initial commit
This commit is contained in:
commit
7f3dc25a99
8 changed files with 1984 additions and 0 deletions
1
.dockerignore
Normal file
1
.dockerignore
Normal file
|
@ -0,0 +1 @@
|
||||||
|
.env
|
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
/.env
|
||||||
|
/vendor
|
||||||
|
/.idea
|
294
Dockerfile
Normal file
294
Dockerfile
Normal file
|
@ -0,0 +1,294 @@
|
||||||
|
FROM alpine:3.19 AS baseimage
|
||||||
|
# Install PHP+Friends
|
||||||
|
RUN <<EOF
|
||||||
|
set -ue
|
||||||
|
apk add --no-cache \
|
||||||
|
bash bash-completion \
|
||||||
|
php83 php83-bcmath php83-bz2 php83-calendar php83-ctype php83-curl php83-dom php83-exif php83-fileinfo php83-ftp \
|
||||||
|
php83-fpm php83-gd php83-gettext php83-gmp php83-iconv php83-imap php83-intl php83-json php83-ldap php83-mbstring \
|
||||||
|
php83-mysqli php83-mysqlnd php83-odbc php83-opcache php83-openssl php83-pcntl \
|
||||||
|
php83-pecl-apcu php83-pecl-redis \
|
||||||
|
php83-pdo php83-pdo_dblib php83-pdo_mysql php83-pdo_odbc php83-pdo_pgsql php83-pdo_sqlite php83-pgsql php83-phar \
|
||||||
|
php83-posix php83-session php83-shmop php83-simplexml php83-snmp php83-soap php83-sockets php83-sqlite3 \
|
||||||
|
php83-sysvmsg php83-sysvsem php83-sysvshm php83-tidy php83-tokenizer php83-xml php83-xmlreader php83-xmlwriter \
|
||||||
|
php83-xsl php83-zip php83-zlib \
|
||||||
|
composer \
|
||||||
|
nginx \
|
||||||
|
curl wget \
|
||||||
|
git openssh-client\
|
||||||
|
sqlite
|
||||||
|
rm /usr/bin/php /usr/bin/php82
|
||||||
|
ln -s /usr/bin/php83 /usr/bin/php
|
||||||
|
ln -s /usr/sbin/php-fpm83 /usr/bin/php-fpm
|
||||||
|
sed -i 's|php82|php83|g' /usr/bin/composer
|
||||||
|
bash <(curl -s https://raw.githubusercontent.com/docker-suite/Install-Scripts/master/alpine-runit/install-runit.sh)
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Set bash as the default shell
|
||||||
|
SHELL ["/bin/bash", "-c"]
|
||||||
|
|
||||||
|
## Start runit
|
||||||
|
CMD ["/bin/bash", "runit", "start"]
|
||||||
|
|
||||||
|
# Add the php user
|
||||||
|
RUN adduser -D -u 1000 php -h /home/php/ -s /bin/bash
|
||||||
|
|
||||||
|
# Fix perms
|
||||||
|
RUN <<EOF
|
||||||
|
set -ue
|
||||||
|
chmod +x \
|
||||||
|
/etc/runit/init.d/* \
|
||||||
|
/usr/local/bin/runit \
|
||||||
|
/usr/local/bin/runit-init \
|
||||||
|
/etc/runit/1 /etc/runit/2 /etc/runit/3
|
||||||
|
sed -i 's|rm -rf /etc/service 2>/dev/null|#rm -rf /etc/service 2>/dev/null|g' /etc/runit/init.d/001-prepare
