From 5f2eac393b9ab68c6dc4691ebd2f01ed16940019 Mon Sep 17 00:00:00 2001 From: Jono Date: Sat, 27 Apr 2024 21:12:58 -0700 Subject: [PATCH 01/31] Docker files in local directory --- .env.example | 22 ++- docker-compose.yaml | 31 +++++ docker/Dockerfile | 67 +++++++++ docker/cypht_setup_database.php | 45 ++++++ docker/docker-entrypoint.sh | 233 ++++++++++++++++++++++++++++++++ docker/nginx.conf | 40 ++++++ docker/supervisord.conf | 22 +++ 7 files changed, 454 insertions(+), 6 deletions(-) create mode 100644 docker-compose.yaml create mode 100644 docker/Dockerfile create mode 100644 docker/cypht_setup_database.php create mode 100644 docker/docker-entrypoint.sh create mode 100644 docker/nginx.conf create mode 100644 docker/supervisord.conf diff --git a/.env.example b/.env.example index 1779142bcc..e75391c929 100644 --- a/.env.example +++ b/.env.example @@ -1,13 +1,23 @@ APP_NAME=Cypht +# DB_CONNECTION_TYPE=host +# DB_DRIVER=mysql +# DB_PORT= +# DB_HOST=localhost +# DB_NAME=test +# DB_USER=test +# DB_PASS=123456 +# DB_SOCKET=/var/lib/mysqld/mysqld.sock + +# AUTH_USERNAME=admin +# AUTH_PASSWORD=admin_password DB_CONNECTION_TYPE=host +DB_HOST=db +DB_NAME=cypht +DB_USER=cypht +DB_PASS=cypht_password +SESSION_TYPE=db DB_DRIVER=mysql -DB_PORT= -DB_HOST=localhost -DB_NAME=test -DB_USER=test -DB_PASS=123456 -DB_SOCKET=/var/lib/mysqld/mysqld.sock SESSION_TYPE=PHP AUTH_TYPE=DB diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000000..d487262041 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,31 @@ +version: '3' +services: + db: + image: mariadb:10 + ports: + - "3306:3306" + volumes: + - ./db:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=root_password + - MYSQL_DATABASE=cypht + - MYSQL_USER=cypht + - MYSQL_PASSWORD=cypht_password + cypht: + # image: sailfrog/cypht-docker:latest + build: + context: . + dockerfile: ./docker/Dockerfile + volumes: + - ./cypht/users:/var/lib/hm3/users + ports: + - "80:80" + environment: + - CYPHT_AUTH_USERNAME=admin + - CYPHT_AUTH_PASSWORD=admin_password + - CYPHT_DB_CONNECTION_TYPE=host + - CYPHT_DB_HOST=db + - CYPHT_DB_NAME=cypht + - CYPHT_DB_USER=cypht + - CYPHT_DB_PASS=cypht_password + - CYPHT_SESSION_TYPE=db diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 0000000000..bb91aa15fe --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,67 @@ +FROM php:7.4.33-fpm-alpine + +# ENV CYPHT_DEST "/usr/local/share/cypht" + +# WORKDIR "/var/www" + +WORKDIR "/usr/local/share/cypht" + +RUN set -e \ + && apk add --no-cache \ + supervisor \ + nginx \ + composer \ + # GD + freetype libpng libjpeg-turbo \ + php-session php-fileinfo php-dom php-xml libxml2-dev php-xmlwriter php-tokenizer \ + && apk add --no-cache --virtual .build-deps \ + ca-certificates \ + # wget \ + # unzip \ + # For GD (2fa module) + libpng-dev libjpeg-turbo-dev freetype-dev \ + && docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/ \ + && docker-php-ext-install gd pdo pdo_mysql \ + # && mkdir ${CYPHT_DEST} \ + # && cd ${CYPHT_DEST} \ + # && mkdir /tmp/cypht-temp \ + # && cd /tmp/cypht-temp \ + # && wget https://github.com/cypht-org/cypht/archive/master.zip \ + # && unzip master.zip \ + # && cp cypht-master/hm3.sample.ini cypht-master/hm3.ini \ + # && find . -type d -print | xargs chmod 755 \ + # && find . -type f -print | xargs chmod 644 \ + # && chown -R root:root cypht-master \ + # && mv cypht-master/* ${CYPHT_DEST} \ + # && cd /tmp \ + # && rm -rf cypht-temp \ + # && apk del .build-deps \ + # && cd ${CYPHT_DEST} \ + # && composer update \ + # && composer self-update --2 \ + # && composer install \ + && echo "post_max_size = 60M" >> /usr/local/etc/php/php.ini \ + && echo "upload_max_filesize = 50M" >> /usr/local/etc/php/php.ini + +COPY docker/nginx.conf /etc/nginx/nginx.conf +COPY docker/supervisord.conf /etc/supervisord.conf +COPY docker/docker-entrypoint.sh /usr/local/bin/ +COPY docker/cypht_setup_database.php /tmp/cypht_setup_database.php + +RUN set -ex \ + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ + && chmod 700 /tmp/cypht_setup_database.php \ + && chmod +x /usr/local/bin/docker-entrypoint.sh + +COPY composer.* . + +RUN composer update \ + && composer install + +COPY . . +COPY .env.example .env + +EXPOSE 80 443 + +ENTRYPOINT ["docker-entrypoint.sh"] diff --git a/docker/cypht_setup_database.php b/docker/cypht_setup_database.php new file mode 100644 index 0000000000..94a1f240b4 --- /dev/null +++ b/docker/cypht_setup_database.php @@ -0,0 +1,45 @@ +setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + printf("Database connection successful ...\n"); + $connected = true; + } catch(PDOException $e){ + error_log('Waiting for database connection ... (' . $e->getMessage() . ')'); + sleep(1); + } +} +if ($session_type == 'DB') { + if ($db_driver == 'mysql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_session (hm_id varchar(250), data longblob, date timestamp, primary key (hm_id));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_session (hm_id varchar(250) primary key not null, data text, date timestamp);"; + } + printf("Creating database table hm_user_session ...\n"); + $conn->exec($stmt); +} +if ($auth_type == 'DB') { + if ($db_driver == 'mysql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user (username varchar(250), hash varchar(250), primary key (username));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user (username varchar(255) primary key not null, hash varchar(255));"; + } + printf("Creating database table hm_user ...\n"); + $conn->exec($stmt); +} +if ($user_config_type == 'DB') { + if ($db_driver == 'mysql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_settings(username varchar(250), settings longblob, primary key (username));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_settings (username varchar(250) primary key not null, settings text);"; + } + printf("Creating database table hm_user_settings ...\n"); + $conn->exec($stmt); +} diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh new file mode 100644 index 0000000000..b5f9900830 --- /dev/null +++ b/docker/docker-entrypoint.sh @@ -0,0 +1,233 @@ +#!/bin/sh + +CYPHT_CONFIG_FILE=/usr/local/share/cypht/hm3.ini + +# +# Update ini file based on environment variables (only if the specific environment variable is set) +# + +# General Settings +if [ ! -z ${CYPHT_SESSION_TYPE+x} ]; then sed -i "s/session_type=.*/session_type=${CYPHT_SESSION_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_AUTH_TYPE+x} ]; then sed -i "s/auth_type=.*/auth_type=${CYPHT_AUTH_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH_SERVER+x} ]; then sed -i "s/ldap_auth_server=.*/ldap_auth_server=${CYPHT_LDAP_AUTH_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH_PORT+x} ]; then sed -i "s/ldap_auth_port=.*/ldap_auth_port=${CYPHT_LDAP_AUTH_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH_TLS+x} ]; then sed -i "s/ldap_auth_tls=.*/ldap_auth_tls=${CYPHT_LDAP_AUTH_TLS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH_BASE_DN+x} ]; then sed -i "s/ldap_auth_base_dn=.*/ldap_auth_base_dn=${CYPHT_LDAP_AUTH_BASE_DN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_NAME+x} ]; then sed -i "s/imap_auth_name=.*/imap_auth_name=${CYPHT_IMAP_AUTH_NAME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_SERVER+x} ]; then sed -i "s/imap_auth_server=.*/imap_auth_server=${CYPHT_IMAP_AUTH_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_PORT+x} ]; then sed -i "s/imap_auth_port=.*/imap_auth_port=${CYPHT_IMAP_AUTH_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_TLS+x} ]; then sed -i "s/imap_auth_tls=.*/imap_auth_tls=${CYPHT_IMAP_AUTH_TLS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_NAME+x} ]; then sed -i "s/default_smtp_name=.*/default_smtp_name=${CYPHT_DEFAULT_SMTP_NAME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_SERVER+x} ]; then sed -i "s/default_smtp_server=.*/default_smtp_server=${CYPHT_DEFAULT_SMTP_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_PORT+x} ]; then sed -i "s/default_smtp_port=.*/default_smtp_port=${CYPHT_DEFAULT_SMTP_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_TLS+x} ]; then sed -i "s/default_smtp_tls=.*/default_smtp_tls=${CYPHT_DEFAULT_SMTP_TLS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_NO_AUTH+x} ]; then sed -i "s/default_smtp_no_auth=.*/default_smtp_no_auth=${CYPHT_DEFAULT_SMTP_NO_AUTH}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_USER_CONFIG_TYPE+x} ]; then sed -i "s/user_config_type=.*/user_config_type=${CYPHT_USER_CONFIG_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_USER_SETTINGS_DIR+x} ]; then sed -i "s!user_settings_dir=.*!user_settings_dir=${CYPHT_USER_SETTINGS_DIR}!" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ATTACHMENT_DIR+x} ]; then sed -i "s/attachment_dir=.*/attachment_dir=${CYPHT_ATTACHMENT_DIR}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_APP_DATA_DIR+x} ]; then sed -i "s/app_data_dir=.*/app_data_dir=${CYPHT_APP_DATA_DIR}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_ORIGIN_CHECK+x} ]; then sed -i "s/disable_origin_check=.*/disable_origin_check=${CYPHT_DISABLE_ORIGIN_CHECK}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ADMIN_USERS+x} ]; then sed -i "s/admin_users=.*/admin_users=${CYPHT_ADMIN_USERS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_COOKIE_DOMAIN+x} ]; then sed -i "s/cookie_domain=.*/cookie_domain=${CYPHT_COOKIE_DOMAIN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_EMAIL_DOMAIN+x} ]; then sed -i "s/default_email_domain=.*/default_email_domain=${CYPHT_DEFAULT_EMAIL_DOMAIN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_REDIRECT_AFTER_LOGIN+x} ]; then sed -i "s/redirect_after_login=.*/redirect_after_login=${CYPHT_REDIRECT_AFTER_LOGIN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_APP_NAME+x} ]; then sed -i "s/app_name=.*/app_name=${CYPHT_APP_NAME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_LANGUAGE+x} ]; then sed -i "s/default_language=.*/default_language=${CYPHT_DEFAULT_LANGUAGE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_JS_COMPRESS+x} ]; then sed -i "s/js_compress=.*/js_compress=${CYPHT_JS_COMPRESS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_CSS_COMPRESS+x} ]; then sed -i "s/css_compress=.*/css_compress=${CYPHT_CSS_COMPRESS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ENABLE_MEMCACHED+x} ]; then sed -i "s/enable_memcached=.*/enable_memcached=${CYPHT_ENABLE_MEMCACHED}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_SERVER+x} ]; then sed -i "s/memcached_server=.*/memcached_server=${CYPHT_MEMCACHED_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_PORT+x} ]; then sed -i "s/memcached_port=.*/memcached_port=${CYPHT_MEMCACHED_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_AUTH+x} ]; then sed -i "s/memcached_auth=.*/memcached_auth=${CYPHT_MEMCACHED_AUTH}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_USER+x} ]; then sed -i "s/memcached_user=.*/memcached_user=${CYPHT_MEMCACHED_USER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_PASS+x} ]; then sed -i "s/memcached_pass=.*/memcached_pass=${CYPHT_MEMCACHED_PASS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ALLOW_LONG_SESSION+x} ]; then sed -i "s/allow_long_session=.*/allow_long_session=${CYPHT_ALLOW_LONG_SESSION}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LONG_SESSION_LIFETIME+x} ]; then sed -i "s/long_session_lifetime=.*/long_session_lifetime=${CYPHT_LONG_SESSION_LIFETIME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ENCRYPT_AJAX_REQUESTS+x} ]; then sed -i "s/encrypt_ajax_requests=.*/encrypt_ajax_requests=${CYPHT_ENCRYPT_AJAX_REQUESTS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ENCRYPT_LOCAL_STORAGE+x} ]; then sed -i "s/encrypt_local_storage=.*/encrypt_local_storage=${CYPHT_ENCRYPT_LOCAL_STORAGE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_IP_CHECK+x} ]; then sed -i "s/disable_ip_check=.*/disable_ip_check=${CYPHT_DISABLE_IP_CHECK}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ALLOW_EXTERNAL_IMAGE_SOURCES+x} ]; then sed -i "s/allow_external_image_sources=.*/allow_external_image_sources=${CYPHT_ALLOW_EXTERNAL_IMAGE_SOURCES}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_SINGLE_SERVER_MODE+x} ]; then sed -i "s/single_server_mode=.*/single_server_mode=${CYPHT_SINGLE_SERVER_MODE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_EMPTY_SUPERGLOBALS+x} ]; then sed -i "s/disable_empty_superglobals=.*/disable_empty_superglobals=${CYPHT_DISABLE_EMPTY_SUPERGLOBALS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_OPEN_BASEDIR+x} ]; then sed -i "s/disable_open_basedir=.*/disable_open_basedir=${CYPHT_DISABLE_OPEN_BASEDIR}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_INI_SETTINGS+x} ]; then sed -i "s/disable_ini_settings=.*/disable_ini_settings=${CYPHT_DISABLE_INI_SETTINGS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_FINGERPRINT+x} ]; then sed -i "s/disable_fingerprint=.*/disable_fingerprint=${CYPHT_DISABLE_FINGERPRINT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_CONNECTION_TYPE+x} ]; then sed -i "s/db_connection_type=.*/db_connection_type=${CYPHT_DB_CONNECTION_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_HOST+x} ]; then sed -i "s/db_host=.*/db_host=${CYPHT_DB_HOST}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_SOCKET+x} ]; then sed -i "s/db_socket=.*/db_socket=${CYPHT_DB_SOCKET}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_NAME+x} ]; then sed -i "s/db_name=.*/db_name=${CYPHT_DB_NAME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_USER+x} ]; then sed -i "s/db_user=.*/db_user=${CYPHT_DB_USER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_PASS+x} ]; then sed -i "s/db_pass=.*/db_pass=${CYPHT_DB_PASS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_DRIVER+x} ]; then sed -i "s/db_driver=.*/db_driver=${CYPHT_DB_DRIVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_API_LOGIN_KEY+x} ]; then sed -i "s/api_login_key=.*/api_login_key=${CYPHT_API_LOGIN_KEY}/" ${CYPHT_CONFIG_FILE}; fi + +# Modules + +enable_disable_module() { + local module=${1} + local setting=${2} + # For some reason, "(; )?" isn't working but ";\{0,1\} \{0,1\}" does the same thing + if [ ${setting} = enable ] + then + sed -i "s/^;\{0,1\} \{0,1\}modules\[\]=${module}/modules[]=${module}/" ${CYPHT_CONFIG_FILE} + if [ ${module} = api_login ]; then sed -i "s/;\{0,1\} \{0,1\}api_login_key=/api_login_key=/" ${CYPHT_CONFIG_FILE}; fi + else + sed -i "s/^;\{0,1\} \{0,1\}modules\[\]=${module}/; modules[]=${module}/" ${CYPHT_CONFIG_FILE} + if [ ${module} = api_login ]; then sed -i "s/;\{0,1\} \{0,1\}api_login_key=/; api_login_key=/" ${CYPHT_CONFIG_FILE}; fi + fi +} + +if [ ! -z ${CYPHT_MODULE_CORE+x} ]; then enable_disable_module core ${CYPHT_MODULE_CORE}; fi +if [ ! -z ${CYPHT_MODULE_CONTACTS+x} ]; then enable_disable_module contacts ${CYPHT_MODULE_CONTACTS}; fi +if [ ! -z ${CYPHT_MODULE_LOCAL_CONTACTS+x} ]; then enable_disable_module local_contacts ${CYPHT_MODULE_LOCAL_CONTACTS}; fi +if [ ! -z ${CYPHT_MODULE_LDAP_CONTACTS+x} ]; then enable_disable_module ldap_contacts ${CYPHT_MODULE_LDAP_CONTACTS}; fi +if [ ! -z ${CYPHT_MODULE_GMAIL_CONTACTS+x} ]; then enable_disable_module gmail_contacts ${CYPHT_MODULE_GMAIL_CONTACTS}; fi +if [ ! -z ${CYPHT_MODULE_FEEDS+x} ]; then enable_disable_module feeds ${CYPHT_MODULE_FEEDS}; fi +if [ ! -z ${CYPHT_MODULE_IMAP+x} ]; then enable_disable_module imap ${CYPHT_MODULE_IMAP}; fi +if [ ! -z ${CYPHT_MODULE_2FA+x} ]; then enable_disable_module 2fa ${CYPHT_MODULE_2FA}; fi +if [ ! -z ${CYPHT_MODULE_SMTP+x} ]; then enable_disable_module smtp ${CYPHT_MODULE_SMTP}; fi +if [ ! -z ${CYPHT_MODULE_ACCOUNT+x} ]; then enable_disable_module account ${CYPHT_MODULE_ACCOUNT}; fi +if [ ! -z ${CYPHT_MODULE_IDLE_TIMER+x} ]; then enable_disable_module idle_timer ${CYPHT_MODULE_IDLE_TIMER}; fi +if [ ! -z ${CYPHT_MODULE_CALENDAR+x} ]; then enable_disable_module calendar ${CYPHT_MODULE_CALENDAR}; fi +if [ ! -z ${CYPHT_MODULE_THEMES+x} ]; then enable_disable_module themes ${CYPHT_MODULE_THEMES}; fi +if [ ! -z ${CYPHT_MODULE_NUX+x} ]; then enable_disable_module nux ${CYPHT_MODULE_NUX}; fi +if [ ! -z ${CYPHT_MODULE_DEVELOPER+x} ]; then enable_disable_module developer ${CYPHT_MODULE_DEVELOPER}; fi +if [ ! -z ${CYPHT_MODULE_GITHUB+x} ]; then enable_disable_module github ${CYPHT_MODULE_GITHUB}; fi +if [ ! -z ${CYPHT_MODULE_RECAPTCHA+x} ]; then enable_disable_module recaptcha ${CYPHT_MODULE_RECAPTCHA}; fi +if [ ! -z ${CYPHT_MODULE_WORDPRESS+x} ]; then enable_disable_module wordpress ${CYPHT_MODULE_WORDPRESS}; fi +if [ ! -z ${CYPHT_MODULE_HISTORY+x} ]; then enable_disable_module history ${CYPHT_MODULE_HISTORY}; fi +if [ ! -z ${CYPHT_MODULE_SAVED_SEARCHES+x} ]; then enable_disable_module saved_searches ${CYPHT_MODULE_SAVED_SEARCHES}; fi +if [ ! -z ${CYPHT_MODULE_NASA+x} ]; then enable_disable_module nasa ${CYPHT_MODULE_NASA}; fi +if [ ! -z ${CYPHT_MODULE_PROFILES+x} ]; then enable_disable_module profiles ${CYPHT_MODULE_PROFILES}; fi +if [ ! -z ${CYPHT_MODULE_INLINE_MESSAGE+x} ]; then enable_disable_module inline_message ${CYPHT_MODULE_INLINE_MESSAGE}; fi +if [ ! -z ${CYPHT_MODULE_IMAP_FOLDERS+x} ]; then enable_disable_module imap_folders ${CYPHT_MODULE_IMAP_FOLDERS}; fi +if [ ! -z ${CYPHT_MODULE_KEYBOARD_SHORTCUTS+x} ]; then enable_disable_module keyboard_shortcuts ${CYPHT_MODULE_KEYBOARD_SHORTCUTS}; fi +if [ ! -z ${CYPHT_MODULE_SIEVEFILTERS+x} ]; then enable_disable_module sievefilters ${CYPHT_MODULE_SIEVEFILTERS}; fi +if [ ! -z ${CYPHT_MODULE_SITE+x} ]; then enable_disable_module site ${CYPHT_MODULE_SITE}; fi +if [ ! -z ${CYPHT_MODULE_DYNAMIC_LOGIN+x} ]; then enable_disable_module dynamic_login ${CYPHT_MODULE_DYNAMIC_LOGIN}; fi +if [ ! -z ${CYPHT_MODULE_API_LOGIN+x} ]; then enable_disable_module api_login ${CYPHT_MODULE_API_LOGIN}; fi +if [ ! -z ${CYPHT_MODULE_RECOVER_SETTINGS+x} ]; then enable_disable_module recover_settings ${CYPHT_MODULE_RECOVER_SETTINGS}; fi +if [ ! -z ${CYPHT_MODULE_HELLO_WORLD+x} ]; then enable_disable_module hello_world ${CYPHT_MODULE_HELLO_WORLD}; fi +if [ ! -z ${CYPHT_MODULE_DESKTOP_NOTIFICATIONS+x} ]; then enable_disable_module desktop_notifications ${CYPHT_MODULE_DESKTOP_NOTIFICATIONS}; fi + +# Defaults +if [ ! -z ${CYPHT_DEFAULT_SETTING_NO_PASSWORD_SAVE+x} ]; then sed -i "s/; default_setting_no_password_save=.*/default_setting_no_password_save=${CYPHT_DEFAULT_SETTING_NO_PASSWORD_SAVE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_IMAP_PER_PAGE+x} ]; then sed -i "s/; default_setting_imap_per_page=.*/default_setting_imap_per_page=${CYPHT_DEFAULT_SETTING_IMAP_PER_PAGE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SIMPLE_MSG_PARTS+x} ]; then sed -i "s/; default_setting_simple_msg_parts=.*/default_setting_simple_msg_parts=${CYPHT_DEFAULT_SETTING_SIMPLE_MSG_PARTS}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_MSG_PART_ICONS+x} ]; then sed -i "s/; default_setting_msg_part_icons=.*/default_setting_msg_part_icons=${CYPHT_DEFAULT_SETTING_MSG_PART_ICONS}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_TEXT_ONLY+x} ]; then sed -i "s/; default_setting_text_only=.*/default_setting_text_only=${CYPHT_DEFAULT_SETTING_TEXT_ONLY}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SENT_PER_SOURCE+x} ]; then sed -i "s/; default_setting_sent_per_source=.*/default_setting_sent_per_source=${CYPHT_DEFAULT_SETTING_SENT_PER_SOURCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SENT_SINCE+x} ]; then sed -i "s/; default_setting_sent_since=.*/default_setting_sent_since=${CYPHT_DEFAULT_SETTING_SENT_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SHOW_LIST_ICONS+x} ]; then sed -i "s/; default_setting_show_list_icons=.*/default_setting_show_list_icons=${CYPHT_DEFAULT_SETTING_SHOW_LIST_ICONS}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_START_PAGE+x} ]; then sed -i "s/; default_setting_start_page=.*/default_setting_start_page=${CYPHT_DEFAULT_SETTING_START_PAGE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_DISABLE_DELETE_PROMPT+x} ]; then sed -i "s/; default_setting_disable_delete_prompt=.*/default_setting_disable_delete_prompt=${CYPHT_DEFAULT_SETTING_DISABLE_DELETE_PROMPT}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_NO_FOLDER_ICONS+x} ]; then sed -i "s/; default_setting_no_folder_icons=.*/default_setting_no_folder_icons=${CYPHT_DEFAULT_SETTING_NO_FOLDER_ICONS}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE+x} ]; then sed -i "s/; default_setting_all_email_per_source=.*/default_setting_all_email_per_source=${CYPHT_DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_EMAIL_SINCE+x} ]; then sed -i "s/; default_setting_all_email_since=.*/default_setting_all_email_since=${CYPHT_DEFAULT_SETTING_ALL_EMAIL_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_SINCE+x} ]; then sed -i "s/; default_setting_all_since=.*/default_setting_all_since=${CYPHT_DEFAULT_SETTING_ALL_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_PER_SOURCE+x} ]; then sed -i "s/; default_setting_all_per_source=.*/default_setting_all_per_source=${CYPHT_DEFAULT_SETTING_ALL_PER_SOURCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_PER_SOURCE+x} ]; then sed -i "s/; default_setting_unread_per_source=.*/default_setting_unread_per_source=${CYPHT_DEFAULT_SETTING_UNREAD_PER_SOURCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FLAGGED_PER_SOURCE+x} ]; then sed -i "s/; default_setting_flagged_per_source=.*/default_setting_flagged_per_source=${CYPHT_DEFAULT_SETTING_FLAGGED_PER_SOURCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FLAGGED_SINCE+x} ]; then sed -i "s/; default_setting_flagged_since=.*/default_setting_flagged_since=${CYPHT_DEFAULT_SETTING_FLAGGED_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_SINCE+x} ]; then sed -i "s/; default_setting_unread_since=.*/default_setting_unread_since=${CYPHT_DEFAULT_SETTING_UNREAD_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_TIMEZONE+x} ]; then sed -i "s/; default_setting_timezone=.*/default_setting_timezone=${CYPHT_DEFAULT_SETTING_TIMEZONE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_LIST_STYLE+x} ]; then sed -i "s/; default_setting_list_style=.*/default_setting_list_style=${CYPHT_DEFAULT_SETTING_LIST_STYLE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_LANGUAGE+x} ]; then sed -i "s/; default_setting_language=.*/default_setting_language=${CYPHT_DEFAULT_SETTING_LANGUAGE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS+x} ]; then sed -i "s/; default_setting_unread_exclude_feeds=.*/default_setting_unread_exclude_feeds=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FEED_LIMIT+x} ]; then sed -i "s/; default_setting_feed_limit=.*/default_setting_feed_limit=${CYPHT_DEFAULT_SETTING_FEED_LIMIT}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FEED_SINCE+x} ]; then sed -i "s/; default_setting_feed_since=.*/default_setting_feed_since=${CYPHT_DEFAULT_SETTING_FEED_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SMTP_COMPOSE_TYPE+x} ]; then sed -i "s/; default_setting_smtp_compose_type=.*/default_setting_smtp_compose_type=${CYPHT_DEFAULT_SETTING_SMTP_COMPOSE_TYPE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SMTP_AUTO_BCC+x} ]; then sed -i "s/; default_setting_smtp_auto_bcc=.*/default_setting_smtp_auto_bcc=${CYPHT_DEFAULT_SETTING_SMTP_AUTO_BCC}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_THEME+x} ]; then sed -i "s/; default_setting_theme=.*/default_setting_theme=${CYPHT_DEFAULT_SETTING_THEME}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS+x} ]; then sed -i "s/; default_setting_unread_exclude_wordpress=.*/default_setting_unread_exclude_wordpress=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_WORDPRESS_SINCE+x} ]; then sed -i "s/; default_setting_wordpress_since=.*/default_setting_wordpress_since=${CYPHT_DEFAULT_SETTING_WORDPRESS_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB+x} ]; then sed -i "s/; default_setting_unread_exclude_github=.*/default_setting_unread_exclude_github=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_GITHUB_LIMIT+x} ]; then sed -i "s/; default_setting_github_limit=.*/default_setting_github_limit=${CYPHT_DEFAULT_SETTING_GITHUB_LIMIT}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_GITHUB_SINCE+x} ]; then sed -i "s/; default_setting_github_since=.*/default_setting_github_since=${CYPHT_DEFAULT_SETTING_GITHUB_SINCE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_INLINE_MESSAGE+x} ]; then sed -i "s/; default_setting_inline_message=.*/default_setting_inline_message=${CYPHT_DEFAULT_SETTING_INLINE_MESSAGE}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS+x} ]; then sed -i "s/; default_setting_enable_keyboard_shortcuts=.*/default_setting_enable_keyboard_shortcuts=${CYPHT_DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS}/" config.ini; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ENABLE_SIEVE_FILTER+x} ]; then sed -i "s/; default_setting_enable_sieve_filter=.*/default_setting_enable_sieve_filter=${CYPHT_DEFAULT_SETTING_ENABLE_SIEVE_FILTER}/" config.ini; fi + + +# +# Wait for database to be ready then setup tables for sessions, authentication, and settings as needed +# +session_type=$(sed -n 's/session_type=//p' ${CYPHT_CONFIG_FILE}) +auth_type=$(sed -n 's/auth_type=//p' ${CYPHT_CONFIG_FILE}) +user_config_type=$(sed -n 's/user_config_type=//p' ${CYPHT_CONFIG_FILE}) +db_host=$(sed -n 's/db_host=//p' ${CYPHT_CONFIG_FILE}) +db_name=$(sed -n 's/db_name=//p' ${CYPHT_CONFIG_FILE}) +db_user=$(sed -n 's/db_user=//p' ${CYPHT_CONFIG_FILE}) +db_pass=$(sed -n 's/db_pass=//p' ${CYPHT_CONFIG_FILE}) +db_driver=$(sed -n 's/db_driver=//p' ${CYPHT_CONFIG_FILE}) +if [ "${session_type}" = "DB" ] || [ "${auth_type}" = "DB" ] || [ "${user_config_type}" = "DB" ] +then + sed -i "s/CYPHT_SESSION_TYPE/${session_type}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_AUTH_TYPE/${auth_type}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_USER_CONFIG_TYPE/${user_config_type}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_HOST/${db_host}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_NAME/${db_name}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_USER/${db_user}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_PASS/${db_pass}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_DRIVER/${db_driver}/" /tmp/cypht_setup_database.php + php /tmp/cypht_setup_database.php +fi + +# +# Additional tasks based on the newly-configured settings +# + +# Settings Location - create directory if config type is "file" +user_config_type=$(sed -n 's/user_config_type=//p' ${CYPHT_CONFIG_FILE}) +user_settings_dir=$(sed -n 's/user_settings_dir=//p' ${CYPHT_CONFIG_FILE}) +if [ "${user_config_type}" = "file" ] +then + mkdir -p ${user_settings_dir} + chown www-data:www-data ${user_settings_dir} +fi + +# Attachment Location - create directory +attachment_dir=$(sed -n 's/attachment_dir=//p' ${CYPHT_CONFIG_FILE}) +mkdir -p ${attachment_dir} +chown www-data:www-data ${attachment_dir} + +# Change /var/lib/nginx owner from root to www-data to avoid "permission denied" error. +chown -R www-data:www-data /var/lib/nginx + +# Application Data Location - create directory +app_data_dir=$(sed -n 's/app_data_dir=//p' ${CYPHT_CONFIG_FILE}) +mkdir -p ${app_data_dir} +chown www-data:www-data ${app_data_dir} + +# +# Generate the run-time configuration +# +cd /usr/local/share/cypht +php ./scripts/config_gen.php + +# +# Enable the program in the web-server +# +rm -r /var/www +ln -s /usr/local/share/cypht/site /var/www + +# +# Create user account in database (or change password if user already exists) +# +php ./scripts/create_account.php ${CYPHT_AUTH_USERNAME} ${CYPHT_AUTH_PASSWORD} +#OR maybe run the following if the user already exists... +#php ./scripts/update_password.php ${CYPHT_AUTH_USERNAME} ${CYPHT_AUTH_PASSWORD} + +# +# Close out tasks +# + +# now that we're definitely done writing configuration, let's clear out the relevant environment variables (so that stray "phpinfo()" calls don't leak secrets from our code) +#for e in "${envs[@]}"; do +# unset "$e" +#done + +# Start supervisord and services +/usr/bin/supervisord -c /etc/supervisord.conf + +exec "$@" diff --git a/docker/nginx.conf b/docker/nginx.conf new file mode 100644 index 0000000000..de3598e963 --- /dev/null +++ b/docker/nginx.conf @@ -0,0 +1,40 @@ +user www-data; +worker_processes 4; +pid /run/nginx.pid; +events { + worker_connections 768; +} +http { + sendfile off; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + include /etc/nginx/mime.types; + default_type application/octet-stream; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE + ssl_prefer_server_ciphers on; + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + gzip on; + gzip_disable "msie6"; + server { + listen 80; + server_name localhost; + index index.php; + root /var/www; + client_max_body_size 60M; + location / { + try_files $uri /index.php$is_args$args; + } + location ~ \.php { + try_files $uri =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_index index.php; + fastcgi_pass 127.0.0.1:9000; + } + } +} diff --git a/docker/supervisord.conf b/docker/supervisord.conf new file mode 100644 index 0000000000..b479d609a1 --- /dev/null +++ b/docker/supervisord.conf @@ -0,0 +1,22 @@ +[supervisord] +nodaemon=true +logfile=/var/log/supervisord.log +pidfile=/var/run/supervisord.pid + +[program:nginx] +command=/usr/sbin/nginx -g "daemon off;" +autostart=true +autorestart=true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm] +command=php-fpm +autostart=true +autorestart=true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 From 87195551face39ecb1bb246770d6a28b6e62f370 Mon Sep 17 00:00:00 2001 From: Jono Date: Sun, 28 Apr 2024 09:21:09 -0700 Subject: [PATCH 02/31] Add some TODO notes --- docker-compose.yaml | 3 +++ docker/Dockerfile | 16 ++++++++-------- docker/cypht_setup_database.php | 8 ++++++++ docker/docker-entrypoint.sh | 21 ++++++++++++--------- 4 files changed, 31 insertions(+), 17 deletions(-) mode change 100644 => 100755 docker/cypht_setup_database.php mode change 100644 => 100755 docker/docker-entrypoint.sh diff --git a/docker-compose.yaml b/docker-compose.yaml index d487262041..fa9c18c6f9 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -18,6 +18,7 @@ services: dockerfile: ./docker/Dockerfile volumes: - ./cypht/users:/var/lib/hm3/users + # TODO: add health check here ports: - "80:80" environment: @@ -29,3 +30,5 @@ services: - CYPHT_DB_USER=cypht - CYPHT_DB_PASS=cypht_password - CYPHT_SESSION_TYPE=db + + # TODO: add memcache and redis to this sample diff --git a/docker/Dockerfile b/docker/Dockerfile index bb91aa15fe..5578488b28 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -4,6 +4,7 @@ FROM php:7.4.33-fpm-alpine # WORKDIR "/var/www" +# TODO: change this to /app for simplification WORKDIR "/usr/local/share/cypht" RUN set -e \ @@ -45,23 +46,22 @@ RUN set -e \ COPY docker/nginx.conf /etc/nginx/nginx.conf COPY docker/supervisord.conf /etc/supervisord.conf -COPY docker/docker-entrypoint.sh /usr/local/bin/ -COPY docker/cypht_setup_database.php /tmp/cypht_setup_database.php +# COPY docker/docker-entrypoint.sh /usr/local/bin/ +# COPY docker/cypht_setup_database.php /tmp/cypht_setup_database.php RUN set -ex \ && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log \ - && chmod 700 /tmp/cypht_setup_database.php \ - && chmod +x /usr/local/bin/docker-entrypoint.sh + && ln -sf /dev/stderr /var/log/nginx/error.log +# && chmod 700 docker/cypht_setup_database.php +# && chmod +x /usr/local/bin/docker-entrypoint.sh COPY composer.* . -RUN composer update \ - && composer install +RUN composer update && composer install COPY . . COPY .env.example .env EXPOSE 80 443 -ENTRYPOINT ["docker-entrypoint.sh"] +ENTRYPOINT ["docker/docker-entrypoint.sh"] diff --git a/docker/cypht_setup_database.php b/docker/cypht_setup_database.php old mode 100644 new mode 100755 index 94a1f240b4..7e36692c6c --- a/docker/cypht_setup_database.php +++ b/docker/cypht_setup_database.php @@ -1,10 +1,15 @@ exec($stmt); } @@ -31,6 +37,7 @@ } elseif ($db_driver == 'pgsql') { $stmt = "CREATE TABLE IF NOT EXISTS hm_user (username varchar(255) primary key not null, hash varchar(255));"; } + // TODO: sqlite command printf("Creating database table hm_user ...\n"); $conn->exec($stmt); } @@ -40,6 +47,7 @@ } elseif ($db_driver == 'pgsql') { $stmt = "CREATE TABLE IF NOT EXISTS hm_user_settings (username varchar(250) primary key not null, settings text);"; } + // TODO: sqlite command printf("Creating database table hm_user_settings ...