pelican-dev · lancepioch · Sep 27, 2024 · Jun 3, 2024 · Jun 11, 2024 · Jun 11, 2024
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,10 @@
+.git
+node_modules
+vendor
+database/database.sqlite
+storage/debugbar/*.json
+storage/logs/*.log
+storage/framework/cache/data/*
+storage/framework/sessions/*
+storage/framework/testing
+storage/framework/views/*.php
diff --git a/.env.docker b/.env.docker
@@ -0,0 +1,3 @@
+APP_KEY=
+
+DB_DATABASE=docker/database.sqlite
diff --git a/.github/docker/entrypoint.sh b/.github/docker/entrypoint.sh
@@ -1,81 +1,56 @@
 #!/bin/ash -e
-cd /app
 
-mkdir -p /var/log/panel/logs/ /var/log/supervisord/ /var/log/nginx/ /var/log/php8/ \
-  && chmod 777 /var/log/panel/logs/ \
-  && ln -s /app/storage/logs/ /var/log/panel/
+#mkdir -p /var/log/supervisord/ /var/log/php8/ \
 
 ## check for .env file and generate app keys if missing
-if [ -f /app/var/.env ]; then
+if [ -f /pelican-data/.env ]; then
   echo "external vars exist."
-  rm -rf /app/.env
-  ln -s /app/var/.env /app/
+  rm -rf /var/www/html/.env
 else
   echo "external vars don't exist."
-  rm -rf /app/.env
-  touch /app/var/.env
+  rm -rf /var/www/html/.env
+  touch /pelican-data/.env
 
   ## manually generate a key because key generate --force fails
   if [ -z $APP_KEY ]; then
      echo -e "Generating key."
      APP_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
      echo -e "Generated app key: $APP_KEY"
-     echo -e "APP_KEY=$APP_KEY" > /app/var/.env
+     echo -e "APP_KEY=$APP_KEY" > /pelican-data/.env
   else
     echo -e "APP_KEY exists in environment, using that."
-    echo -e "APP_KEY=$APP_KEY" > /app/var/.env
+    echo -e "APP_KEY=$APP_KEY" > /pelican-data/.env
   fi
-
-  ln -s /app/var/.env /app/
 fi
 
-echo "Checking if https is required."
-if [ -f /etc/nginx/http.d/panel.conf ]; then
-  echo "Using nginx config already in place."
-  if [ $LE_EMAIL ]; then
-    echo "Checking for cert update"
-    certbot certonly -d $(echo $APP_URL | sed 's~http[s]*://~~g')  --standalone -m $LE_EMAIL --agree-tos -n
-  else
-    echo "No letsencrypt email is set"
-  fi
-else
-  echo "Checking if letsencrypt email is set."
-  if [ -z $LE_EMAIL ]; then
-    echo "No letsencrypt email is set using http config."
-    cp .github/docker/default.conf /etc/nginx/http.d/panel.conf
-  else
-    echo "writing ssl config"
-    cp .github/docker/default_ssl.conf /etc/nginx/http.d/panel.conf
-    echo "updating ssl config for domain"
-    sed -i "s|<domain>|$(echo $APP_URL | sed 's~http[s]*://~~g')|g" /etc/nginx/http.d/panel.conf
-    echo "generating certs"
-    certbot certonly -d $(echo $APP_URL | sed 's~http[s]*://~~g')  --standalone -m $LE_EMAIL --agree-tos -n
-  fi
-  echo "Removing the default nginx config"
-  rm -rf /etc/nginx/http.d/default.conf
-fi
+ln -s /pelican-data/.env /var/www/html/
 
-if [[ -z $DB_PORT ]]; then
-  echo -e "DB_PORT not specified, defaulting to 3306"
-  DB_PORT=3306
-fi
+touch /pelican-data/database.sqlite
 
-## check for DB up before starting the panel
-echo "Checking database status."
-until nc -z -v -w30 $DB_HOST $DB_PORT
-do
-  echo "Waiting for database connection..."
-  # wait for 1 seconds before check again
-  sleep 1
-done
+if ! grep -q "APP_KEY=" .env || grep -q "APP_KEY=$" .env; then
+  echo "Generating APP_KEY..."
+  php artisan key:generate --force
+else
+  echo "APP_KEY is already set."
+fi
 
 ## make sure the db is set up
-echo -e "Migrating and Seeding D.B"
-php artisan migrate --seed --force
+echo -e "Migrating and Seeding Database"
+php artisan migrate --force
 
 ## start cronjobs for the queue
 echo -e "Starting cron jobs."
 crond -L /var/log/crond -l 5
 
+if [[ -z $SKIP_CADDY ]]; then
+  echo "Starting PHP-FPM and Caddy"
+  caddy run --config /etc/caddy/Caddyfile --adapter caddyfile &
+else
+  echo "Starting PHP-FPM only"
+fi
+
+#chmod -R 755 storage/* bootstrap/cache/
+chown -R www-data:www-data .
+
 echo -e "Starting supervisord."
 exec "$@"
diff --git a/Caddyfile b/Caddyfile
@@ -0,0 +1,11 @@
+{
+    email {$ADMIN_EMAIL}
+}
+
+{$APP_URL} {
+    root * /var/www/html/public
+    encode gzip
+
+    php_fastcgi 127.0.0.1:9000
+    file_server
+}
diff --git a/Dockerfile b/Dockerfile
@@ -1,41 +1,56 @@
-# Stage 0:
-# Build the assets that are needed for the frontend. This build stage is then discarded
-# since we won't need NodeJS anymore in the future. This Docker image ships a final production
-# level distribution
-FROM --platform=$TARGETOS/$TARGETARCH node:20-alpine
-WORKDIR /app
-COPY . ./
-RUN yarn install --frozen-lockfile \
-    && yarn run build:production
+# Pelican Production Dockerfile
+
+FROM node:20-alpine AS yarn
+#FROM --platform=$TARGETOS/$TARGETARCH node:20-alpine AS yarn
+
+WORKDIR /build
 
-# Stage 1:
-# Build the actual container with all of the needed PHP dependencies that will run the application.
-FROM --platform=$TARGETOS/$TARGETARCH php:8.3-fpm-alpine
-WORKDIR /app
 COPY . ./
-COPY --from=0 /app/public/assets ./public/assets
-RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar unzip nginx libpng-dev libxml2-dev libzip-dev icu-dev certbot certbot-nginx \
-    && docker-php-ext-configure zip \
-    && docker-php-ext-install bcmath gd intl pdo_mysql zip \
-    && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \
-    && cp .env.example .env \
-    && mkdir -p bootstrap/cache/ storage/logs storage/framework/sessions storage/framework/views storage/framework/cache \
-    && chmod 777 -R bootstrap storage \
-    && composer install --no-dev --optimize-autoloader \
-    && rm -rf .env bootstrap/cache/*.php \
-    && mkdir -p /app/storage/logs/ \
-    && chown -R nginx:nginx .
-
-RUN rm /usr/local/etc/php-fpm.conf \
-    && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \
-    && echo "0 23 * * * certbot renew --nginx --quiet" >> /var/spool/cron/crontabs/root \
-    && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \
-    && mkdir -p /var/run/php /var/run/nginx
-
-COPY .github/docker/default.conf /etc/nginx/http.d/default.conf
-COPY .github/docker/www.conf /usr/local/etc/php-fpm.conf
-COPY .github/docker/supervisord.conf /etc/supervisord.conf
-
-EXPOSE 80 443
+
+RUN yarn install --frozen-lockfile && yarn run build:production
+
+FROM php:8.3-fpm-alpine
+# FROM --platform=$TARGETOS/$TARGETARCH php:8.3-fpm-alpine
+
+COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
+
+WORKDIR /var/www/html
+
+# Install dependencies
+RUN apk update && apk add --no-cache \
+    libpng-dev libjpeg-turbo-dev freetype-dev libzip-dev icu-dev \
+    zip unzip curl \
+    caddy ca-certificates supervisor \
+    && docker-php-ext-install bcmath gd intl zip opcache pcntl posix
+
+# Copy the Caddyfile to the container
+COPY Caddyfile /etc/caddy/Caddyfile
+
+# Copy the application code to the container
+COPY . .
+
+COPY --from=yarn /build/public/assets ./public/assets
+
+RUN cp .env.docker .env
+
+RUN composer install --no-dev --optimize-autoloader
+
+# Set file permissions
+RUN chmod -R 755 /var/www/html/storage \
+    && chmod -R 755 /var/www/html/bootstrap/cache
+
+#echo "* * * * * /usr/local/bin/php /build/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root
+
+HEALTHCHECK --interval=5m --timeout=10s --start-period=5s --retries=3 \
+  CMD curl -f http://localhost/up || exit 1
+
+EXPOSE 80:2019
+EXPOSE 443
+
+VOLUME /pelican-data
+
+# Start PHP-FPM
+CMD ["sh", "-c", "php-fpm"]
+
 ENTRYPOINT [ "/bin/ash", ".github/docker/entrypoint.sh" ]
-CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ]
+# CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ]
diff --git a/compose.yml b/compose.yml
@@ -0,0 +1,58 @@
+x-common:
+  panel:
+    &panel-environment
+    APP_URL: "https://localhost" # can be set to 'http://localhost' to un on port 80 only
+    APP_DEBUG: "false"
+    ADMIN_EMAIL: "USEYOUROWNEMAILHERE@example.com"
+
+    APP_ENVIRONMENT_ONLY: "false"
+    APP_ENV: "production"
+    SESSION_DRIVER: "file"
+
+  mail:
+    &mail-environment
+    MAIL_DRIVER: "log"
+    # MAIL_HOST: ""
+    # MAIL_PORT: ""
+    # MAIL_FROM: ""
+    # MAIL_USERNAME: ""
+    # MAIL_PASSWORD: ""
+    # MAIL_ENCRYPTION: ""
+
+#
+# ------------------------------------------------------------------------------------------
+# DANGER ZONE BELOW
+#
+# The remainder of this file likely does not need to be changed. Please only make modifications
+# below if you understand what you are doing.
+#
+
+services:
+  panel:
+    image: ghcr.io/pelican-dev/panel:latest
+    restart: always
+    networks:
+      - default
+    ports:
+      - "80:80"
+      - "443:443"
+      # - "9000:9000" # enable when not using caddy to be abel to reach php-fpm
+    extra_hosts:
+      - "host.docker.internal:host-gateway" # shows the panel on te internal docker network as well. usually '172.17.0.1'
+    volumes:
+      - pelican-data:/pelican-data
+      - pelican-logs:/var/www/html/storage/logs
+    environment:
+      <<: [*panel-environment, *mail-environment]
+      XDG_DATA_HOME: /pelican-data
+      # SKIP_CADDY: true # enable when not using caddy.
+
+volumes:
+  pelican-data:
+  pelican-logs:
+
+networks:
+  default:
+    ipam:
+      config:
+        - subnet: 172.20.0.0/16
diff --git a/composer.json b/composer.json
@@ -7,7 +7,6 @@
         "ext-json": "*",
         "ext-mbstring": "*",
         "ext-pdo": "*",
-        "ext-pdo_mysql": "*",
         "ext-zip": "*",
         "abdelhamiderrahmouni/filament-monaco-editor": "0.2.1",
         "aws/aws-sdk-php": "~3.288.1",