fix: disabled caddy worker mode

.gitignore

@@ -1,4 +1,5 @@
 .idea
+bolt.db
 ###> symfony/framework-bundle ###
 /.env.local
 /.env.local.php

Dockerfile

@@ -11,19 +11,6 @@ RUN install-php-extensions \
 	zip \
 	opcache
 
-#RUN apk add --no-cache \
-#      php84-opcache \
-#      php84-pdo_mysql \
-#      php84-simplexml
-#
-#USER nobody
-#
-#COPY --chmod=0775 ./bash/entrypoint.sh /usr/local/bin/
-#COPY --chmod=0755 ./bash/nginx.conf /etc/nginx/conf.d/site.conf
-#COPY --chmod=0755 ./docker/app/supervisord.conf /etc/supervisor/conf.d/async-queue.conf
 HEALTHCHECK --interval=3s --timeout=3s --retries=10 CMD [ "php", "/app/bin/console", "startup:status" ]
-#
-#ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
-#
-#WORKDIR /var/www
 
+COPY docker/app/Caddyfile /etc/frankenphp/Caddyfile

Dockerfile.prod

@@ -1,11 +0,0 @@
-FROM registry.caldwell.digital/library/php:8.4-apache
-
-RUN apt-get update && \
-    apt-get install libldap2-dev -y && \
-    rm -rf /var/lib/apt/lists/* && \
-    docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
-    docker-php-ext-install ldap
-
-COPY --chown=www-data:www-data . /var/www
-COPY bash/nginx.conf /etc/apache2/sites-enabled/vhost.conf
-RUN rm /etc/apache2/sites-enabled/000-default.conf

bash/app/wget_download.sh

@@ -1,2 +0,0 @@
-# $1 = movies/tvshows/etc, $2 = title of media, $3 = URL of download
-cd /var/download/${1} && if [ ! -d "${2}" ]; then mkdir "${2}"; fi && cd "${2}" && wget "${3}"

bash/nginx.conf

@@ -1,32 +0,0 @@
-server {
-    listen       80;
-    listen  [::]:80;
-    server_name  localhost;
-
-    root /var/www/public;
-
-    location /hub/ {
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header Host $host;
-        proxy_redirect   off;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_pass http://mercure/;
-    }
-
-
-    location / {
-        # try to serve file directly, fallback to index.php
-        try_files $uri /index.php$is_args$args;
-    }
-
-    location ~ \.php$ {
-        fastcgi_pass unix:/run/php-fpm.sock;
-        fastcgi_split_path_info ^(.+\.php)(/.*)$;
-        fastcgi_buffers 16 16k;
-        fastcgi_buffer_size 32k;
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
-        fastcgi_param DOCUMENT_ROOT $realpath_root;
-        internal;
-    }
-}

compose.yml

@@ -12,25 +12,40 @@ services:
       - $PWD/bash/caddy:/etc/caddy
       - $PWD/bash/certs:/etc/ssl
 
+
   app:
     build: .
     restart: unless-stopped
-    environment:
-      FRANKENPHP_CONFIG: "worker /app/public/index.php"
     volumes:
       - $PWD:/app
+      - mercure_data:/data
+      - mercure_config:/config
     tty: true
+    environment:
+      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
+      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
     depends_on:
       database:
         condition: service_healthy
 
+
   worker:
     build: .
     restart: unless-stopped
     volumes:
       - $PWD:/app
     tty: true
-    command: php /app/bin/console messenger:consume async -vv
+    command: php /app/bin/console messenger:consume async -vv --time-limit=3600 limit=10
+
+
+  scheduler:
+    build: .
+    restart: unless-stopped
+    volumes:
+      - $PWD:/app
+    command: php /app/bin/console messenger:consume scheduler_monitor -vv
+    tty: true
+
 
   redis:
     image: redis:latest
@@ -39,23 +54,6 @@ services:
     command: redis-server --maxmemory 512MB
     restart: unless-stopped
 
-  mercure:
-    image: dunglas/mercure
-    restart: unless-stopped
-    ports:
-      - "3000:80"
-    environment:
-      SERVER_NAME: ':80'
-      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
-      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
-      MERCURE_EXTRA_DIRECTIVES: |
-        cors_origins *
-        anonymous
-    command: /usr/bin/caddy run --config /etc/caddy/dev.Caddyfile
-    volumes:
-      - mercure_data:/data
-      - mercure_config:/config
-
 
   database:
     image: mariadb:10.11.2
@@ -74,11 +72,13 @@ services:
       timeout: 5s
       retries: 10
 
+
   adminer:
     image: adminer
     ports:
       - "8081:8080"
 
+
 volumes:
   mysql:
   mercure_data:

config/services.yaml

@@ -11,8 +11,8 @@ parameters:
     media.tvshows_path: '/var/download/%env(default:media.default_tvshows_dir:TVSHOWS_PATH)%'
 
     # Mercure
-    app.mercure.url: 'http://mercure/.well-known/mercure'
-    app.mercure.public_url: '%env(APP_URL)%/hub/.well-known/mercure'
+    app.mercure.url: 'http://app/.well-known/mercure'
+    app.mercure.public_url: '%env(APP_URL)%/.well-known/mercure'
 
     # Cache
     app.cache.adapter: '%env(default:app.cache.adapter.default:CACHE_ADAPTER)%'

deploy.compose.yml

@@ -1,50 +1,57 @@
 services:
-  web:
-    image: code.caldwell.digital/home/torsearch/web:latest
+  app:
+    image: registry.caldwell.digital/home/torsearch-app:${TAG}
     ports:
       - '8001:80'
-    volumes:
-      - $PWD/bash/nginx.conf:/etc/nginx/conf.d/default.conf
-    depends_on:
-      app:
-        condition: service_healthy
-
-  app:
-    image: code.caldwell.digital/home/torsearch/app:${TAG}
-    deploy:
-      replicas: 2
-
-  worker:
-    image: code.caldwell.digital/home/torsearch/app:${TAG}
-    volumes:
-      - /mnt/media/downloads:/var/download
-    command: php ./bin/console messenger:consume async -v --time-limit=3600 --limit=10
-    deploy:
-      replicas: 2
-
-  scheduler:
-    image: code.caldwell.digital/home/torsearch/app:${TAG}
-    volumes:
-      - /mnt/media/downloads:/var/download
-    command: php ./bin/console messenger:consume scheduler_monitor -vv --time-limit=3600
-
-  mercure:
-    image: dunglas/mercure
-    restart: unless-stopped
-    ports:
-      - "3000:80"
     environment:
-      SERVER_NAME: ':80'
       MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
       MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
-      MERCURE_EXTRA_DIRECTIVES: |
-        cors_origins *
-        anonymous
-    command: /usr/bin/caddy run --config /etc/caddy/dev.Caddyfile
+    deploy:
+      replicas: 2
     volumes:
+      - /mnt/media/downloads/movies:/var/download/movies
+      - /mnt/media/downloads/tvshows:/var/download/tvshows
       - mercure_data:/data
       - mercure_config:/config
+    depends_on:
+      - database
+
+
+  worker:
+    image: registry.caldwell.digital/home/torsearch-worker:${TAG}
+    volumes:
+      - /mnt/media/downloads/movies:/var/download/movies
+      - /mnt/media/downloads/tvshows:/var/download/tvshows
+    restart: always
+    command: -vv --time-limit=3600 limit=10
+    deploy:
+      replicas: 2
+    depends_on:
+      - app
+
+
+  scheduler:
+    image: registry.caldwell.digital/home/torsearch-scheduler:${TAG}
+    volumes:
+      - /mnt/media/downloads/movies:/var/download/movies
+      - /mnt/media/downloads/tvshows:/var/download/tvshows
+    restart: always
+    command: -vv
+    depends_on:
+      - app
+
+
+  redis:
+    image: redis:latest
+    volumes:
+      - redis_data:/data
+    command: redis-server --maxmemory 512MB
+    restart: unless-stopped
+
 
 volumes:
+  mysql:
   mercure_config:
   mercure_data:
+  redis_data:
+

docker/Dockerfile.app

@@ -1,6 +1,5 @@
 FROM dunglas/frankenphp
 
-ENV FRANKENPHP_CONFIG="worker /app/public/index.php"
 ENV SERVER_NAME=":80"
 ENV CADDY_GLOBAL_OPTIONS="auto_https off"
 ENV APP_RUNTIME="Runtime\\FrankenPhpSymfony\\Runtime"
@@ -13,5 +12,11 @@ RUN install-php-extensions \
 	opcache
 
 COPY . /app
+COPY --chmod=775 docker/app/entrypoint.sh /usr/local/bin/docker-entrypoint
+COPY docker/app/Caddyfile /etc/frankenphp/Caddyfile
+
+ENTRYPOINT [ "/usr/local/bin/docker-entrypoint" ]
+
+CMD [ "frankenphp", "run", "--config", "/etc/frankenphp/Caddyfile" ]
 
 HEALTHCHECK --interval=3s --timeout=3s --retries=10 CMD [ "php", "/app/bin/console", "startup:status" ]

docker/Dockerfile.scheduler

@@ -1,4 +1,4 @@
-FROM dunglas/frankenphp
+FROM dunglas/frankenphp:php8.4-alpine
 
 ENV SERVER_NAME=":80"
 ENV CADDY_GLOBAL_OPTIONS="auto_https off"
@@ -13,4 +13,6 @@ RUN install-php-extensions \
 
 COPY . /app
 
-ENTRYPOINT [ "php", "/app/bin/console", "messenger:consume", "schedule_monitor", "-vv" ]
+ENTRYPOINT [ "php", "/app/bin/console", "messenger:consume", "scheduler_monitor" ]
+
+HEALTHCHECK --interval=3s --timeout=3s --retries=10 CMD return 0

docker/Dockerfile.worker

@@ -1,4 +1,4 @@
-FROM dunglas/frankenphp
+FROM dunglas/frankenphp:php8.4-alpine
 
 ENV SERVER_NAME=":80"
 ENV CADDY_GLOBAL_OPTIONS="auto_https off"
@@ -9,8 +9,10 @@ RUN install-php-extensions \
 	gd \
 	intl \
 	zip \
-	opcache \
+	opcache
 
 COPY . /app
 
-ENTRYPOINT [ "php", "/app/bin/console", "messenger:consume", "async", "-vv" ]
+ENTRYPOINT [ "php", "/app/bin/console", "messenger:consume", "async" ]
+
+HEALTHCHECK --interval=3s --timeout=3s --retries=10 CMD return 0

docker/app/Caddyfile

@@ -0,0 +1,61 @@
+{
+	{$CADDY_GLOBAL_OPTIONS}
+
+	frankenphp {
+		{$FRANKENPHP_CONFIG}
+
+
+	}
+}
+
+{$CADDY_EXTRA_CONFIG}
+
+{$SERVER_NAME:localhost} {
+	log {
+		{$CADDY_SERVER_LOG_OPTIONS}
+		# Redact the authorization query parameter that can be set by Mercure
+		format filter {
+			request>uri query {
+				replace authorization REDACTED
+			}
+		}
+	}
+
+	root /app/public
+	encode zstd br gzip
+
+	mercure {
+		# Publisher JWT key
+		publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
+		# Subscriber JWT key
+		subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
+		# Allow anonymous subscribers (double-check that it's what you want)
+		anonymous
+		# Enable the subscription API (double-check that it's what you want)
+		subscriptions
+		# Custmo cors
+		cors_origins *
+		# Extra directives
+		{$MERCURE_EXTRA_DIRECTIVES}
+	}
+
+	vulcain
+
+	{$CADDY_SERVER_EXTRA_DIRECTIVES}
+
+	# Disable Topics tracking if not enabled explicitly: https://github.com/jkarlin/topics
+	header ?Permissions-Policy "browsing-topics=()"
+
+	@phpRoute {
+		not path /.well-known/mercure*
+		not file {path}
+	}
+	rewrite @phpRoute index.php
+
+	@frontController path index.php
+	php @frontController
+
+	file_server {
+		hide *.php
+	}
+}

docker/app/entrypoint.sh

@@ -6,7 +6,7 @@ echo "> Sleeping for ${SLEEP_TIME} seconds to wait for the database"
 sleep $SLEEP_TIME
 
 # Provision database
-php /var/www/bin/console doctrine:migrations:migrate --no-interaction
-php /var/www/bin/console db:seed
+php /app/bin/console doctrine:migrations:migrate --no-interaction
+php /app/bin/console db:seed
 
-/usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
+exec docker-php-entrypoint "$@"

docker/app/supervisord.conf

@@ -1,9 +0,0 @@
-[program:messenger-consume]
-command=php /var/www/bin/console messenger:consume async --time-limit=3600
-user=nobody
-numprocs=2
-startsecs=0
-autostart=true
-autorestart=true
-startretries=10
-process_name=%(program_name)s_%(process_num)02d

docs/examples/.env

@@ -19,13 +19,17 @@ DATABASE_URL="mysql://root:password@database:3306/app?serverVersion=10.6.19.2-Ma
 # This key is never saved anywhere
 # else and is passed to Torrentio
 # to retrieve download options
-REAL_DEBRID_KEY=""
+#REAL_DEBRID_KEY=""
 
 # Enter you TMDB API key
 # This is used to provide rich search results
 # when searching for media and rendering the
 # Popular Movies and TV Shows section.
-TMDB_API=
+#TMDB_API=
+
+REAL_DEBRID_KEY="QYYBR7OSQ4VEFKWASDEZ2B4VO67KHUJY6IWOT7HHA7ATXO7QCYDQ"
+TMDB_API=eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiI0ZTJjYjJhOGUzOGJhNjdiNjVhOGU1NGM0ZWI1MzhmOCIsIm5iZiI6MTczNzkyNjA0NC41NjQsInN1YiI6IjY3OTZhNTljYzdiMDFiNzJjNzIzZWM5YiIsInNjb3BlcyI6WyJhcGlfcmVhZCJdLCJ2ZXJzaW9uIjoxfQ.e8DbNe9qrSBC1y-ANRv-VWBAtls-ZS2r7aNCiI68mpw
+
 
 MERCURE_JWT_SECRET="!ChangeThisMercureHubJWTSecretKey!"
 

docs/examples/compose.yml

@@ -27,7 +27,7 @@ services:
     volumes:
       - /mnt/media/downloads/movies:/var/download/movies
       - /mnt/media/downloads/tvshows:/var/download/tvshows
-    command: --time-limit=3600 --limit=10
+    command: -vvv
     env_file:
       - .env
     restart: always

docs/examples/swarm.compose.yml

@@ -0,0 +1,115 @@
+services:
+  # The "entrypoint" into the application. This reverse proxy
+  # proxies traffic back to their respective services. If not
+  # running behind a reverse proxy inject your SSL certificates
+  # into this container.
+  # This container runs the actual web app in a php:8.4-fpm
+  # base container.
+  app:
+    image: code.caldwell.digital/home/torsearch-app:latest
+    ports:
+      - '8006:80'
+    configs:
+      - env_file
+    deploy:
+      replicas: 2
+    depends_on:
+      - database
+
+  # Downloads happen in this container. Replicate this
+  # container to run multiple downloads simultaneously.
+  # Map your "movies" folder to /var/download/movies
+  # Map your "TV shows" folder to /var/download/tvshows
+  # If your folders are on another machine, use an NFS volume.
+  # This container runs a Symfony worker process.
+  # See: https://symfony.com/doc/current/messenger.html
+  worker:
+    image: code.caldwell.digital/home/torsearch-worker:latest
+    configs:
+      - source: env_file
+        target: /app/bin/.env.local
+    volumes:
+      - /mnt/media/downloads/movies:/var/download/movies
+      - /mnt/media/downloads/tvshows:/var/download/tvshows
+    restart: always
+    command: -vv
+    deploy:
+      replicas: 4
+    depends_on:
+      - app
+
+  # This container handles the monitoring for new media. When new
+  # monitors are added, jobs are periodically dispatched to this
+  # container, and the desired media is searched for and downloaded.
+  # This container runs a Symfony worker process.
+  # See: https://symfony.com/doc/current/messenger.html
+  scheduler:
+    image: code.caldwell.digital/home/torsearch-scheduler:latest
+    configs:
+      - env_file
+    volumes:
+      - ./downloads:/var/download
+    restart: always
+    depends_on:
+      - app
+
+  # This container facilitates viewing the progress of downloads
+  # in realtime. It also handles sending alerts and notifications.
+  # The MERCURE_PUBLISHER_JWT key & MERCURE_SUBSCRIBER_JWT_KEY should
+  # match the MERCURE_JWT_SECRET environment variable.
+  mercure:
+    image: dunglas/mercure
+    restart: unless-stopped
+    ports:
+      - "3001:80"
+    environment:
+      SERVER_NAME: ':80'
+      MERCURE_PUBLISHER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
+      MERCURE_SUBSCRIBER_JWT_KEY: '!ChangeThisMercureHubJWTSecretKey!'
+      MERCURE_EXTRA_DIRECTIVES: |
+        cors_origins *
+        anonymous
+    command: /usr/bin/caddy run --config /etc/caddy/dev.Caddyfile
+    volumes:
+      - mercure_data:/data
+      - mercure_config:/config
+
+  database:
+    image: mariadb:10.11.2
+    volumes:
+      - mysql:/var/lib/mysql
+    environment:
+      MYSQL_DATABASE: app
+      MYSQL_USERNAME: app
+      MYSQL_PASSWORD: password
+      MYSQL_ROOT_PASSWORD: password
+    healthcheck:
+      test: [ "CMD", "mysqladmin" ,"ping", "-h", "localhost" ]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+
+  redis:
+    image: redis:latest
+    volumes:
+      - redis_data:/data
+    command: redis-server --maxmemory 512MB
+    restart: unless-stopped
+
+  # **Optional**
+  # Provides a simple method of viewing the database
+  adminer:
+    image: adminer
+    ports:
+      - "8081:8080"
+
+volumes:
+  mysql:
+  mercure_config:
+  mercure_data:
+  redis_data:
+
+configs:
+  env_file:
+    file: $PWD/.env
+