8 en_CA.utf8 \ + && localedefdebug -c -i en_GB -f ISO-8859-1 en_GB.iso88591 \ + && localedefdebug -c -i en_GB -f ISO-8859-15 en_GB.iso885915 \ + && localedefdebug -c -i en_GB -f UTF-8 en_GB.utf8 \ + && localedefdebug -c -i en_HK -f ISO-8859-1 en_HK.iso88591 \ + && localedefdebug -c -i en_HK -f UTF-8 en_HK.utf8 \ + && localedefdebug -c -i en_IE -f ISO-8859-1 en_IE.iso88591 \ + && localedefdebug -c -i en_IE@euro -f ISO-8859-15 en_IE.iso885915@euro \ + && localedefdebug -c -i en_IE -f UTF-8 en_IE.utf8 \ + && localedefdebug -c -i en_IN -f UTF-8 en_IN.utf8 \ + && localedefdebug -c -i en_NG -f UTF-8 en_NG.utf8 \ + && localedefdebug -c -i en_NZ -f ISO-8859-1 en_NZ.iso88591 \ + && localedefdebug -c -i en_NZ -f UTF-8 en_NZ.utf8 \ + && localedefdebug -c -i en_PH -f ISO-8859-1 en_PH.iso88591 \ + && localedefdebug -c -i en_PH -f UTF-8 en_PH.utf8 \ + && localedefdebug -c -i en_SG -f ISO-8859-1 en_SG.iso88591 \ + && localedefdebug -c -i en_SG -f UTF-8 en_SG.utf8 \ + && localedefdebug -c -i en_US -f ISO-8859-1 en_US.iso88591 \ + && localedefdebug -c -i en_US -f ISO-8859-15 en_US.iso885915 \ + && localedefdebug -c -i en_US -f UTF-8 en_US.utf8 \ + && localedefdebug -c -i en_ZA -f ISO-8859-1 en_ZA.iso88591 \ + && localedefdebug -c -i en_ZA -f UTF-8 en_ZA.utf8 \ + && localedefdebug -c -i en_ZM -f UTF-8 en_ZM.utf8 \ + && localedefdebug -c -i en_ZW -f ISO-8859-1 en_ZW.iso88591 \ + && localedefdebug -c -i en_ZW -f UTF-8 en_ZW.utf8 \ + && localedefdebug -c -i es_AR -f ISO-8859-1 es_AR.iso88591 \ + && localedefdebug -c -i es_AR -f UTF-8 es_AR.utf8 \ + && localedefdebug -c -i es_BO -f ISO-8859-1 es_BO.iso88591 \ + && localedefdebug -c -i es_BO -f UTF-8 es_BO.utf8 \ + && localedefdebug -c -i es_CL -f ISO-8859-1 es_CL.iso88591 \ + && localedefdebug -c -i es_CL -f UTF-8 es_CL.utf8 \ + && localedefdebug -c -i es_CO -f ISO-8859-1 es_CO.iso88591 \ + && localedefdebug -c -i es_CO -f UTF-8 es_CO.utf8 \ + && localedefdebug -c -i es_CR -f ISO-8859-1 es_CR.iso88591 \ + && localedefdebug -c -i es_CR -f UTF-8 es_CR.utf8 \ + && localedefdebug -c -i es_CU -f UTF-8 es_CU.utf8 \ + && localedefdebug -c -i es_DO -f ISO-8859-1 es_DO.iso88591 \ + && localedefdebug -c -i es_DO -f UTF-8 es_DO.utf8 \ + && localedefdebug -c -i es_EC -f ISO-8859-1 es_EC.iso88591 \ + && localedefdebug -c -i es_EC -f UTF-8 es_EC.utf8 \ + && localedefdebug -c -i es_ES -f ISO-8859-1 es_ES.iso88591 \ + && localedefdebug -c -i es_ES@euro -f ISO-8859-15 es_ES.iso885915@euro \ + && localedefdebug -c -i es_ES -f UTF-8 es_ES.utf8 \ + && localedefdebug -c -i es_GT -f ISO-8859-1 es_GT.iso88591 \ + && localedefdebug -c -i es_GT -f UTF-8 es_GT.utf8 \ + && localedefdebug -c -i es_HN -f ISO-8859-1 es_HN.iso88591 \ + && localedefdebug -c -i es_HN -f UTF-8 es_HN.utf8 \ + && localedefdebug -c -i es_MX -f ISO-8859-1 es_MX.iso88591 \ + && localedefdebug -c -i es_MX -f UTF-8 es_MX.utf8 \ + && localedefdebug -c -i es_NI -f ISO-8859-1 es_NI.iso88591 \ + && localedefdebug -c -i es_NI -f UTF-8 es_NI.utf8 \ + && localedefdebug -c -i es_PA -f ISO-8859-1 es_PA.iso88591 \ + && localedefdebug -c -i es_PA -f UTF-8 es_PA.utf8 \ + && localedefdebug -c -i es_PE -f ISO-8859-1 es_PE.iso88591 \ + && localedefdebug -c -i es_PE -f UTF-8 es_PE.utf8 \ + && localedefdebug -c -i es_PR -f ISO-8859-1 es_PR.iso88591 \ + && localedefdebug -c -i es_PR -f UTF-8 es_PR.utf8 \ + && localedefdebug -c -i es_PY -f ISO-8859-1 es_PY.iso88591 \ + && localedefdebug -c -i es_PY -f UTF-8 es_PY.utf8 \ + && localedefdebug -c -i es_SV -f ISO-8859-1 es_SV.iso88591 \ + && localedefdebug -c -i es_SV -f UTF-8 es_SV.utf8 \ + && localedefdebug -c -i es_US -f ISO-8859-1 es_US.iso88591 \ + && localedefdebug -c -i es_US -f UTF-8 es_US.utf8 \ + && localedefdebug -c -i es_UY -f ISO-8859-1 es_UY.iso88591 \ + && localedefdebug -c -i es_UY -f UTF-8 es_UY.utf8 \ + && localedefdebug -c -i es_VE -f ISO-8859-1 es_VE.iso88591 \ + && localedefdebug -c -i es_VE -f UTF-8 es_VE.utf8 \ + && localedefdebug -c -i et_EE -f ISO-8859-1 et_EE.iso88591 \ + && localedefdebug -c -i et_EE -f ISO-8859-15 et_EE.iso885915 \ + && localedefdebug -c -i et_EE -f UTF-8 et_EE.utf8 \ + && localedefdebug -c -i eu_ES -f ISO-8859-1 eu_ES.iso88591 \ + && localedefdebug -c -i eu_ES@euro -f ISO-8859-15 eu_ES.iso885915@euro \ + && localedefdebug -c -i eu_ES -f UTF-8 eu_ES.utf8 \ + && localedefdebug -c -i fa_IR -f UTF-8 fa_IR.utf8 \ + && localedefdebug -c -i ff_SN -f UTF-8 ff_SN.utf8 \ + && localedefdebug -c -i fi_FI -f ISO-8859-1 fi_FI.iso88591 \ + && localedefdebug -c -i fi_FI@euro -f ISO-8859-15 fi_FI.iso885915@euro \ + && localedefdebug -c -i fi_FI -f UTF-8 fi_FI.utf8 \ + && localedefdebug -c -i fil_PH -f UTF-8 fil_PH.utf8 \ + && localedefdebug -c -i fo_FO -f ISO-8859-1 fo_FO.iso88591 \ + && localedefdebug -c -i fo_FO -f UTF-8 fo_FO.utf8 \ + && localedefdebug -c -i fr_BE -f ISO-8859-1 fr_BE.iso88591 \ + && localedefdebug -c -i fr_BE@euro -f ISO-8859-15 fr_BE.iso885915@euro \ + && localedefdebug -c -i fr_BE -f UTF-8 fr_BE.utf8 \ + && localedefdebug -c -i fr_CA -f ISO-8859-1 fr_CA.iso88591 \ + && localedefdebug -c -i fr_CA -f UTF-8 fr_CA.utf8 \ + && localedefdebug -c -i fr_CH -f ISO-8859-1 fr_CH.iso88591 \ + && localedefdebug -c -i fr_CH -f UTF-8 fr_CH.utf8 \ + && localedefdebug -c -i fr_FR -f ISO-8859-1 fr_FR.iso88591 \ + && localedefdebug -c -i fr_FR@euro -f ISO-8859-15 fr_FR.iso885915@euro \ + && localedefdebug -c -i fr_FR -f UTF-8 fr_FR.utf8 \ + && localedefdebug -c -i fr_LU -f ISO-8859-1 fr_LU.iso88591 \ + && localedefdebug -c -i fr_LU@euro -f ISO-8859-15 fr_LU.iso885915@euro \ + && localedefdebug -c -i fr_LU -f UTF-8 fr_LU.utf8 \ + && localedefdebug -c -i fur_IT -f UTF-8 fur_IT.utf8 \ + && localedefdebug -c -i fy_DE -f UTF-8 fy_DE.utf8 \ + && localedefdebug -c -i fy_NL -f UTF-8 fy_NL.utf8 \ + && localedefdebug -c -i ga_IE -f ISO-8859-1 ga_IE.iso88591 \ + && localedefdebug -c -i ga_IE@euro -f ISO-8859-15 ga_IE.iso885915@euro \ + && localedefdebug -c -i ga_IE -f UTF-8 ga_IE.utf8 \ + && localedefdebug -c -i gd_GB -f ISO-8859-15 gd_GB.iso885915 \ + && localedefdebug -c -i gd_GB -f UTF-8 gd_GB.utf8 \ + && localedefdebug -c -i gez_ER -f UTF-8 gez_ER.utf8 \ + && localedefdebug -c -i gez_ER@abegede -f UTF-8 gez_ER.utf8@abegede \ + && localedefdebug -c -i gez_ET -f UTF-8 gez_ET.utf8 \ + && localedefdebug -c -i gez_ET@abegede -f UTF-8 gez_ET.utf8@abegede \ + && localedefdebug -c -i gl_ES -f ISO-8859-1 gl_ES.iso88591 \ + && localedefdebug -c -i gl_ES@euro -f ISO-8859-15 gl_ES.iso885915@euro \ + && localedefdebug -c -i gl_ES -f UTF-8 gl_ES.utf8 \ + && localedefdebug -c -i gu_IN -f UTF-8 gu_IN.utf8 \ + && localedefdebug -c -i gv_GB -f ISO-8859-1 gv_GB.iso88591 \ + && localedefdebug -c -i gv_GB -f UTF-8 gv_GB.utf8 \ + && localedefdebug -c -i ha_NG -f UTF-8 ha_NG.utf8 \ + && localedefdebug -c -i he_IL -f ISO-8859-8 he_IL.iso88598 \ + && localedefdebug -c -i he_IL -f UTF-8 he_IL.utf8 \ + && localedefdebug -c -i hi_IN -f UTF-8 hi_IN.utf8 \ + && localedefdebug -c -i hne_IN -f UTF-8 hne_IN.utf8 \ + && localedefdebug -c -i hr_HR -f ISO-8859-2 hr_HR.iso88592 \ + && localedefdebug -c -i hr_HR -f UTF-8 hr_HR.utf8 \ + && localedefdebug -c -i hsb_DE -f ISO-8859-2 hsb_DE.iso88592 \ + && localedefdebug -c -i hsb_DE -f UTF-8 hsb_DE.utf8 \ + && localedefdebug -c -i ht_HT -f UTF-8 ht_HT.utf8 \ + && localedefdebug -c -i hu_HU -f ISO-8859-2 hu_HU.iso88592 \ + && localedefdebug -c -i hu_HU -f UTF-8 hu_HU.utf8 \ + && localedefdebug -c -i hy_AM -f ARMSCII-8 hy_AM.armscii8 \ + && localedefdebug -c -i hy_AM -f UTF-8 hy_AM.utf8 \ + && localedefdebug -c -i id_ID -f ISO-8859-1 id_ID.iso88591 \ + && localedefdebug -c -i id_ID -f UTF-8 id_ID.utf8 \ + && localedefdebug -c -i ig_NG -f UTF-8 ig_NG.utf8 \ + && localedefdebug -c -i ik_CA -f UTF-8 ik_CA.utf8 \ + && localedefdebug -c -i is_IS -f ISO-8859-1 is_IS.iso88591 \ + && localedefdebug -c -i is_IS -f UTF-8 is_IS.utf8 \ + && localedefdebug -c -i it_CH -f ISO-8859-1 it_CH.iso88591 \ + && localedefdebug -c -i it_CH -f UTF-8 it_CH.utf8 \ + && localedefdebug -c -i it_IT -f ISO-8859-1 it_IT.iso88591 \ + && localedefdebug -c -i it_IT@euro -f ISO-8859-15 it_IT.iso885915@euro \ + && localedefdebug -c -i it_IT -f UTF-8 it_IT.utf8 \ + && localedefdebug -c -i iu_CA -f UTF-8 iu_CA.utf8 \ + && localedefdebug -c -i iw_IL -f ISO-8859-8 iw_IL.iso88598 \ + && localedefdebug -c -i iw_IL -f UTF-8 iw_IL.utf8 \ + && localedefdebug -c -i ja_JP -f EUC-JP ja_JP.eucjp \ + && localedefdebug -c -i ja_JP -f UTF-8 ja_JP.utf8 \ + && localedefdebug -c -i ka_GE -f GEORGIAN-PS ka_GE.georgianps \ + && localedefdebug -c -i ka_GE -f UTF-8 ka_GE.utf8 \ + && localedefdebug -c -i kk_KZ -f PT154 kk_KZ.pt154 \ + && localedefdebug -c -i kk_KZ -f RK1048 kk_KZ.rk1048 \ + && localedefdebug -c -i kk_KZ -f UTF-8 kk_KZ.utf8 \ + && localedefdebug -c -i kl_GL -f ISO-8859-1 kl_GL.iso88591 \ + && localedefdebug -c -i kl_GL -f UTF-8 kl_GL.utf8 \ + && localedefdebug -c -i km_KH -f UTF-8 km_KH.utf8 \ + && localedefdebug -c -i kn_IN -f UTF-8 kn_IN.utf8 \ + && localedefdebug -c -i kok_IN -f UTF-8 kok_IN.utf8 \ + && localedefdebug -c -i ko_KR -f EUC-KR ko_KR.euckr \ + && localedefdebug -c -i ko_KR -f UTF-8 ko_KR.utf8 \ + && localedefdebug -c -i ks_IN -f UTF-8 ks_IN.utf8 \ + && localedefdebug -c -i ks_IN@devanagari -f UTF-8 ks_IN.utf8@devanagari \ + && localedefdebug -c -i ku_TR -f ISO-8859-9 ku_TR.iso88599 \ + && localedefdebug -c -i ku_TR -f UTF-8 ku_TR.utf8 \ + && localedefdebug -c -i kw_GB -f ISO-8859-1 kw_GB.iso88591 \ + && localedefdebug -c -i kw_GB -f UTF-8 kw_GB.utf8 \ + && localedefdebug -c -i ky_KG -f UTF-8 ky_KG.utf8 \ + && localedefdebug -c -i lb_LU -f UTF-8 lb_LU.utf8 \ + && localedefdebug -c -i lg_UG -f ISO-8859-10 lg_UG.iso885910 \ + && localedefdebug -c -i lg_UG -f UTF-8 lg_UG.utf8 \ + && localedefdebug -c -i li_BE -f UTF-8 li_BE.utf8 \ + && localedefdebug -c -i lij_IT -f UTF-8 lij_IT.utf8 \ + && localedefdebug -c -i li_NL -f UTF-8 li_NL.utf8 \ + && localedefdebug -c -i lo_LA -f UTF-8 lo_LA.utf8 \ + && localedefdebug -c -i lt_LT -f ISO-8859-13 lt_LT.iso885913 \ + && localedefdebug -c -i lt_LT -f UTF-8 lt_LT.utf8 \ + && localedefdebug -c -i lv_LV -f ISO-8859-13 lv_LV.iso885913 \ + && localedefdebug -c -i lv_LV -f UTF-8 lv_LV.utf8 \ + && localedefdebug -c -i mai_IN -f UTF-8 mai_IN.utf8 \ + && localedefdebug -c -i mg_MG -f ISO-8859-15 mg_MG.iso885915 \ + && localedefdebug -c -i mg_MG -f UTF-8 mg_MG.utf8 \ + && localedefdebug -c -i mhr_RU -f UTF-8 mhr_RU.utf8 \ + && localedefdebug -c -i mi_NZ -f ISO-8859-13 mi_NZ.iso885913 \ + && localedefdebug -c -i mi_NZ -f UTF-8 mi_NZ.utf8 \ + && localedefdebug -c -i mk_MK -f ISO-8859-5 mk_MK.iso88595 \ + && localedefdebug -c -i mk_MK -f UTF-8 mk_MK.utf8 \ + && localedefdebug -c -i ml_IN -f UTF-8 ml_IN.utf8 \ + && localedefdebug -c -i mn_MN -f UTF-8 mn_MN.utf8 \ + && localedefdebug -c -i mr_IN -f UTF-8 mr_IN.utf8 \ + && localedefdebug -c -i ms_MY -f ISO-8859-1 ms_MY.iso88591 \ + && localedefdebug -c -i ms_MY -f UTF-8 ms_MY.utf8 \ + && localedefdebug -c -i mt_MT -f ISO-8859-3 mt_MT.iso88593 \ + && localedefdebug -c -i mt_MT -f UTF-8 mt_MT.utf8 \ + && localedefdebug -c -i my_MM -f UTF-8 my_MM.utf8 \ + && localedefdebug -c -i nan_TW@latin -f UTF-8 nan_TW.utf8@latin \ + && localedefdebug -c -i nb_NO -f ISO-8859-1 nb_NO.iso88591 \ + && localedefdebug -c -i nb_NO -f UTF-8 nb_NO.utf8 \ + && localedefdebug -c -i nds_DE -f UTF-8 nds_DE.utf8 \ + && localedefdebug -c -i nds_NL -f UTF-8 nds_NL.utf8 \ + && localedefdebug -c -i ne_NP -f UTF-8 ne_NP.utf8 \ + && localedefdebug -c -i nl_AW -f UTF-8 nl_AW.utf8 \ + && localedefdebug -c -i nl_BE -f ISO-8859-1 nl_BE.iso88591 \ + && localedefdebug -c -i nl_BE@euro -f ISO-8859-15 nl_BE.iso885915@euro \ + && localedefdebug -c -i nl_BE -f UTF-8 nl_BE.utf8 \ + && localedefdebug -c -i nl_NL -f ISO-8859-1 nl_NL.iso88591 \ + && localedefdebug -c -i nl_NL@euro -f ISO-8859-15 nl_NL.iso885915@euro \ + && localedefdebug -c -i nl_NL -f UTF-8 nl_NL.utf8 \ + && localedefdebug -c -i nn_NO -f ISO-8859-1 nn_NO.iso88591 \ + && localedefdebug -c -i nn_NO -f UTF-8 nn_NO.utf8 \ + && localedefdebug -c -i nr_ZA -f UTF-8 nr_ZA.utf8 \ + && localedefdebug -c -i nso_ZA -f UTF-8 nso_ZA.utf8 \ + && localedefdebug -c -i oc_FR -f ISO-8859-1 oc_FR.iso88591 \ + && localedefdebug -c -i oc_FR -f UTF-8 oc_FR.utf8 \ + && localedefdebug -c -i om_ET -f UTF-8 om_ET.utf8 \ + && localedefdebug -c -i om_KE -f ISO-8859-1 om_KE.iso88591 \ + && localedefdebug -c -i om_KE -f UTF-8 om_KE.utf8 \ + && localedefdebug -c -i or_IN -f UTF-8 or_IN.utf8 \ + && localedefdebug -c -i os_RU -f UTF-8 os_RU.utf8 \ + && localedefdebug -c -i pa_IN -f UTF-8 pa_IN.utf8 \ + && localedefdebug -c -i pap_AN -f UTF-8 pap_AN.utf8 \ + && localedefdebug -c -i pa_PK -f UTF-8 pa_PK.utf8 \ + && localedefdebug -c -i pl_PL -f ISO-8859-2 pl_PL.iso88592 \ + && localedefdebug -c -i pl_PL -f UTF-8 pl_PL.utf8 \ + && localedefdebug -c -i ps_AF -f UTF-8 ps_AF.utf8 \ + && localedefdebug -c -i pt_BR -f ISO-8859-1 pt_BR.iso88591 \ + && localedefdebug -c -i pt_BR -f UTF-8 pt_BR.utf8 \ + && localedefdebug -c -i pt_PT -f ISO-8859-1 pt_PT.iso88591 \ + && localedefdebug -c -i pt_PT@euro -f ISO-8859-15 pt_PT.iso885915@euro \ + && localedefdebug -c -i pt_PT -f UTF-8 pt_PT.utf8 \ + && localedefdebug -c -i ro_RO -f ISO-8859-2 ro_RO.iso88592 \ + && localedefdebug -c -i ro_RO -f UTF-8 ro_RO.utf8 \ + && localedefdebug -c -i ru_RU -f CP1251 ru_RU.cp1251 \ + && localedefdebug -c -i ru_RU -f ISO-8859-5 ru_RU.iso88595 \ + && localedefdebug -c -i ru_RU -f KOI8-R ru_RU.koi8r \ + && localedefdebug -c -i ru_RU -f UTF-8 ru_RU.utf8 \ + && localedefdebug -c -i ru_UA -f KOI8-U ru_UA.koi8u \ + && localedefdebug -c -i ru_UA -f UTF-8 ru_UA.utf8 \ + && localedefdebug -c -i rw_RW -f UTF-8 rw_RW.utf8 \ + && localedefdebug -c -i sa_IN -f UTF-8 sa_IN.utf8 \ + && localedefdebug -c -i sc_IT -f UTF-8 sc_IT.utf8 \ + && localedefdebug -c -i sd_IN -f UTF-8 sd_IN.utf8 \ + && localedefdebug -c -i sd_IN@devanagari -f UTF-8 sd_IN.utf8@devanagari \ + && localedefdebug -c -i se_NO -f UTF-8 se_NO.utf8 \ + && localedefdebug -c -i shs_CA -f UTF-8 shs_CA.utf8 \ + && localedefdebug -c -i sid_ET -f UTF-8 sid_ET.utf8 \ + && localedefdebug -c -i si_LK -f UTF-8 si_LK.utf8 \ + && localedefdebug -c -i sk_SK -f ISO-8859-2 sk_SK.iso88592 \ + && localedefdebug -c -i sk_SK -f UTF-8 sk_SK.utf8 \ + && localedefdebug -c -i sl_SI -f ISO-8859-2 sl_SI.iso88592 \ + && localedefdebug -c -i sl_SI -f UTF-8 sl_SI.utf8 \ + && localedefdebug -c -i so_DJ -f ISO-8859-1 so_DJ.iso88591 \ + && localedefdebug -c -i so_DJ -f UTF-8 so_DJ.utf8 \ + && localedefdebug -c -i so_ET -f UTF-8 so_ET.utf8 \ + && localedefdebug -c -i so_KE -f ISO-8859-1 so_KE.iso88591 \ + && localedefdebug -c -i so_KE -f UTF-8 so_KE.utf8 \ + && localedefdebug -c -i so_SO -f ISO-8859-1 so_SO.iso88591 \ + && localedefdebug -c -i so_SO -f UTF-8 so_SO.utf8 \ + && localedefdebug -c -i sq_AL -f ISO-8859-1 sq_AL.iso88591 \ + && localedefdebug -c -i sq_AL -f UTF-8 sq_AL.utf8 \ + && localedefdebug -c -i sq_MK -f UTF-8 sq_MK.utf8 \ + && localedefdebug -c -i sr_ME -f UTF-8 sr_ME.utf8 \ + && localedefdebug -c -i sr_RS -f UTF-8 sr_RS.utf8 \ + && localedefdebug -c -i sr_RS@latin -f UTF-8 sr_RS.utf8@latin \ + && localedefdebug -c -i ss_ZA -f UTF-8 ss_ZA.utf8 \ + && localedefdebug -c -i st_ZA -f ISO-8859-1 st_ZA.iso88591 \ + && localedefdebug -c -i st_ZA -f UTF-8 st_ZA.utf8 \ + && localedefdebug -c -i sv_FI -f ISO-8859-1 sv_FI.iso88591 \ + && localedefdebug -c -i sv_FI@euro -f ISO-8859-15 sv_FI.iso885915@euro \ + && localedefdebug -c -i sv_FI -f UTF-8 sv_FI.utf8 \ + && localedefdebug -c -i sv_SE -f ISO-8859-1 sv_SE.iso88591 \ + && localedefdebug -c -i sv_SE -f ISO-8859-15 sv_SE.iso885915 \ + && localedefdebug -c -i sv_SE -f UTF-8 sv_SE.utf8 \ + && localedefdebug -c -i sw_KE -f UTF-8 sw_KE.utf8 \ + && localedefdebug -c -i sw_TZ -f UTF-8 sw_TZ.utf8 \ + && localedefdebug -c -i ta_IN -f UTF-8 ta_IN.utf8 \ + && localedefdebug -c -i ta_LK -f UTF-8 ta_LK.utf8 \ + && localedefdebug -c -i te_IN -f UTF-8 te_IN.utf8 \ + && localedefdebug -c -i tg_TJ -f KOI8-T tg_TJ.koi8t \ + && localedefdebug -c -i tg_TJ -f UTF-8 tg_TJ.utf8 \ + && localedefdebug -c -i th_TH -f TIS-620 th_TH.tis620 \ + && localedefdebug -c -i th_TH -f UTF-8 th_TH.utf8 \ + && localedefdebug -c -i ti_ER -f UTF-8 ti_ER.utf8 \ + && localedefdebug -c -i ti_ET -f UTF-8 ti_ET.utf8 \ + && localedefdebug -c -i tig_ER -f UTF-8 tig_ER.utf8 \ + && localedefdebug -c -i tk_TM -f UTF-8 tk_TM.utf8 \ + && localedefdebug -c -i tl_PH -f ISO-8859-1 tl_PH.iso88591 \ + && localedefdebug -c -i tl_PH -f UTF-8 tl_PH.utf8 \ + && localedefdebug -c -i tn_ZA -f UTF-8 tn_ZA.utf8 \ + && localedefdebug -c -i tr_CY -f ISO-8859-9 tr_CY.iso88599 \ + && localedefdebug -c -i tr_CY -f UTF-8 tr_CY.utf8 \ + && localedefdebug -c -i tr_TR -f ISO-8859-9 tr_TR.iso88599 \ + && localedefdebug -c -i tr_TR -f UTF-8 tr_TR.utf8 \ + && localedefdebug -c -i ts_ZA -f UTF-8 ts_ZA.utf8 \ + && localedefdebug -c -i tt_RU -f UTF-8 tt_RU.utf8 \ + && localedefdebug -c -i tt_RU@iqtelif -f UTF-8 tt_RU.utf8@iqtelif \ + && localedefdebug -c -i ug_CN -f UTF-8 ug_CN.utf8 \ + && localedefdebug -c -i uk_UA -f KOI8-U uk_UA.koi8u \ + && localedefdebug -c -i uk_UA -f UTF-8 uk_UA.utf8 \ + && localedefdebug -c -i unm_US -f UTF-8 unm_US.utf8 \ + && localedefdebug -c -i ur_IN -f UTF-8 ur_IN.utf8 \ + && localedefdebug -c -i ur_PK -f UTF-8 ur_PK.utf8 \ + && localedefdebug -c -i uz_UZ -f ISO-8859-1 uz_UZ.iso88591 \ + && localedefdebug -c -i uz_UZ -f UTF-8 uz_UZ.utf8 \ + && localedefdebug -c -i uz_UZ@cyrillic -f UTF-8 uz_UZ.utf8@cyrillic \ + && localedefdebug -c -i ve_ZA -f UTF-8 ve_ZA.utf8 \ + && localedefdebug -c -i vi_VN -f TCVN5712-1 vi_VN.tcvn \ + && localedefdebug -c -i vi_VN -f UTF-8 vi_VN.utf8 \ + && localedefdebug -c -i wa_BE -f ISO-8859-1 wa_BE.iso88591 \ + && localedefdebug -c -i wa_BE@euro -f ISO-8859-15 wa_BE.iso885915@euro \ + && localedefdebug -c -i wa_BE -f UTF-8 wa_BE.utf8 \ + && localedefdebug -c -i wae_CH -f UTF-8 wae_CH.utf8 \ + && localedefdebug -c -i wal_ET -f UTF-8 wal_ET.utf8 \ + && localedefdebug -c -i wo_SN -f UTF-8 wo_SN.utf8 \ + && localedefdebug -c -i xh_ZA -f ISO-8859-1 xh_ZA.iso88591 \ + && localedefdebug -c -i xh_ZA -f UTF-8 xh_ZA.utf8 \ + && localedefdebug -c -i yi_US -f CP1255 yi_US.cp1255 \ + && localedefdebug -c -i yi_US -f UTF-8 yi_US.utf8 \ + && localedefdebug -c -i yo_NG -f UTF-8 yo_NG.utf8 \ + && localedefdebug -c -i yue_HK -f UTF-8 yue_HK.utf8 \ + && localedefdebug -c -i zh_CN -f GB18030 zh_CN.gb18030 \ + && localedefdebug -c -i zh_CN -f GB2312 zh_CN.gb2312 \ + && localedefdebug -c -i zh_CN -f GBK zh_CN.gbk \ + && localedefdebug -c -i zh_CN -f UTF-8 zh_CN.utf8 \ + && localedefdebug -c -i zh_HK -f UTF-8 zh_HK.utf8 \ + && localedefdebug -c -i zh_SG -f GB2312 zh_SG.gb2312 \ + && localedefdebug -c -i zh_SG -f GBK zh_SG.gbk \ + && localedefdebug -c -i zh_SG -f UTF-8 zh_SG.utf8 \ + && localedefdebug -c -i zh_TW -f BIG5 zh_TW.big5 \ + && localedefdebug -c -i zh_TW -f EUC-TW zh_TW.euctw \ + && localedefdebug -c -i zh_TW -f UTF-8 zh_TW.utf8 \ + && localedefdebug -c -i zu_ZA -f ISO-8859-1 zu_ZA.iso88591 \ + && localedefdebug -c -i zu_ZA -f UTF-8 zu_ZA.utf8 \ + && /bin/true +fi diff --git a/provisioning/apache/alpine/bin/service.d/httpd.sh b/provisioning/apache/alpine/bin/service.d/httpd.sh new file mode 100644 index 000000000..33f6f6ca2 --- /dev/null +++ b/provisioning/apache/alpine/bin/service.d/httpd.