From 78630b2dbc28d38d3df7d054848caae66c88f236 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= Date: Mon, 23 Nov 2020 21:22:04 +0200 Subject: [PATCH 1/7] Use php and php extensions from alpine image The alpine is mature enough to have needed extensions. --- Dockerfile | 39 +++++++++++++++++++++++---------------- 1 file changed, 23 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5fe2e00af..abc333d59 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,24 +3,24 @@ # also modifying source, would not need to rebuild extensions layer. # Author: Elan Ruusamäe -FROM php:7.3-fpm-alpine AS base +# Use alpine:edge for ext-mongodb: +# - https://gitlab.alpinelinux.org/alpine/aports/-/issues/12102 +FROM alpine:edge AS base RUN set -x \ - && apk add --no-cache --virtual .build-deps ${PHPIZE_DEPS} postgresql-dev openssl-dev \ - && pecl install mongodb && docker-php-ext-enable mongodb \ - && docker-php-ext-install pdo pdo_mysql pdo_pgsql \ - # https://github.com/docker-library/php/blob/c8c4d223a052220527c6d6f152b89587be0f5a7c/7.3/alpine3.12/fpm/Dockerfile#L166-L172 - && runDeps=$( \ - scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - ) \ - && rm -rf /usr/local/lib/php/test/mongodb \ - && extDir=$(php-config --extension-dir) \ - && strip $extDir/pdo*.so $extDir/mongodb.so \ - && apk add --no-cache $runDeps \ - && apk del .build-deps + && apk add --no-cache \ + php-cli \ + php-ctype \ + php-fpm \ + php-json \ + php-pdo \ + php-session \ + php-pdo_mysql \ + php-pdo_pgsql \ + php-pdo_sqlite \ + php7-pecl-mongodb \ + && ln -s /usr/sbin/php-fpm7 /usr/sbin/php-fpm \ + && php -m # prepare sources FROM scratch AS source @@ -31,6 +31,10 @@ WORKDIR /app/vendor # install composer vendor FROM base AS build +# extra deps for composer +RUN apk add --no-cache \ + php-phar \ + && php -m WORKDIR /app ARG COMPOSER_FLAGS="--no-interaction --no-suggest --ansi --no-dev" COPY --from=composer:1.10 /usr/bin/composer /usr/bin/ @@ -61,6 +65,9 @@ ARG APPDIR=/var/www/xhgui ARG WEBROOT=$APPDIR/webroot WORKDIR $APPDIR +EXPOSE 9000 +CMD ["php-fpm", "-F"] + RUN mkdir -p cache && chmod -R 777 cache COPY --from=build /vendor ./vendor/ COPY --from=build /app ./ From 7deb38d214df590c4de1c67e0f2e80843b17e767 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= Date: Tue, 15 Dec 2020 20:14:00 +0200 Subject: [PATCH 2/7] Add www-data uid/gid --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index abc333d59..6249ff7e5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,6 +20,9 @@ RUN set -x \ php-pdo_sqlite \ php7-pecl-mongodb \ && ln -s /usr/sbin/php-fpm7 /usr/sbin/php-fpm \ + # Use www-data uid/gid from alpine also present in docker php images + && addgroup -g 82 -S www-data \ + && adduser -u 82 -D -S -G www-data www-data \ && php -m # prepare sources From 32d46b58d700c565d896b4bc3b01ecc3679311ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= Date: Tue, 15 Dec 2020 20:17:59 +0200 Subject: [PATCH 3/7] Add cache dir as copy layer --- Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 6249ff7e5..ba91acb8b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -62,6 +62,8 @@ RUN rm -vf composer.* vendor/composer/*.json # add vendor as separate docker layer RUN mv vendor / +RUN install -d /cache -m 700 + # build runtime image FROM base ARG APPDIR=/var/www/xhgui @@ -71,6 +73,6 @@ WORKDIR $APPDIR EXPOSE 9000 CMD ["php-fpm", "-F"] -RUN mkdir -p cache && chmod -R 777 cache +COPY --from=build --chown=www-data /cache ./cache/ COPY --from=build /vendor ./vendor/ COPY --from=build /app ./ From 24b0441902bcdd05bf6746dda44a7dd5d37d2bf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= Date: Tue, 15 Dec 2020 20:19:49 +0200 Subject: [PATCH 4/7] Add PHP_INI_DIR as in php docker images --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index ba91acb8b..c666fb7a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,8 @@ # - https://gitlab.alpinelinux.org/alpine/aports/-/issues/12102 FROM alpine:edge AS base +ENV PHP_INI_DIR /etc/php7 + RUN set -x \ && apk add --no-cache \ php-cli \ From f1623c1e97f5d41ab39c5fb61f6dbed1c17a2678 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= Date: Tue, 15 Dec 2020 20:30:35 +0200 Subject: [PATCH 5/7] Tweak php-fpm config to be more like upstream php docker image --- Dockerfile | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/Dockerfile b/Dockerfile index c666fb7a9..cda25fd27 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,6 +25,24 @@ RUN set -x \ # Use www-data uid/gid from alpine also present in docker php images && addgroup -g 82 -S www-data \ && adduser -u 82 -D -S -G www-data www-data \ + # Tweak php-fpm config + && sed -i \ + -e "s#^;daemonize\s*=\s*yes#daemonize = no#" \ + -e "s#^error_log\s*=.*#error_log = /var/log/php/fpm.error.log#" \ + $PHP_INI_DIR/php-fpm.conf \ + && POOL_CONFIG=$PHP_INI_DIR/php-fpm.d/www.conf \ + && sed -i \ + -e "s#^listen\s*=.*#listen = [::]:9000#" \ + -e "s#^listen\.allowed_clients\s*=.*#;&#" \ + -e "s#^;access\.log\s*=.*#access.log = /var/log/php/fpm.access.log#" \ + -e "s#^;clear_env\s*=.*#clear_env = no#" \ + -e "s#^user = nobody\s*=.*#user = www-data#" \ + -e "s#^group = nobody\s*=.*#group = www-data#" \ + -e "s#^;catch_workers_output\s*=.*#catch_workers_output = yes#" \ + $POOL_CONFIG \ + && install -d -o www-data -g www-data /var/log/php \ + && ln -sf /proc/self/fd/2 /var/log/php/fpm.access.log \ + && ln -sf /proc/self/fd/2 /var/log/php/fpm.error.log \ && php -m # prepare sources From e833ba58a0cd37cc7251ffcf1960f889e3a7c2f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= Date: Fri, 18 Dec 2020 17:20:32 +0200 Subject: [PATCH 6/7] Revert back to alpine:3.12 for php 7.3 --- Dockerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index cda25fd27..d111db4b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,9 +3,7 @@ # also modifying source, would not need to rebuild extensions layer. # Author: Elan Ruusamäe -# Use alpine:edge for ext-mongodb: -# - https://gitlab.alpinelinux.org/alpine/aports/-/issues/12102 -FROM alpine:edge AS base +FROM alpine:3.12 AS base ENV PHP_INI_DIR /etc/php7 @@ -20,7 +18,6 @@ RUN set -x \ php-pdo_mysql \ php-pdo_pgsql \ php-pdo_sqlite \ - php7-pecl-mongodb \ && ln -s /usr/sbin/php-fpm7 /usr/sbin/php-fpm \ # Use www-data uid/gid from alpine also present in docker php images && addgroup -g 82 -S www-data \ From 6928c0efb89f2bb82b23343c4bef7a08b1c2e147 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Elan=20Ruusam=C3=A4e?= Date: Fri, 18 Dec 2020 17:33:28 +0200 Subject: [PATCH 7/7] Build ext-mongodb from pecl --- Dockerfile | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index d111db4b4..4c6458bc0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,23 @@ FROM alpine:3.12 AS base ENV PHP_INI_DIR /etc/php7 +# ext-mongodb: build and stage +FROM base AS build-ext-mongodb +RUN apk add --no-cache alpine-sdk openssl-dev php7-dev php7-openssl php7-pear +RUN pecl install mongodb + +FROM base AS stage-ext-mongodb +RUN apk add binutils + +WORKDIR /build/etc/php7/conf.d +RUN echo extension=mongodb.so > mongodb.ini + +WORKDIR /build/usr/lib/php7/modules +COPY --from=build-ext-mongodb /usr/lib/php7/modules/mongodb.so . +RUN strip *.so && chmod a+rx *.so + +# php-fpm runtime +FROM base AS php RUN set -x \ && apk add --no-cache \ php-cli \ @@ -50,7 +67,7 @@ COPY . . WORKDIR /app/vendor # install composer vendor -FROM base AS build +FROM php AS build # extra deps for composer RUN apk add --no-cache \ php-phar \ @@ -82,7 +99,7 @@ RUN mv vendor / RUN install -d /cache -m 700 # build runtime image -FROM base +FROM php ARG APPDIR=/var/www/xhgui ARG WEBROOT=$APPDIR/webroot WORKDIR $APPDIR @@ -90,6 +107,7 @@ WORKDIR $APPDIR EXPOSE 9000 CMD ["php-fpm", "-F"] +COPY --from=stage-ext-mongodb /build / COPY --from=build --chown=www-data /cache ./cache/ COPY --from=build /vendor ./vendor/ COPY --from=build /app ./