Docker

.env

@@ -27,6 +27,10 @@ CRON_PASSWORD=
 ###> doctrine/doctrine-bundle ###
 # Siehe https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
 DATABASE_URL="mysql://db_user:db_password@localhost:3306/db_name"
+MYSQL_ROOT_PASSWORD=changeThisToASecurePassword
+MYSQL_DATABASE=db_name
+MYSQL_USER=db_user
+MYSQL_PASSWORD=db_password
 ###< doctrine/doctrine-bundle ###
 
 ###> symfony/messenger ###
@@ -37,4 +41,7 @@ MESSENGER_TRANSPORT_DSN=doctrine://default
 MAILER_DSN=native://default
 ###< symfony/mailer ###
 
-PHP_BINARY=/usr/bin/php
+PHP_BINARY=/usr/bin/php
+
+### Docker ###
+TZ=Europe/Berlin

.github/workflows/docker-image.yml

@@ -0,0 +1,73 @@
+name: Docker Image CI
+
+on:
+  workflow_dispatch:
+  release:
+    types: [ published ]
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      # This is used to complete the identity challenge
+      # with sigstore/fulcio when running outside of PRs.
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Set image name to lower case because ghcr.io complains about uppercase
+      - name: downcase image name
+        run: |
+          echo "IMAGE_NAME_LOWER=${IMAGE_NAME@L}" >> "${GITHUB_ENV}"
+
+      - name: Set env
+        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LOWER }}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image to latest
+        if: ${{ !github.event.release.prerelease && github.event_name != 'push' }}
+        id: build-and-push-latest
+        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LOWER }}:latest
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: version_info=${{ env.RELEASE_VERSION }} (${{ env.CURRENT_DATE }})
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image to ${{ env.RELEASE_VERSION }} and unstable
+        if: ${{ github.event_name != 'push' && github.event_name != 'pull_request' }}
+        id: build-and-push-tag
+        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LOWER }}:${{ env.RELEASE_VERSION }} , ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_LOWER }}:unstable
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: version_info=${{ env.RELEASE_VERSION }} (${{ env.CURRENT_DATE }})

Dockerfile

@@ -0,0 +1,122 @@
+# Use the official PHP image with FPM as the base image
+FROM php:8.2-fpm AS base
+
+# Install dependencies and PHP extensions
+RUN apt-get update && apt-get install -y \
+    unzip \
+    libxml2-dev \
+    libssl-dev \
+    libzip-dev \
+    libpng-dev \
+    libfreetype6-dev \
+    libjpeg62-turbo-dev \
+    libonig-dev \
+    libxslt1-dev \
+    libmcrypt-dev \
+    libsodium-dev \
+    nginx \
+    openssl \
+    && docker-php-ext-configure gd --with-freetype --with-jpeg \
+    && docker-php-ext-install -j$(nproc) \
+    ctype \
+    dom \
+    filter \
+    iconv \
+    intl \
+    mbstring \
+    pdo_mysql \
+    phar \
+    simplexml \
+    sodium \
+    xml \
+    xmlwriter \
+    zip \
+    gd \
+    xsl \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Set memory limit for PHP
+RUN echo "memory_limit=512M" > /usr/local/etc/php/conf.d/memory-limit.ini
+ENV PHP_MEMORY_LIMIT=512M
+
+FROM base AS composer
+
+# Install Composer
+COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
+
+# Set COMPOSER_ALLOW_SUPERUSER environment variable
+ENV COMPOSER_ALLOW_SUPERUSER=1
+
+# Set working directory
+WORKDIR /var/www/html
+
+# Copy the composer.json and composer.lock files into the container
+COPY . .
+
+# Install PHP dependencies including symfony/runtime
+RUN composer install --no-dev --classmap-authoritative --no-scripts
+
+FROM base AS node
+
+# Set working directory
+WORKDIR /var/www/html
+
+COPY --from=composer /var/www/html/vendor /var/www/html/vendor
+
+# Copy the package.json and package-lock.json files into the container
+COPY . .
+
+# Install Node.js dependencies
+RUN apt-get update && apt-get install -y \
+    curl \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install Node.js and npm
+RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - \
+    && apt-get install -y nodejs \
+    && npm install -g npm@latest
+
+# Install Node.js dependencies and build the assets
+RUN npm install \
+    && npm run build \
+    && php bin/console assets:install
+
+FROM base AS runner
+
+WORKDIR /var/www/html
+
+# Copy necessary files into the container
+COPY . .
+
+# Remove unnecessary files
+RUN rm -rf ./docs
+RUN rm -rf ./.github
+RUN rm -rf ./docker-compose.yml
+RUN rm -rf ./Dockerfile
+RUN rm -rf ./.gitignore
+
+# Copy build files from the previous stages
+COPY --from=node /var/www/html/public /var/www/html/public
+COPY --from=composer /var/www/html/vendor /var/www/html/vendor
+
+# Output of assets? --> Needs to be copied to the final image - maybe separate stage
+
+# Remove the .htaccess file because we are using Nginx
+RUN rm -rf ./public/.htaccess
+
+# Copy the Nginx configuration file into the container
+COPY nginx.conf /etc/nginx/sites-enabled/default
+
+# Copy the startup script into the container
+COPY startup.sh /usr/local/bin/startup.sh
+
+# Ensure the startup script is executable
+RUN chmod +x /usr/local/bin/startup.sh
+
+# Expose port 80
+EXPOSE 80
+
+# Use the startup script as the entrypoint
+ENTRYPOINT ["/usr/local/bin/startup.sh"]

docker-compose.yml

@@ -0,0 +1,34 @@
+services:
+  web:
+    build: .
+    restart: always
+    ports:
+      - "8080:80"
+    depends_on:
+      db:
+        condition: service_healthy
+    env_file:
+      - .env.local
+    volumes:
+      - certs:/var/www/html/certs
+      # nginx configuration file
+      # - ./nginx.conf:/etc/nginx/sites-enabled/default
+
+  db:
+    image: mariadb:10.4
+    restart: always
+    env_file:
+      - .env.local
+    volumes:
+      - db_data:/var/lib/mysql
+    healthcheck:
+      test: mysqladmin ping -h 127.0.0.1 -u $$MYSQL_USER --password=$$MYSQL_PASSWORD
+      interval: 5s
+      timeout: 20s
+      retries: 10
+
+volumes:
+  db_data:
+  certs:
+
+