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +set -e + +if [[ ! -e "$WEB_DOCUMENT_ROOT" ]]; then + echo "" + echo "[WARNING] WEB_DOCUMENT_ROOT does not exists with path \"$WEB_DOCUMENT_ROOT\"!" + echo "" +fi + +# Apache gets grumpy about PID files pre-existing +rm -f /var/run/httpd/httpd.pid + +rpl --quiet "" "$WEB_DOCUMENT_INDEX" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$WEB_DOCUMENT_ROOT" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$WEB_ALIAS_DOMAIN" /opt/docker/etc/httpd/*.conf +rpl --quiet "" "$HOSTNAME" /opt/docker/etc/httpd/*.conf + +exec /usr/sbin/apachectl -DFOREGROUND diff --git a/provisioning/apache/alpine/etc/httpd/php.conf b/provisioning/apache/alpine/etc/httpd/php.conf new file mode 100644 index 000000000..bd4ff3971 --- /dev/null +++ b/provisioning/apache/alpine/etc/httpd/php.conf @@ -0,0 +1,8 @@ + + + ProxySet connectiontimeout=5 timeout=600 + + + + SetHandler "proxy:fcgi://127.0.0.1:9000" + diff --git a/provisioning/apache/general/provision/roles/webdevops-apache/defaults/main.yml b/provisioning/apache/general/provision/roles/webdevops-apache/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/provisioning/apache/general/provision/roles/webdevops-apache/defaults/main.yml +++ b/provisioning/apache/general/provision/roles/webdevops-apache/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/provisioning/apache/general/provision/roles/webdevops-apache/tasks/bootstrap.yml b/provisioning/apache/general/provision/roles/webdevops-apache/tasks/bootstrap.yml index 962ede9ab..8e60c0ba5 100644 --- a/provisioning/apache/general/provision/roles/webdevops-apache/tasks/bootstrap.yml +++ b/provisioning/apache/general/provision/roles/webdevops-apache/tasks/bootstrap.yml @@ -10,6 +10,11 @@ apache_docker_vhost: /etc/apache2/sites-enabled/10-docker.conf when: ansible_os_family == 'Debian' +- name: Set apache vhost file [Alpine family] + set_fact: + apache_docker_vhost: /etc/apache2/conf.d/docker.conf + when: ansible_os_family == 'Alpine' + - name: Enable apache main config file: src: '/opt/docker/etc/httpd/main.conf' @@ -21,8 +26,6 @@ file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Ensure /var/run/apache2 exists @@ -31,6 +34,13 @@ state: directory recurse: yes +- name: Ensure /run/apache2 exists + file: + path: '/run/apache2' + state: directory + recurse: yes + when: ansible_os_family == 'Alpine' + - name: Switch MPM to worker [RedHat family] lineinfile: dest: '/etc/httpd/conf.modules.d/00-mpm.conf' @@ -48,6 +58,48 @@ - 'a2enmod mpm_event' when: (ansible_distribution == 'Ubuntu' and ansible_lsb.major_release|int >= 14) or (ansible_distribution == 'Debian' and ansible_lsb.major_release|int >= 8) +- name: Manage modules [Alpine family] + lineinfile: + dest: '/etc/apache2/httpd.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so', prefix: "#" } + - { line: 'LoadModule mpm_event_module modules/mod_mpm_event.so', prefix: "" } + - { line: 'LoadModule deflate_module modules/mod_deflate.so', prefix: "" } + - { line: 'LoadModule rewrite_module modules/mod_rewrite.so', prefix: "" } + - { line: 'LoadModule logio_module modules/mod_logio.so', prefix: "" } + - { line: 'LoadModule slotmem_shm_module modules/mod_slotmem_shm.so', prefix: "" } + - { line: 'LoadModule actions_module modules/mod_actions.so', prefix: "" } + when: ansible_os_family == 'Alpine' + +- name: Fix ssl support [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/ssl.conf' + regexp: '{{ item.regexp }}' + line: '{{ item.line }}' + with_items: + - { regexp: 'LoadModule ssl_module', line: 'LoadModule ssl_module /usr/lib/apache2/mod_ssl.so' } + - { regexp: 'LoadModule socache_shmcb_module', line: 'LoadModule socache_shmcb_module /usr/lib/apache2/mod_socache_shmcb.so' } + when: ansible_os_family == 'Alpine' + +- name: Disable proxy [Alpine family] + lineinfile: + dest: '/etc/apache2/conf.d/proxy.conf' + regexp: '^[\s#]*{{ item.line }}' + line: '{{ item.prefix }}{{ item.line }}' + with_items: + - { line: 'LoadModule proxy_ajp_module modules/mod_proxy_ajp.so', prefix: "#" } + - { line: 'LoadModule proxy_connect_module modules/mod_proxy_connect.so', prefix: "#" } + - { line: 'LoadModule proxy_balancer_module modules/mod_proxy_balancer.so', prefix: "#" } + - { line: 'LoadModule proxy_express_module modules/mod_proxy_express.so', prefix: "#" } + - { line: 'LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so', prefix: "" } + - { line: 'LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so', prefix: "#" } + - { line: 'LoadModule proxy_ftp_module modules/mod_proxy_ftp.so', prefix: "#" } + - { line: 'LoadModule proxy_http_module modules/mod_proxy_http.so', prefix: "#" } + - { line: 'LoadModule proxy_scgi_module modules/mod_proxy_scgi.so', prefix: "#" } + when: ansible_os_family == 'Alpine' + - name: Fix rights of ssl files file: path: "{{ item.path }}" diff --git a/provisioning/base-app/general/bin/service.d/dnsmasq.sh b/provisioning/base-app/general/bin/service.d/dnsmasq.sh new file mode 100644 index 000000000..9b554b411 --- /dev/null +++ b/provisioning/base-app/general/bin/service.d/dnsmasq.sh @@ -0,0 +1,15 @@ + +## clear dns file +echo > /etc/dnsmasq.d/development + +if [ ! -f /etc/resolv.conf.original ]; then + cp -a /etc/resolv.conf /etc/resolv.conf.original + + ## set forward servers + cat /etc/resolv.conf.original | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward + + ## set dnsmasq to main nameserver + echo "nameserver 127.0.0.1" > /etc/resolv.conf +fi + +exec dnsmasq --keep-in-foreground diff --git a/provisioning/base-app/general/bin/service.d/postfix.sh b/provisioning/base-app/general/bin/service.d/postfix.sh new file mode 100644 index 000000000..e685d5287 --- /dev/null +++ b/provisioning/base-app/general/bin/service.d/postfix.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# postfix-wrapper.sh, version 0.1.0 +# +# You cannot start postfix in some foreground mode and +# it's more or less important that docker doesn't kill +# postfix and its chilren if you stop the container. +# +# Use this script with supervisord and it will take +# care about starting and stopping postfix correctly. +# +# supervisord config snippet for postfix-wrapper: +# +# [program:postfix] +# process_name = postfix +# command = /path/to/postfix-wrapper.sh +# startsecs = 0 +# autorestart = false +# + +trap "postfix stop" SIGINT +trap "postfix stop" SIGTERM +trap "postfix reload" SIGHUP + +# force new copy of hosts there (otherwise links could be outdated) +mkdir -p /var/spool/postfix/etc +cp -f /etc/hosts /var/spool/postfix/etc/hosts +cp -f /etc/resolv.conf /var/spool/postfix/etc/resolv.conf +cp -f /etc/services /var/spool/postfix/etc/services + +# start postfix +postfix start + +# lets give postfix some time to start +sleep 3 + +# wait until postfix is dead (triggered by trap) +while kill -0 "$(cat /var/spool/postfix/pid/master.pid)"; do + sleep 5 +done \ No newline at end of file diff --git a/provisioning/base-app/general/etc/supervisor.d/dnsmasq.conf b/provisioning/base-app/general/etc/supervisor.d/dnsmasq.conf new file mode 100644 index 000000000..1b79b995e --- /dev/null +++ b/provisioning/base-app/general/etc/supervisor.d/dnsmasq.conf @@ -0,0 +1,14 @@ +[group:dnsmasq] +programs=dnsmasqd +priority=15 + +[program:dnsmasqd] +command = bash /opt/docker/bin/service.d/dnsmasq.sh +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/provisioning/base-app/general/etc/supervisor.d/postfix.conf b/provisioning/base-app/general/etc/supervisor.d/postfix.conf new file mode 100644 index 000000000..7c0a83338 --- /dev/null +++ b/provisioning/base-app/general/etc/supervisor.d/postfix.conf @@ -0,0 +1,22 @@ +[group:postfix] +programs=postfixd,postfix-log +priority=30 + +[program:postfixd] +directory = /etc/postfix +command = /opt/docker/bin/service.d/postfix.sh +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true + +[program:postfix-log] +command = bash /opt/docker/bin/logwatch.sh postfix /var/log/mail.log +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/provisioning/base-app/general/etc/supervisor.d/ssh.conf b/provisioning/base-app/general/etc/supervisor.d/ssh.conf new file mode 100644 index 000000000..44488e642 --- /dev/null +++ b/provisioning/base-app/general/etc/supervisor.d/ssh.conf @@ -0,0 +1,14 @@ +[group:ssh] +programs=sshd +priority=30 + +[program:sshd] +command = /usr/sbin/sshd -D +process_name=%(program_name)s +startsecs=0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/provisioning/base-app/general/provision/onbuild.d/.gitkeep b/provisioning/base-app/general/provision/onbuild.d/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/provisioning/base-app/general/provision/roles/webdevops-base-app/defaults/main.yml b/provisioning/base-app/general/provision/roles/webdevops-base-app/defaults/main.yml new file mode 100644 index 000000000..e10ef7d38 --- /dev/null +++ b/provisioning/base-app/general/provision/roles/webdevops-base-app/defaults/main.yml @@ -0,0 +1,7 @@ +--- + +APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" +APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" +APPLICATION_PATH: "{{ lookup('env','APPLICATION_PATH') }}" +APPLICATION_UID: "{{ lookup('env','APPLICATION_UID') }}" +APPLICATION_GID: "{{ lookup('env','APPLICATION_GID') }}" diff --git a/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap.yml b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap.yml new file mode 100644 index 000000000..9933c1332 --- /dev/null +++ b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap.yml @@ -0,0 +1,6 @@ +--- + +- include: bootstrap/user.yml +- include: bootstrap/application.yml +- include: bootstrap/dnsmasq.yml +- include: bootstrap/postfix.yml diff --git a/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml new file mode 100644 index 000000000..faddb6027 --- /dev/null +++ b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml @@ -0,0 +1,10 @@ +--- + +- name: Init application directory + file: + path: "/{{ APPLICATION_PATH }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes diff --git a/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml new file mode 100644 index 000000000..962a7953a --- /dev/null +++ b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml @@ -0,0 +1,10 @@ +--- + +- name: Configure dnsmasq + lineinfile: + dest: /etc/dnsmasq.conf + regexp: '^[\s]*{{ item.key }}[\s]*=' + line: '{{ item.key }}={{ item.value }}' + with_items: + - { key: 'user', value: 'root' } + - { key: 'conf-dir', value: '/etc/dnsmasq.d' } diff --git a/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml new file mode 100644 index 000000000..6b0ea47dc --- /dev/null +++ b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml @@ -0,0 +1,13 @@ +--- + +- name: Configure postfix + lineinfile: + dest: /etc/postfix/main.cf + regexp: '^[\s]*{{ item.key }}[\s]*=' + line: '{{ item.key }}={{ item.value }}' + with_items: + - { key: 'mydestination', value: '' } + - { key: 'message_size_limit', value: '15240000' } + # Hardening + - { key: 'smtp_use_tls', value: 'yes' } + - { key: 'smtp_tls_security_level', value: 'may' } diff --git a/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml new file mode 100644 index 000000000..cf6968a01 --- /dev/null +++ b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml @@ -0,0 +1,41 @@ +--- + +- name: Move dnsmasq group (Alpine family) + group: + name: dnsmasq + gid: 153 + when: ansible_distribution == 'Alpine' + +- name: Create application group + group: + name: "{{ APPLICATION_GROUP }}" + gid: "{{ APPLICATION_GID }}" + +- name: Create application user + user: + name: "{{ APPLICATION_USER }}" + uid: "{{ APPLICATION_UID }}" + group: "{{ APPLICATION_GROUP }}" + shell: "/bin/bash" + home: "/home/{{ APPLICATION_USER }}" + +- name: Init home directory + file: + path: "/home/{{ APPLICATION_USER }}" + state: directory + mode: 0755 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + recurse: yes + +- name: Init bashrc + lineinfile: + dest: "/home/{{ APPLICATION_USER }}/.bashrc" + mode: 0770 + owner: "{{ APPLICATION_USER }}" + group: "{{ APPLICATION_GROUP }}" + create: yes + regexp: "export TERM=xterm" + line: "export TERM=xterm" + +- action: setup diff --git a/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/main.yml b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/main.yml new file mode 100644 index 000000000..1806c1a8c --- /dev/null +++ b/provisioning/base-app/general/provision/roles/webdevops-base-app/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- include: bootstrap.yml + tags: + - bootstrap diff --git a/provisioning/base/alpine/etc/supervisor.conf b/provisioning/base/alpine/etc/supervisor.conf new file mode 100644 index 000000000..14a6223fc --- /dev/null +++ b/provisioning/base/alpine/etc/supervisor.conf @@ -0,0 +1,11 @@ +[supervisord] +nodaemon=true + +[unix_http_server] +file = /run/supervisord.sock + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[include] +files = /opt/docker/etc/supervisor.d/*.conf diff --git a/provisioning/base/alpine/etc/supervisor.d/cron.conf b/provisioning/base/alpine/etc/supervisor.d/cron.conf new file mode 100644 index 000000000..fc95b8d0a --- /dev/null +++ b/provisioning/base/alpine/etc/supervisor.d/cron.conf @@ -0,0 +1,14 @@ +[group:cron] +programs=crond +priority=30 + +[program:crond] +command = /usr/sbin/crond -f +process_name=%(program_name)s +startsecs = 0 +autostart = false +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/provisioning/base/alpine/etc/syslog-ng/syslog-ng.conf b/provisioning/base/alpine/etc/syslog-ng/syslog-ng.conf new file mode 100644 index 000000000..0f1638471 --- /dev/null +++ b/provisioning/base/alpine/etc/syslog-ng/syslog-ng.conf @@ -0,0 +1,146 @@ +@version: 3.7 + +# Syslog-ng configuration file, compatible with default Debian syslogd +# installation. + +# First, set some global options. +options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); + owner("root"); group("adm"); perm(0640); stats_freq(0); + bad_hostname("^gconfd$"); +}; + +######################## +# Sources +######################## +# This is the default behavior of sysklogd package +# Logs may come from unix stream, but not from another machine. +# +source s_src { + unix-stream("/dev/log"); + internal(); +}; + +# If you wish to get logs from remote machine you should uncomment +# this and comment the above source line. +# +#source s_net { tcp(ip(127.0.0.1) port(1000)); }; + +######################## +# Destinations +######################## +# First some standard logfile +# +destination d_auth { file("/var/log/auth.log"); }; +destination d_cron { file("/var/log/cron.log"); }; +destination d_daemon { file("/var/log/daemon.log"); }; +destination d_kern { file("/var/log/kern.log"); }; +destination d_lpr { file("/var/log/lpr.log"); }; +destination d_mail { file("/var/log/mail.log"); }; +destination d_syslog { file("/var/log/syslog"); }; +destination d_user { file("/var/log/user.log"); }; +destination d_uucp { file("/var/log/uucp.log"); }; + +# This files are the log come from the mail subsystem. +# +destination d_mailinfo { file("/var/log/mail.info"); }; +destination d_mailwarn { file("/var/log/mail.warn"); }; +destination d_mailerr { file("/var/log/mail.err"); }; + +# Logging for INN news system +# +destination d_newscrit { file("/var/log/news/news.crit"); }; +destination d_newserr { file("/var/log/news/news.err"); }; +destination d_newsnotice { file("/var/log/news/news.notice"); }; + +# Some 'catch-all' logfiles. +# +destination d_debug { file("/var/log/debug"); }; +destination d_error { file("/var/log/error"); }; +destination d_messages { file("/var/log/messages"); }; + +# The named pipe /dev/xconsole is for the nsole' utility. To use it, +# you must invoke nsole' with the -file' option: +# +# $ xconsole -file /dev/xconsole [...] +# +destination d_xconsole { pipe("/dev/xconsole"); }; + +# Send the messages to an other host +# +#destination d_net { tcp("127.0.0.1" port(1000) log_fifo_size(1000)); }; + +# Debian only +destination d_ppp { file("/var/log/ppp.log"); }; + +######################## +# Filters +######################## +# Here's come the filter options. With this rules, we can set which +# message go where. + +filter f_dbg { level(debug); }; +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_err { level(err); }; +filter f_crit { level(crit .. emerg); }; + +filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; +filter f_error { level(err .. emerg) ; }; +filter f_messages { level(info,notice,warn) and + not facility(auth,authpriv,cron,daemon,mail,news); }; + +filter f_auth { facility(auth, authpriv) and not filter(f_debug); }; +filter f_cron { facility(cron) and not filter(f_debug); }; +filter f_daemon { facility(daemon) and not filter(f_debug); }; +filter f_kern { facility(kern) and not filter(f_debug); }; +filter f_lpr { facility(lpr) and not filter(f_debug); }; +filter f_local { facility(local0, local1, local3, local4, local5, + local6, local7) and not filter(f_debug); }; +filter f_mail { facility(mail) and not filter(f_debug); }; +filter f_news { facility(news) and not filter(f_debug); }; +filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; +filter f_user { facility(user) and not filter(f_debug); }; +filter f_uucp { facility(uucp) and not filter(f_debug); }; + +filter f_cnews { level(notice, err, crit) and facility(news); }; +filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; + +filter f_ppp { facility(local2) and not filter(f_debug); }; +filter f_console { level(warn .. emerg); }; + +######################## +# Log paths +######################## +log { source(s_src); filter(f_auth); destination(d_auth); }; +log { source(s_src); filter(f_cron); destination(d_cron); }; +log { source(s_src); filter(f_daemon); destination(d_daemon); }; +log { source(s_src); filter(f_kern); destination(d_kern); }; +log { source(s_src); filter(f_lpr); destination(d_lpr); }; +log { source(s_src); filter(f_syslog3); destination(d_syslog); }; +log { source(s_src); filter(f_user); destination(d_user); }; +log { source(s_src); filter(f_uucp); destination(d_uucp); }; + +log { source(s_src); filter(f_mail); destination(d_mail); }; +#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; +#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; +#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; + +log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); }; +log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); }; +log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); }; + +#log { source(s_src); filter(f_ppp); destination(d_ppp); }; + +log { source(s_src); filter(f_debug); destination(d_debug); }; +log { source(s_src); filter(f_error); destination(d_error); }; +log { source(s_src); filter(f_messages); destination(d_messages); }; + +# All messages send to a remote site +# +#log { source(s_src); destination(d_net); }; + +### +# Include all config files in /etc/syslog-ng/conf.d/ +### +#@include "/etc/syslog-ng/conf.d/*.conf" diff --git a/provisioning/base/general/VERSION b/provisioning/base/general/VERSION index 7813681f5..62f945751 100644 --- a/provisioning/base/general/VERSION +++ b/provisioning/base/general/VERSION @@ -1 +1 @@ -5 \ No newline at end of file +6 \ No newline at end of file diff --git a/provisioning/base/general/bin/config.sh b/provisioning/base/general/bin/config.sh index d8d2cfa2f..b45829dc2 100644 --- a/provisioning/base/general/bin/config.sh +++ b/provisioning/base/general/bin/config.sh @@ -224,5 +224,5 @@ function runDockerProvision() { ## function startSupervisord() { cd / - exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root + exec /opt/docker/bin/service.d/supervisor.sh } diff --git a/provisioning/base/general/bin/entrypoint.d/cli.sh b/provisioning/base/general/bin/entrypoint.d/cli.sh index a09b62b57..2ca68926c 100644 --- a/provisioning/base/general/bin/entrypoint.d/cli.sh +++ b/provisioning/base/general/bin/entrypoint.d/cli.sh @@ -5,7 +5,7 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "APPLICATION_USER" ]; then + if [ -n "$APPLICATION_USER" ]; then # Run as EFFECTIVE_USER shift exec sudo -H -E -u "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" @@ -14,6 +14,6 @@ if [ -n "${CLI_SCRIPT}" ]; then exec ${CLI_SCRIPT} "$@" fi else - echo "[ERROR] No CLI_SCRIPT in docker-env.yml defined" + echo "[ERROR] No CLI_SCRIPT in in docker environment defined" exit 1 fi diff --git a/provisioning/base/general/bin/entrypoint.d/default.sh b/provisioning/base/general/bin/entrypoint.d/default.sh index a25c666df..a1be715fe 100644 --- a/provisioning/base/general/bin/entrypoint.d/default.sh +++ b/provisioning/base/general/bin/entrypoint.d/default.sh @@ -1,9 +1,3 @@ #!/usr/bin/env bash -if [ -n "${APPLICATION_USER}" ]; then - # Run as APPLICATION_USER - exec sudo -H -E -u "${APPLICATION_USER}" "$@" -else - # Run as root - exec "$@" -fi +exec "$@" diff --git a/provisioning/base/general/bin/logwatch.sh b/provisioning/base/general/bin/logwatch.sh index 4a422cd4f..1a5b486c7 100644 --- a/provisioning/base/general/bin/logwatch.sh +++ b/provisioning/base/general/bin/logwatch.sh @@ -10,5 +10,5 @@ sleep 0.5 if [ -p "$2" ]; then sed --unbuffered -e "s/^/\[$1\] /" -- "$2" else - tail --lines=0 --follow=name --quiet "$2" | sed --unbuffered -e "s/^/\[$1\] /" + tail -n 0 -F -q "$2" | sed --unbuffered -e "s/^/\[$1\] /" fi diff --git a/provisioning/base/general/bin/service.d/dnsmasq.sh b/provisioning/base/general/bin/service.d/dnsmasq.sh index 9b554b411..055b46289 100644 --- a/provisioning/base/general/bin/service.d/dnsmasq.sh +++ b/provisioning/base/general/bin/service.d/dnsmasq.sh @@ -1,3 +1,4 @@ +#!/usr/bin/env bash ## clear dns file echo > /etc/dnsmasq.d/development diff --git a/provisioning/base/general/bin/service.d/supervisor.sh b/provisioning/base/general/bin/service.d/supervisor.sh new file mode 100644 index 000000000..4728675cf --- /dev/null +++ b/provisioning/base/general/bin/service.d/supervisor.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +exec supervisord -c /opt/docker/etc/supervisor.conf --logfile /dev/null --pidfile /dev/null --user root diff --git a/provisioning/base/general/etc/syslog-ng/syslog-ng.conf b/provisioning/base/general/etc/syslog-ng/syslog-ng.conf index feed4236e..c08f56dd1 100644 --- a/provisioning/base/general/etc/syslog-ng/syslog-ng.conf +++ b/provisioning/base/general/etc/syslog-ng/syslog-ng.conf @@ -1,5 +1,4 @@ @version: 3.5 -@include "scl.conf" # Syslog-ng configuration file, compatible with default Debian syslogd # installation. @@ -53,7 +52,7 @@ destination d_newscrit { file("/var/log/news/news.crit"); }; destination d_newserr { file("/var/log/news/news.err"); }; destination d_newsnotice { file("/var/log/news/news.notice"); }; -# Some `catch-all' logfiles. +# Some 'catch-all' logfiles. # destination d_debug { file("/var/log/debug"); }; destination d_error { file("/var/log/error"); }; diff --git a/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap.yml b/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap.yml index a650bdbdf..297ec7128 100644 --- a/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap.yml +++ b/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap.yml @@ -1,9 +1,6 @@ --- - include: bootstrap/misc.yml -- include: bootstrap/user.yml - include: bootstrap/supervisor.yml -- include: bootstrap/dnsmasq.yml -- include: bootstrap/postfix.yml - include: bootstrap/syslog-ng.yml - include: bootstrap/logrotate.yml diff --git a/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap/user.yml b/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap/user.yml deleted file mode 100644 index fd58b329f..000000000 --- a/provisioning/base/general/provision/roles/webdevops-base/tasks/bootstrap/user.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- - -- name: Create application group - group: - name: "{{ APPLICATION_GROUP }}" - gid: "{{ APPLICATION_GID }}" - -- name: Create application user - user: - name: "{{ APPLICATION_USER }}" - uid: "{{ APPLICATION_UID }}" - group: "{{ APPLICATION_GROUP }}" - shell: "/bin/bash" - home: "/home/{{ APPLICATION_USER }}" - -- name: Init home directory - file: - path: "/home/{{ APPLICATION_USER }}" - state: directory - mode: 0755 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - recurse: yes - -- name: Init bashrc - lineinfile: - dest: "/home/{{ APPLICATION_USER }}/.bashrc" - mode: 0770 - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" - create: yes - regexp: "export TERM=xterm" - line: "export TERM=xterm" - -- action: setup diff --git a/provisioning/nginx/alpine/etc/nginx/nginx.conf b/provisioning/nginx/alpine/etc/nginx/nginx.conf new file mode 100644 index 000000000..f5609826d --- /dev/null +++ b/provisioning/nginx/alpine/etc/nginx/nginx.conf @@ -0,0 +1,35 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; +} +daemon off; diff --git a/provisioning/nginx/general/provision/roles/webdevops-nginx/defaults/main.yml b/provisioning/nginx/general/provision/roles/webdevops-nginx/defaults/main.yml index 5b483b7ad..69cba1cb4 100644 --- a/provisioning/nginx/general/provision/roles/webdevops-nginx/defaults/main.yml +++ b/provisioning/nginx/general/provision/roles/webdevops-nginx/defaults/main.yml @@ -1,5 +1,3 @@ --- -APPLICATION_USER: "{{ lookup('env','APPLICATION_USER') }}" -APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}" DOCUMENT_ROOT: "{{ lookup('env','WEB_DOCUMENT_ROOT') }}" diff --git a/provisioning/nginx/general/provision/roles/webdevops-nginx/tasks/bootstrap.yml b/provisioning/nginx/general/provision/roles/webdevops-nginx/tasks/bootstrap.yml index 735188ffd..ca34d3dd3 100644 --- a/provisioning/nginx/general/provision/roles/webdevops-nginx/tasks/bootstrap.yml +++ b/provisioning/nginx/general/provision/roles/webdevops-nginx/tasks/bootstrap.yml @@ -20,20 +20,18 @@ path: "/etc/nginx/sites-enabled/default" state: absent -- name: Replace default nginx.conf [RedHat family] +- name: Replace default nginx.conf [RedHat/Alpine family] file: src: '/opt/docker/etc/nginx/nginx.conf' dest: '/etc/nginx/nginx.conf' state: link force: yes - when: ansible_os_family == 'RedHat' + when: ansible_os_family == 'RedHat' or ansible_os_family == 'Alpine' - name: Ensure document root is available file: path: "{{ DOCUMENT_ROOT }}" state: directory - owner: "{{ APPLICATION_USER }}" - group: "{{ APPLICATION_GROUP }}" recurse: yes - name: Fix rights of ssl files diff --git a/provisioning/php/alpine/etc/php/fpm/php-fpm.conf b/provisioning/php/alpine/etc/php/fpm/php-fpm.conf new file mode 100644 index 000000000..596980343 --- /dev/null +++ b/provisioning/php/alpine/etc/php/fpm/php-fpm.conf @@ -0,0 +1,118 @@ +;;;;;;;;;;;;;;;;;;;;; +; FPM Configuration ; +;;;;;;;;;;;;;;;;;;;;; +; All relative paths in this configuration file are relative to PHP's install +; prefix (/usr). This prefix can be dynamically changed by using the +; '-p' argument from the command line. + +;;;;;;;;;;;;;;;;;; +; Global Options ; +;;;;;;;;;;;;;;;;;; + +[global] +; Pid file +; Note: the default prefix is /var +; Default Value: none +;pid = run/php-fpm.pid + +; Error log file +; If it's set to "syslog", log is sent to syslogd instead of being written +; in a local file. +; Note: the default prefix is /var +; Default Value: log/php-fpm.log +error_log = /var/log/php-fpm.log + +; syslog_facility is used to specify what type of program is logging the +; message. This lets syslogd specify that messages from different facilities +; will be handled differently. +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) +; Default Value: daemon +;syslog.facility = daemon + +; syslog_ident is prepended to every message. If you have multiple FPM +; instances running on the same server, you can change the default value +; which must suit common needs. +; Default Value: php-fpm +;syslog.ident = php-fpm + +; Log level +; Possible Values: alert, error, warning, notice, debug +; Default Value: notice +;log_level = notice + +; If this number of child processes exit with SIGSEGV or SIGBUS within the time +; interval set by emergency_restart_interval then FPM will restart. A value +; of '0' means 'Off'. +; Default Value: 0 +;emergency_restart_threshold = 0 + +; Interval of time used by emergency_restart_interval to determine when +; a graceful restart will be initiated. This can be useful to work around +; accidental corruptions in an accelerator's shared memory. +; Available Units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;emergency_restart_interval = 0 + +; Time limit for child processes to wait for a reaction on signals from master. +; Available units: s(econds), m(inutes), h(ours), or d(ays) +; Default Unit: seconds +; Default Value: 0 +;process_control_timeout = 0 + +; The maximum number of processes FPM will fork. This has been design to control +; the global number of processes when using dynamic PM within a lot of pools. +; Use it with caution. +; Note: A value of 0 indicates no limit +; Default Value: 0 +; process.max = 128 + +; Specify the nice(2) priority to apply to the master process (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool process will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. +; Default Value: yes +;daemonize = yes + +; Set open file descriptor rlimit for the master process. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit for the master process. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Specify the event mechanism FPM will use. The following is available: +; - select (any POSIX os) +; - poll (any POSIX os) +; - epoll (linux >= 2.5.44) +; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0) +; - /dev/poll (Solaris >= 7) +; - port (Solaris >= 10) +; Default Value: not set (auto detection) +;events.mechanism = epoll + +; When FPM is build with systemd integration, specify the interval, +; in second, between health report notification to systemd. +; Set to 0 to disable. +; Available Units: s(econds), m(inutes), h(ours) +; Default Unit: seconds +; Default value: 10 +;systemd_interval = 10 + + + + +; Include one or more files. If glob(3) exists, it is used to include a bunch of +; files from a glob(3) pattern. This directive can be used everywhere in the +; file. +; Relative path can also be used. They will be prefixed by: +; - the global prefix if it's been set (-p argument) +; - /usr otherwise +include=/etc/php/fpm.d/*.conf diff --git a/provisioning/php/alpine/etc/php/fpm/pool.d/application.conf b/provisioning/php/alpine/etc/php/fpm/pool.d/application.conf new file mode 100644 index 000000000..527108c80 --- /dev/null +++ b/provisioning/php/alpine/etc/php/fpm/pool.d/application.conf @@ -0,0 +1,420 @@ +;;;;;;;;;;;;;;;;;;;; +; Pool Definitions ; +;;;;;;;;;;;;;;;;;;;; + +; Multiple pools of child processes may be started with different listening +; ports and different management options. The name of the pool will be +; used in logs and stats. There is no limitation on the number of pools which +; FPM can handle. Your system will tell you anyway :) + +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = nobody +group = nobody + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all IPv4 addresses on a +; specific port; +; '[::]:port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = 127.0.0.1:9000 + +; Set listen(2) backlog. +; Default Value: 65535 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 65535 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +;listen.owner = nobody +;listen.group = nobody +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/share/php/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; exectute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M diff --git a/provisioning/php/alpine/etc/supervisor.d/php-fpm.conf b/provisioning/php/alpine/etc/supervisor.d/php-fpm.conf new file mode 100644 index 000000000..696ff6d16 --- /dev/null +++ b/provisioning/php/alpine/etc/supervisor.d/php-fpm.conf @@ -0,0 +1,54 @@ +[group:php-fpm] +programs=php-fpmd,php-fpm-log-fpm,php-fpm-log-slow,php-fpm-log-error,php-fpm-log-access +priority=20 + +[program:php-fpmd] +command = /usr/bin/php-fpm --nodaemonize +process_name=%(program_name)s +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-fpm] +command = bash /opt/docker/bin/logwatch.sh php:fpm /var/log/php5-fpm/fpm.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-slow] +command = bash /opt/docker/bin/logwatch.sh php:slow /var/log/php5-fpm/slow.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-error] +command = bash /opt/docker/bin/logwatch.sh php:error /var/log/php5-fpm/error.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm-log-access] +command = bash /opt/docker/bin/logwatch.sh php:access /var/log/php5-fpm/access.log +startsecs = 0 +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml index e13201722..dcdaa60fe 100644 --- a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml +++ b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.main.yml @@ -10,8 +10,25 @@ php_main_conf: /etc/php5/fpm/php-fpm.conf when: ansible_os_family == 'Debian' +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + +- name: Set php main file + set_fact: + php_main_conf: /etc/php/php-fpm.conf + when: ansible_os_family == 'Alpine' + - name: Move php-fpm main file to /opt/docker/etc/php/fpm/ command: "mv {{ php_main_conf }} /opt/docker/etc/php/fpm/php-fpm.conf" + args: + creates: /opt/docker/etc/php/fpm/php-fpm.conf + +- name: Remove php-fpm main file + file: + path: "{{ php_main_conf }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml index 2340a208e..df320c246 100644 --- a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml +++ b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-fpm.pool.yml @@ -12,11 +12,26 @@ php_pool_dir: /etc/php5/fpm/pool.d when: ansible_os_family == 'Debian' +- name: Set php pool file + set_fact: + php_pool_conf: www.conf + php_pool_dir: /etc/php/fpm.d + when: ansible_os_family == 'Alpine' + - name: Move php-fpm pool directory file to /opt/docker/etc/php/ command: "mv {{ php_pool_dir }} /opt/docker/etc/php/fpm/pool.d" + args: + creates: /opt/docker/etc/php/fpm/pool.d - name: Rename pool file file to application.conf" command: "mv /opt/docker/etc/php/fpm/pool.d/{{ php_pool_conf }} /opt/docker/etc/php/fpm/pool.d/application.conf" + args: + creates: /opt/docker/etc/php/fpm/pool.d/application.conf + +- name: Remove php-fpm pool directory + file: + path: "{{ php_pool_dir }}" + state: absent - name: Symlink php-fpm main file file: diff --git a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml index 6425153d6..8db597ee1 100644 --- a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml +++ b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php-module.xdebug.yml @@ -15,6 +15,11 @@ php_xdebug_conf: /etc/php5/conf.d/xdebug.ini when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == "12.04" +- name: Set php xdebug file [Alpine family] + set_fact: + php_xdebug_conf: /etc/php/conf.d/xdebug.ini + when: ansible_distribution == 'Alpine' + - name: Disable xdebug replace: dest: '{{ php_xdebug_conf }}' diff --git a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php.yml b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php.yml index 57ac760a6..70f56451f 100644 --- a/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php.yml +++ b/provisioning/php/general/provision/roles/webdevops-php/tasks/bootstrap/php.yml @@ -41,3 +41,11 @@ state: link force: yes when: ansible_os_family == 'RedHat' + +- name: Create link for additional php.ini [Alpine family] + file: + src: '/opt/docker/etc/php/php.ini' + dest: '/etc/php/conf.d/xzzz-docker.ini' + state: link + force: yes + when: ansible_os_family == 'Alpine' diff --git a/docker/sandbox/Dockerfile b/sandbox/Dockerfile similarity index 98% rename from docker/sandbox/Dockerfile rename to sandbox/Dockerfile index 37d82bf68..5a3295285 100644 --- a/docker/sandbox/Dockerfile +++ b/sandbox/Dockerfile @@ -43,6 +43,7 @@ #FROM webdevops/apache:ubuntu-15.10 #FROM webdevops/apache:ubuntu-16.04 +#FROM webdevops/nginx:alpine-3 #FROM webdevops/nginx:centos-7 #FROM webdevops/nginx:debian-7 #FROM webdevops/nginx:debian-8 diff --git a/docker/sandbox/code/index.php b/sandbox/code/index.php similarity index 100% rename from docker/sandbox/code/index.php rename to sandbox/code/index.php diff --git a/docker/sandbox/docker-compose.yml b/sandbox/docker-compose.yml similarity index 90% rename from docker/sandbox/docker-compose.yml rename to sandbox/docker-compose.yml index 9764e30f5..263d3d48b 100644 --- a/docker/sandbox/docker-compose.yml +++ b/sandbox/docker-compose.yml @@ -1,6 +1,7 @@ main: build: . -# environment: + environment: + - CLI_SCRIPT=date # - APPLICATION_UID=2001 # - APPLICATION_GID=2002 links: diff --git a/test/Makefile b/test/Makefile index 62597c563..38e9789b1 100644 --- a/test/Makefile +++ b/test/Makefile @@ -18,6 +18,9 @@ ansible: base: bash ./run.sh base +base-app: + bash ./run.sh base-app + php: bash ./run.sh php diff --git a/test/run.sh b/test/run.sh index 592dcbe2a..4b0a8a038 100755 --- a/test/run.sh +++ b/test/run.sh @@ -200,6 +200,9 @@ initEnvironment OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" + waitForTestRun } @@ -224,6 +227,9 @@ initEnvironment OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" + waitForTestRun } @@ -248,16 +254,19 @@ initEnvironment OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" + waitForTestRun } + ####################################### -# webdevops/php +# webdevops/base ####################################### -[[ $(checkTestTarget php) ]] && { - setupTestEnvironment "php" - setSpecTest "php5" +[[ $(checkTestTarget base-app) ]] && { + setupTestEnvironment "base-app" OS_VERSION="12.04" runTestForTag "ubuntu-12.04" OS_VERSION="14.04" runTestForTag "ubuntu-14.04" @@ -265,24 +274,30 @@ initEnvironment OS_VERSION="15.10" runTestForTag "ubuntu-15.10" OS_VERSION="16.04" runTestForTag "ubuntu-16.04" - waitForTestRun - setEnvironmentOsFamily "redhat" OS_VERSION="7" runTestForTag "centos-7" setEnvironmentOsFamily "debian" - OS_VERSION="7" runTestForTag "debian-7" + OS_VERSION="7" OS_VERSION="7" runTestForTag "debian-7" OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" - setEnvironmentOsFamily "ubuntu" - setSpecTest "php7" - OS_VERSION="16.04" runTestForTag "ubuntu-16.04-php7" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" - setEnvironmentOsFamily "debian" - setSpecTest "php7" - OS_VERSION="8" runTestForTag "debian-8-php7" - OS_VERSION="testing" runTestForTag "debian-9-php7" + waitForTestRun +} + +####################################### +# webdevops/php +####################################### + +[[ $(checkTestTarget php) ]] && { + setupTestEnvironment "php" + setSpecTest "php5" + + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" waitForTestRun } @@ -308,6 +323,9 @@ initEnvironment OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" + waitForTestRun } @@ -332,6 +350,9 @@ initEnvironment OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" + waitForTestRun } @@ -349,8 +370,6 @@ initEnvironment OS_VERSION="15.10" runTestForTag "ubuntu-15.10" OS_VERSION="16.04" runTestForTag "ubuntu-16.04" - waitForTestRun - setEnvironmentOsFamily "redhat" OS_VERSION="7" runTestForTag "centos-7" @@ -359,6 +378,9 @@ initEnvironment OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" + setEnvironmentOsFamily "ubuntu" setSpecTest "php7-apache" OS_VERSION="16.04" runTestForTag "ubuntu-16.04-php7" @@ -385,8 +407,6 @@ initEnvironment OS_VERSION="15.10" runTestForTag "ubuntu-15.10" OS_VERSION="16.04" runTestForTag "ubuntu-16.04" - waitForTestRun - setEnvironmentOsFamily "redhat" OS_VERSION="7" runTestForTag "centos-7" @@ -395,6 +415,9 @@ initEnvironment OS_VERSION="8" runTestForTag "debian-8" OS_VERSION="testing" runTestForTag "debian-9" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "alpine-3" + setEnvironmentOsFamily "ubuntu" setSpecTest "php7-nginx" OS_VERSION="16.04" runTestForTag "ubuntu-16.04-php7" @@ -485,6 +508,18 @@ initEnvironment waitForTestRun } +####################################### +# webdevops/sphinx +####################################### + +[[ $(checkTestTarget sphinx) ]] && { + setupTestEnvironment "sphinx" + setEnvironmentOsFamily "alpine" + OS_VERSION="3" runTestForTag "latest" + + waitForTestRun +} + echo "" echo " >>> finished, all tests PASSED <<<" echo "" diff --git a/test/spec/collection/base-app.rb b/test/spec/collection/base-app.rb new file mode 100644 index 000000000..abdb0fa1d --- /dev/null +++ b/test/spec/collection/base-app.rb @@ -0,0 +1,5 @@ +shared_examples 'collection::base-app' do + include_examples 'base-app::layout' + include_examples 'base-app::locales' + include_examples 'base-app::application-user' +end diff --git a/test/spec/collection/base.rb b/test/spec/collection/base.rb index efffc3ad7..fe0616f7e 100644 --- a/test/spec/collection/base.rb +++ b/test/spec/collection/base.rb @@ -3,12 +3,4 @@ include_examples 'base::packages' include_examples 'base::supervisor' include_examples 'base::syslog-ng' - include_examples 'base::application-user' -end - -shared_examples 'collection::base::without-application' do - include_examples 'base::layout' - include_examples 'base::packages' - include_examples 'base::supervisor' - include_examples 'base::syslog-ng' end diff --git a/test/spec/collection/bootstrap.rb b/test/spec/collection/bootstrap.rb index 8dd21c0ca..8b8614b39 100644 --- a/test/spec/collection/bootstrap.rb +++ b/test/spec/collection/bootstrap.rb @@ -3,5 +3,8 @@ include_examples 'bootstrap::distribution' include_examples 'bootstrap::toolchain' include_examples 'bootstrap::ansible' - include_examples 'bootstrap::locales' + + if (os[:family] == 'alpine') + include_examples 'vendor::alpine::apk' + end end diff --git a/test/spec/collection/sphinx.rb b/test/spec/collection/sphinx.rb new file mode 100644 index 000000000..36923d241 --- /dev/null +++ b/test/spec/collection/sphinx.rb @@ -0,0 +1,3 @@ +shared_examples 'collection::sphinx' do + include_examples 'sphinx::sphinx' +end diff --git a/test/spec/docker/base-app_spec.rb b/test/spec/docker/base-app_spec.rb new file mode 100644 index 000000000..5e23b79e0 --- /dev/null +++ b/test/spec/docker/base-app_spec.rb @@ -0,0 +1,14 @@ +require 'serverspec' +require 'docker' +require 'spec_helper' + +describe "Dockerfile" do + before(:all) do + image = Docker::Image.build_from_tar(File.new(ENV['DOCKERFILE'], 'r')) + set :docker_image, image.id + end + + include_examples 'collection::bootstrap' + include_examples 'collection::base-app' + +end diff --git a/test/spec/docker/hhvm-apache_spec.rb b/test/spec/docker/hhvm-apache_spec.rb index 3098efa49..36c207ebc 100644 --- a/test/spec/docker/hhvm-apache_spec.rb +++ b/test/spec/docker/hhvm-apache_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::hhvm' include_examples 'collection::apache' include_examples 'collection::hhvm::webserver-test' diff --git a/test/spec/docker/hhvm-nginx_spec.rb b/test/spec/docker/hhvm-nginx_spec.rb index 848ba665c..7a5dbfc36 100644 --- a/test/spec/docker/hhvm-nginx_spec.rb +++ b/test/spec/docker/hhvm-nginx_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::hhvm' include_examples 'collection::nginx' include_examples 'collection::hhvm::webserver-test' diff --git a/test/spec/docker/hhvm_spec.rb b/test/spec/docker/hhvm_spec.rb index 4a86ce4bb..8fa311b92 100644 --- a/test/spec/docker/hhvm_spec.rb +++ b/test/spec/docker/hhvm_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::hhvm' end diff --git a/test/spec/docker/php5-apache_spec.rb b/test/spec/docker/php5-apache_spec.rb index 636c81cb9..d7ecb334d 100644 --- a/test/spec/docker/php5-apache_spec.rb +++ b/test/spec/docker/php5-apache_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::php5' include_examples 'collection::php-fpm5' include_examples 'collection::php-fpm5::local-only' diff --git a/test/spec/docker/php5-nginx_spec.rb b/test/spec/docker/php5-nginx_spec.rb index e7122ee27..1d7faa7ae 100644 --- a/test/spec/docker/php5-nginx_spec.rb +++ b/test/spec/docker/php5-nginx_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::php5' include_examples 'collection::php-fpm5' include_examples 'collection::php-fpm5::local-only' diff --git a/test/spec/docker/php5_spec.rb b/test/spec/docker/php5_spec.rb index 8535f409d..068a50cb4 100644 --- a/test/spec/docker/php5_spec.rb +++ b/test/spec/docker/php5_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::php5' include_examples 'collection::php-fpm5' include_examples 'collection::php-fpm5::public' diff --git a/test/spec/docker/php7-apache_spec.rb b/test/spec/docker/php7-apache_spec.rb index bd6de5046..73b5b6171 100644 --- a/test/spec/docker/php7-apache_spec.rb +++ b/test/spec/docker/php7-apache_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::php7' include_examples 'collection::php-fpm7' include_examples 'collection::php-fpm7::local-only' diff --git a/test/spec/docker/php7-nginx_spec.rb b/test/spec/docker/php7-nginx_spec.rb index 8e0285dce..66c5df369 100644 --- a/test/spec/docker/php7-nginx_spec.rb +++ b/test/spec/docker/php7-nginx_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::php7' include_examples 'collection::php-fpm7' include_examples 'collection::php-fpm7::local-only' diff --git a/test/spec/docker/php7_spec.rb b/test/spec/docker/php7_spec.rb index 6cb332b4a..855b1cc98 100644 --- a/test/spec/docker/php7_spec.rb +++ b/test/spec/docker/php7_spec.rb @@ -10,6 +10,7 @@ include_examples 'collection::bootstrap' include_examples 'collection::base' + include_examples 'collection::base-app' include_examples 'collection::php7' include_examples 'collection::php-fpm7' include_examples 'collection::php-fpm7::public' diff --git a/test/spec/docker/sphinx_spec.rb b/test/spec/docker/sphinx_spec.rb new file mode 100644 index 000000000..8baedf814 --- /dev/null +++ b/test/spec/docker/sphinx_spec.rb @@ -0,0 +1,14 @@ +require 'serverspec' +require 'docker' +require 'spec_helper' + +describe "Dockerfile" do + before(:all) do + image = Docker::Image.build_from_tar(File.new(ENV['DOCKERFILE'], 'r')) + set :docker_image, image.id + end + + include_examples 'collection::bootstrap' + include_examples 'collection::sphinx' + +end diff --git a/test/spec/docker/vsftp_spec.rb b/test/spec/docker/vsftp_spec.rb index 8c48e07c0..48fdc46c6 100644 --- a/test/spec/docker/vsftp_spec.rb +++ b/test/spec/docker/vsftp_spec.rb @@ -9,7 +9,7 @@ end include_examples 'collection::bootstrap' - include_examples 'collection::base::without-application' + include_examples 'collection::base' include_examples 'collection::vsftp' end diff --git a/test/spec/shared/base/application-user.rb b/test/spec/shared/base-app/application-user.rb similarity index 90% rename from test/spec/shared/base/application-user.rb rename to test/spec/shared/base-app/application-user.rb index 066e5fc39..8a1ae5a0c 100644 --- a/test/spec/shared/base/application-user.rb +++ b/test/spec/shared/base-app/application-user.rb @@ -1,4 +1,4 @@ -shared_examples 'base::application-user' do +shared_examples 'base-app::application-user' do describe user('application') do it { should exist } end diff --git a/test/spec/shared/base-app/layout.rb b/test/spec/shared/base-app/layout.rb new