diff --git a/CHANGELOG.md b/CHANGELOG.md index b217093..118a5d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,23 @@ TYPO3 Docker Boilerplate Changelog ================================== +4.0.0 - 2015-08-13 - t3ugs @jweilandnet +--------------------------------------- +- Seperated TYPO3 Docker Boilerplate and PHP Docker Boilerplate +- Switched to Ansible provisioning (playbook) +- Added multiple Ubuntu versions +- Added CentOS +- Added Ubuntu with HHVM +- Added development/production context +- Added blackfire.io +- Added possiblity to disable Xdebug and Blackfire +- Moved php.ini to `etc/php/development.ini` and `etc/php/production.ini` +- Added ssh key/config (`etc/ssh`) setting for `/home/.ssh/` +- Added possibility to use `supervisorctl` (only for root) +- Improved provisioning +- Refactored layout +- Added prebuilt Docker images + 3.5.0 - 2015-06-23 ----------------------- - Added `ftp` container (with vsftpd) diff --git a/README.md b/README.md index ef5f6d5..edf494d 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ -# Dockerized PHP web project boilerplate +# Dockerized TYPO3 project boilerplate -![latest v3.5.0](https://img.shields.io/badge/latest-v3.5.0-green.svg?style=flat) +[![latest v4.0.0](https://img.shields.io/badge/latest-v4.0.0-green.svg?style=flat)](https://github.com/webdevops/TYPO3-docker-boilerplate/releases/tag/4.0.0) ![License MIT](https://img.shields.io/badge/license-MIT-blue.svg?style=flat) [![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/mblaschke/typo3-docker-boilerplate.svg)](http://isitmaintained.com/project/mblaschke/typo3-docker-boilerplate "Average time to resolve an issue") [![Percentage of issues still open](http://isitmaintained.com/badge/open/mblaschke/typo3-docker-boilerplate.svg)](http://isitmaintained.com/project/mblaschke/typo3-docker-boilerplate "Percentage of issues still open") -This is an easy customizable docker boilerplate for any PHP based projects like _TYPO3 CMS_, _Symfony Framework_, _FLOW/NEOS_ and many other frameworks or applications. +This is an easy customizable TYPO3 docker boilerplate. Supports: @@ -25,18 +25,16 @@ Supports: This Docker boilerplate based on the best practises and don't use too much magic. Configuration of each docker container is available in the `docker/` directory - feel free to customize. -This boilerplate can also be used for any other web project eg. Symfony, Magento and more. -Just customize the makefile for your needs - Warning: There may be issues when using it in production - if you have any success stories please contact me. -Use can use my [Vagrant Development VM](https://github.com/mblaschke/vagrant-development) for this Docker boilerplate, eg. for easy creating new boilerplate installations with an easy shell command: `ct docker:create directory` +You can use my [Vagrant Development VM](https://github.com/mblaschke/vagrant-development) for this Docker boilerplate, eg. for easy creating new boilerplate installations with an easy shell command: `ct docker:create directory` ## Table of contents - [Installation and requirements](/documentation/INSTALL.md) - [Updating docker boilerplate](/documentation/UPDATE.md) - [Customizing](/documentation/CUSTOMIZE.md) +- [Services (Webserver, MySQL... Ports, Users, Passwords)](/documentation/SERVICES.md) - [Docker Quickstart](/documentation/DOCKER-QUICKSTART.md) - [Run your project](/documentation/DOCKER-STARTUP.md) - [Container detail info](/documentation/DOCKER-INFO.md) diff --git a/bin/create-project.sh b/bin/create-project.sh index 155c1eb..70b270a 100755 --- a/bin/create-project.sh +++ b/bin/create-project.sh @@ -8,7 +8,7 @@ set -o errexit ## set -e : exit the script if any statement returns a non-true source "$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )/.config.sh" if [ "$#" -lt 1 ]; then - echo "No project type defined (either cms, neos, symfony or git)" + echo "No project type defined (either cms, neos or git)" exit 1 fi @@ -33,15 +33,6 @@ case "$1" in execInDir "$CODE_DIR" "composer create-project typo3/neos-base-distribution \"$CODE_DIR\"" ;; - ################################### - ## SYMFONY - ################################### - "symfony") - curl -LsS http://symfony.com/installer > /tmp/symfony.$$.phar - execInDir "$CODE_DIR" "php /tmp/symfony.$$.phar new '$CODE_DIR'" - rm -f -- /tmp/symfony.$$.phar - ;; - ################################### ## GIT ################################### diff --git a/docker-compose.yml b/docker-compose.yml index 36b1455..341261a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,7 +2,13 @@ # Main php container ####################################### main: - build: docker/main/ + build: docker/main + #dockerfile: Ubuntu-12.04 # Ubuntu 12.04 - PHP 5.3, LTS (precise) + dockerfile: Ubuntu-14.04 # Ubuntu 14.04 - PHP 5.5, LTS (trusty) + #dockerfile: Ubuntu-15.04 # Ubuntu 15.04 - PHP 5.6 (vivid) + #dockerfile: Ubuntu-15.10 # Ubuntu 15.10 - PHP 5.6 (wily) + #dockerfile: Ubuntu-HHVM # Ubuntu 14.04 - HHVM (trusty) + #dockerfile: Centos-7 # CentOS 7 - PHP 5.4 links: - mysql #- postgres @@ -28,8 +34,9 @@ main: # Webserver ####################################### web: - build: docker/httpd/ - #build: docker/nginx/ + build: docker/web + dockerfile: Apache-Httpd # Apache HTTPd + #dockerfile: Nginx # Nginx ports: - 8000:80 - 8443:443 @@ -45,7 +52,7 @@ web: # MySQL server ####################################### mysql: - build: docker/mysql/ + build: docker/mysql/ # MySQL, MariaDB or PerconaDB ports: - 13306:3306 volumes_from: diff --git a/docker-env.yml b/docker-env.yml index 6351ec0..1b7f97e 100644 --- a/docker-env.yml +++ b/docker-env.yml @@ -14,11 +14,6 @@ DOCUMENT_ROOT=code/ DOCUMENT_INDEX=index.php CLI_SCRIPT=php typo3/cli_dispatch.phpsh -# SYMFONY FRAMEWORK -#DOCUMENT_ROOT=code/web/ -#DOCUMENT_INDEX=app_dev.php -#CLI_SCRIPT=php app/console - # NEOS or FLOW #DOCUMENT_ROOT=code/Web/ #DOCUMENT_INDEX=index.php @@ -32,6 +27,16 @@ FLOW_REWRITEURLS=1 SYMFONY_ENV=dev SYMFONY_DEBUG=0 +####################################### +# PROVISION environment + +# Context for provision [development|production] +PROVISION_CONTEXT=development + +# PHP Modules +PROVISION_PHP_BLACKFIRE=1 +PROVISION_PHP_XDEBUG=1 + ####################################### # Mail @@ -70,10 +75,6 @@ FTP_PASSWORD=dev FTP_PATH=/data/ftp/ #FTP_PATH=/docker/code/ -####################################### -# PHP Settings -PHP_TIMEZONE=UTC - ####################################### # Permission settings EFFECTIVE_UID=1000 diff --git a/docker/elasticsearch/Dockerfile b/docker/elasticsearch/Dockerfile index 1d6d195..9886c6f 100644 --- a/docker/elasticsearch/Dockerfile +++ b/docker/elasticsearch/Dockerfile @@ -1 +1,12 @@ +#++++++++++++++++++++++++++++++++++++++ +# Elasticsearch Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# elasticsearch - official Elasticsaerch +# https://registry.hub.docker.com/u/library/elasticsearch/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM elasticsearch diff --git a/docker/httpd/Dockerfile b/docker/httpd/Dockerfile deleted file mode 100644 index 14ada85..0000000 --- a/docker/httpd/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM httpd:2.4 - -RUN apt-get update && apt-get install -y net-tools - -ADD conf/vhost.conf /usr/local/apache2/conf/.docker-vhost.conf.original -ADD ssl/* /usr/local/apache2/ssl/ -ADD entrypoint.sh /entrypoint.sh - -EXPOSE 80 -EXPOSE 443 -EXPOSE 8000 -EXPOSE 8443 - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["httpd"] diff --git a/docker/mail/Dockerfile b/docker/mail/Dockerfile index ff98445..3bf5d5b 100644 --- a/docker/mail/Dockerfile +++ b/docker/mail/Dockerfile @@ -1 +1,12 @@ +#++++++++++++++++++++++++++++++++++++++ +# Mailcatcher Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Images: +# +# schickling/mailcatcher +# https://registry.hub.docker.com/u/schickling/mailcatcher/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM schickling/mailcatcher diff --git a/docker/main/Centos-7 b/docker/main/Centos-7 new file mode 100644 index 0000000..ad9fac0 --- /dev/null +++ b/docker/main/Centos-7 @@ -0,0 +1,59 @@ +#++++++++++++++++++++++++++++++++++++++ +# Centos PHP Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Prebuild images: +# +# webdevops/php-boilerplate:centos-7 +# +# Official images: +# +# centos:7 - PHP 5.4 +# https://registry.hub.docker.com/u/library/centos/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php-boilerplate:centos-7 + +ENV PROVISION_SYS_UPDATE 0 +ENV PROVISION_PHP_DISTRIBUTION php + +ENV PATH /opt/ansible/bin:/bin:/usr/bin:/sbin:/usr/sbin +ENV PYTHONPATH /opt/ansible/lib +ENV ANSIBLE_LIBRARY /opt/ansible/library + +## +# Bootstrap +## + +COPY conf/centos/locale.conf /opt/docker/locale.conf +COPY bin/centos/bootstrap.sh /opt/docker/bin/bootstrap.sh +COPY bin/provision.sh /opt/docker/bin/provision.sh +COPY bin/logwatch.sh /opt/docker/bin/logwatch.sh +COPY bin/dnsmasq.sh /opt/docker/bin/dnsmasq.sh +COPY provision /opt/docker/provision/ + +RUN bash /opt/docker/bin/bootstrap.sh +RUN bash /opt/docker/bin/provision.sh bootstrap + +## +# Customization +## + +COPY bin/customization.sh /opt/docker/bin/customization.sh +RUN bash /opt/docker/bin/customization.sh + +## +# Config +## + +COPY bin/entrypoint.sh /entrypoint.sh +COPY conf/centos /opt/docker/conf/ + +EXPOSE 9000 + +VOLUME /docker/ +WORKDIR /docker/code/ + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["supervisord"] diff --git a/docker/main/Dockerfile b/docker/main/Dockerfile deleted file mode 100644 index c09328f..0000000 --- a/docker/main/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -FROM ubuntu:14.04 - -# Ensure UTF-8 -RUN locale-gen en_US.UTF-8 -ENV LANG en_US.UTF-8 -ENV LC_ALL en_US.UTF-8 - -COPY conf/supervisord.conf /etc/supervisor/conf.d/supervisord.conf -COPY conf/locale.conf /opt/docker/locale.conf -COPY bin/* /opt/docker/ -ADD entrypoint.sh /entrypoint.sh - -RUN bash /opt/docker/install.sh -RUN bash /opt/docker/customization.sh - -COPY conf/php.ini /etc/php5/mods-available/docker-boilerplate.ini - -EXPOSE 9000 - -VOLUME /docker/ -WORKDIR /docker/code/ - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["supervisord"] diff --git a/docker/main/Ubuntu-12.04 b/docker/main/Ubuntu-12.04 new file mode 100644 index 0000000..8965703 --- /dev/null +++ b/docker/main/Ubuntu-12.04 @@ -0,0 +1,60 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu PHP Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Prebuild images: +# +# webdevops/php-boilerplate:ubuntu-12.04 +# +# Official images: +# +# ubuntu:12.04 - PHP 5.3, LTS (precise) +# https://registry.hub.docker.com/u/library/ubuntu/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php-boilerplate:ubuntu-12.04 + +ENV PROVISION_SYS_UPDATE 0 +ENV PROVISION_PHP_DISTRIBUTION php + +# Ensure UTF-8 +RUN locale-gen en_US.UTF-8 +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 + +## +# Bootstrap +## + +COPY conf/ubuntu/locale.conf /opt/docker/locale.conf +COPY bin/ubuntu/bootstrap.sh /opt/docker/bin/bootstrap.sh +COPY bin/provision.sh /opt/docker/bin/provision.sh +COPY bin/logwatch.sh /opt/docker/bin/logwatch.sh +COPY bin/dnsmasq.sh /opt/docker/bin/dnsmasq.sh +COPY provision /opt/docker/provision/ + +RUN bash /opt/docker/bin/bootstrap.sh +RUN bash /opt/docker/bin/provision.sh bootstrap + +## +# Customization +## + +COPY bin/customization.sh /opt/docker/bin/customization.sh +RUN bash /opt/docker/bin/customization.sh + +## +# Config +## + +COPY bin/entrypoint.sh /entrypoint.sh +COPY conf/ubuntu /opt/docker/conf/ + +EXPOSE 9000 + +VOLUME /docker/ +WORKDIR /docker/code/ + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["supervisord"] diff --git a/docker/main/Ubuntu-14.04 b/docker/main/Ubuntu-14.04 new file mode 100644 index 0000000..5ae4ed5 --- /dev/null +++ b/docker/main/Ubuntu-14.04 @@ -0,0 +1,60 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu PHP Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Prebuild images: +# +# webdevops/php-boilerplate:ubuntu-14.04 +# +# Official images: +# +# ubuntu:14.04 - PHP 5.5, LTS (trusty) +# https://registry.hub.docker.com/u/library/ubuntu/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php-boilerplate:ubuntu-14.04 + +ENV PROVISION_SYS_UPDATE 0 +ENV PROVISION_PHP_DISTRIBUTION php + +# Ensure UTF-8 +RUN locale-gen en_US.UTF-8 +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 + +## +# Bootstrap +## + +COPY conf/ubuntu/locale.conf /opt/docker/locale.conf +COPY bin/ubuntu/bootstrap.sh /opt/docker/bin/bootstrap.sh +COPY bin/provision.sh /opt/docker/bin/provision.sh +COPY bin/logwatch.sh /opt/docker/bin/logwatch.sh +COPY bin/dnsmasq.sh /opt/docker/bin/dnsmasq.sh +COPY provision /opt/docker/provision/ + +RUN bash /opt/docker/bin/bootstrap.sh +RUN bash /opt/docker/bin/provision.sh bootstrap + +## +# Customization +## + +COPY bin/customization.sh /opt/docker/bin/customization.sh +RUN bash /opt/docker/bin/customization.sh + +## +# Config +## + +COPY bin/entrypoint.sh /entrypoint.sh +COPY conf/ubuntu /opt/docker/conf/ + +EXPOSE 9000 + +VOLUME /docker/ +WORKDIR /docker/code/ + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["supervisord"] diff --git a/docker/main/Ubuntu-15.04 b/docker/main/Ubuntu-15.04 new file mode 100644 index 0000000..8778b29 --- /dev/null +++ b/docker/main/Ubuntu-15.04 @@ -0,0 +1,60 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu PHP Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Prebuild images: +# +# webdevops/php-boilerplate:ubuntu-15.04 +# +# Official images: +# +# ubuntu:15.04 - PHP 5.6 (vivid) +# https://registry.hub.docker.com/u/library/ubuntu/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php-boilerplate:ubuntu-15.04 + +ENV PROVISION_SYS_UPDATE 0 +ENV PROVISION_PHP_DISTRIBUTION php + +# Ensure UTF-8 +RUN locale-gen en_US.UTF-8 +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 + +## +# Bootstrap +## + +COPY conf/ubuntu/locale.conf /opt/docker/locale.conf +COPY bin/ubuntu/bootstrap.sh /opt/docker/bin/bootstrap.sh +COPY bin/provision.sh /opt/docker/bin/provision.sh +COPY bin/logwatch.sh /opt/docker/bin/logwatch.sh +COPY bin/dnsmasq.sh /opt/docker/bin/dnsmasq.sh +COPY provision /opt/docker/provision/ + +RUN bash /opt/docker/bin/bootstrap.sh +RUN bash /opt/docker/bin/provision.sh bootstrap + +## +# Customization +## + +COPY bin/customization.sh /opt/docker/bin/customization.sh +RUN bash /opt/docker/bin/customization.sh + +## +# Config +## + +COPY bin/entrypoint.sh /entrypoint.sh +COPY conf/ubuntu /opt/docker/conf/ + +EXPOSE 9000 + +VOLUME /docker/ +WORKDIR /docker/code/ + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["supervisord"] diff --git a/docker/main/Ubuntu-15.10 b/docker/main/Ubuntu-15.10 new file mode 100644 index 0000000..f8a5642 --- /dev/null +++ b/docker/main/Ubuntu-15.10 @@ -0,0 +1,60 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu PHP Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Prebuild images: +# +# webdevops/php-boilerplate:ubuntu-15.10 +# +# Official images: +# +# ubuntu:15.10 - PHP 5.6 (wily) +# https://registry.hub.docker.com/u/library/ubuntu/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php-boilerplate:ubuntu-15.10 + +ENV PROVISION_SYS_UPDATE 0 +ENV PROVISION_PHP_DISTRIBUTION php + +# Ensure UTF-8 +RUN locale-gen en_US.UTF-8 +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 + +## +# Bootstrap +## + +COPY conf/ubuntu/locale.conf /opt/docker/locale.conf +COPY bin/ubuntu/bootstrap.sh /opt/docker/bin/bootstrap.sh +COPY bin/provision.sh /opt/docker/bin/provision.sh +COPY bin/logwatch.sh /opt/docker/bin/logwatch.sh +COPY bin/dnsmasq.sh /opt/docker/bin/dnsmasq.sh +COPY provision /opt/docker/provision/ + +RUN bash /opt/docker/bin/bootstrap.sh +RUN bash /opt/docker/bin/provision.sh bootstrap + +## +# Customization +## + +COPY bin/customization.sh /opt/docker/bin/customization.sh +RUN bash /opt/docker/bin/customization.sh + +## +# Config +## + +COPY bin/entrypoint.sh /entrypoint.sh +COPY conf/ubuntu /opt/docker/conf/ + +EXPOSE 9000 + +VOLUME /docker/ +WORKDIR /docker/code/ + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["supervisord"] diff --git a/docker/main/Ubuntu-HHVM b/docker/main/Ubuntu-HHVM new file mode 100644 index 0000000..de14ec3 --- /dev/null +++ b/docker/main/Ubuntu-HHVM @@ -0,0 +1,60 @@ +#++++++++++++++++++++++++++++++++++++++ +# Ubuntu PHP Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Prebuild images: +# +# webdevops/php-boilerplate:ubuntu-14.04 +# +# Official images: +# +# ubuntu:14.04 - PHP 5.5, LTS (trusty) +# https://registry.hub.docker.com/u/library/ubuntu/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM webdevops/php-boilerplate:ubuntu-14.04 + +ENV PROVISION_SYS_UPDATE 0 +ENV PROVISION_PHP_DISTRIBUTION hhvm + +# Ensure UTF-8 +RUN locale-gen en_US.UTF-8 +ENV LANG en_US.UTF-8 +ENV LC_ALL en_US.UTF-8 + +## +# Bootstrap +## + +COPY conf/ubuntu/locale.conf /opt/docker/locale.conf +COPY bin/ubuntu/bootstrap.sh /opt/docker/bin/bootstrap.sh +COPY bin/provision.sh /opt/docker/bin/provision.sh +COPY bin/logwatch.sh /opt/docker/bin/logwatch.sh +COPY bin/dnsmasq.sh /opt/docker/bin/dnsmasq.sh +COPY provision /opt/docker/provision/ + +RUN bash /opt/docker/bin/bootstrap.sh +RUN bash /opt/docker/bin/provision.sh bootstrap + +## +# Customization +## + +COPY bin/customization.sh /opt/docker/bin/customization.sh +RUN bash /opt/docker/bin/customization.sh + +## +# Config +## + +COPY bin/entrypoint.sh /entrypoint.sh +COPY conf/ubuntu-hhvm /opt/docker/conf/ + +EXPOSE 9000 + +VOLUME /docker/ +WORKDIR /docker/code/ + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["supervisord"] diff --git a/docker/main/bin/centos/bootstrap.sh b/docker/main/bin/centos/bootstrap.sh new file mode 100644 index 0000000..dd618db --- /dev/null +++ b/docker/main/bin/centos/bootstrap.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +if [ ! -d '/opt/ansible/' ]; then + yum clean all + yum -y install \ + epel-release \ + PyYAML \ + python-jinja2 \ + python-httplib2 \ + python-keyczar \ + python-paramiko \ + python-setuptools \ + git \ + python-pip + + git clone --recursive http://github.com/ansible/ansible.git /opt/ansible +fi \ No newline at end of file diff --git a/docker/main/bin/dnsmasq.sh b/docker/main/bin/dnsmasq.sh index 8da4dfa..67ee59f 100644 --- a/docker/main/bin/dnsmasq.sh +++ b/docker/main/bin/dnsmasq.sh @@ -6,9 +6,6 @@ sleep 5 if [ ! -f "/opt/docker/.resolv.conf" ]; then ## backup original file cp /etc/resolv.conf /opt/docker/.resolv.conf - - ## Copy resolv.conf for dnsmasq (default resolver) - cp /etc/resolv.conf /var/run/dnsmasq/resolv.conf fi ## Restore original resolvconf @@ -32,16 +29,12 @@ function dnsmasq_start() { done ## set forward servers - cat /var/run/dnsmasq/resolv.conf | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward - - ## (re)start dnsmasq as DNS server - service dnsmasq restart + cat /opt/docker/.resolv.conf | grep nameserver | sed 's/nameserver /server=/' > /etc/dnsmasq.d/forward ## set dnsmasq to main nameserver echo "nameserver 127.0.0.1" > /etc/resolv.conf - ## wait for 10 hours - sleep 10h + dnsmasq --keep-in-foreground } ## Fetch IP from services diff --git a/docker/main/entrypoint.sh b/docker/main/bin/entrypoint.sh similarity index 77% rename from docker/main/entrypoint.sh rename to docker/main/bin/entrypoint.sh index 838c922..4bd8471 100755 --- a/docker/main/entrypoint.sh +++ b/docker/main/bin/entrypoint.sh @@ -1,17 +1,14 @@ #!/bin/bash set -e -## Init system -source /opt/docker/init-system.sh -## Init MySQL (client) -source /opt/docker/init-mysql.sh - -## Init SSMTP -source /opt/docker/init-ssmtp.sh - -## Init PHP and PHP-FPM -source /opt/docker/init-php.sh +if [ "$1" == "supervisord" ]; then + # Visible provisioning + bash /opt/docker/bin/provision.sh entrypoint +else + # Hidden provisioning + bash /opt/docker/bin/provision.sh entrypoint > /dev/null +fi ############################# ## COMMAND @@ -29,7 +26,8 @@ case "$1" in echo "${ETH0_IP} main main_1" > /data/dns/main.hosts ## Start services - exec supervisord + cd / + exec supervisord -c /opt/docker/conf/supervisord.conf --logfile /dev/null --pidfile /dev/null --user root ;; ## Root shell diff --git a/docker/main/bin/init-mysql.sh b/docker/main/bin/init-mysql.sh deleted file mode 100644 index 821754d..0000000 --- a/docker/main/bin/init-mysql.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/usr/bin/env bash - -############################# -## Init MySQL -############################# - -echo "[client] -host=mysql -user=\"root\" -password=\"$MYSQL_ROOT_PASSWORD\" - -[mysql] -host=mysql -user=\"root\" -password=\"$MYSQL_ROOT_PASSWORD\" -database=\"$MYSQL_DATABASE\" -default-character-set=utf8 -local-infile=1 -show-warnings -auto-rehash -sigint-ignore -reconnect - -[mysqldump] -host=mysql -user=\"root\" -password=\"$MYSQL_ROOT_PASSWORD\" - -" | tee /root/.my.cnf > /home/.my.cnf diff --git a/docker/main/bin/init-php.sh b/docker/main/bin/init-php.sh deleted file mode 100644 index de8f251..0000000 --- a/docker/main/bin/init-php.