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Add workdir /app
|
||||||
|
WORKDIR /app
|
||||||
|
|
||||||
|
RUN <<RUN
|
||||||
|
set -ue
|
||||||
|
# Configure Nginx
|
||||||
|
echo "daemon off;" >> /etc/nginx/nginx.conf
|
||||||
|
mkdir -p /etc/service.d/nginx
|
||||||
|
cat << EOF > /etc/service.d/nginx/run
|
||||||
|
#!/bin/sh
|
||||||
|
/usr/sbin/nginx
|
||||||
|
EOF
|
||||||
|
cat << EOF > /etc/nginx/nginx.conf
|
||||||
|
# Set number of worker processes automatically based on number of CPU cores.
|
||||||
|
worker_processes auto;
|
||||||
|
# Enables the use of JIT for regular expressions to speed-up their processing.
|
||||||
|
pcre_jit on;
|
||||||
|
# Configures default error logger.
|
||||||
|
error_log /app/logs/nginx_error.log warn;
|
||||||
|
# Includes files with directives to load dynamic modules.
|
||||||
|
include /etc/nginx/modules/*.conf;
|
||||||
|
# Include files with config snippets into the root context.
|
||||||
|
include /etc/nginx/conf.d/*.conf;
|
||||||
|
|
||||||
|
events {
|
||||||
|
# The maximum number of simultaneous connections that can be opened by a worker process.
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
include /etc/nginx/mime.types; # Includes mapping of file name extensions to MIME types of responses and defines the default type.
|
||||||
|
default_type application/octet-stream;
|
||||||
|
server_tokens off; # Don't tell nginx version to the clients. Default is 'on'.
|
||||||
|
# Specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length. If the stated content
|
||||||
|
# length is greater than this size, then the client receives the HTTP error code 413. Set to 0 to disable.
|
||||||
|
client_max_body_size 0; # Default is '1m'.
|
||||||
|
sendfile on; # Sendfile copies data between one FD and other from within the kernel, which is more efficient than read() + write().
|
||||||
|
tcp_nopush on; # Causes nginx to attempt to send its HTTP response head in one packet, instead of using partial frames. Default is 'off'.
|
||||||
|
gzip on; # Enable gzipping of responses.
|
||||||
|
gzip_vary on; # Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'.
|
||||||
|
map \$http_upgrade \$connection_upgrade { # Helper variable for proxying websockets.
|
||||||
|
default upgrade;
|
||||||
|
'' close;
|
||||||
|
}
|
||||||
|
# Specifies the main log format.
|
||||||
|
log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
|
||||||
|
'\$status \$body_bytes_sent "\$http_referer" '
|
||||||
|
'"\$http_user_agent" "\$http_x_forwarded_for"';
|
||||||
|
access_log /app/logs/nginx_access.log main; # Sets the path, format, and configuration for a buffered log write.
|
||||||
|
include /etc/nginx/http.d/*.conf; # Includes virtual hosts configs.
|
||||||
|
include /app/*.nginx; # Include project specific configuration.
|
||||||
|
}
|
||||||
|
daemon off;
|
||||||
|
EOF
|
||||||
|
cat << EOF > /etc/nginx/http.d/default.conf
|
||||||
|
server {
|
||||||
|
listen 80 default_server;
|
||||||
|
listen [::]:80 default_server;
|
||||||
|
client_max_body_size 1024M;
|
||||||
|
root /app/public;
|
||||||
|
server_name _;
|
||||||
|
index index.html index.php index.htm;
|
||||||
|
location / {
|
||||||
|
# First attempt to serve request as file, then as directory, then fall back to displaying a 404.
|
||||||
|
try_files \$uri \$uri/ /index.php?\$args;
|
||||||
|
}
|
||||||
|
location ~ \.php$ {
|
||||||
|
try_files \$uri \$uri/ /index.php?\$args;
|
||||||
|
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
|
||||||
|
fastcgi_read_timeout 300;
|
||||||
|
include fastcgi_params;
|
||||||
|
fastcgi_buffers 16 16k;
|
||||||
|
fastcgi_buffer_size 32k;
|
||||||
|
}
|
||||||
|
location ~ /\.ht {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
cat << EOF > /etc/service.d/nginx/run
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
set -ue
|
||||||
|
/usr/sbin/nginx
|
||||||
|
EOF
|
||||||
|
touch /etc/service.d/nginx/enable
|
||||||
|
# Configure PHP-FPM
|
||||||
|
mkdir -p /etc/service.d/php
|
||||||
|
touch /etc/php83/conf.d/env.conf
|
||||||
|
chmod a+rw /etc/php83/conf.d/env.conf
|
||||||
|
cat << EOF > /etc/service.d/php/run
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
set -ue
|
||||||
|
echo "Parsing environment"
|
||||||
|
printenv | sort
|
||||||
|
echo "Exporting environment"
|
||||||
|
env | sed "s/\(.*\)=\(.*\)/env[\1]='\2'/"
|
||||||
|
env | sed "s/\(.*\)=\(.*\)/env[\1]='\2'/" > /etc/php83/conf.d/env.conf
|
||||||
|
echo "Starting PHP-FPM"
|
||||||
|
/usr/bin/php-fpm -F
|
||||||
|
EOF
|
||||||
|
cat << EOF > /etc/php83/php-fpm.conf
|
||||||
|
[global]
|
||||||
|
pid = /run/php-fpm/php-fpm.pid
|
||||||
|
error_log = /app/logs/php_error.log
|
||||||
|
process.max = 128 ; Default Value: 0
|
||||||
|
daemonize = no
|
||||||
|
include=/etc/php83/php-fpm.d/*.conf
|
||||||
|
EOF
|
||||||
|
cat << EOF > /etc/php83/php-fpm.d/www.conf
|
||||||
|
[www]
|
||||||
|
;user = php # Not running as root, so this does nothing.
|
||||||
|
;group = php
|
||||||
|
listen = /run/php-fpm/php-fpm.sock
|
||||||
|
listen.backlog = -1
|
||||||
|
listen.owner = php
|
||||||
|
listen.group = php
|
||||||
|
listen.mode = 0660
|
||||||
|
pm = dynamic
|
||||||
|
pm.max_children = 128 ; Maximum workers
|
||||||
|
pm.start_servers = 4 ; How many nodes to start
|
||||||
|
pm.min_spare_servers = 2 ; Minimum hotspares
|
||||||
|
pm.max_spare_servers = 5 ; Maximum acceptable spares
|
||||||
|
pm.max_spawn_rate = 32 ; Maximum velocity to spawn more nodes
|
||||||
|
pm.process_idle_timeout = 10s ; How long a server may remind idle before culling
|
||||||
|
pm.max_requests = 500 ; How many requests to serve to let run before culling
|
||||||
|
access.log = /app/logs/php_access.log
|
||||||
|
;slowlog = /app/logs/php_slow_requests.log
|
||||||
|
;request_slowlog_timeout = 5s
|
||||||
|
;request_slowlog_trace_depth = 20
|
||||||
|
;chdir = /app/public
|
||||||
|
clear_env = no
|
||||||
|
EOF
|
||||||
|
cat << EOF > /etc/php83/php.ini
|
||||||
|
[PHP]
|
||||||
|
short_open_tag = Off
|
||||||
|
implicit_flush = Off
|
||||||
|
serialize_precision = -1
|
||||||
|
zend.enable_gc = On
|
||||||
|
zend.exception_ignore_args = On
|
||||||
|
zend.exception_string_param_max_len = 0
|
||||||
|
expose_php = Off
|
||||||
|
max_execution_time = 10
|
||||||
|
max_input_time = 60
|
||||||
|
memory_limit = 128M
|
||||||
|
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
||||||
|
display_errors = On
|
||||||
|
display_startup_errors = On
|
||||||
|
log_errors = On
|
||||||
|
ignore_repeated_errors = Off
|
||||||
|
ignore_repeated_source = Off
|
||||||
|
report_memleaks = On
|
||||||
|
variables_order = "GPCS"
|
||||||
|
request_order = "GP"
|
||||||
|
register_argc_argv = Off
|
||||||
|
auto_globals_jit = On
|
||||||
|
post_max_size = 128M
|
||||||
|
default_mimetype = "text/html"
|
||||||
|
default_charset = "UTF-8"
|
||||||
|
include_path = ".:/usr/share/php83"
|
||||||
|
enable_dl = Off
|
||||||
|
file_uploads = On
|
||||||
|
upload_max_filesize = 32M
|
||||||
|
max_file_uploads = 20
|
||||||
|
allow_url_fopen = On
|
||||||
|
allow_url_include = Off
|
||||||
|
default_socket_timeout = 60
|
||||||
|
[CLI Server]
|
||||||
|
cli_server.color = On
|
||||||
|
[Session]
|
||||||
|
session.save_handler = files
|
||||||
|
session.use_strict_mode = 0
|
||||||
|
session.use_cookies = 1
|
||||||
|
session.use_only_cookies = 1
|
||||||
|
session.name = SESSION
|
||||||
|
session.auto_start = 0
|
||||||
|
session.cookie_lifetime = 0
|
||||||
|
session.cookie_path = /
|
||||||
|
session.serialize_handler = php
|
||||||
|
session.gc_probability = 1
|
||||||
|
session.gc_divisor = 1000
|
||||||
|
session.gc_maxlifetime = 1440
|
||||||
|
session.cache_limiter = nocache
|
||||||
|
session.cache_expire = 180
|
||||||
|
session.use_trans_sid = 0
|
||||||
|
session.trans_sid_tags = "a=href,area=href,frame=src,form="
|
||||||
|
session.sid_bits_per_character = 5
|
||||||
|
[Assertion]
|
||||||
|
zend.assertions = -1
|
||||||
|
EOF
|
||||||
|
touch /etc/service.d/php/enable
|
||||||
|
# Tail the logs
|
||||||
|
mkdir -p /etc/service.d/log-tail
|
||||||
|
cat << EOF > /etc/service.d/log-tail/run
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
set -ue
|
||||||
|
# For all the logs in /app/logs/*.log, empty them
|
||||||
|
for log in /app/logs/*.log; do
|
||||||
|
echo -n > "\$log"
|
||||||
|
done
|
||||||
|
# Tail all the logs
|
||||||
|
tail -f /app/logs/php_access.log &
|
||||||
|
tail -f /app/logs/php_error.log &
|
||||||
|
tail -f /app/logs/nginx_access.log &
|
||||||
|
tail -f /app/logs/nginx_error.log
|
||||||
|
EOF
|
||||||
|
touch /etc/service.d/log-tail/enable
|
||||||
|
# Fix ownership
|
||||||
|
mkdir -p \
|
||||||
|
/var/log/nginx \
|
||||||
|
/run/php-fpm
|
||||||
|
chown php:php -R \
|
||||||
|
/etc/runit \
|
||||||
|
/etc/service /etc/service.d \
|
||||||
|
/var/lib/nginx /var/log/nginx /run/nginx \
|
||||||
|
/var/log/php83 /run/php-fpm \
|
||||||
|
/app
|
||||||
|
RUN
|
||||||
|
|
||||||
|
# Use that new php user
|
||||||
|
USER php
|
||||||
|
|
||||||
|
# Configure SSH to trust github.com
|
||||||
|
RUN <<RUN
|
||||||
|
set -ue
|
||||||
|
mkdir -p ~/.ssh
|
||||||
|
ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
|
||||||
|
RUN
|
||||||
|
|
||||||
|
# We expect composer.json & composer.lock to exist in the app
|
||||||
|
ONBUILD USER root
|
||||||
|
ONBUILD COPY ./composer.* /app
|
||||||
|
ONBUILD COPY *vendor /app/vendor
|
||||||
|
ONBUILD RUN chown -R php:php /app
|
||||||
|
ONBUILD USER php
|
||||||
|
ONBUILD RUN composer install
|
||||||
|
# We expect /public to exist in the app
|
||||||
|
ONBUILD COPY ./public /app/public
|
||||||
|
# Copy everything else.
|
||||||
|
ONBUILD COPY . /app
|
||||||
|
ONBUILD RUN mkdir -p /app/logs
|
||||||
|
|
||||||
|
ENV PATH="/app/bin:/app/vendor/bin:${PATH}" \
|
||||||
|
COMPOSER_FUND=0
|
||||||
|
|
||||||
|
FROM baseimage AS bucket-serve
|
||||||
|
|
25
composer.json
Normal file
25
composer.json
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
{
|
||||||
|
"name": "techinc/bucket-serve",
|
||||||
|
"type": "project",
|
||||||
|
"require": {
|
||||||
|
"php": ">=8.3",
|
||||||
|
"league/flysystem-aws-s3-v3": "^3.28",
|
||||||
|
"vlucas/phpdotenv": "^5.6"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"kint-php/kint": "^5.1"
|
||||||
|
},
|
||||||
|
"license": "GPLv3",
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Matthew Baggett",
|
||||||
|
"email": "matthew@baggett.me"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"config": {
|
||||||
|
"sort-packages": true,
|
||||||
|
"allow-plugins": {
|
||||||
|
"ergebnis/composer-normalize": true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
1601
composer.lock
generated
Normal file
1601
composer.lock
generated
Normal file
File diff suppressed because it is too large
Load diff
11
docker-compose.yml
Normal file
11
docker-compose.yml
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
services:
|
||||||
|
bucket-serve:
|
||||||
|
build:
|
||||||
|
context: .
|
||||||
|
target: bucket-serve
|
||||||
|
image: ghcr.io/matthewbaggett/bucket-serve:latest
|
||||||
|
ports:
|
||||||
|
- "2800:80"
|
||||||
|
user: "1000:1000"
|
||||||
|
volumes:
|
||||||
|
- .:/app
|
1
logs/.gitignore
vendored
Normal file
1
logs/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
*.log
|
48
public/index.php
Normal file
48
public/index.php
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
require_once("../vendor/autoload.php");
|
||||||
|
// Load environment variables
|
||||||
|
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . "/..");
|
||||||
|
$dotenv->load();
|
||||||
|
$env = array_merge($_ENV, $_SERVER);
|
||||||
|
ksort($env);
|
||||||
|
|
||||||
|
/** @var Aws\S3\S3ClientInterface $client */
|
||||||
|
$client = new Aws\S3\S3Client([
|
||||||
|
'region' => 'ti',
|
||||||
|
'version' => 'latest',
|
||||||
|
'endpoint' => $env['S3_ENDPOINT'],
|
||||||
|
'use_path_style_endpoint' => true,
|
||||||
|
'credentials' => [
|
||||||
|
'key' => $env['S3_KEY'],
|
||||||
|
'secret' => $env['S3_SECRET'],
|
||||||
|
],
|
||||||
|
]);
|
||||||
|
|
||||||
|
// The internal adapter
|
||||||
|
$adapter = new League\Flysystem\AwsS3V3\AwsS3V3Adapter(
|
||||||
|
// S3Client
|
||||||
|
$client,
|
||||||
|
// Bucket name
|
||||||
|
$env['S3_BUCKET']
|
||||||
|
);
|
||||||
|
|
||||||
|
// The FilesystemOperator
|
||||||
|
$filesystem = new League\Flysystem\Filesystem($adapter);
|
||||||
|
|
||||||
|
if($env['REQUEST_URI'] == '/') {
|
||||||
|
foreach($filesystem->listContents("/") as $file) {
|
||||||
|
echo "<a href=\"{$file['path']}\">{$file['path']}</a><br>";
|
||||||
|
}
|
||||||
|
}else {
|
||||||
|
if ($filesystem->fileExists($env['REQUEST_URI'])) {
|
||||||
|
// Read file using a stream and output it as a stream
|
||||||
|
$stream = $filesystem->readStream($env['REQUEST_URI']);
|
||||||
|
header('Content-Type: ' . $filesystem->mimeType($env['REQUEST_URI']));
|
||||||
|
fpassthru($stream);
|
||||||
|
exit;
|
||||||
|
} else {
|
||||||
|
header("HTTP/1.0 404 Not Found");
|
||||||
|
echo "File not found";
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue