diff --git a/apache/build/Dockerfile b/apache/build/Dockerfile index 6a148a9..8792c74 100644 --- a/apache/build/Dockerfile +++ b/apache/build/Dockerfile @@ -1,7 +1,7 @@ ## copy of 'php:7.3-apache' image ## XXXvlab: will need to move towards separate apache and php, so that nginx can ## replace apache in all conf. -FROM docker.0k.io/php:7.3-apache +FROM docker.0k.io/php:7.3-apache-1 ## Limesurvey # RUN apt-get update && \ @@ -33,6 +33,37 @@ RUN apt-get update && \ docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ && \ docker-php-ext-install exif gd pdo_mysql mysqli +## gogocarto +RUN apt-get update && \ + BUILD_PACKAGES=" \ + libbz2-dev libc-client-dev libcurl4-openssl-dev libfreetype6-dev \ + libgd-dev libicu-dev libkrb5-dev libmagickcore-dev libmagickwand-dev \ + libmcrypt-dev libmemcached-dev libtidy-dev libxml2-dev libxslt-dev \ + libz-dev libzip-dev" && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + bzip2 cron g++ gettext git gnupg imagemagick libfreetype6 libgd3 \ + libmcrypt4 libmemcached11 libmemcachedutil2 libsodium23 libtidy5deb1 \ + libxml2 libxslt1.1 libzip4 nano openssl unzip ${BUILD_PACKAGES} && \ + docker-php-ext-configure gd --with-freetype-dir=/usr/include/ \ + --with-jpeg-dir=/usr/include/ && \ + docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \ + docker-php-ext-configure hash --with-mhash && \ + docker-php-ext-install bcmath bz2 calendar dba curl exif gd gettext \ + imap intl soap tidy xmlrpc mbstring simplexml xsl zip && \ + pecl install mongodb && docker-php-ext-enable mongodb && \ + pecl install xdebug && docker-php-ext-enable xdebug && \ + pecl install imagick && docker-php-ext-enable imagick && \ + MODULES="rewrite headers ssl" && \ + for module in ${MODULES}; do \ + a2enmod "$module"; \ + done && \ + apt-get remove -qq --purge -y ${BUILD_PACKAGES} && \ + apt-get autoremove -y && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + + + ## XXXvlab: could load these in 'entrypoint.sh' to be more dynamic RUN a2enmod headers proxy_http rewrite ssl proxy_wstunnel http2 proxy_connect diff --git a/gogocarto/README.org b/gogocarto/README.org new file mode 100644 index 0000000..18af7ea --- /dev/null +++ b/gogocarto/README.org @@ -0,0 +1,101 @@ + +* Important notice + +As the current docker install of gogocarto as of <2020-10-20 Tue> is +far from being mature, we try here to get only the released part. + +We are talking of: +[[https://gitlab.adullact.net/pixelhumain/GoGoCarto/-/blob/f3c10f16fc08b533ef44f1325fdb50f87fa73224/docs/installation_docker.md][gogocarto docker install documentation]] + +** Intermediate docker image is cached on docker.0k.io if needed + +To rebuild a new version, I pushed the huge docker image of +=gogocarto= container that is required in the process (that contains +apache and all build/install tools). Note that this should not require +to be rebuild if anything important changes in the directory =docker/=. + +Using: + +#+begin_src sh +docker_tree_hash=$(git rev-parse HEAD:docker) +docker tag docker_gogocarto docker.0k.io/gogocarto-builder:${docker_tree_hash} +docker push docker.0k.io/gogocarto-builder:${docker_tree_hash} +#+end_src + +So, if needed, it can be pulled back to avoid the hassle of making it: + +#+begin_src sh +docker_tree_hash=$(git rev-parse HEAD:docker) +docker pull docker.0k.io/gogocarto-builder:${docker_tree_hash} && +docker tag docker.0k.io/gogocarto-builder:${docker_tree_hash} docker_gogocarto +#+end_src + +You still need to do (as of <2020-10-20 Tue>): +- get the latest source code +- =make up= to launch de containers with the images +- =make shell= from the latest git repos +- =make init= in the container + +** Full release is cached on =docker.0k.io/downloads= + +This is the content of the source tree, once populated by =make init=. + +*** mongodb is not included + +As of <2020-10-23 Fri>, the =Makefile='s =init= target is: + +#+begin_src sh +$ grep ^init Makefile -A1 +init: install assets load-fixtures fix-perms ## Initialize the project + +#+end_src + +Note that ``load-fixtures`` target is actually mongodb initialization: + +#+begin_src sh +load-fixtures: ## Create the DB schema, generate DB classes and load fixtures + $(SYMFONY) doctrine:mongodb:schema:create + $(SYMFONY) doctrine:mongodb:generate:hydrators + $(SYMFONY) doctrine:mongodb:generate:proxies + $(SYMFONY) doctrine:mongodb:fixtures:load -n +#+end_src + +This will be done in the =hooks/mongo_database-relation-joined= accordingly. + + +*** o create the full data release bundle this is what was made: + +#+begin_src sh +## correct bundles links (no idea if it is needed) +( + cd web/bundles + for i in *; do + link_target=$(readlink "$i") + ln -sf /opt/apps/gogocarto"${link_target#/var/www}" "$i" + done +) +## Force original versions +git co web/index.php config/packages/doctrine_mongodb.yaml bin/console +sed -ri "s/^(<\?php)/\1\n\ini_set('memory.limit', '1024M');/" \ + web/index.php bin/console +sed -ri "s%dirname\(__DIR__\)\.'%'/opt/apps/gogocarto%g" \ + web/index.php +commit_sha=$(git describe HEAD --tags) +tar cjv \ + bin web vendor config src templates translations \ + --exclude=.git --exclude=.gitignore \ + > gogocarto-${commit_sha}.tar.bz2 +#+end_src + +This is still far from being perfect, I wonder if we can just remove +all non '\*.{php,yml,js}' files. I noticed many many unrelated files in +=vendor/=. + +We need =bin= for symphony utilities that allows to setup things. + +* Roadmap + +** TODO mongo / the default database name is probably not correctly set. + +Indeed, it seems it is defaulted to =gogocarto_default= and I didn't find +yet how to set it. There's a connection with SAAS mode I think. diff --git a/gogocarto/hooks/init b/gogocarto/hooks/init new file mode 100755 index 0000000..0fdc87a --- /dev/null +++ b/gogocarto/hooks/init @@ -0,0 +1,23 @@ +#!/bin/bash + +## Init is run on host +## For now it is run every time the script is launched, but +## it should be launched only once after build. + +## Accessible variables are: +## - SERVICE_NAME Name of current service +## - DOCKER_BASE_IMAGE Base image from which this service might be built if any +## - SERVICE_DATASTORE Location on host of the DATASTORE of this service +## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service + + +. lib/common + +set -e + + +if ! [ -e "$GOGOCARTO_CODE" ]; then + gogocarto:init || exit 1 +fi + +gogocarto:config || exit 1 \ No newline at end of file diff --git a/gogocarto/hooks/mongo_database-relation-joined b/gogocarto/hooks/mongo_database-relation-joined new file mode 100755 index 0000000..03e3172 --- /dev/null +++ b/gogocarto/hooks/mongo_database-relation-joined @@ -0,0 +1,43 @@ +#!/bin/bash + +. lib/common + +set -e + +DBNAME="$(relation-get dbname)" || exit 1 + +initing="${GOGOCARTO_CODE}"/.initing-${DBNAME} +if [ -e "$initing" ]; then + exit 0 +fi + + +inited="${GOGOCARTO_CODE}"/.inited-${DBNAME} + +MONGO_URL=mongodb://${TARGET_SERVICE_NAME}:27017/${DBNAME} + + +cat <> ${GOGOCARTO_CODE}/.env + +###> doctrine/mongodb-odm-bundle ### +MONGODB_URL=$MONGO_URL +###< doctrine/mongodb-odm-bundle ### + +EOF + +if [ -e "$inited" ]; then + exit 0 +fi + +## came from ``Makefile`` in git's gogocarto source code. Target load-fixtures. +touch "$initing" +trap_add EXIT,ERR "rm -v \"$initing\"" +symphony doctrine:mongodb:schema:create && +symphony doctrine:mongodb:generate:hydrators && +symphony doctrine:mongodb:generate:proxies && +symphony doctrine:mongodb:fixtures:load -n || { + err "Mongo database initialization failed." + exit 1 +} + +touch "$inited" diff --git a/gogocarto/hooks/publish_dir-relation-joined b/gogocarto/hooks/publish_dir-relation-joined new file mode 100755 index 0000000..4c9af2b --- /dev/null +++ b/gogocarto/hooks/publish_dir-relation-joined @@ -0,0 +1,66 @@ +#!/bin/bash + +. lib/common + +set -e + +domain=$(relation-get domain) || exit 1 +url=$(relation-get url) || exit 1 +# location=$CONFIGSTORE/$BASE_SERVICE_NAME/var/www/$domain + +upload_dir="${SERVICE_DATASTORE}/var/www/$domain/uploads" +if [ -d "$upload_dir" ]; then + uid_gid=$(stat --format=%u:%g "$upload_dir") +else + err "Upload dir '${upload_dir}' was not created. Can't continue." + exit 1 +fi + +dirs=( + /var/cache/gogocarto + /var/lib/gogocarto/sessions + /var/log/gogocarto +) + +to_create=() +for dir in "${dirs[@]}"; do + fdir="${SERVICE_DATASTORE}${dir}" + if ! [ -d "$fdir" ]; then + to_create+=("$fdir") + fi +done + +if [ "${#to_create[@]}" -gt 0 ]; then + mkdir -p "${to_create[@]}" && + chown -v "$uid_gid" "${to_create[@]}" && + chmod -v g+rwx "${to_create[@]}" +fi + +cat <> "${GOGOCARTO_CODE}"/.env + +BASE_PROTOCOL=${url%%://*} +BASE_URL=$domain +BASE_PATH=/index.php + +EOF + + +cat < "${GOGOCARTO_CODE}"/web/.htaccess + +Options -MultiViews +RewriteEngine On +RewriteCond %{REQUEST_FILENAME} !-f +RewriteRule ^(.*)$ index.php/\$1 [QSA,L] + +EOF + + +config-add " +services: + $MASTER_TARGET_SERVICE_NAME: + volumes: + - $SERVICE_CONFIGSTORE/opt/apps/gogocarto:/opt/apps/gogocarto:rw + - $SERVICE_DATASTORE/var/cache/gogocarto:/opt/apps/gogocarto/var/cache:rw + - $SERVICE_DATASTORE/var/lib/gogocarto/sessions:/opt/apps/gogocarto/var/sessions:rw + - $SERVICE_DATASTORE/var/log/gogocarto:/opt/apps/gogocarto/var/log:rw +" diff --git a/gogocarto/lib/common b/gogocarto/lib/common new file mode 100644 index 0000000..975b49d --- /dev/null +++ b/gogocarto/lib/common @@ -0,0 +1,86 @@ +# -*- mode: shell-script -*- + + +GOGOCARTO_CODE="$SERVICE_CONFIGSTORE/opt/apps/gogocarto" +GOGOCARTO_RELEASE=3.1.3-2-gf3c10f1 +GOGOCARTO_URL=https://docker.0k.io/downloads/gogocarto-"${GOGOCARTO_RELEASE}".tar.bz2 + + +gogocarto:init() { + mkdir -p "${GOGOCARTO_CODE}" && + cd "${GOGOCARTO_CODE}" && + curl "$GOGOCARTO_URL" | tar xjv +} + + +gogocarto:config() { + + APP_ENV=$(options-get app-env 2>/dev/null) || true + APP_ENV=${APP_ENV:-prod} + + cat < "${GOGOCARTO_CODE}"/.env + +###> symfony/framework-bundle ### +APP_ENV=$APP_ENV +APP_SECRET=82ec369b81caab5446ddfc3b5edb4d00 +CSRF_PROTECTION=$( + [ "$APP_ENV" == "prod" ] && + echo "true" || + echo "false") ## active csrf protection on production servers +#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 +#TRUSTED_HOSTS='^localhost|example\.com$' +###< symfony/framework-bundle ### + + +###> vich upload ### +IMAGES_MAX_FILESIZE=8M # for public images upload +IMAGE_RESIZE_WIDTH=1000 # in pixel +FILES_MAX_FILESIZE=1M # for other public file upload +###> vich upload ### + +USE_AS_SAAS=false +CONTACT_EMAIL=contact@localhost.fr +INSTANCE_NAME=GoGoCarto + + +###> symfony/swiftmailer-bundle ### +# For Gmail as a transport, use: "gmail://username:password@localhost" +# For a generic SMTP server, use: "smtp://localhost:25?encryption=&auth_mode=" +# Delivery is disabled by default via "null://localhost" +MAILER_URL=gmail://test.gogocarto:creerdescartesagogo@localhost +FROM_EMAIL=test.gogocarto@gmail.com +###< symfony/swiftmailer-bundle ### + +###> hwi/oauth-bundle ### +OAUTH_COMMUNS_ID=disabled +OAUTH_COMMUNS_SECRET=disabled +OAUTH_GOOGLE_ID=disabled +OAUTH_GOOGLE_SECRET=disabled +OAUTH_FACEBOOK_ID=disabled +OAUTH_FACEBOOK_SECRET=disabled +###< hwi/oauth-bundle ### + +###> sentry/sentry-symfony ### +# Log errors nicely with sentry. Create your account on sentry.io and provide the DSN here +# exple: SENTRY_DSN=https://6145d1aac36c429781fc1b0f79b0da48@sentry.io/1402018 +SENTRY_DSN= +###< sentry/sentry-symfony ### +EOF + +} + + +symphony() { + + export COMPOSE_IGNORE_ORPHANS=true + ## We don't want post deploy that is doing the final http initialization. + compose --debug -q --no-init --no-post-deploy \ + --without-relation="$SERVICE_NAME":web-proxy \ + run \ + "${symphony_docker_run_opts[@]}" \ + -T --rm -w /opt/apps/gogocarto \ + --entrypoint php \ + -u www-data "$SERVICE_NAME" bin/console "$@" | cat + + return "${PIPESTATUS[0]}" +} diff --git a/gogocarto/metadata.yml b/gogocarto/metadata.yml new file mode 100644 index 0000000..47486f3 --- /dev/null +++ b/gogocarto/metadata.yml @@ -0,0 +1,28 @@ +description: Gogocarto server +subordinate: true +requires: + web-publishing-directory: + interface: publish-dir + scope: container + + +uses: + publish-dir: + #constraint: required | recommended | optional + #auto: pair | summon | none ## default: pair + scope: container + constraint: required + auto: summon + solves: + container: "main running server" + default-options: + location: !var-expand "$CONFIGSTORE/$BASE_SERVICE_NAME/opt/apps/gogocarto/web" + data-dirs: ## write permission for web-app + - uploads + mongo-database: + #constraint: required | recommended | optional + #auto: pair | summon | none ## default: pair + constraint: required + auto: summon + solves: + database: "main storage"