From 8b4cfe23ead37eda3d96d0d8710f40cdb801940e Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Sun, 31 Jan 2021 16:01:25 +0300 Subject: [PATCH] - merge changes from dynamic-env branch - cleanup YML files, etc --- .env-dist | 15 ++- docker-compose.yml | 44 +++------ src/app/Dockerfile | 41 ++++++++ src/app/config.docker.php | 174 +++++++++++++++++++++++++++++++++ src/app/config.php-config.d | 4 + src/app/config.php-dist | 170 ++++++++++++++++++++++++++++++++ src/app/prepare-config.php | 6 ++ src/app/prepare-environment.sh | 3 + src/app/startup.sh | 40 +++----- src/app/updater.sh | 8 +- src/docker-compose.yml | 111 +++++---------------- 11 files changed, 469 insertions(+), 147 deletions(-) create mode 100644 src/app/config.docker.php create mode 100644 src/app/config.php-config.d create mode 100644 src/app/config.php-dist create mode 100755 src/app/prepare-config.php create mode 100755 src/app/prepare-environment.sh diff --git a/.env-dist b/.env-dist index 740996b..c06a833 100644 --- a/.env-dist +++ b/.env-dist @@ -1,22 +1,21 @@ # Copy this file to .env before building the container. # Put any local modifications here. -BUILD_TAG=latest - POSTGRES_USER=postgres POSTGRES_PASSWORD=password -OWNER_UID=1000 -OWNER_GID=1000 - -# You can keep this as localhost unless you want to use the ssl sidecar -# container (I suggest terminating ssl on the reverse proxy instead). -HTTP_HOST=localhost +# This is only used by web-ssl container. +#HTTP_HOST=localhost # You will likely need to set this to the correct value, see README.md # for more information. SELF_URL_PATH=http://localhost:8280/tt-rss +# You can customize other config.php defines by setting overrides here. +# See app/Dockerfile for complete list. Examples: +# PLUGINS=auth_remote +# SINGLE_USER_MODE=true + # bind exposed port to 127.0.0.1 by default in case reverse proxy is used. # if you plan to run the container standalone and need origin port exposed # use next HTTP_PORT definition (or remove "127.0.0.1:"). diff --git a/docker-compose.yml b/docker-compose.yml index b15eb5b..eabdc16 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,70 +1,58 @@ version: '3' -# set database password in .env -# please don't use quote (') or (") symbols in variables - services: db: image: postgres:12-alpine restart: unless-stopped + env_file: + - .env volumes: - db:/var/lib/postgresql/data - environment: - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_USER=${POSTGRES_USER} app: image: cthulhoo/ttrss-fpm-pgsql-static restart: unless-stopped + env_file: + - .env environment: - - DB_TYPE=pgsql - - DB_HOST=db - DB_NAME=${POSTGRES_USER} - DB_USER=${POSTGRES_USER} - DB_PASS=${POSTGRES_PASSWORD} - - OWNER_UID=${OWNER_UID} - - OWNER_GID=${OWNER_GID} - - SELF_URL_PATH=${SELF_URL_PATH} volumes: - app:/var/www/html + - ./config.d:/opt/tt-rss/config.d:ro depends_on: - db - updater: + backups: image: cthulhoo/ttrss-fpm-pgsql-static restart: unless-stopped environment: - - DB_TYPE=pgsql - - DB_HOST=db - DB_NAME=${POSTGRES_USER} - DB_USER=${POSTGRES_USER} - DB_PASS=${POSTGRES_PASSWORD} - - OWNER_UID=${OWNER_UID} - - OWNER_GID=${OWNER_GID} - - SELF_URL_PATH=${SELF_URL_PATH} volumes: + - backups:/backups - app:/var/www/html depends_on: - - app - command: /updater.sh + - db + command: /dcron.sh -f - backups: + updater: image: cthulhoo/ttrss-fpm-pgsql-static restart: unless-stopped + env_file: + - .env environment: - - DB_TYPE=pgsql - - DB_HOST=db - DB_NAME=${POSTGRES_USER} - DB_USER=${POSTGRES_USER} - DB_PASS=${POSTGRES_PASSWORD} - - OWNER_UID=${OWNER_UID} - - OWNER_GID=${OWNER_GID} volumes: - - backups:/backups - app:/var/www/html + - ./config.d:/opt/tt-rss/config.d:ro depends_on: - - db - command: /dcron.sh -f + - app + command: /updater.sh # web: # image: cthulhoo/ttrss-web @@ -103,6 +91,6 @@ services: volumes: db: - app: + app: certs: backups: diff --git a/src/app/Dockerfile b/src/app/Dockerfile index 779e869..4bac76d 100644 --- a/src/app/Dockerfile +++ b/src/app/Dockerfile @@ -14,10 +14,51 @@ ADD index.php / ADD build-prepare.sh / ADD dcron.sh / ADD backup.sh /etc/periodic/weekly/backup +ADD config.docker.php / RUN sed -i.bak 's/^listen = 127.0.0.1:9000/listen = 9000/' /etc/php7/php-fpm.d/www.conf RUN sed -i.bak 's/\(memory_limit =\) 128M/\1 256M/' /etc/php7/php.ini +RUN sed -i.bak 's/;clear_env = .*/clear_env = no/i' /etc/php7/php-fpm.d/www.conf + +RUN mkdir -p /var/www +RUN mkdir -p /opt/tt-rss/config.d RUN sh -c /build-prepare.sh +ENV OWNER_UID=1000 +ENV OWNER_GID=1000 + +ENV DB_TYPE="pgsql" +ENV DB_HOST="db" +ENV DB_USER="%DB_USER" +ENV DB_NAME="%DB_NAME" +ENV DB_PASS="%DB_PASS" +ENV DB_PORT="5432" + +# config.php defaults +ENV MYSQL_CHARSET="UTF8" +ENV SELF_URL_PATH="%SELF_URL_PATH" +ENV SINGLE_USER_MODE="" +ENV SIMPLE_UPDATE_MODE="" +ENV PHP_EXECUTABLE="/usr/bin/php" +ENV LOCK_DIRECTORY="lock" +ENV CACHE_DIR="cache" +ENV ICONS_DIR="feed-icons" +ENV ICONS_URL="feed-icons" +ENV AUTH_AUTO_CREATE="true" +ENV AUTH_AUTO_LOGIN="true" +ENV FORCE_ARTICLE_PURGE="0" +ENV ENABLE_REGISTRATION="" +ENV REG_NOTIFY_ADDRESS="user@your.domain.dom" +ENV REG_MAX_USERS="10" +ENV SESSION_COOKIE_LIFETIME="86400" +ENV SMTP_FROM_NAME="Tiny Tiny RSS" +ENV SMTP_FROM_ADDRESS="noreply@your.domain.dom" +ENV DIGEST_SUBJECT="[tt-rss] New headlines for last 24 hours" +ENV CHECK_FOR_UPDATES="true" +ENV ENABLE_GZIP_OUTPUT="" +ENV PLUGINS="auth_internal, note" +ENV LOG_DESTINATION="sql" +ENV CONFIG_VERSION="26" + CMD /startup.sh diff --git a/src/app/config.docker.php b/src/app/config.docker.php new file mode 100644 index 0000000..58a389f --- /dev/null +++ b/src/app/config.docker.php @@ -0,0 +1,174 @@ + System), syslog - logs to system log. + // Setting this to blank uses PHP logging (usually to http server + // error.log). + // Note that feed updating daemons don't use this logging facility + // for normal output. + + define('CONFIG_VERSION', getenv('CONFIG_VERSION')); + // Expected config version. Please update this option in config.php + // if necessary (after migrating all new options from this file). + + // vim:ft=php + $snippets = glob("/opt/tt-rss/config.d/*.php"); + + foreach ($snippets as $snippet) + require_once $snippet; diff --git a/src/app/config.php-config.d b/src/app/config.php-config.d new file mode 100644 index 0000000..2091a6f --- /dev/null +++ b/src/app/config.php-config.d @@ -0,0 +1,4 @@ + $snippets = glob("/opt/tt-rss/config.d/*.php"); + + foreach ($snippets as $snippet) + require_once $snippet; diff --git a/src/app/config.php-dist b/src/app/config.php-dist new file mode 100644 index 0000000..eed1a69 --- /dev/null +++ b/src/app/config.php-dist @@ -0,0 +1,170 @@ + System), syslog - logs to system log. + // Setting this to blank uses PHP logging (usually to http server + // error.log). + // Note that feed updating daemons don't use this logging facility + // for normal output. + + define('CONFIG_VERSION', 26); + // Expected config version. Please update this option in config.php + // if necessary (after migrating all new options from this file). + + // vim:ft=php diff --git a/src/app/prepare-config.php b/src/app/prepare-config.php new file mode 100755 index 0000000..9641daf --- /dev/null +++ b/src/app/prepare-config.php @@ -0,0 +1,6 @@ +#!/bin/sh + +sed -e "s/define('\([A-Z_]\+\)', [^)]\+/define('\1', getenv('\1')/" \ + < config.php-dist > config.docker.php + +cat config.php-config.d >> config.docker.php diff --git a/src/app/prepare-environment.sh b/src/app/prepare-environment.sh new file mode 100755 index 0000000..9d376c3 --- /dev/null +++ b/src/app/prepare-environment.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +grep define config.php-dist | sed -e "s/[ \t]*define('\([A-Z_]\+\)', ['\"]\?\([^'\")]\+\).*/ENV \1=\"\2\"/" diff --git a/src/app/startup.sh b/src/app/startup.sh index bfdb595..247c361 100755 --- a/src/app/startup.sh +++ b/src/app/startup.sh @@ -1,11 +1,15 @@ -#!/bin/sh -ex +#!/bin/sh -e while ! pg_isready -h $DB_HOST -U $DB_USER; do echo waiting until $DB_HOST is ready... sleep 3 done -if ! id app; then +# We don't need those here (HTTP_HOST would cause false SELF_URL_PATH check failures) +unset HTTP_PORT +unset HTTP_HOST + +if ! id app >/dev/null 2>&1; then addgroup -g $OWNER_GID app adduser -D -h /var/www/html -G app -u $OWNER_UID app fi @@ -15,7 +19,7 @@ SRC_DIR=/src/tt-rss/ [ -e $DST_DIR ] && rm -f $DST_DIR/.app_is_ready -export PGPASSWORD=$DB_PASS +export PGPASSWORD=$DB_PASS [ ! -e /var/www/html/index.php ] && cp /index.php /var/www/html @@ -41,14 +45,14 @@ for d in cache lock feed-icons plugins.local themes.local; do mkdir -p $DST_DIR/$d done +chown -R $OWNER_UID:$OWNER_GID $DST_DIR \ + /var/log/php7 + for d in cache lock feed-icons; do chmod 777 $DST_DIR/$d find $DST_DIR/$d -type f -exec chmod 666 {} \; done -chown -R $OWNER_UID:$OWNER_GID $DST_DIR \ - /var/log/php7 - PSQL="psql -q -h $DB_HOST -U $DB_USER $DB_NAME" $PSQL -c "create extension if not exists pg_trgm" @@ -61,32 +65,20 @@ elif ! $PSQL -c 'select * from ttrss_version'; then $PSQL < /var/www/html/tt-rss/schema/ttrss_schema_pgsql.sql fi -SELF_URL_PATH=$(echo $SELF_URL_PATH | sed -e 's/[\/&]/\\&/g') - if [ ! -s $DST_DIR/config.php ]; then - sed \ - -e "s/define('DB_HOST'.*/define('DB_HOST', '$DB_HOST');/" \ - -e "s/define('DB_USER'.*/define('DB_USER', '$DB_USER');/" \ - -e "s/define('DB_NAME'.*/define('DB_NAME', '$DB_NAME');/" \ - -e "s/define('DB_PASS'.*/define('DB_PASS', '$DB_PASS');/" \ - -e "s/define('DB_TYPE'.*/define('DB_TYPE', 'pgsql');/" \ - -e "s/define('DB_PORT'.*/define('DB_PORT', 5432);/" \ - -e "s/define('PLUGINS'.*/define('PLUGINS', 'auth_internal, note, nginx_xaccel');/" \ - -e "s/define('SELF_URL_PATH'.*/define('SELF_URL_PATH','$SELF_URL_PATH');/" \ - < $DST_DIR/config.php-dist > $DST_DIR/config.php + cp /config.docker.php $DST_DIR/config.php cat >> $DST_DIR/config.php << EOF define('NGINX_XACCEL_PREFIX', '/tt-rss'); EOF -else - sed \ - -e "s/define('SELF_URL_PATH'.*/define('SELF_URL_PATH','$SELF_URL_PATH');/" \ - -i $DST_DIR/config.php fi -cd $DST_DIR && sudo -u app php ./update.php --update-schema=force-yes +# this was previously generated +rm -f $DST_DIR/config.php.bak + +cd $DST_DIR && sudo -E -u app php ./update.php --update-schema=force-yes touch $DST_DIR/.app_is_ready -sudo -u app /usr/sbin/php-fpm7 -F +sudo -E -u app /usr/sbin/php-fpm7 -F diff --git a/src/app/updater.sh b/src/app/updater.sh index 480a5d1..7123a3c 100755 --- a/src/app/updater.sh +++ b/src/app/updater.sh @@ -1,4 +1,8 @@ -#!