From 5c93296e6cae87bb21ae9024a32faa892482fa3f Mon Sep 17 00:00:00 2001 From: Eldad Fux Date: Tue, 7 Jul 2020 00:38:06 +0300 Subject: [PATCH] Updated Nginx image --- Dockerfile.swoole | 175 ++++++++++++++++++ docker-compose.nginx.yml | 4 +- docker-compose.swoole.yml | 368 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 545 insertions(+), 2 deletions(-) create mode 100755 Dockerfile.swoole create mode 100644 docker-compose.swoole.yml diff --git a/Dockerfile.swoole b/Dockerfile.swoole new file mode 100755 index 0000000000..59f51cacab --- /dev/null +++ b/Dockerfile.swoole @@ -0,0 +1,175 @@ +FROM composer:2.0 as step0 + +ARG TESTING=false +ENV TESTING=$TESTING + +WORKDIR /usr/local/src/ + +COPY composer.lock /usr/local/src/ +COPY composer.json /usr/local/src/ + +RUN composer update --ignore-platform-reqs --optimize-autoloader \ + --no-plugins --no-scripts --prefer-dist \ + `if [ "$TESTING" != "true" ]; then echo "--no-dev"; fi` + +FROM php:7.4-cli as step1 + +ENV TZ=Asia/Tel_Aviv \ + DEBIAN_FRONTEND=noninteractive \ + PHP_REDIS_VERSION=5.3.0 \ + PHP_SWOOLE_VERSION=4.5.2 \ + PHP_XDEBUG_VERSION=sdebug_2_9-beta + +RUN \ + apt-get update && \ + apt-get install -y --no-install-recommends --no-install-suggests ca-certificates software-properties-common wget git openssl make zip unzip libbrotli-dev libz-dev + +RUN docker-php-ext-install sockets + +RUN \ + # Redis Extension + wget -q https://github.com/phpredis/phpredis/archive/$PHP_REDIS_VERSION.tar.gz && \ + tar -xf $PHP_REDIS_VERSION.tar.gz && \ + cd phpredis-$PHP_REDIS_VERSION && \ + phpize && \ + ./configure && \ + make && make install && \ + cd .. && \ + ## Swoole Extension + git clone https://github.com/swoole/swoole-src.git && \ + cd swoole-src && \ + git checkout v$PHP_SWOOLE_VERSION && \ + phpize && \ + ./configure --enable-sockets --enable-http2 && \ + make && make install && \ + cd .. + ## XDebug Extension + # git clone https://github.com/swoole/sdebug.git && \ + # cd sdebug && \ + # git checkout $PHP_XDEBUG_VERSION && \ + # phpize && \ + # ./configure --enable-xdebug && \ + # make clean && make && make install + # cd .. && \ + # Meminfo Extension + # git clone https://github.com/BitOne/php-meminfo.git && \ + # cd php-meminfo && \ + # git checkout v1.0.5 && \ + # cd extension/php7 && \ + # phpize && \ + # ./configure --enable-meminfo && \ + # make && make install + +FROM php:7.4-cli as final + +LABEL maintainer="team@appwrite.io" + +ARG VERSION=dev + +ENV TZ=Asia/Tel_Aviv \ + DEBIAN_FRONTEND=noninteractive \ + _APP_ENV=production \ + _APP_DOMAIN=localhost \ + _APP_DOMAIN_TARGET=localhost \ + _APP_HOME=https://appwrite.io \ + _APP_EDITION=community \ + _APP_OPTIONS_ABUSE=enabled \ + _APP_OPTIONS_FORCE_HTTPS=disabled \ + _APP_OPENSSL_KEY_V1=your-secret-key \ + _APP_STORAGE_LIMIT=104857600 \ + _APP_STORAGE_ANTIVIRUS=enabled \ + _APP_REDIS_HOST=redis \ + _APP_REDIS_PORT=6379 \ + _APP_DB_HOST=mariadb \ + _APP_DB_PORT=3306 \ + _APP_DB_USER=root \ + _APP_DB_PASS=password \ + _APP_DB_SCHEMA=appwrite \ + _APP_INFLUXDB_HOST=influxdb \ + _APP_INFLUXDB_PORT=8086 \ + _APP_STATSD_HOST=telegraf \ + _APP_STATSD_PORT=8125 \ + _APP_SMTP_HOST=smtp \ + _APP_SMTP_PORT=25 \ + _APP_SETUP=self-hosted \ + _APP_VERSION=$VERSION +#ENV _APP_SMTP_SECURE '' +#ENV _APP_SMTP_USERNAME '' +#ENV _APP_SMTP_PASSWORD '' + +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +RUN \ + apt-get update && \ + apt-get install -y --no-install-recommends --no-install-suggests webp certbot htop procps \ + libonig-dev libcurl4-gnutls-dev libmagickwand-dev libyaml-dev libbrotli-dev libz-dev && \ + pecl install imagick yaml && \ + docker-php-ext-enable