From 248e3b6af72ea0f24b05dda5b0d33f9d8ee74277 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Sun, 28 Jun 2020 07:59:19 +0200 Subject: [PATCH] no need for development container in stable branch --- doc/docker/development/Dockerfile | 90 -------- doc/docker/development/README.md | 56 ----- doc/docker/development/build.sh | 47 ---- doc/docker/development/docker-compose.yml | 267 ---------------------- doc/docker/development/entrypoint.sh | 117 ---------- doc/docker/development/nginx.conf | 154 ------------- 6 files changed, 731 deletions(-) delete mode 100644 doc/docker/development/Dockerfile delete mode 100644 doc/docker/development/README.md delete mode 100755 doc/docker/development/build.sh delete mode 100644 doc/docker/development/docker-compose.yml delete mode 100755 doc/docker/development/entrypoint.sh delete mode 100644 doc/docker/development/nginx.conf diff --git a/doc/docker/development/Dockerfile b/doc/docker/development/Dockerfile deleted file mode 100644 index babf3c7f75..0000000000 --- a/doc/docker/development/Dockerfile +++ /dev/null @@ -1,90 +0,0 @@ -################################################################################ -## -## EGroupware FPM container using Ubuntu 18.04 and PHP from ondrej/php PPA -## -################################################################################ -FROM ubuntu:18.04 -MAINTAINER rb@egroupware.org - -ARG VERSION=dev-master -ARG PHP_VERSION=7.3 - -# keeping build-arg in environment for entrypoint.sh -ENV VERSION=$VERSION -ENV PHP_VERSION=$PHP_VERSION - -RUN apt-get update \ - && apt-get install -y software-properties-common \ - && LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php \ - && apt-get update \ - && bash -c "apt-get install -y php$PHP_VERSION-{cli,mysql,json,gd,xsl,bz2,opcache,apcu,tidy,zip,bcmath,mbstring,smbclient,ldap,curl,fpm,pgsql,gmp}" \ - # fpm and php.ini settings - && sed -e 's/^;\?listen \?=.*/listen = 9000/g' \ - -e '/allowed_clients/d' \ - -e '/pm.max_children/s/=.*/= 80/' \ - -e '/catch_workers_output/s/^;/;/' \ - -e '/error_log/d' \ - -e 's/^;\?pm.max_requests =.*/pm.max_requests = 30/' \ - -e 's/^;\?php_admin_value\[memory_limit\].*/php_admin_value[memory_limit] = 172M/' \ - -e 's/^;\?request_terminate_timeout.*/request_terminate_timeout = 70m/' \ - -i /etc/php/$PHP_VERSION/fpm/pool.d/www.conf \ - && sed -e 's/^;\?session.gc_maxlifetime.*/session.gc_maxlifetime = 14400/g' \ - -e 's|^;\?date.timezone.*|date.timezone = UTC|g' \ - -e 's|^;\?sys_temp_dir.*|sys_temp_dir = /tmp|g' \ - -e 's|^;\?disable_functions.*|disable_functions = exec,passthru,shell_exec,system,proc_open,popen|g' \ - -e 's|^;\?max_execution_time \?=.*|max_execution_time = 90|g' \ - -e 's|^;\?upload_max_filesize \?=.*|upload_max_filesize = 64M|g' \ - -e 's|^;\?post_max_size \?=.*|post_max_size = 65M|g' \ - -e 's|^;\?max_input_vars \?=.*|max_input_vars = 5000|g' \ - -e 's|^;\?zlib.output_compression \?=.*|zlib.output_compression = On|g' \ - -e 's|^;\?opcache.validate_timestamps \?=.*|opcache.validate_timestamps=0|g' \ - -i /etc/php/$PHP_VERSION/fpm/php.ini \ - && sed -e 's|^;\?date.timezone.*|date.timezone = UTC|g' \ - -e 's|^;\?sys_temp_dir.*|sys_temp_dir = /tmp|g' \ - -i /etc/php/$PHP_VERSION/cli/php.ini \ - # create directory for pid file - && mkdir -p /run/php \ - # send logs to stderr to be viewed by docker logs - && ln -s /dev/stderr /var/log/php$PHP_VERSION-fpm.log \ - # install tools to build EGroupware - && apt-get install -y rsync npm zip curl sudo cron patch \ - && npm install -g grunt-cli \ - && bash -c \ -'EXPECTED_SIGNATURE=$(curl https://composer.github.io/installer.sig); \ -curl https://getcomposer.org/installer > composer-setup.php; \ -ACTUAL_SIGNATURE=$(php -r "echo hash_file(\"sha384\", \"composer-setup.php\");"); \ -if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]; \ -then \ - >&2 echo "ERROR: Invalid Composer installer signature"; \ - RESULT=1; \ -else \ - php composer-setup.php --quiet --install-dir /usr/local/bin; \ - RESULT=$?; \ -fi; \ -rm composer-setup.php; \ -exit $RESULT' \ - # disable certificate checks for LDAP as most LDAP and AD servers have no "valid" cert - && echo "TLS_REQCERT never" >> /etc/ldap/ldap.conf - -# install diverse developper tools, not installed above / in stock container -RUN apt-get install -y php$PHP_VERSION-cli php-xdebug inetutils-ping iproute2 git vim yarn \ - && echo "xdebug.remote_enable=1" >> /etc/php/$PHP_VERSION/fpm/conf.d/20-xdebug.ini \ - && echo "xdebug.remote_port=9001" >> /etc/php/$PHP_VERSION/fpm/conf.d/20-xdebug.ini \ - && echo "xdebug.remote_host=172.17.0.1" >> /etc/php/$PHP_VERSION/fpm/conf.d/20-xdebug.ini \ - && ln -s /usr/local/bin/composer.phar /usr/local/bin/composer \ - && sed -e 's|^;\?opcache.validate_timestamps \?=.*|opcache.validate_timestamps=1|g' \ - -i /etc/php/$PHP_VERSION/fpm/php.ini \ - && apt-get clean \ - && update-alternatives --install /usr/sbin/php-fpm php-fpm /usr/sbin/php-fpm$PHP_VERSION 5 - -VOLUME /var/www -VOLUME /var/lib/egroupware -VOLUME /var/lib/php/sessions -VOLUME /var/lib/egroupware-push - -EXPOSE 9000 - -ADD entrypoint.sh / - -CMD ["php-fpm", "--nodaemonize"] -ENTRYPOINT ["/entrypoint.sh"] diff --git a/doc/docker/development/README.md b/doc/docker/development/README.md deleted file mode 100644 index 0ec892f5cb..0000000000 --- a/doc/docker/development/README.md +++ /dev/null @@ -1,56 +0,0 @@ -# EGroupware development enviroment as Docker container - -The container and docker-compose.yml file in this directory are the most easy way to get a full development enviroment for EGroupware. - -### It defines and uses the following volumes: -* sources: document root of the webserver, by default $PWD/sources subdirectory, can also be your existing document root -* data: EGroupware stores it's files here, by default $PWD/data subdirectory, can also be your existing /var/lib/egroupware -* db: volume for MariaDB (should be NOT a directory under Mac OS and Windows for performance reasons!) -* sessions: volume for sessions, internal no need to change -* sources-push: swoolpush sub-directory of sources -* collabora-config: /etc/loolwsd for Collabora container, by default $PWD/data/default/loolwsd -* rocketchat-uploads: Upload directory for Rocket.Chat, by default $PWD/data/default/rocketchat/uploads -* rocketchat-dumps: Dump directory for MongoDB, by default $PWD/data/default/rocketchat/dump - -### It runs the following containers: -* egroupware: php-fpm -* egroupware-nginx: Nginx -* egroupware-db: MariaDB -* egroupware-push: PHP Swoole based push server -* egroupware-watchtower: to automatic keeps the containers up to date -* collabora: Collabora Online Office -* rocketchat: Rocket.Chat -* rocketchat-mongo: MongoDB for Rocket.Chat - -### Usage: -``` -mkdir dev && cd dev -wget https://raw.githubusercontent.com/EGroupware/egroupware/master/doc/docker/development/docker-compose.yml -wget https://raw.githubusercontent.com/EGroupware/egroupware/master/doc/docker/development/nginx.conf -mkdir sources data -# edit docker-compose.yml to fit your needs eg. -# ports to use for Nginx / the webserver, by default 8080 and 4443 -# xdebug port, default 9001 (NOT 9000!) -# IDE host, default XDEBUG_REMOTE_HOST=docker.for.mac.localhost -docker-compose up -d -``` -* It will install EGroupware master and phpMyAdmin in egroupware / phpmyadmin subdirectory of sources volume, if not already there -* Credentials for a new install can be found in data:egroupware-docker-install.log -* Use the following to tail the webserver error.log -``` -docker logs -f egroupware-nginx 2>&1 | sed "s/PHP message/\\$(echo -e '\n\r')PHP message/g" -``` - -### Docker Desktop for Mac