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/usr/bin/env bash - -############################# -## Init PHP -############################# -echo " -date.timezone = ${PHP_TIMEZONE} -" >> /etc/php5/mods-available/docker-boilerplate.ini - -############################# -## Init PHP-FPM -############################# - -# Backup original -if [ ! -f "/opt/docker/.fpm-www.conf" ]; then - cp /etc/php5/fpm/pool.d/www.conf /opt/docker/.fpm-www.conf -fi - -## Remove old logs -rm -f -- /tmp/php.access.log /tmp/php.slow.log /tmp/php.error.log -touch -- /tmp/php.access.log /tmp/php.slow.log /tmp/php.error.log -chmod 666 /tmp/php.access.log /tmp/php.slow.log /tmp/php.error.log - -# Restore original -cp /opt/docker/.fpm-www.conf /etc/php5/fpm/pool.d/www.conf -sed -i "s@listen = /var/run/php5-fpm.sock@listen = 9000@" /etc/php5/fpm/pool.d/www.conf - -# Manipulate php-fpm configuration -echo " -; Server resource settings - -pm.max_children = 10 -pm.start_servers = 2 -pm.min_spare_servers = 1 -pm.max_spare_servers = 3 - -catch_workers_output = yes - -access.format = \"%R - %u %t \\\"%m %r%Q%q\\\" %s %f cpu:%C%% mem:%{megabytes}M reqTime:%d\" -access.log = /tmp/php.access.log -slowlog = /tmp/php.slow.log -request_slowlog_timeout = 30s - -php_admin_value[error_log] = /tmp/php.error.log -php_admin_flag[log_errors] = on - -env[TYPO3_CONTEXT] = ${TYPO3_CONTEXT} -env[FLOW_CONTEXT] = ${FLOW_CONTEXT} -env[FLOW_REWRITEURLS] = ${FLOW_REWRITEURLS} -" >> /etc/php5/fpm/pool.d/www.conf diff --git a/docker/main/bin/init-ssmtp.sh b/docker/main/bin/init-ssmtp.sh deleted file mode 100644 index 4bf8972..0000000 --- a/docker/main/bin/init-ssmtp.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env bash - -############################# -## Init SSMTP -############################# - -sed -i "s/mailhub=.*/mailhub=${MAIL_GATEWAY}/" /etc/ssmtp/ssmtp.conf -sed -i "s/#FromLineOverride=.*/FromLineOverride=YES/" /etc/ssmtp/ssmtp.conf diff --git a/docker/main/bin/init-system.sh b/docker/main/bin/init-system.sh deleted file mode 100644 index fb98e9c..0000000 --- a/docker/main/bin/init-system.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash - -## Set uid/gid for www-data user -usermod --uid "${EFFECTIVE_UID}" --shell /bin/bash --home /home www-data > /dev/null -groupmod --gid "${EFFECTIVE_GID}" www-data > /dev/null diff --git a/docker/main/bin/install.sh b/docker/main/bin/install.sh deleted file mode 100644 index afa5da7..0000000 --- a/docker/main/bin/install.sh +++ /dev/null @@ -1,106 +0,0 @@ -#!/usr/bin/env bash - -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value - -export DEBIAN_FRONTEND="noninteractive" - -############################# -# Modify user -############################# - -usermod --shell /bin/bash --home /home www-data -chown www-data:www-data /home - -## Fix terminal -echo 'export TERM="xterm-color"' >> /root/.bashrc -echo 'export TERM="xterm-color"' >> /home/.bashrc - -############################# -# Common tasks -############################# - -mkdir -p /opt/docker/ \ - /var/log/supervisor - -############################# -# Install packages -############################# - -apt-get update - -apt-get install -y \ - supervisor \ - dnsmasq \ - ssmtp \ - php5-cli \ - php5-fpm \ - php5-json \ - php5-intl \ - php5-curl \ - php5-mysqlnd \ - php5-xdebug \ - php5-memcached \ - php5-mcrypt \ - php5-gd \ - php5-sqlite \ - php5-xmlrpc \ - php5-xsl \ - php5-geoip \ - php5-ldap \ - php5-memcache \ - php5-memcached - -apt-get install -y \ - graphicsmagick \ - zip \ - unzip \ - wget \ - curl \ - mysql-client \ - moreutils \ - dnsutils - -############################# -# Generate locales -############################# - -cat /opt/docker/locale.conf >> /var/lib/locales/supported.d/local -locale-gen - -############################# -# Enable php modules -############################# -## custom config -touch /etc/php5/mods-available/docker-boilerplate.ini -php5enmod docker-boilerplate - -# enable ext mcrypt -php5enmod mcrypt - -############################# -# Composer -############################# - -curl -sS https://getcomposer.org/installer | php -mv composer.phar /usr/local/bin/composer - - -############################# -# Dnsmasq -############################# - -## Fix dnsmasqd -echo " -user=root -conf-dir=/etc/dnsmasq.d -" >> /etc/dnsmasq.conf - -############################# -# Cleanup -############################# - -apt-get clean -y -apt-get autoclean -y diff --git a/docker/main/bin/provision.sh b/docker/main/bin/provision.sh new file mode 100644 index 0000000..94a46e9 --- /dev/null +++ b/docker/main/bin/provision.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +export PYTHONUNBUFFERED=1 + +ANSIBLE_DIR='/opt/docker/provision' + +ANSIBLE_TAG="$1" + +ANSIBLE_OPTS="" + +# workaround if windows +chmod -x "$ANSIBLE_DIR/inventory" + +# run ansible +ansible-playbook "${ANSIBLE_DIR}/playbook.yml" --inventory="${ANSIBLE_DIR}/inventory" --tags="${ANSIBLE_TAG}" $ANSIBLE_OPTS diff --git a/docker/main/bin/ubuntu/bootstrap.sh b/docker/main/bin/ubuntu/bootstrap.sh new file mode 100644 index 0000000..a8060f6 --- /dev/null +++ b/docker/main/bin/ubuntu/bootstrap.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value + +export DEBIAN_FRONTEND="noninteractive" + +# workaround for slow/freezing apt inside docker(?) +echo 'Acquire::http::Pipeline-Depth "0";' >> /etc/apt/apt.conf.d/00no-pipeline + +if [ -z "`which ansible`" ]; then + # install apt-add-repository if needed + if [ -z "`which apt-add-repository`" ]; then + + apt-get update -q + apt-get install -y --no-install-recommends lsb-release + + + if [ "`lsb_release -r -s`" = '12.04' ]; then + apt-get install -y python-software-properties + else + apt-get install -y software-properties-common + fi + fi + + # Register and install ansible + apt-add-repository ppa:ansible/ansible + apt-get update -q + apt-get install -y ansible python-apt aptitude +fi \ No newline at end of file diff --git a/docker/main/conf/locale.conf b/docker/main/conf/centos/locale.conf similarity index 100% rename from docker/main/conf/locale.conf rename to docker/main/conf/centos/locale.conf diff --git a/docker/main/conf/centos/supervisord.conf b/docker/main/conf/centos/supervisord.conf new file mode 100644 index 0000000..f12afda --- /dev/null +++ b/docker/main/conf/centos/supervisord.conf @@ -0,0 +1,53 @@ +[supervisord] +nodaemon=true + +[unix_http_server] +file = /var/tmp/supervisor.sock + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[program:php-fpm] +command = /sbin/php-fpm +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:dnsmasq] +command = bash /opt/docker/bin/dnsmasq.sh +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-log-access] +command = bash /opt/docker/bin/logwatch.sh php:access /tmp/php.access.log +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-log-slow] +command = bash /opt/docker/bin/logwatch.sh php:slow /tmp/php.slow.log +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-log-error] +command = bash /opt/docker/bin/logwatch.sh php:error /tmp/php.error.log +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/main/conf/ubuntu-hhvm/locale.conf b/docker/main/conf/ubuntu-hhvm/locale.conf new file mode 100644 index 0000000..7410061 --- /dev/null +++ b/docker/main/conf/ubuntu-hhvm/locale.conf @@ -0,0 +1,11 @@ +en_GB.UTF-8 UTF-8 +en_GB ISO-8859-1 +en_GB.ISO-8859-15 ISO-8859-15 + +en_US.UTF-8 UTF-8 +en_US ISO-8859-1 +en_US.ISO-8859-15 ISO-8859-15 + +de_DE.UTF-8 UTF-8 +de_DE ISO-8859-1 +de_DE@euro ISO-8859-15 \ No newline at end of file diff --git a/docker/main/conf/supervisord.conf b/docker/main/conf/ubuntu-hhvm/supervisord.conf similarity index 66% rename from docker/main/conf/supervisord.conf rename to docker/main/conf/ubuntu-hhvm/supervisord.conf index d9802c9..bda2234 100644 --- a/docker/main/conf/supervisord.conf +++ b/docker/main/conf/ubuntu-hhvm/supervisord.conf @@ -1,8 +1,12 @@ [supervisord] nodaemon=true -[program:php-fpm] -command = /usr/sbin/php5-fpm --nodaemonize +[unix_http_server] +file = /var/tmp/supervisor.sock + +[program:hhvm] +command = /usr/bin/hhvm --mode server -vServer.Type=fastcgi -vServer.Port=9000 +user = www-data autostart = true autorestart = true stdout_logfile=/dev/stdout @@ -11,7 +15,7 @@ stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 [program:dnsmasq] -command = bash /opt/docker/dnsmasq.sh +command = bash /opt/docker/bin/dnsmasq.sh autostart = true autorestart = true stdout_logfile=/dev/stdout @@ -20,7 +24,7 @@ stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 [program:php-log-access] -command = bash /opt/docker/logwatch.sh php:access /tmp/php.access.log +command = bash /opt/docker/bin/logwatch.sh php:access /tmp/php.access.log autostart = true autorestart = true stdout_logfile=/dev/stdout @@ -29,7 +33,7 @@ stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 [program:php-log-slow] -command = bash /opt/docker/logwatch.sh php:slow /tmp/php.slow.log +command = bash /opt/docker/bin/logwatch.sh php:slow /tmp/php.slow.log autostart = true autorestart = true stdout_logfile=/dev/stdout @@ -38,7 +42,7 @@ stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 [program:php-log-error] -command = bash /opt/docker/logwatch.sh php:error /tmp/php.error.log +command = bash /opt/docker/bin/logwatch.sh php:error /tmp/php.error.log autostart = true autorestart = true stdout_logfile=/dev/stdout diff --git a/docker/main/conf/ubuntu/locale.conf b/docker/main/conf/ubuntu/locale.conf new file mode 100644 index 0000000..7410061 --- /dev/null +++ b/docker/main/conf/ubuntu/locale.conf @@ -0,0 +1,11 @@ +en_GB.UTF-8 UTF-8 +en_GB ISO-8859-1 +en_GB.ISO-8859-15 ISO-8859-15 + +en_US.UTF-8 UTF-8 +en_US ISO-8859-1 +en_US.ISO-8859-15 ISO-8859-15 + +de_DE.UTF-8 UTF-8 +de_DE ISO-8859-1 +de_DE@euro ISO-8859-15 \ No newline at end of file diff --git a/docker/main/conf/ubuntu/supervisord.conf b/docker/main/conf/ubuntu/supervisord.conf new file mode 100644 index 0000000..618da4d --- /dev/null +++ b/docker/main/conf/ubuntu/supervisord.conf @@ -0,0 +1,53 @@ +[supervisord] +nodaemon=true + +[unix_http_server] +file = /var/run/supervisor.sock + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[program:php-fpm] +command = /usr/sbin/php5-fpm +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:dnsmasq] +command = bash /opt/docker/bin/dnsmasq.sh +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-log-access] +command = bash /opt/docker/bin/logwatch.sh php:access /tmp/php.access.log +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-log-slow] +command = bash /opt/docker/bin/logwatch.sh php:slow /tmp/php.slow.log +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-log-error] +command = bash /opt/docker/bin/logwatch.sh php:error /tmp/php.error.log +autostart = true +autorestart = true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/docker/main/provision/ansible.cfg b/docker/main/provision/ansible.cfg new file mode 100644 index 0000000..e69de29 diff --git a/docker/main/provision/inventory b/docker/main/provision/inventory new file mode 100644 index 0000000..00639f8 --- /dev/null +++ b/docker/main/provision/inventory @@ -0,0 +1 @@ +localhost ansible_connection=local \ No newline at end of file diff --git a/docker/main/provision/playbook.yml b/docker/main/provision/playbook.yml new file mode 100755 index 0000000..19ac3b0 --- /dev/null +++ b/docker/main/provision/playbook.yml @@ -0,0 +1,17 @@ +- hosts: all + vars_files: + - /opt/docker/provision/variables.yml + roles: + - init + - { role: update, when: PROVISION.SYS.UPDATE == "1" } + - packages + - locales + - users + - supervisord + - dnsmasqd + - ssmtp + - { role: php, when: PROVISION.PHP.DISTRIBUTION == "php" } + - { role: hhvm, when: PROVISION.PHP.DISTRIBUTION == "hhvm" } + - mysql + - composer + - finalize diff --git a/docker/main/provision/roles/composer/tasks/install.yml b/docker/main/provision/roles/composer/tasks/install.yml new file mode 100644 index 0000000..c1127e4 --- /dev/null +++ b/docker/main/provision/roles/composer/tasks/install.yml @@ -0,0 +1,2 @@ +- name: Install composer (phar) + raw: 'curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin/ --filename=composer' diff --git a/docker/main/provision/roles/composer/tasks/main.yml b/docker/main/provision/roles/composer/tasks/main.yml new file mode 100644 index 0000000..e3418cb --- /dev/null +++ b/docker/main/provision/roles/composer/tasks/main.yml @@ -0,0 +1,3 @@ +- include: install.yml + tags: + - bootstrap diff --git a/docker/main/provision/roles/dnsmasqd/tasks/install.yml b/docker/main/provision/roles/dnsmasqd/tasks/install.yml new file mode 100644 index 0000000..6071ec3 --- /dev/null +++ b/docker/main/provision/roles/dnsmasqd/tasks/install.yml @@ -0,0 +1,25 @@ +- name: Install dnsmasqd + apt: + name: '{{ item }}' + state: present + when: ansible_distribution == 'Ubuntu' + with_items: + - dnsmasq + +- name: Install dnsmasqd + yum: + name: '{{ item }}' + state: present + when: ansible_distribution == 'CentOS' + with_items: + - dnsmasq + +- name: Configure dnsmasq + lineinfile: + dest: /etc/dnsmasq.conf + regexp: '^[\s]*{{ item.key }}[\s]*=' + line: '{{ item.key }}={{ item.value }}' + with_items: + - { key: 'user', value: 'root' } + - { key: 'conf-dir', value: '/etc/dnsmasq.d' } + diff --git a/docker/main/provision/roles/dnsmasqd/tasks/main.yml b/docker/main/provision/roles/dnsmasqd/tasks/main.yml new file mode 100644 index 0000000..e3418cb --- /dev/null +++ b/docker/main/provision/roles/dnsmasqd/tasks/main.yml @@ -0,0 +1,3 @@ +- include: install.yml + tags: + - bootstrap diff --git a/docker/main/provision/roles/finalize/tasks/cleanup.yml b/docker/main/provision/roles/finalize/tasks/cleanup.yml new file mode 100644 index 0000000..aaf085d --- /dev/null +++ b/docker/main/provision/roles/finalize/tasks/cleanup.yml @@ -0,0 +1,11 @@ +- name: Cleanup apt + command: apt-get clean -y + when: ansible_distribution == 'Ubuntu' + +- name: Cleanup apt + command: apt-get autoclean -y + when: ansible_distribution == 'Ubuntu' + +- name: Cleanup yum + command: yum clean all + when: ansible_distribution == 'CentOS' diff --git a/docker/main/provision/roles/finalize/tasks/main.yml b/docker/main/provision/roles/finalize/tasks/main.yml new file mode 100644 index 0000000..bfb1442 --- /dev/null +++ b/docker/main/provision/roles/finalize/tasks/main.yml @@ -0,0 +1,3 @@ +- include: cleanup.yml + tags: + - bootstrap diff --git a/docker/main/provision/roles/hhvm/tasks/configuration.yml b/docker/main/provision/roles/hhvm/tasks/configuration.yml new file mode 100644 index 0000000..e69de29 diff --git a/docker/main/provision/roles/hhvm/tasks/install.yml b/docker/main/provision/roles/hhvm/tasks/install.yml new file mode 100644 index 0000000..d122c1f --- /dev/null +++ b/docker/main/provision/roles/hhvm/tasks/install.yml @@ -0,0 +1,30 @@ +- name: Install hhvm gpg key + apt_key: + url: http://dl.hhvm.com/conf/hhvm.gpg.key + state: present + +- name: Add hhvm deb repository + apt_repository: + repo: 'deb http://dl.hhvm.com/ubuntu trusty main' + state: present + +- name: Install hhvm packages + apt: + pkg: '{{ item }}' + state: latest + update_cache: yes + force: yes + with_items: + - hhvm-fastcgi + +- name: check hhvm path + shell: which hhvm + register: current_hhvm + ignore_errors: True + +- name: Symlink hhvm as php + file: + src: '{{ current_hhvm.stdout }}' + dest: /usr/bin/php + state: link + force: yes \ No newline at end of file diff --git a/docker/main/provision/roles/hhvm/tasks/main.yml b/docker/main/provision/roles/hhvm/tasks/main.yml new file mode 100644 index 0000000..35d0963 --- /dev/null +++ b/docker/main/provision/roles/hhvm/tasks/main.yml @@ -0,0 +1,7 @@ +- include: install.yml + tags: + - bootstrap + +- include: configuration.yml + tags: + - entrypoint diff --git a/docker/main/provision/roles/init/tasks/main.yml b/docker/main/provision/roles/init/tasks/main.yml new file mode 100644 index 0000000..ab9af8c --- /dev/null +++ b/docker/main/provision/roles/init/tasks/main.yml @@ -0,0 +1,5 @@ +- name: Update package cache (apt-get update) ... will take some time + apt: update_cache=yes + when: ansible_distribution == 'Ubuntu' + tags: + - bootstrap diff --git a/docker/main/provision/roles/locales/tasks/generate.yml b/docker/main/provision/roles/locales/tasks/generate.yml new file mode 100644 index 0000000..21ffe74 --- /dev/null +++ b/docker/main/provision/roles/locales/tasks/generate.yml @@ -0,0 +1,5 @@ +- name: Copy defined locales + raw: 'cat /opt/docker/locale.conf >> /var/lib/locales/supported.d/local' + +- name: Generate locales + command: locale-gen diff --git a/docker/main/provision/roles/locales/tasks/main.yml b/docker/main/provision/roles/locales/tasks/main.yml new file mode 100644 index 0000000..82ec09e --- /dev/null +++ b/docker/main/provision/roles/locales/tasks/main.yml @@ -0,0 +1,4 @@ +- include: generate.yml + when: ansible_distribution == 'Ubuntu' + tags: + - bootstrap diff --git a/docker/main/provision/roles/mysql/tasks/configuration.yml b/docker/main/provision/roles/mysql/tasks/configuration.yml new file mode 100644 index 0000000..0840ffa --- /dev/null +++ b/docker/main/provision/roles/mysql/tasks/configuration.yml @@ -0,0 +1,15 @@ +- name: Deploy root my.cnf + template: + src: my.cnf.j2 + dest: /root/.my.cnf + owner: root + group: root + mode: 0644 + +- name: Deploy user my.cnf + template: + src: my.cnf.j2 + dest: /home/.my.cnf + owner: "{{ DOCKER.CLI_USER }}" + group: "{{ DOCKER.CLI_USER }}" + mode: 0644 diff --git a/docker/main/provision/roles/mysql/tasks/install.yml b/docker/main/provision/roles/mysql/tasks/install.yml new file mode 100644 index 0000000..3506ae2 --- /dev/null +++ b/docker/main/provision/roles/mysql/tasks/install.yml @@ -0,0 +1,15 @@ +- name: Install mysql client + apt: + name: '{{ item }}' + state: present + when: ansible_distribution == 'Ubuntu' + with_items: + - mysql-client + +- name: Install mysql client + yum: + name: '{{ item }}' + state: present + when: ansible_distribution == 'CentOS' + with_items: + - mysql diff --git a/docker/main/provision/roles/mysql/tasks/main.yml b/docker/main/provision/roles/mysql/tasks/main.yml new file mode 100644 index 0000000..35d0963 --- /dev/null +++ b/docker/main/provision/roles/mysql/tasks/main.yml @@ -0,0 +1,7 @@ +- include: install.yml + tags: + - bootstrap + +- include: configuration.yml + tags: + - entrypoint diff --git a/docker/main/provision/roles/mysql/templates/my.cnf.j2 b/docker/main/provision/roles/mysql/templates/my.cnf.j2 new file mode 100644 index 0000000..c0aaee8 --- /dev/null +++ b/docker/main/provision/roles/mysql/templates/my.cnf.j2 @@ -0,0 +1,21 @@ +[client] +host=mysql +user="root" +password="{{ DOCKER.MYSQL_ROOT_PASSWORD }}" + +[mysql] +host=mysql +user="root" +password="{{ DOCKER.MYSQL_ROOT_PASSWORD }}" +database="{{ DOCKER.MYSQL_DATABASE }}" +default-character-set=utf8 +local-infile=1 +show-warnings +auto-rehash +sigint-ignore +reconnect + +[mysqldump] +host=mysql +user="root" +password="{{ DOCKER.MYSQL_ROOT_PASSWORD }}" \ No newline at end of file diff --git a/docker/main/provision/roles/packages/tasks/main.yml b/docker/main/provision/roles/packages/tasks/main.yml new file mode 100644 index 0000000..476059b --- /dev/null +++ b/docker/main/provision/roles/packages/tasks/main.yml @@ -0,0 +1,9 @@ +- include: packages-centos.yml + when: ansible_distribution == 'CentOS' + tags: + - bootstrap + +- include: packages-ubuntu.yml + when: ansible_distribution == 'Ubuntu' + tags: + - bootstrap diff --git a/docker/main/provision/roles/packages/tasks/packages-centos.yml b/docker/main/provision/roles/packages/tasks/packages-centos.yml new file mode 100644 index 0000000..92b50bb --- /dev/null +++ b/docker/main/provision/roles/packages/tasks/packages-centos.yml @@ -0,0 +1,49 @@ +- name: Install packages (system tools) + yum: + name: '{{ item }}' + state: present + with_items: + - sudo + +- name: Install packages (compression tools) + yum: + name: '{{ item }}' + state: present + with_items: + - zip + - unzip + - bzip2 + +- name: Install packages (graphic tools) + yum: + name: '{{ item }}' + state: present + with_items: + - ImageMagick + +- name: Install packages (network tools) + yum: + name: '{{ item }}' + state: present + with_items: + - wget + - curl + - net-tools + - rsync + +- name: Install packages (development tools) + yum: + name: '{{ item }}' + state: present + with_items: + - git + +- name: Install packages (general tools) + yum: + name: '{{ item }}' + state: present + with_items: + - moreutils + - bind-utils + - pygpgme + diff --git a/docker/main/provision/roles/packages/tasks/packages-ubuntu.yml b/docker/main/provision/roles/packages/tasks/packages-ubuntu.yml new file mode 100644 index 0000000..b6f95d5 --- /dev/null +++ b/docker/main/provision/roles/packages/tasks/packages-ubuntu.yml @@ -0,0 +1,48 @@ +- name: Install packages (system tools) + apt: + name: '{{ item }}' + state: present + with_items: + - sudo + +- name: Install packages (compression tools) + apt: + name: '{{ item }}' + state: present + with_items: + - zip + - unzip + - bzip2 + +- name: Install packages (graphic tools) + apt: + name: '{{ item }}' + state: present + with_items: + - imagemagick + - graphicsmagick + +- name: Install packages (network tools) + apt: + name: '{{ item }}' + state: present + with_items: + - wget + - curl + - net-tools + - rsync + +- name: Install packages (development tools) + apt: + name: '{{ item }}' + state: present + with_items: + - git + +- name: Install packages (general tools) + apt: + name: '{{ item }}' + state: present + with_items: + - moreutils + - dnsutils diff --git a/docker/main/provision/roles/php/tasks/centos/blackfire.yml b/docker/main/provision/roles/php/tasks/centos/blackfire.yml new file mode 100644 index 0000000..20ceb74 --- /dev/null +++ b/docker/main/provision/roles/php/tasks/centos/blackfire.yml @@ -0,0 +1,24 @@ +- name: Add blackfire.io key + rpm_key: + key: https://packagecloud.io/gpg.key + state: present + +- name: Add blackfire.io repository + get_url: + url: http://packages.blackfire.io/fedora/blackfire.repo + dest: /etc/yum.repos.d/blackfire.repo + mode: 0644 + +- name: Disable gpg check for blackfire (CentOS 7 workaround) + lineinfile: + dest: /etc/yum.repos.d/blackfire.repo + regexp: '^repo_gpgcheck=1' + line: 'repo_gpgcheck=0' + when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' + +- name: Install blackfire-php + yum: + name: '{{ item }}' + state: present + with_items: + - blackfire-php diff --git a/docker/main/provision/roles/php/tasks/centos/configuration.yml b/docker/main/provision/roles/php/tasks/centos/configuration.yml new file mode 100644 index 0000000..971d65f --- /dev/null +++ b/docker/main/provision/roles/php/tasks/centos/configuration.yml @@ -0,0 +1,36 @@ +- name: Configure php-fpm (pool www.conf) + lineinfile: + dest: /etc/php-fpm.d/www.conf + regexp: '^{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + # User + - { key: 'user', value: '{{ DOCKER.CLI_USER }}' } + - { key: 'group', value: '{{ DOCKER.CLI_USER }}' } + # Env + - { key: 'env[TYPO3_CONTEXT]', value: '{{ DOCKER.TYPO3_CONTEXT }}' } + - { key: 'env[FLOW_CONTEXT]', value: '{{ DOCKER.FLOW_CONTEXT }}' } + - { key: 'env[FLOW_REWRITEURLS]', value: '{{ DOCKER.FLOW_REWRITEURLS }}' } + +- name: Set development environment php.ini + file: + src: '/docker/etc/php/development.ini' + dest: '/opt/docker/conf/php.ini' + force: yes + state: link + when: PROVISION.CONTEXT == "development" or PROVISION.CONTEXT == "" + +- name: Enable production environment php.ini + file: + src: '/docker/etc/php/production.ini' + dest: '/opt/docker/conf/php.ini' + force: yes + state: link + when: PROVISION.CONTEXT == "production" + +- name: Truncate log files + command: 'cp /dev/null {{ item }}' + with_items: + - '/tmp/php.slow.log' + - '/tmp/php.error.log' + - '/tmp/php.access.log' diff --git a/docker/main/provision/roles/php/tasks/centos/install.yml b/docker/main/provision/roles/php/tasks/centos/install.yml new file mode 100644 index 0000000..db5c022 --- /dev/null +++ b/docker/main/provision/roles/php/tasks/centos/install.yml @@ -0,0 +1,79 @@ +- name: Install php + yum: + name: '{{ item }}' + state: present + with_items: + - php-cli + - php-fpm + - php-json + - php-intl + - php-curl + - php-mysqlnd + - php-xdebug + - php-memcached + - php-mcrypt + - php-gd + - sqlite + - php-xmlrpc + - php-xsl + - geoip + - php-ldap + - php-memcache + - ImageMagick + - ImageMagick-devel + - ImageMagick-perl + - php-pear + - gcc + +- name: Install php pecl + command: 'pecl install {{ item }}' + with_items: + - imagick + +- name: Configure php-fpm (php-fpm.conf) + lineinfile: + dest: /etc/php-fpm.conf + regexp: '^[\s;]*{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + - { key: 'daemonize', value: 'no' } + +- name: Configure php-fpm (pool www.conf) + lineinfile: + dest: /etc/php-fpm.d/www.conf + regexp: '^{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + # Networking + - { key: 'listen', value: '0.0.0.0:9000' } + - { key: 'listen.allowed_clients', value: '' } + # Process manager + - { key: 'pm.max_children', value: '15' } + - { key: 'pm.start_servers', value: '2' } + - { key: 'pm.min_spare_servers', value: '1' } + - { key: 'pm.max_spare_servers', value: '3' } + - { key: 'catch_workers_output', value: 'yes' } + # Logs + - { key: 'access.format', value: '"%R - %u %t \"%m %r%Q%q\" %s %f cpu:%C%% mem:%{megabytes}M reqTime:%d"' } + - { key: 'access.log', value: '/tmp/php.access.log' } + - { key: 'slowlog', value: '/tmp/php.slow.log' } + - { key: 'request_slowlog_timeout', value: '30s' } + # PHP flags + - { key: 'php_admin_value[error_log]', value: '/tmp/php.error.log' } + - { key: 'php_admin_flag[log_errors]', value: 'on' } + +- name: Configure php-fpm (pool www.conf) + lineinfile: + dest: /etc/php-fpm.d/www.conf + regexp: '^{{ item.key }}[\s]*=' + state: absent + with_items: + # Networking + - { key: 'listen.allowed_clients' } + +- name: Create link for additional php.ini + file: + src: '/opt/docker/conf/php.ini' + dest: '/etc/php.d/zzz-docker-boilerplate.ini' + state: link + force: yes diff --git a/docker/main/provision/roles/php/tasks/centos/modules.yml b/docker/main/provision/roles/php/tasks/centos/modules.yml new file mode 100644 index 0000000..4800f77 --- /dev/null +++ b/docker/main/provision/roles/php/tasks/centos/modules.yml @@ -0,0 +1,15 @@ +- name: Disable XDebug + file: + path: "{{ item }}" + state: absent + with_fileglob: + - /etc/php.d/*xdebug*.ini + when: PROVISION.PHP.XDEBUG == "" or PROVISION.PHP.XDEBUG == "0" + +- name: Disable Blackfire + file: + path: "{{ item }}" + state: absent + with_fileglob: + - /etc/php.d/*blackfire*.ini + when: PROVISION.PHP.XDEBUG == "" or PROVISION.PHP.BLACKFIRE == "0" diff --git a/docker/main/provision/roles/php/tasks/main.yml b/docker/main/provision/roles/php/tasks/main.yml new file mode 100644 index 0000000..966c6e5 --- /dev/null +++ b/docker/main/provision/roles/php/tasks/main.yml @@ -0,0 +1,47 @@ +############################# +# Ubuntu +############################# + +- include: ubuntu/install.yml + when: ansible_distribution == 'Ubuntu' + tags: + - bootstrap + +- include: ubuntu/blackfire.yml + when: ansible_distribution == 'Ubuntu' + tags: + - bootstrap + +- include: ubuntu/configuration.yml + when: ansible_distribution == 'Ubuntu' + tags: + - entrypoint + +- include: ubuntu/modules.yml + when: ansible_distribution == 'Ubuntu' + tags: + - entrypoint + +############################# +# CentOS +############################# + +- include: centos/install.yml + when: ansible_distribution == 'CentOS' + tags: + - bootstrap + +- include: centos/blackfire.yml + when: ansible_distribution == 'CentOS' + tags: + - bootstrap + +- include: centos/configuration.yml + when: ansible_distribution == 'CentOS' + tags: + - entrypoint + +- include: centos/modules.yml + when: ansible_distribution == 'CentOS' + tags: + - entrypoint diff --git a/docker/main/provision/roles/php/tasks/ubuntu/blackfire.yml b/docker/main/provision/roles/php/tasks/ubuntu/blackfire.yml new file mode 100644 index 0000000..ac23b88 --- /dev/null +++ b/docker/main/provision/roles/php/tasks/ubuntu/blackfire.yml @@ -0,0 +1,17 @@ +- name: Add blackfire.io key + apt_key: + url: https://packagecloud.io/gpg.key + state: present + +- name: Add blackfire.io repository + apt_repository: + repo: 'deb http://packages.blackfire.io/debian any main' + state: present + update_cache: yes + +- name: Install blackfire-php + apt: + name: '{{ item }}' + state: present + with_items: + - blackfire-php diff --git a/docker/main/provision/roles/php/tasks/ubuntu/configuration.yml b/docker/main/provision/roles/php/tasks/ubuntu/configuration.yml new file mode 100644 index 0000000..6ed6da4 --- /dev/null +++ b/docker/main/provision/roles/php/tasks/ubuntu/configuration.yml @@ -0,0 +1,33 @@ +- name: Configure php-fpm (pool www.conf) + lineinfile: + dest: /etc/php5/fpm/pool.d/www.conf + regexp: '^{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + # Env + - { key: 'env[TYPO3_CONTEXT]', value: '{{ DOCKER.TYPO3_CONTEXT }}' } + - { key: 'env[FLOW_CONTEXT]', value: '{{ DOCKER.FLOW_CONTEXT }}' } + - { key: 'env[FLOW_REWRITEURLS]', value: '{{ DOCKER.FLOW_REWRITEURLS }}' } + +- name: Set development environment php.ini + file: + src: '/docker/etc/php/development.ini' + dest: '/opt/docker/conf/php.ini' + force: yes + state: link + when: PROVISION.CONTEXT == "development" or PROVISION.CONTEXT == "" + +- name: Enable production environment php.ini + file: + src: '/docker/etc/php/production.ini' + dest: '/opt/docker/conf/php.ini' + force: yes + state: link + when: PROVISION.CONTEXT == "production" + +- name: Truncate log files + command: 'cp /dev/null {{ item }}' + with_items: + - '/tmp/php.slow.log' + - '/tmp/php.error.log' + - '/tmp/php.access.log' diff --git a/docker/main/provision/roles/php/tasks/ubuntu/install.yml b/docker/main/provision/roles/php/tasks/ubuntu/install.yml new file mode 100644 index 0000000..4258d1e --- /dev/null +++ b/docker/main/provision/roles/php/tasks/ubuntu/install.yml @@ -0,0 +1,83 @@ +- name: Install php + apt: + name: '{{ item }}' + state: present + with_items: + - php5-cli + - php5-fpm + - php5-json + - php5-intl + - php5-curl + - php5-mysqlnd + - php5-xdebug + - php5-memcached + - php5-mcrypt + - php5-gd + - php5-sqlite + - php5-xmlrpc + - php5-xsl + - php5-geoip + - php5-ldap + - php5-memcache + - php5-memcached + - php5-imagick + +- name: Create /etc/php5/mods-available/ + file: + path: /etc/php5/mods-available/ + state: directory + mode: 0755 + +- name: Link php.ini for cli and fpm + file: + src: '{{ item.file }}' + dest: '/etc/php5/{{ item.category }}/conf.d/{{ item.target }}' + force: yes + state: link + with_items: + # PHP cli + - { category: 'cli', file: '/etc/php5/mods-available/mcrypt.ini', target: '20-mcrypt.ini' } + - { category: 'cli', file: '/opt/docker/conf/php.ini', target: '99-docker-boilerplate.ini' } + # PHP fpm + - { category: 'fpm', file: '/etc/php5/mods-available/mcrypt.ini', target: '20-mcrypt.ini' } + - { category: 'fpm', file: '/opt/docker/conf/php.ini', target: '99-docker-boilerplate.ini' } + +- name: Configure php-fpm (php-fpm.conf) + lineinfile: + dest: /etc/php5/fpm/php-fpm.conf + regexp: '^[\s;]*{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + - { key: 'daemonize', value: 'no' } + +- name: Configure php-fpm (pool www.conf) + lineinfile: + dest: /etc/php5/fpm/pool.d/www.conf + regexp: '^{{ item.key }}[\s]*=' + line: '{{ item.key }} = {{ item.value }}' + with_items: + # Networking + - { key: 'listen', value: '0.0.0.0:9000' } + # Process manager + - { key: 'pm.max_children', value: '15' } + - { key: 'pm.start_servers', value: '2' } + - { key: 'pm.min_spare_servers', value: '1' } + - { key: 'pm.max_spare_servers', value: '3' } + - { key: 'catch_workers_output', value: 'yes' } + # Logs + - { key: 'access.format', value: '"%R - %u %t \"%m %r%Q%q\" %s %f cpu:%C%% mem:%{megabytes}M reqTime:%d"' } + - { key: 'access.log', value: '/tmp/php.access.log' } + - { key: 'slowlog', value: '/tmp/php.slow.log' } + - { key: 'request_slowlog_timeout', value: '30s' } + # PHP flags + - { key: 'php_admin_value[error_log]', value: '/tmp/php.error.log' } + - { key: 'php_admin_flag[log_errors]', value: 'on' } + +- name: Configure php-fpm (pool www.conf) + lineinfile: + dest: /etc/php-fpm.d/www.conf + regexp: '^{{ item.key }}[\s]*=' + state: absent + with_items: + # Networking + - { key: 'listen.allowed_clients' } diff --git a/docker/main/provision/roles/php/tasks/ubuntu/modules.yml b/docker/main/provision/roles/php/tasks/ubuntu/modules.yml new file mode 100644 index 0000000..a3eb587 --- /dev/null +++ b/docker/main/provision/roles/php/tasks/ubuntu/modules.yml @@ -0,0 +1,17 @@ +- name: Disable XDebug + file: + path: "{{ item }}" + state: absent + with_fileglob: + - /etc/php5/fpm/conf.d/*xdebug*.ini + - /etc/php5/cli/conf.d/*xdebug*.ini + when: PROVISION.PHP.XDEBUG == "" or PROVISION.PHP.XDEBUG == "0" + +- name: Disable Blackfire + file: + path: "{{ item }}" + state: absent + with_fileglob: + - /etc/php5/fpm/conf.d/*blackfire*.ini + - /etc/php5/cli/conf.d/*blackfire*.ini + when: PROVISION.PHP.XDEBUG == "" or PROVISION.PHP.BLACKFIRE == "0" diff --git a/docker/main/provision/roles/ssmtp/tasks/configuration.yml b/docker/main/provision/roles/ssmtp/tasks/configuration.yml new file mode 100644 index 0000000..44e39b8 --- /dev/null +++ b/docker/main/provision/roles/ssmtp/tasks/configuration.yml @@ -0,0 +1,8 @@ +- name: Setup ssmtp + lineinfile: + dest: /etc/ssmtp/ssmtp.conf + regexp: '^[\s]*{{ item.key }}[\s]*=' + line: '{{ item.key }}={{ item.value }}' + with_items: + - { key: 'mailhub', value: '{{ DOCKER.MAIL_GATEWAY }}' } + - { key: 'FromLineOverride', value: 'YES' } diff --git a/docker/main/provision/roles/ssmtp/tasks/install.yml b/docker/main/provision/roles/ssmtp/tasks/install.yml new file mode 100644 index 0000000..927e6de --- /dev/null +++ b/docker/main/provision/roles/ssmtp/tasks/install.yml @@ -0,0 +1,15 @@ +- name: Install ssmtp + apt: + name: '{{ item }}' + state: present + when: ansible_distribution == 'Ubuntu' + with_items: + - ssmtp + +- name: Install ssmtp + yum: + name: '{{ item }}' + state: present + when: ansible_distribution == 'CentOS' + with_items: + - ssmtp diff --git a/docker/main/provision/roles/ssmtp/tasks/main.yml b/docker/main/provision/roles/ssmtp/tasks/main.yml new file mode 100644 index 0000000..35d0963 --- /dev/null +++ b/docker/main/provision/roles/ssmtp/tasks/main.yml @@ -0,0 +1,7 @@ +- include: install.yml + tags: + - bootstrap + +- include: configuration.yml + tags: + - entrypoint diff --git a/docker/main/provision/roles/supervisord/tasks/install.yml b/docker/main/provision/roles/supervisord/tasks/install.yml new file mode 100644 index 0000000..569d7bc --- /dev/null +++ b/docker/main/provision/roles/supervisord/tasks/install.yml @@ -0,0 +1,15 @@ +- name: Install supervisor + apt: + name: '{{ item }}' + state: present + when: ansible_distribution == 'Ubuntu' + with_items: + - supervisor + +- name: Install supervisor + yum: + name: '{{ item }}' + state: present + when: ansible_distribution == 'CentOS' + with_items: + - supervisor diff --git a/docker/main/provision/roles/supervisord/tasks/main.yml b/docker/main/provision/roles/supervisord/tasks/main.yml new file mode 100644 index 0000000..e3418cb --- /dev/null +++ b/docker/main/provision/roles/supervisord/tasks/main.yml @@ -0,0 +1,3 @@ +- include: install.yml + tags: + - bootstrap diff --git a/docker/main/provision/roles/update/tasks/main.yml b/docker/main/provision/roles/update/tasks/main.yml new file mode 100644 index 0000000..a7592f7 --- /dev/null +++ b/docker/main/provision/roles/update/tasks/main.yml @@ -0,0 +1,9 @@ +- include: update-centos.yml + when: ansible_distribution == 'CentOS' + tags: + - bootstrap + +- include: update-ubuntu.yml + when: ansible_distribution == 'Ubuntu' + tags: + - bootstrap diff --git a/docker/main/provision/roles/update/tasks/update-centos.yml b/docker/main/provision/roles/update/tasks/update-centos.yml new file mode 100644 index 0000000..0864c5b --- /dev/null +++ b/docker/main/provision/roles/update/tasks/update-centos.yml @@ -0,0 +1,2 @@ +- name: Update distribution packages (yum) ... will take some time + yum: name=* state=latest diff --git a/docker/main/provision/roles/update/tasks/update-ubuntu.yml b/docker/main/provision/roles/update/tasks/update-ubuntu.yml new file mode 100644 index 0000000..f2eecf3 --- /dev/null +++ b/docker/main/provision/roles/update/tasks/update-ubuntu.yml @@ -0,0 +1,2 @@ +- name: Upgrade distribution packages (apt-get dist-upgrade) ... will take some time + apt: upgrade=dist diff --git a/docker/main/provision/roles/users/tasks/home-ssh.yml b/docker/main/provision/roles/users/tasks/home-ssh.yml new file mode 100644 index 0000000..f3b21a7 --- /dev/null +++ b/docker/main/provision/roles/users/tasks/home-ssh.yml @@ -0,0 +1,29 @@ +# create a directory if it doesn't exist +- name: Create /home/.ssh/ + file: + path: /home/.ssh/ + state: directory + mode: 0750 + owner: "{{ DOCKER.CLI_USER }}" + group: "{{ DOCKER.CLI_USER }}" + +- name: Sync etc/ssh/ to /home/.ssh + local_action: synchronize src=/docker/etc/ssh/ dest=/home/.ssh/ perms=no + ignore_errors: True + +- name: Fix /home/.ssh/ permissions + file: + path: /home/.ssh/ + state: directory + owner: "{{ DOCKER.CLI_USER }}" + group: "{{ DOCKER.CLI_USER }}" + recurse: yes + ignore_errors: True + +- name: Fix ssh key permissions (if exists) + file: + path: /home/.ssh/id_rsa + mode: 0600 + owner: "{{ DOCKER.CLI_USER }}" + group: "{{ DOCKER.CLI_USER }}" + ignore_errors: True diff --git a/docker/main/provision/roles/users/tasks/main.yml b/docker/main/provision/roles/users/tasks/main.yml new file mode 100644 index 0000000..39d63b2 --- /dev/null +++ b/docker/main/provision/roles/users/tasks/main.yml @@ -0,0 +1,7 @@ +- include: user.yml + tags: + - entrypoint + +- include: home-ssh.yml + tags: + - entrypoint diff --git a/docker/main/provision/roles/users/tasks/user.yml b/docker/main/provision/roles/users/tasks/user.yml new file mode 100644 index 0000000..b148008 --- /dev/null +++ b/docker/main/provision/roles/users/tasks/user.yml @@ -0,0 +1,19 @@ +- group: + name: "{{ DOCKER.CLI_USER }}" + gid: "{{ DOCKER.EFFECTIVE_UID }}" + +- user: + name: "{{ DOCKER.CLI_USER }}" + uid: "{{ DOCKER.EFFECTIVE_GID }}" + group: "{{ DOCKER.CLI_USER }}" + shell: /bin/bash + home: /home + +# create a directory if it doesn't exist +- file: + path: /home/ + state: directory + mode: 0755 + owner: "{{ DOCKER.CLI_USER }}" + group: "{{ DOCKER.CLI_USER }}" + recurse: yes diff --git a/docker/main/provision/variables.yml b/docker/main/provision/variables.yml new file mode 100644 index 0000000..cef0cda --- /dev/null +++ b/docker/main/provision/variables.yml @@ -0,0 +1,51 @@ +--- + +PROVISION: + CONTEXT: "{{ lookup('env','PROVISION_CONTEXT') }}" + + SYS: + UPDATE: "{{ lookup('env','PROVISION_SYS_UPDATE') }}" + + PHP: + DISTRIBUTION: "{{ lookup('env','PROVISION_PHP_DISTRIBUTION') }}" + + BLACKFIRE: "{{ lookup('env','PROVISION_PHP_BLACKFIRE') }}" + XDEBUG: "{{ lookup('env','PROVISION_PHP_XDEBUG') }}" + +DOCKER: + # System + EFFECTIVE_UID: "{{ lookup('env','EFFECTIVE_UID') }}" + EFFECTIVE_GID: "{{ lookup('env','EFFECTIVE_GID') }}" + CLI_USER: "{{ lookup('env','CLI_USER') }}" + CLI_SCRIPT: "{{ lookup('env','CLI_SCRIPT') }}" + + # http + DOCUMENT_ROOT: "{{ lookup('env','DOCUMENT_ROOT') }}" + DOCUMENT_INDEX: "{{ lookup('env','DOCUMENT_INDEX') }}" + + + # MySQL + MYSQL_ROOT_PASSWORD: "{{ lookup('env','MYSQL_ROOT_PASSWORD') }}" + MYSQL_USER: "{{ lookup('env','MYSQL_USER') }}" + MYSQL_PASSWORD: "{{ lookup('env','MYSQL_PASSWORD') }}" + MYSQL_DATABASE: "{{ lookup('env','MYSQL_DATABASE') }}" + + # PostgreSQL + POSTGRES_USER: "{{ lookup('env','POSTGRES_USER') }}" + POSTGRES_PASSWORD: "{{ lookup('env','POSTGRES_PASSWORD') }}" + + # FTP + FTP_USER: "{{ lookup('env','FTP_USER') }}" + FTP_PASSWORD: "{{ lookup('env','FTP_PASSWORD') }}" + FTP_PATH: "{{ lookup('env','FTP_PATH') }}" + + # Mail + MAIL_GATEWAY: "{{ lookup('env','MAIL_GATEWAY') }}" + + # DNS + DNS_DOMAIN: "{{ lookup('env','DNS_DOMAIN') }}" + + # Context + TYPO3_CONTEXT: "{{ lookup('env','TYPO3_CONTEXT') }}" + FLOW_CONTEXT: "{{ lookup('env','FLOW_CONTEXT') }}" + FLOW_REWRITEURLS: "{{ lookup('env','FLOW_REWRITEURLS') }}" diff --git a/docker/memcached/Dockerfile b/docker/memcached/Dockerfile index bc5a340..3125e4b 100644 --- a/docker/memcached/Dockerfile +++ b/docker/memcached/Dockerfile @@ -1 +1,12 @@ +#++++++++++++++++++++++++++++++++++++++ +# Memcached Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# memcached - official Memcached +# https://registry.hub.docker.com/u/library/memcached/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM memcached \ No newline at end of file diff --git a/docker/mysql/Dockerfile b/docker/mysql/Dockerfile index 399261d..9388d28 100644 --- a/docker/mysql/Dockerfile +++ b/docker/mysql/Dockerfile @@ -1,5 +1,20 @@ +#++++++++++++++++++++++++++++++++++++++ +# MySQL Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# mysql - official MySQL from Oracle +# https://registry.hub.docker.com/u/library/mysql/ +# +# mariadb - MariaDB (MySQL fork) from MariaDB Foundation +# https://registry.hub.docker.com/u/library/mariadb/ +# +# percona - PerconaDB (MySQL fork) from Percona +# https://registry.hub.docker.com/u/library/percona/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM mysql:5.5 -#FROM mariadb:5.5 -#FROM percona:5.5 -ADD conf/mysql-docker.cnf /etc/mysql/conf.d/z99-docker.cnf \ No newline at end of file +ADD conf/mysql-docker.cnf /etc/mysql/conf.d/z99-docker.cnf diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile deleted file mode 100644 index f20d995..0000000 --- a/docker/nginx/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM nginx - -RUN apt-get update && apt-get install -y net-tools - -ADD conf/vhost.conf /opt/docker/vhost.conf -ADD ssl/* /etc/nginx/ssl/ -ADD entrypoint.sh /entrypoint.sh - -EXPOSE 80 -EXPOSE 8000 - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["nginx"] diff --git a/docker/nginx/ssl/server.crt b/docker/nginx/ssl/server.crt deleted file mode 100644 index 6b06949..0000000 --- a/docker/nginx/ssl/server.crt +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIE1DCCArwCCQDMMwGnSuK0tTANBgkqhkiG9w0BAQsFADAsMRswGQYDVQQKExJE -b2NrZXIgQm9pbGVycGxhdGUxDTALBgNVBAMUBCoudm0wHhcNMTUwNTA0MTcxNDQw -WhcNMjUwNTAxMTcxNDQwWjAsMRswGQYDVQQKExJEb2NrZXIgQm9pbGVycGxhdGUx -DTALBgNVBAMUBCoudm0wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDK -3TIUiyDvXelWeY9VXMrpjuZtYpVSDsACLpjFUhMnsP5/iKT0VbeZyqHvmwZjAg4G -Y10d+yZDdgv/xeu0HPOFbtR6pCp10d1tdLHZto5Cyuxu7IQsAVjnD6Ko7XFwtNk7 -9o6JZfAFaGL4w5MokrVmCtspnsMZH7/7zU4f96cbF39zLopnpuXGD6t6DA8Qj3gy -0duaTjs42bYRN+rwLzVKAev99iQ4kPMJn4vV6/Xk6rtoSzC67GQyVZYaFypicD1S -NtsRmgEVvjCBDbrLOneUiRwff6qxEsZi7Hxv7BKFj4iUWnII7K/nP7T6uBHQjHO+ -FpsGkU9lCMrCeVFBe8kKz/cbhd+yLUxXwAPr6gSOPmwn232Gy4tozvqZHpbUxsgx -7sT3ej9K66h1D7J+BjNFWYM1hbnC1r7H/xS7EBzBV8qRoQCVe08Juf5xsouXFakD -clLV4+L+1cxkpwsCQDly5g3tm/TBqA2O+ZJ+YHQDHKkzMyhLs6i0X/M5qvJBiLg1 -GLTCS20rpQ5gXTEGuINqHgwXQWkUO6bhgSYqdHGX3zbZ5+qWpI4eui3dHZ1Ll0VH -6Icpb7ORTQwhc6W8KBlybssYPSlGOEBGUjYGNheoz9FpoSkxCis+P8ZNKtrmpPoq -Su0eOOGFOFHG02eOgPVxSwrDeN9MVJo7BPysGMHJmQIDAQABMA0GCSqGSIb3DQEB -CwUAA4ICAQC63g6NHmQKbiy3G6iaDkpUSbr5Mq2YgU61XnvWVyREqDcy/BXCw9oY -SJ/KUvCpqPnACNOFqjadRAmPiA9nf2WduoCgwQGV/YRFGswSuVvh/3X2TX5NWvbS -t8MQDttQg1dxpiMUjlu3rqhfohBdWJvp2lVSdpDb/MOlXBc/+p7HfOHwhqB7wwPN -NNbSKUbZqZxmD8cOf1X0hASr1yfFPj+2vST3ESaON8S0T2p63YX/sD5jvOUiEuyw -I5WcvLmiRZA07SH8nWyckLY3qWL+OlhSZrlAnolWS00b+7h5LNuRYEjKzwVgntoA -aCopyQih6wIk0+AfJO4sfhJBmQhnIrAaP/zwBH5g9zVizLf5H7U+hNXrMwgw55Sq -vjMdkZHvPKUXTvVit/rYE9H+PY3brkRWzOl4V/i/ZLJJm5805H/NyTbz9kPMJw2Q -nn+KOpfXXySD39f8iuRgSKXsYNul38hxWgcZZ6g+sOOp2n/VUmf0eZUWNnJ8i7AP -4Qif7aDKMcibOwSwsB+DKZXDvZ5XSdnMphtuLS5rPSL81rVRmWC2DMfQ2eP8j0WN -VTroSk0xedQ7Qr+9TNooi9IyzX6n1a2S1UiciEZ3ZcDbXPl/P01m+IYZyPnLv0+9 -ZeioZYh1JLv3/OKsMrMLTfh2ZCj3aXwmc2Owi/wU2LS5QUOMcHH7CQ== ------END CERTIFICATE----- \ No newline at end of file diff --git a/docker/nginx/ssl/server.csr b/docker/nginx/ssl/server.csr deleted file mode 100644 index 8a9909f..0000000 --- a/docker/nginx/ssl/server.csr +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIEcTCCAlkCAQAwLDEbMBkGA1UEChMSRG9ja2VyIEJvaWxlcnBsYXRlMQ0wCwYD -VQQDFAQqLnZtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyt0yFIsg -713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik9FW3mcqh75sGYwIOBmNdHfsm -Q3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyELAFY5w+iqO1xcLTZO/aOiWXw -BWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6KZ6blxg+regwPEI94MtHbmk47 -ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEswuuxkMlWWGhcqYnA9UjbbEZoB -Fb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpyCOyv5z+0+rgR0IxzvhabBpFP -ZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9hsuLaM76mR6W1MbIMe7E93o/ -SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEAlXtPCbn+cbKLlxWpA3JS1ePi -/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMoS7OotF/zOaryQYi4NRi0wktt -K6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efqlqSOHrot3R2dS5dFR+iHKW+z -kU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEpMQorPj/GTSra5qT6KkrtHjjh -hThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEAAaAAMA0GCSqGSIb3DQEBCwUA -A4ICAQBsEBgC2YepuZq/8UqvKMZKVy/etDKXj7BB+QPb+leNiKD7p4LDxHJsZSH8 -Ku9uMPeLfiQDn5jA41k5SlGttzvObd65RdEbO3yHpqsg05EGSDDLfaE1k2Al/qmX -/o8roPZF7+2kZthgMAgkcokS54LYqEYTGqOf3J9Ss0yRIZwhaOVebfFIbIOdpw0B -JNMIJPHTMdZrcuRVI+wR1uPLIlEJzBvxTGbTrvPU25WJFtu+EajKqXO0SHdy0yx8 -uH4ykRBJRc36+oYo7nZ5D56dh7pZn3+9J64FKAOV0Q3KqMFieGy053ezuhJd70eZ -UozTgfjs3WpMzoYmKETSyl3XZSdInRe+sUlKPruTsKyg69oYxjPlrGfAmmGcCFca -TnZinT18dI92zK7OtOVkmYeYKC1lwuhftVrNMXzZuHOGpS9NNYtc4nDqDMIEOfV3 -6rCdu03WjEgJ+Z67tJs16xOx9du4/EHxS2Ijn9DPfVJvYy0TgzDi1BUpjWx0KTLx -C4OQbEZ/QTWmHVbSch/hcZhzbf7SNh5RpnW4EtmcpDFjIKMfxJmoKeiTf7qnilx0 -7uRvsZFKoDKRDOFiPfgMg5AOtLHziYsd9m0tJjC2GHvFuPjzOtzhnUUjmmvht170 -2aqKakjST4amg7jzLcs871HX0/WjOtt29NpOz140blkKf1bisg== ------END CERTIFICATE REQUEST----- \ No newline at end of file diff --git a/docker/nginx/ssl/server.key b/docker/nginx/ssl/server.key deleted file mode 100644 index 42b3839..0000000 --- a/docker/nginx/ssl/server.key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAyt0yFIsg713pVnmPVVzK6Y7mbWKVUg7AAi6YxVITJ7D+f4ik -9FW3mcqh75sGYwIOBmNdHfsmQ3YL/8XrtBzzhW7UeqQqddHdbXSx2baOQsrsbuyE -LAFY5w+iqO1xcLTZO/aOiWXwBWhi+MOTKJK1ZgrbKZ7DGR+/+81OH/enGxd/cy6K -Z6blxg+regwPEI94MtHbmk47ONm2ETfq8C81SgHr/fYkOJDzCZ+L1ev15Oq7aEsw -uuxkMlWWGhcqYnA9UjbbEZoBFb4wgQ26yzp3lIkcH3+qsRLGYux8b+wShY+IlFpy -COyv5z+0+rgR0IxzvhabBpFPZQjKwnlRQXvJCs/3G4Xfsi1MV8AD6+oEjj5sJ9t9 -hsuLaM76mR6W1MbIMe7E93o/SuuodQ+yfgYzRVmDNYW5wta+x/8UuxAcwVfKkaEA -lXtPCbn+cbKLlxWpA3JS1ePi/tXMZKcLAkA5cuYN7Zv0wagNjvmSfmB0AxypMzMo -S7OotF/zOaryQYi4NRi0wkttK6UOYF0xBriDah4MF0FpFDum4YEmKnRxl9822efq -lqSOHrot3R2dS5dFR+iHKW+zkU0MIXOlvCgZcm7LGD0pRjhARlI2BjYXqM/RaaEp -MQorPj/GTSra5qT6KkrtHjjhhThRxtNnjoD1cUsKw3jfTFSaOwT8rBjByZkCAwEA -AQKCAgAbZPdoUsllyZbC+LNkYZ19ILD5QIDNjfRb1xMGQmkXyQz1B+zOmeyrNfPc -OWEJabOfJTfj3pByN7SzG3US4333HNpQnW6mbmqqZ0HFFqPrXR/Ecuf+UUhCG5hp -m3bgM2vKbyccYsmg0VHcKfzrU7RvTTP/UNMjx2fThwvvwS+ttuSdF0HVcXJB5sfP -OWWnZNhkdHZlRf81VCED/jsZqCZYEh5eMyj9AoXvXL4zayPPf+tC0DSKaXW2Xlxg -tZQhqup8+a9nlxZia0Z9hu8clo6jXkiP8FuKgfCMV0cOjiCKLLHS5svTbLLsVWwJ -F2ZAdVcD6mWQ43qHOEK5NEzGvQKO14CaOLnVT2yAkMcyNohsEgoDP9oCBGDJQbBH -NmtZfpVjjtuTr9P9TEkU1FcBRo0x6Il/DkzamGbOeFAmgnaGElhJ5c/CAG7whaIf -mUfFOBGPH/wESY3gBOACDofeSh27RrlvbLaPiCGKivDUTBmhBsIuso6XqOKbvtfV -/HhhndpdRVfIj4DdE7gIrLIGN977JMVAXFCNz7KrvAWwcOXrCHCoWpklJ9repq8l -26ICY8K7VXktzDHQUmhd88ZWR+9ASURsJghUgZUOcMrEGyvci6Y8hpLhHiNVPHuQ -+ps7tpPsXSntBUqWBzhRZh74+nJlOOV6oYykl30JT2JzB6lwiQKCAQEA9ecn8N2z -20tR2UEiTv/MjVSepQtAAajegvcd1iasvvQKXnh3XLmoZHzH2tTa0lp5RIZpUQPl -lOTwko0lYTBnYblt65AJQ3FTgisNobIpoqE8BFXLm6wggz7CbabjmPGDe173lPGR -sI0YSKYvzrdn4zw8Fh6WULJyZHLi58zJYL3r0WBDiOoxpGaGA1GlmkuIWjhKHaX2 -OvF1vOuQDJ2eDyTc5TYFC0NKG76Mvanov5L/yrhNM/umbmp0SPspzHGZobAKUr20 -OazFT8S+2TA1OTxWNbiPbSimFoaZbEdqsNACGfVJWO8Sh8iqlt5RmEcSiSvGBj6L -QKprRO9Fsp2GawKCAQEA0zGhRsnux4JTNsdUSYsEJtITMj6eE+nl7CoZ9DAOwC5X -6/aSpUE4TT+pWNrt9iluXiGL0j89UJ7r/L1OcsiyzGb8ig9NU4zr1NIGTZ0DstHi -HPYINjeiBJEFIy17kOQn+9/I5c4hBUwz6ihwNoEomymVB/EsLJKAML0AudJGKg+Z -/f/qrS40eab5SAiaKgsh0MZnj+vIxyGBydt6r2HGmjfNITVbXIu6IpO+6NXDwM/e -7v10AAZ3j9+gb1RedLg2ghuIuYU90hmMhtVWsh9nVmaOkMW9/WFgOPYvt/mHH/hR -d4pePZ9kACGmqo/b9sHvHw1YEubtCt1VUiNuFxnJCwKCAQBWnxz0vkRTJY8phsY9 -KeK2jm5sGTBs5T2syLwb6ffENFdKvAjgAw6Mh2And/+1ReWd+/MxdLv03UjZdxsJ -x3FDfXx5FH4O4ebW3a+pnAcKoN1xcX+N0O6LDRqUYcue3sTAOs3gC9CUbr91KAWD -Phw8ccWAzTmKJ7IgLFA982ekyoI9eTmRC159WRgwJxy844qerWF+XC4GyXP+HsTZ -jNRW5Vdi7sqMEyIR7+fIEAhLI88zbATWIPmZv6pC4ybwO7wwtsCMMQNBpdjDprzL -6S12ggikV+U+QKlxGe0FtYqhykRTPJKf32eZqVheWOZJTA/9fgv9ux52oxGycM8O -gmsNAoIBAQC60m5uZnd5uYnPLWkcXYNgq/kbO1UvHHut/FhVMKX7z4MrU0XKNfWO -MECoP5K9bU0aq+Y6KIMe7FapjvT0iSHRu1Cu+HZY8JI2A0xcIAeDijLRl7sP6wrB -q1+2DKgANjRAlWfsEfoX658JBpitPngjOheBnRCMpVQMyUT5HE/BKWf5zwdUB0mY -S+K8nA90HcDeJIS8RcGolbVwUV0oBABhr/cf50lYhqozqCr7YQ33ZGs7Uq3oz8+4 -UARmN2YPLl3Znm3GX12em8c6B0LX8vvA7Jw06Rf2Ksup1+3Ce1PTLiEy9A4FyRf3 -Hc2HmBbnJAtZlr5QikMqlzzAmmLqwH6dAoIBAC+ryaQGJFsijCSuaDfRp/uy9xnd -DjgMdTwjl5WLBmyudChVMANl8eqCbvVO41CN84yORk03oQ4cx0eKxAZaLaSzgkb3 -W0X2nFQe7VJSYMQswCQ+1WfJvEFrIdkEKIa//uQdhqNrgUKSNVhhSTMbNEkDTIWn -ssbv2H9hvUaFt/J/vP9zCKuU5oYvNU7Oi6ZXRYezRn9atlJYanLFoJnHUBRzGms5 -K0vhdCPDXQq87z5Yudoh0jLUQF9Nx0GTWeBceQ9n5hZeRUNQWxP4AJThQX9KSPTS -mbL3Kh4XNRmAUJ2N+Njh+3dg91s+JkKvC1wcspLsmLPQe+9AxBSH9y5JE/8= ------END RSA PRIVATE KEY----- diff --git a/docker/postgres/Dockerfile b/docker/postgres/Dockerfile index de887ed..8bf9b40 100644 --- a/docker/postgres/Dockerfile +++ b/docker/postgres/Dockerfile @@ -1 +1,12 @@ +#++++++++++++++++++++++++++++++++++++++ +# PostgreSQL Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# postgres - official PostgreSQL +# https://registry.hub.docker.com/u/library/postgres/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM postgres:9.4 diff --git a/docker/redis/Dockerfile b/docker/redis/Dockerfile index fff8490..6211807 100644 --- a/docker/redis/Dockerfile +++ b/docker/redis/Dockerfile @@ -1 +1,12 @@ +#++++++++++++++++++++++++++++++++++++++ +# Redis Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# redis - official Redis +# https://registry.hub.docker.com/u/library/redis/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM redis \ No newline at end of file diff --git a/docker/solr/Dockerfile b/docker/solr/Dockerfile index 6f6d8dc..f3659c0 100644 --- a/docker/solr/Dockerfile +++ b/docker/solr/Dockerfile @@ -1,3 +1,14 @@ +#++++++++++++++++++++++++++++++++++++++ +# Solr Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Images: +# +# guywithnose/solr +# https://registry.hub.docker.com/u/guywithnose/solr/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM guywithnose/solr:4.9.0 ENV DEBIAN_FRONTEND noninteractive diff --git a/docker/storage/Dockerfile b/docker/storage/Dockerfile index c30902b..6a30d90 100644 --- a/docker/storage/Dockerfile +++ b/docker/storage/Dockerfile @@ -1,3 +1,14 @@ +#++++++++++++++++++++++++++++++++++++++ +# Storage Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# ubuntu:14.04 - PHP 5.5, LTS (trusty) +# https://registry.hub.docker.com/u/library/ubuntu/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM ubuntu:14.04 ADD entrypoint.sh /entrypoint.sh diff --git a/docker/vsftpd/Dockerfile b/docker/vsftpd/Dockerfile index e76a37c..100659d 100644 --- a/docker/vsftpd/Dockerfile +++ b/docker/vsftpd/Dockerfile @@ -1,3 +1,14 @@ +#++++++++++++++++++++++++++++++++++++++ +# VSFTP Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# ubuntu:14.04 - PHP 5.5, LTS (trusty) +# https://registry.hub.docker.com/u/library/ubuntu/ +# +#++++++++++++++++++++++++++++++++++++++ + FROM ubuntu:14.04 ENV VSFTP_USER dev diff --git a/docker/web/Apache-Httpd b/docker/web/Apache-Httpd new file mode 100644 index 0000000..1833945 --- /dev/null +++ b/docker/web/Apache-Httpd @@ -0,0 +1,26 @@ +#++++++++++++++++++++++++++++++++++++++ +# HTTPD Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# httpd:14.04 - Apache HTTPD +# https://registry.hub.docker.com/u/library/httpd/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM httpd:2.4 + +RUN apt-get update && apt-get install -y net-tools + +ADD conf/httpd/vhost.conf /usr/local/apache2/conf/.docker-vhost.conf.original +ADD ssl/* /usr/local/apache2/ssl/ +ADD bin/httpd/entrypoint.sh /entrypoint.sh + +EXPOSE 80 +EXPOSE 443 +EXPOSE 8000 +EXPOSE 8443 + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["httpd"] diff --git a/docker/web/Nginx b/docker/web/Nginx new file mode 100644 index 0000000..ab33f2f --- /dev/null +++ b/docker/web/Nginx @@ -0,0 +1,24 @@ +#++++++++++++++++++++++++++++++++++++++ +# Nginx Docker container +#++++++++++++++++++++++++++++++++++++++ +# +# Official images: +# +# nginx:14.04 - Nginx Webserver +# https://registry.hub.docker.com/u/library/nginx/ +# +#++++++++++++++++++++++++++++++++++++++ + +FROM nginx + +RUN apt-get update && apt-get install -y net-tools + +ADD conf/nginx/vhost.conf /opt/docker/vhost.conf +ADD ssl/* /etc/nginx/ssl/ +ADD bin/nginx/entrypoint.sh /entrypoint.sh + +EXPOSE 80 +EXPOSE 8000 + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["nginx"] diff --git a/docker/httpd/entrypoint.sh b/docker/web/bin/httpd/entrypoint.sh similarity index 100% rename from docker/httpd/entrypoint.sh rename to docker/web/bin/httpd/entrypoint.sh diff --git a/docker/nginx/entrypoint.sh b/docker/web/bin/nginx/entrypoint.sh similarity index 100% rename from docker/nginx/entrypoint.sh rename to docker/web/bin/nginx/entrypoint.sh diff --git a/docker/httpd/conf/vhost.conf b/docker/web/conf/httpd/vhost.conf similarity index 90% rename from docker/httpd/conf/vhost.conf rename to docker/web/conf/httpd/vhost.conf index 2eee222..06eb594 100644 --- a/docker/httpd/conf/vhost.conf +++ b/docker/web/conf/httpd/vhost.conf @@ -108,9 +108,9 @@ CustomLog /proc/self/fd/1 dockerlog BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown ## SSL Hardening - SSLProtocol all -SSLv2 -SSLv3 + SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder on - SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" SSLCompression off + SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA' diff --git a/docker/nginx/conf/vhost.conf b/docker/web/conf/nginx/vhost.conf similarity index 86% rename from docker/nginx/conf/vhost.conf rename to docker/web/conf/nginx/vhost.conf index 218ecd7..544938b 100644 --- a/docker/nginx/conf/vhost.conf +++ b/docker/web/conf/nginx/vhost.conf @@ -54,7 +54,11 @@ server { root ""; index ; - ssl on; + ssl on; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive + ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'; + ssl_prefer_server_ciphers on; + ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; diff --git a/docker/httpd/ssl/server.crt b/docker/web/ssl/server.crt similarity index 100% rename from docker/httpd/ssl/server.crt rename to docker/web/ssl/server.crt diff --git a/docker/httpd/ssl/server.csr b/docker/web/ssl/server.csr similarity index 100% rename from docker/httpd/ssl/server.csr rename to docker/web/ssl/server.csr diff --git a/docker/httpd/ssl/server.key b/docker/web/ssl/server.key similarity index 100% rename from docker/httpd/ssl/server.key rename to docker/web/ssl/server.key diff --git a/documentation/CUSTOMIZE.md b/documentation/CUSTOMIZE.md index c07da60..e7b7344 100644 --- a/documentation/CUSTOMIZE.md +++ b/documentation/CUSTOMIZE.md @@ -4,12 +4,12 @@ ## Custom packages (`main` controller) -You can add custom shell commands in `docker/main/bin/customization.sh` +You can add custom shell commands in `docker/main/{DISTRIBUTION}/bin/customization.sh` ## Custom php.ini directives -Modify the `docker/main/conf/php.ini`, it will be added on top of the default php.ini so +Modify the `docker/main/{DISTRIBUTION}/conf/php.ini`, it will be added on top of the default php.ini so you can overwrite any directives. After modification rebuild your `main` container: diff --git a/documentation/DOCKER-INFO.md b/documentation/DOCKER-INFO.md index 566936d..17be0f6 100644 --- a/documentation/DOCKER-INFO.md +++ b/documentation/DOCKER-INFO.md @@ -23,7 +23,8 @@ This directory will be mounted under `/docker` in `main` and `web` container. ## Docker images Container | Source ------------------------- | ------------------------------- -main | [Ubuntu](https://registry.hub.docker.com/_/ubuntu/) *official* +main/ubuntu | [Ubuntu](https://registry.hub.docker.com/_/ubuntu/) *official* (prebuilt available from https://registry.hub.docker.com/u/mblaschke/php-boilerplate/) +main/centos | [CentOS](https://registry.hub.docker.com/_/centos/) *official* (prebuilt available from https://registry.hub.docker.com/u/mblaschke/php-boilerplate/) storage | [Ubuntu](https://registry.hub.docker.com/_/ubuntu/) *official* web | [Apache](https://registry.hub.docker.com/_/httpd/) *official* or [Nginx](https://registry.hub.docker.com/_/nginx/) *official* mysql | [MySQL](https://registry.hub.docker.com/_/mysql/) *official* @@ -57,90 +58,6 @@ make create-cms-project | Create new TYPO3 project (based on typo3/cms-base-di make create-neos-project | Create new NEOS project (based on typo3/neos-base-distribution)
| make build | Run building (composer, gulp, bower) -make scheduler | Run TYPO3 scheduler -make clean | Clear TYPO3 configuration cache - -## Docker containers - -### Web (Nginx or Apache HTTPd) - -Setting | Value -------------- | ------------- -Host | web:80 and web:443 (ssl) -External Port | 8000 and 8443 (ssl) - -### MySQL - -You can choose between [MySQL](https://www.mysql.com/) (default), [MariaDB](https://www.mariadb.org/) -and [PerconaDB](http://www.percona.com/software) in `docker/mysql/Dockerfile` - -Setting | Value -------------- | ------------- -User | dev (if not changed in env) -Password | dev (if not changed in env) -Database | typo3 (if not changed in env) -Host | mysql:3306 -External Port | 13306 - -Access fo MySQL user "root" and "dev" will be allowed from external hosts (eg. for debugging, dumps and other stuff). - - -### PostgreSQL - -Setting | Value -------------- | ------------- -User | dev (if not changed in env) -Password | dev (if not changed in env) -Host | postgres:5432 -External Port | 15432 - - -### Solr - -Setting | Value -------------- | ------------- -Host | solr:8983 -External Port | 18983 -Cores | docker/solr/conf/solr.xml (data dirs are created automatically) - -### Elasticsearch (disabled by default) - -Setting | Value -------------- | ------------- -Host | elasticsearch:9200 and :9300 -External Port | 19200 and 19300 - -### Redis - -Setting | Value -------------- | ------------- -Host | redis -Port | 6379 - -### Memcached - -Setting | Value -------------- | ------------- -Host | memcached -Port | 11211 - -### Mailcatcher - -Setting | Value -------------- | ------------- -Host | mail -SMTP port | 1025 -Web port | 1080 - -### FTP - -Setting | Value -------------- | ------------- -Host | ftp -Ports | 20,21 -User | dev (if not changed in env) -Password | dev (if not changed in env) -Path | /data/ftp (if not changed in env) ## Environment settings @@ -168,16 +85,17 @@ EFFECTIVE_GID | Effective GID for php, fpm und webserver ## Xdebug Remote debugger (PhpStorm) -Add a server (Preferences -> PHP -> Servers): +### 1.) Add a server (Preferences -> Languages & Frameworks -> PHP -> Servers). -Setting | Value ------------------------ | ------------- -Hostname | IP or Hostname of VM -Port | 8000 -Use path mappings | Check -Path mapping of code | /docker/code/ +Setting | Value +---------------------------------| ------------- +Hostname | IP or Hostname of VM +Port | 8000 +Debugger | Xdebug +Use path mappings | Check +Path mapping of folder 'code' | /docker/code/ -Add a debug connection (Run -> Edit -> Connections) and create a new connection. +### 2.) Add a debug connection (Run -> Edit Configurations... -> Connections) and create a new configuration (PHP Web Application). Setting | Value --------------------- | ------------- diff --git a/documentation/DOCKER-STARTUP.md b/documentation/DOCKER-STARTUP.md index 896f38d..b46c6c6 100644 --- a/documentation/DOCKER-STARTUP.md +++ b/documentation/DOCKER-STARTUP.md @@ -15,7 +15,6 @@ docker-compose up -d Now create your project inside the docker boilerplate: - [Create new TYPO3 project](PROJECT-TYPO3.md) -- [Create new Symfony project](PROJECT-SYMFONY.md) - [Create new NEOS project](PROJECT-NEOS.md) - [Running any other php based project](PROJECT-OTHER.md) - [Running existing project](PROJECT-EXISTING.md) diff --git a/documentation/PROJECT-SYMFONY.md b/documentation/PROJECT-SYMFONY.md deleted file mode 100644 index 4d8e7c3..0000000 --- a/documentation/PROJECT-SYMFONY.md +++ /dev/null @@ -1,25 +0,0 @@ -[<-- Back to main section](../README.md) - -# Running SYMFONY - -## Create SYMFONY project - -```bash -make create-project symfony -``` - -And change `DOCUMENT_ROOT` and `DOCUMENT_ROOT` in `docker-env.yml`: - - DOCUMENT_ROOT=code/web/ - DOCUMENT_INDEX=app_dev.php - -## SYMFONY cli runner - -You can run one-shot command inside the `main` service container: - -```bash -docker-compose run --rm main php code/app/console -docker-compose run --rm main bash -``` - -Webserver is available at Port 8000 diff --git a/documentation/SERVICES.md b/documentation/SERVICES.md new file mode 100644 index 0000000..eed775e --- /dev/null +++ b/documentation/SERVICES.md @@ -0,0 +1,83 @@ +[<-- Back to main section](../README.md) + +# Services + +### Web (Nginx or Apache HTTPd) + +Setting | Value +------------- | ------------- +Host | web:80 and web:443 (ssl) +External Port | 8000 and 8443 (ssl) + +### MySQL + +You can choose between [MySQL](https://www.mysql.com/) (default), [MariaDB](https://www.mariadb.org/) +and [PerconaDB](http://www.percona.com/software) in `docker/mysql/Dockerfile` + +Setting | Value +------------- | ------------- +User | dev (if not changed in env) +Password | dev (if not changed in env) +Database | database (if not changed in env) +Host | mysql:3306 +External Port | 13306 + +Access fo MySQL user "root" and "dev" will be allowed from external hosts (eg. for debugging, dumps and other stuff). + + +### PostgreSQL + +Setting | Value +------------- | ------------- +User | dev (if not changed in env) +Password | dev (if not changed in env) +Host | postgres:5432 +External Port | 15432 + + +### Solr + +Setting | Value +------------- | ------------- +Host | solr:8983 +External Port | 18983 +Cores | docker/solr/conf/solr.xml (data dirs are created automatically) + +### Elasticsearch (disabled by default) + +Setting | Value +------------- | ------------- +Host | elasticsearch:9200 and :9300 +External Port | 19200 and 19300 + +### Redis + +Setting | Value +------------- | ------------- +Host | redis +Port | 6379 + +### Memcached + +Setting | Value +------------- | ------------- +Host | memcached +Port | 11211 + +### Mailcatcher + +Setting | Value +------------- | ------------- +Host | mail +SMTP port | 1025 +Web port | 1080 + +### FTP + +Setting | Value +------------- | ------------- +Host | ftp +Ports | 20,21 +User | dev (if not changed in env) +Password | dev (if not changed in env) +Path | /data/ftp (if not changed in env) diff --git a/etc/php/.gitkeep b/etc/php/.gitkeep new file mode 100644 index 0000000..e166442 --- /dev/null +++ b/etc/php/.gitkeep @@ -0,0 +1 @@ +.gitkeep diff --git a/docker/main/conf/php.ini b/etc/php/development.ini similarity index 72% rename from docker/main/conf/php.ini rename to etc/php/development.ini index b3b39c5..d823fcf 100644 --- a/docker/main/conf/php.ini +++ b/etc/php/development.ini @@ -1,5 +1,7 @@ ; this file will overwrite default php.ini settings +display_errors = 1 + short_open_tag = On variables_order = 'GPCS' request_order = 'GP' @@ -12,13 +14,23 @@ max_execution_time = 900 max_input_time = 300 post_max_size = 50M upload_max_filesize = 50M +max_input_vars = 5000 -; timezone will be overwritten in startup, use docker-env.yml date.timezone = Europe/Berlin mysql.default_host = mysql mysqli.default_host = mysql +; Zend OPCache +opcache.enable = 1 +opcache.memory_consumption = 256 +opcache.interned_strings_buffer = 16 +opcache.max_accelerated_files = 10000 +opcache.fast_shutdown = 1 +opcache.enable_cli = 1 +opcache.revalidate_freq = 0 + +; XDebug xdebug.remote_enable = 1 xdebug.remote_connect_back = on xdebug.idekey = "docker" diff --git a/etc/php/production.ini b/etc/php/production.ini new file mode 100644 index 0000000..d457fab --- /dev/null +++ b/etc/php/production.ini @@ -0,0 +1,36 @@ +; this file will overwrite default php.ini settings + +display_errors = 0 + +short_open_tag = On +variables_order = 'GPCS' +request_order = 'GP' + +allow_url_fopen = On +allow_url_include = Off + +memory_limit = 512M +max_execution_time = 900 +max_input_time = 300 +post_max_size = 50M +upload_max_filesize = 50M +max_input_vars = 5000 + +date.timezone = Europe/Berlin + +mysql.default_host = mysql +mysqli.default_host = mysql + +; Zend OPCache +opcache.enable = 1 +opcache.memory_consumption = 256 +opcache.interned_strings_buffer = 16 +opcache.max_accelerated_files = 10000 +opcache.fast_shutdown = 1 +opcache.enable_cli = 1 +opcache.revalidate_freq = 2 +opcache.validate_timestamps = 1 + +; XDebug +xdebug.remote_enable = 0 +xdebug.remote_connect_back = off diff --git a/etc/ssh/.gitkeep b/etc/ssh/.gitkeep new file mode 100644 index 0000000..e69de29