/bin/sh -ex +#!/bin/sh -e + +# We don't need those here (HTTP_HOST would cause false SELF_URL_PATH check failures) +unset HTTP_PORT +unset HTTP_HOST # wait for the app container to delete .app_is_ready and perform rsync, etc. sleep 30 @@ -20,4 +24,4 @@ while [ ! -s $DST_DIR/config.php -a -e $DST_DIR/.app_is_ready ]; do sleep 3 done -sudo -u app /usr/bin/php /var/www/html/tt-rss/update_daemon2.php +sudo -E -u app /usr/bin/php /var/www/html/tt-rss/update_daemon2.php diff --git a/src/docker-compose.yml b/src/docker-compose.yml index 2cee922..24344f6 100644 --- a/src/docker-compose.yml +++ b/src/docker-compose.yml @@ -1,17 +1,11 @@ version: '3' -# set database password in .env -# please don't use quote (') or (") symbols in variables - services: db: image: postgres:12-alpine restart: unless-stopped volumes: - db:/var/lib/postgresql/data - environment: - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_USER=${POSTGRES_USER} app: image: cthulhoo/ttrss-fpm-pgsql-static:${BUILD_TAG} @@ -19,95 +13,42 @@ services: context: ./app restart: unless-stopped - environment: - - DB_TYPE=pgsql - - DB_HOST=db - - DB_NAME=${POSTGRES_USER} - - DB_USER=${POSTGRES_USER} - - DB_PASS=${POSTGRES_PASSWORD} - - OWNER_UID=${OWNER_UID} - - OWNER_GID=${OWNER_GID} - - SELF_URL_PATH=${SELF_URL_PATH} - volumes: - - app:/var/www/html - depends_on: - - db - - updater: - image: cthulhoo/ttrss-fpm-pgsql-static:${BUILD_TAG} - build: - context: - ./app - restart: unless-stopped - environment: - - DB_TYPE=pgsql - - DB_HOST=db - - DB_NAME=${POSTGRES_USER} - - DB_USER=${POSTGRES_USER} - - DB_PASS=${POSTGRES_PASSWORD} - - OWNER_UID=${OWNER_UID} - - OWNER_GID=${OWNER_GID} - - SELF_URL_PATH=${SELF_URL_PATH} - volumes: - - app:/var/www/html - depends_on: - - app - command: /updater.sh - - backups: - image: cthulhoo/ttrss-fpm-pgsql-static:${BUILD_TAG} - build: - context: - ./app - restart: unless-stopped - environment: - - DB_TYPE=pgsql - - DB_HOST=db - - DB_NAME=${POSTGRES_USER} - - DB_USER=${POSTGRES_USER} - - DB_PASS=${POSTGRES_PASSWORD} - - OWNER_UID=${OWNER_UID} - - OWNER_GID=${OWNER_GID} volumes: - - backups:/backups - app:/var/www/html depends_on: - db - command: /dcron.sh -f - - web: - image: cthulhoo/ttrss-web:latest - build: ./web - restart: unless-stopped - ports: - - ${HTTP_PORT}:2015 - volumes: - - app:/var/www/html:ro - depends_on: - - app - web-ssl: - image: cthulhoo/ttrss-web-ssl:latest - build: ./web-ssl - restart: unless-stopped - environment: - - CADDYPATH=/certs - - HTTP_HOST=${HTTP_HOST} - ports: - - 80:80 - - 443:443 - volumes: - - app:/var/www/html:ro - - certs:/certs - depends_on: - - app +# web: +# image: cthulhoo/ttrss-web:latest +# build: ./web +# restart: unless-stopped +# ports: +# - ${HTTP_PORT}:2015 +# volumes: +# - app:/var/www/html:ro +# depends_on: +# - app + +# web-ssl: +# image: cthulhoo/ttrss-web-ssl:latest +# build: ./web-ssl +# restart: unless-stopped +# environment: +# - CADDYPATH=/certs +# - HTTP_HOST=${HTTP_HOST} +# ports: +# - 80:80 +# - 443:443 +# volumes: +# - app:/var/www/html:ro +# - certs:/certs +# depends_on: +# - app web-nginx: image: cthulhoo/ttrss-web-nginx:latest build: ./web-nginx restart: unless-stopped - ports: - - ${HTTP_PORT}:80 volumes: - app:/var/www/html:ro depends_on: