Docker

Dockerfile

@@ -0,0 +1,124 @@
+# Use the official PHP image with FPM as the base image
+FROM php:8.2-fpm AS base
+
+# Install dependencies and PHP extensions
+RUN apt-get update && apt-get install -y \
+    unzip \
+    libxml2-dev \
+    libssl-dev \
+    libzip-dev \
+    libpng-dev \
+    libfreetype6-dev \
+    libjpeg62-turbo-dev \
+    libonig-dev \
+    libxslt1-dev \
+    libmcrypt-dev \
+    libsodium-dev \
+    nginx \
+    openssl \
+    && docker-php-ext-configure gd --with-freetype --with-jpeg \
+    && docker-php-ext-install -j$(nproc) \
+    ctype \
+    dom \
+    filter \
+    iconv \
+    intl \
+    mbstring \
+    pdo_mysql \
+    phar \
+    simplexml \
+    sodium \
+    xml \
+    xmlwriter \
+    zip \
+    gd \
+    xsl \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Set memory limit for PHP
+RUN echo "memory_limit=512M" > /usr/local/etc/php/conf.d/memory-limit.ini
+ENV PHP_MEMORY_LIMIT=512M
+
+FROM base AS composer
+
+# Install Composer
+COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
+
+# Set COMPOSER_ALLOW_SUPERUSER environment variable
+ENV COMPOSER_ALLOW_SUPERUSER=1
+
+# Set working directory
+WORKDIR /var/www/html
+
+# Copy the composer.json and composer.lock files into the container
+COPY . .
+
+# Install PHP dependencies including symfony/runtime
+RUN composer install --classmap-authoritative --no-scripts
+
+FROM base AS node
+
+# Set working directory
+WORKDIR /var/www/html
+
+COPY --from=composer /var/www/html/vendor /var/www/html/vendor
+
+# Copy the package.json and package-lock.json files into the container
+COPY . .
+
+# Install Node.js dependencies
+RUN apt-get update && apt-get install -y \
+    curl \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install Node.js and npm
+RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - \
+    && apt-get install -y nodejs \
+    && npm install -g npm@latest
+
+# Install Node.js dependencies and build assets
+RUN npm install \
+    && npm run build \
+    && php bin/console assets:install
+
+FROM base AS runner
+
+# Copy necessary files into the container
+#COPY bin /var/www/html/bin
+#COPY .env /var/www/html/.env
+#COPY templates /var/www/html/templates
+#COPY migrations /var/www/html/migrations
+#COPY config /var/www/html/config
+#COPY src /var/www/html/src
+#COPY public /var/www/html/public
+COPY . .
+
+# Copy build files from the previous stages
+COPY --from=node /var/www/html/public /var/www/html/public
+COPY --from=composer /var/www/html/vendor /var/www/html/vendor
+
+WORKDIR /var/www/html
+
+# Create SAML certificate
+RUN php bin/console app:create-certificate --type saml --no-interaction
+
+# Copy the Nginx configuration file into the container
+COPY default.conf /etc/nginx/sites-enabled/sso
+# COPY default.conf /etc/nginx/conf.d/default.conf
+
+# Copy the startup script into the container
+COPY startup.sh /usr/local/bin/startup.sh
+
+# Ensure the startup script is executable
+RUN chmod +x /usr/local/bin/startup.sh
+
+# Set first run flag
+ENV FIRST_RUN=1
+
+# Expose port 80
+EXPOSE 80
+
+# Use the startup script as the entrypoint
+CMD ["/usr/local/bin/startup.sh"]

default.conf

@@ -0,0 +1,56 @@
+server {
+    listen 80;
+    server_name localhost;
+
+    root /var/www/html/public;
+
+    location / {
+        # try to serve file directly, fallback to index.php
+        try_files $uri /index.php$is_args$args;
+    }
+
+    # optionally disable falling back to PHP script for the asset directories;
+    # nginx will return a 404 error when files are not found instead of passing the
+    # request to Symfony (improves performance but Symfony's 404 page is not displayed)
+    # location /bundles {
+    #     try_files $uri =404;
+    # }
+
+    location ~ ^/index\.php(/|$) {
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+
+        # When you are using symlinks to link the document root to the
+        # current version of your application, you should pass the real
+        # application path instead of the path to the symlink to PHP
+        # FPM.
+        # Otherwise, PHP's OPcache may not properly detect changes to
+        # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
+        # for more information).
+        # Caveat: When PHP-FPM is hosted on a different machine from nginx
+        #         $realpath_root may not resolve as you expect! In this case try using
+        #         $document_root instead.
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+        fastcgi_param DOCUMENT_ROOT $realpath_root;
+
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        # Prevents URIs that include the front controller. This will 404:
+        # http://domain.tld/index.php/some-path
+        # Remove the internal directive to allow URIs like this
+        # internal;
+    }
+
+    # return 404 for all other php files not matching the front controller
+    # this prevents access to other php files you don't want to be accessible.
+    location ~ \.php$ {
+        return 404;
+    }
+
+    # Optional logging
+    error_log /var/log/nginx/error.log;
+    access_log /var/log/nginx/access.log;
+}

docker-compose.yml

@@ -0,0 +1,29 @@
+version: '3.8'
+
+services:
+  web:
+    build: .
+    ports:
+      - "8080:80"
+    depends_on:
+      - db
+    env_file:
+      - .env.local
+
+  db:
+    image: mariadb:10.4
+    restart: always
+    environment:
+      MYSQL_ROOT_PASSWORD: rootpassword
+      MYSQL_DATABASE: idp
+      MYSQL_USER: idpuser
+      MYSQL_PASSWORD: idppassword
+    ports:
+      - "3306:3306"
+    volumes:
+      - db_data:/var/lib/mysql
+
+volumes:
+  db_data:
+
+

startup.sh

@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# Check if the FIRST_RUN environment variable is 1
+if [ "$FIRST_RUN" = "1" ]; then
+    # Run database migrations
+    php bin/console doctrine:migrations:migrate --no-interaction
+
+    # Perform initial setup
+    php bin/console app:setup
+
+    # Register cron jobs
+    php bin/console shapecode:cron:scan
+
+    # Update Browscap
+    php bin/console app:browscap:update
+
+    # Set FIRST_RUN environment variable to 0
+    export FIRST_RUN=0
+fi
+
+# Start PHP-FPM
+php-fpm &
+
+# Start Nginx
+nginx -g 'daemon off;'