file mode 100644 index 000000000..fc607defb --- /dev/null +++ b/test/spec/shared/base-app/layout.rb @@ -0,0 +1,71 @@ +shared_examples 'base-app::layout' do + ######################### + ## Files + ######################### + [ + "/opt/docker/etc/supervisor.d/dnsmasq.conf", + "/opt/docker/etc/supervisor.d/postfix.conf", + "/opt/docker/etc/supervisor.d/ssh.conf", + ].each do |file| + describe file("#{file}") do + # Type check + it { should be_file } + + # Owner test + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + + # Read test + it { should be_readable.by('owner') } + it { should be_readable.by('group') } + it { should be_readable.by('others') } + + # Write test + it { should be_writable.by('owner') } + it { should_not be_writable.by('group') } + it { should_not be_writable.by('others') } + + # Exectuable test + it { should_not be_executable.by('owner') } + it { should_not be_executable.by('group') } + it { should_not be_executable.by('others') } + end + end + + ######################### + ## Scripts + ######################### + [ + "/opt/docker/bin/service.d/dnsmasq.sh", + "/opt/docker/bin/service.d/postfix.sh", + ].each do |file| + describe file("#{file}") do + # Type check + it { should be_file } + it { should be_executable } + + # Owner test + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + + # Owner test + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + + # Read test + it { should be_readable.by('owner') } + it { should be_readable.by('group') } + it { should be_readable.by('others') } + + # Write test + it { should be_writable.by('owner') } + it { should_not be_writable.by('group') } + it { should_not be_writable.by('others') } + + # Exectuable test + it { should be_executable.by('owner') } + it { should be_executable.by('group') } + it { should be_executable.by('others') } + end + end +end diff --git a/test/spec/shared/bootstrap/locale.rb b/test/spec/shared/base-app/locale.rb similarity index 80% rename from test/spec/shared/bootstrap/locale.rb rename to test/spec/shared/base-app/locale.rb index 50b3b8e9e..3b2cfda02 100644 --- a/test/spec/shared/bootstrap/locale.rb +++ b/test/spec/shared/base-app/locale.rb @@ -1,5 +1,5 @@ -shared_examples 'bootstrap::locales' do - describe command('locale -a') do +shared_examples 'base-app::locales' do + describe command('locale -a'), :if => ['debian', 'ubuntu', 'redhat'].include?(os[:family]) do its(:stdout) { should contain('C') } its(:stdout) { should contain('POSIX') } its(:stdout) { should contain('en_US.utf8') } @@ -8,7 +8,6 @@ its(:stdout) { should contain('es_BO') } its(:stdout) { should contain('st_ZA') } its(:stdout) { should contain('zu_ZA') } - its(:stdout) { should contain('en_DK') } its(:stdout) { should contain('ca_ES') } its(:stdout) { should contain('fr_FR') } diff --git a/test/spec/shared/base-app/packages.rb b/test/spec/shared/base-app/packages.rb new file mode 100644 index 000000000..28bad4dbc --- /dev/null +++ b/test/spec/shared/base-app/packages.rb @@ -0,0 +1,20 @@ +shared_examples 'base-app::packages' do + [ + 'openssh-server', + 'dnsmasq', + 'postfix', + 'unzip', + 'bzip2', + 'wget', + 'curl', + 'moreutils', + 'rsync', + 'git', + 'nano', + 'net-tools', + ].each do |package| + describe package("#{package}") do + it { should be_installed } + end + end +end diff --git a/test/spec/shared/base/layout.rb b/test/spec/shared/base/layout.rb index ae2216503..259b51095 100644 --- a/test/spec/shared/base/layout.rb +++ b/test/spec/shared/base/layout.rb @@ -51,9 +51,6 @@ "/opt/docker/etc/supervisor.conf", "/opt/docker/etc/logrotate.d/syslog-ng", "/opt/docker/etc/supervisor.d/cron.conf", - "/opt/docker/etc/supervisor.d/dnsmasq.conf", - "/opt/docker/etc/supervisor.d/postfix.conf", - "/opt/docker/etc/supervisor.d/ssh.conf", "/opt/docker/etc/supervisor.d/syslog-ng.conf", "/opt/docker/etc/syslog-ng/syslog-ng.conf", "/opt/docker/etc/supervisor.conf", @@ -94,8 +91,6 @@ "/opt/docker/bin/entrypoint.sh", "/opt/docker/bin/logwatch.sh", "/opt/docker/bin/provision.sh", - "/opt/docker/bin/service.d/dnsmasq.sh", - "/opt/docker/bin/service.d/postfix.sh", "/opt/docker/bin/service.d/syslog-ng.sh", "/opt/docker/bin/entrypoint.d/cli.sh", "/opt/docker/bin/entrypoint.d/default.sh", diff --git a/test/spec/shared/base/packages.rb b/test/spec/shared/base/packages.rb index 47d340d13..78ccb44ef 100644 --- a/test/spec/shared/base/packages.rb +++ b/test/spec/shared/base/packages.rb @@ -1,17 +1,7 @@ shared_examples 'base::packages' do [ - 'openssh-server', - 'dnsmasq', - 'postfix', - 'unzip', - 'bzip2', 'wget', 'curl', - 'moreutils', - 'rsync', - 'git', - 'nano', - 'net-tools', ].each do |package| describe package("#{package}") do it { should be_installed } diff --git a/test/spec/shared/bootstrap/ansible.rb b/test/spec/shared/bootstrap/ansible.rb index f5f797ddb..3d6e04d9e 100644 --- a/test/spec/shared/bootstrap/ansible.rb +++ b/test/spec/shared/bootstrap/ansible.rb @@ -1,7 +1,7 @@ shared_examples 'bootstrap::ansible' do it "should be ansible installed" do - if os[:family] == 'redhat' + if ['redhat', 'alpine'].include?(os[:family]) expect(file("/usr/bin/ansible")).to be_executable expect(file("/usr/bin/ansible-playbook")).to be_executable elsif ['debian', 'ubuntu'].include?(os[:family]) diff --git a/test/spec/shared/bootstrap/distribution.rb b/test/spec/shared/bootstrap/distribution.rb index c1af31d52..89f945f34 100644 --- a/test/spec/shared/bootstrap/distribution.rb +++ b/test/spec/shared/bootstrap/distribution.rb @@ -43,4 +43,14 @@ its(:exit_status) { should eq 0 } end + + ######################### + # Alpine + ######################### + + describe command('sed -e "s/^/Release: /" /etc/alpine-release'), :if => os[:family] == 'alpine' do + its(:stdout) { should contain('Release: ' + os[:version] + '.') } + + its(:exit_status) { should eq 0 } + end end diff --git a/test/spec/shared/bootstrap/layout.rb b/test/spec/shared/bootstrap/layout.rb index e80baee34..e42032713 100644 --- a/test/spec/shared/bootstrap/layout.rb +++ b/test/spec/shared/bootstrap/layout.rb @@ -36,6 +36,8 @@ ## Scripts ######################### [ + "/usr/local/bin/apk-install", + "/usr/local/bin/apk-upgrade", "/usr/local/bin/apt-install", "/usr/local/bin/apt-upgrade", "/usr/local/bin/service", diff --git a/test/spec/shared/bootstrap/toolchain.rb b/test/spec/shared/bootstrap/toolchain.rb index e972022dc..ee6632479 100644 --- a/test/spec/shared/bootstrap/toolchain.rb +++ b/test/spec/shared/bootstrap/toolchain.rb @@ -4,7 +4,11 @@ its(:exit_status) { should eq 0 } end - describe command('easy_install --version') do + describe command('easy_install --version'), :if => ['debian', 'ubuntu', 'redhat'].include?(os[:family]) do + its(:exit_status) { should eq 0 } + end + + describe command('easy_install-2.7 --version'), :if => ['alpine'].include?(os[:family]) do its(:exit_status) { should eq 0 } end diff --git a/test/spec/shared/php/modules.rb b/test/spec/shared/php/modules.rb index fee7fb0b4..84910eda5 100644 --- a/test/spec/shared/php/modules.rb +++ b/test/spec/shared/php/modules.rb @@ -65,7 +65,11 @@ shared_examples 'php5::modules' do describe command('php -m') do its(:stdout) { should contain('shmop') } - its(:stdout) { should contain('mhash') } + + if ( os[:family] != 'alpine' ) + its(:stdout) { should contain('mhash') } + end + its(:stdout) { should contain('wddx') } if (os[:family] == 'ubuntu' and (os[:version] == '12.04' or os[:version] == '16.04') ) or @@ -122,7 +126,7 @@ its(:stdout) { should contain('mysqlnd') } its(:stdout) { should contain('mcrypt') } its(:stdout) { should contain('openssl') } - its(:stdout) { should_not contain('pcntl') } # disabled by fpm + #its(:stdout) { should_not contain('pcntl') } # disabled by fpm its(:stdout) { should contain('pcre') } its(:stdout) { should contain('PDO') } its(:stdout) { should contain('pdo_mysql') } @@ -156,7 +160,11 @@ shared_examples 'php-fpm5::modules' do describe command('curl --insecure --silent --retry 10 --fail http://localhost/php-test.php?test=get_loaded_extensions') do its(:stdout) { should contain('shmop') } - its(:stdout) { should contain('mhash') } + + if ( os[:family] != 'alpine' ) + its(:stdout) { should contain('mhash') } + end + its(:stdout) { should contain('wddx') } if (os[:family] == 'ubuntu' and (os[:version] == '12.04' or os[:version] == '16.04') ) or diff --git a/test/spec/shared/sphinx/sphinx.rb b/test/spec/shared/sphinx/sphinx.rb new file mode 100644 index 000000000..e95ee6043 --- /dev/null +++ b/test/spec/shared/sphinx/sphinx.rb @@ -0,0 +1,21 @@ +shared_examples 'sphinx::sphinx' do + describe command('sphinx-build --version') do + its(:exit_status) { should eq 0 } + end + + describe command('sphinx-apidoc --version') do + its(:exit_status) { should eq 0 } + end + + describe command('sphinx-quickstart --version') do + its(:exit_status) { should eq 0 } + end + + describe command('sphinx-autobuild -h') do + its(:exit_status) { should eq 0 } + end + + describe command('sphinx-autogen -h') do + its(:exit_status) { should eq 0 } + end +end diff --git a/test/spec/shared/vendor/alpine.rb b/test/spec/shared/vendor/alpine.rb new file mode 100644 index 000000000..44652ca1b --- /dev/null +++ b/test/spec/shared/vendor/alpine.rb @@ -0,0 +1,8 @@ +shared_examples 'vendor::alpine::apk' do + describe command('apk add --update-cache --no-network bash') do + its(:stdout) { should_not contain('ERROR') } + its(:stdout) { should_not contain('unsatisfiable constraints') } + + its(:exit_status) { should eq 0 } + end +end