notes -* directories of volumes must be exported to Docker, by default only your home-directory is! -* permissions of sources and data directory must be readable (sources writable) by your user, as Docker daemon runs as that user! -* db volume must NOT be a directory, as the networked access from Docker VM to the Mac is to slow! - -### Docker Desktop for Windows notes -* you can NOT use $PWD to reference the docker-compose directory, use the full path with forward slashes! -* directories of volumes must be exported to Docker! -* db volume must NOT be a directory, as the networked access from Docker VM to Windows is to slow! - -### Docker on Linux -* permissions of sources and data directory must be readable (sources writable) by www-data user (#33) - diff --git a/doc/docker/development/build.sh b/doc/docker/development/build.sh deleted file mode 100755 index 888285394d..0000000000 --- a/doc/docker/development/build.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash -x - -REPO=egroupware -IMAGE=development -BASE=ubuntu:18.04 -RECOMMENDED_PHP_VERSION=7.3 - -PHP_VERSION=${1:-7.3} - -TAG=$(docker run --rm -i --entrypoint bash $REPO/$IMAGE -c "apt update && apt search php$PHP_VERSION-fpm" 2>/dev/null|grep php$PHP_VERSION-fpm|sed "s|^php$PHP_VERSION-fpm/bionic.?*\(7\.[0-9]*\.[0-9]*\).*|\1|g") -test -z "$TAG" && { - echo "Can't get new tag of $REPO/$IMAGE container --> existing" - exit 1 -} - -DEFAULT=$(git branch|grep ^*|cut -c3-) -VERSION=${2:-$DEFAULT} -BRANCH=$(echo $VERSION|sed 's/\.[0-9]\{8\}$//') -[ $VERSION = $BRANCH ] && VERSION="$BRANCH.x-dev" - -[ $BRANCH != "master" ] && { - TAG=$BRANCH-$TAG -} -[ $BRANCH = "master" ] && { - TAG=master - VERSION=dev-master -} -echo -e "\nbuilding $REPO/$IMAGE:$TAG\n" - -cd $(dirname $0) - -docker pull $BASE -docker build --build-arg "VERSION=$VERSION" --build-arg="PHP_VERSION=$PHP_VERSION" -t $REPO/$IMAGE:$TAG . && { - docker push $REPO/$IMAGE:$TAG - - # tag by major PHP version eg. 7.3 - docker tag $REPO/$IMAGE:$TAG $REPO/$IMAGE:$PHP_VERSION - docker push $REPO/$IMAGE:$PHP_VERSION - - # tag only recommended PHP version as latest and $BRANCH (eg. master) - [ $BRANCH = "master" -a $PHP_VERSION = $RECOMMENDED_PHP_VERSION ] && { - docker tag $REPO/$IMAGE:$TAG $REPO/$IMAGE:latest - docker push $REPO/$IMAGE:latest - docker tag $REPO/$IMAGE:$TAG $REPO/$IMAGE:$BRANCH - docker push $REPO/$IMAGE:$BRANCH - } -} diff --git a/doc/docker/development/docker-compose.yml b/doc/docker/development/docker-compose.yml deleted file mode 100644 index 5a292c2ad4..0000000000 --- a/doc/docker/development/docker-compose.yml +++ /dev/null @@ -1,267 +0,0 @@ -version: '3' -volumes: - # data directory: here are the files stored (/var/lib/egroupware by default) - data: - driver_opts: - type: none - o: bind - # to upgrade an existing non-docker installation most easy is to use the existing - # data directory /var/lib/egroupware AND the host database see below - #device: /var/lib/egroupware - # otherwise data is stored in data subdirectory of the current directory - device: $PWD/data - # sources directory or document root mounted as /var/www inside the container - sources: - driver_opts: - type: none - o: bind - # use this if you have an existing document root with an egroupware directory inside - #device: /var/www - # otherwise sources/document is stored in sources subdirectory of current directory - device: $PWD/sources - # sources for push server, swoolpush subdirectory of egroupware - sources-push: - driver_opts: - type: none - o: bind - device: $PWD/sources/egroupware/swoolepush - # volume to store config.inc.php file / token shared between egroupware and push container - push-config: - # collabora-config - collabora-config: - driver_opts: - type: none - o: bind - # to upgrade an existing non-docker installation most easy is to use the existing - # data directory /var/lib/egroupware AND the host database see below - #device: /var/lib/egroupware/default/loolwsd - # otherwise data is stored in data subdirectory of the current directory - device: $PWD/data/default/loolwsd - # for Mac and Windows, do NOT use a directory for the DB, as the Docker host is in a VM! - db: - sessions: - # cache files from compose, npm and yarn (actually /root inside the container) - cache: - # store Rocket.Chat MongoDB on an (internal) Volume - mongo: - # directory to store MongoDB dumps - rocketchat-dumps: - driver_opts: - type: none - o: bind - device: $PWD/data/default/rocketchat/dump - rocketchat-uploads: - driver_opts: - type: none - o: bind - device: $PWD/data/default/rocketchat/uploads - -services: - egroupware: - # you can also use tags like: 7.3, 7.3.12 or 7.4 - image: egroupware/development:master - # setting a default language for a new installation - #environment: - #- LANG=de - volumes: - - sources:/var/www - - data:/var/lib/egroupware - - sessions:/var/lib/php/sessions - - cache:/root - - push-config:/var/lib/egroupware-push - # if you want to use the host database: - # 1. comment out the whole db service below AND - # 2. set EGW_DB_HOST=localhost AND - # 3. uncomment the next line and modify the host path (first one), it depends on your distro: - # - RHEL/CentOS /var/lib/mysql/mysql.sock:/var/run/mysqld/mysqld.sock - # - openSUSE/SLE /var/run/mysql/mysql.sock:/var/run/mysqld/mysqld.sock - # - Debian/Ubuntu /var/run/mysqld:/var/run/mysqld - #- /var/run/mysqld:/var/run/mysqld - # private CA so egroupware can validate your certificate to talk to Collabora or Rocket.Chat - # multiple certificates (eg. a chain) have to be single files in a directory, with one named private-ca.crt! - #- /etc/egroupware-docker/private-ca.crt:/usr/local/share/ca-certificates/private-ca.crt:ro - environment: - # - # MariaDB/MySQL host to use: for internal service use "db", for host database (socket bind-mounted into container) use "localhost" - - EGW_DB_HOST=db - # grant host is needed for NOT using localhost / unix domain socket for MySQL/MariaDB - - EGW_DB_GRANT_HOST=172.% - # for internal db service you should to specify a root password here AND in db service - # a database "egroupware" with a random password is created for you on installation (password is stored in header.inc.php in data directory) - #- EGW_DB_ROOT=root - - EGW_DB_ROOT_PW=secret - # alternativly you can specify an already existing database with full right by the given user! - #- EGW_DB_NAME=egroupware - #- EGW_DB_USER=egroupware - #- EGW_DB_PASS= - # - # further post_install.php arguments can be passed as a single enviroment variable with space separated assignments - # "= =" see https://github.com/EGroupware/egroupware/blob/master/doc/rpm-build/post_install.php#L17 - # to configure eg. LDAP for authentication and account storage use - #- EGW_POST_INSTALL='account-auth=ldap,ldap ldap_base=ou=egroupware,dc=example,dc=org ldap_host=tls://ldap.example.org ldap_admin=cn=admin,$base ldap_admin_pw=secret ldap_context=cn=users,$base ldap_group_context=cn=groups,$base' - # - # extra non-default apps (need to start with EGW_EXTRA_APP!) - # - # new push server not yet in composer.json - - EGW_EXTRA_APP_PUSH=https://github.com/EGroupware/swoolepush.git - # EPL apps (need extra credentials!) - #- EGW_EXTRA_APPS_EPL=https://github.com/EGroupwareGmbH/epl.git https://github.com/EGroupwareGmbH/esyncpro.git https://github.com/EGroupwareGmbH/policy.git https://github.com/EGroupwareGmbH/webauthn.git - # old Wiki - - EGW_EXTRA_APP_WIKI=https://github.com/EGroupware/wiki.git - # old API and eTemplate(1) - - EGW_EXTRA_APP_OLDAPI=https://github.com/EGroupware/phpgwapi.git https://github.com/EGroupware/etemplate.git - # - # XDEBUG_REMOTE_HOST need to be set, if the host running the IDE is different from 172.17.0.1 (Mac can use docker.for.mac.localhost) - - XDEBUG_REMOTE_HOST=docker.for.mac.localhost - - restart: always - depends_on: - - db - container_name: egroupware - # set the ip-address of your docker host AND your official DNS name so EGroupware - # can access Rocket.Chat or Collabora without the need to go over your firewall - #extra_hosts: - #- "my.host.name:ip-address" - - nginx: - image: nginx:stable-alpine - volumes: - - sources:/var/www:ro - # to add a certificate create a certificate.pem containing (in that order) - # 1. private key - # 2. public key - # 3. (optional) chain certificates - # uncomment to the next line - # ./certificate.pem:/etc/ssl/private/certificate.pem - # AND uncomment the three lines starting with "listen 443", "ssl_certificate", "ssl_certificate_key" in nginx.conf - - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro - ports: - # if no webserver is running on the host, change (first) number to 80 or 443 - - "8080:80" - - "4443:443" - depends_on: - - egroupware - - collabora-key - - rocketchat - container_name: egroupware-nginx - - # run an own MariaDB:10.4 (you can use EGroupware's database backup and restore to add your existing database) - db: - image: mariadb - environment: - #- MYSQL_ROOT=root - - MYSQL_ROOT_PASSWORD=secret - volumes: - - db:/var/lib/mysql - container_name: egroupware-db - # make mysql also available on the host - #ports: - #- "3306:3306" - - # push server using phpswoole - push: - image: phpswoole/swoole:latest-dev - volumes: - - sources-push:/var/www - - sessions:/var/lib/php/sessions - - push-config:/var/lib/egroupware-push - container_name: egroupware-push - - # automatic updates of all containers daily at 4am - # see https://containrrr.github.io/watchtower for more information - watchtower: - image: containrrr/watchtower - volumes: - - /var/run/docker.sock:/var/run/docker.sock - # For automatic EPL Updates (not necessary for CE!) you need to pass docker - # credentials into watchtower after running: docker login download.egroupware.org - #- /root/.docker/config.json:/config.json:ro - environment: - - WATCHTOWER_CLEANUP=true # delete old image after update to not fill up the disk - # for email notifications add your email and mail-server here - #- WATCHTOWER_NOTIFICATIONS=email - #- WATCHTOWER_NOTIFICATIONS_LEVEL=info # possible values: panic, fatal, error, warn, info or debug - #- WATCHTOWER_NOTIFICATION_EMAIL_FROM="watchtower@my-domain.com" - #- WATCHTOWER_NOTIFICATION_EMAIL_TO="me@my-domain.com" - #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER="mail.my-domain.com" # if you give your MX here, you need no user/password - #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=25 - #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER="watchtower@my-domain.com" - #- WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD="secret" - command: --schedule "0 0 4 * * *" - container_name: egroupware-watchtower - restart: always - - # Collabora Online Office - collabora-key: - image: "quay.io/egroupware/collabora-key:stable" - #image: collabora/code:latest - # needs to be initialised via: docker run --rm -v dev_collabora-config:/mnt --entrypoint '/bin/cp -r /etc/loolwsd /mnt' quay.io/egroupware/collabora-key:stable - volumes: - - collabora-config:/etc/loolwsd - # dont try to regenerate the (not used certificate) as volumn is readonly - environment: - - DONT_GEN_SSL_CERT=1 - restart: always - container_name: collabora-key - # set the ip-address of your docker host AND your official DNS name so Collabora - # can access EGroupware without the need to go over your firewall - #extra_hosts: - #- "my.host.name:ip-address" - - # Rocket.Chat server - rocketchat: - image: rocketchat/rocket.chat:latest - command: bash -c 'for i in `seq 1 30`; do node main.js && s=$$? && break || s=$$?; echo "Tried $$i times. Waiting 5 secs..."; sleep 5; done; (exit $$s)' - restart: unless-stopped - volumes: - - rocketchat-uploads:/app/uploads - # if EGroupware uses a certificate from a private CA, OAuth authentication will fail, you need to: - # - have the CA certificate stored at /etc/egroupware-docker/private-ca.crt - # - uncomment the next 2 lines about the private CA: - # - /etc/egroupware-docker/private-ca.crt:/usr/local/share/ca-certificates/private-ca.crt:ro - environment: - # - NODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/private-ca.crt - # IMPORTANT: change ROOT_URL to your actual url eg. https://domain.com/rocketchat - - ROOT_URL=http://localhost/rocketchat - - PORT=3000 - - MONGO_URL=mongodb://mongo:27017/rocketchat - - MONGO_OPLOG_URL=mongodb://mongo:27017/local - # - HTTP_PROXY=http://proxy.domain.com - # - HTTPS_PROXY=http://proxy.domain.com - depends_on: - - mongo - container_name: rocketchat - # set the ip-address of your docker host AND your official DNS name so Rocket.Chat - # can access EGroupware without the need to go over your firewall - #extra_hosts: - #- "my.host.name:ip-address" - - # MongoDB for Rocket.Chat - mongo: - image: mongo:4.0 - restart: unless-stopped - volumes: - - mongo:/data/db - - rocketchat-dumps:/dump - command: mongod --smallfiles --oplogSize 128 --replSet rs0 --storageEngine=mmapv1 - container_name: rocketchat-mongo - # this container's job is just run the command to initialize the replica set. - # it will run the command and remove himself (it will not stay running) - mongo-init-replica: - image: mongo:4.0 - command: 'bash -c "for i in `seq 1 30`; do mongo mongo/rocketchat --eval \"rs.initiate({ _id: ''rs0'', members: [ { _id: 0, host: ''localhost:27017'' } ]})\" && s=$$? && break || s=$$?; echo \"Tried $$i times. Waiting 5 secs...\"; sleep 5; done; (exit $$s)"' - depends_on: - - mongo - - # Portainer: Docker GUI (needs to be enabled in nginx.conf too!) -# portainer: -# image: portainer/portainer -# command: -H unix:///var/run/docker.sock -# restart: always -# ports: -# - 9000:9000 -# - 8000:8000 -# volumes: -# - /var/run/docker.sock:/var/run/docker.sock -# - portainer_data:/data -# container_name: portainer diff --git a/doc/docker/development/entrypoint.sh b/doc/docker/development/entrypoint.sh deleted file mode 100755 index 63d5086d3d..0000000000 --- a/doc/docker/development/entrypoint.sh +++ /dev/null @@ -1,117 +0,0 @@ -#!/bin/bash -set -ex - -VERSION=${VERSION:-dev-master} -PHP_VERSION=${PHP_VERSION:-7.3} - -# if EGW_SESSION_TIMEOUT is set in environment, propagate value to php.ini -test -n "$EGW_SESSION_TIMEOUT" && test "$EGW_SESSION_TIMEOUT" -ge 1440 && - sed -e "s/^;\?session.gc_maxlifetime.*/session.gc_maxlifetime=$EGW_SESSION_TIMEOUT/g" \ - -i /etc/php/$PHP_VERSION/fpm/php.ini - -# if XDEBUG_REMOTE_HOST is set, patch it into xdebug config -test -n "$XDEBUG_REMOTE_HOST" && \ - sed -e "s/^xdebug.remote_host.*/xdebug.remote_host=$XDEBUG_REMOTE_HOST/g" \ - -i /etc/php/$PHP_VERSION/fpm/conf.d/*xdebug.ini - -# downgrade composer to 1.8.6, as 1.9.x does not work with "dev-master" version :( -composer selfupdate 1.8.6 - -# installation fails without git identity -git config --global user.email || git config --global user.email "you@example.com" - -# install EGroupware sources, if not already there -[ -f /var/www/egroupware/header.inc.php ] || { - cd /var/www \ - && ln -sf egroupware/api/templates/default/images/favicon.ico \ - && composer.phar create-project --prefer-source --keep-vcs --no-scripts egroupware/egroupware:$VERSION \ - && cd egroupware \ - && ./install-cli.php \ - && ln -sf /var/lib/egroupware/header.inc.php \ - && sed -e 's/apache/www-data/' -e 's|/usr/share|/var/www|g' doc/rpm-build/egroupware.cron > /etc/cron.d/egroupware -} - -# check if we have further apps to install (EPL or old ones ...) -cd /var/www/egroupware -for url in $(env|grep ^EGW_EXTRA_APP|cut -d= -f2) -do - app=$(basename $url .git) - [ $app == "epl" ] && app=stylite - [ -d $app ] || { - git clone $url $app \ - && (cd $app; git remote set-url --push origin $(echo $url|sed 's|https://github.com/|git@github.com:|')) \ - && [ -f header.inc.php ] && doc/rpm-build/post_install.php --install-app $(basename $url .git) \ - || true # do not stop, if one clone fails - } -done - -# install phpMyAdmin sources, if not already there -[ -d /var/www/phpmyadmin ] || { - cd /var/www \ - && composer.phar create-project --prefer-source --keep-vcs --no-scripts phpmyadmin/phpmyadmin \ - && cd phpmyadmin \ - && yarn install || true -} -[ -f /var/www/phpmyadmin/config.inc.php ] || { - cd /var/www/phpmyadmin \ - && blowfish_secret=$(php -r "echo base64_encode(random_bytes(24));") \ - && sed -e "s/localhost/db/g" \ - -e "s/cfg\['blowfish_secret'\] = '';/cfg['blowfish_secret'] = '$blowfish_secret';/g" \ - config.sample.inc.php > config.inc.php -} - -# create data directory -[ -d /var/lib/egroupware/default ] || { - mkdir -p /var/lib/egroupware/default/files/sqlfs \ - && mkdir -p /var/lib/egroupware/default/backup \ - && chown -R www-data:www-data /var/lib/egroupware \ - && chmod 700 /var/lib/egroupware/ -} - -# add private CA so egroupware can validate your certificate to talk to Collabora or Rocket.Chat -test -f /usr/local/share/ca-certificates/private-ca.crt && - update-ca-certificates - -# write install-log in /var/lib/egroupware (only readable by root!) -LOG=/var/lib/egroupware/egroupware-docker-install.log -touch $LOG -chmod 600 $LOG - -max_retries=10 -export try=0 -# EGW_SKIP_INSTALL=true skips initial installation (no header.inc.php yet) -until [ "$EGW_SKIP_INSTALL" = "allways" -o -n "$EGW_SKIP_INSTALL" -a ! -f /var/www/egroupware/header.inc.php ] || \ - php /var/www/egroupware/doc/rpm-build/post_install.php \ - --start_webserver "" --autostart_webserver "" \ - --start_db "" --autostart_db "" \ - --db_type "${EGW_DB_TYPE:-mysqli}" \ - --db_host "${EGW_DB_HOST:-localhost}" \ - --db_grant_host "${EGW_DB_GRANT_HOST:-localhost}" \ - --db_root "${EGW_DB_ROOT:-root}" \ - --db_root_pw "${EGW_DB_ROOT_PW:-}" \ - --db_name "${EGW_DB_NAME:-egroupware}" \ - --db_user "${EGW_DB_USER:-egroupware}" \ - --db_pass "${EGW_DB_PASS:-}" -do - if [ "$try" -gt "$max_retries" ]; then - echo "Installing of EGroupware failed!" - break - fi - echo "Retrying EGroupware installation in 3 seconds ..." - try=$((try+1)) - sleep 3s -done 2>&1 | tee -a $LOG - -[ "$(git config --global user.email)" == "you@example.com" ] && { - echo "No git user set, please do so by running:" - echo "git config --global user.email "your@email.address" - echo "git config --global user.name "Your Name" -} - -# as we can NOT exit from until (runs a subshell), we need to check and do it here -[ "$(tail -1 $LOG)" = "Installing of EGroupware failed!" ] && exit 1 - -# to run async jobs -service cron start - -exec php-fpm$PHP_VERSION --nodaemonize \ No newline at end of file diff --git a/doc/docker/development/nginx.conf b/doc/docker/development/nginx.conf deleted file mode 100644 index 048fe4a3ce..0000000000 --- a/doc/docker/development/nginx.conf +++ /dev/null @@ -1,154 +0,0 @@ -# stuff for http block -client_max_body_size 1g; -# fix error: upstream sent too big header while reading response header from upstream -fastcgi_buffers 16 16k; -fastcgi_buffer_size 32k; - -upstream fpm { - server egroupware:9000; -} - -server { - access_log off; - - listen 80 default_server; - - # ssl config (enable following line plus either include or ssl_certificate* line) - #listen 443 ssl http2 default_server; - #include snippets/snakeoil.conf; # requires ssl-certs package installed! - # concatenate private key, certificate and intermediate certs to /etc/ssl/private/certificate.pem - #ssl_certificate /etc/ssl/private/certificate.pem; - #ssl_certificate_key /etc/ssl/private/certificate.pem; - # HTTP Strict-Transport-Security header (start with a short max-age!) - #add_header Strict-Transport-Security max-age=31536000; # 31536000sec=1year - - server_name _; - root /var/www; - - index index.php index.html index.htm; - - # EGroupware installed in /var/www/egroupware - location ^~ /egroupware { - alias /var/www/egroupware/; - try_files $uri $uri/ =404; - location ~ ^/egroupware(/(?U).+\.php) { - # do not allow to call files ment to be included only - #location ~ ^$path/(vendor|[^/]+/(src|setup|inc))/ { - # return 404; - #} - alias /var/www/egroupware; - fastcgi_pass fpm; - # added to support WebDAV/CalDAV/CardDAV - fastcgi_read_timeout 60m; - fastcgi_index index.php; - fastcgi_split_path_info ^((?U).+\.php)(.*)$; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; - # standard Nginx - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME /var/www/egroupware$1; - fastcgi_param DOCUMENT_ROOT /var/www/html; - } - location ~ (?i)\.(ico|jpe?g|gif|png|svg|xet|xml|js|css|html|map|swf)$ { - access_log off; - expires 10d; - add_header Pragma public; - add_header Cache-Control "public"; - location ~ ^/egroupware(/.*)$ { - alias /var/www/egroupware/; - try_files $1 =404; - } - } - } - - # push-server - location /egroupware/push { - proxy_http_version 1.1; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_pass http://push:9501; - } - - # PHP in docroot - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(.*)$; - if (!-f $document_root$fastcgi_script_name) { - return 404; - } - fastcgi_pass fpm; - fastcgi_read_timeout 60m; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param SCRIPT_NAME $fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - } - - # ActiveSync support - location /Microsoft-Server-ActiveSync { - fastcgi_pass fpm; - # added to support WebDAV/CalDAV/CardDAV - fastcgi_read_timeout 60m; - fastcgi_index index.php; - fastcgi_split_path_info ^((?U).+\.php)(.*)$; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME /var/www/egroupware/activesync/index.php; - } - # CalDAV & CardDAV autoconfig - location ~ ^/.well-known/(caldav|carddav)$ { - return 301 $scheme://$http_host/egroupware/groupdav.php/; - } - location ~ ^(/principals/users/.*)$ { - return 301 $scheme://$http_host/egroupware/groupdav.php$1; - } - # Nginx does NOT use index for OPTIONS requests breakng WebDAV - # for Windows, which sends OPTIONS / and stalls on Nginx 405 response! - # This also redirects all requests to root to EGroupware. - location = / { - return 301 $scheme://$http_host/egroupware/index.php; - } - # redirect /egroupware to /egroupware/ - location = /egroupware { - return 301 $scheme://$host/egroupware/index.php; - } - - # Collabora sniplet meant to be included in server block of EGroupware vhost - # static files - location ^~ /loleaflet { - proxy_pass http://collabora-key:9980; - proxy_set_header Host $http_host; - } - - # WOPI discovery URL - location ^~ /hosting/discovery { - proxy_pass http://collabora-key:9980; - proxy_set_header Host $http_host; - } - - # websockets, download, presentation and image upload - location ^~ /lool { - proxy_pass http://collabora-key:9980; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; - } - - # proxy into rocketchat container - location /rocketchat { - proxy_pass http://rocketchat:3000; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; - } - - # Portainer: Docker GUI (needs to be enabled in docker-compose.yml too!) - #location /portainer/ { - # proxy_pass http://portainer:9000/; - # proxy_set_header Upgrade $http_upgrade; - # proxy_set_header Connection "upgrade"; - # proxy_set_header Host $http_host; - #} -}