diff --git a/.examples/docker-compose/insecure/smtp/apache/db.env b/.examples/docker-compose/insecure/smtp/apache/db.env new file mode 100644 index 0000000..17c0d1e --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/apache/db.env @@ -0,0 +1,5 @@ +MYSQL_PASSWORD= +MYSQL_DATABASE=friendica +MYSQL_USER=friendica +MYSQL_HOST=db +MYSQL_PORT=3306 \ No newline at end of file diff --git a/.examples/docker-compose/insecure/smtp/apache/docker-compose.yml b/.examples/docker-compose/insecure/smtp/apache/docker-compose.yml new file mode 100644 index 0000000..892fc2a --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/apache/docker-compose.yml @@ -0,0 +1,67 @@ +version: '2.1' +services: + + db: + image: mariadb + restart: always + volumes: + - db:/var/lib/mysql/ + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=yes + env_file: + - db.env + + app: + image: friendica + restart: always + volumes: + - friendica:/var/www/html + environment: + - FRIENDICA_ADMIN_MAIL= + - FRIENDICA_TZ= + - FRIENDICA_LANG= + - FRIENDICA_URL= + - FRIENDICA_SITENAME= + - SMTP=smtp.office365.com + - SMTP_PORT=587 + - SMTP_DOMAIN=hotmail.com + - SMTP_FROM=user + - SMTP_TLS=true + - SMTP_STARTTLS=true + - SMTP_AUTH=on + - SMTP_AUTH_USER=xxx@hotmail.com + - SMTP_AUTH_PASS=password + env_file: + - db.env + depends_on: + - db + ports: + - "80:80" + + cron: + image: friendica + restart: always + volumes: + - friendica:/var/www/html + entrypoint: /cron.sh + environment: + - FRIENDICA_ADMIN_MAIL= + - FRIENDICA_TZ= + - SMTP=smtp.office365.com + - SMTP_PORT=587 + - SMTP_DOMAIN=hotmail.com + - SMTP_FROM=user + - SMTP_TLS=true + - SMTP_STARTTLS=true + - SMTP_AUTH=on + - SMTP_AUTH_USER=xxx@hotmail.com + - SMTP_AUTH_PASS=password + depends_on: + - app + - db + env_file: + - db.env + +volumes: + db: + friendica: diff --git a/.examples/docker-compose/insecure/smtp/fpm-alpine/db.env b/.examples/docker-compose/insecure/smtp/fpm-alpine/db.env new file mode 100644 index 0000000..17c0d1e --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/fpm-alpine/db.env @@ -0,0 +1,5 @@ +MYSQL_PASSWORD= +MYSQL_DATABASE=friendica +MYSQL_USER=friendica +MYSQL_HOST=db +MYSQL_PORT=3306 \ No newline at end of file diff --git a/.examples/docker-compose/insecure/smtp/fpm-alpine/docker-compose.yml b/.examples/docker-compose/insecure/smtp/fpm-alpine/docker-compose.yml new file mode 100644 index 0000000..cb97d23 --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/fpm-alpine/docker-compose.yml @@ -0,0 +1,74 @@ +version: '2.1' +services: + + db: + image: mariadb + restart: always + volumes: + - db:/var/lib/mysql/ + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=yes + env_file: + - db.env + + app: + image: friendica:fpm-alpine + restart: always + volumes: + - friendica:/var/www/html + environment: + - FRIENDICA_ADMIN_MAIL= + - FRIENDICA_TZ= + - FRIENDICA_LANG= + - FRIENDICA_URL= + - FRIENDICA_SITENAME= + - SMTP=smtp.office365.com + - SMTP_PORT=587 + - SMTP_DOMAIN=hotmail.com + - SMTP_FROM=user + - SMTP_TLS=true + - SMTP_STARTTLS=true + - SMTP_AUTH=on + - SMTP_AUTH_USER=xxx@hotmail.com + - SMTP_AUTH_PASS=password + env_file: + - db.env + depends_on: + - db + + cron: + image: friendica:fpm-alpine + restart: always + volumes: + - friendica:/var/www/html + environment: + - FRIENDICA_ADMIN_MAIL= + - FRIENDICA_TZ= + - SMTP=smtp.office365.com + - SMTP_PORT=587 + - SMTP_DOMAIN=hotmail.com + - SMTP_FROM=user + - SMTP_TLS=true + - SMTP_STARTTLS=true + - SMTP_AUTH=on + - SMTP_AUTH_USER=xxx@hotmail.com + - SMTP_AUTH_PASS=password + entrypoint: /cron.sh + depends_on: + - db + - app + + web: + image: nginx + restart: always + volumes: + - friendica:/var/www/html:ro + - ./web/nginx.conf:/etc/nginx/nginx.conf:ro + depends_on: + - app + ports: + - "80:80" + +volumes: + db: + friendica: diff --git a/.examples/docker-compose/insecure/smtp/fpm-alpine/web/nginx.conf b/.examples/docker-compose/insecure/smtp/fpm-alpine/web/nginx.conf new file mode 100644 index 0000000..c168621 --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/fpm-alpine/web/nginx.conf @@ -0,0 +1,109 @@ +## +# Friendica Nginx configuration +# by Olaf Conradi, modified by Philipp Holzer +# +worker_processes 4; + +events { + worker_connections 1024; +} + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +http { + charset utf-8; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + # If behind reverse proxy, forwards the correct IP + set_real_ip_from 10.0.0.0/8; + set_real_ip_from 172.16.0.0/12; + set_real_ip_from 192.168.0.0/16; + set_real_ip_from fc00::/7; + real_ip_header X-Real-IP; + + upstream php-handler { + server app:9000; + } + + server { + listen 80; + server_name friendica.local; + + index index.php; + + root /var/www/html; + #Uncomment the following line to include a standard configuration file + #Note that the most specific rule wins and your standard configuration + #will therefore *add* to this file, but not override it. + #include standard.conf + # allow uploads up to 20MB in size + client_max_body_size 20m; + client_body_buffer_size 128k; + + # rewrite to front controller as default rule + location / { + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php?pagename=$1; + } + } + # make sure webfinger and other well known services aren't blocked + # by denying dot files and rewrite request to the front controller + location ^~ /.well-known/ { + allow all; + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php?pagename=$1; + } + } + + # statically serve these file types when possible + # otherwise fall back to front controller + # allow browser to cache them + # added .htm for advanced source code editor library + #location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ { + # expires 30d; + # try_files $uri /index.php?pagename=$uri&$args; + #} + + include mime.types; + + # block these file types + location ~* \.(tpl|md|tgz|log|out)$ { + deny all; + } + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # or a unix socket + location ~* \.php$ { + # Zero-day exploit defense. + # http://forum.nginx.org/read.php?2,88845,page=3 + # Won't work properly (404 error) if the file is not stored on this + # server, which is entirely possible with php-fpm/php-fcgi. + # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on + # another machine. And then cross your fingers that you won't get hacked. + try_files $uri =404; + + # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini + fastcgi_split_path_info ^(.+\.php)(/.+)$; + + fastcgi_pass php-handler; + + include fastcgi_params; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + + # deny access to all dot files + location ~ /\. { + deny all; + } + } +} \ No newline at end of file diff --git a/.examples/docker-compose/insecure/smtp/fpm/db.env b/.examples/docker-compose/insecure/smtp/fpm/db.env new file mode 100644 index 0000000..17c0d1e --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/fpm/db.env @@ -0,0 +1,5 @@ +MYSQL_PASSWORD= +MYSQL_DATABASE=friendica +MYSQL_USER=friendica +MYSQL_HOST=db +MYSQL_PORT=3306 \ No newline at end of file diff --git a/.examples/docker-compose/insecure/smtp/fpm/docker-compose.yml b/.examples/docker-compose/insecure/smtp/fpm/docker-compose.yml new file mode 100644 index 0000000..a0a9748 --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/fpm/docker-compose.yml @@ -0,0 +1,74 @@ +version: '2.1' +services: + + db: + image: mariadb + restart: always + volumes: + - db:/var/lib/mysql/ + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=yes + env_file: + - db.env + + app: + image: friendica:fpm + restart: always + volumes: + - friendica:/var/www/html + environment: + - FRIENDICA_ADMIN_MAIL= + - FRIENDICA_TZ= + - FRIENDICA_LANG= + - FRIENDICA_URL= + - FRIENDICA_SITENAME= + - SMTP=smtp.office365.com + - SMTP_PORT=587 + - SMTP_DOMAIN=hotmail.com + - SMTP_FROM=user + - SMTP_TLS=true + - SMTP_STARTTLS=true + - SMTP_AUTH=on + - SMTP_AUTH_USER=xxx@hotmail.com + - SMTP_AUTH_PASS=password + env_file: + - db.env + depends_on: + - db + + cron: + image: friendica:fpm + restart: always + volumes: + - friendica:/var/www/html + environment: + - FRIENDICA_ADMIN_MAIL= + - FRIENDICA_TZ= + - SMTP=smtp.office365.com + - SMTP_PORT=587 + - SMTP_DOMAIN=hotmail.com + - SMTP_FROM=user + - SMTP_TLS=true + - SMTP_STARTTLS=true + - SMTP_AUTH=on + - SMTP_AUTH_USER=xxx@hotmail.com + - SMTP_AUTH_PASS=password + entrypoint: /cron.sh + depends_on: + - db + - app + + web: + image: nginx + restart: always + volumes: + - friendica:/var/www/html:ro + - ./web/nginx.conf:/etc/nginx/nginx.conf:ro + depends_on: + - app + ports: + - "80:80" + +volumes: + db: + friendica: diff --git a/.examples/docker-compose/insecure/smtp/fpm/web/nginx.conf b/.examples/docker-compose/insecure/smtp/fpm/web/nginx.conf new file mode 100644 index 0000000..c168621 --- /dev/null +++ b/.examples/docker-compose/insecure/smtp/fpm/web/nginx.conf @@ -0,0 +1,109 @@ +## +# Friendica Nginx configuration +# by Olaf Conradi, modified by Philipp Holzer +# +worker_processes 4; + +events { + worker_connections 1024; +} + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +http { + charset utf-8; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + # If behind reverse proxy, forwards the correct IP + set_real_ip_from 10.0.0.0/8; + set_real_ip_from 172.16.0.0/12; + set_real_ip_from 192.168.0.0/16; + set_real_ip_from fc00::/7; + real_ip_header X-Real-IP; + + upstream php-handler { + server app:9000; + } + + server { + listen 80; + server_name friendica.local; + + index index.php; + + root /var/www/html; + #Uncomment the following line to include a standard configuration file + #Note that the most specific rule wins and your standard configuration + #will therefore *add* to this file, but not override it. + #include standard.conf + # allow uploads up to 20MB in size + client_max_body_size 20m; + client_body_buffer_size 128k; + + # rewrite to front controller as default rule + location / { + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php?pagename=$1; + } + } + # make sure webfinger and other well known services aren't blocked + # by denying dot files and rewrite request to the front controller + location ^~ /.well-known/ { + allow all; + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php?pagename=$1; + } + } + + # statically serve these file types when possible + # otherwise fall back to front controller + # allow browser to cache them + # added .htm for advanced source code editor library + #location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ { + # expires 30d; + # try_files $uri /index.php?pagename=$uri&$args; + #} + + include mime.types; + + # block these file types + location ~* \.(tpl|md|tgz|log|out)$ { + deny all; + } + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # or a unix socket + location ~* \.php$ { + # Zero-day exploit defense. + # http://forum.nginx.org/read.php?2,88845,page=3 + # Won't work properly (404 error) if the file is not stored on this + # server, which is entirely possible with php-fpm/php-fcgi. + # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on + # another machine. And then cross your fingers that you won't get hacked. + try_files $uri =404; + + # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini + fastcgi_split_path_info ^(.+\.php)(/.+)$; + + fastcgi_pass php-handler; + + include fastcgi_params; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + + # deny access to all dot files + location ~ /\. { + deny all; + } + } +} \ No newline at end of file diff --git a/.travis/test-entrypoint.sh b/.travis/test-entrypoint.sh deleted file mode 100755 index 22f1759..0000000 --- a/.travis/test-entrypoint.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/sh -set -eu - -# copy of see .docker-files/entrypoint.sh - testing all versions -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - - -if ! version_greater "2019.06" "2019.06-rc"; then - exit 1; -fi -if ! version_greater "2019.06" "2019.04-rc"; then - exit 1; -fi -if version_greater "2019.06-rc" "2019.06"; then - exit 1; -fi -if version_greater "2019.04" "2019.06"; then - exit 1; -fi -if ! version_greater "2019.06" "2019.04"; then - exit 1; -fi -if ! version_greater "2019.07" "2019.06-rc"; then - exit 1; -fi -if version_greater "2019.05" "2019.06-rc"; then - exit 1; -fi -if version_greater "2019.05-dev" "2019.05"; then - exit 1; -fi -if ! version_greater "2019.05" "2019.05-dev"; then - exit 1; -fi -if ! version_greater "2020.07-1" "2020.07"; then - exit 1; -fi -if ! version_greater "2020.07-2" "2020.07-1"; then - exit 1; -fi -if ! version_greater "2020.07-1" "2020.07-dev"; then - exit 1; -fi -if ! version_greater "2020.09-rc" "2020.09-dev"; then - exit 1 -fi -if version_greater "2020.06-rc" "2020.09-dev"; then - exit 1; -fi diff --git a/.travis/test-example-dockerfiles.sh b/.travis/test-example-dockerfiles.sh deleted file mode 100755 index eb11eca..0000000 --- a/.travis/test-example-dockerfiles.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -set -e - -image="$1" - -cd .examples/dockerfiles - -dirs=( */ ) -dirs=( "${dirs[@]%/}" ) -for dir in "${dirs[@]}"; do - if [ -d "$dir/$VARIANT" ]; then - ( - cd "$dir/$VARIANT" - sed -ri -e 's|^FROM .