Fix: PHP 8.1.22 -> 8.1.28 alpine 3.16 -> 3.18 + repo 3.13 -> 3.18

Fix: nginx default config not loaded Fix: nginx permissions Test : docker Test: docker Test: docker Fix: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Test: docker Chore: refactor Test: docker
DaVikingCode · Jul 20, 2024 · bdbfe21 · bdbfe21
1 parent a86dc65
commit bdbfe21
Show file tree

Hide file tree

Showing 10 changed files with 1,210 additions and 592 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,14 +1,12 @@
-#FROM node:20.0.0-alpine as node
-FROM node:19.9.0-alpine as node
+FROM node:19.9.0-alpine AS node
 
-FROM php:8.1.22-fpm-alpine3.16 as base
-
-# Setup Working Dir
-WORKDIR /var/www
+# Base image with PHP-FPM
+#FROM php:8.1.22-fpm-alpine3.16 AS base
+FROM php:8.1.28-fpm-alpine3.18 AS base
 
 # Musl for adding locales
-ENV MUSL_LOCALE_DEPS cmake make musl-dev gcc gettext-dev libintl
-ENV MUSL_LOCPATH /usr/share/i18n/locales/musl
+ENV MUSL_LOCALE_DEPS="cmake make musl-dev gcc gettext-dev libintl"
+ENV MUSL_LOCPATH="/usr/share/i18n/locales/musl"
 
 RUN apk add --no-cache \
     $MUSL_LOCALE_DEPS \
@@ -20,8 +18,8 @@ RUN apk add --no-cache \
 
 # Add Repositories
 RUN rm -f /etc/apk/repositories &&\
-    echo "http://dl-cdn.alpinelinux.org/alpine/v3.13/main" >> /etc/apk/repositories && \
-    echo "http://dl-cdn.alpinelinux.org/alpine/v3.13/community" >> /etc/apk/repositories
+    echo "http://dl-cdn.alpinelinux.org/alpine/v3.18/main" >> /etc/apk/repositories && \
+    echo "http://dl-cdn.alpinelinux.org/alpine/v3.18/community" >> /etc/apk/repositories
 
 # Add Build Dependencies
 RUN apk update && apk add --no-cache --virtual .build-deps  \
@@ -90,36 +88,59 @@ RUN docker-php-ext-configure \
     xsl \
     && docker-php-ext-enable \
     imagick \
-    redis && \
-    chown www-data:www-data /usr/sbin/crond && \
-    setcap cap_setgid=ep /usr/sbin/crond
-
-COPY ./config/php.ini $PHP_INI_DIR/conf.d/
-
-# Setup config for supervisor nginx php-fpm crontabs
-RUN mkdir /etc/supervisor.d
-COPY ./config/supervisord-master.ini /etc/supervisor.d/master.ini
-COPY ./config/supervisord.conf /etc/
-
-RUN mkdir /var/log/supervisor/
-RUN touch /var/log/supervisor/supervisord.log
-RUN chown -R www-data:www-data /var/log/supervisor/
-
-COPY ./config/nginx-default.conf /etc/nginx/conf.d/default.conf
+    redis
+
+# Create necessary directories and set permissions
+RUN mkdir -p /var/run/nginx \
+    && mkdir -p /var/run/php-fpm \
+    && mkdir -p /var/run/supervisor \
+    && mkdir -p /var/log/nginx \
+    && mkdir -p /var/log/supervisor \
+    && mkdir -p /var/log/php-fpm \
+    && chown -R www-data:www-data /var/run/nginx \
+    && chown -R www-data:www-data /var/run/php-fpm \
+    && chown -R www-data:www-data /var/run/supervisor \
+    && chown -R www-data:www-data /var/log/nginx \
+    && chown -R www-data:www-data /var/log/supervisor \
+    && chown -R www-data:www-data /var/log/php-fpm \
+    && chown -R www-data:www-data /etc/nginx \
+    && chown -R www-data:www-data /usr/sbin/nginx \
+    && chown -R www-data:www-data /usr/local/sbin/php-fpm \
+    && chown -R www-data:www-data /usr/local/etc/php-fpm.conf \
+    && touch /var/log/php-fpm/php-fpm.log \
+    && chown www-data:www-data /var/log/php-fpm/php-fpm.log \
+    && mkdir -p /run \
+    && chown www-data:www-data /run
+
+# Ensure cron directories exist and have correct permissions
+RUN mkdir -p /etc/cron.d \
+    && mkdir -p /etc/periodic \
+    && touch /etc/crontabs/www-data \
+    && chmod 755 /etc/cron.d \
+    && chmod 755 /etc/periodic \
+    && chown www-data:www-data /etc/cron.d \
+    && chown www-data:www-data /etc/periodic \
+    && chown www-data:www-data /etc/crontabs \
+    && chmod 755 /usr/sbin/crond \
+    && chown www-data:www-data /usr/sbin/crond \
+    && setcap cap_setgid=ep /usr/sbin/crond
+
+# Copy Nginx and Supervisor configuration files
 COPY ./config/nginx.conf /etc/nginx/nginx.conf
+COPY ./config/nginx-default.conf /etc/nginx/conf.d/default.conf
 
-COPY ./config/php-fpm.conf /usr/local/etc/php-fpm.conf.d/www.conf
-COPY ./config/php-fpm.conf /usr/local/etc/php-fpm.d/www.conf
-COPY ./config/php-fpm-docker.conf /usr/local/etc/php-fpm.d/docker.conf
+# Copy Supervisor config files
+COPY ./config/supervisord.conf /etc/supervisord.conf
+COPY ./config/supervisord-master.ini /etc/supervisor.d/master.ini
 
-RUN chmod 755 -R /etc/supervisor.d/ /etc/supervisord.conf  /etc/nginx/ /etc/crontabs/
+# Copy custom PHP-FPM configuration
+COPY ./config/php-fpm.conf /usr/local/etc/php-fpm.conf
 
-# Remove Build Dependencies
-RUN apk del -f .build-deps
+# Copy PHP configuration
+COPY ./config/php.ini /usr/local/etc/php/php.ini
 
-RUN mkdir -p /var/lib/nginx/tmp /var/log/nginx \
-    && chown -R www-data:www-data /var/lib/nginx /var/log/nginx \
-    && chmod -R 755 /var/lib/nginx /var/log/nginx
+# Set permissions
+RUN chown -R www-data:www-data /var/lib/nginx /var/log/nginx /run/nginx /var/log/supervisor /var/run
 
 # Add non root user to the tty group, so we can write to stdout and stderr
 RUN addgroup www-data tty
@@ -140,6 +161,17 @@ COPY --from=node /usr/local/bin /usr/local/bin
 # More info here : https://stackoverflow.com/questions/69417926/docker-error-eacces-permission-denied-mkdir
 ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
 
+# Remove Build Dependencies
+RUN apk del -f .build-deps
+
+# Setup Working Dir
+WORKDIR /var/www
+
+# Switch to www-data user to run services
 USER www-data
 
-CMD ["/usr/bin/supervisord"]
+# Expose ports
+EXPOSE 8080
+
+# Command to run supervisord
+CMD ["supervisord", "-c", "/etc/supervisord.conf"]
diff --git a/bak.Dockerfile b/bak.Dockerfile
@@ -0,0 +1,152 @@
+#FROM node:20.0.0-alpine as node
+FROM node:19.9.0-alpine AS node
+
+#FROM php:8.1.22-fpm-alpine3.16 AS base
+FROM php:8.1.28-fpm-alpine3.18 AS base
+
+# Setup Working Dir
+WORKDIR /var/www
+
+# Musl for adding locales
+ENV MUSL_LOCALE_DEPS="cmake make musl-dev gcc gettext-dev libintl"
+ENV MUSL_LOCPATH="/usr/share/i18n/locales/musl"
+
+RUN apk add --no-cache \
+    $MUSL_LOCALE_DEPS \
+    && wget https://gitlab.com/rilian-la-te/musl-locales/-/archive/master/musl-locales-master.zip \
+    && unzip musl-locales-master.zip \
+      && cd musl-locales-master \
+      && cmake -DLOCALE_PROFILE=OFF -D CMAKE_INSTALL_PREFIX:PATH=/usr . && make && make install \
+      && cd .. && rm -r musl-locales-master
+
+# Add Repositories
+RUN rm -f /etc/apk/repositories &&\
+    echo "http://dl-cdn.alpinelinux.org/alpine/v3.18/main" >> /etc/apk/repositories && \
+    echo "http://dl-cdn.alpinelinux.org/alpine/v3.18/community" >> /etc/apk/repositories
+
+# Add Build Dependencies
+RUN apk update && apk add --no-cache --virtual .build-deps  \
+    zlib-dev \
+    libjpeg-turbo-dev \
+    libpng-dev \
+    python3 \
+    gcc \
+    clang \
+    llvm \
+    libxml2-dev \
+    bzip2-dev
+
+# Add Production Dependencies
+RUN apk add --update --no-cache \
+    bash \
+    jq \
+    nano \
+    git \
+    openssh \
+    pcre-dev ${PHPIZE_DEPS} \
+    jpegoptim \
+    pngquant \
+    optipng \
+    supervisor \
+    nginx \
+    dcron \
+    libcap \
+    icu-dev \
+    freetype-dev \
+    postgresql-dev \
+    postgresql-client \
+    zip \
+    libzip-dev \
+    less \
+    imagemagick \
+    libxslt-dev \
+    exiftool \
+    imagemagick-dev \
+    chromium \
+    && pecl install redis \
+    && pecl install -o -f imagick
+
+# Configure & Install Extension
+RUN docker-php-ext-configure \
+    opcache --enable-opcache &&\
+    docker-php-ext-configure gd --with-jpeg=/usr/include/ --with-freetype=/usr/include/ && \
+    docker-php-ext-configure pgsql -with-pgsql=/usr/local/pgsql &&\
+    docker-php-ext-configure zip && \
+    docker-php-ext-install \
+    opcache \
+    mysqli \
+    pgsql \
+    pdo \
+    pdo_mysql \
+    pdo_pgsql \
+    sockets \
+    intl \
+    gd \
+    xml \
+    bz2 \
+    pcntl \
+    bcmath \
+    exif \
+    zip \
+    xsl \
+    && docker-php-ext-enable \
+    imagick \
+    redis && \
+    chown www-data:www-data /usr/sbin/crond && \
+    setcap cap_setgid=ep /usr/sbin/crond
+
+COPY ./config/php.ini $PHP_INI_DIR/conf.d/
+
+# Setup config for supervisor nginx php-fpm crontabs
+RUN mkdir /etc/supervisor.d
+COPY ./config/supervisord-master.ini /etc/supervisor.d/master.ini
+COPY ./config/supervisord.conf /etc/
+
+RUN mkdir /var/log/supervisor/
+RUN touch /var/log/supervisor/supervisord.log
+RUN chown -R www-data:www-data /var/log/supervisor/
+
+COPY ./config/nginx-default.conf /etc/nginx/conf.d/default.conf
+COPY ./config/nginx.conf /etc/nginx/nginx.conf
+
+# Tests
+#RUN chmod -R 777 /etc/nginx/
+#RUN chown www-data:www-data /etc/nginx/conf.d/default.conf
+#RUN chown www-data:www-data /etc/nginx/nginx.conf
+
+COPY ./config/php-fpm.conf /usr/local/etc/php-fpm.conf.d/www.conf
+COPY ./config/php-fpm.conf /usr/local/etc/php-fpm.d/www.conf
+COPY ./config/php-fpm-docker.conf /usr/local/etc/php-fpm.d/docker.conf
+
+RUN chmod 755 -R /etc/supervisor.d/ /etc/supervisord.conf  /etc/nginx/ /etc/crontabs/
+
+# Remove Build Dependencies
+RUN apk del -f .build-deps
+
+RUN mkdir -p /var/lib/nginx/tmp /var/log/nginx \
+    && chown -R www-data:www-data /var/lib/nginx /var/log/nginx /etc/nginx \
+    && chmod -R 755 /var/lib/nginx /var/log/nginx /etc/nginx
+
+# Add non root user to the tty group, so we can write to stdout and stderr
+RUN addgroup www-data tty
+
+# Install Composer
+RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
+
+# Install Node
+COPY --from=node /usr/lib /usr/lib
+COPY --from=node /usr/local/share /usr/local/share
+COPY --from=node /usr/local/lib /usr/local/lib
+COPY --from=node /usr/local/include /usr/local/include
+COPY --from=node /usr/local/bin /usr/local/bin
+
+# Puppeteer npm configuration.
+# It uses apk installed Chromium "/usr/bin/chromium-browser", tell Puppeteer to not install local Chromium which takes time.
+# Compatible version = Puppeteer 10.0.0. Install in project with "npm install [email protected]".
+# More info here : https://stackoverflow.com/questions/69417926/docker-error-eacces-permission-denied-mkdir
+ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
+
+USER www-data
+
+#CMD ["/usr/bin/supervisord"]
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
diff --git a/config/nginx-default.conf.bak b/config/nginx-default.conf.bak
@@ -0,0 +1,110 @@
+fastcgi_cache_path /dev/shm levels=1:2 keys_zone=laravel:100m;
+fastcgi_cache_key "$scheme$request_method$host$request_uri$query_string";
+
+map $http_x_forwarded_proto $fastcgi_param_https_variable {
+        default '';
+        https 'on';
+}
+
+error_log stderr;
+
+server {
+    access_log /dev/stdout;
+
+    listen 8080 default_server;
+    server_name _;
+
+    index index.php index.html;
+    root /var/www/public;
+
+    #client_max_body_size 20M;
+    client_max_body_size 4G;
+
+    # Compression
+
+    # Enable Gzip compressed.
+    gzip on;
+
+    # Enable compression both for HTTP/1.0 and HTTP/1.1.
+    gzip_http_version  1.1;
+
+    # Compression level (1-9).
+    # 5 is a perfect compromise between size and cpu usage, offering about
+    # 75% reduction for most ascii files (almost identical to level 9).
+    gzip_comp_level    5;
+
+    # Don't compress anything that's already small and unlikely to shrink much
+    # if at all (the default is 20 bytes, which is bad as that usually leads to
+    # larger files after gzipping).
+    gzip_min_length    256;
+
+    # Compress data even for clients that are connecting to us via proxies,
+    # identified by the "Via" header (required for CloudFront).
+    gzip_proxied       any;
+
+    # Tell proxies to cache both the gzipped and regular version of a resource
+    # whenever the client's Accept-Encoding capabilities header varies;
+    # Avoids the issue where a non-gzip capable client (which is extremely rare
+    # today) would display gibberish if their proxy gave them the gzipped version.
+    gzip_vary          on;
+
+    # Compress all output labeled with one of the following MIME-types.
+    gzip_types
+      application/atom+xml
+      application/javascript
+      application/json
+      application/rss+xml
+      application/vnd.ms-fontobject
+      application/x-font-ttf
+      application/x-web-app-manifest+json
+      application/xhtml+xml
+      application/xml
+      font/opentype
+      image/svg+xml
+      image/x-icon
+      image/jpeg
+      image/png
+      text/css
+      text/plain
+      text/x-component;
+      # text/html is always compressed by HttpGzipModule
+
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location ~ \.php$ {
+        root /var/www/public;
+        fastcgi_cache off;
+        fastcgi_cache_valid 200 204 1m;
+        fastcgi_ignore_headers Cache-Control;
+        fastcgi_no_cache $http_authorization $cookie_laravel_session;
+        fastcgi_cache_lock on;
+        fastcgi_cache_lock_timeout 10s;
+
+        # Bigger buffer size to handle cache invalidation headers expansion
+        fastcgi_buffer_size 32k;
+        fastcgi_buffers 8 16k;
+
+
+        add_header X-Proxy-Cache $upstream_cache_status;
+
+        fastcgi_pass   localhost:9000;
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param HTTPS $fastcgi_param_https_variable;
+        fastcgi_read_timeout 900s;
+        include        fastcgi_params;
+    }
+
+    location ~* \.(jpg|jpeg|png|gif|ico|css|js|eot|ttf|woff|woff2)$ {
+        expires max;
+        add_header Cache-Control public;
+        add_header Access-Control-Allow-Origin *;
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+}