diff --git a/Dockerfile b/Dockerfile index 795fb69..3147aa5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,19 @@ -FROM registry.caldwell.digital/library/php:8.4-apache +FROM php:8.4-fpm-alpine3.21 -RUN apt-get update && \ - apt-get install libldap2-dev -y && \ - rm -rf /var/lib/apt/lists/* && \ - docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \ - docker-php-ext-install ldap +RUN docker-php-ext-install pdo_mysql -COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf -RUN rm /etc/apache2/sites-enabled/000-default.conf +# SETUP PHP-FPM CONFIG SETTINGS (max_children / max_requests) +RUN echo 'pm = dynamic' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.max_children = 75' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.start_servers = 30' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.min_spare_servers = 5' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.max_spare_servers = 30' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.process_idle_timeout = 10s' >> /usr/local/etc/php-fpm.d/zz-docker.conf + +COPY --chmod=0775 ./bash/entrypoint.sh /usr/local/bin/ + +HEALTHCHECK --interval=5s --timeout=5s --retries=5 CMD [ "php", "/var/www/bin/console", "startup:status" ] + +ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ] + +WORKDIR /var/www diff --git a/Dockerfile.prod b/Dockerfile.prod index 1f906e9..df8e3a8 100644 --- a/Dockerfile.prod +++ b/Dockerfile.prod @@ -7,5 +7,5 @@ RUN apt-get update && \ docker-php-ext-install ldap COPY --chown=www-data:www-data . /var/www -COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf +COPY bash/nginx.conf /etc/apache2/sites-enabled/vhost.conf RUN rm /etc/apache2/sites-enabled/000-default.conf diff --git a/bash/caddy/Caddyfile b/bash/caddy/Caddyfile index f77794f..b01685f 100644 --- a/bash/caddy/Caddyfile +++ b/bash/caddy/Caddyfile @@ -2,5 +2,5 @@ dev.caldwell.digital:443 tls /etc/ssl/wildcard.crt /etc/ssl/wildcard.pem -reverse_proxy app:80 +reverse_proxy web:80 diff --git a/bash/entrypoint.sh b/bash/entrypoint.sh index b7335b2..d33202d 100644 --- a/bash/entrypoint.sh +++ b/bash/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh # Sleep for a second to ensure DB is awake and ready SLEEP_TIME=$(shuf -i 2-5 -n 1) @@ -11,8 +11,8 @@ php /var/www/bin/console doctrine:migrations:migrate --no-interaction php /var/www/bin/console db:seed # Start Apache in the foreground -echo "Starting Apache..." -exec apachectl -D FOREGROUND +echo "Starting PHP-FPM..." +php-fpm exec "$@" diff --git a/bash/nginx.conf b/bash/nginx.conf new file mode 100755 index 0000000..41e6516 --- /dev/null +++ b/bash/nginx.conf @@ -0,0 +1,66 @@ +server { + listen 80; + listen [::]:80; + server_name localhost; + + root /var/www/public; + + + location /hub/ { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_redirect off; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://mercure/; + } + + location / { + # try to serve file directly, fallback to index.php + try_files $uri /index.php$is_args$args; + } + + # optionally disable falling back to PHP script for the asset directories; + # nginx will return a 404 error when files are not found instead of passing the + # request to Symfony (improves performance but Symfony's 404 page is not displayed) + # location /bundles { + # try_files $uri =404; + # } + + location ~ ^/index\.php(/|$) { + fastcgi_pass app:9000; + + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + + # optionally set the value of the environment variables used in the application + # fastcgi_param APP_ENV prod; + # fastcgi_param APP_SECRET ; + # fastcgi_param DATABASE_URL "mysql://db_user:db_pass@host:3306/db_name"; + + # When you are using symlinks to link the document root to the + # current version of your application, you should pass the real + # application path instead of the path to the symlink to PHP + # FPM. + # Otherwise, PHP's OPcache may not properly detect changes to + # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126 + # for more information). + # Caveat: When PHP-FPM is hosted on a different machine from nginx + # $realpath_root may not resolve as you expect! In this case try using + # $document_root instead. + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param DOCUMENT_ROOT $document_root; + # Prevents URIs that include the front controller. This will 404: + # http://example.com/index.php/some-path + # Remove the internal directive to allow URIs like this + internal; + } + + # return 404 for all other php files not matching the front controller + # this prevents access to other php files you don't want to be accessible. + location ~ \.php$ { + return 404; + } + + error_log /var/log/nginx/project_error.log; + access_log /var/log/nginx/project_access.log; +} \ No newline at end of file diff --git a/bash/vhost.conf b/bash/vhost.conf deleted file mode 100755 index 8348d25..0000000 --- a/bash/vhost.conf +++ /dev/null @@ -1,23 +0,0 @@ - - ServerName localhost - - DocumentRoot /var/www/public - DirectoryIndex /index.php - - - ProxyPass http://mercure:80/ - ProxyPassReverse http://mercure:80/ - - - - AllowOverride None - Order Allow,Deny - Allow from All - - FallbackResource /index.php - - - - FallbackResource disabled - - diff --git a/compose.yml b/compose.yml index e66579a..62630ca 100755 --- a/compose.yml +++ b/compose.yml @@ -12,6 +12,16 @@ services: - $PWD/bash/caddy:/etc/caddy - $PWD/bash/certs:/etc/ssl + web: + image: code.caldwell.digital/home/torsearch/web:latest + ports: + - '8080:80' + volumes: + - $PWD/bash/nginx.conf:/etc/nginx/conf.d/default.conf + depends_on: + app: + condition: service_healthy + redis: image: redis:latest volumes: @@ -20,7 +30,7 @@ services: restart: unless-stopped app: - image: code.caldwell.digital/home/torsearch:0.14.5-app + build: . volumes: - ./:/var/www depends_on: diff --git a/deploy.compose.yml b/deploy.compose.yml index 7ece83e..09e00e9 100755 --- a/deploy.compose.yml +++ b/deploy.compose.yml @@ -1,8 +1,16 @@ services: - php: - image: registry.caldwell.digital/home/torsearch/app:${TAG} + web: + image: code.caldwell.digital/home/torsearch/web:latest ports: - - "8001:80" + - '8001:80' + volumes: + - $PWD/bash/nginx.conf:/etc/nginx/conf.d/default.conf + depends_on: + app: + condition: service_healthy + + app: + image: registry.caldwell.digital/home/torsearch/app:${TAG} deploy: replicas: 2 diff --git a/docker/Dockerfile.app b/docker/Dockerfile.app index f26e838..d6fa128 100644 --- a/docker/Dockerfile.app +++ b/docker/Dockerfile.app @@ -1,16 +1,20 @@ -FROM registry.caldwell.digital/library/php:8.4-apache +FROM php:8.4-fpm-alpine3.21 -RUN apt-get update && \ - apt-get install libldap2-dev -y && \ - rm -rf /var/lib/apt/lists/* && \ - docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \ - docker-php-ext-install ldap +RUN docker-php-ext-install pdo_mysql + +# SETUP PHP-FPM CONFIG SETTINGS (max_children / max_requests) +RUN echo 'pm = dynamic' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.max_children = 75' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.start_servers = 30' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.min_spare_servers = 5' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.max_spare_servers = 30' >> /usr/local/etc/php-fpm.d/zz-docker.conf && \ + echo 'pm.process_idle_timeout = 10s' >> /usr/local/etc/php-fpm.d/zz-docker.conf COPY --chown=www-data:www-data . /var/www COPY --chmod=0775 ./bash/entrypoint.sh /usr/local/bin/ -COPY ./bash/vhost.conf /etc/apache2/sites-enabled/vhost.conf -RUN rm /etc/apache2/sites-enabled/000-default.conf HEALTHCHECK --interval=5s --timeout=5s --retries=5 CMD [ "php", "/var/www/bin/console", "startup:status" ] ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ] + +WORKDIR /var/www \ No newline at end of file diff --git a/docker/Dockerfile.web b/docker/Dockerfile.web new file mode 100644 index 0000000..6dd2306 --- /dev/null +++ b/docker/Dockerfile.web @@ -0,0 +1,3 @@ +FROM nginx:1.28-alpine + +COPY bash/nginx.conf /etc/nginx/conf.d/default.conf diff --git a/docs/examples/compose.yml b/docs/examples/compose.yml index 00beb75..5bb64b9 100644 --- a/docs/examples/compose.yml +++ b/docs/examples/compose.yml @@ -1,26 +1,35 @@ services: - # This container runs the actual web app in a php:8.4-apache - # base container. If not running behind a reverse proxy, - # inject your SSL certificates into this container - app: - image: code.caldwell.digital/home/torsearch:0.14.8-app + # The "entrypoint" into the application. This reverse proxy + # proxies traffic back to their respective services. If not + # running behind a reverse proxy inject your SSL certificates + # into this container. + web: + image: code.caldwell.digital/home/torsearch-web:latest ports: - - "8006:80" + - '8006:80' + depends_on: + app: + condition: service_healthy + + # This container runs the actual web app in a php:8.4-fpm + # base container. + app: + image: code.caldwell.digital/home/torsearch-app:0.14.8 env_file: - .env depends_on: database: condition: service_healthy - # Downloads happen asynchronously in this container. Replicate - # this container to run multiple downloads simultaneously. + # Downloads happen in this container. Replicate this + # container to run multiple downloads simultaneously. # Map your "movies" folder to /var/download/movies - # Map your TV shows folder to /var/download/tvshows + # Map your "TV shows" folder to /var/download/tvshows # If your folders are on another machine, use an NFS volume. # This container runs a Symfony worker process. # See: https://symfony.com/doc/current/messenger.html worker: - image: code.caldwell.digital/home/torsearch:0.14.8-worker + image: code.caldwell.digital/home/torsearch-worker:0.14.8 volumes: - ./downloads/movies:/var/download/movies - ./downloads/tvshows:/var/download/tvshows @@ -37,7 +46,7 @@ services: # This container runs a Symfony worker process. # See: https://symfony.com/doc/current/messenger.html scheduler: - image: code.caldwell.digital/home/torsearch:0.14.8-worker + image: code.caldwell.digital/home/torsearch-worker:0.14.8 volumes: - ./downloads:/var/download command: php ./bin/console messenger:consume scheduler_monitor -vv --time-limit=3600