imagick yaml + +RUN docker-php-ext-install sockets curl opcache pdo pdo_mysql + +WORKDIR /usr/src/code + +COPY --from=step0 /usr/local/src/vendor /usr/src/code/vendor +COPY --from=step1 /usr/local/lib/php/extensions/no-debug-non-zts-20190902/swoole.so /usr/local/lib/php/extensions/no-debug-non-zts-20190902/ +COPY --from=step1 /usr/local/lib/php/extensions/no-debug-non-zts-20190902/redis.so /usr/local/lib/php/extensions/no-debug-non-zts-20190902/ +# COPY --from=step1 /usr/local/lib/php/extensions/no-debug-non-zts-20190902/xdebug.so /usr/local/lib/php/extensions/no-debug-non-zts-20190902/ +# COPY --from=step1 /usr/local/lib/php/extensions/no-debug-non-zts-20190902/meminfo.so /usr/local/lib/php/extensions/no-debug-non-zts-20190902/ + +# Add Source Code +COPY ./app /usr/src/code/app +COPY ./bin /usr/local/bin +COPY ./docs /usr/src/code/docs +COPY ./public /usr/src/code/public +COPY ./src /usr/src/code/src + +# Set Volumes +RUN mkdir -p /storage/uploads && \ + mkdir -p /storage/cache && \ + mkdir -p /storage/config && \ + mkdir -p /storage/certificates && \ + mkdir -p /storage/debug && \ + chown -Rf www-data.www-data /storage/uploads && chmod -Rf 0755 /storage/uploads && \ + chown -Rf www-data.www-data /storage/cache && chmod -Rf 0755 /storage/cache && \ + chown -Rf www-data.www-data /storage/config && chmod -Rf 0755 /storage/config && \ + chown -Rf www-data.www-data /storage/certificates && chmod -Rf 0755 /storage/certificates && \ + chown -Rf www-data.www-data /storage/debug && chmod -Rf 0755 /storage/debug + +# Executables +RUN chmod +x /usr/local/bin/start +RUN chmod +x /usr/local/bin/doctor +RUN chmod +x /usr/local/bin/migrate +RUN chmod +x /usr/local/bin/test +RUN chmod +x /usr/local/bin/schedule +RUN chmod +x /usr/local/bin/worker-audits +RUN chmod +x /usr/local/bin/worker-certificates +RUN chmod +x /usr/local/bin/worker-deletes +RUN chmod +x /usr/local/bin/worker-mails +RUN chmod +x /usr/local/bin/worker-tasks +RUN chmod +x /usr/local/bin/worker-usage +RUN chmod +x /usr/local/bin/worker-webhooks + +# Letsencrypt Permissions +RUN mkdir -p /etc/letsencrypt/live/ && chmod -Rf 755 /etc/letsencrypt/live/ + +# Enable Extensions +RUN echo extension=swoole.so >> /usr/local/etc/php/conf.d/swoole.ini +RUN echo extension=redis.so >> /usr/local/etc/php/conf.d/redis.ini +# RUN echo zend_extension=xdebug.so >> /usr/local/etc/php/conf.d/xdebug.ini +# RUN echo extension=meminfo.so >> /usr/local/etc/php/conf.d/meminfo.ini + +RUN echo "opcache.preload_user=www-data" >> /usr/local/etc/php/conf.d/appwrite.ini +RUN echo "opcache.preload=/usr/src/code/app/preload.php" >> /usr/local/etc/php/conf.d/appwrite.ini +RUN echo "opcache.enable_cli = 1" >> /usr/local/etc/php/conf.d/appwrite.ini +# RUN echo "xdebug.profiler_enable = 1" >> /usr/local/etc/php/conf.d/appwrite.ini +# RUN echo "xdebug.profiler_output_dir = /tmp/" >> /usr/local/etc/php/conf.d/appwrite.ini +# RUN echo "xdebug.profiler_enable_trigger = 1" >> /usr/local/etc/php/conf.d/appwrite.ini +# RUN echo "xdebug.trace_format = 1" >> /usr/local/etc/php/conf.d/appwrite.ini + +EXPOSE 80 + +#, "-dxdebug.auto_trace=1" +#, "-dxdebug.profiler_enable=1" +#, "-dopcache.preload=opcache.preload=/usr/src/code/app/preload.php" + +CMD [ "php", "app/server.php", "-dopcache.preload=opcache.preload=/usr/src/code/app/preload.php" ] \ No newline at end of file diff --git a/docker-compose.nginx.yml b/docker-compose.nginx.yml index 4b41aff8a9..6547ed4706 100644 --- a/docker-compose.nginx.yml +++ b/docker-compose.nginx.yml @@ -2,7 +2,7 @@ version: '3' services: traefik: - image: traefik:v2.1.4 + image: traefik:v2.2 container_name: appwrite_traefik command: - --log.level=DEBUG @@ -130,7 +130,7 @@ services: - appwrite-redis:/data:rw clamav: - image: appwrite/clamav:1.0.9 + image: appwrite/clamav:1.0.12 container_name: appwrite_clamav restart: unless-stopped networks: diff --git a/docker-compose.swoole.yml b/docker-compose.swoole.yml new file mode 100644 index 0000000000..839aa6f00b --- /dev/null +++ b/docker-compose.swoole.yml @@ -0,0 +1,368 @@ +version: '3' + +services: + traefik: + image: traefik:2.2 + container_name: appwrite_traefik + command: + - --log.level=DEBUG + - --api.insecure=true + - --providers.file.directory=/storage/config + - --providers.file.watch=true + - --providers.docker=true + - --entrypoints.web.address=:80 + - --entrypoints.websecure.address=:443 + - --accesslog=true + restart: unless-stopped + ports: + - 80:80 + - 443:443 + - 8080:8080 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - appwrite-config:/storage/config:ro + - appwrite-certificates:/storage/certificates:ro + depends_on: + - appwrite + networks: + - gateway + - appwrite + + appwrite: + container_name: appwrite + build: + context: . + args: + - TESTING=true + - VERSION=dev + restart: unless-stopped + ports: + - 9501:80 + networks: + - appwrite + labels: + - traefik.http.routers.appwrite.rule=PathPrefix(`/`) + - traefik.http.routers.appwrite-secure.rule=PathPrefix(`/`) + - traefik.http.routers.appwrite-secure.tls=true + volumes: + - appwrite-uploads:/storage/uploads:rw + - appwrite-cache:/storage/cache:rw + - appwrite-config:/storage/config:rw + - appwrite-certificates:/storage/certificates:rw + - ./phpunit.xml:/usr/src/code/phpunit.xml + - ./tests:/usr/src/code/tests + - ./app:/usr/src/code/app + # - ./vendor:/usr/src/code/vendor + - ./docs:/usr/src/code/docs + - ./public:/usr/src/code/public + - ./src:/usr/src/code/src + - ./debug:/tmp + depends_on: + - mariadb + - redis + - clamav + - influxdb + environment: + - _APP_ENV + - _APP_OPTIONS_ABUSE + - _APP_OPTIONS_FORCE_HTTPS + - _APP_OPENSSL_KEY_V1 + - _APP_DOMAIN + - _APP_DOMAIN_TARGET + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_DB_HOST + - _APP_DB_PORT + - _APP_DB_SCHEMA + - _APP_DB_USER + - _APP_DB_PASS + - _APP_INFLUXDB_HOST + - _APP_INFLUXDB_PORT + + appwrite-worker-usage: + entrypoint: worker-usage + container_name: appwrite-worker-usage + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - telegraf + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_STATSD_HOST + - _APP_STATSD_PORT + + appwrite-worker-audits: + entrypoint: worker-audits + container_name: appwrite-worker-audits + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_DB_HOST + - _APP_DB_PORT + - _APP_DB_SCHEMA + - _APP_DB_USER + - _APP_DB_PASS + + appwrite-worker-webhooks: + entrypoint: worker-webhooks + container_name: appwrite-worker-webhooks + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_DB_HOST + - _APP_DB_PORT + - _APP_DB_SCHEMA + - _APP_DB_USER + - _APP_DB_PASS + + appwrite-worker-tasks: + entrypoint: worker-tasks + container_name: appwrite-worker-tasks + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_DB_HOST + - _APP_DB_PORT + - _APP_DB_SCHEMA + - _APP_DB_USER + - _APP_DB_PASS + + appwrite-worker-deletes: + entrypoint: worker-deletes + container_name: appwrite-worker-deletes + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + volumes: + - appwrite-uploads:/storage/uploads:rw + - appwrite-cache:/storage/cache:rw + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_DB_HOST + - _APP_DB_PORT + - _APP_DB_SCHEMA + - _APP_DB_USER + - _APP_DB_PASS + + appwrite-worker-certificates: + entrypoint: worker-certificates + container_name: appwrite-worker-certificates + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - mariadb + volumes: + - appwrite-config:/storage/config:rw + - appwrite-certificates:/storage/certificates:rw + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_DB_HOST + - _APP_DB_PORT + - _APP_DB_SCHEMA + - _APP_DB_USER + - _APP_DB_PASS + + appwrite-worker-mails: + entrypoint: worker-mails + container_name: appwrite-worker-mails + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + - maildev + # - smtp + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + - _APP_SMTP_HOST + - _APP_SMTP_PORT + + appwrite-schedule: + entrypoint: schedule + container_name: appwrite-schedule + build: + context: . + restart: unless-stopped + networks: + - appwrite + depends_on: + - redis + environment: + - _APP_REDIS_HOST + - _APP_REDIS_PORT + + mariadb: + image: appwrite/mariadb:1.0.3 # fix issues when upgrading using: mysql_upgrade -u root -p + container_name: appwrite_mariadb + restart: unless-stopped + networks: + - appwrite + volumes: + - appwrite-mariadb:/var/lib/mysql:rw + ports: + - "3306:3306" + environment: + - MYSQL_ROOT_PASSWORD=rootsecretpassword + - MYSQL_DATABASE=appwrite + - MYSQL_USER=user + - MYSQL_PASSWORD=password + command: 'mysqld --innodb-flush-method=fsync' + + maildev: + image: djfarrelly/maildev + container_name: appwrite_maildev + restart: unless-stopped + ports: + - '1080:80' + networks: + - appwrite + + # smtp: + # image: appwrite/smtp:1.0.1 + # container_name: appwrite_smtp + # restart: unless-stopped + # networks: + # - appwrite + # environment: + # - MAILNAME=appwrite + # - RELAY_NETWORKS=:192.168.0.0/24:10.0.0.0/16 + + redis: + image: redis:5.0 + container_name: appwrite_redis + restart: unless-stopped + networks: + - appwrite + volumes: + - appwrite-redis:/data:rw + + clamav: + image: appwrite/clamav:1.0.12 + container_name: appwrite_clamav + restart: unless-stopped + networks: + - appwrite + volumes: + - appwrite-uploads:/storage/uploads + + influxdb: + image: influxdb:1.6 + container_name: appwrite_influxdb + restart: unless-stopped + networks: + - appwrite + volumes: + - appwrite-influxdb:/var/lib/influxdb:rw + + telegraf: + image: appwrite/telegraf:1.0.0 + container_name: appwrite_telegraf + restart: unless-stopped + networks: + - appwrite + + # redis-commander: + # image: rediscommander/redis-commander:latest + # restart: unless-stopped + # networks: + # - appwrite + # environment: + # - REDIS_HOSTS=redis + # ports: + # - "8081:8081" + + # resque: + # image: registry.gitlab.com/appwrite/appwrite/resque-web:v1.0.2 + # restart: unless-stopped + # networks: + # - appwrite + # ports: + # - "5678:5678" + # environment: + # - RESQUE_WEB_HOST=redis + # - RESQUE_WEB_PORT=6379 + # - RESQUE_WEB_HTTP_BASIC_AUTH_USER=user + # - RESQUE_WEB_HTTP_BASIC_AUTH_PASSWORD=password + + # chronograf: + # image: chronograf:1.5 + # container_name: appwrite_chronograf + # restart: unless-stopped + # networks: + # - appwrite + # volumes: + # - appwrite-chronograf:/var/lib/chronograf + # ports: + # - "8888:8888" + # environment: + # - INFLUXDB_URL=http://influxdb:8086 + # - KAPACITOR_URL=http://kapacitor:9092 + # - AUTH_DURATION=48h + # - TOKEN_SECRET=duperduper5674829!jwt + # - GH_CLIENT_ID=d86f7145a41eacfc52cc + # - GH_CLIENT_SECRET=9e0081062367a2134e7f2ea95ba1a32d08b6c8ab + # - GH_ORGS=appwrite + + # webgrind: + # image: 'jokkedk/webgrind:latest' + # volumes: + # - './debug:/tmp' + # ports: + # - '3001:80' + +networks: + gateway: + appwrite: + +volumes: + appwrite-mariadb: + appwrite-redis: + appwrite-cache: + appwrite-uploads: + appwrite-certificates: + appwrite-influxdb: + appwrite-chronograf: + appwrite-config: