saulteafarmer/castopod
1
0
Fork 0
mirror of https://code.castopod.org/adaures/castopod synced 2025-04-19 13:01:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

build(docker): use buildx to build AMD and ARM images

Browse Source
This commit is contained in:
Romain de Laage 2023-04-26 13:00:42 +00:00 committed by Yassine Doghri
parent 9c414ed1e7
commit 44eb1646db
8 changed files with 333 additions and 432 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
docker/production/.gitlab-ci.yml
View File

@ -4,16 +4,18 @@ stages:
docker-build-rolling:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
name: docker.io/docker:23.0.3-dind
services:
- docker:23.0.3-dind
variables:
TAG: $CI_COMMIT_BRANCH
script:
- cp ${DOCKER_HUB_CONFIG} /kaniko/.docker/config.json
- /kaniko/executor --cleanup --context . --dockerfile docker/production/web-server/Dockerfile --destination ${DOCKER_IMAGE_WEB_SERVER}:${TAG}
- /kaniko/executor --cleanup --context . --dockerfile docker/production/app/Dockerfile --destination ${DOCKER_IMAGE_APP}:${TAG}
- /kaniko/executor --cleanup --context . --dockerfile docker/production/video-clipper/Dockerfile --destination ${DOCKER_IMAGE_VIDEO_CLIPPER}:${TAG}
- /kaniko/executor --cleanup --context . --dockerfile docker/production/unit/Dockerfile --destination ${DOCKER_IMAGE_UNIT}:${TAG}
- mkdir -p /root/.docker
- cp ${DOCKER_HUB_CONFIG} /root/.docker/config.json
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/web-server/Dockerfile --tag=${DOCKER_IMAGE_WEB_SERVER}:${TAG} .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/app/Dockerfile --tag=${DOCKER_IMAGE_APP}:${TAG} .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/video-clipper/Dockerfile --tag=${DOCKER_IMAGE_VIDEO_CLIPPER}:${TAG} .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/unit/Dockerfile --tag=${DOCKER_IMAGE_UNIT}:${TAG} .
needs:
- pipeline: $PARENT_PIPELINE_ID
job: bundle
@ -24,15 +26,17 @@ docker-build-rolling:
docker-build-main-release:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
name: docker.io/docker:23.0.3-dind
services:
- docker:23.0.3-dind
script:
- cp ${DOCKER_HUB_CONFIG} /kaniko/.docker/config.json
- mkdir -p /root/.docker
- cp ${DOCKER_HUB_CONFIG} /root/.docker/config.json
- export CP_VERSION=$(cat CP_VERSION.env)
- /kaniko/executor --cleanup --context . --dockerfile docker/production/web-server/Dockerfile --destination ${DOCKER_IMAGE_WEB_SERVER}:${CP_VERSION} --destination ${DOCKER_IMAGE_WEB_SERVER}:latest
- /kaniko/executor --cleanup --context . --dockerfile docker/production/app/Dockerfile --destination ${DOCKER_IMAGE_APP}:${CP_VERSION} --destination ${DOCKER_IMAGE_APP}:latest
- /kaniko/executor --cleanup --context . --dockerfile docker/production/video-clipper/Dockerfile --destination ${DOCKER_IMAGE_VIDEO_CLIPPER}:${CP_VERSION} --destination ${DOCKER_IMAGE_VIDEO_CLIPPER}:latest
- /kaniko/executor --cleanup --context . --dockerfile docker/production/unit/Dockerfile --destination ${DOCKER_IMAGE_UNIT}:${CP_VERSION} --destination ${DOCKER_IMAGE_UNIT}:latest
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/web-server/Dockerfile --tag=${DOCKER_IMAGE_WEB_SERVER}:${CP_VERSION} --tag={DOCKER_IMAGE_WEB_SERVER}:latest .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/app/Dockerfile --tag=${DOCKER_IMAGE_APP}:${CP_VERSION} --tag=${DOCKER_IMAGE_APP}:latest .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/video-clipper/Dockerfile --tag=${DOCKER_IMAGE_VIDEO_CLIPPER}:${CP_VERSION} --tag=${DOCKER_IMAGE_VIDEO_CLIPPER}:latest .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/unit/Dockerfile --tag=${DOCKER_IMAGE_UNIT}:${CP_VERSION} --tag=${DOCKER_IMAGE_UNIT}:latest .
needs:
- pipeline: $PARENT_PIPELINE_ID
job: release
@ -43,17 +47,19 @@ docker-build-main-release:
docker-build-alpha-beta-release:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
name: docker.io/docker:23.0.3-dind
services:
- docker:23.0.3-dind
variables:
TAG: $CI_COMMIT_BRANCH
script:
- cp ${DOCKER_HUB_CONFIG} /kaniko/.docker/config.json
- mkdir -p /root/.docker
- cp ${DOCKER_HUB_CONFIG} /root/.docker/config.json
- export CP_VERSION=$(cat CP_VERSION.env)
- /kaniko/executor --cleanup --context . --dockerfile docker/production/web-server/Dockerfile --destination ${DOCKER_IMAGE_WEB_SERVER}:${CP_VERSION} --destination ${DOCKER_IMAGE_WEB_SERVER}:${TAG}
- /kaniko/executor --cleanup --context . --dockerfile docker/production/app/Dockerfile --destination ${DOCKER_IMAGE_APP}:${CP_VERSION} --destination ${DOCKER_IMAGE_APP}:${TAG}
- /kaniko/executor --cleanup --context . --dockerfile docker/production/video-clipper/Dockerfile --destination ${DOCKER_IMAGE_VIDEO_CLIPPER}:${CP_VERSION} --destination ${DOCKER_IMAGE_VIDEO_CLIPPER}:${TAG}
- /kaniko/executor --cleanup --context . --dockerfile docker/production/unit/Dockerfile --destination ${DOCKER_IMAGE_UNIT}:${CP_VERSION} --destination ${DOCKER_IMAGE_UNIT}:${TAG}
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/web-server/Dockerfile --tag=${DOCKER_IMAGE_WEB_SERVER}:${CP_VERSION} --tag={DOCKER_IMAGE_WEB_SERVER}:${TAG} .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/app/Dockerfile --tag=${DOCKER_IMAGE_APP}:${CP_VERSION} --tag=${DOCKER_IMAGE_APP}:${TAG} .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/video-clipper/Dockerfile --tag=${DOCKER_IMAGE_VIDEO_CLIPPER}:${CP_VERSION} --tag=${DOCKER_IMAGE_VIDEO_CLIPPER}:${TAG} .
- docker buildx build --push --platform=linux/amd64,linux/arm64 --file=docker/production/unit/Dockerfile --tag=${DOCKER_IMAGE_UNIT}:${CP_VERSION} --tag=${DOCKER_IMAGE_UNIT}:${TAG} .
needs:
- pipeline: $PARENT_PIPELINE_ID
job: release

2
docker/production/app/Dockerfile
View File

@ -1,7 +1,7 @@
FROM docker.io/php:8.1-fpm-alpine3.17
COPY docker/production/common/prepare_environment.sh /prepare_environment.sh
COPY docker/production/app/entrypoint.sh /entrypoint.sh
COPY docker/production/app/uploads.ini /usr/local/etc/php/conf.d/uploads.ini
RUN echo "* * * * * /usr/local/bin/php /opt/castopod/public/index.php scheduled-activities" > /crontab.txt && \

197
docker/production/app/entrypoint.sh
View File

@ -1,201 +1,8 @@
#!/bin/sh
if [ -z "${CP_BASEURL}" ]
then
echo "CP_BASEURL must be set"
exit 1
fi
ENV_FILE_LOCATION=/opt/castopod/.env
if [ -z "${CP_MEDIA_BASEURL}" ]
then
echo "CP_MEDIA_BASEURL is empty, leaving empty by default"
fi
if [ -z "${CP_ADMIN_GATEWAY}" ]
then
echo "CP_ADMIN_GATEWAY is empty, using default"
CP_ADMIN_GATEWAY="cp-admin"
fi
if [ -z "${CP_AUTH_GATEWAY}" ]
then
echo "CP_AUTH_GATEWAY is empty, using default"
CP_AUTH_GATEWAY="cp-auth"
fi
if [ -z "${CP_ANALYTICS_SALT}" ]
then
echo "CP_ANALYTICS_SALT is empty, this is mandatory, generate a new one with tr -dc \\!\\#-\\&\\(-\\[\\]-\\_a-\\~ </dev/urandom | head -c 64"
exit 1
fi
if [ -z "${CP_DATABASE_HOSTNAME}" ]
then
echo "CP_DATABASE_HOSTNAME is empty, using default"
CP_DATABASE_HOSTNAME="mariadb"
fi
if [ -z "${CP_DATABASE_PREFIX}" ]
then
echo "CP_DATABASE_PREFIX is empty, using default"
CP_DATABASE_PREFIX="cp_"
fi
if [ -z "${CP_DATABASE_NAME}" ]
then
if [ -z "${MYSQL_DATABASE}" ]
then
echo "When CP_DATABASE_NAME is empty, MYSQL_DATABASE must be set"
exit 1
fi
echo "CP_DATABASE_NAME is empty, using mysql variable"
CP_DATABASE_NAME="${MYSQL_DATABASE}"
fi
if [ -z "${CP_DATABASE_USERNAME}" ]
then
if [ -z "${MYSQL_USER}" ]
then
echo "When CP_DATABASE_USERNAME is empty, MYSQL_USER must be set"
exit 1
fi
echo "CP_DATABASE_USERNAME is empty, using mysql variable"
CP_DATABASE_USERNAME="${MYSQL_USER}"
fi
if [ -z "${CP_DATABASE_PASSWORD}" ]
then
if [ -z "${MYSQL_PASSWORD}" ]
then
echo "When CP_DATABASE_PASSWORD is empty, MYSQL_PASSWORD must be set"
exit 1
fi
echo "CP_DATABASE_PASSWORD is empty, using mysql variable"
CP_DATABASE_PASSWORD="${MYSQL_PASSWORD}"
fi
if [ ! -z "${CP_REDIS_HOST}" ]
then
echo "Using redis cache handler"
CP_CACHE_HANDLER="redis"
if [ -z "${CP_REDIS_PASSWORD}" ]
then
echo "CP_REDIS_PASSWORD is empty, using default"
CP_REDIS_PASSWORD="null"
else
CP_REDIS_PASSWORD="\"${CP_REDIS_PASSWORD}\""
fi
if [ -z "${CP_REDIS_PORT}" ]
then
echo "CP_REDIS_PORT is empty, using default"
CP_REDIS_PORT="6379"
fi
if [ -z "${CP_REDIS_DATABASE}" ]
then
echo "CP_REDIS_DATABASE is empty, using default"
CP_REDIS_DATABASE="0"
fi
else
echo "Using file cache handler"
CP_CACHE_HANDLER="file"
fi
cat << EOF > /opt/castopod/.env
app.baseURL="${CP_BASEURL}"
media.baseURL="${CP_MEDIA_BASEURL}"
EOF
if [ "${CP_DISABLE_HTTPS}" == "1" ]
then
echo "HTTPS redirection is disabled for test purpose, please enable it in production mode"
echo "app.forceGlobalSecureRequests=false" >> /opt/castopod/.env
else
echo "HTTPS redirection is enabled by default (mandatory to federate with the fediverse), use CP_DISABLE_HTTPS=1 to disable it for testing purposes"
fi
cat << EOF >> /opt/castopod/.env
admin.gateway="${CP_ADMIN_GATEWAY}"
auth.gateway="${CP_AUTH_GATEWAY}"
analytics.salt="${CP_ANALYTICS_SALT}"
database.default.hostname="${CP_DATABASE_HOSTNAME}"
database.default.database="${CP_DATABASE_NAME}"
database.default.username="${CP_DATABASE_USERNAME}"
database.default.password="${CP_DATABASE_PASSWORD}"
database.default.DBPrefix="${CP_DATABASE_PREFIX}"
cache.handler="${CP_CACHE_HANDLER}"
EOF
if [ "${CP_CACHE_HANDLER}" == "redis" ]
then
cat << EOF >> /opt/castopod/.env
cache.redis.host="${CP_REDIS_HOST}"
cache.redis.password=${CP_REDIS_PASSWORD}
cache.redis.port=${CP_REDIS_PORT}
cache.redis.database=${CP_REDIS_DATABASE}
EOF
fi
if [ ! -z "${CP_EMAIL_SMTP_HOST}" ]
then
if [ -z "${CP_EMAIL_SMTP_USERNAME}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_SMTP_USERNAME must be set"
exit 1
fi
if [ -z "${CP_EMAIL_SMTP_PASSWORD}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_SMTP_PASSWORD must be set"
exit 1
fi
if [ -z "${CP_EMAIL_FROM}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_FROM must be set"
exit 1
fi
cat << EOF >> /opt/castopod/.env
email.protocol="smtp"
email.SMTPHost="${CP_EMAIL_SMTP_HOST}"
email.SMTPUser=${CP_EMAIL_SMTP_USERNAME}
email.SMTPPass=${CP_EMAIL_SMTP_PASSWORD}
email.fromEmail=${CP_EMAIL_FROM}
EOF
if [ ! -z "${CP_EMAIL_SMTP_PORT}" ]
then
cat << EOF >> /opt/castopod/.env
email.SMTPPort=${CP_EMAIL_SMTP_PORT}
EOF
fi
if [ ! -z "${CP_EMAIL_SMTP_CRYPTO}" ]
then
if [ "${CP_EMAIL_SMTP_CRYPTO}" != "ssl" ] && [ "${CP_EMAIL_SMTP_CRYPTO}" != "tls" ]
then
echo "CP_EMAIL_SMTP_CRYPTO must be ssl or tls"
exit 1
fi
cat << EOF >> /opt/castopod/.env
email.SMTPCrypto=${CP_EMAIL_SMTP_CRYPTO}
EOF
fi
fi
echo "Using config:"
cat /opt/castopod/.env
cd /opt/castopod
php spark castopod:database-update
. /prepare_environment.sh
/usr/sbin/crond -f /crontab.txt -L /dev/stdout &
/usr/local/sbin/php-fpm

266
docker/production/common/prepare_environment.sh Normal file
View File

@ -0,0 +1,266 @@
#!/bin/sh
log_error() {
printf "\033[0;31mERROR:\033[0m $1\n"
exit 1
}
log_warning() {
printf "\033[0;33mWARNING:\033[0m $1\n"
}
if [ -z "${CP_BASEURL}" ]
then
log_error "CP_BASEURL must be set"
fi
if [ -z "${CP_MEDIA_BASEURL}" ]
then
echo "CP_MEDIA_BASEURL is empty, leaving empty by default"
fi
if [ -z "${CP_ADMIN_GATEWAY}" ]
then
echo "CP_ADMIN_GATEWAY is empty, using default"
CP_ADMIN_GATEWAY="cp-admin"
fi
if [ -z "${CP_AUTH_GATEWAY}" ]
then
echo "CP_AUTH_GATEWAY is empty, using default"
CP_AUTH_GATEWAY="cp-auth"
fi
if [ -z "${CP_ANALYTICS_SALT}" ]
then
log_error "CP_ANALYTICS_SALT is empty, this is mandatory, generate a new one with tr -dc \\!\\#-\\&\\(-\\[\\]-\\_a-\\~ </dev/urandom | head -c 64"
fi
if [ -z "${CP_DATABASE_HOSTNAME}" ]
then
log_warning "CP_DATABASE_HOSTNAME is empty, using default"
CP_DATABASE_HOSTNAME="mariadb"
fi
if [ -z "${CP_DATABASE_PREFIX}" ]
then
echo "CP_DATABASE_PREFIX is empty, using default"
CP_DATABASE_PREFIX="cp_"
fi
if [ -z "${CP_DATABASE_NAME}" ]
then
if [ -z "${MYSQL_DATABASE}" ]
then
log_error "When CP_DATABASE_NAME is empty, MYSQL_DATABASE must be set"
fi
log_warning "CP_DATABASE_NAME is empty, using mysql variable"
CP_DATABASE_NAME="${MYSQL_DATABASE}"
fi
if [ -z "${CP_DATABASE_USERNAME}" ]
then
if [ -z "${MYSQL_USER}" ]
then
log_error "When CP_DATABASE_USERNAME is empty, MYSQL_USER must be set"
fi
log_warning "CP_DATABASE_USERNAME is empty, using mysql variable"
CP_DATABASE_USERNAME="${MYSQL_USER}"
fi
if [ -z "${CP_DATABASE_PASSWORD}" ]
then
if [ -z "${MYSQL_PASSWORD}" ]
then
log_error "When CP_DATABASE_PASSWORD is empty, MYSQL_PASSWORD must be set"
fi
log_warning "CP_DATABASE_PASSWORD is empty, using mysql variable"
CP_DATABASE_PASSWORD="${MYSQL_PASSWORD}"
fi
if [ ! -z "${CP_REDIS_HOST}" ]
then
echo "Using redis cache handler"
CP_CACHE_HANDLER="redis"
if [ -z "${CP_REDIS_PASSWORD}" ]
then
echo "CP_REDIS_PASSWORD is empty, using default"
CP_REDIS_PASSWORD="null"
else
CP_REDIS_PASSWORD="\"${CP_REDIS_PASSWORD}\""
fi
if [ -z "${CP_REDIS_PORT}" ]
then
echo "CP_REDIS_PORT is empty, using default"
CP_REDIS_PORT="6379"
fi
if [ -z "${CP_REDIS_DATABASE}" ]
then
echo "CP_REDIS_DATABASE is empty, using default"
CP_REDIS_DATABASE="0"
fi
else
echo "Using file cache handler"
CP_CACHE_HANDLER="file"
fi
if [ "${CP_MEDIA_FILE_MANAGER}" = "s3" ]
then
if [ -z "${CP_MEDIA_S3_ENDPOINT}" ]
then
log_error "When CP_MEDIA_FILE_MANAGER is s3, CP_MEDIA_S3_ENDPOINT can't be empty"
fi
if [ -z "${CP_MEDIA_S3_KEY}" ]
then
log_error "When CP_MEDIA_FILE_MANAGER is s3, CP_MEDIA_S3_KEY can't be empty"
fi
if [ -z "${CP_MEDIA_S3_SECRET}" ]
then
log_error "When CP_MEDIA_FILE_MANAGER is s3, CP_MEDIA_S3_SECRET can't be empty"
fi
if [ -z "${CP_MEDIA_S3_REGION}" ]
then
log_error "When CP_MEDIA_FILE_MANAGER is s3, CP_MEDIA_S3_REGION can't be empty"
fi
if [ -z "${CP_MEDIA_S3_BUCKET}" ]
then
log_warning "CP_MEDIA_S3_BUCKET is empty, using default"
fi
fi
cat << EOF > $ENV_FILE_LOCATION
app.baseURL="${CP_BASEURL}"
media.baseURL="${CP_MEDIA_BASEURL}"
EOF
if [ "${CP_DISABLE_HTTPS}" = "1" ]
then
log_warning "HTTPS redirection is disabled for testing purposes, please enable it in production mode"
echo "app.forceGlobalSecureRequests=false" >> $ENV_FILE_LOCATION
else
echo "HTTPS redirection is enabled by default (mandatory to federate with the fediverse), use CP_DISABLE_HTTPS=1 to disable it for testing purposes"
fi
cat << EOF >> $ENV_FILE_LOCATION
admin.gateway="${CP_ADMIN_GATEWAY}"
auth.gateway="${CP_AUTH_GATEWAY}"
analytics.salt="${CP_ANALYTICS_SALT}"
database.default.hostname="${CP_DATABASE_HOSTNAME}"
database.default.database="${CP_DATABASE_NAME}"
database.default.username="${CP_DATABASE_USERNAME}"
database.default.password="${CP_DATABASE_PASSWORD}"
database.default.DBPrefix="${CP_DATABASE_PREFIX}"
cache.handler="${CP_CACHE_HANDLER}"
EOF
if [ "${CP_CACHE_HANDLER}" = "redis" ]
then
cat << EOF >> $ENV_FILE_LOCATION
cache.redis.host="${CP_REDIS_HOST}"
cache.redis.password=${CP_REDIS_PASSWORD}
cache.redis.port=${CP_REDIS_PORT}
cache.redis.database=${CP_REDIS_DATABASE}
EOF
fi
if [ "${CP_ENABLE_2FA}" = "true" ]
then
cat << EOF >> $ENV_FILE_LOCATION
auth.enable2FA=true
EOF
fi
if [ "${CP_MEDIA_FILE_MANAGER}" = "s3" ]
then
cat << EOF >> $ENV_FILE_LOCATION
media.fileManager=s3
media.s3.endpoint=${CP_MEDIA_S3_ENDPOINT}
media.s3.key=${CP_MEDIA_S3_KEY}
media.s3.secret=${CP_MEDIA_S3_SECRET}
media.s3.region=${CP_MEDIA_S3_REGION}
media.s3.bucket=${CP_MEDIA_S3_BUCKET}
EOF
fi
if [ ! -z "${CP_MEDIA_S3_PROTOCOL}" ]
then
cat << EOF >> $ENV_FILE_LOCATION
media.s3.protocol=${CP_MEDIA_S3_PROTOCOL}
EOF
fi
if [ ! -z "${CP_MEDIA_S3_PATH_STYLE_ENDPOINT}" ]
then
cat << EOF >> $ENV_FILE_LOCATION
media.s3.pathStyleEndpoint=${CP_MEDIA_S3_PATH_STYLE_ENDPOINT}
EOF
fi
if [ ! -z "${CP_MEDIA_S3_KEY_PREFIX}" ]
then
cat << EOF >> $ENV_FILE_LOCATION
media.s3.keyPrefix=${CP_MEDIA_S3_KEY_PREFIX}
EOF
fi
if [ ! -z "${CP_EMAIL_SMTP_HOST}" ]
then
if [ -z "${CP_EMAIL_SMTP_USERNAME}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_SMTP_USERNAME must be set"
exit 1
fi
if [ -z "${CP_EMAIL_SMTP_PASSWORD}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_SMTP_PASSWORD must be set"
exit 1
fi
if [ -z "${CP_EMAIL_FROM}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_FROM must be set"
exit 1
fi
cat << EOF >> $ENV_FILE_LOCATION
email.protocol="smtp"
email.SMTPHost="${CP_EMAIL_SMTP_HOST}"
email.SMTPUser=${CP_EMAIL_SMTP_USERNAME}
email.SMTPPass=${CP_EMAIL_SMTP_PASSWORD}
email.fromEmail=${CP_EMAIL_FROM}
EOF
if [ ! -z "${CP_EMAIL_SMTP_PORT}" ]
then
cat << EOF >> $ENV_FILE_LOCATION
email.SMTPPort=${CP_EMAIL_SMTP_PORT}
EOF
fi
if [ ! -z "${CP_EMAIL_SMTP_CRYPTO}" ]
then
if [ "${CP_EMAIL_SMTP_CRYPTO}" != "ssl" ] && [ "${CP_EMAIL_SMTP_CRYPTO}" != "tls" ]
then
echo "CP_EMAIL_SMTP_CRYPTO must be ssl or tls"
exit 1
fi
cat << EOF >> $ENV_FILE_LOCATION
email.SMTPCrypto=${CP_EMAIL_SMTP_CRYPTO}
EOF
fi
fi
echo "Using config:"
cat $ENV_FILE_LOCATION
#Run database migrations after 10 seconds (to wait for the database to be started)
(sleep 10 && php spark castopod:database-update) &

1
docker/production/unit/Dockerfile
View File

@ -33,6 +33,7 @@ COPY --from=UNIT_BUILDER /usr/sbin/unitd /usr/sbin/unitd
COPY --from=UNIT_BUILDER /usr/lib/unit/ /usr/lib/unit/
COPY --from=CRON_BUILDER /usr/local/bin/supercronic /usr/local/bin/supercronic
COPY docker/production/common/prepare_environment.sh /prepare_environment.sh
COPY docker/production/unit/entrypoint.sh /entrypoint.sh
COPY castopod /var/www/castopod
COPY docker/production/unit/config.json /config.json

193
docker/production/unit/entrypoint.sh
View File

@ -1,198 +1,9 @@
#!/bin/sh
if [ -z "${CP_BASEURL}" ]
then
echo "CP_BASEURL must be set"
exit 1
fi
ENV_FILE_LOCATION=/var/www/castopod/.env
if [ -z "${CP_MEDIA_BASEURL}" ]
then
echo "CP_MEDIA_BASEURL is empty, leaving empty by default"
fi
. /prepare_environment.sh
if [ -z "${CP_ADMIN_GATEWAY}" ]
then
echo "CP_ADMIN_GATEWAY is empty, using default"
CP_ADMIN_GATEWAY="cp-admin"
fi
if [ -z "${CP_AUTH_GATEWAY}" ]
then
echo "CP_AUTH_GATEWAY is empty, using default"
CP_AUTH_GATEWAY="cp-auth"
fi
if [ -z "${CP_ANALYTICS_SALT}" ]
then
echo "CP_ANALYTICS_SALT is empty, this is mandatory, generate a new one with tr -dc \\!\\#-\\&\\(-\\[\\]-\\_a-\\~ </dev/urandom | head -c 64"
exit 1
fi
if [ -z "${CP_DATABASE_HOSTNAME}" ]
then
echo "CP_DATABASE_HOSTNAME is empty, using default"
CP_DATABASE_HOSTNAME="mariadb"
fi
if [ -z "${CP_DATABASE_PREFIX}" ]
then
echo "CP_DATABASE_PREFIX is empty, using default"
CP_DATABASE_PREFIX="cp_"
fi
if [ -z "${CP_DATABASE_NAME}" ]
then
if [ -z "${MYSQL_DATABASE}" ]
then
echo "When CP_DATABASE_NAME is empty, MYSQL_DATABASE must be set"
exit 1
fi
echo "CP_DATABASE_NAME is empty, using mysql variable"
CP_DATABASE_NAME="${MYSQL_DATABASE}"
fi
if [ -z "${CP_DATABASE_USERNAME}" ]
then
if [ -z "${MYSQL_USER}" ]
then
echo "When CP_DATABASE_USERNAME is empty, MYSQL_USER must be set"
exit 1
fi
echo "CP_DATABASE_USERNAME is empty, using mysql variable"
CP_DATABASE_USERNAME="${MYSQL_USER}"
fi
if [ -z "${CP_DATABASE_PASSWORD}" ]
then
if [ -z "${MYSQL_PASSWORD}" ]
then
echo "When CP_DATABASE_PASSWORD is empty, MYSQL_PASSWORD must be set"
exit 1
fi
echo "CP_DATABASE_PASSWORD is empty, using mysql variable"
CP_DATABASE_PASSWORD="${MYSQL_PASSWORD}"
fi
if [ ! -z "${CP_REDIS_HOST}" ]
then
echo "Using redis cache handler"
CP_CACHE_HANDLER="redis"
if [ -z "${CP_REDIS_PASSWORD}" ]
then
echo "CP_REDIS_PASSWORD is empty, using default"
CP_REDIS_PASSWORD="null"
else
CP_REDIS_PASSWORD="\"${CP_REDIS_PASSWORD}\""
fi
if [ -z "${CP_REDIS_PORT}" ]
then
echo "CP_REDIS_PORT is empty, using default"
CP_REDIS_PORT="6379"
fi
if [ -z "${CP_REDIS_DATABASE}" ]
then
echo "CP_REDIS_DATABASE is empty, using default"
CP_REDIS_DATABASE="0"
fi
else
echo "Using file cache handler"
CP_CACHE_HANDLER="file"
fi
cat << EOF > /var/www/castopod/.env
app.baseURL="${CP_BASEURL}"
media.baseURL="${CP_MEDIA_BASEURL}"
EOF
if [ "${CP_DISABLE_HTTPS}" = "1" ]
then
echo "HTTPS redirection is disabled for testing purposes, please enable it in production mode"
echo "app.forceGlobalSecureRequests=false" >> /var/www/castopod/.env
else
echo "HTTPS redirection is enabled by default (mandatory to federate with the fediverse), use CP_DISABLE_HTTPS=1 to disable it for testing purposes"
fi
cat << EOF >> /var/www/castopod/.env
admin.gateway="${CP_ADMIN_GATEWAY}"
auth.gateway="${CP_AUTH_GATEWAY}"
analytics.salt="${CP_ANALYTICS_SALT}"
database.default.hostname="${CP_DATABASE_HOSTNAME}"
database.default.database="${CP_DATABASE_NAME}"
database.default.username="${CP_DATABASE_USERNAME}"
database.default.password="${CP_DATABASE_PASSWORD}"
database.default.DBPrefix="${CP_DATABASE_PREFIX}"
cache.handler="${CP_CACHE_HANDLER}"
EOF
if [ "${CP_CACHE_HANDLER}" = "redis" ]
then
cat << EOF >> /var/www/castopod/.env
cache.redis.host="${CP_REDIS_HOST}"
cache.redis.password=${CP_REDIS_PASSWORD}
cache.redis.port=${CP_REDIS_PORT}
cache.redis.database=${CP_REDIS_DATABASE}
EOF
fi
if [ ! -z "${CP_EMAIL_SMTP_HOST}" ]
then
if [ -z "${CP_EMAIL_SMTP_USERNAME}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_SMTP_USERNAME must be set"
exit 1
fi
if [ -z "${CP_EMAIL_SMTP_PASSWORD}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_SMTP_PASSWORD must be set"
exit 1
fi
if [ -z "${CP_EMAIL_FROM}" ]
then
echo "When CP_EMAIL_SMTP_HOST is provided, CP_EMAIL_FROM must be set"
exit 1
fi
cat << EOF >> /var/www/castopod/.env
email.protocol="smtp"
email.SMTPHost="${CP_EMAIL_SMTP_HOST}"
email.SMTPUser=${CP_EMAIL_SMTP_USERNAME}
email.SMTPPass=${CP_EMAIL_SMTP_PASSWORD}
email.fromEmail=${CP_EMAIL_FROM}
EOF
if [ ! -z "${CP_EMAIL_SMTP_PORT}" ]
then
cat << EOF >> /var/www/castopod/.env
email.SMTPPort=${CP_EMAIL_SMTP_PORT}
EOF
fi
if [ ! -z "${CP_EMAIL_SMTP_CRYPTO}" ]
then
if [ "${CP_EMAIL_SMTP_CRYPTO}" != "ssl" ] && [ "${CP_EMAIL_SMTP_CRYPTO}" != "tls" ]
then
echo "CP_EMAIL_SMTP_CRYPTO must be ssl or tls"
exit 1
fi
cat << EOF >> /var/www/castopod/.env
email.SMTPCrypto=${CP_EMAIL_SMTP_CRYPTO}
EOF
fi
fi
#Run database migrations after 10 seconds (to wait for the database to be started)
(sleep 10 && php spark castopod:database-update) &
#Apply configuration after unit is started
(sleep 2 && curl -X PUT --data-binary @/config.json --unix-socket /var/run/control.unit.sock http://localhost/config/) &
supervisord

2
docker/production/video-clipper/Dockerfile
View File

@ -4,7 +4,7 @@ ENV SUPERCRONIC_VERSION=v0.2.1
COPY docker/production/video-clipper/entrypoint.sh /entrypoint.sh
RUN echo "*/2 * * * * /usr/local/bin/php /opt/castopod/public/index.php scheduled-video-clips" >> /crontab.txt
RUN echo "* * * * * /usr/local/bin/php /opt/castopod/public/index.php scheduled-video-clips" >> /crontab.txt
RUN apt update && \
apt install -y libfreetype6-dev libjpeg62-turbo-dev libpng-dev libwebp-dev libxpm-dev libicu-dev && \

56
docs/src/getting-started/docker.md
View File

@ -148,29 +148,39 @@ can be added as a cache handler.
- **castopod/app**
| Variable name | Type (`default`) | Default |
| ---------------------------- | ----------------------- | ---------------- |
| **`CP_BASEURL`** | string | `undefined` |
| **`CP_MEDIA_BASEURL`** | ?string | `CP_BASEURL` |
| **`CP_ADMIN_GATEWAY`** | ?string | `"cp-admin"` |
| **`CP_AUTH_GATEWAY`** | ?string | `"cp-auth"` |
| **`CP_ANALYTICS_SALT`** | string | `undefined` |
| **`CP_DATABASE_HOSTNAME`** | ?string | `"mariadb"` |
| **`CP_DATABASE_NAME`** | ?string | `MYSQL_DATABASE` |
| **`CP_DATABASE_USERNAME`** | ?string | `MYSQL_USER` |
| **`CP_DATABASE_PASSWORD`** | ?string | `MYSQL_PASSWORD` |
| **`CP_DATABASE_PREFIX`** | ?string | `"cp_"` |
| **`CP_CACHE_HANDLER`** | [`"file"` or `"redis"`] | `"file"` |
| **`CP_REDIS_HOST`** | ?string | `"localhost"` |
| **`CP_REDIS_PASSWORD`** | ?string | `null` |
| **`CP_REDIS_PORT`** | ?number | `6379` |
| **`CP_REDIS_DATABASE`** | ?number | `0` |
| **`CP_EMAIL_SMTP_HOST`** | ?string | `undefined` |
| **`CP_EMAIL_FROM`** | ?string | `undefined` |
| **`CP_EMAIL_SMTP_USERNAME`** | ?string | `"localhost"` |
| **`CP_EMAIL_SMTP_PASSWORD`** | ?string | `null` |
| **`CP_EMAIL_SMTP_PORT`** | ?number | `25` |
| **`CP_EMAIL_SMTP_CRYPTO`** | [`"tls"` or `"ssl"`] | `"tls"` |
| Variable name | Type (`default`) | Default |
| ------------------------------------- | ----------------------- | ---------------- |
| **`CP_BASEURL`** | string | `undefined` |
| **`CP_MEDIA_BASEURL`** | ?string | `CP_BASEURL` |
| **`CP_ADMIN_GATEWAY`** | ?string | `"cp-admin"` |
| **`CP_AUTH_GATEWAY`** | ?string | `"cp-auth"` |
| **`CP_ANALYTICS_SALT`** | string | `undefined` |
| **`CP_DATABASE_HOSTNAME`** | ?string | `"mariadb"` |
| **`CP_DATABASE_NAME`** | ?string | `MYSQL_DATABASE` |
| **`CP_DATABASE_USERNAME`** | ?string | `MYSQL_USER` |
| **`CP_DATABASE_PASSWORD`** | ?string | `MYSQL_PASSWORD` |
| **`CP_DATABASE_PREFIX`** | ?string | `"cp_"` |
| **`CP_CACHE_HANDLER`** | [`"file"` or `"redis"`] | `"file"` |
| **`CP_REDIS_HOST`** | ?string | `"localhost"` |
| **`CP_REDIS_PASSWORD`** | ?string | `null` |
| **`CP_REDIS_PORT`** | ?number | `6379` |
| **`CP_REDIS_DATABASE`** | ?number | `0` |
| **`CP_EMAIL_SMTP_HOST`** | ?string | `undefined` |
| **`CP_EMAIL_FROM`** | ?string | `undefined` |
| **`CP_EMAIL_SMTP_USERNAME`** | ?string | `"localhost"` |
| **`CP_EMAIL_SMTP_PASSWORD`** | ?string | `null` |
| **`CP_EMAIL_SMTP_PORT`** | ?number | `25` |
| **`CP_EMAIL_SMTP_CRYPTO`** | [`"tls"` or `"ssl"`] | `"tls"` |
| **`CP_ENABLE_2FA`** | ?boolean | `undefined` |
| **`CP_MEDIA_FILE_MANAGER`** | ?string | `undefined` |
| **`CP_MEDIA_S3_ENDPOINT`** | ?string | `undefined` |
| **`CP_MEDIA_S3_KEY`** | ?string | `undefined` |
| **`CP_MEDIA_S3_SECRET`** | ?string | `undefined` |
| **`CP_MEDIA_S3_REGION`** | ?string | `undefined` |
| **`CP_MEDIA_S3_BUCKET`** | ?string | `undefined` |
| **`CP_MEDIA_S3_PROTOCOL`** | ?number | `undefined` |
| **`CP_MEDIA_S3_PATH_STYLE_ENDPOINT`** | ?boolean | `undefined` |
| **`CP_MEDIA_S3_KEY_PREFIX`** | ?string | `undefined` |
- **castopod/web-server**