From 63b72f02d00770632526393e5596e37682e2c857 Mon Sep 17 00:00:00 2001 From: Aditya Prima Date: Thu, 12 Sep 2024 02:29:42 +0700 Subject: [PATCH] Updated gitea workflows, php fpm configurations and init scripts --- .gitea/workflows/alpine-dockerio.yaml | 16 ++++++++++++++++ .gitea/workflows/ubuntu-dockerio.yaml | 16 ++++++++++++++++ Dockerfile.alpine | 4 +++- Dockerfile.alpine-rootless | 12 ++++++++++-- Dockerfile.ubuntu | 4 +++- Dockerfile.ubuntu-rootless | 10 +++++++++- etc/php/fpm/php-fpm.conf | 1 + etc/php/fpm/pool.d-rootless/00-www.conf | 8 ++++---- etc/php/fpm/pool.d/00-www.conf | 6 +++--- scripts/php-fpm-init-alpine-rootless | 5 +++++ scripts/php-fpm-init-rootless | 5 +++++ 11 files changed, 75 insertions(+), 12 deletions(-) create mode 100644 scripts/php-fpm-init-alpine-rootless create mode 100644 scripts/php-fpm-init-rootless diff --git a/.gitea/workflows/alpine-dockerio.yaml b/.gitea/workflows/alpine-dockerio.yaml index 65cb794..eaf9e6f 100644 --- a/.gitea/workflows/alpine-dockerio.yaml +++ b/.gitea/workflows/alpine-dockerio.yaml @@ -25,6 +25,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=5.6 ALPINE_VERSION=3.5 push: true @@ -36,6 +37,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.2 ALPINE_VERSION=3.9 push: true @@ -47,6 +49,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.3 ALPINE_VERSION=3.10 push: true @@ -58,6 +61,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.4 ALPINE_VERSION=3.13 push: true @@ -69,6 +73,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.0 ALPINE_VERSION=3.16 push: true @@ -80,6 +85,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.1 ALPINE_VERSION=3.18 push: true @@ -91,6 +97,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.2 ALPINE_VERSION=3.18 push: true @@ -102,6 +109,7 @@ jobs: context: . file: Dockerfile.alpine build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.3 ALPINE_VERSION=3.19 push: true @@ -129,6 +137,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=5.6 ALPINE_VERSION=3.5 push: true @@ -140,6 +149,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.2 ALPINE_VERSION=3.9 push: true @@ -151,6 +161,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.3 ALPINE_VERSION=3.10 push: true @@ -162,6 +173,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.4 ALPINE_VERSION=3.13 push: true @@ -173,6 +185,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.0 ALPINE_VERSION=3.16 push: true @@ -184,6 +197,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.1 ALPINE_VERSION=3.18 push: true @@ -195,6 +209,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.2 ALPINE_VERSION=3.18 push: true @@ -206,6 +221,7 @@ jobs: context: . file: Dockerfile.alpine-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.3 ALPINE_VERSION=3.19 push: true diff --git a/.gitea/workflows/ubuntu-dockerio.yaml b/.gitea/workflows/ubuntu-dockerio.yaml index 3ebcf04..6004376 100644 --- a/.gitea/workflows/ubuntu-dockerio.yaml +++ b/.gitea/workflows/ubuntu-dockerio.yaml @@ -25,6 +25,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=5.6 push: true tags: | @@ -36,6 +37,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.2 push: true tags: | @@ -47,6 +49,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.3 push: true tags: | @@ -58,6 +61,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.4 push: true tags: | @@ -69,6 +73,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.0 push: true tags: | @@ -80,6 +85,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.1 push: true tags: | @@ -91,6 +97,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.2 push: true tags: | @@ -102,6 +109,7 @@ jobs: context: . file: Dockerfile.ubuntu build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.3 push: true tags: | @@ -130,6 +138,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=5.6 push: true tags: | @@ -141,6 +150,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.2 push: true tags: | @@ -152,6 +162,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.3 push: true tags: | @@ -163,6 +174,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=7.4 push: true tags: | @@ -174,6 +186,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.0 push: true tags: | @@ -185,6 +198,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.1 push: true tags: | @@ -196,6 +210,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.2 push: true tags: | @@ -207,6 +222,7 @@ jobs: context: . file: Dockerfile.ubuntu-rootless build-args: | + REGISTRY_URL=docker.io/aprimediet PHP_VERSION=8.3 push: true tags: | diff --git a/Dockerfile.alpine b/Dockerfile.alpine index a5532e7..7572da8 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -32,4 +32,6 @@ RUN chmod +x /usr/local/bin/php-fpm-healthcheck # CLEAN APK CACHES RUN rm -vrf /var/cache/apk/* -EXPOSE 9000 \ No newline at end of file +EXPOSE 9000 + +CMD ["sh","-c", "/usr/local/bin/php-fpm-init"] \ No newline at end of file diff --git a/Dockerfile.alpine-rootless b/Dockerfile.alpine-rootless index 5d80273..51f0583 100644 --- a/Dockerfile.alpine-rootless +++ b/Dockerfile.alpine-rootless @@ -12,6 +12,9 @@ RUN addgroup -g 10001 phpfpm && adduser -D -u 10001 -G phpfpm -s /bin/sh -h /app # Set workdir WORKDIR / +# CREATE FUTURE WORKDIR +RUN mkdir -p /app && chown phpfpm:phpfpm /app + # INSTALL PHP APP RUN --mount=type=cache,target=/var/cache/apk \ apk upgrade && apk add --update \ @@ -26,7 +29,7 @@ ADD ./etc/php/fpm/php-fpm.conf /etc/php/fpm/php-fpm.conf ADD ./etc/php/fpm/pool.d-rootless /etc/php/fpm/pool.d # COPY INIT SCRIPT -ADD ./scripts/php-fpm-init-alpine /usr/local/bin/php-fpm-init +ADD ./scripts/php-fpm-init-alpine-rootless /usr/local/bin/php-fpm-init RUN chmod +x /usr/local/bin/php-fpm-init # INSTALL PHP FPM HEALTHCHECK UTILITIES @@ -36,6 +39,11 @@ RUN chmod +x /usr/local/bin/php-fpm-healthcheck # CLEAN APK CACHES RUN rm -vrf /var/cache/apk/* +# SET USER WORKDIR +WORKDIR /app + USER phpfpm -EXPOSE 9000 \ No newline at end of file +EXPOSE 9000 + +CMD ["sh","-c", "/usr/local/bin/php-fpm-init"] \ No newline at end of file diff --git a/Dockerfile.ubuntu b/Dockerfile.ubuntu index 2f55a1b..a2aa998 100644 --- a/Dockerfile.ubuntu +++ b/Dockerfile.ubuntu @@ -31,4 +31,6 @@ RUN chmod +x /usr/local/bin/php-fpm-healthcheck # CLEAN APT CACHE RUN apt -y clean -EXPOSE 9000 \ No newline at end of file +EXPOSE 9000 + +CMD ["sh","-c", "/usr/local/bin/php-fpm-init"] \ No newline at end of file diff --git a/Dockerfile.ubuntu-rootless b/Dockerfile.ubuntu-rootless index 03a3fbc..4f27d9b 100644 --- a/Dockerfile.ubuntu-rootless +++ b/Dockerfile.ubuntu-rootless @@ -12,6 +12,9 @@ RUN groupadd -g 10001 phpfpm && useradd -D -u 10001 -G phpfpm -s /bin/sh -h /app # Set workdir WORKDIR / +# CREATE FUTURE WORKDIR +RUN mkdir -p /app && chown phpfpm:phpfpm /app + # INSTALL BASE DEPENDENCIES RUN --mount=type=cache,target=/var/cache/apt/archives \ apt -y update && apt -y upgrade && apt -y install \ @@ -34,6 +37,11 @@ RUN chmod +x /usr/local/bin/php-fpm-healthcheck # CLEAN APT CACHE RUN apt -y clean +# SET USER WORKDIR +WORKDIR /app + USER phpfpm -EXPOSE 9000 \ No newline at end of file +EXPOSE 9000 + +CMD ["sh","-c", "/usr/local/bin/php-fpm-init"] \ No newline at end of file diff --git a/etc/php/fpm/php-fpm.conf b/etc/php/fpm/php-fpm.conf index 9f667f2..ab58097 100644 --- a/etc/php/fpm/php-fpm.conf +++ b/etc/php/fpm/php-fpm.conf @@ -3,6 +3,7 @@ ;;;;;;;;;;;;;;;;;;;;; ;pid = /run/php/php5.6-fpm.pid +pid = /tmp/php-fpm.pid error_log = /proc/self/fd/2 log_level = warning emergency_restart_threshold = 10 diff --git a/etc/php/fpm/pool.d-rootless/00-www.conf b/etc/php/fpm/pool.d-rootless/00-www.conf index bdb170b..732611e 100644 --- a/etc/php/fpm/pool.d-rootless/00-www.conf +++ b/etc/php/fpm/pool.d-rootless/00-www.conf @@ -20,7 +20,7 @@ listen.group = phpfpm ;rlimit_files = 1024 ;rlimit_core = 0 ;chroot = -;chdir = /var/www +chdir = /app ;catch_workers_output = yes clear_env = no ;security.limit_extensions = .php .php3 .php4 .php5 @@ -37,9 +37,9 @@ pm.min_spare_servers = 5 pm.max_spare_servers = 5 pm.process_idle_timeout = 10s; pm.max_requests = 500 -;pm.status_path = /status -;ping.path = /ping -;ping.response = pong +pm.status_path = /php-status +ping.path = /php-ping +ping.response = pong ; ; PHP.INI OVERRIDE diff --git a/etc/php/fpm/pool.d/00-www.conf b/etc/php/fpm/pool.d/00-www.conf index 7f1bef4..67cd8d4 100644 --- a/etc/php/fpm/pool.d/00-www.conf +++ b/etc/php/fpm/pool.d/00-www.conf @@ -37,9 +37,9 @@ pm.min_spare_servers = 5 pm.max_spare_servers = 5 pm.process_idle_timeout = 10s; pm.max_requests = 500 -;pm.status_path = /status -;ping.path = /ping -;ping.response = pong +pm.status_path = /php-status +ping.path = /php-ping +ping.response = pong ; ; PHP.INI OVERRIDE diff --git a/scripts/php-fpm-init-alpine-rootless b/scripts/php-fpm-init-alpine-rootless new file mode 100644 index 0000000..6dc933e --- /dev/null +++ b/scripts/php-fpm-init-alpine-rootless @@ -0,0 +1,5 @@ +#!/bin/sh +echo "--------------------" +echo "Starting PHP FPM ${PHP_VERSION}" +echo "--------------------" +$PHP_FPM_BIN -F -O -c /etc/php${PHP_VERSION} -y /etc/php/fpm/php-fpm.conf \ No newline at end of file diff --git a/scripts/php-fpm-init-rootless b/scripts/php-fpm-init-rootless new file mode 100644 index 0000000..f860204 --- /dev/null +++ b/scripts/php-fpm-init-rootless @@ -0,0 +1,5 @@ +#!/bin/sh +echo "--------------------" +echo "Starting PHP FPM ${PHP_VERSION}" +echo "--------------------" +$PHP_FPM_BIN -F -O -c /etc/php/${PHP_VERSION}/cli -y /etc/php/fpm/php-fpm.conf \ No newline at end of file