*|FROM '"$image"'|g' 'Dockerfile' - docker build -t "$image-$dir" . - ~/official-images/test/run.sh "$image-$dir" - ) - fi -done \ No newline at end of file diff --git a/2020.09/apache/Dockerfile b/2020.09/apache/Dockerfile deleted file mode 100644 index f9d1b1e..0000000 --- a/2020.09/apache/Dockerfile +++ /dev/null @@ -1,156 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-debian.template -FROM php:7.3-apache-buster - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - rsync \ - bzip2 \ - git \ -# For mail() support - msmtp \ -# For tini installation - gnupg dirmngr \ - ; \ - rm -rf /var/lib/apt/lists/*; - -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - mariadb-client \ - bash \ - libpng-dev \ - libjpeg62-turbo-dev \ - libtool \ - libmagick++-dev \ - libmemcached-dev \ - libgraphicsmagick1-dev \ - libfreetype6-dev \ - librsvg2-2 \ - libzip-dev \ - libldap2-dev \ - ; \ - \ - debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - docker-php-ext-configure ldap \ - --with-libdir=lib/$debMultiarch/ \ - ;\ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - ctype \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install apcu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ - | awk '/=>/ { print $3 }' \ - | sort -u \ - | xargs -r dpkg-query -S \ - | cut -d: -f1 \ - | sort -u \ - | xargs -rt apt-mark manual; \ - \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - -RUN set -ex;\ - a2enmod rewrite remoteip ;\ - {\ - echo RemoteIPHeader X-Real-IP ;\ - echo RemoteIPTrustedProxy 10.0.0.0/8 ;\ - echo RemoteIPTrustedProxy 172.16.0.0/12 ;\ - echo RemoteIPTrustedProxy 192.168.0.0/16 ;\ - } > /etc/apache2/conf-available/remoteip.conf;\ - a2enconf remoteip - -ENV FRIENDICA_VERSION "2020.09-1" -ENV FRIENDICA_ADDONS "2020.09-1" - -RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ - "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ - mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ - chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ - mkdir -p /usr/src/friendica/proxy; \ - mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["apache2-foreground"] diff --git a/2020.09/fpm/Dockerfile b/2020.09/fpm/Dockerfile deleted file mode 100644 index 742d659..0000000 --- a/2020.09/fpm/Dockerfile +++ /dev/null @@ -1,147 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-debian.template -FROM php:7.3-fpm-buster - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - rsync \ - bzip2 \ - git \ -# For mail() support - msmtp \ -# For tini installation - gnupg dirmngr \ - ; \ - rm -rf /var/lib/apt/lists/*; - -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - mariadb-client \ - bash \ - libpng-dev \ - libjpeg62-turbo-dev \ - libtool \ - libmagick++-dev \ - libmemcached-dev \ - libgraphicsmagick1-dev \ - libfreetype6-dev \ - librsvg2-2 \ - libzip-dev \ - libldap2-dev \ - ; \ - \ - debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - docker-php-ext-configure ldap \ - --with-libdir=lib/$debMultiarch/ \ - ;\ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - ctype \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install apcu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ - | awk '/=>/ { print $3 }' \ - | sort -u \ - | xargs -r dpkg-query -S \ - | cut -d: -f1 \ - | sort -u \ - | xargs -rt apt-mark manual; \ - \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - - -ENV FRIENDICA_VERSION "2020.09-1" -ENV FRIENDICA_ADDONS "2020.09-1" - -RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ - "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ - mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ - chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ - mkdir -p /usr/src/friendica/proxy; \ - mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["php-fpm"] diff --git a/2021.01/apache/Dockerfile b/2021.01/apache/Dockerfile deleted file mode 100644 index e4f47da..0000000 --- a/2021.01/apache/Dockerfile +++ /dev/null @@ -1,156 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-debian.template -FROM php:7.3-apache-buster - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - rsync \ - bzip2 \ - git \ -# For mail() support - msmtp \ -# For tini installation - gnupg dirmngr \ - ; \ - rm -rf /var/lib/apt/lists/*; - -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - mariadb-client \ - bash \ - libpng-dev \ - libjpeg62-turbo-dev \ - libtool \ - libmagick++-dev \ - libmemcached-dev \ - libgraphicsmagick1-dev \ - libfreetype6-dev \ - librsvg2-2 \ - libzip-dev \ - libldap2-dev \ - ; \ - \ - debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - docker-php-ext-configure ldap \ - --with-libdir=lib/$debMultiarch/ \ - ;\ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - ctype \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install apcu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ - | awk '/=>/ { print $3 }' \ - | sort -u \ - | xargs -r dpkg-query -S \ - | cut -d: -f1 \ - | sort -u \ - | xargs -rt apt-mark manual; \ - \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - -RUN set -ex;\ - a2enmod rewrite remoteip ;\ - {\ - echo RemoteIPHeader X-Real-IP ;\ - echo RemoteIPTrustedProxy 10.0.0.0/8 ;\ - echo RemoteIPTrustedProxy 172.16.0.0/12 ;\ - echo RemoteIPTrustedProxy 192.168.0.0/16 ;\ - } > /etc/apache2/conf-available/remoteip.conf;\ - a2enconf remoteip - -ENV FRIENDICA_VERSION "2021.01" -ENV FRIENDICA_ADDONS "2021.01" - -RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ - "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ - mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ - chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ - mkdir -p /usr/src/friendica/proxy; \ - mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["apache2-foreground"] diff --git a/2021.01/fpm-alpine/Dockerfile b/2021.01/fpm-alpine/Dockerfile deleted file mode 100644 index 9dfc0a3..0000000 --- a/2021.01/fpm-alpine/Dockerfile +++ /dev/null @@ -1,122 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-alpine.template -FROM php:7.3-fpm-alpine - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - apk add --no-cache \ - rsync \ - git \ -# For mail() support - msmtp \ - shadow \ - tini; - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - apk add --no-cache --virtual .build-deps \ - mariadb-client \ - bash \ - $PHPIZE_DEPS \ - libpng-dev \ - libjpeg-turbo-dev \ - imagemagick-dev \ - libtool \ - libmemcached-dev \ - cyrus-sasl-dev \ - libjpeg-turbo-dev \ - freetype-dev \ - librsvg \ - pcre-dev \ - libzip-dev \ - icu-dev \ - openldap-dev \ - ; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - \ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install APCu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ - runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )"; \ - apk add --no-network --virtual .friendica-phpext-rundeps $runDeps; \ - apk del --no-network .build-deps; - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - - -ENV FRIENDICA_VERSION "2021.01" -ENV FRIENDICA_ADDONS "2021.01" - -RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ - "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ - mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ - chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ - mkdir -p /usr/src/friendica/proxy; \ - mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["php-fpm"] diff --git a/2021.01/fpm-alpine/cron.sh b/2021.01/fpm-alpine/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.01/fpm-alpine/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.01/fpm-alpine/upgrade.exclude b/2021.01/fpm-alpine/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.01/fpm-alpine/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.01/fpm/cron.sh b/2021.01/fpm/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.01/fpm/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.01/fpm/upgrade.exclude b/2021.01/fpm/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.01/fpm/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.04/apache/config/00apcu.config.php b/2021.04/apache/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.04/apache/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.04/apache/config/01redis.config.php b/2021.04/apache/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.04/apache/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.04/apache/config/zz-docker.config.php b/2021.04/apache/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.04/apache/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.04/apache/cron.sh b/2021.04/apache/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.04/apache/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.04/apache/entrypoint.sh b/2021.04/apache/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.04/apache/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.04/apache/setup_msmtp.sh b/2021.04/apache/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.04/apache/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.04/apache/upgrade.exclude b/2021.04/apache/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.04/apache/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.04/fpm-alpine/Dockerfile b/2021.04/fpm-alpine/Dockerfile deleted file mode 100644 index 976ec36..0000000 --- a/2021.04/fpm-alpine/Dockerfile +++ /dev/null @@ -1,122 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-alpine.template -FROM php:7.3-fpm-alpine - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - apk add --no-cache \ - rsync \ - git \ -# For mail() support - msmtp \ - shadow \ - tini; - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - apk add --no-cache --virtual .build-deps \ - mariadb-client \ - bash \ - $PHPIZE_DEPS \ - libpng-dev \ - libjpeg-turbo-dev \ - imagemagick-dev \ - libtool \ - libmemcached-dev \ - cyrus-sasl-dev \ - libjpeg-turbo-dev \ - freetype-dev \ - librsvg \ - pcre-dev \ - libzip-dev \ - icu-dev \ - openldap-dev \ - ; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - \ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install APCu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ - runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )"; \ - apk add --no-network --virtual .friendica-phpext-rundeps $runDeps; \ - apk del --no-network .build-deps; - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - - -ENV FRIENDICA_VERSION "2021.04" -ENV FRIENDICA_ADDONS "2021.04" - -RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ - "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ - mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ - chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ - mkdir -p /usr/src/friendica/proxy; \ - mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["php-fpm"] diff --git a/2021.04/fpm-alpine/config/00apcu.config.php b/2021.04/fpm-alpine/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.04/fpm-alpine/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.04/fpm-alpine/config/01redis.config.php b/2021.04/fpm-alpine/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.04/fpm-alpine/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.04/fpm-alpine/config/zz-docker.config.php b/2021.04/fpm-alpine/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.04/fpm-alpine/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.04/fpm-alpine/cron.sh b/2021.04/fpm-alpine/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.04/fpm-alpine/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.04/fpm-alpine/entrypoint.sh b/2021.04/fpm-alpine/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.04/fpm-alpine/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.04/fpm-alpine/setup_msmtp.sh b/2021.04/fpm-alpine/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.04/fpm-alpine/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.04/fpm-alpine/upgrade.exclude b/2021.04/fpm-alpine/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.04/fpm-alpine/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.04/fpm/Dockerfile b/2021.04/fpm/Dockerfile deleted file mode 100644 index cc46715..0000000 --- a/2021.04/fpm/Dockerfile +++ /dev/null @@ -1,147 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-debian.template -FROM php:7.3-fpm-buster - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - rsync \ - bzip2 \ - git \ -# For mail() support - msmtp \ -# For tini installation - gnupg dirmngr \ - ; \ - rm -rf /var/lib/apt/lists/*; - -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - mariadb-client \ - bash \ - libpng-dev \ - libjpeg62-turbo-dev \ - libtool \ - libmagick++-dev \ - libmemcached-dev \ - libgraphicsmagick1-dev \ - libfreetype6-dev \ - librsvg2-2 \ - libzip-dev \ - libldap2-dev \ - ; \ - \ - debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - docker-php-ext-configure ldap \ - --with-libdir=lib/$debMultiarch/ \ - ;\ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - ctype \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install apcu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ - | awk '/=>/ { print $3 }' \ - | sort -u \ - | xargs -r dpkg-query -S \ - | cut -d: -f1 \ - | sort -u \ - | xargs -rt apt-mark manual; \ - \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - - -ENV FRIENDICA_VERSION "2021.04" -ENV FRIENDICA_ADDONS "2021.04" - -RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ - "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ - mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ - chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ - mkdir -p /usr/src/friendica/proxy; \ - mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint.sh"] -CMD ["php-fpm"] diff --git a/2021.04/fpm/config/00apcu.config.php b/2021.04/fpm/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.04/fpm/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.04/fpm/config/01redis.config.php b/2021.04/fpm/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.04/fpm/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.04/fpm/config/zz-docker.config.php b/2021.04/fpm/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.04/fpm/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.04/fpm/cron.sh b/2021.04/fpm/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.04/fpm/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.04/fpm/entrypoint.sh b/2021.04/fpm/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.04/fpm/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.04/fpm/setup_msmtp.sh b/2021.04/fpm/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.04/fpm/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.04/fpm/upgrade.exclude b/2021.04/fpm/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.04/fpm/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.06-dev/apache/Dockerfile b/2021.06-dev/apache/Dockerfile deleted file mode 100644 index 368326e..0000000 --- a/2021.06-dev/apache/Dockerfile +++ /dev/null @@ -1,143 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-debian.template -FROM php:7.3-apache-buster - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - rsync \ - bzip2 \ - git \ -# For mail() support - msmtp \ -# For tini installation - gnupg dirmngr \ - ; \ - rm -rf /var/lib/apt/lists/*; - -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - mariadb-client \ - bash \ - libpng-dev \ - libjpeg62-turbo-dev \ - libtool \ - libmagick++-dev \ - libmemcached-dev \ - libgraphicsmagick1-dev \ - libfreetype6-dev \ - librsvg2-2 \ - libzip-dev \ - libldap2-dev \ - ; \ - \ - debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - docker-php-ext-configure ldap \ - --with-libdir=lib/$debMultiarch/ \ - ;\ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - ctype \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install apcu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ - | awk '/=>/ { print $3 }' \ - | sort -u \ - | xargs -r dpkg-query -S \ - | cut -d: -f1 \ - | sort -u \ - | xargs -rt apt-mark manual; \ - \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - -RUN set -ex;\ - a2enmod rewrite remoteip ;\ - {\ - echo RemoteIPHeader X-Real-IP ;\ - echo RemoteIPTrustedProxy 10.0.0.0/8 ;\ - echo RemoteIPTrustedProxy 172.16.0.0/12 ;\ - echo RemoteIPTrustedProxy 192.168.0.0/16 ;\ - } > /etc/apache2/conf-available/remoteip.conf;\ - a2enconf remoteip - -ENV FRIENDICA_VERSION "2021.06-dev" -ENV FRIENDICA_ADDONS "2021.06-dev" - - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint-dev.sh"] -CMD ["apache2-foreground"] diff --git a/2021.06-dev/apache/config/00apcu.config.php b/2021.06-dev/apache/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.06-dev/apache/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.06-dev/apache/config/01redis.config.php b/2021.06-dev/apache/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.06-dev/apache/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.06-dev/apache/config/zz-docker.config.php b/2021.06-dev/apache/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.06-dev/apache/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.06-dev/apache/cron.sh b/2021.06-dev/apache/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.06-dev/apache/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.06-dev/apache/entrypoint-dev.sh b/2021.06-dev/apache/entrypoint-dev.sh deleted file mode 100755 index 08c3c13..0000000 --- a/2021.06-dev/apache/entrypoint-dev.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -set -eu - -# checks if the branch and repository exists -check_branch() { - repo=${1:-} - branch=${2:-} - git ls-remote --heads --tags "https://github.com/$repo" | grep -E "refs/(heads|tags)/${branch}$" >/dev/null - [ "$?" -eq "0" ] -} - -# clones the whole develop branch (Friendica and Addons) -clone_develop() { - friendica_git="${FRIENDICA_VERSION}" - addons_git="${FRIENDICA_ADDONS}" - friendica_repo="${FRIENDICA_REPOSITORY:-friendica/friendica}" - friendica_addons_repo="${FRIENDICA_ADDONS_REPO:-friendica/friendica-addons}" - - if echo "{$friendica_git,,}" | grep -Eq '^.*\-dev'; then - friendica_git="develop" - fi - - if echo "{$addons_git,,}" | grep -Eq '^.*\-dev'; then - addons_git="develop" - fi - - # Check if the branches exist before wiping the - if check_branch "$friendica_repo" "$friendica_git" && check_branch "$friendica_addons_repo" "$addons_git" ; then - echo "Cloning '${friendica_git}' from GitHub repository '${friendica_repo}' ..." - - # Removing the whole directory first - rm -fr /usr/src/friendica - git clone -q -b ${friendica_git} "https://github.com/${friendica_repo}" /usr/src/friendica - - mkdir /usr/src/friendica/addon - git clone -q -b ${addons_git} "https://github.com/${friendica_addons_repo}" /usr/src/friendica/addon - - echo "Download finished" - - if [ ! -f /usr/src/friendica/VERSION ]; then - echo "Couldn't clone repository" - exit 1 - fi - - /usr/src/friendica/bin/composer.phar install --no-dev -d /usr/src/friendica - return 0 - - else - if check_branch "$friendica_repo" "$friendica_git"; then - echo "$friendica_repo/$friendica_git is not valid." - else - echo "$friendica_addons_repo/$addons_git is not valid." - fi - echo "Using old version." - return 1 - - fi -} - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - # cloning from git is just possible for develop or Release Candidate - if echo "${FRIENDICA_VERSION}" | grep -Eq '^.*(\-dev|-rc|-RC)' || [ "${FRIENDICA_UPGRADE:-false}" = "true" ] || [ ! -f /usr/src/friendica/VERSION ]; then - # just clone & check if it's a new install or upgrade - clone_develop - fi -fi - -exec /entrypoint.sh "$@" diff --git a/2021.06-dev/apache/entrypoint.sh b/2021.06-dev/apache/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.06-dev/apache/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.06-dev/apache/setup_msmtp.sh b/2021.06-dev/apache/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.06-dev/apache/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.06-dev/apache/upgrade.exclude b/2021.06-dev/apache/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.06-dev/apache/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.06-dev/fpm-alpine/Dockerfile b/2021.06-dev/fpm-alpine/Dockerfile deleted file mode 100644 index 53be791..0000000 --- a/2021.06-dev/fpm-alpine/Dockerfile +++ /dev/null @@ -1,109 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-alpine.template -FROM php:7.3-fpm-alpine - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - apk add --no-cache \ - rsync \ - git \ -# For mail() support - msmtp \ - shadow \ - tini; - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - apk add --no-cache --virtual .build-deps \ - mariadb-client \ - bash \ - $PHPIZE_DEPS \ - libpng-dev \ - libjpeg-turbo-dev \ - imagemagick-dev \ - libtool \ - libmemcached-dev \ - cyrus-sasl-dev \ - libjpeg-turbo-dev \ - freetype-dev \ - librsvg \ - pcre-dev \ - libzip-dev \ - icu-dev \ - openldap-dev \ - ; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - \ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install APCu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ - runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )"; \ - apk add --no-network --virtual .friendica-phpext-rundeps $runDeps; \ - apk del --no-network .build-deps; - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - - -ENV FRIENDICA_VERSION "2021.06-dev" -ENV FRIENDICA_ADDONS "2021.06-dev" - - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint-dev.sh"] -CMD ["php-fpm"] diff --git a/2021.06-dev/fpm-alpine/config/00apcu.config.php b/2021.06-dev/fpm-alpine/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.06-dev/fpm-alpine/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.06-dev/fpm-alpine/config/01redis.config.php b/2021.06-dev/fpm-alpine/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.06-dev/fpm-alpine/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.06-dev/fpm-alpine/config/zz-docker.config.php b/2021.06-dev/fpm-alpine/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.06-dev/fpm-alpine/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.06-dev/fpm-alpine/cron.sh b/2021.06-dev/fpm-alpine/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.06-dev/fpm-alpine/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.06-dev/fpm-alpine/entrypoint-dev.sh b/2021.06-dev/fpm-alpine/entrypoint-dev.sh deleted file mode 100755 index 08c3c13..0000000 --- a/2021.06-dev/fpm-alpine/entrypoint-dev.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -set -eu - -# checks if the branch and repository exists -check_branch() { - repo=${1:-} - branch=${2:-} - git ls-remote --heads --tags "https://github.com/$repo" | grep -E "refs/(heads|tags)/${branch}$" >/dev/null - [ "$?" -eq "0" ] -} - -# clones the whole develop branch (Friendica and Addons) -clone_develop() { - friendica_git="${FRIENDICA_VERSION}" - addons_git="${FRIENDICA_ADDONS}" - friendica_repo="${FRIENDICA_REPOSITORY:-friendica/friendica}" - friendica_addons_repo="${FRIENDICA_ADDONS_REPO:-friendica/friendica-addons}" - - if echo "{$friendica_git,,}" | grep -Eq '^.*\-dev'; then - friendica_git="develop" - fi - - if echo "{$addons_git,,}" | grep -Eq '^.*\-dev'; then - addons_git="develop" - fi - - # Check if the branches exist before wiping the - if check_branch "$friendica_repo" "$friendica_git" && check_branch "$friendica_addons_repo" "$addons_git" ; then - echo "Cloning '${friendica_git}' from GitHub repository '${friendica_repo}' ..." - - # Removing the whole directory first - rm -fr /usr/src/friendica - git clone -q -b ${friendica_git} "https://github.com/${friendica_repo}" /usr/src/friendica - - mkdir /usr/src/friendica/addon - git clone -q -b ${addons_git} "https://github.com/${friendica_addons_repo}" /usr/src/friendica/addon - - echo "Download finished" - - if [ ! -f /usr/src/friendica/VERSION ]; then - echo "Couldn't clone repository" - exit 1 - fi - - /usr/src/friendica/bin/composer.phar install --no-dev -d /usr/src/friendica - return 0 - - else - if check_branch "$friendica_repo" "$friendica_git"; then - echo "$friendica_repo/$friendica_git is not valid." - else - echo "$friendica_addons_repo/$addons_git is not valid." - fi - echo "Using old version." - return 1 - - fi -} - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - # cloning from git is just possible for develop or Release Candidate - if echo "${FRIENDICA_VERSION}" | grep -Eq '^.*(\-dev|-rc|-RC)' || [ "${FRIENDICA_UPGRADE:-false}" = "true" ] || [ ! -f /usr/src/friendica/VERSION ]; then - # just clone & check if it's a new install or upgrade - clone_develop - fi -fi - -exec /entrypoint.sh "$@" diff --git a/2021.06-dev/fpm-alpine/entrypoint.sh b/2021.06-dev/fpm-alpine/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.06-dev/fpm-alpine/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.06-dev/fpm-alpine/setup_msmtp.sh b/2021.06-dev/fpm-alpine/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.06-dev/fpm-alpine/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.06-dev/fpm-alpine/upgrade.exclude b/2021.06-dev/fpm-alpine/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.06-dev/fpm-alpine/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.06-dev/fpm/Dockerfile b/2021.06-dev/fpm/Dockerfile deleted file mode 100644 index d0c66b6..0000000 --- a/2021.06-dev/fpm/Dockerfile +++ /dev/null @@ -1,134 +0,0 @@ -# DO NOT EDIT: created by update.sh from Dockerfile-debian.template -FROM php:7.3-fpm-buster - -# entrypoint.sh and cron.sh dependencies -RUN set -ex; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - rsync \ - bzip2 \ - git \ -# For mail() support - msmtp \ -# For tini installation - gnupg dirmngr \ - ; \ - rm -rf /var/lib/apt/lists/*; - -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - -# install the PHP extensions we need -# see https://friendi.ca/resources/requirements/ -RUN set -ex; \ - \ - savedAptMark="$(apt-mark showmanual)"; \ - \ - apt-get update; \ - apt-get install -y --no-install-recommends \ - mariadb-client \ - bash \ - libpng-dev \ - libjpeg62-turbo-dev \ - libtool \ - libmagick++-dev \ - libmemcached-dev \ - libgraphicsmagick1-dev \ - libfreetype6-dev \ - librsvg2-2 \ - libzip-dev \ - libldap2-dev \ - ; \ - \ - debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ - \ - docker-php-ext-configure gd \ - --with-gd \ - --with-freetype-dir=/usr/include/ \ - --with-png-dir=/usr/include/ \ - --with-jpeg-dir=/usr/include/ \ - ; \ - docker-php-ext-configure ldap \ - --with-libdir=lib/$debMultiarch/ \ - ;\ - docker-php-ext-install -j "$(nproc)" \ - pdo_mysql \ - gd \ - zip \ - opcache \ - ctype \ - pcntl \ - ldap \ - ; \ - \ -# pecl will claim success even if one install fails, so we need to perform each install separately - pecl install apcu-5.1.20; \ - pecl install memcached-3.1.5; \ - pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ - \ - docker-php-ext-enable \ - apcu \ - memcached \ - redis \ - imagick \ - ; \ - \ -# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies - apt-mark auto '.*' > /dev/null; \ - apt-mark manual $savedAptMark; \ - ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \ - | awk '/=>/ { print $3 }' \ - | sort -u \ - | xargs -r dpkg-query -S \ - | cut -d: -f1 \ - | sort -u \ - | xargs -rt apt-mark manual; \ - \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - rm -rf /var/lib/apt/lists/* - -# set recommended PHP.ini settings -RUN set -ex; \ - { \ - echo 'opcache.enable=1' ; \ - echo 'opcache.interned_strings_buffer=8'; \ - echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ - echo 'opcache.save_comments=1'; \ - echo 'opcache.revalidte_freq=1'; \ - } > /usr/local/etc/php/conf.d/opcache-recommended.ini; \ - \ - { \ - echo sendmail_path = "/usr/bin/msmtp -t"; \ - } > /usr/local/etc/php/conf.d/sendmail.ini; \ - \ - echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \ - \ - echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \ - \ - mkdir /var/www/data; \ - chown -R www-data:root /var/www; \ - chmod -R g=u /var/www - -VOLUME /var/www/html - - -ENV FRIENDICA_VERSION "2021.06-dev" -ENV FRIENDICA_ADDONS "2021.06-dev" - - -COPY *.sh upgrade.exclude / -COPY config/* /usr/src/friendica/config/ - -ENTRYPOINT ["/entrypoint-dev.sh"] -CMD ["php-fpm"] diff --git a/2021.06-dev/fpm/config/00apcu.config.php b/2021.06-dev/fpm/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.06-dev/fpm/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.06-dev/fpm/config/01redis.config.php b/2021.06-dev/fpm/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.06-dev/fpm/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.06-dev/fpm/config/zz-docker.config.php b/2021.06-dev/fpm/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.06-dev/fpm/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.06-dev/fpm/cron.sh b/2021.06-dev/fpm/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.06-dev/fpm/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.06-dev/fpm/entrypoint-dev.sh b/2021.06-dev/fpm/entrypoint-dev.sh deleted file mode 100755 index 08c3c13..0000000 --- a/2021.06-dev/fpm/entrypoint-dev.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -set -eu - -# checks if the branch and repository exists -check_branch() { - repo=${1:-} - branch=${2:-} - git ls-remote --heads --tags "https://github.com/$repo" | grep -E "refs/(heads|tags)/${branch}$" >/dev/null - [ "$?" -eq "0" ] -} - -# clones the whole develop branch (Friendica and Addons) -clone_develop() { - friendica_git="${FRIENDICA_VERSION}" - addons_git="${FRIENDICA_ADDONS}" - friendica_repo="${FRIENDICA_REPOSITORY:-friendica/friendica}" - friendica_addons_repo="${FRIENDICA_ADDONS_REPO:-friendica/friendica-addons}" - - if echo "{$friendica_git,,}" | grep -Eq '^.*\-dev'; then - friendica_git="develop" - fi - - if echo "{$addons_git,,}" | grep -Eq '^.*\-dev'; then - addons_git="develop" - fi - - # Check if the branches exist before wiping the - if check_branch "$friendica_repo" "$friendica_git" && check_branch "$friendica_addons_repo" "$addons_git" ; then - echo "Cloning '${friendica_git}' from GitHub repository '${friendica_repo}' ..." - - # Removing the whole directory first - rm -fr /usr/src/friendica - git clone -q -b ${friendica_git} "https://github.com/${friendica_repo}" /usr/src/friendica - - mkdir /usr/src/friendica/addon - git clone -q -b ${addons_git} "https://github.com/${friendica_addons_repo}" /usr/src/friendica/addon - - echo "Download finished" - - if [ ! -f /usr/src/friendica/VERSION ]; then - echo "Couldn't clone repository" - exit 1 - fi - - /usr/src/friendica/bin/composer.phar install --no-dev -d /usr/src/friendica - return 0 - - else - if check_branch "$friendica_repo" "$friendica_git"; then - echo "$friendica_repo/$friendica_git is not valid." - else - echo "$friendica_addons_repo/$addons_git is not valid." - fi - echo "Using old version." - return 1 - - fi -} - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - # cloning from git is just possible for develop or Release Candidate - if echo "${FRIENDICA_VERSION}" | grep -Eq '^.*(\-dev|-rc|-RC)' || [ "${FRIENDICA_UPGRADE:-false}" = "true" ] || [ ! -f /usr/src/friendica/VERSION ]; then - # just clone & check if it's a new install or upgrade - clone_develop - fi -fi - -exec /entrypoint.sh "$@" diff --git a/2021.06-dev/fpm/entrypoint.sh b/2021.06-dev/fpm/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.06-dev/fpm/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.06-dev/fpm/setup_msmtp.sh b/2021.06-dev/fpm/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.06-dev/fpm/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.06-dev/fpm/upgrade.exclude b/2021.06-dev/fpm/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.06-dev/fpm/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.06-rc/apache/config/00apcu.config.php b/2021.06-rc/apache/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.06-rc/apache/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.06-rc/apache/config/01redis.config.php b/2021.06-rc/apache/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.06-rc/apache/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.06-rc/apache/config/zz-docker.config.php b/2021.06-rc/apache/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.06-rc/apache/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.06-rc/apache/cron.sh b/2021.06-rc/apache/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.06-rc/apache/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.06-rc/apache/entrypoint-dev.sh b/2021.06-rc/apache/entrypoint-dev.sh deleted file mode 100755 index 08c3c13..0000000 --- a/2021.06-rc/apache/entrypoint-dev.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -set -eu - -# checks if the branch and repository exists -check_branch() { - repo=${1:-} - branch=${2:-} - git ls-remote --heads --tags "https://github.com/$repo" | grep -E "refs/(heads|tags)/${branch}$" >/dev/null - [ "$?" -eq "0" ] -} - -# clones the whole develop branch (Friendica and Addons) -clone_develop() { - friendica_git="${FRIENDICA_VERSION}" - addons_git="${FRIENDICA_ADDONS}" - friendica_repo="${FRIENDICA_REPOSITORY:-friendica/friendica}" - friendica_addons_repo="${FRIENDICA_ADDONS_REPO:-friendica/friendica-addons}" - - if echo "{$friendica_git,,}" | grep -Eq '^.*\-dev'; then - friendica_git="develop" - fi - - if echo "{$addons_git,,}" | grep -Eq '^.*\-dev'; then - addons_git="develop" - fi - - # Check if the branches exist before wiping the - if check_branch "$friendica_repo" "$friendica_git" && check_branch "$friendica_addons_repo" "$addons_git" ; then - echo "Cloning '${friendica_git}' from GitHub repository '${friendica_repo}' ..." - - # Removing the whole directory first - rm -fr /usr/src/friendica - git clone -q -b ${friendica_git} "https://github.com/${friendica_repo}" /usr/src/friendica - - mkdir /usr/src/friendica/addon - git clone -q -b ${addons_git} "https://github.com/${friendica_addons_repo}" /usr/src/friendica/addon - - echo "Download finished" - - if [ ! -f /usr/src/friendica/VERSION ]; then - echo "Couldn't clone repository" - exit 1 - fi - - /usr/src/friendica/bin/composer.phar install --no-dev -d /usr/src/friendica - return 0 - - else - if check_branch "$friendica_repo" "$friendica_git"; then - echo "$friendica_repo/$friendica_git is not valid." - else - echo "$friendica_addons_repo/$addons_git is not valid." - fi - echo "Using old version." - return 1 - - fi -} - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - # cloning from git is just possible for develop or Release Candidate - if echo "${FRIENDICA_VERSION}" | grep -Eq '^.*(\-dev|-rc|-RC)' || [ "${FRIENDICA_UPGRADE:-false}" = "true" ] || [ ! -f /usr/src/friendica/VERSION ]; then - # just clone & check if it's a new install or upgrade - clone_develop - fi -fi - -exec /entrypoint.sh "$@" diff --git a/2021.06-rc/apache/entrypoint.sh b/2021.06-rc/apache/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.06-rc/apache/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.06-rc/apache/setup_msmtp.sh b/2021.06-rc/apache/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.06-rc/apache/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.06-rc/apache/upgrade.exclude b/2021.06-rc/apache/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.06-rc/apache/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.06-rc/fpm-alpine/config/00apcu.config.php b/2021.06-rc/fpm-alpine/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.06-rc/fpm-alpine/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.06-rc/fpm-alpine/config/01redis.config.php b/2021.06-rc/fpm-alpine/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.06-rc/fpm-alpine/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.06-rc/fpm-alpine/config/zz-docker.config.php b/2021.06-rc/fpm-alpine/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.06-rc/fpm-alpine/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.06-rc/fpm-alpine/cron.sh b/2021.06-rc/fpm-alpine/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.06-rc/fpm-alpine/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.06-rc/fpm-alpine/entrypoint-dev.sh b/2021.06-rc/fpm-alpine/entrypoint-dev.sh deleted file mode 100755 index 08c3c13..0000000 --- a/2021.06-rc/fpm-alpine/entrypoint-dev.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -set -eu - -# checks if the branch and repository exists -check_branch() { - repo=${1:-} - branch=${2:-} - git ls-remote --heads --tags "https://github.com/$repo" | grep -E "refs/(heads|tags)/${branch}$" >/dev/null - [ "$?" -eq "0" ] -} - -# clones the whole develop branch (Friendica and Addons) -clone_develop() { - friendica_git="${FRIENDICA_VERSION}" - addons_git="${FRIENDICA_ADDONS}" - friendica_repo="${FRIENDICA_REPOSITORY:-friendica/friendica}" - friendica_addons_repo="${FRIENDICA_ADDONS_REPO:-friendica/friendica-addons}" - - if echo "{$friendica_git,,}" | grep -Eq '^.*\-dev'; then - friendica_git="develop" - fi - - if echo "{$addons_git,,}" | grep -Eq '^.*\-dev'; then - addons_git="develop" - fi - - # Check if the branches exist before wiping the - if check_branch "$friendica_repo" "$friendica_git" && check_branch "$friendica_addons_repo" "$addons_git" ; then - echo "Cloning '${friendica_git}' from GitHub repository '${friendica_repo}' ..." - - # Removing the whole directory first - rm -fr /usr/src/friendica - git clone -q -b ${friendica_git} "https://github.com/${friendica_repo}" /usr/src/friendica - - mkdir /usr/src/friendica/addon - git clone -q -b ${addons_git} "https://github.com/${friendica_addons_repo}" /usr/src/friendica/addon - - echo "Download finished" - - if [ ! -f /usr/src/friendica/VERSION ]; then - echo "Couldn't clone repository" - exit 1 - fi - - /usr/src/friendica/bin/composer.phar install --no-dev -d /usr/src/friendica - return 0 - - else - if check_branch "$friendica_repo" "$friendica_git"; then - echo "$friendica_repo/$friendica_git is not valid." - else - echo "$friendica_addons_repo/$addons_git is not valid." - fi - echo "Using old version." - return 1 - - fi -} - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - # cloning from git is just possible for develop or Release Candidate - if echo "${FRIENDICA_VERSION}" | grep -Eq '^.*(\-dev|-rc|-RC)' || [ "${FRIENDICA_UPGRADE:-false}" = "true" ] || [ ! -f /usr/src/friendica/VERSION ]; then - # just clone & check if it's a new install or upgrade - clone_develop - fi -fi - -exec /entrypoint.sh "$@" diff --git a/2021.06-rc/fpm-alpine/entrypoint.sh b/2021.06-rc/fpm-alpine/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.06-rc/fpm-alpine/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.06-rc/fpm-alpine/setup_msmtp.sh b/2021.06-rc/fpm-alpine/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.06-rc/fpm-alpine/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.06-rc/fpm-alpine/upgrade.exclude b/2021.06-rc/fpm-alpine/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.06-rc/fpm-alpine/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.06-rc/fpm/config/00apcu.config.php b/2021.06-rc/fpm/config/00apcu.config.php deleted file mode 100644 index d6dac4f..0000000 --- a/2021.06-rc/fpm/config/00apcu.config.php +++ /dev/null @@ -1,12 +0,0 @@ - [ - 'cache_driver' => 'apcu', - 'session_handler' => 'cache', - ], -]; diff --git a/2021.06-rc/fpm/config/01redis.config.php b/2021.06-rc/fpm/config/01redis.config.php deleted file mode 100644 index 1a43c95..0000000 --- a/2021.06-rc/fpm/config/01redis.config.php +++ /dev/null @@ -1,15 +0,0 @@ - [ - 'lock_driver' => 'redis', - 'redis_host' => getenv('REDIS_HOST'), - 'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''), - 'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''), - 'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0), - ], - ]; -} else { - return []; -} diff --git a/2021.06-rc/fpm/config/zz-docker.config.php b/2021.06-rc/fpm/config/zz-docker.config.php deleted file mode 100644 index 49ca5bd..0000000 --- a/2021.06-rc/fpm/config/zz-docker.config.php +++ /dev/null @@ -1,68 +0,0 @@ - [ - // Necessary because otherwise the daemon isn't working - 'pidfile' => '/var/run/friendica.pid', - - 'logfile' => '/var/www/html/friendica.log', - 'loglevel' => 'notice', - ], - 'storage' => [ - 'filesystem_path' => '/var/www/html/storage', - ], -]; - -if (getenv('FRIENDICA_TZ')) { - $config['config']['timezone'] = getenv('FRIENDICA_TZ'); -} - -if (getenv('FRIENDICA_LANG')) { - $config['config']['language'] = getenv('FRIENDICA_LANG'); -} - -if (getenv('FRIENDICA_ADMIN_MAIL')) { - $config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL'); -} - -if (getenv('FRIENDICA_SITENAME')) { - $config['config']['sitename'] = getenv('FRIENDICA_SITENAME'); -} - -if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) { - $config['system']['disable_url_validation'] = true; - $config['system']['disable_email_validation'] = true; -} - -if (!empty(getenv('FRIENDICA_DATA'))) { - $config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class; - - if (!empty(getenv('FRIENDICA_DATA_DIR'))) { - $config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA'); - } -} - -if (!empty(getenv('FRIENDICA_DEBUGGING'))) { - $config['system']['debugging'] = true; - if (!empty(getenv('FRIENDICA_LOGFILE'))) { - $config['system']['logfile'] = getenv('FRIENDICA_LOGFILE'); - } - if (!empty(getenv('FRIENDICA_LOGLEVEL'))) { - $config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL'); - } -} - -if (!empty(getenv('SMTP_DOMAIN'))) { - $smtp_from = !empty(getenv('SMTP_FROM')) ? getenv('SMTP_FROM') : 'no-reply'; - - $config['config']['sender_email'] = $smtp_from . "@" . getenv('SMTP_DOMAIN'); -} - -return $config; diff --git a/2021.06-rc/fpm/cron.sh b/2021.06-rc/fpm/cron.sh deleted file mode 100755 index f899df9..0000000 --- a/2021.06-rc/fpm/cron.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -trap "break;exit" HUP INT TERM - -while [ ! -f /var/www/html/bin/daemon.php ]; do - sleep 1 -done - -echo "Waiting for MySQL $MYSQL_HOST initialization..." -if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then - sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start -else - echo "[ERROR] Waited 300 seconds, no response" >&2 -fi diff --git a/2021.06-rc/fpm/entrypoint-dev.sh b/2021.06-rc/fpm/entrypoint-dev.sh deleted file mode 100755 index 08c3c13..0000000 --- a/2021.06-rc/fpm/entrypoint-dev.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -set -eu - -# checks if the branch and repository exists -check_branch() { - repo=${1:-} - branch=${2:-} - git ls-remote --heads --tags "https://github.com/$repo" | grep -E "refs/(heads|tags)/${branch}$" >/dev/null - [ "$?" -eq "0" ] -} - -# clones the whole develop branch (Friendica and Addons) -clone_develop() { - friendica_git="${FRIENDICA_VERSION}" - addons_git="${FRIENDICA_ADDONS}" - friendica_repo="${FRIENDICA_REPOSITORY:-friendica/friendica}" - friendica_addons_repo="${FRIENDICA_ADDONS_REPO:-friendica/friendica-addons}" - - if echo "{$friendica_git,,}" | grep -Eq '^.*\-dev'; then - friendica_git="develop" - fi - - if echo "{$addons_git,,}" | grep -Eq '^.*\-dev'; then - addons_git="develop" - fi - - # Check if the branches exist before wiping the - if check_branch "$friendica_repo" "$friendica_git" && check_branch "$friendica_addons_repo" "$addons_git" ; then - echo "Cloning '${friendica_git}' from GitHub repository '${friendica_repo}' ..." - - # Removing the whole directory first - rm -fr /usr/src/friendica - git clone -q -b ${friendica_git} "https://github.com/${friendica_repo}" /usr/src/friendica - - mkdir /usr/src/friendica/addon - git clone -q -b ${addons_git} "https://github.com/${friendica_addons_repo}" /usr/src/friendica/addon - - echo "Download finished" - - if [ ! -f /usr/src/friendica/VERSION ]; then - echo "Couldn't clone repository" - exit 1 - fi - - /usr/src/friendica/bin/composer.phar install --no-dev -d /usr/src/friendica - return 0 - - else - if check_branch "$friendica_repo" "$friendica_git"; then - echo "$friendica_repo/$friendica_git is not valid." - else - echo "$friendica_addons_repo/$addons_git is not valid." - fi - echo "Using old version." - return 1 - - fi -} - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - # cloning from git is just possible for develop or Release Candidate - if echo "${FRIENDICA_VERSION}" | grep -Eq '^.*(\-dev|-rc|-RC)' || [ "${FRIENDICA_UPGRADE:-false}" = "true" ] || [ ! -f /usr/src/friendica/VERSION ]; then - # just clone & check if it's a new install or upgrade - clone_develop - fi -fi - -exec /entrypoint.sh "$@" diff --git a/2021.06-rc/fpm/entrypoint.sh b/2021.06-rc/fpm/entrypoint.sh deleted file mode 100755 index fa51564..0000000 --- a/2021.06-rc/fpm/entrypoint.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -set -eu - -# run an command with the www-data user -run_as() { - set -- -c "cd /var/www/html; $*" - if [ "$(id -u)" -eq 0 ]; then - su - www-data -s /bin/sh "$@" - else - sh "$@" - fi -} - -# checks if the the first parameter is greater than the second parameter -version_greater() { - [ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ] -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") - local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") - if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 - fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then - export "$var"="$(cat "${fileVarValue}")" - elif [ -n "${def}" ]; then - export "$var"="$def" - fi - unset "$fileVar" -} - -sh /setup_msmtp.sh - -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - installed_version="0.0.0.0" - if [ -f /var/www/html/VERSION ]; then - installed_version="$(cat /var/www/html/VERSION)" - fi - - image_version="$(cat /usr/src/friendica/VERSION)" - - # no downgrading possible - if version_greater "$installed_version" "$image_version"; then - echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)" - exit 1 - fi - - # check it just in case the version is greater or if we force the upgrade - if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then - echo "Initializing Friendica $image_version ..." - - if [ "$installed_version" != "0.0.0.0" ]; then - echo "Upgrading Friendica from $installed_version ..." - fi - - if [ "$(id -u)" -eq 0 ]; then - rsync_options="-rlDog --chown=www-data:www-data" - else - rsync_options="-rlD" - fi - - rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/ - - # Update docker-based config files, but never delete other config files - rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/ - - # In case there is no .htaccess, copy it from the default dist file - if [ ! -f "/var/www/html/.htaccess" ]; then - cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess" - fi - - if [ -d /var/www/html/view/smarty3 ]; then - chmod -R 777 /var/www/html/view/smarty3 - fi - echo "Initializing finished" - - # install - if [ "$installed_version" = "0.0.0.0" ]; then - echo "New Friendica instance" - - file_env FRIENDICA_ADMIN_MAIL - - file_env MYSQL_DATABASE - file_env MYSQL_USER - file_env MYSQL_PASSWORD - - install=false - if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then - echo "Installation with environment variables" - - FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles} - FRIENDICA_LANG=${FRIENDICA_LANG:-en} - MYSQL_PORT=${MYSQL_PORT:-3306} - - # shellcheck disable=SC2016 - install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"' - - # shellcheck disable=SC2016 - install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"' - install=true - fi - - if [ "$install" = true ]; then - echo "Waiting for MySQL $MYSQL_HOST initialization..." - if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then - - echo "Starting Friendica installation ..." - run_as "php /var/www/html/bin/console.php autoinstall $install_options" - - rm -fr /var/www/html/view/smarty3/compiled - - # load other config files (*.config.php) to the config folder - if [ -d "/usr/src/config" ]; then - rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/ - fi - - echo "Installation finished" - else - echo "[ERROR] Waited 300 seconds, no response" >&2 - fi - else - echo "Running web-based installer on first connect!" - fi - # upgrade - else - echo "Upgrading Friendica ..." - run_as 'php /var/www/html/bin/console.php dbstructure update -f' - echo "Upgrading finished" - fi - fi -fi - -exec "$@" diff --git a/2021.06-rc/fpm/setup_msmtp.sh b/2021.06-rc/fpm/setup_msmtp.sh deleted file mode 100644 index b90c42c..0000000 --- a/2021.06-rc/fpm/setup_msmtp.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -set -eu - -if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then - SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}" - echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..." - - smtp_from="${SMTP_FROM:=no-reply}" - smtp_auth="${SMTP_AUTH:=on}" - - # Setup MSMTP - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root - usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data - - # add possible mail-senders - { - echo "www-data: $smtp_from@$SMTP_DOMAIN" - echo "root: $smtp_from@$SMTP_DOMAIN" - } >/etc/aliases - - # create msmtp settings - { - echo "account default" - echo "host $SMTP" - if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi - echo "from \"$smtp_from@$SMTP_DOMAIN\"" - echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames - if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi - if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth $smtp_auth"; fi - if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi - if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi - echo "logfile /var/log/msmtp.log" - echo "aliases /etc/aliases" - } >/etc/msmtprc - - echo "Setup finished" -fi diff --git a/2021.06-rc/fpm/upgrade.exclude b/2021.06-rc/fpm/upgrade.exclude deleted file mode 100644 index 2fb6533..0000000 --- a/2021.06-rc/fpm/upgrade.exclude +++ /dev/null @@ -1,10 +0,0 @@ -/.git/ -/photo/ -/proxy/ -/.htconfig.php -/.htaccess -/home.* -/config/ -/storage/ -/log/ -*.log \ No newline at end of file diff --git a/2021.04/apache/Dockerfile b/2021.09/apache/Dockerfile similarity index 62% rename from 2021.04/apache/Dockerfile rename to 2021.09/apache/Dockerfile index 94bb3bb..c75cf18 100644 --- a/2021.04/apache/Dockerfile +++ b/2021.09/apache/Dockerfile @@ -8,25 +8,16 @@ RUN set -ex; \ apt-get install -y --no-install-recommends \ rsync \ bzip2 \ - git \ # For mail() support msmtp \ -# For tini installation - gnupg dirmngr \ + tini \ +# For setuid/setgid support + gosu \ ; \ +# Verify that the binary works + gosu nobody true; \ rm -rf /var/lib/apt/lists/*; -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -74,7 +65,7 @@ RUN set -ex; \ pecl install apcu-5.1.20; \ pecl install memcached-3.1.5; \ pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ + pecl install imagick-3.5.1; \ \ docker-php-ext-enable \ apcu \ @@ -132,22 +123,48 @@ RUN set -ex;\ } > /etc/apache2/conf-available/remoteip.conf;\ a2enconf remoteip -ENV FRIENDICA_VERSION "2021.04" -ENV FRIENDICA_ADDONS "2021.04" +ENV FRIENDICA_VERSION "2021.09" +ENV FRIENDICA_ADDONS "2021.09" +ENV FRIENDICA_DOWNLOAD_SHA256 "49cad34edf1b500b4623d0b92ba32265fe322aac9a3efb08fa234f600bfd817a" +ENV FRIENDICA_DOWNLOAD_ADDONS_SHA256 "1910e732b3ca3fc35e57835f217746d6e1fbed1f76d8da1c989742ac2237090d" RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ + fetchDeps=" \ + gnupg \ + "; \ + apt-get update; \ + apt-get install -y --no-install-recommends $fetchDeps; \ + \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287; \ + \ + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz \ "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc \ + "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; \ + gpg --batch --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz; \ + echo "${FRIENDICA_DOWNLOAD_SHA256} *friendica-full-${FRIENDICA_VERSION}.tar.gz" | sha256sum -c; \ + tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/; \ + rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc; \ mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ + \ + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz \ + "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc \ + "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc"; \ + gpg --batch --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz; \ + echo "${FRIENDICA_DOWNLOAD_ADDONS_SHA256} *friendica-addons-${FRIENDICA_ADDONS}.tar.gz" | sha256sum -c; \ mkdir -p /usr/src/friendica/proxy; \ mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; + tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ + rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc; \ + \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \ + rm -rf /var/lib/apt/lists/* COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/2020.09/apache/config/00apcu.config.php b/2021.09/apache/config/00apcu.config.php similarity index 100% rename from 2020.09/apache/config/00apcu.config.php rename to 2021.09/apache/config/00apcu.config.php diff --git a/2020.09/apache/config/01redis.config.php b/2021.09/apache/config/01redis.config.php similarity index 100% rename from 2020.09/apache/config/01redis.config.php rename to 2021.09/apache/config/01redis.config.php diff --git a/2020.09/apache/config/zz-docker.config.php b/2021.09/apache/config/zz-docker.config.php similarity index 100% rename from 2020.09/apache/config/zz-docker.config.php rename to 2021.09/apache/config/zz-docker.config.php diff --git a/2020.09/fpm-alpine/cron.sh b/2021.09/apache/cron.sh similarity index 80% rename from 2020.09/fpm-alpine/cron.sh rename to 2021.09/apache/cron.sh index f899df9..18dced0 100755 --- a/2020.09/fpm-alpine/cron.sh +++ b/2021.09/apache/cron.sh @@ -8,7 +8,7 @@ done echo "Waiting for MySQL $MYSQL_HOST initialization..." if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start + exec gosu www-data:www-data tini -- php /var/www/html/bin/daemon.php -f start else echo "[ERROR] Waited 300 seconds, no response" >&2 fi diff --git a/2020.09/apache/entrypoint.sh b/2021.09/apache/entrypoint.sh similarity index 100% rename from 2020.09/apache/entrypoint.sh rename to 2021.09/apache/entrypoint.sh diff --git a/2020.09/apache/setup_msmtp.sh b/2021.09/apache/setup_msmtp.sh similarity index 100% rename from 2020.09/apache/setup_msmtp.sh rename to 2021.09/apache/setup_msmtp.sh diff --git a/2020.09/apache/upgrade.exclude b/2021.09/apache/upgrade.exclude similarity index 86% rename from 2020.09/apache/upgrade.exclude rename to 2021.09/apache/upgrade.exclude index 2fb6533..b3420cc 100644 --- a/2020.09/apache/upgrade.exclude +++ b/2021.09/apache/upgrade.exclude @@ -1,4 +1,3 @@ -/.git/ /photo/ /proxy/ /.htconfig.php @@ -7,4 +6,4 @@ /config/ /storage/ /log/ -*.log \ No newline at end of file +*.log diff --git a/2020.09/fpm-alpine/Dockerfile b/2021.09/fpm-alpine/Dockerfile similarity index 51% rename from 2020.09/fpm-alpine/Dockerfile rename to 2021.09/fpm-alpine/Dockerfile index 04bd150..8ddadd6 100644 --- a/2020.09/fpm-alpine/Dockerfile +++ b/2021.09/fpm-alpine/Dockerfile @@ -5,12 +5,39 @@ FROM php:7.3-fpm-alpine RUN set -ex; \ apk add --no-cache \ rsync \ - git \ # For mail() support msmtp \ shadow \ tini; +ENV GOSU_VERSION 1.14 +RUN set -eux; \ + \ + apk add --no-cache --virtual .gosu-deps \ + ca-certificates \ + dpkg \ + gnupg \ + ; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + \ +# verify the signature + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ +# clean up fetch dependencies + apk del --no-network .gosu-deps; \ + \ + chmod +x /usr/local/bin/gosu; \ +# verify that the binary works + gosu --version; \ + gosu nobody true + # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -54,7 +81,7 @@ RUN set -ex; \ pecl install APCu-5.1.20; \ pecl install memcached-3.1.5; \ pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ + pecl install imagick-3.5.1; \ \ docker-php-ext-enable \ apcu \ @@ -98,22 +125,45 @@ RUN set -ex; \ VOLUME /var/www/html -ENV FRIENDICA_VERSION "2020.09-1" -ENV FRIENDICA_ADDONS "2020.09-1" +ENV FRIENDICA_VERSION "2021.09" +ENV FRIENDICA_ADDONS "2021.09" +ENV FRIENDICA_DOWNLOAD_SHA256 "49cad34edf1b500b4623d0b92ba32265fe322aac9a3efb08fa234f600bfd817a" +ENV FRIENDICA_DOWNLOAD_ADDONS_SHA256 "1910e732b3ca3fc35e57835f217746d6e1fbed1f76d8da1c989742ac2237090d" RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ + apk add --no-cache --virtual .fetch-deps \ + gnupg \ + ; \ + \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287; \ + \ + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz \ "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc \ + "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; \ + gpg --batch --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz; \ + echo "${FRIENDICA_DOWNLOAD_SHA256} *friendica-full-${FRIENDICA_VERSION}.tar.gz" | sha256sum -c; \ + tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/; \ + rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc; \ mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ + \ + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz \ + "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc \ + "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc"; \ + gpg --batch --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz; \ + echo "${FRIENDICA_DOWNLOAD_ADDONS_SHA256} *friendica-addons-${FRIENDICA_ADDONS}.tar.gz" | sha256sum -c; \ mkdir -p /usr/src/friendica/proxy; \ mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; + tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ + rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc; \ + \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ + apk del .fetch-deps COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/2020.09/fpm-alpine/config/00apcu.config.php b/2021.09/fpm-alpine/config/00apcu.config.php similarity index 100% rename from 2020.09/fpm-alpine/config/00apcu.config.php rename to 2021.09/fpm-alpine/config/00apcu.config.php diff --git a/2020.09/fpm-alpine/config/01redis.config.php b/2021.09/fpm-alpine/config/01redis.config.php similarity index 100% rename from 2020.09/fpm-alpine/config/01redis.config.php rename to 2021.09/fpm-alpine/config/01redis.config.php diff --git a/2020.09/fpm-alpine/config/zz-docker.config.php b/2021.09/fpm-alpine/config/zz-docker.config.php similarity index 100% rename from 2020.09/fpm-alpine/config/zz-docker.config.php rename to 2021.09/fpm-alpine/config/zz-docker.config.php diff --git a/2021.01/apache/cron.sh b/2021.09/fpm-alpine/cron.sh similarity index 80% rename from 2021.01/apache/cron.sh rename to 2021.09/fpm-alpine/cron.sh index f899df9..18dced0 100755 --- a/2021.01/apache/cron.sh +++ b/2021.09/fpm-alpine/cron.sh @@ -8,7 +8,7 @@ done echo "Waiting for MySQL $MYSQL_HOST initialization..." if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start + exec gosu www-data:www-data tini -- php /var/www/html/bin/daemon.php -f start else echo "[ERROR] Waited 300 seconds, no response" >&2 fi diff --git a/2020.09/fpm-alpine/entrypoint.sh b/2021.09/fpm-alpine/entrypoint.sh similarity index 100% rename from 2020.09/fpm-alpine/entrypoint.sh rename to 2021.09/fpm-alpine/entrypoint.sh diff --git a/2020.09/fpm-alpine/setup_msmtp.sh b/2021.09/fpm-alpine/setup_msmtp.sh similarity index 100% rename from 2020.09/fpm-alpine/setup_msmtp.sh rename to 2021.09/fpm-alpine/setup_msmtp.sh diff --git a/2020.09/fpm-alpine/upgrade.exclude b/2021.09/fpm-alpine/upgrade.exclude similarity index 86% rename from 2020.09/fpm-alpine/upgrade.exclude rename to 2021.09/fpm-alpine/upgrade.exclude index 2fb6533..b3420cc 100644 --- a/2020.09/fpm-alpine/upgrade.exclude +++ b/2021.09/fpm-alpine/upgrade.exclude @@ -1,4 +1,3 @@ -/.git/ /photo/ /proxy/ /.htconfig.php @@ -7,4 +6,4 @@ /config/ /storage/ /log/ -*.log \ No newline at end of file +*.log diff --git a/2021.01/fpm/Dockerfile b/2021.09/fpm/Dockerfile similarity index 60% rename from 2021.01/fpm/Dockerfile rename to 2021.09/fpm/Dockerfile index 9920254..5d5cb1b 100644 --- a/2021.01/fpm/Dockerfile +++ b/2021.09/fpm/Dockerfile @@ -8,25 +8,16 @@ RUN set -ex; \ apt-get install -y --no-install-recommends \ rsync \ bzip2 \ - git \ # For mail() support msmtp \ -# For tini installation - gnupg dirmngr \ + tini \ +# For setuid/setgid support + gosu \ ; \ +# Verify that the binary works + gosu nobody true; \ rm -rf /var/lib/apt/lists/*; -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -74,7 +65,7 @@ RUN set -ex; \ pecl install apcu-5.1.20; \ pecl install memcached-3.1.5; \ pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ + pecl install imagick-3.5.1; \ \ docker-php-ext-enable \ apcu \ @@ -123,22 +114,48 @@ RUN set -ex; \ VOLUME /var/www/html -ENV FRIENDICA_VERSION "2021.01" -ENV FRIENDICA_ADDONS "2021.01" +ENV FRIENDICA_VERSION "2021.09" +ENV FRIENDICA_ADDONS "2021.09" +ENV FRIENDICA_DOWNLOAD_SHA256 "49cad34edf1b500b4623d0b92ba32265fe322aac9a3efb08fa234f600bfd817a" +ENV FRIENDICA_DOWNLOAD_ADDONS_SHA256 "1910e732b3ca3fc35e57835f217746d6e1fbed1f76d8da1c989742ac2237090d" RUN set -ex; \ - curl -fsSL -o friendica.tar.gz \ + fetchDeps=" \ + gnupg \ + "; \ + apt-get update; \ + apt-get install -y --no-install-recommends $fetchDeps; \ + \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287; \ + \ + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz \ "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \ - tar -xzf friendica.tar.gz -C /usr/src/; \ - rm friendica.tar.gz; \ + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc \ + "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; \ + gpg --batch --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz; \ + echo "${FRIENDICA_DOWNLOAD_SHA256} *friendica-full-${FRIENDICA_VERSION}.tar.gz" | sha256sum -c; \ + tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/; \ + rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc; \ mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \ chmod 777 /usr/src/friendica/view/smarty3; \ - curl -fsSL -o friendica_addons.tar.gz \ - "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ + \ + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz \ + "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \ + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc \ + "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc"; \ + gpg --batch --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz; \ + echo "${FRIENDICA_DOWNLOAD_ADDONS_SHA256} *friendica-addons-${FRIENDICA_ADDONS}.tar.gz" | sha256sum -c; \ mkdir -p /usr/src/friendica/proxy; \ mkdir -p /usr/src/friendica/addon; \ - tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ - rm friendica_addons.tar.gz; + tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1; \ + rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc; \ + \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME"; \ + \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \ + rm -rf /var/lib/apt/lists/* COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/2020.09/fpm/config/00apcu.config.php b/2021.09/fpm/config/00apcu.config.php similarity index 100% rename from 2020.09/fpm/config/00apcu.config.php rename to 2021.09/fpm/config/00apcu.config.php diff --git a/2020.09/fpm/config/01redis.config.php b/2021.09/fpm/config/01redis.config.php similarity index 100% rename from 2020.09/fpm/config/01redis.config.php rename to 2021.09/fpm/config/01redis.config.php diff --git a/2020.09/fpm/config/zz-docker.config.php b/2021.09/fpm/config/zz-docker.config.php similarity index 100% rename from 2020.09/fpm/config/zz-docker.config.php rename to 2021.09/fpm/config/zz-docker.config.php diff --git a/2020.09/fpm/cron.sh b/2021.09/fpm/cron.sh similarity index 80% rename from 2020.09/fpm/cron.sh rename to 2021.09/fpm/cron.sh index f899df9..18dced0 100755 --- a/2020.09/fpm/cron.sh +++ b/2021.09/fpm/cron.sh @@ -8,7 +8,7 @@ done echo "Waiting for MySQL $MYSQL_HOST initialization..." if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start + exec gosu www-data:www-data tini -- php /var/www/html/bin/daemon.php -f start else echo "[ERROR] Waited 300 seconds, no response" >&2 fi diff --git a/2020.09/fpm/entrypoint.sh b/2021.09/fpm/entrypoint.sh similarity index 100% rename from 2020.09/fpm/entrypoint.sh rename to 2021.09/fpm/entrypoint.sh diff --git a/2020.09/fpm/setup_msmtp.sh b/2021.09/fpm/setup_msmtp.sh similarity index 100% rename from 2020.09/fpm/setup_msmtp.sh rename to 2021.09/fpm/setup_msmtp.sh diff --git a/2020.09/fpm/upgrade.exclude b/2021.09/fpm/upgrade.exclude similarity index 86% rename from 2020.09/fpm/upgrade.exclude rename to 2021.09/fpm/upgrade.exclude index 2fb6533..b3420cc 100644 --- a/2020.09/fpm/upgrade.exclude +++ b/2021.09/fpm/upgrade.exclude @@ -1,4 +1,3 @@ -/.git/ /photo/ /proxy/ /.htconfig.php @@ -7,4 +6,4 @@ /config/ /storage/ /log/ -*.log \ No newline at end of file +*.log diff --git a/2021.06-rc/apache/Dockerfile b/2021.12-dev/apache/Dockerfile similarity index 81% rename from 2021.06-rc/apache/Dockerfile rename to 2021.12-dev/apache/Dockerfile index a4e8d56..bd084b4 100644 --- a/2021.06-rc/apache/Dockerfile +++ b/2021.12-dev/apache/Dockerfile @@ -8,25 +8,16 @@ RUN set -ex; \ apt-get install -y --no-install-recommends \ rsync \ bzip2 \ - git \ # For mail() support msmtp \ -# For tini installation - gnupg dirmngr \ + tini \ +# For setuid/setgid support + gosu \ ; \ +# Verify that the binary works + gosu nobody true; \ rm -rf /var/lib/apt/lists/*; -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -74,7 +65,7 @@ RUN set -ex; \ pecl install apcu-5.1.20; \ pecl install memcached-3.1.5; \ pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ + pecl install imagick-3.5.1; \ \ docker-php-ext-enable \ apcu \ @@ -132,9 +123,15 @@ RUN set -ex;\ } > /etc/apache2/conf-available/remoteip.conf;\ a2enconf remoteip -ENV FRIENDICA_VERSION "2021.06-rc" -ENV FRIENDICA_ADDONS "2021.06-rc" +ENV FRIENDICA_VERSION "2021.12-dev" +ENV FRIENDICA_ADDONS "2021.12-dev" +RUN set -ex; \ + fetchDeps=" \ + gnupg \ + "; \ + apt-get update; \ + apt-get install -y --no-install-recommends $fetchDeps; COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/2021.01/apache/config/00apcu.config.php b/2021.12-dev/apache/config/00apcu.config.php similarity index 100% rename from 2021.01/apache/config/00apcu.config.php rename to 2021.12-dev/apache/config/00apcu.config.php diff --git a/2021.01/apache/config/01redis.config.php b/2021.12-dev/apache/config/01redis.config.php similarity index 100% rename from 2021.01/apache/config/01redis.config.php rename to 2021.12-dev/apache/config/01redis.config.php diff --git a/2021.01/apache/config/zz-docker.config.php b/2021.12-dev/apache/config/zz-docker.config.php similarity index 100% rename from 2021.01/apache/config/zz-docker.config.php rename to 2021.12-dev/apache/config/zz-docker.config.php diff --git a/2020.09/apache/cron.sh b/2021.12-dev/apache/cron.sh similarity index 80% rename from 2020.09/apache/cron.sh rename to 2021.12-dev/apache/cron.sh index f899df9..18dced0 100755 --- a/2020.09/apache/cron.sh +++ b/2021.12-dev/apache/cron.sh @@ -8,7 +8,7 @@ done echo "Waiting for MySQL $MYSQL_HOST initialization..." if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start + exec gosu www-data:www-data tini -- php /var/www/html/bin/daemon.php -f start else echo "[ERROR] Waited 300 seconds, no response" >&2 fi diff --git a/2021.12-dev/apache/entrypoint-dev.sh b/2021.12-dev/apache/entrypoint-dev.sh new file mode 100755 index 0000000..2f2bd3e --- /dev/null +++ b/2021.12-dev/apache/entrypoint-dev.sh @@ -0,0 +1,54 @@ +#!/bin/sh +set -eu + +# just check if we execute apache or php-fpm +if (expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]) && [ "${FRIENDICA_DISABLE_UPGRADE:-false}" = "false" ]; then + curl -fsSL -o "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" + curl -fsSL -o "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_ADDONS}.tar.gz.sum256" + + # Don't download already latest sources + if [ -f "/usr/src/friendica.tar.gz.sum256" ] && [ -f "/usr/src/friendica-addons.tar.gz.sum256" ] && \ + cmp -s "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "/usr/src/friendica.tar.gz.sum256" && \ + cmp -s "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "/usr/src/friendica-addons.tar.gz.sum256"; then + echo "Already latest sources - skipped download" + else + + echo "Download sources for ${FRIENDICA_VERSION} (Addon: ${FRIENDICA_ADDONS})" + + # Removing the whole directory first + rm -fr /usr/src/friendica + export GNUPGHOME="$(mktemp -d)" + + gpg --batch --logger-fd=1 --no-tty --quiet --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287 + + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz" + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz + echo "Core sources (${FRIENDICA_VERSION}) verified" + + tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/ + rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica + echo "Core sources (${FRIENDICA_VERSION}) extracted" + + chmod 777 /usr/src/friendica/view/smarty3 + + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz" + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc" + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz + echo "Addon sources (${FRIENDICA_ADDONS}) verified" + + mkdir -p /usr/src/friendica/addon + tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1 + rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc + echo "Addon sources (${FRIENDICA_ADDONS}) extracted" + + gpgconf --kill all + rm -rf "$GNUPGHOME" + + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256 /usr/src/friendica.tar.gz.sum256 + mv -f /usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256 /usr/src/friendica-addons.tar.gz.sum256 + fi +fi + +exec /entrypoint.sh "$@" diff --git a/2021.01/apache/entrypoint.sh b/2021.12-dev/apache/entrypoint.sh similarity index 100% rename from 2021.01/apache/entrypoint.sh rename to 2021.12-dev/apache/entrypoint.sh diff --git a/2021.01/apache/setup_msmtp.sh b/2021.12-dev/apache/setup_msmtp.sh similarity index 100% rename from 2021.01/apache/setup_msmtp.sh rename to 2021.12-dev/apache/setup_msmtp.sh diff --git a/2021.01/apache/upgrade.exclude b/2021.12-dev/apache/upgrade.exclude similarity index 86% rename from 2021.01/apache/upgrade.exclude rename to 2021.12-dev/apache/upgrade.exclude index 2fb6533..b3420cc 100644 --- a/2021.01/apache/upgrade.exclude +++ b/2021.12-dev/apache/upgrade.exclude @@ -1,4 +1,3 @@ -/.git/ /photo/ /proxy/ /.htconfig.php @@ -7,4 +6,4 @@ /config/ /storage/ /log/ -*.log \ No newline at end of file +*.log diff --git a/2021.06-rc/fpm-alpine/Dockerfile b/2021.12-dev/fpm-alpine/Dockerfile similarity index 70% rename from 2021.06-rc/fpm-alpine/Dockerfile rename to 2021.12-dev/fpm-alpine/Dockerfile index d00af2a..35bf3a1 100644 --- a/2021.06-rc/fpm-alpine/Dockerfile +++ b/2021.12-dev/fpm-alpine/Dockerfile @@ -5,12 +5,39 @@ FROM php:7.3-fpm-alpine RUN set -ex; \ apk add --no-cache \ rsync \ - git \ # For mail() support msmtp \ shadow \ tini; +ENV GOSU_VERSION 1.14 +RUN set -eux; \ + \ + apk add --no-cache --virtual .gosu-deps \ + ca-certificates \ + dpkg \ + gnupg \ + ; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + \ +# verify the signature + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ +# clean up fetch dependencies + apk del --no-network .gosu-deps; \ + \ + chmod +x /usr/local/bin/gosu; \ +# verify that the binary works + gosu --version; \ + gosu nobody true + # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -54,7 +81,7 @@ RUN set -ex; \ pecl install APCu-5.1.20; \ pecl install memcached-3.1.5; \ pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ + pecl install imagick-3.5.1; \ \ docker-php-ext-enable \ apcu \ @@ -98,9 +125,13 @@ RUN set -ex; \ VOLUME /var/www/html -ENV FRIENDICA_VERSION "2021.06-rc" -ENV FRIENDICA_ADDONS "2021.06-rc" +ENV FRIENDICA_VERSION "2021.12-dev" +ENV FRIENDICA_ADDONS "2021.12-dev" +RUN set -ex; \ + apk add --no-cache --virtual .fetch-deps \ + gnupg \ + ; COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/2021.01/fpm-alpine/config/00apcu.config.php b/2021.12-dev/fpm-alpine/config/00apcu.config.php similarity index 100% rename from 2021.01/fpm-alpine/config/00apcu.config.php rename to 2021.12-dev/fpm-alpine/config/00apcu.config.php diff --git a/2021.01/fpm-alpine/config/01redis.config.php b/2021.12-dev/fpm-alpine/config/01redis.config.php similarity index 100% rename from 2021.01/fpm-alpine/config/01redis.config.php rename to 2021.12-dev/fpm-alpine/config/01redis.config.php diff --git a/2021.01/fpm-alpine/config/zz-docker.config.php b/2021.12-dev/fpm-alpine/config/zz-docker.config.php similarity index 100% rename from 2021.01/fpm-alpine/config/zz-docker.config.php rename to 2021.12-dev/fpm-alpine/config/zz-docker.config.php diff --git a/2021.12-dev/fpm-alpine/cron.sh b/2021.12-dev/fpm-alpine/cron.sh new file mode 100755 index 0000000..18dced0 --- /dev/null +++ b/2021.12-dev/fpm-alpine/cron.sh @@ -0,0 +1,14 @@ +#!/bin/sh +trap "break;exit" HUP INT TERM + +while [ ! -f /var/www/html/bin/daemon.php ]; do + sleep 1 +done + +echo "Waiting for MySQL $MYSQL_HOST initialization..." +if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then + sh /setup_msmtp.sh + exec gosu www-data:www-data tini -- php /var/www/html/bin/daemon.php -f start +else + echo "[ERROR] Waited 300 seconds, no response" >&2 +fi diff --git a/2021.12-dev/fpm-alpine/entrypoint-dev.sh b/2021.12-dev/fpm-alpine/entrypoint-dev.sh new file mode 100755 index 0000000..2f2bd3e --- /dev/null +++ b/2021.12-dev/fpm-alpine/entrypoint-dev.sh @@ -0,0 +1,54 @@ +#!/bin/sh +set -eu + +# just check if we execute apache or php-fpm +if (expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]) && [ "${FRIENDICA_DISABLE_UPGRADE:-false}" = "false" ]; then + curl -fsSL -o "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" + curl -fsSL -o "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_ADDONS}.tar.gz.sum256" + + # Don't download already latest sources + if [ -f "/usr/src/friendica.tar.gz.sum256" ] && [ -f "/usr/src/friendica-addons.tar.gz.sum256" ] && \ + cmp -s "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "/usr/src/friendica.tar.gz.sum256" && \ + cmp -s "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "/usr/src/friendica-addons.tar.gz.sum256"; then + echo "Already latest sources - skipped download" + else + + echo "Download sources for ${FRIENDICA_VERSION} (Addon: ${FRIENDICA_ADDONS})" + + # Removing the whole directory first + rm -fr /usr/src/friendica + export GNUPGHOME="$(mktemp -d)" + + gpg --batch --logger-fd=1 --no-tty --quiet --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287 + + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz" + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz + echo "Core sources (${FRIENDICA_VERSION}) verified" + + tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/ + rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica + echo "Core sources (${FRIENDICA_VERSION}) extracted" + + chmod 777 /usr/src/friendica/view/smarty3 + + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz" + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc" + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz + echo "Addon sources (${FRIENDICA_ADDONS}) verified" + + mkdir -p /usr/src/friendica/addon + tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1 + rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc + echo "Addon sources (${FRIENDICA_ADDONS}) extracted" + + gpgconf --kill all + rm -rf "$GNUPGHOME" + + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256 /usr/src/friendica.tar.gz.sum256 + mv -f /usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256 /usr/src/friendica-addons.tar.gz.sum256 + fi +fi + +exec /entrypoint.sh "$@" diff --git a/2021.01/fpm-alpine/entrypoint.sh b/2021.12-dev/fpm-alpine/entrypoint.sh similarity index 100% rename from 2021.01/fpm-alpine/entrypoint.sh rename to 2021.12-dev/fpm-alpine/entrypoint.sh diff --git a/2021.01/fpm-alpine/setup_msmtp.sh b/2021.12-dev/fpm-alpine/setup_msmtp.sh similarity index 100% rename from 2021.01/fpm-alpine/setup_msmtp.sh rename to 2021.12-dev/fpm-alpine/setup_msmtp.sh diff --git a/2021.12-dev/fpm-alpine/upgrade.exclude b/2021.12-dev/fpm-alpine/upgrade.exclude new file mode 100644 index 0000000..b3420cc --- /dev/null +++ b/2021.12-dev/fpm-alpine/upgrade.exclude @@ -0,0 +1,9 @@ +/photo/ +/proxy/ +/.htconfig.php +/.htaccess +/home.* +/config/ +/storage/ +/log/ +*.log diff --git a/2021.06-rc/fpm/Dockerfile b/2021.12-dev/fpm/Dockerfile similarity index 80% rename from 2021.06-rc/fpm/Dockerfile rename to 2021.12-dev/fpm/Dockerfile index 43d2ede..7fa2145 100644 --- a/2021.06-rc/fpm/Dockerfile +++ b/2021.12-dev/fpm/Dockerfile @@ -8,25 +8,16 @@ RUN set -ex; \ apt-get install -y --no-install-recommends \ rsync \ bzip2 \ - git \ # For mail() support msmtp \ -# For tini installation - gnupg dirmngr \ + tini \ +# For setuid/setgid support + gosu \ ; \ +# Verify that the binary works + gosu nobody true; \ rm -rf /var/lib/apt/lists/*; -# Add tini for reaping processes -ENV TINI_VERSION v0.19.0 -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -74,7 +65,7 @@ RUN set -ex; \ pecl install apcu-5.1.20; \ pecl install memcached-3.1.5; \ pecl install redis-5.3.4; \ - pecl install imagick-3.4.4; \ + pecl install imagick-3.5.1; \ \ docker-php-ext-enable \ apcu \ @@ -123,9 +114,15 @@ RUN set -ex; \ VOLUME /var/www/html -ENV FRIENDICA_VERSION "2021.06-rc" -ENV FRIENDICA_ADDONS "2021.06-rc" +ENV FRIENDICA_VERSION "2021.12-dev" +ENV FRIENDICA_ADDONS "2021.12-dev" +RUN set -ex; \ + fetchDeps=" \ + gnupg \ + "; \ + apt-get update; \ + apt-get install -y --no-install-recommends $fetchDeps; COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/2021.01/fpm/config/00apcu.config.php b/2021.12-dev/fpm/config/00apcu.config.php similarity index 100% rename from 2021.01/fpm/config/00apcu.config.php rename to 2021.12-dev/fpm/config/00apcu.config.php diff --git a/2021.01/fpm/config/01redis.config.php b/2021.12-dev/fpm/config/01redis.config.php similarity index 100% rename from 2021.01/fpm/config/01redis.config.php rename to 2021.12-dev/fpm/config/01redis.config.php diff --git a/2021.01/fpm/config/zz-docker.config.php b/2021.12-dev/fpm/config/zz-docker.config.php similarity index 100% rename from 2021.01/fpm/config/zz-docker.config.php rename to 2021.12-dev/fpm/config/zz-docker.config.php diff --git a/2021.12-dev/fpm/cron.sh b/2021.12-dev/fpm/cron.sh new file mode 100755 index 0000000..18dced0 --- /dev/null +++ b/2021.12-dev/fpm/cron.sh @@ -0,0 +1,14 @@ +#!/bin/sh +trap "break;exit" HUP INT TERM + +while [ ! -f /var/www/html/bin/daemon.php ]; do + sleep 1 +done + +echo "Waiting for MySQL $MYSQL_HOST initialization..." +if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then + sh /setup_msmtp.sh + exec gosu www-data:www-data tini -- php /var/www/html/bin/daemon.php -f start +else + echo "[ERROR] Waited 300 seconds, no response" >&2 +fi diff --git a/2021.12-dev/fpm/entrypoint-dev.sh b/2021.12-dev/fpm/entrypoint-dev.sh new file mode 100755 index 0000000..2f2bd3e --- /dev/null +++ b/2021.12-dev/fpm/entrypoint-dev.sh @@ -0,0 +1,54 @@ +#!/bin/sh +set -eu + +# just check if we execute apache or php-fpm +if (expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]) && [ "${FRIENDICA_DISABLE_UPGRADE:-false}" = "false" ]; then + curl -fsSL -o "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" + curl -fsSL -o "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_ADDONS}.tar.gz.sum256" + + # Don't download already latest sources + if [ -f "/usr/src/friendica.tar.gz.sum256" ] && [ -f "/usr/src/friendica-addons.tar.gz.sum256" ] && \ + cmp -s "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "/usr/src/friendica.tar.gz.sum256" && \ + cmp -s "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "/usr/src/friendica-addons.tar.gz.sum256"; then + echo "Already latest sources - skipped download" + else + + echo "Download sources for ${FRIENDICA_VERSION} (Addon: ${FRIENDICA_ADDONS})" + + # Removing the whole directory first + rm -fr /usr/src/friendica + export GNUPGHOME="$(mktemp -d)" + + gpg --batch --logger-fd=1 --no-tty --quiet --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287 + + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz" + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz + echo "Core sources (${FRIENDICA_VERSION}) verified" + + tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/ + rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica + echo "Core sources (${FRIENDICA_VERSION}) extracted" + + chmod 777 /usr/src/friendica/view/smarty3 + + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz" + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc" + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz + echo "Addon sources (${FRIENDICA_ADDONS}) verified" + + mkdir -p /usr/src/friendica/addon + tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1 + rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc + echo "Addon sources (${FRIENDICA_ADDONS}) extracted" + + gpgconf --kill all + rm -rf "$GNUPGHOME" + + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256 /usr/src/friendica.tar.gz.sum256 + mv -f /usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256 /usr/src/friendica-addons.tar.gz.sum256 + fi +fi + +exec /entrypoint.sh "$@" diff --git a/2021.01/fpm/entrypoint.sh b/2021.12-dev/fpm/entrypoint.sh similarity index 100% rename from 2021.01/fpm/entrypoint.sh rename to 2021.12-dev/fpm/entrypoint.sh diff --git a/2021.01/fpm/setup_msmtp.sh b/2021.12-dev/fpm/setup_msmtp.sh similarity index 100% rename from 2021.01/fpm/setup_msmtp.sh rename to 2021.12-dev/fpm/setup_msmtp.sh diff --git a/2021.12-dev/fpm/upgrade.exclude b/2021.12-dev/fpm/upgrade.exclude new file mode 100644 index 0000000..b3420cc --- /dev/null +++ b/2021.12-dev/fpm/upgrade.exclude @@ -0,0 +1,9 @@ +/photo/ +/proxy/ +/.htconfig.php +/.htaccess +/home.* +/config/ +/storage/ +/log/ +*.log diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index 8132fd3..2d9ea05 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -4,12 +4,39 @@ FROM php:%%PHP_VERSION%%-%%VARIANT%% RUN set -ex; \ apk add --no-cache \ rsync \ - git \ # For mail() support msmtp \ shadow \ tini; +ENV GOSU_VERSION 1.14 +RUN set -eux; \ + \ + apk add --no-cache --virtual .gosu-deps \ + ca-certificates \ + dpkg \ + gnupg \ + ; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + \ +# verify the signature + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ +# clean up fetch dependencies + apk del --no-network .gosu-deps; \ + \ + chmod +x /usr/local/bin/gosu; \ +# verify that the binary works + gosu --version; \ + gosu nobody true + # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -99,8 +126,8 @@ VOLUME /var/www/html ENV FRIENDICA_VERSION "%%VERSION%%" ENV FRIENDICA_ADDONS "%%VERSION%%" +%%DOWNLOAD_SHA256%% %%INSTALL_EXTRAS%% - COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index 8e35e6e..7e9215f 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -7,25 +7,16 @@ RUN set -ex; \ apt-get install -y --no-install-recommends \ rsync \ bzip2 \ - git \ # For mail() support msmtp \ -# For tini installation - gnupg dirmngr \ + tini \ +# For setuid/setgid support + gosu \ ; \ +# Verify that the binary works + gosu nobody true; \ rm -rf /var/lib/apt/lists/*; -# Add tini for reaping processes -ENV TINI_VERSION v%%TINI_VERSION%% -RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \ - && mkdir ~/.gnupg \ - && echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \ - && curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \ - && curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \ - && gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \ - && gpg --batch --verify /tini.asc /sbin/tini \ - && chmod +x /sbin/tini - # install the PHP extensions we need # see https://friendi.ca/resources/requirements/ RUN set -ex; \ @@ -124,8 +115,8 @@ VOLUME /var/www/html ENV FRIENDICA_VERSION "%%VERSION%%" ENV FRIENDICA_ADDONS "%%VERSION%%" +%%DOWNLOAD_SHA256%% %%INSTALL_EXTRAS%% - COPY *.sh upgrade.exclude / COPY config/* /usr/src/friendica/config/ diff --git a/README.md b/README.md index 9268484..2b60b76 100644 --- a/README.md +++ b/README.md @@ -359,26 +359,8 @@ Then run `docker-compose up -d`, now you can access Friendica at http://localhos # Special settings for DEV/RC images -The `*-dev` and `*-rc` branches are having additional possibilities to get the latest sources of Friendica. - -## Possible Environment Variables - -The following environment variables are possible for these kind of images too: - -**Develop/Release Candidate Settings** - -- `FRIENDICA_UPGRADE` If set to `true`, a develop or release candidat node will get updated at startup. -- `FRIENDICA_REPOSITORY` If set, a custom repository will be chosen (Default: `friendica`) -- `FRIENDICA_ADDONS_REPO` If set, a custom repository for the addons will be chosen (Default: `friendica`) -- `FRIENDICA_VERSION` If set, a custom branch will be chosen (Default is based on the chosen image version) -- `FRIENDICA_ADDONS` If set, a custom branch for the addons will be chosen (Default is based on the chosen image version) - -## Updating to a newer version - -You don't need to pull the image for each commit in [friendica](https://github.com/friendica/friendica/). -Instead, the release candidate or develop branch will get updated if no installation was found or the environment variable `FRIENDICA_UPGRADE` is set to `true`. - -It will clone the latest Friendica version and copy it to your working directory. +The `*-dev` and `*-rc` branches are directly downloaded and verified at each docker start to ensure that the latest sources are used. +It's possible to disable this behaviour by setting the environment variable `FRIENDICA_DISABLE_UPGRADE` to `true`. # Questions / Issues diff --git a/develop.txt b/develop.txt index e9cd37e..9fb7221 100644 --- a/develop.txt +++ b/develop.txt @@ -1 +1 @@ -2021.06-dev +2021.12-dev diff --git a/docker-cron.sh b/docker-cron.sh index f899df9..18dced0 100755 --- a/docker-cron.sh +++ b/docker-cron.sh @@ -8,7 +8,7 @@ done echo "Waiting for MySQL $MYSQL_HOST initialization..." if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then sh /setup_msmtp.sh - exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start + exec gosu www-data:www-data tini -- php /var/www/html/bin/daemon.php -f start else echo "[ERROR] Waited 300 seconds, no response" >&2 fi diff --git a/docker-entrypoint-dev.sh b/docker-entrypoint-dev.sh index 08c3c13..2f2bd3e 100755 --- a/docker-entrypoint-dev.sh +++ b/docker-entrypoint-dev.sh @@ -1,68 +1,53 @@ #!/bin/sh set -eu -# checks if the branch and repository exists -check_branch() { - repo=${1:-} - branch=${2:-} - git ls-remote --heads --tags "https://github.com/$repo" | grep -E "refs/(heads|tags)/${branch}$" >/dev/null - [ "$?" -eq "0" ] -} +# just check if we execute apache or php-fpm +if (expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]) && [ "${FRIENDICA_DISABLE_UPGRADE:-false}" = "false" ]; then + curl -fsSL -o "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" + curl -fsSL -o "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "https://files.friendi.ca/friendica-full-${FRIENDICA_ADDONS}.tar.gz.sum256" -# clones the whole develop branch (Friendica and Addons) -clone_develop() { - friendica_git="${FRIENDICA_VERSION}" - addons_git="${FRIENDICA_ADDONS}" - friendica_repo="${FRIENDICA_REPOSITORY:-friendica/friendica}" - friendica_addons_repo="${FRIENDICA_ADDONS_REPO:-friendica/friendica-addons}" + # Don't download already latest sources + if [ -f "/usr/src/friendica.tar.gz.sum256" ] && [ -f "/usr/src/friendica-addons.tar.gz.sum256" ] && \ + cmp -s "/usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256" "/usr/src/friendica.tar.gz.sum256" && \ + cmp -s "/usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256" "/usr/src/friendica-addons.tar.gz.sum256"; then + echo "Already latest sources - skipped download" + else - if echo "{$friendica_git,,}" | grep -Eq '^.*\-dev'; then - friendica_git="develop" - fi - - if echo "{$addons_git,,}" | grep -Eq '^.*\-dev'; then - addons_git="develop" - fi - - # Check if the branches exist before wiping the - if check_branch "$friendica_repo" "$friendica_git" && check_branch "$friendica_addons_repo" "$addons_git" ; then - echo "Cloning '${friendica_git}' from GitHub repository '${friendica_repo}' ..." + echo "Download sources for ${FRIENDICA_VERSION} (Addon: ${FRIENDICA_ADDONS})" # Removing the whole directory first rm -fr /usr/src/friendica - git clone -q -b ${friendica_git} "https://github.com/${friendica_repo}" /usr/src/friendica + export GNUPGHOME="$(mktemp -d)" - mkdir /usr/src/friendica/addon - git clone -q -b ${addons_git} "https://github.com/${friendica_addons_repo}" /usr/src/friendica/addon + gpg --batch --logger-fd=1 --no-tty --quiet --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287 - echo "Download finished" + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz" + curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz + echo "Core sources (${FRIENDICA_VERSION}) verified" - if [ ! -f /usr/src/friendica/VERSION ]; then - echo "Couldn't clone repository" - exit 1 - fi + tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/ + rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica + echo "Core sources (${FRIENDICA_VERSION}) extracted" - /usr/src/friendica/bin/composer.phar install --no-dev -d /usr/src/friendica - return 0 + chmod 777 /usr/src/friendica/view/smarty3 - else - if check_branch "$friendica_repo" "$friendica_git"; then - echo "$friendica_repo/$friendica_git is not valid." - else - echo "$friendica_addons_repo/$addons_git is not valid." - fi - echo "Using old version." - return 1 + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz" + curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc" + gpg --batch --logger-fd=1 --no-tty --quiet --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz + echo "Addon sources (${FRIENDICA_ADDONS}) verified" - fi -} + mkdir -p /usr/src/friendica/addon + tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1 + rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc + echo "Addon sources (${FRIENDICA_ADDONS}) extracted" -# just check if we execute apache or php-fpm -if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then - # cloning from git is just possible for develop or Release Candidate - if echo "${FRIENDICA_VERSION}" | grep -Eq '^.*(\-dev|-rc|-RC)' || [ "${FRIENDICA_UPGRADE:-false}" = "true" ] || [ ! -f /usr/src/friendica/VERSION ]; then - # just clone & check if it's a new install or upgrade - clone_develop + gpgconf --kill all + rm -rf "$GNUPGHOME" + + mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}.tar.gz.sum256 /usr/src/friendica.tar.gz.sum256 + mv -f /usr/src/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.sum256 /usr/src/friendica-addons.tar.gz.sum256 fi fi diff --git a/latest.txt b/latest.txt index 7223033..76c052b 100644 --- a/latest.txt +++ b/latest.txt @@ -1 +1 @@ -2021.04 +2021.09 diff --git a/update.sh b/update.sh index cc82e46..831c4b2 100755 --- a/update.sh +++ b/update.sh @@ -82,8 +82,10 @@ declare -A pecl_versions=( ) declare -A install_extras=( - ['stable']='\nRUN set -ex; \\\n curl -fsSL -o friendica.tar.gz \\\n "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \\\n tar -xzf friendica.tar.gz -C /usr/src/; \\\n rm friendica.tar.gz; \\\n mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \\\n chmod 777 /usr/src/friendica/view/smarty3; \\\n curl -fsSL -o friendica_addons.tar.gz \\\n "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \\\n mkdir -p /usr/src/friendica/proxy; \\\n mkdir -p /usr/src/friendica/addon; \\\n tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \\\n rm friendica_addons.tar.gz;' - ['develop']='' + ['stable-debian']='\nRUN set -ex; \\\n fetchDeps=" \\\n gnupg \\\n "; \\\n apt-get update; \\\n apt-get install -y --no-install-recommends $fetchDeps; \\\n \\\n export GNUPGHOME="$(mktemp -d)"; \\\n gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287; \\\n \\\n curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz \\\n "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \\\n curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc \\\n "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; \\\n gpg --batch --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz; \\\n echo "${FRIENDICA_DOWNLOAD_SHA256} *friendica-full-${FRIENDICA_VERSION}.tar.gz" \| sha256sum -c; \\\n tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/; \\\n rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc; \\\n mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \\\n chmod 777 /usr/src/friendica/view/smarty3; \\\n \\\n curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz \\\n "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \\\n curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc \\\n "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc"; \\\n gpg --batch --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz; \\\n echo "${FRIENDICA_DOWNLOAD_ADDONS_SHA256} *friendica-addons-${FRIENDICA_ADDONS}.tar.gz" \| sha256sum -c; \\\n mkdir -p /usr/src/friendica/proxy; \\\n mkdir -p /usr/src/friendica/addon; \\\n tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1; \\\n rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc; \\\n \\\n gpgconf --kill all; \\\n rm -rf "$GNUPGHOME"; \\\n \\\n apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \\\n rm -rf /var/lib/apt/lists/*\n' + ['stable-alpine']='\nRUN set -ex; \\\n apk add --no-cache --virtual .fetch-deps \\\n gnupg \\\n ; \\\n \\\n export GNUPGHOME="$(mktemp -d)"; \\\n gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 08656443618E6567A39524083EE197EF3F9E4287; \\\n \\\n curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz \\\n "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \\\n curl -fsSL -o friendica-full-${FRIENDICA_VERSION}.tar.gz.asc \\\n "https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz.asc"; \\\n gpg --batch --verify friendica-full-${FRIENDICA_VERSION}.tar.gz.asc friendica-full-${FRIENDICA_VERSION}.tar.gz; \\\n echo "${FRIENDICA_DOWNLOAD_SHA256} *friendica-full-${FRIENDICA_VERSION}.tar.gz" \| sha256sum -c; \\\n tar -xzf friendica-full-${FRIENDICA_VERSION}.tar.gz -C /usr/src/; \\\n rm friendica-full-${FRIENDICA_VERSION}.tar.gz friendica-full-${FRIENDICA_VERSION}.tar.gz.asc; \\\n mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \\\n chmod 777 /usr/src/friendica/view/smarty3; \\\n \\\n curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz \\\n "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \\\n curl -fsSL -o friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc \\\n "https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc"; \\\n gpg --batch --verify friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc friendica-addons-${FRIENDICA_ADDONS}.tar.gz; \\\n echo "${FRIENDICA_DOWNLOAD_ADDONS_SHA256} *friendica-addons-${FRIENDICA_ADDONS}.tar.gz" \| sha256sum -c; \\\n mkdir -p /usr/src/friendica/proxy; \\\n mkdir -p /usr/src/friendica/addon; \\\n tar -xzf friendica-addons-${FRIENDICA_ADDONS}.tar.gz -C /usr/src/friendica/addon --strip-components=1; \\\n rm friendica-addons-${FRIENDICA_ADDONS}.tar.gz friendica-addons-${FRIENDICA_ADDONS}.tar.gz.asc; \\\n \\\n gpgconf --kill all; \\\n rm -rf "$GNUPGHOME"; \\\n \\\n apk del .fetch-deps\n' + ['develop-debian']='RUN set -ex; \\\n fetchDeps=" \\\n gnupg \\\n "; \\\n apt-get update; \\\n apt-get install -y --no-install-recommends $fetchDeps;\n' + ['develop-alpine']='RUN set -ex; \\\n apk add --no-cache --virtual .fetch-deps \\\n gnupg \\\n ;\n' ) variants=( @@ -92,7 +94,7 @@ variants=( fpm-alpine ) -min_version='2020.09' +min_version='2021.09' # version_greater_or_equal A B returns whether A >= B function version_greater_or_equal() { @@ -103,6 +105,16 @@ function is_hotfix() { [[ "$1" =~ ^.*-[[:digit:]]+$ ]] } +function get_sha256_string() { + install_type="$1" + version="${2,,}" + if [[ $install_type == "develop" ]]; then + echo "" + else + echo "ENV FRIENDICA_DOWNLOAD_SHA256 \"$(curl -fsSL https://files.friendi.ca/friendica-full-${version}.tar.gz.sum256 | cut -d' ' -f1)\"\nENV FRIENDICA_DOWNLOAD_ADDONS_SHA256 \"$(curl -fsSL https://files.friendi.ca/friendica-addons-${version}.tar.gz.sum256 | cut -d' ' -f1)\"" + fi +} + function create_variant() { dockerName=${1,,} dir="$dockerName/$variant" @@ -129,7 +141,8 @@ function create_variant() { s/%%VERSION%%/'"${2:-${1}}"'/g; s/%%CMD%%/'"${cmd[$variant]}"'/g; s|%%VARIANT_EXTRAS%%|'"${extras[$variant]}"'|g; - s|%%INSTALL_EXTRAS%%|'"${install_extras[$install_type]}"'|g; + s|%%DOWNLOAD_SHA256%%|'"$(get_sha256_string $install_type ${2:-${1}})"'|g; + s|%%INSTALL_EXTRAS%%|'"${install_extras[$install_type-${base[$variant]}]}"'|g; s/%%APCU_VERSION%%/'"${pecl_versions[APCu]}"'/g; s/%%IMAGICK_VERSION%%/'"${pecl_versions[imagick]}"'/g; s/%%MEMCACHED_VERSION%%/'"${pecl_versions[memcached]}"'/g; diff --git a/upgrade.exclude b/upgrade.exclude index 2fb6533..b3420cc 100644 --- a/upgrade.exclude +++ b/upgrade.exclude @@ -1,4 +1,3 @@ -/.git/ /photo/ /proxy/ /.htconfig.php @@ -7,4 +6,4 @@ /config/ /storage/ /log/ -*.log \ No newline at end of file +*.log