From 503b3214d10691a54be6a35fcf5220c4b7070078 Mon Sep 17 00:00:00 2001 From: tuutti Date: Mon, 9 Dec 2024 13:34:31 +0200 Subject: [PATCH] Local php 8.4 image --- local/drupal/Dockerfile | 31 ++++++++--------- local/drupal/Makefile | 34 ++++++------------- local/drupal/entrypoints/.keep | 0 local/drupal/entrypoints/15-syslog.sh | 11 ------ local/drupal/entrypoints/30-drush-server.sh | 7 ---- .../files/etc/nginx/http.d/custom.locations | 8 ----- .../files/etc/nginx/http.d/default.conf | 9 +++++ .../files/etc/nginx/http.d/ssl-proxy.conf | 18 ++++++++++ 8 files changed, 52 insertions(+), 66 deletions(-) create mode 100644 local/drupal/entrypoints/.keep delete mode 100644 local/drupal/entrypoints/15-syslog.sh delete mode 100755 local/drupal/entrypoints/30-drush-server.sh create mode 100644 local/drupal/files/etc/nginx/http.d/ssl-proxy.conf diff --git a/local/drupal/Dockerfile b/local/drupal/Dockerfile index 878bfc0..1f41fcb 100644 --- a/local/drupal/Dockerfile +++ b/local/drupal/Dockerfile @@ -1,44 +1,41 @@ ARG PHP_VERSION ARG PHP_SHORT_VERSION -FROM druidfi/drupal-web:php-${PHP_VERSION} as base +FROM druidfi/drupal-web:php-${PHP_VERSION} AS base COPY --from=ghcr.io/city-of-helsinki/drupal-oc-cli:latest /usr/bin/oc /usr/bin/oc -RUN sudo apk add --no-cache jq +RUN sudo apk add --no-cache jq openssl RUN sudo composer self-update -# Autostart drush server and syslog services. COPY entrypoints/ /entrypoints - COPY files/ / # Override default fpm pool conf to run nginx and php-fpm as same user. COPY php-fpm-pool.conf /etc/php${PHP_SHORT_VERSION}/php-fpm.d/www.conf -RUN grep -qxF 'xdebug.log' /etc/php${PHP_SHORT_VERSION}/conf.d/xdebug.ini || echo 'xdebug.log=/tmp/xdebug.log' | sudo tee -a /etc/php${PHP_SHORT_VERSION}/conf.d/xdebug.ini && \ - sudo -u root touch /tmp/xdebug.log && \ - sudo chmod 666 /tmp/xdebug.log - # Add druid user to nginx group to prevent permission issues with drush and 'asset://' # files. RUN sudo addgroup druid nginx -ENV SIMPLETEST_DB="mysql://${DRUPAL_DB_USER}:${DRUPAL_DB_PASS}@${DRUPAL_DB_HOST}:${DRUPAL_DB_PORT}/${DRUPAL_DB_NAME}" +RUN sudo -u root touch /tmp/xdebug.log && \ + sudo chmod 666 /tmp/xdebug.log -FROM base as php81 -RUN sudo apk --no-cache --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing \ - --repository=https://dl-cdn.alpinelinux.org/alpine/edge/main \ - --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community add php81-pecl-pcov php81-pecl-imagick +RUN sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ + -subj "/C=FI/ST=Uusimaa/L=Helsinki" \ + -keyout /etc/ssl/private/cert.key \ + -out /etc/ssl/certs/cert.crt -FROM base as php82 +ENV SIMPLETEST_DB="mysql://${DRUPAL_DB_USER}:${DRUPAL_DB_PASS}@${DRUPAL_DB_HOST}:${DRUPAL_DB_PORT}/${DRUPAL_DB_NAME}" + +FROM base AS php83 RUN sudo apk --no-cache --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing \ --repository=https://dl-cdn.alpinelinux.org/alpine/edge/main \ --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community \ - --repository=https://dl-cdn.alpinelinux.org/alpine/edge/releases add php82-pecl-imagick php82-pecl-pcov + --repository=https://dl-cdn.alpinelinux.org/alpine/edge/releases add php83-pecl-imagick php83-pecl-pcov -FROM base as php83 +FROM base AS php84 RUN sudo apk --no-cache --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing \ --repository=https://dl-cdn.alpinelinux.org/alpine/edge/main \ --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community \ - --repository=https://dl-cdn.alpinelinux.org/alpine/edge/releases add php83-pecl-imagick php83-pecl-pcov + --repository=https://dl-cdn.alpinelinux.org/alpine/edge/releases add php84-pecl-imagick php84-pecl-pcov diff --git a/local/drupal/Makefile b/local/drupal/Makefile index 73cc0ae..ffece82 100644 --- a/local/drupal/Makefile +++ b/local/drupal/Makefile @@ -1,44 +1,32 @@ PHONY := REPOSITORY = ghcr.io/city-of-helsinki/drupal-web +PHONY += run-php84-amd64 +run-php84-amd64: + $(call run_image,linux/amd64,php84,8.4,84) + PHONY += run-php83-amd64 run-php83-amd64: $(call run_image,linux/amd64,php83,8.3,83) -PHONY += run-php82-amd64 -run-php82-amd64: - $(call run_image,linux/amd64,php82,8.2,82) - -PHONY += run-php81-amd64 -run-php81-amd64: - $(call run_image,linux/amd64,php81,8.1,81) +PHONY += run-php84-arm64 +run-php84-arm64: + $(call run_image,linux/arm64,php84,8.4,84) PHONY += run-php83-arm64 run-php83-arm64: $(call run_image,linux/arm64,php83,8.3,83) -PHONY += run-php82-arm64 -run-php82-arm64: - $(call run_image,linux/arm64,php82,8.2,82) - -PHONY += run-php81-arm64 -run-php81-arm64: - $(call run_image,linux/arm64,php81,8.1,81) +PHONY += push-php84 +push-php84: + $(call push_image,php84,8.4,84) PHONY += push-php83 push-php83: $(call push_image,php83,8.3,83) -PHONY += push-php82 -push-php82: - $(call push_image,php82,8.2,82) - -PHONY += push-php81 -push-php81: - $(call push_image,php81,8.1,81) - PHONY += push-php -push-php: push-php81 push-php82 push-php83 +push-php: push-php83 push-php84 define run_image docker buildx build --load --platform $(1) --target=$(2) -t $(REPOSITORY):$(3) --build-arg PHP_VERSION=$(3) --build-arg PHP_SHORT_VERSION=$(4) ./ diff --git a/local/drupal/entrypoints/.keep b/local/drupal/entrypoints/.keep new file mode 100644 index 0000000..e69de29 diff --git a/local/drupal/entrypoints/15-syslog.sh b/local/drupal/entrypoints/15-syslog.sh deleted file mode 100644 index 80b90a2..0000000 --- a/local/drupal/entrypoints/15-syslog.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -cd /app - -# @todo Remove this once all projects use monolog. -if ! composer show drupal/monolog -q 2>/dev/null; then - sudo touch /tmp/drupal.log && sudo chmod a+rw /tmp/drupal.log - tail -f /tmp/drupal.log & -else - echo "Found drupal/monolog. Skipping logger entrypoint ..." -fi diff --git a/local/drupal/entrypoints/30-drush-server.sh b/local/drupal/entrypoints/30-drush-server.sh deleted file mode 100755 index c5d1a6e..0000000 --- a/local/drupal/entrypoints/30-drush-server.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -if command -v drush &> /dev/null -then - sleep 5 && drush runserver $SIMPLETEST_BASE_URL --dns & -fi - diff --git a/local/drupal/files/etc/nginx/http.d/custom.locations b/local/drupal/files/etc/nginx/http.d/custom.locations index ce6470c..e69de29 100644 --- a/local/drupal/files/etc/nginx/http.d/custom.locations +++ b/local/drupal/files/etc/nginx/http.d/custom.locations @@ -1,8 +0,0 @@ -location ~* \.(css|cur|js|jpe?g|gif|htc|ico|png|xml|otf|ttf|eot|woff|woff2|svg|mp4|svgz|ogg|ogv|pdf|pptx?|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp|rtf|txt|map)$ { - add_header Access-Control-Allow-Origin "*"; - try_files $uri @rewrite; - expires 1y; - add_header Pragma "cache"; - add_header Cache-Control "public"; - log_not_found off; -} diff --git a/local/drupal/files/etc/nginx/http.d/default.conf b/local/drupal/files/etc/nginx/http.d/default.conf index 9840736..844526b 100644 --- a/local/drupal/files/etc/nginx/http.d/default.conf +++ b/local/drupal/files/etc/nginx/http.d/default.conf @@ -18,6 +18,15 @@ server { # Allow locations to be added without overriding the whole conf. include http.d/custom.locations; + location ~* \.(css|cur|js|jpe?g|gif|htc|ico|png|xml|otf|ttf|eot|woff|woff2|svg|mp4|svgz|ogg|ogv|pdf|pptx?|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp|rtf|txt|map)$ { + add_header Access-Control-Allow-Origin "*"; + try_files $uri @rewrite; + expires 1y; + add_header Pragma "cache"; + add_header Cache-Control "public"; + log_not_found off; + } + # rewriting /index.php to / because after https://www.drupal.org/node/2599326 # autocomplete URLs are forced to go to index.php rewrite ^/index.php / last; diff --git a/local/drupal/files/etc/nginx/http.d/ssl-proxy.conf b/local/drupal/files/etc/nginx/http.d/ssl-proxy.conf new file mode 100644 index 0000000..52c8e9d --- /dev/null +++ b/local/drupal/files/etc/nginx/http.d/ssl-proxy.conf @@ -0,0 +1,18 @@ +server { + listen 443 ssl; + server_name _; + ssl_certificate /etc/ssl/certs/cert.crt; + ssl_certificate_key /etc/ssl/private/cert.key; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + client_max_body_size 32M; + + location / { + proxy_pass http://127.0.0.1:8080; + proxy_redirect off; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Port 443; + proxy_set_header Host app; + } +}