\n"); $conn->exec($stmt); } diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh old mode 100644 new mode 100755 index b5f9900830..2464e9b8fe --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -2,6 +2,9 @@ CYPHT_CONFIG_FILE=/usr/local/share/cypht/hm3.ini +# TODO: move to /app/scripts/setup_database.php +DB_SETUP_SCRIPT=/usr/local/share/cypht/docker/cypht_setup_database.php + # # Update ini file based on environment variables (only if the specific environment variable is set) # @@ -162,15 +165,15 @@ db_pass=$(sed -n 's/db_pass=//p' ${CYPHT_CONFIG_FILE}) db_driver=$(sed -n 's/db_driver=//p' ${CYPHT_CONFIG_FILE}) if [ "${session_type}" = "DB" ] || [ "${auth_type}" = "DB" ] || [ "${user_config_type}" = "DB" ] then - sed -i "s/CYPHT_SESSION_TYPE/${session_type}/" /tmp/cypht_setup_database.php - sed -i "s/CYPHT_AUTH_TYPE/${auth_type}/" /tmp/cypht_setup_database.php - sed -i "s/CYPHT_USER_CONFIG_TYPE/${user_config_type}/" /tmp/cypht_setup_database.php - sed -i "s/CYPHT_DB_HOST/${db_host}/" /tmp/cypht_setup_database.php - sed -i "s/CYPHT_DB_NAME/${db_name}/" /tmp/cypht_setup_database.php - sed -i "s/CYPHT_DB_USER/${db_user}/" /tmp/cypht_setup_database.php - sed -i "s/CYPHT_DB_PASS/${db_pass}/" /tmp/cypht_setup_database.php - sed -i "s/CYPHT_DB_DRIVER/${db_driver}/" /tmp/cypht_setup_database.php - php /tmp/cypht_setup_database.php + sed -i "s/CYPHT_SESSION_TYPE/${session_type}/" ${DB_SETUP_SCRIPT} + sed -i "s/CYPHT_AUTH_TYPE/${auth_type}/" ${DB_SETUP_SCRIPT} + sed -i "s/CYPHT_USER_CONFIG_TYPE/${user_config_type}/" ${DB_SETUP_SCRIPT} + sed -i "s/CYPHT_DB_HOST/${db_host}/" ${DB_SETUP_SCRIPT} + sed -i "s/CYPHT_DB_NAME/${db_name}/" ${DB_SETUP_SCRIPT} + sed -i "s/CYPHT_DB_USER/${db_user}/" ${DB_SETUP_SCRIPT} + sed -i "s/CYPHT_DB_PASS/${db_pass}/" ${DB_SETUP_SCRIPT} + sed -i "s/CYPHT_DB_DRIVER/${db_driver}/" ${DB_SETUP_SCRIPT} + php ${DB_SETUP_SCRIPT} fi # From 3330548b9fa3dc8c1593b834efecb51051350be3 Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 3 May 2024 16:54:48 -0700 Subject: [PATCH 03/31] Working on db setup script --- .dockerignore | 1 + .gitignore | 4 +- docker-compose.yaml | 22 ++-- docker/Dockerfile | 45 ++----- docker/cypht_setup_database.php | 53 --------- docker/docker-entrypoint.sh | 203 ++++++-------------------------- scripts/create_account.php | 6 +- scripts/setup_database.php | 95 +++++++++++++++ 8 files changed, 161 insertions(+), 268 deletions(-) create mode 100644 .dockerignore delete mode 100755 docker/cypht_setup_database.php create mode 100755 scripts/setup_database.php diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000000..94898ee634 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +/db/ \ No newline at end of file diff --git a/.gitignore b/.gitignore index cd0afc66c9..1c74dff928 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,5 @@ /config/dynamic.php -/config/app.php +/config/app.php # TODO: this should not be here?? /site.js /site.css /site/ @@ -9,6 +9,8 @@ /tests/selenium/remote_creds.py *.pyc /.env +/.env.* +!.env.example apigen4.sh testuser.txt website/docs diff --git a/docker-compose.yaml b/docker-compose.yaml index fa9c18c6f9..e2de2b60dd 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -12,7 +12,6 @@ services: - MYSQL_USER=cypht - MYSQL_PASSWORD=cypht_password cypht: - # image: sailfrog/cypht-docker:latest build: context: . dockerfile: ./docker/Dockerfile @@ -22,13 +21,16 @@ services: ports: - "80:80" environment: - - CYPHT_AUTH_USERNAME=admin - - CYPHT_AUTH_PASSWORD=admin_password - - CYPHT_DB_CONNECTION_TYPE=host - - CYPHT_DB_HOST=db - - CYPHT_DB_NAME=cypht - - CYPHT_DB_USER=cypht - - CYPHT_DB_PASS=cypht_password - - CYPHT_SESSION_TYPE=db + - AUTH_USERNAME=admin + - AUTH_PASSWORD=admin # TODO: does this make sense for IMAP auth? + - DB_CONNECTION_TYPE=socket + - DB_HOST=DB + - DB_NAME=cypht + - DB_USER=cypht + - DB_PASS=cypht_password + - DB_DRIVER=sqlite + - DB_SOCKET=/tmp/cypht_1.sqlite # TODO: move to ./db ? + - SESSION_TYPE=DB + - USER_CONFIG_TYPE=DB - # TODO: add memcache and redis to this sample + # TODO: add memcache and redis to this sample, or disable it via env vars diff --git a/docker/Dockerfile b/docker/Dockerfile index 5578488b28..8f222de85b 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -4,60 +4,35 @@ FROM php:7.4.33-fpm-alpine # WORKDIR "/var/www" -# TODO: change this to /app for simplification +# TODO: change this to /app for simplification? WORKDIR "/usr/local/share/cypht" RUN set -e \ && apk add --no-cache \ - supervisor \ - nginx \ - composer \ + supervisor nginx composer sqlite \ # GD freetype libpng libjpeg-turbo \ php-session php-fileinfo php-dom php-xml libxml2-dev php-xmlwriter php-tokenizer \ && apk add --no-cache --virtual .build-deps \ ca-certificates \ - # wget \ - # unzip \ # For GD (2fa module) libpng-dev libjpeg-turbo-dev freetype-dev \ && docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/ \ && docker-php-ext-install gd pdo pdo_mysql \ - # && mkdir ${CYPHT_DEST} \ - # && cd ${CYPHT_DEST} \ - # && mkdir /tmp/cypht-temp \ - # && cd /tmp/cypht-temp \ - # && wget https://github.com/cypht-org/cypht/archive/master.zip \ - # && unzip master.zip \ - # && cp cypht-master/hm3.sample.ini cypht-master/hm3.ini \ - # && find . -type d -print | xargs chmod 755 \ - # && find . -type f -print | xargs chmod 644 \ - # && chown -R root:root cypht-master \ - # && mv cypht-master/* ${CYPHT_DEST} \ - # && cd /tmp \ - # && rm -rf cypht-temp \ - # && apk del .build-deps \ - # && cd ${CYPHT_DEST} \ - # && composer update \ - # && composer self-update --2 \ - # && composer install \ + && apk del .build-deps \ && echo "post_max_size = 60M" >> /usr/local/etc/php/php.ini \ - && echo "upload_max_filesize = 50M" >> /usr/local/etc/php/php.ini - -COPY docker/nginx.conf /etc/nginx/nginx.conf -COPY docker/supervisord.conf /etc/supervisord.conf -# COPY docker/docker-entrypoint.sh /usr/local/bin/ -# COPY docker/cypht_setup_database.php /tmp/cypht_setup_database.php - -RUN set -ex \ + && echo "upload_max_filesize = 50M" >> /usr/local/etc/php/php.ini \ && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log -# && chmod 700 docker/cypht_setup_database.php -# && chmod +x /usr/local/bin/docker-entrypoint.sh + # TODO: can we pipe php-fpm messages to stdout here? +COPY docker/nginx.conf /etc/nginx/nginx.conf +COPY docker/supervisord.conf /etc/supervisord.conf COPY composer.* . -RUN composer update && composer install +# TODO: probably dont want to run update here since it modifies composer.lock +RUN composer update && composer self-update --2 && composer install +# RUN composer install COPY . . COPY .env.example .env diff --git a/docker/cypht_setup_database.php b/docker/cypht_setup_database.php deleted file mode 100755 index 7e36692c6c..0000000000 --- a/docker/cypht_setup_database.php +++ /dev/null @@ -1,53 +0,0 @@ -setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - printf("Database connection successful ...\n"); - $connected = true; - } catch(PDOException $e){ - error_log('Waiting for database connection ... (' . $e->getMessage() . ')'); - sleep(1); - } -} -if ($session_type == 'DB') { - if ($db_driver == 'mysql') { - $stmt = "CREATE TABLE IF NOT EXISTS hm_user_session (hm_id varchar(250), data longblob, date timestamp, primary key (hm_id));"; - } elseif ($db_driver == 'pgsql') { - $stmt = "CREATE TABLE IF NOT EXISTS hm_user_session (hm_id varchar(250) primary key not null, data text, date timestamp);"; - } - // TODO: sqlite command - printf("Creating database table hm_user_session ...\n"); - $conn->exec($stmt); -} -if ($auth_type == 'DB') { - if ($db_driver == 'mysql') { - $stmt = "CREATE TABLE IF NOT EXISTS hm_user (username varchar(250), hash varchar(250), primary key (username));"; - } elseif ($db_driver == 'pgsql') { - $stmt = "CREATE TABLE IF NOT EXISTS hm_user (username varchar(255) primary key not null, hash varchar(255));"; - } - // TODO: sqlite command - printf("Creating database table hm_user ...\n"); - $conn->exec($stmt); -} -if ($user_config_type == 'DB') { - if ($db_driver == 'mysql') { - $stmt = "CREATE TABLE IF NOT EXISTS hm_user_settings(username varchar(250), settings longblob, primary key (username));"; - } elseif ($db_driver == 'pgsql') { - $stmt = "CREATE TABLE IF NOT EXISTS hm_user_settings (username varchar(250) primary key not null, settings text);"; - } - // TODO: sqlite command - printf("Creating database table hm_user_settings ...\n"); - $conn->exec($stmt); -} diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 2464e9b8fe..24164eaf10 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -1,68 +1,13 @@ -#!/bin/sh +#!/usr/bin/env sh -CYPHT_CONFIG_FILE=/usr/local/share/cypht/hm3.ini +# set -e -# TODO: move to /app/scripts/setup_database.php -DB_SETUP_SCRIPT=/usr/local/share/cypht/docker/cypht_setup_database.php +APP_DIR=/usr/local/share/cypht +# CYPHT_CONFIG_FILE=${APP_DIR}/hm3.ini -# -# Update ini file based on environment variables (only if the specific environment variable is set) -# -# General Settings -if [ ! -z ${CYPHT_SESSION_TYPE+x} ]; then sed -i "s/session_type=.*/session_type=${CYPHT_SESSION_TYPE}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_AUTH_TYPE+x} ]; then sed -i "s/auth_type=.*/auth_type=${CYPHT_AUTH_TYPE}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_LDAP_AUTH_SERVER+x} ]; then sed -i "s/ldap_auth_server=.*/ldap_auth_server=${CYPHT_LDAP_AUTH_SERVER}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_LDAP_AUTH_PORT+x} ]; then sed -i "s/ldap_auth_port=.*/ldap_auth_port=${CYPHT_LDAP_AUTH_PORT}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_LDAP_AUTH_TLS+x} ]; then sed -i "s/ldap_auth_tls=.*/ldap_auth_tls=${CYPHT_LDAP_AUTH_TLS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_LDAP_AUTH_BASE_DN+x} ]; then sed -i "s/ldap_auth_base_dn=.*/ldap_auth_base_dn=${CYPHT_LDAP_AUTH_BASE_DN}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_IMAP_AUTH_NAME+x} ]; then sed -i "s/imap_auth_name=.*/imap_auth_name=${CYPHT_IMAP_AUTH_NAME}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_IMAP_AUTH_SERVER+x} ]; then sed -i "s/imap_auth_server=.*/imap_auth_server=${CYPHT_IMAP_AUTH_SERVER}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_IMAP_AUTH_PORT+x} ]; then sed -i "s/imap_auth_port=.*/imap_auth_port=${CYPHT_IMAP_AUTH_PORT}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_IMAP_AUTH_TLS+x} ]; then sed -i "s/imap_auth_tls=.*/imap_auth_tls=${CYPHT_IMAP_AUTH_TLS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DEFAULT_SMTP_NAME+x} ]; then sed -i "s/default_smtp_name=.*/default_smtp_name=${CYPHT_DEFAULT_SMTP_NAME}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DEFAULT_SMTP_SERVER+x} ]; then sed -i "s/default_smtp_server=.*/default_smtp_server=${CYPHT_DEFAULT_SMTP_SERVER}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DEFAULT_SMTP_PORT+x} ]; then sed -i "s/default_smtp_port=.*/default_smtp_port=${CYPHT_DEFAULT_SMTP_PORT}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DEFAULT_SMTP_TLS+x} ]; then sed -i "s/default_smtp_tls=.*/default_smtp_tls=${CYPHT_DEFAULT_SMTP_TLS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DEFAULT_SMTP_NO_AUTH+x} ]; then sed -i "s/default_smtp_no_auth=.*/default_smtp_no_auth=${CYPHT_DEFAULT_SMTP_NO_AUTH}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_USER_CONFIG_TYPE+x} ]; then sed -i "s/user_config_type=.*/user_config_type=${CYPHT_USER_CONFIG_TYPE}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_USER_SETTINGS_DIR+x} ]; then sed -i "s!user_settings_dir=.*!user_settings_dir=${CYPHT_USER_SETTINGS_DIR}!" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_ATTACHMENT_DIR+x} ]; then sed -i "s/attachment_dir=.*/attachment_dir=${CYPHT_ATTACHMENT_DIR}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_APP_DATA_DIR+x} ]; then sed -i "s/app_data_dir=.*/app_data_dir=${CYPHT_APP_DATA_DIR}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DISABLE_ORIGIN_CHECK+x} ]; then sed -i "s/disable_origin_check=.*/disable_origin_check=${CYPHT_DISABLE_ORIGIN_CHECK}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_ADMIN_USERS+x} ]; then sed -i "s/admin_users=.*/admin_users=${CYPHT_ADMIN_USERS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_COOKIE_DOMAIN+x} ]; then sed -i "s/cookie_domain=.*/cookie_domain=${CYPHT_COOKIE_DOMAIN}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DEFAULT_EMAIL_DOMAIN+x} ]; then sed -i "s/default_email_domain=.*/default_email_domain=${CYPHT_DEFAULT_EMAIL_DOMAIN}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_REDIRECT_AFTER_LOGIN+x} ]; then sed -i "s/redirect_after_login=.*/redirect_after_login=${CYPHT_REDIRECT_AFTER_LOGIN}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_APP_NAME+x} ]; then sed -i "s/app_name=.*/app_name=${CYPHT_APP_NAME}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DEFAULT_LANGUAGE+x} ]; then sed -i "s/default_language=.*/default_language=${CYPHT_DEFAULT_LANGUAGE}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_JS_COMPRESS+x} ]; then sed -i "s/js_compress=.*/js_compress=${CYPHT_JS_COMPRESS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_CSS_COMPRESS+x} ]; then sed -i "s/css_compress=.*/css_compress=${CYPHT_CSS_COMPRESS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_ENABLE_MEMCACHED+x} ]; then sed -i "s/enable_memcached=.*/enable_memcached=${CYPHT_ENABLE_MEMCACHED}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_MEMCACHED_SERVER+x} ]; then sed -i "s/memcached_server=.*/memcached_server=${CYPHT_MEMCACHED_SERVER}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_MEMCACHED_PORT+x} ]; then sed -i "s/memcached_port=.*/memcached_port=${CYPHT_MEMCACHED_PORT}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_MEMCACHED_AUTH+x} ]; then sed -i "s/memcached_auth=.*/memcached_auth=${CYPHT_MEMCACHED_AUTH}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_MEMCACHED_USER+x} ]; then sed -i "s/memcached_user=.*/memcached_user=${CYPHT_MEMCACHED_USER}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_MEMCACHED_PASS+x} ]; then sed -i "s/memcached_pass=.*/memcached_pass=${CYPHT_MEMCACHED_PASS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_ALLOW_LONG_SESSION+x} ]; then sed -i "s/allow_long_session=.*/allow_long_session=${CYPHT_ALLOW_LONG_SESSION}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_LONG_SESSION_LIFETIME+x} ]; then sed -i "s/long_session_lifetime=.*/long_session_lifetime=${CYPHT_LONG_SESSION_LIFETIME}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_ENCRYPT_AJAX_REQUESTS+x} ]; then sed -i "s/encrypt_ajax_requests=.*/encrypt_ajax_requests=${CYPHT_ENCRYPT_AJAX_REQUESTS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_ENCRYPT_LOCAL_STORAGE+x} ]; then sed -i "s/encrypt_local_storage=.*/encrypt_local_storage=${CYPHT_ENCRYPT_LOCAL_STORAGE}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DISABLE_IP_CHECK+x} ]; then sed -i "s/disable_ip_check=.*/disable_ip_check=${CYPHT_DISABLE_IP_CHECK}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_ALLOW_EXTERNAL_IMAGE_SOURCES+x} ]; then sed -i "s/allow_external_image_sources=.*/allow_external_image_sources=${CYPHT_ALLOW_EXTERNAL_IMAGE_SOURCES}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_SINGLE_SERVER_MODE+x} ]; then sed -i "s/single_server_mode=.*/single_server_mode=${CYPHT_SINGLE_SERVER_MODE}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DISABLE_EMPTY_SUPERGLOBALS+x} ]; then sed -i "s/disable_empty_superglobals=.*/disable_empty_superglobals=${CYPHT_DISABLE_EMPTY_SUPERGLOBALS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DISABLE_OPEN_BASEDIR+x} ]; then sed -i "s/disable_open_basedir=.*/disable_open_basedir=${CYPHT_DISABLE_OPEN_BASEDIR}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DISABLE_INI_SETTINGS+x} ]; then sed -i "s/disable_ini_settings=.*/disable_ini_settings=${CYPHT_DISABLE_INI_SETTINGS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DISABLE_FINGERPRINT+x} ]; then sed -i "s/disable_fingerprint=.*/disable_fingerprint=${CYPHT_DISABLE_FINGERPRINT}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DB_CONNECTION_TYPE+x} ]; then sed -i "s/db_connection_type=.*/db_connection_type=${CYPHT_DB_CONNECTION_TYPE}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DB_HOST+x} ]; then sed -i "s/db_host=.*/db_host=${CYPHT_DB_HOST}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DB_SOCKET+x} ]; then sed -i "s/db_socket=.*/db_socket=${CYPHT_DB_SOCKET}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DB_NAME+x} ]; then sed -i "s/db_name=.*/db_name=${CYPHT_DB_NAME}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DB_USER+x} ]; then sed -i "s/db_user=.*/db_user=${CYPHT_DB_USER}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DB_PASS+x} ]; then sed -i "s/db_pass=.*/db_pass=${CYPHT_DB_PASS}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_DB_DRIVER+x} ]; then sed -i "s/db_driver=.*/db_driver=${CYPHT_DB_DRIVER}/" ${CYPHT_CONFIG_FILE}; fi -if [ ! -z ${CYPHT_API_LOGIN_KEY+x} ]; then sed -i "s/api_login_key=.*/api_login_key=${CYPHT_API_LOGIN_KEY}/" ${CYPHT_CONFIG_FILE}; fi +# TODO: validate env var values here + # Modules @@ -80,144 +25,68 @@ enable_disable_module() { fi } -if [ ! -z ${CYPHT_MODULE_CORE+x} ]; then enable_disable_module core ${CYPHT_MODULE_CORE}; fi -if [ ! -z ${CYPHT_MODULE_CONTACTS+x} ]; then enable_disable_module contacts ${CYPHT_MODULE_CONTACTS}; fi -if [ ! -z ${CYPHT_MODULE_LOCAL_CONTACTS+x} ]; then enable_disable_module local_contacts ${CYPHT_MODULE_LOCAL_CONTACTS}; fi -if [ ! -z ${CYPHT_MODULE_LDAP_CONTACTS+x} ]; then enable_disable_module ldap_contacts ${CYPHT_MODULE_LDAP_CONTACTS}; fi -if [ ! -z ${CYPHT_MODULE_GMAIL_CONTACTS+x} ]; then enable_disable_module gmail_contacts ${CYPHT_MODULE_GMAIL_CONTACTS}; fi -if [ ! -z ${CYPHT_MODULE_FEEDS+x} ]; then enable_disable_module feeds ${CYPHT_MODULE_FEEDS}; fi -if [ ! -z ${CYPHT_MODULE_IMAP+x} ]; then enable_disable_module imap ${CYPHT_MODULE_IMAP}; fi -if [ ! -z ${CYPHT_MODULE_2FA+x} ]; then enable_disable_module 2fa ${CYPHT_MODULE_2FA}; fi -if [ ! -z ${CYPHT_MODULE_SMTP+x} ]; then enable_disable_module smtp ${CYPHT_MODULE_SMTP}; fi -if [ ! -z ${CYPHT_MODULE_ACCOUNT+x} ]; then enable_disable_module account ${CYPHT_MODULE_ACCOUNT}; fi -if [ ! -z ${CYPHT_MODULE_IDLE_TIMER+x} ]; then enable_disable_module idle_timer ${CYPHT_MODULE_IDLE_TIMER}; fi -if [ ! -z ${CYPHT_MODULE_CALENDAR+x} ]; then enable_disable_module calendar ${CYPHT_MODULE_CALENDAR}; fi -if [ ! -z ${CYPHT_MODULE_THEMES+x} ]; then enable_disable_module themes ${CYPHT_MODULE_THEMES}; fi -if [ ! -z ${CYPHT_MODULE_NUX+x} ]; then enable_disable_module nux ${CYPHT_MODULE_NUX}; fi -if [ ! -z ${CYPHT_MODULE_DEVELOPER+x} ]; then enable_disable_module developer ${CYPHT_MODULE_DEVELOPER}; fi -if [ ! -z ${CYPHT_MODULE_GITHUB+x} ]; then enable_disable_module github ${CYPHT_MODULE_GITHUB}; fi -if [ ! -z ${CYPHT_MODULE_RECAPTCHA+x} ]; then enable_disable_module recaptcha ${CYPHT_MODULE_RECAPTCHA}; fi -if [ ! -z ${CYPHT_MODULE_WORDPRESS+x} ]; then enable_disable_module wordpress ${CYPHT_MODULE_WORDPRESS}; fi -if [ ! -z ${CYPHT_MODULE_HISTORY+x} ]; then enable_disable_module history ${CYPHT_MODULE_HISTORY}; fi -if [ ! -z ${CYPHT_MODULE_SAVED_SEARCHES+x} ]; then enable_disable_module saved_searches ${CYPHT_MODULE_SAVED_SEARCHES}; fi -if [ ! -z ${CYPHT_MODULE_NASA+x} ]; then enable_disable_module nasa ${CYPHT_MODULE_NASA}; fi -if [ ! -z ${CYPHT_MODULE_PROFILES+x} ]; then enable_disable_module profiles ${CYPHT_MODULE_PROFILES}; fi -if [ ! -z ${CYPHT_MODULE_INLINE_MESSAGE+x} ]; then enable_disable_module inline_message ${CYPHT_MODULE_INLINE_MESSAGE}; fi -if [ ! -z ${CYPHT_MODULE_IMAP_FOLDERS+x} ]; then enable_disable_module imap_folders ${CYPHT_MODULE_IMAP_FOLDERS}; fi -if [ ! -z ${CYPHT_MODULE_KEYBOARD_SHORTCUTS+x} ]; then enable_disable_module keyboard_shortcuts ${CYPHT_MODULE_KEYBOARD_SHORTCUTS}; fi -if [ ! -z ${CYPHT_MODULE_SIEVEFILTERS+x} ]; then enable_disable_module sievefilters ${CYPHT_MODULE_SIEVEFILTERS}; fi -if [ ! -z ${CYPHT_MODULE_SITE+x} ]; then enable_disable_module site ${CYPHT_MODULE_SITE}; fi -if [ ! -z ${CYPHT_MODULE_DYNAMIC_LOGIN+x} ]; then enable_disable_module dynamic_login ${CYPHT_MODULE_DYNAMIC_LOGIN}; fi -if [ ! -z ${CYPHT_MODULE_API_LOGIN+x} ]; then enable_disable_module api_login ${CYPHT_MODULE_API_LOGIN}; fi -if [ ! -z ${CYPHT_MODULE_RECOVER_SETTINGS+x} ]; then enable_disable_module recover_settings ${CYPHT_MODULE_RECOVER_SETTINGS}; fi -if [ ! -z ${CYPHT_MODULE_HELLO_WORLD+x} ]; then enable_disable_module hello_world ${CYPHT_MODULE_HELLO_WORLD}; fi -if [ ! -z ${CYPHT_MODULE_DESKTOP_NOTIFICATIONS+x} ]; then enable_disable_module desktop_notifications ${CYPHT_MODULE_DESKTOP_NOTIFICATIONS}; fi - -# Defaults -if [ ! -z ${CYPHT_DEFAULT_SETTING_NO_PASSWORD_SAVE+x} ]; then sed -i "s/; default_setting_no_password_save=.*/default_setting_no_password_save=${CYPHT_DEFAULT_SETTING_NO_PASSWORD_SAVE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_IMAP_PER_PAGE+x} ]; then sed -i "s/; default_setting_imap_per_page=.*/default_setting_imap_per_page=${CYPHT_DEFAULT_SETTING_IMAP_PER_PAGE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_SIMPLE_MSG_PARTS+x} ]; then sed -i "s/; default_setting_simple_msg_parts=.*/default_setting_simple_msg_parts=${CYPHT_DEFAULT_SETTING_SIMPLE_MSG_PARTS}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_MSG_PART_ICONS+x} ]; then sed -i "s/; default_setting_msg_part_icons=.*/default_setting_msg_part_icons=${CYPHT_DEFAULT_SETTING_MSG_PART_ICONS}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_TEXT_ONLY+x} ]; then sed -i "s/; default_setting_text_only=.*/default_setting_text_only=${CYPHT_DEFAULT_SETTING_TEXT_ONLY}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_SENT_PER_SOURCE+x} ]; then sed -i "s/; default_setting_sent_per_source=.*/default_setting_sent_per_source=${CYPHT_DEFAULT_SETTING_SENT_PER_SOURCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_SENT_SINCE+x} ]; then sed -i "s/; default_setting_sent_since=.*/default_setting_sent_since=${CYPHT_DEFAULT_SETTING_SENT_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_SHOW_LIST_ICONS+x} ]; then sed -i "s/; default_setting_show_list_icons=.*/default_setting_show_list_icons=${CYPHT_DEFAULT_SETTING_SHOW_LIST_ICONS}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_START_PAGE+x} ]; then sed -i "s/; default_setting_start_page=.*/default_setting_start_page=${CYPHT_DEFAULT_SETTING_START_PAGE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_DISABLE_DELETE_PROMPT+x} ]; then sed -i "s/; default_setting_disable_delete_prompt=.*/default_setting_disable_delete_prompt=${CYPHT_DEFAULT_SETTING_DISABLE_DELETE_PROMPT}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_NO_FOLDER_ICONS+x} ]; then sed -i "s/; default_setting_no_folder_icons=.*/default_setting_no_folder_icons=${CYPHT_DEFAULT_SETTING_NO_FOLDER_ICONS}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE+x} ]; then sed -i "s/; default_setting_all_email_per_source=.*/default_setting_all_email_per_source=${CYPHT_DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_EMAIL_SINCE+x} ]; then sed -i "s/; default_setting_all_email_since=.*/default_setting_all_email_since=${CYPHT_DEFAULT_SETTING_ALL_EMAIL_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_SINCE+x} ]; then sed -i "s/; default_setting_all_since=.*/default_setting_all_since=${CYPHT_DEFAULT_SETTING_ALL_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_PER_SOURCE+x} ]; then sed -i "s/; default_setting_all_per_source=.*/default_setting_all_per_source=${CYPHT_DEFAULT_SETTING_ALL_PER_SOURCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_PER_SOURCE+x} ]; then sed -i "s/; default_setting_unread_per_source=.*/default_setting_unread_per_source=${CYPHT_DEFAULT_SETTING_UNREAD_PER_SOURCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_FLAGGED_PER_SOURCE+x} ]; then sed -i "s/; default_setting_flagged_per_source=.*/default_setting_flagged_per_source=${CYPHT_DEFAULT_SETTING_FLAGGED_PER_SOURCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_FLAGGED_SINCE+x} ]; then sed -i "s/; default_setting_flagged_since=.*/default_setting_flagged_since=${CYPHT_DEFAULT_SETTING_FLAGGED_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_SINCE+x} ]; then sed -i "s/; default_setting_unread_since=.*/default_setting_unread_since=${CYPHT_DEFAULT_SETTING_UNREAD_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_TIMEZONE+x} ]; then sed -i "s/; default_setting_timezone=.*/default_setting_timezone=${CYPHT_DEFAULT_SETTING_TIMEZONE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_LIST_STYLE+x} ]; then sed -i "s/; default_setting_list_style=.*/default_setting_list_style=${CYPHT_DEFAULT_SETTING_LIST_STYLE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_LANGUAGE+x} ]; then sed -i "s/; default_setting_language=.*/default_setting_language=${CYPHT_DEFAULT_SETTING_LANGUAGE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS+x} ]; then sed -i "s/; default_setting_unread_exclude_feeds=.*/default_setting_unread_exclude_feeds=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_FEED_LIMIT+x} ]; then sed -i "s/; default_setting_feed_limit=.*/default_setting_feed_limit=${CYPHT_DEFAULT_SETTING_FEED_LIMIT}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_FEED_SINCE+x} ]; then sed -i "s/; default_setting_feed_since=.*/default_setting_feed_since=${CYPHT_DEFAULT_SETTING_FEED_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_SMTP_COMPOSE_TYPE+x} ]; then sed -i "s/; default_setting_smtp_compose_type=.*/default_setting_smtp_compose_type=${CYPHT_DEFAULT_SETTING_SMTP_COMPOSE_TYPE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_SMTP_AUTO_BCC+x} ]; then sed -i "s/; default_setting_smtp_auto_bcc=.*/default_setting_smtp_auto_bcc=${CYPHT_DEFAULT_SETTING_SMTP_AUTO_BCC}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_THEME+x} ]; then sed -i "s/; default_setting_theme=.*/default_setting_theme=${CYPHT_DEFAULT_SETTING_THEME}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS+x} ]; then sed -i "s/; default_setting_unread_exclude_wordpress=.*/default_setting_unread_exclude_wordpress=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_WORDPRESS_SINCE+x} ]; then sed -i "s/; default_setting_wordpress_since=.*/default_setting_wordpress_since=${CYPHT_DEFAULT_SETTING_WORDPRESS_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB+x} ]; then sed -i "s/; default_setting_unread_exclude_github=.*/default_setting_unread_exclude_github=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_GITHUB_LIMIT+x} ]; then sed -i "s/; default_setting_github_limit=.*/default_setting_github_limit=${CYPHT_DEFAULT_SETTING_GITHUB_LIMIT}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_GITHUB_SINCE+x} ]; then sed -i "s/; default_setting_github_since=.*/default_setting_github_since=${CYPHT_DEFAULT_SETTING_GITHUB_SINCE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_INLINE_MESSAGE+x} ]; then sed -i "s/; default_setting_inline_message=.*/default_setting_inline_message=${CYPHT_DEFAULT_SETTING_INLINE_MESSAGE}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS+x} ]; then sed -i "s/; default_setting_enable_keyboard_shortcuts=.*/default_setting_enable_keyboard_shortcuts=${CYPHT_DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS}/" config.ini; fi -if [ ! -z ${CYPHT_DEFAULT_SETTING_ENABLE_SIEVE_FILTER+x} ]; then sed -i "s/; default_setting_enable_sieve_filter=.*/default_setting_enable_sieve_filter=${CYPHT_DEFAULT_SETTING_ENABLE_SIEVE_FILTER}/" config.ini; fi +# if [ ! -z ${CYPHT_MODULE_CORE+x} ]; then enable_disable_module core ${CYPHT_MODULE_CORE}; fi +# if [ ! -z ${CYPHT_MODULE_CONTACTS+x} ]; then enable_disable_module contacts ${CYPHT_MODULE_CONTACTS}; fi +# if [ ! -z ${CYPHT_MODULE_LOCAL_CONTACTS+x} ]; then enable_disable_module local_contacts ${CYPHT_MODULE_LOCAL_CONTACTS}; fi +# if [ ! -z ${CYPHT_MODULE_LDAP_CONTACTS+x} ]; then enable_disable_module ldap_contacts ${CYPHT_MODULE_LDAP_CONTACTS}; fi -# # Wait for database to be ready then setup tables for sessions, authentication, and settings as needed -# -session_type=$(sed -n 's/session_type=//p' ${CYPHT_CONFIG_FILE}) -auth_type=$(sed -n 's/auth_type=//p' ${CYPHT_CONFIG_FILE}) -user_config_type=$(sed -n 's/user_config_type=//p' ${CYPHT_CONFIG_FILE}) -db_host=$(sed -n 's/db_host=//p' ${CYPHT_CONFIG_FILE}) -db_name=$(sed -n 's/db_name=//p' ${CYPHT_CONFIG_FILE}) -db_user=$(sed -n 's/db_user=//p' ${CYPHT_CONFIG_FILE}) -db_pass=$(sed -n 's/db_pass=//p' ${CYPHT_CONFIG_FILE}) -db_driver=$(sed -n 's/db_driver=//p' ${CYPHT_CONFIG_FILE}) -if [ "${session_type}" = "DB" ] || [ "${auth_type}" = "DB" ] || [ "${user_config_type}" = "DB" ] -then - sed -i "s/CYPHT_SESSION_TYPE/${session_type}/" ${DB_SETUP_SCRIPT} - sed -i "s/CYPHT_AUTH_TYPE/${auth_type}/" ${DB_SETUP_SCRIPT} - sed -i "s/CYPHT_USER_CONFIG_TYPE/${user_config_type}/" ${DB_SETUP_SCRIPT} - sed -i "s/CYPHT_DB_HOST/${db_host}/" ${DB_SETUP_SCRIPT} - sed -i "s/CYPHT_DB_NAME/${db_name}/" ${DB_SETUP_SCRIPT} - sed -i "s/CYPHT_DB_USER/${db_user}/" ${DB_SETUP_SCRIPT} - sed -i "s/CYPHT_DB_PASS/${db_pass}/" ${DB_SETUP_SCRIPT} - sed -i "s/CYPHT_DB_DRIVER/${db_driver}/" ${DB_SETUP_SCRIPT} - php ${DB_SETUP_SCRIPT} -fi +${APP_DIR}/scripts/setup_database.php # # Additional tasks based on the newly-configured settings # +# TODO: source these defaults from an .env file or some other place? +USER_CONFIG_TYPE="${USER_CONFIG_TYPE:-file}" +USER_SETTINGS_DIR="${USER_SETTINGS_DIR:-/var/lib/hm3/users}" +ATTACHMENT_DIR="${ATTACHMENT_DIR:-/var/lib/hm3/attachments}" +APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" +# AUTH_USERNAME="${AUTH_USERNAME:-admin}" +# AUTH_PASSWORD="${AUTH_PASSWORD:-admin}" + + # Settings Location - create directory if config type is "file" -user_config_type=$(sed -n 's/user_config_type=//p' ${CYPHT_CONFIG_FILE}) -user_settings_dir=$(sed -n 's/user_settings_dir=//p' ${CYPHT_CONFIG_FILE}) -if [ "${user_config_type}" = "file" ] +if [ "${USER_CONFIG_TYPE}" = "file" ] then - mkdir -p ${user_settings_dir} - chown www-data:www-data ${user_settings_dir} + mkdir -p ${USER_SETTINGS_DIR} + chown www-data:www-data ${USER_SETTINGS_DIR} fi # Attachment Location - create directory -attachment_dir=$(sed -n 's/attachment_dir=//p' ${CYPHT_CONFIG_FILE}) -mkdir -p ${attachment_dir} -chown www-data:www-data ${attachment_dir} +mkdir -p ${ATTACHMENT_DIR} +chown www-data:www-data ${ATTACHMENT_DIR} # Change /var/lib/nginx owner from root to www-data to avoid "permission denied" error. chown -R www-data:www-data /var/lib/nginx # Application Data Location - create directory -app_data_dir=$(sed -n 's/app_data_dir=//p' ${CYPHT_CONFIG_FILE}) -mkdir -p ${app_data_dir} -chown www-data:www-data ${app_data_dir} +mkdir -p ${APP_DATA_DIR} +chown www-data:www-data ${APP_DATA_DIR} # # Generate the run-time configuration # -cd /usr/local/share/cypht +cd $APP_DIR php ./scripts/config_gen.php # # Enable the program in the web-server # rm -r /var/www -ln -s /usr/local/share/cypht/site /var/www +ln -s ${APP_DIR}/site /var/www # # Create user account in database (or change password if user already exists) # -php ./scripts/create_account.php ${CYPHT_AUTH_USERNAME} ${CYPHT_AUTH_PASSWORD} + +# TODO: only do this if the 3 vars are set + +if [ "${USER_CONFIG_TYPE}" = "DB" ] +then + php ./scripts/create_account.php ${AUTH_USERNAME} ${AUTH_PASSWORD} +fi #OR maybe run the following if the user already exists... #php ./scripts/update_password.php ${CYPHT_AUTH_USERNAME} ${CYPHT_AUTH_PASSWORD} diff --git a/scripts/create_account.php b/scripts/create_account.php index 74c64d4a0d..edb532df8e 100644 --- a/scripts/create_account.php +++ b/scripts/create_account.php @@ -35,7 +35,8 @@ /* check config for db auth */ if ($config->get('auth_type') != 'DB') { - die("Incorrect usage\n\nThis script only works if DB auth is enabled in your site configuration\n\n"); + print("Incorrect usage\n\nThis script only works if DB auth is enabled in your site configuration\n\n"); + exit(1); } $auth = new Hm_Auth_DB($config); @@ -46,6 +47,7 @@ else { print_r(Hm_Debug::get()); print_r(Hm_Msgs::get()); - die("An error occured when creating user '" . $user . "'\n\n"); + print("An error occured when creating user '" . $user . "'\n\n"); + exit(2); # TODO: since php cant die with an error code ?? } } diff --git a/scripts/setup_database.php b/scripts/setup_database.php new file mode 100755 index 0000000000..b41fc6fe45 --- /dev/null +++ b/scripts/setup_database.php @@ -0,0 +1,95 @@ +#!/usr/bin/env php + +setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + printf("Database connection successful ...\n"); + printf("{$db_driver}:host={$db_host};dbname={$db_name}\n"); + $connected = true; + } catch(PDOException $e){ + error_log('Waiting for database connection ... (' . $e->getMessage() . ')'); + sleep(1); + } +} +print("Connected\n"); +if (strcasecmp($session_type,'DB')==0) { + printf("Creating database table hm_user_session ...\n"); + + if ($db_driver == 'mysql' || $db_driver == 'sqlite') { + $stmt = "{$create_table} hm_user_session (hm_id varchar(255), data longblob, date timestamp, primary key (hm_id));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "{$create_table} hm_user_session (hm_id varchar(255) primary key not null, data text, date timestamp);"; + } else { + die($bad_driver); + } + + $conn->exec($stmt); +} +if (strcasecmp($auth_type, 'DB')==0) { + + printf("Creating database table hm_user ...\n"); + + if ($db_driver == 'mysql' || $db_driver == 'sqlite') { + $stmt = "{$create_table} hm_user (username varchar(255), hash varchar(255), primary key (username));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "{$create_table} hm_user (username varchar(255) primary key not null, hash varchar(255));"; + } else { + die($bad_driver); + } + + try { + // TODO: figure out why this is not working for sqlite + $rows = $conn->exec($stmt); + printf($stmt); + printf("\nrows updated: {$rows}\n"); + } catch (PDOException $e) { + print($e); + exit (1); + } + +} +if (strcasecmp($user_config_type, 'DB')==0) { + + printf("Creating database table hm_user_settings ...\n"); + + if ($db_driver == 'mysql' || $db_driver == 'sqlite') { + $stmt = "{$create_table} hm_user_settings(username varchar(255), settings longblob, primary key (username));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "{$create_table} hm_user_settings (username varchar(255) primary key not null, settings text);"; + } else { + die($bad_driver); + } + + $conn->exec($stmt); +} + +print("Db setup finished"); From 6efb14de74f2d2c728313511845b1556bc4d3385 Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 3 May 2024 21:50:05 -0700 Subject: [PATCH 04/31] User creating with sqlite working --- docker/docker-entrypoint.sh | 5 ++++- scripts/setup_database.php | 11 +++++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 24164eaf10..20dd42fb30 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -1,6 +1,6 @@ #!/usr/bin/env sh -# set -e +set -e APP_DIR=/usr/local/share/cypht # CYPHT_CONFIG_FILE=${APP_DIR}/hm3.ini @@ -11,6 +11,8 @@ APP_DIR=/usr/local/share/cypht # Modules +# TODO: deal with modules + enable_disable_module() { local module=${1} local setting=${2} @@ -55,6 +57,7 @@ then fi # Attachment Location - create directory +echo "\nCreating director for attachment location: ${ATTACHMENT_DIR}\n" mkdir -p ${ATTACHMENT_DIR} chown www-data:www-data ${ATTACHMENT_DIR} diff --git a/scripts/setup_database.php b/scripts/setup_database.php index b41fc6fe45..caffaede3d 100755 --- a/scripts/setup_database.php +++ b/scripts/setup_database.php @@ -17,6 +17,7 @@ $db_pass = getenv('DB_PASS'); $db_driver = getenv('DB_DRIVER') ?: 'mysql'; $db_host = getenv('DB_HOST') ?: '127.0.0.1'; +$db_socket = getenv('DB_SOCKET', '/tmp/temp_cypht.sqlite'); $connected = false; $create_table = "CREATE TABLE IF NOT EXISTS"; @@ -31,6 +32,12 @@ print("Not connected\n"); try { $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); + + if ($db_driver == 'sqlite') { + // TODO: password protect sqlite? + $conn = new pdo("{$db_driver}:{$db_socket}"); + } + $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); printf("Database connection successful ...\n"); printf("{$db_driver}:host={$db_host};dbname={$db_name}\n"); @@ -41,6 +48,7 @@ } } print("Connected\n"); + if (strcasecmp($session_type,'DB')==0) { printf("Creating database table hm_user_session ...\n"); @@ -70,7 +78,6 @@ // TODO: figure out why this is not working for sqlite $rows = $conn->exec($stmt); printf($stmt); - printf("\nrows updated: {$rows}\n"); } catch (PDOException $e) { print($e); exit (1); @@ -92,4 +99,4 @@ $conn->exec($stmt); } -print("Db setup finished"); +print("Db setup finished\n"); From b6a2a84ce90efc8918c402703665d16d0f70f589 Mon Sep 17 00:00:00 2001 From: Jono Date: Sun, 5 May 2024 09:14:23 -0700 Subject: [PATCH 05/31] Better error handling when creating user --- docker-compose.yaml | 17 +++++++-- docker/docker-entrypoint.sh | 2 +- docker/nginx.conf | 1 + lib/auth.php | 1 + lib/db.php | 1 + scripts/create_account.php | 26 +++++++------ scripts/setup_database.php | 72 ++++++++++++++++++++++-------------- scripts/setup_directories.sh | 44 ++++++++++++++++++++++ 8 files changed, 121 insertions(+), 43 deletions(-) create mode 100755 scripts/setup_directories.sh diff --git a/docker-compose.yaml b/docker-compose.yaml index e2de2b60dd..32f50ec4b6 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -23,14 +23,23 @@ services: environment: - AUTH_USERNAME=admin - AUTH_PASSWORD=admin # TODO: does this make sense for IMAP auth? - - DB_CONNECTION_TYPE=socket - - DB_HOST=DB + # - DB_CONNECTION_TYPE=socket + # - DB_NAME=cypht + # - DB_USER=cypht + # - DB_PASS=cypht_password + # - DB_DRIVER=sqlite + # - DB_SOCKET=/tmp/cypht_1.sqlite # TODO: move to ./db ? + # - SESSION_TYPE=DB + # - USER_CONFIG_TYPE=DB + - DB_CONNECTION_TYPE=host + - DB_HOST=db - DB_NAME=cypht - DB_USER=cypht - DB_PASS=cypht_password - - DB_DRIVER=sqlite - - DB_SOCKET=/tmp/cypht_1.sqlite # TODO: move to ./db ? + - DB_DRIVER=mysql + # - DB_SOCKET=/tmp/cypht_1.sqlite # TODO: move to ./db ? - SESSION_TYPE=DB - USER_CONFIG_TYPE=DB + # TODO: add memcache and redis to this sample, or disable it via env vars diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 20dd42fb30..90e5c39750 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -57,7 +57,7 @@ then fi # Attachment Location - create directory -echo "\nCreating director for attachment location: ${ATTACHMENT_DIR}\n" +echo "Creating directory for attachment location: ${ATTACHMENT_DIR}" mkdir -p ${ATTACHMENT_DIR} chown www-data:www-data ${ATTACHMENT_DIR} diff --git a/docker/nginx.conf b/docker/nginx.conf index de3598e963..9d47587f1b 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -33,6 +33,7 @@ http { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; + # fastcgi_param PHP_ADMIN_VALUE "..."; # TODO: redirect logging here? fastcgi_index index.php; fastcgi_pass 127.0.0.1:9000; } diff --git a/lib/auth.php b/lib/auth.php index cf3512eb02..7feefe399f 100644 --- a/lib/auth.php +++ b/lib/auth.php @@ -132,6 +132,7 @@ public function create($user, $pass) { $result = 0; $res = Hm_DB::execute($this->dbh, 'select username from hm_user where username = ?', [$user]); if (!empty($res)) { + print("user {$user} already exists"); $result = 1; } else { diff --git a/lib/db.php b/lib/db.php index 3dc7a3ea23..3cda761953 100644 --- a/lib/db.php +++ b/lib/db.php @@ -139,6 +139,7 @@ static public function connect($site_config) { try { self::$dbh[$key] = new PDO($dsn, self::$config['db_user'], self::$config['db_pass']); self::$dbh[$key]->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); + self::$dbh[$key]->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); Hm_Debug::add(sprintf('Connecting to dsn: %s', $dsn)); return self::$dbh[$key]; } catch (Exception $oops) { diff --git a/scripts/create_account.php b/scripts/create_account.php index edb532df8e..d97e2e0d15 100644 --- a/scripts/create_account.php +++ b/scripts/create_account.php @@ -40,14 +40,18 @@ } $auth = new Hm_Auth_DB($config); -if ($user && $pass) { - if ($auth->create($user, $pass) === 2) { - die("User '" . $user . "' created\n\n"); - } - else { - print_r(Hm_Debug::get()); - print_r(Hm_Msgs::get()); - print("An error occured when creating user '" . $user . "'\n\n"); - exit(2); # TODO: since php cant die with an error code ?? - } -} + +print("Creating user {$user}\n"); +$auth->create($user, $pass); + +// if ($user && $pass) { +// if ($auth->create($user, $pass) === 2) { +// die("User '" . $user . "' created\n\n"); +// } +// else { +// print_r(Hm_Debug::get()); +// print_r(Hm_Msgs::get()); +// print("An error occured when creating user '" . $user . "'\n\n"); +// exit(2); # TODO: since php cant die with an error code ?? +// } +// } diff --git a/scripts/setup_database.php b/scripts/setup_database.php index caffaede3d..a2a37e029b 100755 --- a/scripts/setup_database.php +++ b/scripts/setup_database.php @@ -1,23 +1,38 @@ #!/usr/bin/env php get('session_type'); +$auth_type = $config->get('auth_type'); +$user_config_type = $config->get('user_config_type'); +$db_driver = $config->get('db_driver'); +$db_name = $config->get('db_name'); +$db_user = $config->get('db_user'); +$db_pass = $config->get('db_pass'); +$db_driver = $config->get('db_driver'); +$db_host = $config->get('db_host'); +$db_socket = $config->get('db_socket'); $connected = false; $create_table = "CREATE TABLE IF NOT EXISTS"; @@ -29,27 +44,30 @@ print("session_type={$session_type} auth_type={$auth_type} user_config_type={$user_config_type} db_driver={$db_driver}\n"); while (!$connected) { - print("Not connected\n"); + print("Attempting to connect to database ...\n"); try { - $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); + $conn = Hm_DB::connect($config); + // $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); if ($db_driver == 'sqlite') { - // TODO: password protect sqlite? + // TODO: sqlite should be handled by connection. not manually done here. $conn = new pdo("{$db_driver}:{$db_socket}"); + $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } - $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + if ($conn !== false) { printf("Database connection successful ...\n"); - printf("{$db_driver}:host={$db_host};dbname={$db_name}\n"); - $connected = true; + $connected = true; + } else { + sleep(1); + } } catch(PDOException $e){ error_log('Waiting for database connection ... (' . $e->getMessage() . ')'); sleep(1); } } -print("Connected\n"); -if (strcasecmp($session_type,'DB')==0) { +if (strcasecmp($session_type, 'DB')==0) { printf("Creating database table hm_user_session ...\n"); if ($db_driver == 'mysql' || $db_driver == 'sqlite') { @@ -77,7 +95,7 @@ try { // TODO: figure out why this is not working for sqlite $rows = $conn->exec($stmt); - printf($stmt); + printf("{$stmt}\n"); } catch (PDOException $e) { print($e); exit (1); @@ -99,4 +117,4 @@ $conn->exec($stmt); } -print("Db setup finished\n"); +print("\nDb setup finished\n"); diff --git a/scripts/setup_directories.sh b/scripts/setup_directories.sh new file mode 100755 index 0000000000..4b35077182 --- /dev/null +++ b/scripts/setup_directories.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env sh + +set -e + + +# TODO: source these defaults from an .env file or some other place? +USER_CONFIG_TYPE="${USER_CONFIG_TYPE:-file}" +USER_SETTINGS_DIR="${USER_SETTINGS_DIR:-/var/lib/hm3/users}" +ATTACHMENT_DIR="${ATTACHMENT_DIR:-/var/lib/hm3/attachments}" +APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" +# AUTH_USERNAME="${AUTH_USERNAME:-admin}" +# AUTH_PASSWORD="${AUTH_PASSWORD:-admin}" + + +# Settings Location - create directory if config type is "file" +if [ "${USER_CONFIG_TYPE}" = "file" ] +then + mkdir -p ${USER_SETTINGS_DIR} + # chown www-data:www-data ${USER_SETTINGS_DIR} +fi + +# Attachment Location - create directory +echo "\nCreating director for attachment location: ${ATTACHMENT_DIR}\n" +mkdir -p ${ATTACHMENT_DIR} +# chown www-data:www-data ${ATTACHMENT_DIR} + +# Change /var/lib/nginx owner from root to www-data to avoid "permission denied" error. +# chown -R www-data:www-data /var/lib/nginx + +# Application Data Location - create directory +mkdir -p ${APP_DATA_DIR} +# chown www-data:www-data ${APP_DATA_DIR} + +# +# Generate the run-time configuration +# +cd $APP_DIR +php ./scripts/config_gen.php + +# +# Enable the program in the web-server +# +rm -r /var/www +ln -s ${APP_DIR}/site /var/www From 62c3a86045f80bacbe9748cd0d016c947fe9b17c Mon Sep 17 00:00:00 2001 From: Jono Date: Sun, 5 May 2024 23:06:40 -0700 Subject: [PATCH 06/31] Healthcheck. Makefile. setup_system script --- .gitignore | 1 + Makefile | 15 +++++++++++ docker-compose.yaml | 4 +-- docker/Dockerfile | 4 +-- docker/docker-entrypoint.sh | 52 +++++------------------------------- lib/auth.php | 2 +- scripts/setup_directories.sh | 44 ------------------------------ scripts/setup_system.sh | 33 +++++++++++++++++++++++ 8 files changed, 60 insertions(+), 95 deletions(-) create mode 100644 Makefile delete mode 100755 scripts/setup_directories.sh create mode 100755 scripts/setup_system.sh diff --git a/.gitignore b/.gitignore index 1c74dff928..4c6b065eaf 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,4 @@ scripts/test.php composer.phar lib/hm3/users/ .env +/db/ diff --git a/Makefile b/Makefile new file mode 100644 index 0000000000..08ce82378c --- /dev/null +++ b/Makefile @@ -0,0 +1,15 @@ + +docker-up: ## start docker stack in foreground + docker compose up --build --abort-on-container-exit + +# TODO: add user +# start local? +# make local dirs +# setup local db +# run tests +# install local requirements + +# or evaluate go-task perhaps + +help: ## get help + @grep -E '^[a-zA-Z_-]+:.*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' diff --git a/docker-compose.yaml b/docker-compose.yaml index 32f50ec4b6..3d3ab1cfc0 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -17,12 +17,11 @@ services: dockerfile: ./docker/Dockerfile volumes: - ./cypht/users:/var/lib/hm3/users - # TODO: add health check here ports: - "80:80" environment: - AUTH_USERNAME=admin - - AUTH_PASSWORD=admin # TODO: does this make sense for IMAP auth? + - AUTH_PASSWORD=admin # - DB_CONNECTION_TYPE=socket # - DB_NAME=cypht # - DB_USER=cypht @@ -37,7 +36,6 @@ services: - DB_USER=cypht - DB_PASS=cypht_password - DB_DRIVER=mysql - # - DB_SOCKET=/tmp/cypht_1.sqlite # TODO: move to ./db ? - SESSION_TYPE=DB - USER_CONFIG_TYPE=DB diff --git a/docker/Dockerfile b/docker/Dockerfile index 8f222de85b..1a4d6a3c14 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -10,12 +10,10 @@ WORKDIR "/usr/local/share/cypht" RUN set -e \ && apk add --no-cache \ supervisor nginx composer sqlite \ - # GD freetype libpng libjpeg-turbo \ php-session php-fileinfo php-dom php-xml libxml2-dev php-xmlwriter php-tokenizer \ && apk add --no-cache --virtual .build-deps \ ca-certificates \ - # For GD (2fa module) libpng-dev libjpeg-turbo-dev freetype-dev \ && docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/ \ && docker-php-ext-install gd pdo pdo_mysql \ @@ -39,4 +37,6 @@ COPY .env.example .env EXPOSE 80 443 +HEALTHCHECK CMD curl --fail http://localhost || exit 1 + ENTRYPOINT ["docker/docker-entrypoint.sh"] diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 90e5c39750..6eec02ae69 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -3,39 +3,17 @@ set -e APP_DIR=/usr/local/share/cypht -# CYPHT_CONFIG_FILE=${APP_DIR}/hm3.ini -# TODO: validate env var values here +# TODO: validate env var values here, perhaps in php -# Modules - -# TODO: deal with modules - -enable_disable_module() { - local module=${1} - local setting=${2} - # For some reason, "(; )?" isn't working but ";\{0,1\} \{0,1\}" does the same thing - if [ ${setting} = enable ] - then - sed -i "s/^;\{0,1\} \{0,1\}modules\[\]=${module}/modules[]=${module}/" ${CYPHT_CONFIG_FILE} - if [ ${module} = api_login ]; then sed -i "s/;\{0,1\} \{0,1\}api_login_key=/api_login_key=/" ${CYPHT_CONFIG_FILE}; fi - else - sed -i "s/^;\{0,1\} \{0,1\}modules\[\]=${module}/; modules[]=${module}/" ${CYPHT_CONFIG_FILE} - if [ ${module} = api_login ]; then sed -i "s/;\{0,1\} \{0,1\}api_login_key=/; api_login_key=/" ${CYPHT_CONFIG_FILE}; fi - fi -} - -# if [ ! -z ${CYPHT_MODULE_CORE+x} ]; then enable_disable_module core ${CYPHT_MODULE_CORE}; fi -# if [ ! -z ${CYPHT_MODULE_CONTACTS+x} ]; then enable_disable_module contacts ${CYPHT_MODULE_CONTACTS}; fi -# if [ ! -z ${CYPHT_MODULE_LOCAL_CONTACTS+x} ]; then enable_disable_module local_contacts ${CYPHT_MODULE_LOCAL_CONTACTS}; fi -# if [ ! -z ${CYPHT_MODULE_LDAP_CONTACTS+x} ]; then enable_disable_module ldap_contacts ${CYPHT_MODULE_LDAP_CONTACTS}; fi - # Wait for database to be ready then setup tables for sessions, authentication, and settings as needed ${APP_DIR}/scripts/setup_database.php +${APP_DIR}/scripts/setup_system.sh + # # Additional tasks based on the newly-configured settings # @@ -45,30 +23,18 @@ USER_CONFIG_TYPE="${USER_CONFIG_TYPE:-file}" USER_SETTINGS_DIR="${USER_SETTINGS_DIR:-/var/lib/hm3/users}" ATTACHMENT_DIR="${ATTACHMENT_DIR:-/var/lib/hm3/attachments}" APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" -# AUTH_USERNAME="${AUTH_USERNAME:-admin}" -# AUTH_PASSWORD="${AUTH_PASSWORD:-admin}" -# Settings Location - create directory if config type is "file" if [ "${USER_CONFIG_TYPE}" = "file" ] then - mkdir -p ${USER_SETTINGS_DIR} chown www-data:www-data ${USER_SETTINGS_DIR} fi -# Attachment Location - create directory -echo "Creating directory for attachment location: ${ATTACHMENT_DIR}" -mkdir -p ${ATTACHMENT_DIR} chown www-data:www-data ${ATTACHMENT_DIR} - -# Change /var/lib/nginx owner from root to www-data to avoid "permission denied" error. chown -R www-data:www-data /var/lib/nginx - -# Application Data Location - create directory -mkdir -p ${APP_DATA_DIR} chown www-data:www-data ${APP_DATA_DIR} -# + # Generate the run-time configuration # cd $APP_DIR @@ -80,18 +46,14 @@ php ./scripts/config_gen.php rm -r /var/www ln -s ${APP_DIR}/site /var/www -# -# Create user account in database (or change password if user already exists) -# -# TODO: only do this if the 3 vars are set +# TODO: should a user be created if USER_CONFIG_TYPE=file ? -if [ "${USER_CONFIG_TYPE}" = "DB" ] +if [[ "${USER_CONFIG_TYPE}" = "DB" && -n "${AUTH_USERNAME}" ]] then php ./scripts/create_account.php ${AUTH_USERNAME} ${AUTH_PASSWORD} fi -#OR maybe run the following if the user already exists... -#php ./scripts/update_password.php ${CYPHT_AUTH_USERNAME} ${CYPHT_AUTH_PASSWORD} + # # Close out tasks diff --git a/lib/auth.php b/lib/auth.php index 7feefe399f..f6f8df346b 100644 --- a/lib/auth.php +++ b/lib/auth.php @@ -132,7 +132,7 @@ public function create($user, $pass) { $result = 0; $res = Hm_DB::execute($this->dbh, 'select username from hm_user where username = ?', [$user]); if (!empty($res)) { - print("user {$user} already exists"); + print("user {$user} already exists\n"); $result = 1; } else { diff --git a/scripts/setup_directories.sh b/scripts/setup_directories.sh deleted file mode 100755 index 4b35077182..0000000000 --- a/scripts/setup_directories.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/env sh - -set -e - - -# TODO: source these defaults from an .env file or some other place? -USER_CONFIG_TYPE="${USER_CONFIG_TYPE:-file}" -USER_SETTINGS_DIR="${USER_SETTINGS_DIR:-/var/lib/hm3/users}" -ATTACHMENT_DIR="${ATTACHMENT_DIR:-/var/lib/hm3/attachments}" -APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" -# AUTH_USERNAME="${AUTH_USERNAME:-admin}" -# AUTH_PASSWORD="${AUTH_PASSWORD:-admin}" - - -# Settings Location - create directory if config type is "file" -if [ "${USER_CONFIG_TYPE}" = "file" ] -then - mkdir -p ${USER_SETTINGS_DIR} - # chown www-data:www-data ${USER_SETTINGS_DIR} -fi - -# Attachment Location - create directory -echo "\nCreating director for attachment location: ${ATTACHMENT_DIR}\n" -mkdir -p ${ATTACHMENT_DIR} -# chown www-data:www-data ${ATTACHMENT_DIR} - -# Change /var/lib/nginx owner from root to www-data to avoid "permission denied" error. -# chown -R www-data:www-data /var/lib/nginx - -# Application Data Location - create directory -mkdir -p ${APP_DATA_DIR} -# chown www-data:www-data ${APP_DATA_DIR} - -# -# Generate the run-time configuration -# -cd $APP_DIR -php ./scripts/config_gen.php - -# -# Enable the program in the web-server -# -rm -r /var/www -ln -s ${APP_DIR}/site /var/www diff --git a/scripts/setup_system.sh b/scripts/setup_system.sh new file mode 100755 index 0000000000..2e74c9d5f0 --- /dev/null +++ b/scripts/setup_system.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env sh + +# This script is for creating directories and generating the config + +set -e + +SCRIPT_DIR=$(dirname $(realpath "$0")) + +# TODO: source these defaults from an .env file or some other place? +USER_CONFIG_TYPE="${USER_CONFIG_TYPE:-file}" +USER_SETTINGS_DIR="${USER_SETTINGS_DIR:-/var/lib/hm3/users}" +ATTACHMENT_DIR="${ATTACHMENT_DIR:-/var/lib/hm3/attachments}" +APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" + + +if [ "${USER_CONFIG_TYPE}" = "file" ] +then + echo "Creating directory for settings ${USER_SETTINGS_DIR}" + mkdir -p ${USER_SETTINGS_DIR} +fi + +echo "Creating directory for attachments ${ATTACHMENT_DIR}" +mkdir -p ${ATTACHMENT_DIR} + +echo "Creating directory for application data ${APP_DATA_DIR}" +mkdir -p ${APP_DATA_DIR} + + +# TODO: move this here from docker-entrypoint. I think it depends on the module system? +# +# Generate the run-time configuration +# +# php ${SCRIPT_DIR}/../scripts/config_gen.php From 572290a9af373af0877ef0ba5eb63aa75ac88d0f Mon Sep 17 00:00:00 2001 From: Jono Date: Tue, 7 May 2024 06:40:23 -0700 Subject: [PATCH 07/31] entrypoint cleanup --- Makefile | 5 ++-- docker-compose.yaml | 1 + docker/Dockerfile | 10 ++----- docker/docker-entrypoint.sh | 57 ++++++++++--------------------------- scripts/setup_database.php | 18 ++---------- scripts/setup_system.sh | 11 +++++-- 6 files changed, 32 insertions(+), 70 deletions(-) diff --git a/Makefile b/Makefile index 08ce82378c..50b828d9cf 100644 --- a/Makefile +++ b/Makefile @@ -2,14 +2,15 @@ docker-up: ## start docker stack in foreground docker compose up --build --abort-on-container-exit -# TODO: add user +# TODO: make recipes or perhaps use go-task? +# add user # start local? # make local dirs # setup local db # run tests # install local requirements +# push production image -# or evaluate go-task perhaps help: ## get help @grep -E '^[a-zA-Z_-]+:.*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' diff --git a/docker-compose.yaml b/docker-compose.yaml index 3d3ab1cfc0..40f28411db 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -12,6 +12,7 @@ services: - MYSQL_USER=cypht - MYSQL_PASSWORD=cypht_password cypht: + # image: sailfrog/cypht-docker:latest build: context: . dockerfile: ./docker/Dockerfile diff --git a/docker/Dockerfile b/docker/Dockerfile index 1a4d6a3c14..2d6e698732 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,10 +1,5 @@ FROM php:7.4.33-fpm-alpine -# ENV CYPHT_DEST "/usr/local/share/cypht" - -# WORKDIR "/var/www" - -# TODO: change this to /app for simplification? WORKDIR "/usr/local/share/cypht" RUN set -e \ @@ -28,14 +23,13 @@ COPY docker/nginx.conf /etc/nginx/nginx.conf COPY docker/supervisord.conf /etc/supervisord.conf COPY composer.* . -# TODO: probably dont want to run update here since it modifies composer.lock +# TODO: probably dont want to run update here since it modifies composer.lock and its inconsistant with INSTALL RUN composer update && composer self-update --2 && composer install -# RUN composer install COPY . . COPY .env.example .env -EXPOSE 80 443 +EXPOSE 80 HEALTHCHECK CMD curl --fail http://localhost || exit 1 diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 6eec02ae69..cb6d7ca653 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -3,20 +3,9 @@ set -e APP_DIR=/usr/local/share/cypht +cd ${APP_DIR} - -# TODO: validate env var values here, perhaps in php - - - -# Wait for database to be ready then setup tables for sessions, authentication, and settings as needed -${APP_DIR}/scripts/setup_database.php - -${APP_DIR}/scripts/setup_system.sh - -# -# Additional tasks based on the newly-configured settings -# +# TODO: validate env var values here, perhaps in php or in Hm_Site_Config_File() # TODO: source these defaults from an .env file or some other place? USER_CONFIG_TYPE="${USER_CONFIG_TYPE:-file}" @@ -25,46 +14,30 @@ ATTACHMENT_DIR="${ATTACHMENT_DIR:-/var/lib/hm3/attachments}" APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" -if [ "${USER_CONFIG_TYPE}" = "file" ] -then - chown www-data:www-data ${USER_SETTINGS_DIR} -fi - -chown www-data:www-data ${ATTACHMENT_DIR} -chown -R www-data:www-data /var/lib/nginx -chown www-data:www-data ${APP_DATA_DIR} +# Wait for database to be ready then setup tables for sessions, authentication, and settings as needed +./scripts/setup_database.php +./scripts/setup_system.sh # Generate the run-time configuration -# -cd $APP_DIR php ./scripts/config_gen.php -# -# Enable the program in the web-server -# -rm -r /var/www -ln -s ${APP_DIR}/site /var/www +# Enable the program in the web-server -# TODO: should a user be created if USER_CONFIG_TYPE=file ? - -if [[ "${USER_CONFIG_TYPE}" = "DB" && -n "${AUTH_USERNAME}" ]] +if [ "${USER_CONFIG_TYPE}" = "file" ] then - php ./scripts/create_account.php ${AUTH_USERNAME} ${AUTH_PASSWORD} + chown www-data:www-data ${USER_SETTINGS_DIR} fi +chown www-data:www-data ${ATTACHMENT_DIR} +chown -R www-data:www-data /var/lib/nginx +chown www-data:www-data ${APP_DATA_DIR} -# -# Close out tasks -# - -# now that we're definitely done writing configuration, let's clear out the relevant environment variables (so that stray "phpinfo()" calls don't leak secrets from our code) -#for e in "${envs[@]}"; do -# unset "$e" -#done +rm -r /var/www +ln -s $(pwd)/site /var/www -# Start supervisord and services +# Start services /usr/bin/supervisord -c /etc/supervisord.conf -exec "$@" +# exec "$@" # TODO: what is this for? diff --git a/scripts/setup_database.php b/scripts/setup_database.php index a2a37e029b..d9238a9577 100755 --- a/scripts/setup_database.php +++ b/scripts/setup_database.php @@ -1,28 +1,15 @@ #!/usr/bin/env php get('session_type'); $auth_type = $config->get('auth_type'); $user_config_type = $config->get('user_config_type'); @@ -50,7 +37,7 @@ // $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); if ($db_driver == 'sqlite') { - // TODO: sqlite should be handled by connection. not manually done here. + // TODO: sqlite should be handled by connect(). not manually done here. $conn = new pdo("{$db_driver}:{$db_socket}"); $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } @@ -93,7 +80,6 @@ } try { - // TODO: figure out why this is not working for sqlite $rows = $conn->exec($stmt); printf("{$stmt}\n"); } catch (PDOException $e) { diff --git a/scripts/setup_system.sh b/scripts/setup_system.sh index 2e74c9d5f0..5ede9f807e 100755 --- a/scripts/setup_system.sh +++ b/scripts/setup_system.sh @@ -25,9 +25,16 @@ mkdir -p ${ATTACHMENT_DIR} echo "Creating directory for application data ${APP_DATA_DIR}" mkdir -p ${APP_DATA_DIR} +# TODO: should a user be created if USER_CONFIG_TYPE=file ? +if [[ "${USER_CONFIG_TYPE}" = "DB" && -n "${AUTH_USERNAME}" ]] +then + php ./scripts/create_account.php ${AUTH_USERNAME} ${AUTH_PASSWORD} +fi -# TODO: move this here from docker-entrypoint. I think it depends on the module system? -# + +# TODO: move this here from docker-entrypoint. I think it depends on the module system? works in docker, but not local +# # Generate the run-time configuration # # php ${SCRIPT_DIR}/../scripts/config_gen.php +# php ./scripts/config_gen.php From 58fb25cfc09064b1a2940ade3ed750c67cbd5d9b Mon Sep 17 00:00:00 2001 From: Jono Date: Tue, 7 May 2024 09:41:51 -0700 Subject: [PATCH 08/31] adding push and test to makefile --- Makefile | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 50b828d9cf..d27114f34f 100644 --- a/Makefile +++ b/Makefile @@ -1,15 +1,28 @@ +.PHONY: docker-up docker-up: ## start docker stack in foreground docker compose up --build --abort-on-container-exit +.PHONY: docker-push +.ONESHELL: +docker-push: ## build, tag, and push image to dockerhub. presumes you are logged in + username=$$(docker info | sed '/Username:/!d;s/.* //') + tag=latest # TODO: set from argument + docker buildx build . --platform linux/amd64 -t $${username}/cypht:$${tag} -f docker/Dockerfile --push + # TODO: build for arm architectures + +.PHONY: test-unit +test-unit: ## locally run the unit tests + cd tests/phpunit/ && phpunit && cd ../../ + # TODO: how are local tests supposed to run? + + # TODO: make recipes or perhaps use go-task? # add user # start local? # make local dirs # setup local db -# run tests # install local requirements -# push production image help: ## get help From 4bbf9695a369822389f101447cb821a9168a6f1f Mon Sep 17 00:00:00 2001 From: Jono Date: Tue, 7 May 2024 13:12:12 -0700 Subject: [PATCH 09/31] Move run time data into local data dir. --- .gitignore | 2 +- docker-compose.yaml | 13 ++++++------- docker/Dockerfile | 3 ++- docker/docker-entrypoint.sh | 6 ++---- 4 files changed, 11 insertions(+), 13 deletions(-) diff --git a/.gitignore b/.gitignore index 4c6b065eaf..1ce38fce70 100644 --- a/.gitignore +++ b/.gitignore @@ -27,4 +27,4 @@ scripts/test.php composer.phar lib/hm3/users/ .env -/db/ +/data/ diff --git a/docker-compose.yaml b/docker-compose.yaml index 40f28411db..923172c91d 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -5,7 +5,7 @@ services: ports: - "3306:3306" volumes: - - ./db:/var/lib/mysql + - ./data/db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=root_password - MYSQL_DATABASE=cypht @@ -13,24 +13,23 @@ services: - MYSQL_PASSWORD=cypht_password cypht: # image: sailfrog/cypht-docker:latest + # image: jonocodes/cypht:latest build: context: . dockerfile: ./docker/Dockerfile volumes: - - ./cypht/users:/var/lib/hm3/users + - ./data/users:/var/lib/hm3/users + - ./data/attachments:/var/lib/hm3/attachments + - ./data/app_data:/var/lib/hm3/app_data + - ./:/usr/local/share/cypht # allows live develompent in container ports: - "80:80" environment: - AUTH_USERNAME=admin - AUTH_PASSWORD=admin # - DB_CONNECTION_TYPE=socket - # - DB_NAME=cypht - # - DB_USER=cypht - # - DB_PASS=cypht_password # - DB_DRIVER=sqlite # - DB_SOCKET=/tmp/cypht_1.sqlite # TODO: move to ./db ? - # - SESSION_TYPE=DB - # - USER_CONFIG_TYPE=DB - DB_CONNECTION_TYPE=host - DB_HOST=db - DB_NAME=cypht diff --git a/docker/Dockerfile b/docker/Dockerfile index 2d6e698732..5473d1b30e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -12,6 +12,7 @@ RUN set -e \ libpng-dev libjpeg-turbo-dev freetype-dev \ && docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/ \ && docker-php-ext-install gd pdo pdo_mysql \ + && composer self-update --2 \ && apk del .build-deps \ && echo "post_max_size = 60M" >> /usr/local/etc/php/php.ini \ && echo "upload_max_filesize = 50M" >> /usr/local/etc/php/php.ini \ @@ -24,7 +25,7 @@ COPY docker/supervisord.conf /etc/supervisord.conf COPY composer.* . # TODO: probably dont want to run update here since it modifies composer.lock and its inconsistant with INSTALL -RUN composer update && composer self-update --2 && composer install +RUN composer update && composer install COPY . . COPY .env.example .env diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index cb6d7ca653..0289f08191 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -13,10 +13,10 @@ USER_SETTINGS_DIR="${USER_SETTINGS_DIR:-/var/lib/hm3/users}" ATTACHMENT_DIR="${ATTACHMENT_DIR:-/var/lib/hm3/attachments}" APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" - -# Wait for database to be ready then setup tables for sessions, authentication, and settings as needed +# Wait for database to be ready then setup tables ./scripts/setup_database.php +# Setup filesystem and users ./scripts/setup_system.sh # Generate the run-time configuration @@ -39,5 +39,3 @@ ln -s $(pwd)/site /var/www # Start services /usr/bin/supervisord -c /etc/supervisord.conf - -# exec "$@" # TODO: what is this for? From 562cc53e4af154546039953f0e6f200d71754e6f Mon Sep 17 00:00:00 2001 From: Jono Date: Tue, 7 May 2024 14:41:26 -0700 Subject: [PATCH 10/31] fpm logging is now working --- docker/Dockerfile | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 5473d1b30e..be45832f03 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -14,11 +14,14 @@ RUN set -e \ && docker-php-ext-install gd pdo pdo_mysql \ && composer self-update --2 \ && apk del .build-deps \ - && echo "post_max_size = 60M" >> /usr/local/etc/php/php.ini \ - && echo "upload_max_filesize = 50M" >> /usr/local/etc/php/php.ini \ && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - # TODO: can we pipe php-fpm messages to stdout here? + && ln -sf /dev/stderr /var/log/nginx/error.log \ + && ln -s /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini + +COPY < Date: Thu, 9 May 2024 22:15:53 -0700 Subject: [PATCH 11/31] fixed setup.php --- .dockerignore | 2 +- docker-compose.yaml | 10 ++++------ docker/docker-entrypoint.sh | 4 ---- lib/auth.php | 1 + modules/contacts/setup.php | 2 ++ scripts/create_account.php | 25 +++++++++++-------------- scripts/setup_database.php | 11 +++++------ scripts/setup_system.sh | 9 ++------- 8 files changed, 26 insertions(+), 38 deletions(-) diff --git a/.dockerignore b/.dockerignore index 94898ee634..5fac628525 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1 +1 @@ -/db/ \ No newline at end of file +/data/ \ No newline at end of file diff --git a/docker-compose.yaml b/docker-compose.yaml index 923172c91d..922c150752 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -5,7 +5,7 @@ services: ports: - "3306:3306" volumes: - - ./data/db:/var/lib/mysql + - ./data/mysql:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD=root_password - MYSQL_DATABASE=cypht @@ -21,6 +21,7 @@ services: - ./data/users:/var/lib/hm3/users - ./data/attachments:/var/lib/hm3/attachments - ./data/app_data:/var/lib/hm3/app_data + - ./data/sqlite:/var/lib/hm3/sqlite - ./:/usr/local/share/cypht # allows live develompent in container ports: - "80:80" @@ -29,15 +30,12 @@ services: - AUTH_PASSWORD=admin # - DB_CONNECTION_TYPE=socket # - DB_DRIVER=sqlite - # - DB_SOCKET=/tmp/cypht_1.sqlite # TODO: move to ./db ? + # - DB_SOCKET=/var/lib/hm3/sqlite/cypht.db - DB_CONNECTION_TYPE=host + - DB_DRIVER=mysql - DB_HOST=db - DB_NAME=cypht - DB_USER=cypht - DB_PASS=cypht_password - - DB_DRIVER=mysql - SESSION_TYPE=DB - USER_CONFIG_TYPE=DB - - - # TODO: add memcache and redis to this sample, or disable it via env vars diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 0289f08191..c938c1da01 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -19,10 +19,6 @@ APP_DATA_DIR="${APP_DATA_DIR:-/var/lib/hm3/app_data}" # Setup filesystem and users ./scripts/setup_system.sh -# Generate the run-time configuration -php ./scripts/config_gen.php - - # Enable the program in the web-server if [ "${USER_CONFIG_TYPE}" = "file" ] diff --git a/lib/auth.php b/lib/auth.php index f6f8df346b..308138a8fa 100644 --- a/lib/auth.php +++ b/lib/auth.php @@ -132,6 +132,7 @@ public function create($user, $pass) { $result = 0; $res = Hm_DB::execute($this->dbh, 'select username from hm_user where username = ?', [$user]); if (!empty($res)) { + // TODO: send this to 'debug' once I figure out how it works print("user {$user} already exists\n"); $result = 1; } diff --git a/modules/contacts/setup.php b/modules/contacts/setup.php index 0a00bf9f85..d4de9783e5 100644 --- a/modules/contacts/setup.php +++ b/modules/contacts/setup.php @@ -1,5 +1,7 @@ create($user, $pass); - -// if ($user && $pass) { -// if ($auth->create($user, $pass) === 2) { -// die("User '" . $user . "' created\n\n"); -// } -// else { -// print_r(Hm_Debug::get()); -// print_r(Hm_Msgs::get()); -// print("An error occured when creating user '" . $user . "'\n\n"); -// exit(2); # TODO: since php cant die with an error code ?? -// } -// } +if ($user && $pass) { + if ($auth->create($user, $pass) === 2) { + die("User '" . $user . "' created\n\n"); + } + else { + print_r(Hm_Debug::get()); + print_r(Hm_Msgs::get()); + print("An error occured when creating user '" . $user . "'\n\n"); + exit(2); # TODO: since php cant die with an error code ?? + } +} diff --git a/scripts/setup_database.php b/scripts/setup_database.php index d9238a9577..0e410bd660 100755 --- a/scripts/setup_database.php +++ b/scripts/setup_database.php @@ -17,7 +17,6 @@ $db_name = $config->get('db_name'); $db_user = $config->get('db_user'); $db_pass = $config->get('db_pass'); -$db_driver = $config->get('db_driver'); $db_host = $config->get('db_host'); $db_socket = $config->get('db_socket'); @@ -36,11 +35,11 @@ $conn = Hm_DB::connect($config); // $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); - if ($db_driver == 'sqlite') { - // TODO: sqlite should be handled by connect(). not manually done here. - $conn = new pdo("{$db_driver}:{$db_socket}"); - $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - } + // if ($db_driver == 'sqlite') { + // // TODO: sqlite should be handled by connect(). not manually done here. + // $conn = new pdo("{$db_driver}:{$db_socket}"); + // $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + // } if ($conn !== false) { printf("Database connection successful ...\n"); diff --git a/scripts/setup_system.sh b/scripts/setup_system.sh index 5ede9f807e..72efba1099 100755 --- a/scripts/setup_system.sh +++ b/scripts/setup_system.sh @@ -28,13 +28,8 @@ mkdir -p ${APP_DATA_DIR} # TODO: should a user be created if USER_CONFIG_TYPE=file ? if [[ "${USER_CONFIG_TYPE}" = "DB" && -n "${AUTH_USERNAME}" ]] then - php ./scripts/create_account.php ${AUTH_USERNAME} ${AUTH_PASSWORD} + php ${SCRIPT_DIR}/../scripts/create_account.php ${AUTH_USERNAME} ${AUTH_PASSWORD} fi - -# TODO: move this here from docker-entrypoint. I think it depends on the module system? works in docker, but not local -# # Generate the run-time configuration -# -# php ${SCRIPT_DIR}/../scripts/config_gen.php -# php ./scripts/config_gen.php +php ${SCRIPT_DIR}/../scripts/config_gen.php From 9fa3313de1d37c3a84ad1c7a9d8c69748a56ba95 Mon Sep 17 00:00:00 2001 From: Jono Date: Thu, 9 May 2024 22:56:26 -0700 Subject: [PATCH 12/31] prevent existing account from causing crash --- scripts/create_account.php | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/scripts/create_account.php b/scripts/create_account.php index caa30c838c..53fbdf676f 100644 --- a/scripts/create_account.php +++ b/scripts/create_account.php @@ -42,13 +42,14 @@ $auth = new Hm_Auth_DB($config); if ($user && $pass) { - if ($auth->create($user, $pass) === 2) { - die("User '" . $user . "' created\n\n"); - } - else { - print_r(Hm_Debug::get()); - print_r(Hm_Msgs::get()); - print("An error occured when creating user '" . $user . "'\n\n"); - exit(2); # TODO: since php cant die with an error code ?? - } + $auth->create($user, $pass); + // if ($auth->create($user, $pass) === 2) { + // die("User '" . $user . "' created\n\n"); + // } + // else { + // print_r(Hm_Debug::get()); + // print_r(Hm_Msgs::get()); + // print("An error occured when creating user '" . $user . "'\n\n"); + // exit(2); # TODO: since php cant die with an error code ?? + // } } From 613df9d9e6e4eb15792df4f9057ce483e000e572 Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 10 May 2024 07:29:10 -0700 Subject: [PATCH 13/31] add setup to makefile --- .env.example | 22 ++++++---------------- Makefile | 19 ++++++++++--------- scripts/setup_database.php | 2 +- 3 files changed, 17 insertions(+), 26 deletions(-) diff --git a/.env.example b/.env.example index e75391c929..1779142bcc 100644 --- a/.env.example +++ b/.env.example @@ -1,23 +1,13 @@ APP_NAME=Cypht -# DB_CONNECTION_TYPE=host -# DB_DRIVER=mysql -# DB_PORT= -# DB_HOST=localhost -# DB_NAME=test -# DB_USER=test -# DB_PASS=123456 -# DB_SOCKET=/var/lib/mysqld/mysqld.sock - -# AUTH_USERNAME=admin -# AUTH_PASSWORD=admin_password DB_CONNECTION_TYPE=host -DB_HOST=db -DB_NAME=cypht -DB_USER=cypht -DB_PASS=cypht_password -SESSION_TYPE=db DB_DRIVER=mysql +DB_PORT= +DB_HOST=localhost +DB_NAME=test +DB_USER=test +DB_PASS=123456 +DB_SOCKET=/var/lib/mysqld/mysqld.sock SESSION_TYPE=PHP AUTH_TYPE=DB diff --git a/Makefile b/Makefile index d27114f34f..4681ddbf14 100644 --- a/Makefile +++ b/Makefile @@ -14,16 +14,17 @@ docker-push: ## build, tag, and push image to dockerhub. presumes you are logge .PHONY: test-unit test-unit: ## locally run the unit tests cd tests/phpunit/ && phpunit && cd ../../ - # TODO: how are local tests supposed to run? - - -# TODO: make recipes or perhaps use go-task? -# add user -# start local? -# make local dirs -# setup local db -# install local requirements + # TODO: how are local tests supposed to run? see https://github.com/cypht-org/cypht/issues/1011 +.PHONY: setup +.ONESHELL: +setup: ## locally setup app and users. presumes env vars are set + echo "Installing dependencies" + composer install + echo "Creating directories and configs" + ./scripts/setup_system.sh + echo "Creating tables and user" + ./scripts/setup_database.php help: ## get help @grep -E '^[a-zA-Z_-]+:.*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' diff --git a/scripts/setup_database.php b/scripts/setup_database.php index 0e410bd660..2a55ebc1d9 100755 --- a/scripts/setup_database.php +++ b/scripts/setup_database.php @@ -29,7 +29,7 @@ print("session_type={$session_type} auth_type={$auth_type} user_config_type={$user_config_type} db_driver={$db_driver}\n"); -while (!$connected) { +while (!$connected) { # TODO: set a timeout and exit code print("Attempting to connect to database ...\n"); try { $conn = Hm_DB::connect($config); From ae86e2f00561f91edca9f28d1e712e41bc6a4848 Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 10 May 2024 07:43:14 -0700 Subject: [PATCH 14/31] updating inline notes --- .gitignore | 1 - docker/Dockerfile | 4 ++++ lib/db.php | 1 - 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 1ce38fce70..c29ded0ee6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,4 @@ /config/dynamic.php -/config/app.php # TODO: this should not be here?? /site.js /site.css /site/ diff --git a/docker/Dockerfile b/docker/Dockerfile index be45832f03..809ff2ce22 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -27,7 +27,11 @@ COPY docker/nginx.conf /etc/nginx/nginx.conf COPY docker/supervisord.conf /etc/supervisord.conf COPY composer.* . +# TODO: figuer out missing extensions https://github.com/cypht-org/cypht/issues/1009 +# RUN pecl install redis gnupg memcached + # TODO: probably dont want to run update here since it modifies composer.lock and its inconsistant with INSTALL +# see https://github.com/cypht-org/cypht/issues/1009 RUN composer update && composer install COPY . . diff --git a/lib/db.php b/lib/db.php index 3cda761953..3dc7a3ea23 100644 --- a/lib/db.php +++ b/lib/db.php @@ -139,7 +139,6 @@ static public function connect($site_config) { try { self::$dbh[$key] = new PDO($dsn, self::$config['db_user'], self::$config['db_pass']); self::$dbh[$key]->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); - self::$dbh[$key]->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); Hm_Debug::add(sprintf('Connecting to dsn: %s', $dsn)); return self::$dbh[$key]; } catch (Exception $oops) { From c3eb97e2c1ffb3e313ab4dfa9ec779c0d2e0da66 Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 10 May 2024 10:55:45 -0700 Subject: [PATCH 15/31] fixed need for composer update --- composer.lock | 1 - docker/Dockerfile | 6 ++---- scripts/setup_database.php | 41 +++++++++++++++++++++----------------- 3 files changed, 25 insertions(+), 23 deletions(-) diff --git a/composer.lock b/composer.lock index 336f2e24ea..72d3aa3ab8 100644 --- a/composer.lock +++ b/composer.lock @@ -2088,7 +2088,6 @@ "shasum": "" }, "require": { - "ext-ctype": "*", "ext-json": "*", "ext-tokenizer": "*", "php": ">=7.4" diff --git a/docker/Dockerfile b/docker/Dockerfile index 809ff2ce22..f5a69467f2 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -27,12 +27,10 @@ COPY docker/nginx.conf /etc/nginx/nginx.conf COPY docker/supervisord.conf /etc/supervisord.conf COPY composer.* . -# TODO: figuer out missing extensions https://github.com/cypht-org/cypht/issues/1009 +# TODO: figure out missing extensions https://github.com/cypht-org/cypht/issues/1009 # RUN pecl install redis gnupg memcached -# TODO: probably dont want to run update here since it modifies composer.lock and its inconsistant with INSTALL -# see https://github.com/cypht-org/cypht/issues/1009 -RUN composer update && composer install +RUN composer install COPY . . COPY .env.example .env diff --git a/scripts/setup_database.php b/scripts/setup_database.php index 2a55ebc1d9..5abbbc39ac 100755 --- a/scripts/setup_database.php +++ b/scripts/setup_database.php @@ -29,27 +29,32 @@ print("session_type={$session_type} auth_type={$auth_type} user_config_type={$user_config_type} db_driver={$db_driver}\n"); -while (!$connected) { # TODO: set a timeout and exit code - print("Attempting to connect to database ...\n"); - try { - $conn = Hm_DB::connect($config); - // $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); +$connection_tries=0; +$max_tries=10; + +while (!$connected) { + $connection_tries = $connection_tries + 1; + + $conn = Hm_DB::connect($config); + // $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); - // if ($db_driver == 'sqlite') { - // // TODO: sqlite should be handled by connect(). not manually done here. - // $conn = new pdo("{$db_driver}:{$db_socket}"); - // $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - // } + // if ($db_driver == 'sqlite') { + // // TODO: sqlite should be handled by connect(). not manually done here. + // $conn = new pdo("{$db_driver}:{$db_socket}"); + // $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + // } - if ($conn !== false) { + if ($conn !== false) { printf("Database connection successful ...\n"); - $connected = true; - } else { - sleep(1); - } - } catch(PDOException $e){ - error_log('Waiting for database connection ... (' . $e->getMessage() . ')'); - sleep(1); + $connected = true; + } else { + printf("Attempting to connect to database ... ({$connection_tries}/{$max_tries})\n"); + sleep(2); + } + + if ($connection_tries >= $max_tries) { + error_log('Unable to connect to database'); + exit(1); } } From fcff98930b7317a9640838bfbca3ab26c41296eb Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 10 May 2024 12:13:20 -0700 Subject: [PATCH 16/31] relocate functions import --- Makefile | 1 + lib/framework.php | 2 ++ modules/contacts/setup.php | 2 -- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 4681ddbf14..df60288270 100644 --- a/Makefile +++ b/Makefile @@ -19,6 +19,7 @@ test-unit: ## locally run the unit tests .PHONY: setup .ONESHELL: setup: ## locally setup app and users. presumes env vars are set + set -e echo "Installing dependencies" composer install echo "Creating directories and configs" diff --git a/lib/framework.php b/lib/framework.php index 50390ce80b..4866662573 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -35,6 +35,8 @@ require APP_PATH.'lib/api.php'; require APP_PATH.'lib/webdav_formats.php'; +require_once APP_PATH.'modules/core/functions.php'; + /* load random bytes polyfill if needed */ if (!function_exists('random_bytes')) { require VENDOR_PATH.'paragonie/random_compat/lib/random.php'; diff --git a/modules/contacts/setup.php b/modules/contacts/setup.php index d4de9783e5..0a00bf9f85 100644 --- a/modules/contacts/setup.php +++ b/modules/contacts/setup.php @@ -1,7 +1,5 @@ Date: Fri, 10 May 2024 12:53:51 -0700 Subject: [PATCH 17/31] remove comment about debug logging --- Makefile | 4 ++-- lib/auth.php | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index df60288270..0090670430 100644 --- a/Makefile +++ b/Makefile @@ -22,10 +22,10 @@ setup: ## locally setup app and users. presumes env vars are set set -e echo "Installing dependencies" composer install - echo "Creating directories and configs" - ./scripts/setup_system.sh echo "Creating tables and user" ./scripts/setup_database.php + echo "Creating directories and configs" + ./scripts/setup_system.sh help: ## get help @grep -E '^[a-zA-Z_-]+:.*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' diff --git a/lib/auth.php b/lib/auth.php index 308138a8fa..25a7565162 100644 --- a/lib/auth.php +++ b/lib/auth.php @@ -132,8 +132,7 @@ public function create($user, $pass) { $result = 0; $res = Hm_DB::execute($this->dbh, 'select username from hm_user where username = ?', [$user]); if (!empty($res)) { - // TODO: send this to 'debug' once I figure out how it works - print("user {$user} already exists\n"); + error_log("user {$user} already exists\n"); $result = 1; } else { From 19dab2d4f08b6f34dbe6f14c887b19c58107611a Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 10 May 2024 15:59:03 -0700 Subject: [PATCH 18/31] update setup db --- .dockerignore | 3 ++- Makefile | 2 +- docker-compose.yaml | 15 ++++++--------- docker/nginx.conf | 1 - scripts/setup_database.php | 16 +--------------- 5 files changed, 10 insertions(+), 27 deletions(-) diff --git a/.dockerignore b/.dockerignore index 5fac628525..257fde96f9 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1 +1,2 @@ -/data/ \ No newline at end of file +/data/ +.git diff --git a/Makefile b/Makefile index 0090670430..619396fb7a 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ .PHONY: docker-up docker-up: ## start docker stack in foreground - docker compose up --build --abort-on-container-exit + docker compose up --build # --abort-on-container-exit .PHONY: docker-push .ONESHELL: diff --git a/docker-compose.yaml b/docker-compose.yaml index 922c150752..42a91fbf82 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -12,8 +12,6 @@ services: - MYSQL_USER=cypht - MYSQL_PASSWORD=cypht_password cypht: - # image: sailfrog/cypht-docker:latest - # image: jonocodes/cypht:latest build: context: . dockerfile: ./docker/Dockerfile @@ -22,18 +20,17 @@ services: - ./data/attachments:/var/lib/hm3/attachments - ./data/app_data:/var/lib/hm3/app_data - ./data/sqlite:/var/lib/hm3/sqlite - - ./:/usr/local/share/cypht # allows live develompent in container ports: - "80:80" environment: - AUTH_USERNAME=admin - AUTH_PASSWORD=admin - # - DB_CONNECTION_TYPE=socket - # - DB_DRIVER=sqlite - # - DB_SOCKET=/var/lib/hm3/sqlite/cypht.db - - DB_CONNECTION_TYPE=host - - DB_DRIVER=mysql - - DB_HOST=db + - DB_CONNECTION_TYPE=socket + - DB_DRIVER=sqlite + - DB_SOCKET=/var/lib/hm3/sqlite/cypht_docker.db + # - DB_CONNECTION_TYPE=host + # - DB_DRIVER=mysql + # - DB_HOST=db - DB_NAME=cypht - DB_USER=cypht - DB_PASS=cypht_password diff --git a/docker/nginx.conf b/docker/nginx.conf index 9d47587f1b..de3598e963 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -33,7 +33,6 @@ http { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; - # fastcgi_param PHP_ADMIN_VALUE "..."; # TODO: redirect logging here? fastcgi_index index.php; fastcgi_pass 127.0.0.1:9000; } diff --git a/scripts/setup_database.php b/scripts/setup_database.php index 5abbbc39ac..3a37b26fb1 100755 --- a/scripts/setup_database.php +++ b/scripts/setup_database.php @@ -14,11 +14,6 @@ $auth_type = $config->get('auth_type'); $user_config_type = $config->get('user_config_type'); $db_driver = $config->get('db_driver'); -$db_name = $config->get('db_name'); -$db_user = $config->get('db_user'); -$db_pass = $config->get('db_pass'); -$db_host = $config->get('db_host'); -$db_socket = $config->get('db_socket'); $connected = false; $create_table = "CREATE TABLE IF NOT EXISTS"; @@ -27,8 +22,6 @@ // NOTE: these sql commands could be db agnostic if we change the blobs to text -print("session_type={$session_type} auth_type={$auth_type} user_config_type={$user_config_type} db_driver={$db_driver}\n"); - $connection_tries=0; $max_tries=10; @@ -36,20 +29,13 @@ $connection_tries = $connection_tries + 1; $conn = Hm_DB::connect($config); - // $conn = new pdo("{$db_driver}:host={$db_host};dbname={$db_name}", $db_user, $db_pass); - - // if ($db_driver == 'sqlite') { - // // TODO: sqlite should be handled by connect(). not manually done here. - // $conn = new pdo("{$db_driver}:{$db_socket}"); - // $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - // } if ($conn !== false) { printf("Database connection successful ...\n"); $connected = true; } else { printf("Attempting to connect to database ... ({$connection_tries}/{$max_tries})\n"); - sleep(2); + sleep(1); } if ($connection_tries >= $max_tries) { From 8546f173711de59291f4fc8fd7f3f49785e9626c Mon Sep 17 00:00:00 2001 From: Jono Date: Sat, 11 May 2024 11:45:49 -0700 Subject: [PATCH 19/31] got sqlite working in container --- Makefile | 7 ++++++- docker-compose.yaml | 5 +++++ docker/Dockerfile | 17 +++++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 619396fb7a..bc1607a7f9 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ .PHONY: docker-up docker-up: ## start docker stack in foreground - docker compose up --build # --abort-on-container-exit + docker compose up --build || true # --abort-on-container-exit .PHONY: docker-push .ONESHELL: @@ -16,6 +16,11 @@ test-unit: ## locally run the unit tests cd tests/phpunit/ && phpunit && cd ../../ # TODO: how are local tests supposed to run? see https://github.com/cypht-org/cypht/issues/1011 +.PHONY: run-local +run-local: + php -S localhost:8002 index.php + # TODO: get this to work. "No module assignments found" + .PHONY: setup .ONESHELL: setup: ## locally setup app and users. presumes env vars are set diff --git a/docker-compose.yaml b/docker-compose.yaml index 42a91fbf82..70c0969958 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -20,6 +20,9 @@ services: - ./data/attachments:/var/lib/hm3/attachments - ./data/app_data:/var/lib/hm3/app_data - ./data/sqlite:/var/lib/hm3/sqlite + # The following allow for live code updates during development + - ./lib:/usr/local/share/cypht/lib + - ./modules:/usr/local/share/cypht/modules ports: - "80:80" environment: @@ -36,3 +39,5 @@ services: - DB_PASS=cypht_password - SESSION_TYPE=DB - USER_CONFIG_TYPE=DB + extra_hosts: + host.docker.internal: host-gateway # for xdebug diff --git a/docker/Dockerfile b/docker/Dockerfile index f5a69467f2..4f62f3a14d 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,5 +1,10 @@ FROM php:7.4.33-fpm-alpine +# TODO: figure out conditional debug build +ARG WITH_DEBUG=false + +# TODO: figure out verbose/debug logging at run time + WORKDIR "/usr/local/share/cypht" RUN set -e \ @@ -18,9 +23,21 @@ RUN set -e \ && ln -sf /dev/stderr /var/log/nginx/error.log \ && ln -s /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini +COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/bin/ +RUN install-php-extensions xdebug +COPY < Date: Sat, 11 May 2024 23:12:49 -0700 Subject: [PATCH 20/31] installing suggested extensions --- docker-compose.yaml | 2 ++ docker/Dockerfile | 18 ++++++++---------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index 70c0969958..c7f1942650 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -15,6 +15,8 @@ services: build: context: . dockerfile: ./docker/Dockerfile + args: + WITH_DEBUG: true volumes: - ./data/users:/var/lib/hm3/users - ./data/attachments:/var/lib/hm3/attachments diff --git a/docker/Dockerfile b/docker/Dockerfile index 4f62f3a14d..27c0ac5d0b 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,7 +1,5 @@ FROM php:7.4.33-fpm-alpine -# TODO: figure out conditional debug build -ARG WITH_DEBUG=false # TODO: figure out verbose/debug logging at run time @@ -9,23 +7,22 @@ WORKDIR "/usr/local/share/cypht" RUN set -e \ && apk add --no-cache \ - supervisor nginx composer sqlite \ - freetype libpng libjpeg-turbo \ + supervisor nginx composer sqlite freetype libpng libjpeg-turbo \ php-session php-fileinfo php-dom php-xml libxml2-dev php-xmlwriter php-tokenizer \ && apk add --no-cache --virtual .build-deps \ ca-certificates \ libpng-dev libjpeg-turbo-dev freetype-dev \ && docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/ \ && docker-php-ext-install gd pdo pdo_mysql \ + && curl -sSL https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions -o - | sh -s \ + xdebug redis gnupg memcached \ && composer self-update --2 \ && apk del .build-deps \ && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ && ln -s /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini -COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/bin/ -RUN install-php-extensions xdebug -COPY < Date: Wed, 15 May 2024 14:33:54 -0700 Subject: [PATCH 21/31] Setup image tagging --- Makefile | 22 ++++++++-------------- docker-compose.yaml | 11 ++++------- docker/Dockerfile | 3 --- 3 files changed, 12 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index bc1607a7f9..d4a5f7dd37 100644 --- a/Makefile +++ b/Makefile @@ -1,26 +1,20 @@ +# tag?=latest # default + .PHONY: docker-up docker-up: ## start docker stack in foreground docker compose up --build || true # --abort-on-container-exit .PHONY: docker-push .ONESHELL: -docker-push: ## build, tag, and push image to dockerhub. presumes you are logged in - username=$$(docker info | sed '/Username:/!d;s/.* //') - tag=latest # TODO: set from argument - docker buildx build . --platform linux/amd64 -t $${username}/cypht:$${tag} -f docker/Dockerfile --push +docker-push: ## build, tag, and push image to dockerhub. presumes you are logged in. run with a version like tag:1.2.3 + @username=$$(docker info | sed '/Username:/!d;s/.* //') + @[ "$(tag)" = "" ] && (echo "Tag required. Example tag=1.2.3" ; exit 1) + @image=$${username}/cypht:$(tag) + @echo "Building image $${image}" + @docker buildx build . --platform linux/amd64 -t $${image} -f docker/Dockerfile --push # TODO: build for arm architectures -.PHONY: test-unit -test-unit: ## locally run the unit tests - cd tests/phpunit/ && phpunit && cd ../../ - # TODO: how are local tests supposed to run? see https://github.com/cypht-org/cypht/issues/1011 - -.PHONY: run-local -run-local: - php -S localhost:8002 index.php - # TODO: get this to work. "No module assignments found" - .PHONY: setup .ONESHELL: setup: ## locally setup app and users. presumes env vars are set diff --git a/docker-compose.yaml b/docker-compose.yaml index c7f1942650..8b44c61372 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -22,7 +22,7 @@ services: - ./data/attachments:/var/lib/hm3/attachments - ./data/app_data:/var/lib/hm3/app_data - ./data/sqlite:/var/lib/hm3/sqlite - # The following allow for live code updates during development + # The following allow for some live code updates during development - ./lib:/usr/local/share/cypht/lib - ./modules:/usr/local/share/cypht/modules ports: @@ -30,12 +30,9 @@ services: environment: - AUTH_USERNAME=admin - AUTH_PASSWORD=admin - - DB_CONNECTION_TYPE=socket - - DB_DRIVER=sqlite - - DB_SOCKET=/var/lib/hm3/sqlite/cypht_docker.db - # - DB_CONNECTION_TYPE=host - # - DB_DRIVER=mysql - # - DB_HOST=db + - DB_CONNECTION_TYPE=host + - DB_DRIVER=mysql + - DB_HOST=db - DB_NAME=cypht - DB_USER=cypht - DB_PASS=cypht_password diff --git a/docker/Dockerfile b/docker/Dockerfile index 27c0ac5d0b..b6163c26b9 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,8 +1,5 @@ FROM php:7.4.33-fpm-alpine - -# TODO: figure out verbose/debug logging at run time - WORKDIR "/usr/local/share/cypht" RUN set -e \ From 0e6b6b4b3ac26df781e352c519f62ba4c3a90c5b Mon Sep 17 00:00:00 2001 From: Jono Date: Wed, 15 May 2024 14:35:17 -0700 Subject: [PATCH 22/31] clean up --- scripts/create_account.php | 9 --------- 1 file changed, 9 deletions(-) diff --git a/scripts/create_account.php b/scripts/create_account.php index 53fbdf676f..6893304634 100644 --- a/scripts/create_account.php +++ b/scripts/create_account.php @@ -43,13 +43,4 @@ if ($user && $pass) { $auth->create($user, $pass); - // if ($auth->create($user, $pass) === 2) { - // die("User '" . $user . "' created\n\n"); - // } - // else { - // print_r(Hm_Debug::get()); - // print_r(Hm_Msgs::get()); - // print("An error occured when creating user '" . $user . "'\n\n"); - // exit(2); # TODO: since php cant die with an error code ?? - // } } From 7c5afd78ae5cfc46b03f3e6a6eb1f642dd7d1596 Mon Sep 17 00:00:00 2001 From: Jono Date: Wed, 15 May 2024 14:46:44 -0700 Subject: [PATCH 23/31] create docker compose example --- docker-compose.yaml | 4 +++- docker/docker-compose.yaml | 30 ++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 docker/docker-compose.yaml diff --git a/docker-compose.yaml b/docker-compose.yaml index 8b44c61372..b8346b8db1 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,4 +1,6 @@ -version: '3' + +# this file is used for development, not production + services: db: image: mariadb:10 diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml new file mode 100644 index 0000000000..7d943f5c0c --- /dev/null +++ b/docker/docker-compose.yaml @@ -0,0 +1,30 @@ + +# this is a demo of using the production cypht image + +services: + db: + image: mariadb:10 + ports: + - "3306:3306" + volumes: + - ./data/mysql:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=root_password + - MYSQL_DATABASE=cypht + - MYSQL_USER=cypht + - MYSQL_PASSWORD=cypht_password + cypht: + image: jonocodes/cypht:2.0.1-docker-wip + ports: + - "80:80" + environment: + - AUTH_USERNAME=admin + - AUTH_PASSWORD=admin + - DB_CONNECTION_TYPE=host + - DB_DRIVER=mysql + - DB_HOST=db + - DB_NAME=cypht + - DB_USER=cypht + - DB_PASS=cypht_password + - SESSION_TYPE=DB + - USER_CONFIG_TYPE=DB From 0b95a550cf54f5d16ba462a1f102b81759a275bd Mon Sep 17 00:00:00 2001 From: Jono Date: Thu, 16 May 2024 06:26:18 -0700 Subject: [PATCH 24/31] create readme for dockerhub --- Makefile | 9 ++--- ...er-compose.yaml => docker-compose.dev.yaml | 2 +- docker/DOCKERHUB-README.md | 40 +++++++++++++++++++ docker/docker-compose.yaml | 2 + 4 files changed, 47 insertions(+), 6 deletions(-) rename docker-compose.yaml => docker-compose.dev.yaml (94%) create mode 100644 docker/DOCKERHUB-README.md diff --git a/Makefile b/Makefile index d4a5f7dd37..489c8cfd70 100644 --- a/Makefile +++ b/Makefile @@ -1,9 +1,6 @@ - -# tag?=latest # default - .PHONY: docker-up docker-up: ## start docker stack in foreground - docker compose up --build || true # --abort-on-container-exit + docker compose -f docker-compose.dev.yaml up --build || true # --abort-on-container-exit .PHONY: docker-push .ONESHELL: @@ -12,8 +9,10 @@ docker-push: ## build, tag, and push image to dockerhub. presumes you are logge @[ "$(tag)" = "" ] && (echo "Tag required. Example tag=1.2.3" ; exit 1) @image=$${username}/cypht:$(tag) @echo "Building image $${image}" - @docker buildx build . --platform linux/amd64 -t $${image} -f docker/Dockerfile --push + @docker buildx build . --platform linux/amd64 \ + -t $${image} -f docker/Dockerfile --push # TODO: build for arm architectures + # TODO: push docker/DOCKERHUB-README.md to dockerhub .PHONY: setup .ONESHELL: diff --git a/docker-compose.yaml b/docker-compose.dev.yaml similarity index 94% rename from docker-compose.yaml rename to docker-compose.dev.yaml index b8346b8db1..1bfe26b25c 100644 --- a/docker-compose.yaml +++ b/docker-compose.dev.yaml @@ -1,5 +1,5 @@ -# this file is used for development, not production +# this file should be used for development, not production services: db: diff --git a/docker/DOCKERHUB-README.md b/docker/DOCKERHUB-README.md new file mode 100644 index 0000000000..5f82894d20 --- /dev/null +++ b/docker/DOCKERHUB-README.md @@ -0,0 +1,40 @@ +# Cypht + +This is the official docker image of [Cypht](https://cypht.org/). + +## Features of this image + +* Alpine linux based image +* Bundled nginx and PHP 7 provides everything in one image +* Performs same install steps as found on [Cypht install page](https://cypht.org/install.html) +* All Cypht mods and configuration options can be set via environment variables +* Automatic database setup (if configured to use database) + +## Example docker-compose + +See example file here: +https://github.com/jonocodes/cypht/blob/docker-refresh/docker/docker-compose.yaml + +* Starts a database container to be for user authentication +* Starts the Cypht container available on port 80 of the host with ... + * A local volume declared for persisting user settings across container reboots + * An initial user account for authentication + * Environment variables for accessing the database container + +*NOTE: Please change usernames and passwords before using this docker-compose in your environment* + +## Environment variables + +See all the environment variables you can set here: +https://github.com/cypht-org/cypht/blob/master/.env.example + +It is recommended that in production you instead make a copy of this file: +``` +cp .env.example /etc/cypht-prod.env +``` + +Make changes to it and source it in to the docker-compose via 'env_file': +```yaml + env_file: + - /etc/cypht-prod.env +``` diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index 7d943f5c0c..1a44f159ac 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -17,6 +17,8 @@ services: image: jonocodes/cypht:2.0.1-docker-wip ports: - "80:80" + # env_file: + # - /etc/cypht-prod.env environment: - AUTH_USERNAME=admin - AUTH_PASSWORD=admin From 074a7c290847eaac4a768bee09466836d8b7cf0c Mon Sep 17 00:00:00 2001 From: Jono Date: Thu, 16 May 2024 06:39:35 -0700 Subject: [PATCH 25/31] add tag note to readme --- docker/DOCKERHUB-README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker/DOCKERHUB-README.md b/docker/DOCKERHUB-README.md index 5f82894d20..9252888e92 100644 --- a/docker/DOCKERHUB-README.md +++ b/docker/DOCKERHUB-README.md @@ -38,3 +38,5 @@ Make changes to it and source it in to the docker-compose via 'env_file': env_file: - /etc/cypht-prod.env ``` + +It is also recommended that you choose a specific version number tag instead of using 'latest' since 'latest' may represent master which may not be stable. From 36a18dea6c65859679ff55793dabb90aca949e7e Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 17 May 2024 23:01:57 -0700 Subject: [PATCH 26/31] Fix test. Add readme upload --- Makefile | 2 +- lib/auth.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 489c8cfd70..e923c5e5b0 100644 --- a/Makefile +++ b/Makefile @@ -11,8 +11,8 @@ docker-push: ## build, tag, and push image to dockerhub. presumes you are logge @echo "Building image $${image}" @docker buildx build . --platform linux/amd64 \ -t $${image} -f docker/Dockerfile --push + @docker pushrm --file docker/DOCKERHUB-README.md $${username}/cypht # TODO: build for arm architectures - # TODO: push docker/DOCKERHUB-README.md to dockerhub .PHONY: setup .ONESHELL: diff --git a/lib/auth.php b/lib/auth.php index 25a7565162..f6f8df346b 100644 --- a/lib/auth.php +++ b/lib/auth.php @@ -132,7 +132,7 @@ public function create($user, $pass) { $result = 0; $res = Hm_DB::execute($this->dbh, 'select username from hm_user where username = ?', [$user]); if (!empty($res)) { - error_log("user {$user} already exists\n"); + print("user {$user} already exists\n"); $result = 1; } else { From c75037304aedb7dccaed8f9771d04fe35b1c9397 Mon Sep 17 00:00:00 2001 From: Jono Date: Sat, 18 May 2024 21:29:13 -0700 Subject: [PATCH 27/31] env var notes --- docker/DOCKERHUB-README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docker/DOCKERHUB-README.md b/docker/DOCKERHUB-README.md index 9252888e92..6cbe6b245a 100644 --- a/docker/DOCKERHUB-README.md +++ b/docker/DOCKERHUB-README.md @@ -10,6 +10,8 @@ This is the official docker image of [Cypht](https://cypht.org/). * All Cypht mods and configuration options can be set via environment variables * Automatic database setup (if configured to use database) +It recommended that you choose a specific version number tag instead of using 'latest' since 'latest' may represent master which may not be stable. + ## Example docker-compose See example file here: @@ -39,4 +41,4 @@ Make changes to it and source it in to the docker-compose via 'env_file': - /etc/cypht-prod.env ``` -It is also recommended that you choose a specific version number tag instead of using 'latest' since 'latest' may represent master which may not be stable. +In order to avoid confusion, it is best to use only the env file and not set addition env vars in the docker compose file if possilbe. From 53f855dd8878c049bcaf754d5f0b1cd1c8982022 Mon Sep 17 00:00:00 2001 From: Jono Date: Sun, 19 May 2024 17:03:36 -0700 Subject: [PATCH 28/31] Fix attachment issue --- docker/Dockerfile | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index b6163c26b9..e522612810 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -31,7 +31,7 @@ COPY < Date: Fri, 24 May 2024 09:54:28 -0700 Subject: [PATCH 29/31] Add env var descriptions to readme --- docker/DOCKERHUB-README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker/DOCKERHUB-README.md b/docker/DOCKERHUB-README.md index 6cbe6b245a..887607636b 100644 --- a/docker/DOCKERHUB-README.md +++ b/docker/DOCKERHUB-README.md @@ -30,6 +30,10 @@ https://github.com/jonocodes/cypht/blob/docker-refresh/docker/docker-compose.yam See all the environment variables you can set here: https://github.com/cypht-org/cypht/blob/master/.env.example +To see the meaning of what each variable see descriptions here: +https://github.com/cypht-org/cypht/blob/master/config/app.php + + It is recommended that in production you instead make a copy of this file: ``` cp .env.example /etc/cypht-prod.env From 599132bb3a0dbbf4c493de37fc88704ead60492e Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 24 May 2024 10:07:58 -0700 Subject: [PATCH 30/31] Splitting out command for pushing the readme --- Makefile | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index e923c5e5b0..d44c78d14f 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ .PHONY: docker-up -docker-up: ## start docker stack in foreground +docker-up: ## start docker stack in foreground for development docker compose -f docker-compose.dev.yaml up --build || true # --abort-on-container-exit .PHONY: docker-push @@ -11,8 +11,14 @@ docker-push: ## build, tag, and push image to dockerhub. presumes you are logge @echo "Building image $${image}" @docker buildx build . --platform linux/amd64 \ -t $${image} -f docker/Dockerfile --push + TODO: build for arm architectures + +.PHONY: dockerhub-push-readme +.ONESHELL: +dockerhub-push-readme: ## upload readme to dockerhub + @username=$$(docker info | sed '/Username:/!d;s/.* //') @docker pushrm --file docker/DOCKERHUB-README.md $${username}/cypht - # TODO: build for arm architectures + @echo docker pushrm --file docker/DOCKERHUB-README.md $${username}/cypht .PHONY: setup .ONESHELL: From 28695972d9e0083ff9818e917489a78a7ff92e59 Mon Sep 17 00:00:00 2001 From: Jono Date: Fri, 24 May 2024 10:13:11 -0700 Subject: [PATCH 31/31] fix broken TODO in readme --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index d44c78d14f..27ab7c8a4a 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ docker-push: ## build, tag, and push image to dockerhub. presumes you are logge @echo "Building image $${image}" @docker buildx build . --platform linux/amd64 \ -t $${image} -f docker/Dockerfile --push - TODO: build for arm architectures + # TODO: build for arm architectures .PHONY: dockerhub-push-readme .ONESHELL: