2
0
Fork 0
mirror of https://github.com/friendica/docker synced 2025-01-19 17:37:00 +01:00

Runs update.sh

This commit is contained in:
GitHub Workflow 2020-09-09 05:47:04 +00:00
parent bb91661bd2
commit aa8293d108
25 changed files with 1311 additions and 1 deletions

156
2020.09/apache/Dockerfile Normal file
View file

@ -0,0 +1,156 @@
# DO NOT EDIT: created by update.sh from Dockerfile-debian.template
FROM php:7.3-apache-buster
# entrypoint.sh and cron.sh dependencies
RUN set -ex; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
rsync \
bzip2 \
git \
# For mail() support
msmtp \
# For tini installation
gnupg dirmngr \
; \
rm -rf /var/lib/apt/lists/*;
# Add tini for reaping processes
ENV TINI_VERSION v0.19.0
RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \
&& mkdir ~/.gnupg \
&& echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \
&& curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \
&& curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \
&& gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \
&& gpg --batch --verify /tini.asc /sbin/tini \
&& chmod +x /sbin/tini
# install the PHP extensions we need
# see https://friendi.ca/resources/requirements/
RUN set -ex; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
mariadb-client \
bash \
libpng-dev \
libjpeg62-turbo-dev \
libtool \
libmagick++-dev \
libmemcached-dev \
libgraphicsmagick1-dev \
libfreetype6-dev \
librsvg2-2 \
libzip-dev \
libldap2-dev \
; \
\
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
\
docker-php-ext-configure gd \
--with-gd \
--with-freetype-dir=/usr/include/ \
--with-png-dir=/usr/include/ \
--with-jpeg-dir=/usr/include/ \
; \
docker-php-ext-configure ldap \
--with-libdir=lib/$debMultiarch/ \
;\
docker-php-ext-install -j "$(nproc)" \
pdo_mysql \
gd \
zip \
opcache \
ctype \
pcntl \
ldap \
; \
\
# pecl will claim success even if one install fails, so we need to perform each install separately
pecl install apcu-5.1.18; \
pecl install memcached-3.1.5; \
pecl install redis-5.3.1; \
pecl install imagick-3.4.4; \
\
docker-php-ext-enable \
apcu \
memcached \
redis \
imagick \
; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
| awk '/=>/ { print $3 }' \
| sort -u \
| xargs -r dpkg-query -S \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
# set recommended PHP.ini settings
RUN set -ex; \
{ \
echo 'opcache.enable=1' ; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=10000'; \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.save_comments=1'; \
echo 'opcache.revalidte_freq=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini; \
\
{ \
echo sendmail_path = "/usr/bin/msmtp -t"; \
} > /usr/local/etc/php/conf.d/sendmail.ini; \
\
echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \
\
echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \
\
mkdir /var/www/data; \
chown -R www-data:root /var/www; \
chmod -R g=u /var/www
VOLUME /var/www/html
RUN set -ex;\
a2enmod rewrite remoteip ;\
{\
echo RemoteIPHeader X-Real-IP ;\
echo RemoteIPTrustedProxy 10.0.0.0/8 ;\
echo RemoteIPTrustedProxy 172.16.0.0/12 ;\
echo RemoteIPTrustedProxy 192.168.0.0/16 ;\
} > /etc/apache2/conf-available/remoteip.conf;\
a2enconf remoteip
ENV FRIENDICA_VERSION "2020.09"
ENV FRIENDICA_ADDONS "2020.09"
RUN set -ex; \
curl -fsSL -o friendica.tar.gz \
"https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \
tar -xzf friendica.tar.gz -C /usr/src/; \
rm friendica.tar.gz; \
mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \
chmod 777 /usr/src/friendica/view/smarty3; \
curl -fsSL -o friendica_addons.tar.gz \
"https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \
mkdir -p /usr/src/friendica/proxy; \
mkdir -p /usr/src/friendica/addon; \
tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \
rm friendica_addons.tar.gz;
COPY *.sh upgrade.exclude /
COPY config/* /usr/src/friendica/config/
ENTRYPOINT ["/entrypoint.sh"]
CMD ["apache2-foreground"]

View file

@ -0,0 +1,12 @@
<?php
/**
* If nothing else set, use APCu as a caching driver (best performance for local caching)
*/
return [
'system' => [
'cache_driver' => 'apcu',
'session_handler' => 'cache',
],
];

View file

@ -0,0 +1,15 @@
<?php
if (getenv('REDIS_HOST')) {
return [
'system' => [
'lock_driver' => 'redis',
'redis_host' => getenv('REDIS_HOST'),
'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''),
'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''),
'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0),
],
];
} else {
return [];
}

View file

@ -0,0 +1,62 @@
<?php
/**
* Fallback config to make it possible overwriting config values
* because of docker environment variables
*
* This doesn't affect DB configurations, but will replace other config values
*/
$config = [
'system' => [
// Necessary because otherwise the daemon isn't working
'pidfile' => '/var/run/friendica.pid',
'logfile' => '/var/www/html/friendica.log',
'loglevel' => 'notice',
],
'storage' => [
'filesystem_path' => '/var/www/html/storage',
],
];
if (getenv('FRIENDICA_TZ')) {
$config['config']['timezone'] = getenv('FRIENDICA_TZ');
}
if (getenv('FRIENDICA_LANG')) {
$config['config']['language'] = getenv('FRIENDICA_LANG');
}
if (getenv('FRIENDICA_ADMIN_MAIL')) {
$config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL');
}
if (getenv('FRIENDICA_SITENAME')) {
$config['config']['sitename'] = getenv('FRIENDICA_SITENAME');
}
if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) {
$config['system']['disable_url_validation'] = true;
$config['system']['disable_email_validation'] = true;
}
if (!empty(getenv('FRIENDICA_DATA'))) {
$config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class;
if (!empty(getenv('FRIENDICA_DATA_DIR'))) {
$config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA');
}
}
if (!empty(getenv('FRIENDICA_DEBUGGING'))) {
$config['system']['debugging'] = true;
if (!empty(getenv('FRIENDICA_LOGFILE'))) {
$config['system']['logfile'] = getenv('FRIENDICA_LOGFILE');
}
if (!empty(getenv('FRIENDICA_LOGLEVEL'))) {
$config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL');
}
}
return $config;

14
2020.09/apache/cron.sh Executable file
View file

@ -0,0 +1,14 @@
#!/bin/sh
trap "break;exit" HUP INT TERM
while [ ! -f /var/www/html/bin/daemon.php ]; do
sleep 1
done
echo "Waiting for MySQL $MYSQL_HOST initialization..."
if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then
sh /setup_msmtp.sh
exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start
else
echo "[ERROR] Waited 300 seconds, no response" >&2
fi

145
2020.09/apache/entrypoint.sh Executable file
View file

@ -0,0 +1,145 @@
#!/bin/sh
set -eu
# run an command with the www-data user
run_as() {
set -- -c "cd /var/www/html; $*"
if [ "$(id -u)" -eq 0 ]; then
su - www-data -s /bin/sh "$@"
else
sh "$@"
fi
}
# checks if the the first parameter is greater than the second parameter
version_greater() {
[ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ]
}
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
if [ -n "${varValue}" ]; then
export "$var"="${varValue}"
elif [ -n "${fileVarValue}" ]; then
export "$var"="$(cat "${fileVarValue}")"
elif [ -n "${def}" ]; then
export "$var"="$def"
fi
unset "$fileVar"
}
sh /setup_msmtp.sh
# just check if we execute apache or php-fpm
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then
installed_version="0.0.0.0"
if [ -f /var/www/html/VERSION ]; then
installed_version="$(cat /var/www/html/VERSION)"
fi
image_version="$(cat /usr/src/friendica/VERSION)"
# no downgrading possible
if version_greater "$installed_version" "$image_version"; then
echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)"
exit 1
fi
# check it just in case the version is greater or if we force the upgrade
if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then
echo "Initializing Friendica $image_version ..."
if [ "$installed_version" != "0.0.0.0" ]; then
echo "Upgrading Friendica from $installed_version ..."
fi
if [ "$(id -u)" -eq 0 ]; then
rsync_options="-rlDog --chown=www-data:www-data"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/
# Update docker-based config files, but never delete other config files
rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/
# In case there is no .htaccess, copy it from the default dist file
if [ ! -f "/var/www/html/.htaccess" ]; then
cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess"
fi
if [ -d /var/www/html/view/smarty3 ]; then
chmod -R 777 /var/www/html/view/smarty3
fi
echo "Initializing finished"
# install
if [ "$installed_version" = "0.0.0.0" ]; then
echo "New Friendica instance"
file_env FRIENDICA_ADMIN_MAIL
file_env MYSQL_DATABASE
file_env MYSQL_USER
file_env MYSQL_PASSWORD
install=false
if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then
echo "Installation with environment variables"
FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles}
FRIENDICA_LANG=${FRIENDICA_LANG:-en}
MYSQL_PORT=${MYSQL_PORT:-3306}
# shellcheck disable=SC2016
install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"'
# shellcheck disable=SC2016
install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"'
install=true
fi
if [ "$install" = true ]; then
echo "Waiting for MySQL $MYSQL_HOST initialization..."
if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then
echo "Starting Friendica installation ..."
run_as "php /var/www/html/bin/console.php autoinstall $install_options"
rm -fr /var/www/html/view/smarty3/compiled
# load other config files (*.config.php) to the config folder
if [ -d "/usr/src/config" ]; then
rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/
fi
echo "Installation finished"
else
echo "[ERROR] Waited 300 seconds, no response" >&2
fi
else
echo "Running web-based installer on first connect!"
fi
# upgrade
else
echo "Upgrading Friendica ..."
run_as 'php /var/www/html/bin/console.php dbstructure update'
echo "Upgrading finished"
fi
fi
fi
exec "$@"

View file

@ -0,0 +1,37 @@
#!/bin/sh
set -eu
if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then
SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}"
echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..."
smtp_from="${SMTP_FROM:=no-reply}"
# Setup MSMTP
usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root
usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data
# add possible mail-senders
{
echo "www-data: $smtp_from@$SMTP_DOMAIN"
echo "root: $smtp_from@$SMTP_DOMAIN"
} >/etc/aliases
# create msmtp settings
{
echo "account default"
echo "host $SMTP"
if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi
echo "from \"$smtp_from@$SMTP_DOMAIN\""
echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames
if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi
if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi
if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth on"; fi
if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi
if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi
echo "logfile /var/log/msmtp.log"
echo "aliases /etc/aliases"
} >/etc/msmtprc
echo "Setup finished"
fi

View file

@ -0,0 +1,10 @@
/.git/
/photo/
/proxy/
/.htconfig.php
/.htaccess
/home.*
/config/
/storage/
/log/
*.log

View file

@ -0,0 +1,122 @@
# DO NOT EDIT: created by update.sh from Dockerfile-alpine.template
FROM php:7.3-fpm-alpine
# entrypoint.sh and cron.sh dependencies
RUN set -ex; \
apk add --no-cache \
rsync \
git \
# For mail() support
msmtp \
shadow \
tini;
# install the PHP extensions we need
# see https://friendi.ca/resources/requirements/
RUN set -ex; \
\
apk add --no-cache --virtual .build-deps \
mariadb-client \
bash \
$PHPIZE_DEPS \
libpng-dev \
libjpeg-turbo-dev \
imagemagick-dev \
libtool \
libmemcached-dev \
cyrus-sasl-dev \
libjpeg-turbo-dev \
freetype-dev \
librsvg \
pcre-dev \
libzip-dev \
icu-dev \
openldap-dev \
; \
\
docker-php-ext-configure gd \
--with-gd \
--with-freetype-dir=/usr/include/ \
--with-png-dir=/usr/include/ \
--with-jpeg-dir=/usr/include/ \
; \
\
docker-php-ext-install -j "$(nproc)" \
pdo_mysql \
gd \
zip \
opcache \
pcntl \
ldap \
; \
\
# pecl will claim success even if one install fails, so we need to perform each install separately
pecl install APCu-5.1.18; \
pecl install memcached-3.1.5; \
pecl install redis-5.3.1; \
pecl install imagick-3.4.4; \
\
docker-php-ext-enable \
apcu \
memcached \
redis \
imagick \
; \
\
runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
apk add --no-network --virtual .friendica-phpext-rundeps $runDeps; \
apk del --no-network .build-deps;
# set recommended PHP.ini settings
RUN set -ex; \
{ \
echo 'opcache.enable=1' ; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=10000'; \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.save_comments=1'; \
echo 'opcache.revalidte_freq=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini; \
\
{ \
echo sendmail_path = "/usr/bin/msmtp -t"; \
} > /usr/local/etc/php/conf.d/sendmail.ini; \
\
echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \
\
echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \
\
mkdir /var/www/data; \
chown -R www-data:root /var/www; \
chmod -R g=u /var/www
VOLUME /var/www/html
ENV FRIENDICA_VERSION "2020.09"
ENV FRIENDICA_ADDONS "2020.09"
RUN set -ex; \
curl -fsSL -o friendica.tar.gz \
"https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \
tar -xzf friendica.tar.gz -C /usr/src/; \
rm friendica.tar.gz; \
mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \
chmod 777 /usr/src/friendica/view/smarty3; \
curl -fsSL -o friendica_addons.tar.gz \
"https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \
mkdir -p /usr/src/friendica/proxy; \
mkdir -p /usr/src/friendica/addon; \
tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \
rm friendica_addons.tar.gz;
COPY *.sh upgrade.exclude /
COPY config/* /usr/src/friendica/config/
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"]

View file

@ -0,0 +1,12 @@
<?php
/**
* If nothing else set, use APCu as a caching driver (best performance for local caching)
*/
return [
'system' => [
'cache_driver' => 'apcu',
'session_handler' => 'cache',
],
];

View file

@ -0,0 +1,15 @@
<?php
if (getenv('REDIS_HOST')) {
return [
'system' => [
'lock_driver' => 'redis',
'redis_host' => getenv('REDIS_HOST'),
'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''),
'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''),
'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0),
],
];
} else {
return [];
}

View file

@ -0,0 +1,62 @@
<?php
/**
* Fallback config to make it possible overwriting config values
* because of docker environment variables
*
* This doesn't affect DB configurations, but will replace other config values
*/
$config = [
'system' => [
// Necessary because otherwise the daemon isn't working
'pidfile' => '/var/run/friendica.pid',
'logfile' => '/var/www/html/friendica.log',
'loglevel' => 'notice',
],
'storage' => [
'filesystem_path' => '/var/www/html/storage',
],
];
if (getenv('FRIENDICA_TZ')) {
$config['config']['timezone'] = getenv('FRIENDICA_TZ');
}
if (getenv('FRIENDICA_LANG')) {
$config['config']['language'] = getenv('FRIENDICA_LANG');
}
if (getenv('FRIENDICA_ADMIN_MAIL')) {
$config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL');
}
if (getenv('FRIENDICA_SITENAME')) {
$config['config']['sitename'] = getenv('FRIENDICA_SITENAME');
}
if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) {
$config['system']['disable_url_validation'] = true;
$config['system']['disable_email_validation'] = true;
}
if (!empty(getenv('FRIENDICA_DATA'))) {
$config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class;
if (!empty(getenv('FRIENDICA_DATA_DIR'))) {
$config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA');
}
}
if (!empty(getenv('FRIENDICA_DEBUGGING'))) {
$config['system']['debugging'] = true;
if (!empty(getenv('FRIENDICA_LOGFILE'))) {
$config['system']['logfile'] = getenv('FRIENDICA_LOGFILE');
}
if (!empty(getenv('FRIENDICA_LOGLEVEL'))) {
$config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL');
}
}
return $config;

14
2020.09/fpm-alpine/cron.sh Executable file
View file

@ -0,0 +1,14 @@
#!/bin/sh
trap "break;exit" HUP INT TERM
while [ ! -f /var/www/html/bin/daemon.php ]; do
sleep 1
done
echo "Waiting for MySQL $MYSQL_HOST initialization..."
if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then
sh /setup_msmtp.sh
exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start
else
echo "[ERROR] Waited 300 seconds, no response" >&2
fi

145
2020.09/fpm-alpine/entrypoint.sh Executable file
View file

@ -0,0 +1,145 @@
#!/bin/sh
set -eu
# run an command with the www-data user
run_as() {
set -- -c "cd /var/www/html; $*"
if [ "$(id -u)" -eq 0 ]; then
su - www-data -s /bin/sh "$@"
else
sh "$@"
fi
}
# checks if the the first parameter is greater than the second parameter
version_greater() {
[ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ]
}
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
if [ -n "${varValue}" ]; then
export "$var"="${varValue}"
elif [ -n "${fileVarValue}" ]; then
export "$var"="$(cat "${fileVarValue}")"
elif [ -n "${def}" ]; then
export "$var"="$def"
fi
unset "$fileVar"
}
sh /setup_msmtp.sh
# just check if we execute apache or php-fpm
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then
installed_version="0.0.0.0"
if [ -f /var/www/html/VERSION ]; then
installed_version="$(cat /var/www/html/VERSION)"
fi
image_version="$(cat /usr/src/friendica/VERSION)"
# no downgrading possible
if version_greater "$installed_version" "$image_version"; then
echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)"
exit 1
fi
# check it just in case the version is greater or if we force the upgrade
if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then
echo "Initializing Friendica $image_version ..."
if [ "$installed_version" != "0.0.0.0" ]; then
echo "Upgrading Friendica from $installed_version ..."
fi
if [ "$(id -u)" -eq 0 ]; then
rsync_options="-rlDog --chown=www-data:www-data"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/
# Update docker-based config files, but never delete other config files
rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/
# In case there is no .htaccess, copy it from the default dist file
if [ ! -f "/var/www/html/.htaccess" ]; then
cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess"
fi
if [ -d /var/www/html/view/smarty3 ]; then
chmod -R 777 /var/www/html/view/smarty3
fi
echo "Initializing finished"
# install
if [ "$installed_version" = "0.0.0.0" ]; then
echo "New Friendica instance"
file_env FRIENDICA_ADMIN_MAIL
file_env MYSQL_DATABASE
file_env MYSQL_USER
file_env MYSQL_PASSWORD
install=false
if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then
echo "Installation with environment variables"
FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles}
FRIENDICA_LANG=${FRIENDICA_LANG:-en}
MYSQL_PORT=${MYSQL_PORT:-3306}
# shellcheck disable=SC2016
install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"'
# shellcheck disable=SC2016
install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"'
install=true
fi
if [ "$install" = true ]; then
echo "Waiting for MySQL $MYSQL_HOST initialization..."
if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then
echo "Starting Friendica installation ..."
run_as "php /var/www/html/bin/console.php autoinstall $install_options"
rm -fr /var/www/html/view/smarty3/compiled
# load other config files (*.config.php) to the config folder
if [ -d "/usr/src/config" ]; then
rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/
fi
echo "Installation finished"
else
echo "[ERROR] Waited 300 seconds, no response" >&2
fi
else
echo "Running web-based installer on first connect!"
fi
# upgrade
else
echo "Upgrading Friendica ..."
run_as 'php /var/www/html/bin/console.php dbstructure update'
echo "Upgrading finished"
fi
fi
fi
exec "$@"

View file

@ -0,0 +1,37 @@
#!/bin/sh
set -eu
if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then
SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}"
echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..."
smtp_from="${SMTP_FROM:=no-reply}"
# Setup MSMTP
usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root
usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data
# add possible mail-senders
{
echo "www-data: $smtp_from@$SMTP_DOMAIN"
echo "root: $smtp_from@$SMTP_DOMAIN"
} >/etc/aliases
# create msmtp settings
{
echo "account default"
echo "host $SMTP"
if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi
echo "from \"$smtp_from@$SMTP_DOMAIN\""
echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames
if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi
if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi
if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth on"; fi
if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi
if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi
echo "logfile /var/log/msmtp.log"
echo "aliases /etc/aliases"
} >/etc/msmtprc
echo "Setup finished"
fi

View file

@ -0,0 +1,10 @@
/.git/
/photo/
/proxy/
/.htconfig.php
/.htaccess
/home.*
/config/
/storage/
/log/
*.log

147
2020.09/fpm/Dockerfile Normal file
View file

@ -0,0 +1,147 @@
# DO NOT EDIT: created by update.sh from Dockerfile-debian.template
FROM php:7.3-fpm-buster
# entrypoint.sh and cron.sh dependencies
RUN set -ex; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
rsync \
bzip2 \
git \
# For mail() support
msmtp \
# For tini installation
gnupg dirmngr \
; \
rm -rf /var/lib/apt/lists/*;
# Add tini for reaping processes
ENV TINI_VERSION v0.19.0
RUN export BUILD_ARCH=$(dpkg-architecture --query DEB_BUILD_ARCH) \
&& mkdir ~/.gnupg \
&& echo "disable-ipv6" >> ~/.gnupg/dirmngr.conf \
&& curl -L -o /sbin/tini https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH} \
&& curl -L -o /tini.asc https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${BUILD_ARCH}.asc \
&& gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 \
&& gpg --batch --verify /tini.asc /sbin/tini \
&& chmod +x /sbin/tini
# install the PHP extensions we need
# see https://friendi.ca/resources/requirements/
RUN set -ex; \
\
savedAptMark="$(apt-mark showmanual)"; \
\
apt-get update; \
apt-get install -y --no-install-recommends \
mariadb-client \
bash \
libpng-dev \
libjpeg62-turbo-dev \
libtool \
libmagick++-dev \
libmemcached-dev \
libgraphicsmagick1-dev \
libfreetype6-dev \
librsvg2-2 \
libzip-dev \
libldap2-dev \
; \
\
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
\
docker-php-ext-configure gd \
--with-gd \
--with-freetype-dir=/usr/include/ \
--with-png-dir=/usr/include/ \
--with-jpeg-dir=/usr/include/ \
; \
docker-php-ext-configure ldap \
--with-libdir=lib/$debMultiarch/ \
;\
docker-php-ext-install -j "$(nproc)" \
pdo_mysql \
gd \
zip \
opcache \
ctype \
pcntl \
ldap \
; \
\
# pecl will claim success even if one install fails, so we need to perform each install separately
pecl install apcu-5.1.18; \
pecl install memcached-3.1.5; \
pecl install redis-5.3.1; \
pecl install imagick-3.4.4; \
\
docker-php-ext-enable \
apcu \
memcached \
redis \
imagick \
; \
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
apt-mark auto '.*' > /dev/null; \
apt-mark manual $savedAptMark; \
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
| awk '/=>/ { print $3 }' \
| sort -u \
| xargs -r dpkg-query -S \
| cut -d: -f1 \
| sort -u \
| xargs -rt apt-mark manual; \
\
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
rm -rf /var/lib/apt/lists/*
# set recommended PHP.ini settings
RUN set -ex; \
{ \
echo 'opcache.enable=1' ; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=10000'; \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.save_comments=1'; \
echo 'opcache.revalidte_freq=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini; \
\
{ \
echo sendmail_path = "/usr/bin/msmtp -t"; \
} > /usr/local/etc/php/conf.d/sendmail.ini; \
\
echo 'apc.enable_cli=1' >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini; \
\
echo 'memory_limit=512M' > /usr/local/etc/php/conf.d/memory-limit.ini; \
\
mkdir /var/www/data; \
chown -R www-data:root /var/www; \
chmod -R g=u /var/www
VOLUME /var/www/html
ENV FRIENDICA_VERSION "2020.09"
ENV FRIENDICA_ADDONS "2020.09"
RUN set -ex; \
curl -fsSL -o friendica.tar.gz \
"https://files.friendi.ca/friendica-full-${FRIENDICA_VERSION}.tar.gz"; \
tar -xzf friendica.tar.gz -C /usr/src/; \
rm friendica.tar.gz; \
mv -f /usr/src/friendica-full-${FRIENDICA_VERSION}/ /usr/src/friendica; \
chmod 777 /usr/src/friendica/view/smarty3; \
curl -fsSL -o friendica_addons.tar.gz \
"https://files.friendi.ca/friendica-addons-${FRIENDICA_ADDONS}.tar.gz"; \
mkdir -p /usr/src/friendica/proxy; \
mkdir -p /usr/src/friendica/addon; \
tar -xzf friendica_addons.tar.gz -C /usr/src/friendica/addon --strip-components=1; \
rm friendica_addons.tar.gz;
COPY *.sh upgrade.exclude /
COPY config/* /usr/src/friendica/config/
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm"]

View file

@ -0,0 +1,12 @@
<?php
/**
* If nothing else set, use APCu as a caching driver (best performance for local caching)
*/
return [
'system' => [
'cache_driver' => 'apcu',
'session_handler' => 'cache',
],
];

View file

@ -0,0 +1,15 @@
<?php
if (getenv('REDIS_HOST')) {
return [
'system' => [
'lock_driver' => 'redis',
'redis_host' => getenv('REDIS_HOST'),
'redis_port' => (getenv('REDIS_PORT') ? getenv('REDIS_PORT') : ''),
'redis_password' => (getenv('REDIS_PW') ? getenv('REDIS_PW') : ''),
'redis_db' => (getenv('REDIS_DB') ? getenv('REDIS_DB') : 0),
],
];
} else {
return [];
}

View file

@ -0,0 +1,62 @@
<?php
/**
* Fallback config to make it possible overwriting config values
* because of docker environment variables
*
* This doesn't affect DB configurations, but will replace other config values
*/
$config = [
'system' => [
// Necessary because otherwise the daemon isn't working
'pidfile' => '/var/run/friendica.pid',
'logfile' => '/var/www/html/friendica.log',
'loglevel' => 'notice',
],
'storage' => [
'filesystem_path' => '/var/www/html/storage',
],
];
if (getenv('FRIENDICA_TZ')) {
$config['config']['timezone'] = getenv('FRIENDICA_TZ');
}
if (getenv('FRIENDICA_LANG')) {
$config['config']['language'] = getenv('FRIENDICA_LANG');
}
if (getenv('FRIENDICA_ADMIN_MAIL')) {
$config['config']['admin_email'] = getenv('FRIENDICA_ADMIN_MAIL');
}
if (getenv('FRIENDICA_SITENAME')) {
$config['config']['sitename'] = getenv('FRIENDICA_SITENAME');
}
if (!empty(getenv('FRIENDICA_NO_VALIDATION'))) {
$config['system']['disable_url_validation'] = true;
$config['system']['disable_email_validation'] = true;
}
if (!empty(getenv('FRIENDICA_DATA'))) {
$config['storage']['class'] = \Friendica\Model\Storage\Filesystem::class;
if (!empty(getenv('FRIENDICA_DATA_DIR'))) {
$config['storage']['filesystem_path'] = getenv('FRIENDICA_DATA');
}
}
if (!empty(getenv('FRIENDICA_DEBUGGING'))) {
$config['system']['debugging'] = true;
if (!empty(getenv('FRIENDICA_LOGFILE'))) {
$config['system']['logfile'] = getenv('FRIENDICA_LOGFILE');
}
if (!empty(getenv('FRIENDICA_LOGLEVEL'))) {
$config['system']['loglevel'] = getenv('FRIENDICA_LOGLEVEL');
}
}
return $config;

14
2020.09/fpm/cron.sh Executable file
View file

@ -0,0 +1,14 @@
#!/bin/sh
trap "break;exit" HUP INT TERM
while [ ! -f /var/www/html/bin/daemon.php ]; do
sleep 1
done
echo "Waiting for MySQL $MYSQL_HOST initialization..."
if php /var/www/html/bin/wait-for-connection "$MYSQL_HOST" "${MYSQL_PORT:-3306}" 300; then
sh /setup_msmtp.sh
exec /sbin/tini -- php /var/www/html/bin/daemon.php -f start
else
echo "[ERROR] Waited 300 seconds, no response" >&2
fi

145
2020.09/fpm/entrypoint.sh Executable file
View file

@ -0,0 +1,145 @@
#!/bin/sh
set -eu
# run an command with the www-data user
run_as() {
set -- -c "cd /var/www/html; $*"
if [ "$(id -u)" -eq 0 ]; then
su - www-data -s /bin/sh "$@"
else
sh "$@"
fi
}
# checks if the the first parameter is greater than the second parameter
version_greater() {
[ "$(printf '%s\n' "$@" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/' | sort -t '.' -k1,1n -k2,2n -k3,3nbr | head -n 1)" != "$(printf "$1" | sed -e 's/-rc/.1/' | sed -e 's/-dev/.2/')" ]
}
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
if [ -n "${varValue}" ]; then
export "$var"="${varValue}"
elif [ -n "${fileVarValue}" ]; then
export "$var"="$(cat "${fileVarValue}")"
elif [ -n "${def}" ]; then
export "$var"="$def"
fi
unset "$fileVar"
}
sh /setup_msmtp.sh
# just check if we execute apache or php-fpm
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ]; then
installed_version="0.0.0.0"
if [ -f /var/www/html/VERSION ]; then
installed_version="$(cat /var/www/html/VERSION)"
fi
image_version="$(cat /usr/src/friendica/VERSION)"
# no downgrading possible
if version_greater "$installed_version" "$image_version"; then
echo "Can't copy Friendica sources because the version of the data ($installed_version) is higher than the docker image ($image_version)"
exit 1
fi
# check it just in case the version is greater or if we force the upgrade
if version_greater "$image_version" "$installed_version" || [ "${FRIENDICA_UPGRADE:-false}" = "true" ]; then
echo "Initializing Friendica $image_version ..."
if [ "$installed_version" != "0.0.0.0" ]; then
echo "Upgrading Friendica from $installed_version ..."
fi
if [ "$(id -u)" -eq 0 ]; then
rsync_options="-rlDog --chown=www-data:www-data"
else
rsync_options="-rlD"
fi
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/friendica/ /var/www/html/
# Update docker-based config files, but never delete other config files
rsync $rsync_options --update /usr/src/friendica/config/ /var/www/html/config/
# In case there is no .htaccess, copy it from the default dist file
if [ ! -f "/var/www/html/.htaccess" ]; then
cp "/var/www/html/.htaccess-dist" "/var/www/html/.htaccess"
fi
if [ -d /var/www/html/view/smarty3 ]; then
chmod -R 777 /var/www/html/view/smarty3
fi
echo "Initializing finished"
# install
if [ "$installed_version" = "0.0.0.0" ]; then
echo "New Friendica instance"
file_env FRIENDICA_ADMIN_MAIL
file_env MYSQL_DATABASE
file_env MYSQL_USER
file_env MYSQL_PASSWORD
install=false
if [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${FRIENDICA_ADMIN_MAIL+x}" ] && [ -n "${FRIENDICA_URL+x}" ]; then
echo "Installation with environment variables"
FRIENDICA_TZ=${FRIENDICA_TZ:-America/LosAngeles}
FRIENDICA_LANG=${FRIENDICA_LANG:-en}
MYSQL_PORT=${MYSQL_PORT:-3306}
# shellcheck disable=SC2016
install_options='-s --dbhost "'$MYSQL_HOST'" --dbport "'$MYSQL_PORT'" --dbdata "'$MYSQL_DATABASE'" --dbuser "'$MYSQL_USER'" --dbpass "'$MYSQL_PASSWORD'"'
# shellcheck disable=SC2016
install_options=$install_options' --admin "'$FRIENDICA_ADMIN_MAIL'" --tz "'$FRIENDICA_TZ'" --lang "'$FRIENDICA_LANG'" --url "'$FRIENDICA_URL'"'
install=true
fi
if [ "$install" = true ]; then
echo "Waiting for MySQL $MYSQL_HOST initialization..."
if run_as "php /var/www/html/bin/wait-for-connection $MYSQL_HOST ${MYSQL_PORT:-3306} 300"; then
echo "Starting Friendica installation ..."
run_as "php /var/www/html/bin/console.php autoinstall $install_options"
rm -fr /var/www/html/view/smarty3/compiled
# load other config files (*.config.php) to the config folder
if [ -d "/usr/src/config" ]; then
rsync $rsync_options --ignore-existing /usr/src/config/ /var/www/html/config/
fi
echo "Installation finished"
else
echo "[ERROR] Waited 300 seconds, no response" >&2
fi
else
echo "Running web-based installer on first connect!"
fi
# upgrade
else
echo "Upgrading Friendica ..."
run_as 'php /var/www/html/bin/console.php dbstructure update'
echo "Upgrading finished"
fi
fi
fi
exec "$@"

View file

@ -0,0 +1,37 @@
#!/bin/sh
set -eu
if [ -n "${SMTP_DOMAIN+x}" ] && [ -n "${SMTP+x}" ] && [ "${SMTP}" != "localhost" ]; then
SITENAME="${FRIENDICA_SITENAME:-Friendica Social Network}"
echo "Setup MSMTP for '$SITENAME' with '$SMTP' ..."
smtp_from="${SMTP_FROM:=no-reply}"
# Setup MSMTP
usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" root
usermod --comment "$(echo "$SITENAME" | tr -dc '[:print:]')" www-data
# add possible mail-senders
{
echo "www-data: $smtp_from@$SMTP_DOMAIN"
echo "root: $smtp_from@$SMTP_DOMAIN"
} >/etc/aliases
# create msmtp settings
{
echo "account default"
echo "host $SMTP"
if [ -n "${SMTP_PORT+x}" ]; then echo "port $SMTP_PORT"; else echo "port 587"; fi
echo "from \"$smtp_from@$SMTP_DOMAIN\""
echo "tls_certcheck off" # No certcheck because of internal docker mail-hostnames
if [ -n "${SMTP_TLS+x}" ]; then echo "tls on"; fi
if [ -n "${SMTP_STARTTLS+x}" ]; then echo "tls_starttls on"; fi
if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "auth on"; fi
if [ -n "${SMTP_AUTH_USER+x}" ]; then echo "user \"$SMTP_AUTH_USER\""; fi
if [ -n "${SMTP_AUTH_PASS+x}" ]; then echo "password \"$SMTP_AUTH_PASS\""; fi
echo "logfile /var/log/msmtp.log"
echo "aliases /etc/aliases"
} >/etc/msmtprc
echo "Setup finished"
fi

View file

@ -0,0 +1,10 @@
/.git/
/photo/
/proxy/
/.htconfig.php
/.htaccess
/home.*
/config/
/storage/
/log/
*.log

View file

@ -1 +1 @@
2020.07-1 2020.09