diff --git a/.gitignore b/.gitignore index c2c101b..14a6e94 100644 --- a/.gitignore +++ b/.gitignore @@ -17,8 +17,6 @@ fotospiel-tenant-app .phpactor.json .phpunit.result.cache Homestead.json -gogs.ini -stripe.exe Homestead.yaml npm-debug.log yarn-error.log @@ -29,6 +27,5 @@ yarn-error.log /.vscode /.zed tools/git-askpass.ps1 -docker podman-compose.dev.yml test-results diff --git a/docker/.env.docker b/docker/.env.docker new file mode 100644 index 0000000..096f839 --- /dev/null +++ b/docker/.env.docker @@ -0,0 +1,29 @@ +APP_NAME=Fotospiel +APP_ENV=production +APP_DEBUG=false +APP_URL=http://localhost:8080 +APP_KEY= + +LOG_CHANNEL=stack +LOG_LEVEL=info + +DB_CONNECTION=mysql +DB_HOST=mysql +DB_PORT=3306 +DB_DATABASE=fotospiel +DB_USERNAME=fotospiel +DB_PASSWORD=secret + +REDIS_HOST=redis +REDIS_PASSWORD=null +REDIS_PORT=6379 + +QUEUE_CONNECTION=redis +CACHE_DRIVER=redis +SESSION_DRIVER=redis +BROADCAST_DRIVER=log +FILESYSTEM_DISK=local-ssd + +# Storage monitoring alerts +STORAGE_ALERT_EMAIL= + diff --git a/docker/app/entrypoint.sh b/docker/app/entrypoint.sh new file mode 100644 index 0000000..2999acf --- /dev/null +++ b/docker/app/entrypoint.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash + +set -euo pipefail + +APP_SOURCE=${APP_SOURCE:-/opt/app} +APP_TARGET=${APP_TARGET:-/var/www/html} +APP_USER=${APP_USER:-www-data} +APP_GROUP=${APP_GROUP:-www-data} + +mkdir -p "${APP_TARGET}" + +# Sync the built application from the immutable image into the shared app volume +# while preserving runtime data that lives under storage/. +rsync -a --delete \ + --exclude storage \ + --exclude public/storage \ + --exclude bootstrap/cache \ + --exclude .env \ + "${APP_SOURCE}/" "${APP_TARGET}/" + +cd "${APP_TARGET}" + +mkdir -p storage/framework/{cache,sessions,testing,views} storage/logs bootstrap/cache +chown -R "${APP_USER}:${APP_GROUP}" storage bootstrap/cache || true +find storage -type d -exec chmod 775 {} \; +find storage -type f -exec chmod 664 {} \; +chmod -R ug+rwx bootstrap/cache + +php artisan config:cache --quiet || true +php artisan route:cache --quiet || true +php artisan event:cache --quiet || true + +exec "$@" diff --git a/docker/dev/logging/loki-config.yml b/docker/dev/logging/loki-config.yml new file mode 100644 index 0000000..5ed1933 --- /dev/null +++ b/docker/dev/logging/loki-config.yml @@ -0,0 +1,45 @@ +auth_enabled: false + +server: + http_listen_port: 3100 + grpc_listen_port: 9095 + +ingester: + lifecycler: + address: 127.0.0.1 + ring: + kvstore: + store: inmemory + replication_factor: 1 + chunk_idle_period: 5m + chunk_target_size: 1048576 + chunk_retain_period: 1m + max_transfer_retries: 0 + +schema_config: + configs: + - from: 2020-10-15 + store: boltdb-shipper + object_store: filesystem + schema: v11 + index: + prefix: index_ + period: 24h + +storage_config: + boltdb_shipper: + active_index_directory: /loki/index + cache_location: /loki/index_cache + shared_store: filesystem + filesystem: + directory: /loki/chunks + +compactor: + working_directory: /loki/compactor + shared_store: filesystem + +ruler: + storage: + type: local + local: + directory: /loki/rules diff --git a/docker/dev/logging/promtail-config.yml b/docker/dev/logging/promtail-config.yml new file mode 100644 index 0000000..7b4c892 --- /dev/null +++ b/docker/dev/logging/promtail-config.yml @@ -0,0 +1,17 @@ +server: + http_listen_port: 9080 + grpc_listen_port: 0 + +positions: + filename: /var/log/promtail/positions.yaml + +clients: + - url: http://loki:3100/loki/api/v1/push + +scrape_configs: + - job_name: laravel_logs + static_configs: + - labels: + app: fotospiel + service: laravel + __path__: /var/www/html/storage/logs/*.log diff --git a/docker/dev/php/Containerfile b/docker/dev/php/Containerfile new file mode 100644 index 0000000..057fc8d --- /dev/null +++ b/docker/dev/php/Containerfile @@ -0,0 +1,36 @@ +FROM docker.io/library/php:8.3-cli + +ENV DEBIAN_FRONTEND=noninteractive + +# Install system dependencies and PHP extensions needed by the app +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + git \ + unzip \ + libzip-dev \ + libpng-dev \ + libjpeg62-turbo-dev \ + libfreetype6-dev \ + libicu-dev \ + libonig-dev \ + libsqlite3-dev \ + pkg-config; \ + docker-php-ext-configure gd --with-freetype --with-jpeg; \ + docker-php-ext-install -j"$(nproc)" \ + bcmath \ + intl \ + gd \ + pdo \ + pdo_mysql \ + pdo_sqlite \ + zip; \ + apt-get clean; \ + rm -rf /var/lib/apt/lists/* + +# Provide Composer for dependency management +COPY --from=docker.io/library/composer:2 /usr/bin/composer /usr/bin/composer + +WORKDIR /var/www/html + +CMD ["php", "-v"] diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf new file mode 100644 index 0000000..ae0335a --- /dev/null +++ b/docker/nginx/default.conf @@ -0,0 +1,34 @@ +server { + listen 80; + listen [::]:80; + server_name _; + root /var/www/html/public; + index index.php index.html; + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-Content-Type-Options "nosniff"; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ \.php$ { + include fastcgi_params; + fastcgi_pass app:9000; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_buffer_size 32k; + fastcgi_buffers 8 16k; + } + + location ~* \.(jpg|jpeg|gif|png|css|js|ico|svg|webp|woff2?)$ { + expires 30d; + access_log off; + } + + client_max_body_size 32m; +} + diff --git a/docker/php/opcache.ini b/docker/php/opcache.ini new file mode 100644 index 0000000..7229e69 --- /dev/null +++ b/docker/php/opcache.ini @@ -0,0 +1,9 @@ +opcache.enable=1 +opcache.enable_cli=0 +opcache.memory_consumption=256 +opcache.interned_strings_buffer=16 +opcache.max_accelerated_files=20000 +opcache.validate_timestamps=0 +opcache.revalidate_freq=0 +opcache.fast_shutdown=1 + diff --git a/docker/php/php.ini b/docker/php/php.ini new file mode 100644 index 0000000..54b4e68 --- /dev/null +++ b/docker/php/php.ini @@ -0,0 +1,7 @@ +memory_limit=512M +upload_max_filesize=32M +post_max_size=32M +max_execution_time=120 +date.timezone=UTC +expose_php=0 +