From 07546bc7e99538cbc211e97dc9a4a923f5aa4bb9 Mon Sep 17 00:00:00 2001 From: ErickSkrauch Date: Sat, 6 Apr 2019 01:04:51 +0200 Subject: [PATCH 1/3] Completely remove frontend from this repository --- .dockerignore | 3 --- .gitignore | 3 +++ .gitlab-ci.yml | 31 ------------------------------- Dockerfile | 16 ---------------- 4 files changed, 3 insertions(+), 50 deletions(-) diff --git a/.dockerignore b/.dockerignore index 3d38865..1aff8d6 100644 --- a/.dockerignore +++ b/.dockerignore @@ -3,9 +3,6 @@ # vendor будет заполнен уже внутри контейнера vendor -# Всё, что динамично на фронте -frontend/node_modules -frontend/dist # Все временные файлы */runtime diff --git a/.gitignore b/.gitignore index e17f58f..f90cb13 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,6 @@ npm-debug* # Codeception codeception.yml */codeception.yml + +# Frontend +frontend diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7935c49..f5a893b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -51,44 +51,13 @@ test backend: - ./docker/php/wait-for-it.sh "${DB_HOST}:3306" -s -t 0 -- "php yii migrate/up --interactive=0" - vendor/bin/codecept run -test frontend: - image: node:9.2.1-alpine - stage: test - cache: - paths: - - frontend/node_modules - before_script: - # Enable SSL support for wget - - apk add --update openssl - # https://github.com/facebook/flow/issues/3649#issuecomment-414691014 - - wget -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub - - wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.28-r0/glibc-2.28-r0.apk - - apk add glibc-2.28-r0.apk - script: - - cd frontend - - yarn run build:install - - yarn run lint - - yarn flow - - yarn test - build:production: image: docker:18.02 stage: build - variables: - GA_ID: "UA-45299905-3" - SENTRY_CDN: "https://088e7718236a4f91937a81fb319a93f6@sentry.ely.by/2" before_script: - docker login -u gitlab-ci -p $CI_BUILD_TOKEN registry.ely.by - export VERSION="${CI_COMMIT_TAG:-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHA:0:7}}" - echo "$SSH_PRIVATE_KEY" > id_rsa - - | - echo " - module.exports = { - version: '$VERSION', - ga: {id: '$GA_ID'}, - sentryCdn: '$SENTRY_CDN', - }; - " > frontend/config/env.js - sed -i"" -e "s/{{PLACE_VERSION_HERE}}/$VERSION/g" common/config/config.php script: - export IMAGE_NAME="$CONTAINER_IMAGE:latest" diff --git a/Dockerfile b/Dockerfile index 652ab21..cd0879a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,3 @@ -FROM node:9.11.2-alpine as frontend - -WORKDIR /app - -COPY ./frontend/package.json ./ -COPY ./frontend/scripts ./scripts -COPY ./frontend/webpack-utils ./webpack-utils -COPY ./frontend/yarn.lock ./ -RUN yarn build:install - -COPY ./frontend . -RUN yarn build:quiet - - FROM php:7.2.7-fpm-alpine3.7 # bash needed to support wait-for-it script @@ -71,8 +57,6 @@ COPY ./docker/php/*.ini /usr/local/etc/php/conf.d/ COPY ./docker/php/docker-entrypoint.sh /usr/local/bin/ COPY ./docker/cron/* /etc/cron.d/ -COPY --from=frontend /app/dist /var/www/html/frontend/dist - COPY ./api /var/www/html/api/ COPY ./common /var/www/html/common/ COPY ./console /var/www/html/console/ From e13b6f0d943366925cbcb82d562b31f64c576eb7 Mon Sep 17 00:00:00 2001 From: ErickSkrauch Date: Sat, 6 Apr 2019 04:15:23 +0200 Subject: [PATCH 2/3] Upgrade PHP to 7.3 and fix some related code errors. Disable self_accessor fixer for PHP-CS-Fixer --- .gitlab-ci.yml | 8 +- .php_cs.dist | 5 +- Dockerfile | 21 +-- api/components/User/IdentityInterface.php | 4 +- api/config/config-dev.php | 7 - api/config/config-prod.php | 9 - api/config/config.php | 2 + common/validators/UsernameValidator.php | 2 +- composer.json | 7 +- composer.lock | 192 ++-------------------- 10 files changed, 38 insertions(+), 219 deletions(-) delete mode 100644 api/config/config-prod.php diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index f5a893b..c6a7ac0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,8 +6,8 @@ stages: variables: CONTAINER_IMAGE: "registry.ely.by/elyby/accounts" -check backend codestyle: - image: edbizarro/gitlab-ci-pipeline-php:7.2-alpine +php-cs-fixer: + image: edbizarro/gitlab-ci-pipeline-php:7.3-alpine stage: test cache: key: backend-vendor @@ -17,8 +17,8 @@ check backend codestyle: - composer install - vendor/bin/php-cs-fixer fix -v --dry-run -test backend: - image: edbizarro/gitlab-ci-pipeline-php:7.2-alpine +codeception: + image: edbizarro/gitlab-ci-pipeline-php:7.3-alpine services: - name: redis:4.0.10-alpine alias: redis diff --git a/.php_cs.dist b/.php_cs.dist index 4acb35a..bd76209 100644 --- a/.php_cs.dist +++ b/.php_cs.dist @@ -12,5 +12,6 @@ $finder = \PhpCsFixer\Finder::create() ->notPath('/.*\/tests\/_support\/_generated/') ->name('yii'); -return \Ely\CS\Config::create() - ->setFinder($finder); +return \Ely\CS\Config::create([ + 'self_accessor' => false, +])->setFinder($finder); diff --git a/Dockerfile b/Dockerfile index cd0879a..fc12794 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,8 @@ -FROM php:7.2.7-fpm-alpine3.7 +FROM php:7.3.3-fpm-alpine3.9 AS app + +# ENV variables for composer +ENV COMPOSER_NO_INTERACTION 1 +ENV COMPOSER_ALLOW_SUPERUSER 1 # bash needed to support wait-for-it script RUN apk add --update --no-cache \ @@ -7,6 +11,7 @@ RUN apk add --update --no-cache \ openssh \ dcron \ zlib-dev \ + libzip-dev \ icu-dev \ libintl \ imagemagick-dev \ @@ -18,7 +23,7 @@ RUN apk add --update --no-cache \ pcntl \ opcache \ && apk add --no-cache --virtual ".phpize-deps" $PHPIZE_DEPS \ - && yes | pecl install xdebug-2.6.0 \ + && yes | pecl install xdebug-2.7.1 \ && yes | pecl install imagick \ && docker-php-ext-enable imagick \ && apk del ".phpize-deps" \ @@ -26,17 +31,13 @@ RUN apk add --update --no-cache \ && rm -rf /tmp/* \ && mkdir /etc/cron.d -COPY --from=composer:1.6.5 /usr/bin/composer /usr/bin/composer -COPY --from=node:9.11.2-alpine /usr/local/bin/node /usr/bin/ -COPY --from=node:9.11.2-alpine /usr/lib/libgcc* /usr/lib/libstdc* /usr/lib/* /usr/lib/ - -# ENV variables for composer -ENV COMPOSER_NO_INTERACTION 1 -ENV COMPOSER_ALLOW_SUPERUSER 1 +COPY --from=composer:1.8.4 /usr/bin/composer /usr/bin/composer +COPY --from=node:11.13.0-alpine /usr/local/bin/node /usr/bin/ +COPY --from=node:11.13.0-alpine /usr/lib/libgcc* /usr/lib/libstdc* /usr/lib/* /usr/lib/ RUN mkdir /root/.composer \ && echo '{"github-oauth": {"github.com": "***REMOVED***"}}' > ~/.composer/auth.json \ - && composer global require --no-progress "hirak/prestissimo:^0.3.7" \ + && composer global require --no-progress "hirak/prestissimo:^0.3.8" \ && composer clear-cache COPY ./docker/php/wait-for-it.sh /usr/local/bin/wait-for-it diff --git a/api/components/User/IdentityInterface.php b/api/components/User/IdentityInterface.php index 1228483..b61a0bc 100644 --- a/api/components/User/IdentityInterface.php +++ b/api/components/User/IdentityInterface.php @@ -1,4 +1,6 @@ ['debug'], 'components' => [ 'reCaptcha' => [ 'public' => '6LfwqCYTAAAAAJlaJpqCdzESCjAXUC81Ca6jBHR7', 'secret' => '6LfwqCYTAAAAAFPjHmgwmnjSMFeAOJh7Lk5xxDMC', ], ], - 'modules' => [ - 'debug' => [ - 'class' => yii\debug\Module::class, - 'allowedIPs' => ['*'], - ], - ], ]; diff --git a/api/config/config-prod.php b/api/config/config-prod.php deleted file mode 100644 index d813524..0000000 --- a/api/config/config-prod.php +++ /dev/null @@ -1,9 +0,0 @@ - [ - 'reCaptcha' => [ - 'public' => getenv('RECAPTCHA_PUBLIC'), - 'secret' => getenv('RECAPTCHA_SECRET'), - ], - ], -]; diff --git a/api/config/config.php b/api/config/config.php index 46a30f9..58b593e 100644 --- a/api/config/config.php +++ b/api/config/config.php @@ -67,6 +67,8 @@ return [ ], 'reCaptcha' => [ 'class' => api\components\ReCaptcha\Component::class, + 'public' => getenv('RECAPTCHA_PUBLIC'), + 'secret' => getenv('RECAPTCHA_SECRET'), ], 'response' => [ 'format' => yii\web\Response::FORMAT_JSON, diff --git a/common/validators/UsernameValidator.php b/common/validators/UsernameValidator.php index 657bd03..70cccf0 100644 --- a/common/validators/UsernameValidator.php +++ b/common/validators/UsernameValidator.php @@ -31,7 +31,7 @@ class UsernameValidator extends Validator { $length->tooShort = E::USERNAME_TOO_SHORT; $length->tooLong = E::USERNAME_TOO_LONG; - $pattern = new validators\RegularExpressionValidator(['pattern' => '/^[\p{L}\d-_\.!$%^&*()\[\]:;]+$/u']); + $pattern = new validators\RegularExpressionValidator(['pattern' => '/^[\p{L}\d\-_.!$%^&*()\[\]:;]+$/u']); $pattern->message = E::USERNAME_INVALID; $unique = new validators\UniqueValidator(); diff --git a/composer.json b/composer.json index c69b94e..bc5ad13 100644 --- a/composer.json +++ b/composer.json @@ -30,15 +30,14 @@ "yiisoft/yii2-queue": "~2.1.0" }, "require-dev": { - "yiisoft/yii2-debug": "*", - "yiisoft/yii2-faker": "*", - "flow/jsonpath": "^0.4.0", "codeception/codeception": "^2.5.3", "codeception/specify": "^1.0.0", "codeception/verify": "*", + "ely/php-code-style": "^0.3.0", + "flow/jsonpath": "^0.4.0", + "fzaninotto/faker": "^1.8", "mockery/mockery": "^1.0.0", "php-mock/php-mock-mockery": "^1.2.0", - "ely/php-code-style": "^0.3.0", "predis/predis": "^1.1", "roave/security-advisories": "dev-master" }, diff --git a/composer.lock b/composer.lock index b6118c3..41b6d86 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "edb3d935ad36f30c49f8a4db6132747a", + "content-hash": "029519509cc9ceb2a06e09ba680257b2", "packages": [ { "name": "bacon/bacon-qr-code", @@ -118,7 +118,8 @@ "dist": { "type": "zip", "url": "https://api.github.com/repos/RobinHerbots/Inputmask/zipball/5e670ad62f50c738388d4dcec78d2888505ad77b", - "reference": "5e670ad62f50c738388d4dcec78d2888505ad77b" + "reference": "5e670ad62f50c738388d4dcec78d2888505ad77b", + "shasum": null }, "require": { "bower-asset/jquery": ">=1.7" @@ -139,7 +140,8 @@ "dist": { "type": "zip", "url": "https://api.github.com/repos/jquery/jquery-dist/zipball/77d2a51d0520d2ee44173afdf4e40a9201f5964e", - "reference": "77d2a51d0520d2ee44173afdf4e40a9201f5964e" + "reference": "77d2a51d0520d2ee44173afdf4e40a9201f5964e", + "shasum": null }, "type": "bower-asset", "license": [ @@ -157,7 +159,8 @@ "dist": { "type": "zip", "url": "https://api.github.com/repos/bestiejs/punycode.js/zipball/38c8d3131a82567bfef18da09f7f4db68c84f8a3", - "reference": "38c8d3131a82567bfef18da09f7f4db68c84f8a3" + "reference": "38c8d3131a82567bfef18da09f7f4db68c84f8a3", + "shasum": null }, "type": "bower-asset" }, @@ -172,7 +175,8 @@ "dist": { "type": "zip", "url": "https://api.github.com/repos/getsentry/raven-js-bower/zipball/c8b3a6040be6928e2f57fa5eec4d7afc31750235", - "reference": "c8b3a6040be6928e2f57fa5eec4d7afc31750235" + "reference": "c8b3a6040be6928e2f57fa5eec4d7afc31750235", + "shasum": null }, "type": "bower-asset" }, @@ -187,7 +191,8 @@ "dist": { "type": "zip", "url": "https://api.github.com/repos/yiisoft/jquery-pjax/zipball/aef7b953107264f00234902a3880eb50dafc48be", - "reference": "aef7b953107264f00234902a3880eb50dafc48be" + "reference": "aef7b953107264f00234902a3880eb50dafc48be", + "shasum": null }, "require": { "bower-asset/jquery": ">=1.8" @@ -2382,27 +2387,6 @@ ], "time": "2019-01-16T14:22:17+00:00" }, - { - "name": "bower-asset/bootstrap", - "version": "v3.4.1", - "source": { - "type": "git", - "url": "https://github.com/twbs/bootstrap.git", - "reference": "68b0d231a13201eb14acd3dc84e51543d16e5f7e" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/twbs/bootstrap/zipball/68b0d231a13201eb14acd3dc84e51543d16e5f7e", - "reference": "68b0d231a13201eb14acd3dc84e51543d16e5f7e" - }, - "require": { - "bower-asset/jquery": ">=1.9.1,<4.0" - }, - "type": "bower-asset", - "license": [ - "MIT" - ] - }, { "name": "codeception/codeception", "version": "2.5.4", @@ -5700,160 +5684,6 @@ ], "description": "A small library for converting tokenized PHP source code into XML and potentially other formats", "time": "2017-04-07T12:08:54+00:00" - }, - { - "name": "yiisoft/yii2-bootstrap", - "version": "2.0.9", - "source": { - "type": "git", - "url": "https://github.com/yiisoft/yii2-bootstrap.git", - "reference": "4677951dda712dd99d5bf2a127eaee118dfea860" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/yiisoft/yii2-bootstrap/zipball/4677951dda712dd99d5bf2a127eaee118dfea860", - "reference": "4677951dda712dd99d5bf2a127eaee118dfea860", - "shasum": "" - }, - "require": { - "bower-asset/bootstrap": "3.4.* | 3.3.* | 3.2.* | 3.1.*", - "yiisoft/yii2": "~2.0.6" - }, - "type": "yii2-extension", - "extra": { - "branch-alias": { - "dev-master": "2.0.x-dev" - } - }, - "autoload": { - "psr-4": { - "yii\\bootstrap\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Paul Klimov", - "email": "klimov.paul@gmail.com" - }, - { - "name": "Alexander Makarov", - "email": "sam@rmcreative.ru", - "homepage": "http://rmcreative.ru/" - }, - { - "name": "Antonio Ramirez", - "email": "amigo.cobos@gmail.com" - }, - { - "name": "Qiang Xue", - "email": "qiang.xue@gmail.com", - "homepage": "http://www.yiiframework.com/" - } - ], - "description": "The Twitter Bootstrap extension for the Yii framework", - "keywords": [ - "bootstrap", - "yii2" - ], - "time": "2019-01-29T21:39:45+00:00" - }, - { - "name": "yiisoft/yii2-debug", - "version": "2.0.14", - "source": { - "type": "git", - "url": "https://github.com/yiisoft/yii2-debug.git", - "reference": "dc5a4a8529de1a41dbb037dbabf1f3f93002f21d" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/yiisoft/yii2-debug/zipball/dc5a4a8529de1a41dbb037dbabf1f3f93002f21d", - "reference": "dc5a4a8529de1a41dbb037dbabf1f3f93002f21d", - "shasum": "" - }, - "require": { - "yiisoft/yii2": "~2.0.13", - "yiisoft/yii2-bootstrap": "~2.0.0" - }, - "type": "yii2-extension", - "extra": { - "branch-alias": { - "dev-master": "2.0.x-dev" - } - }, - "autoload": { - "psr-4": { - "yii\\debug\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Qiang Xue", - "email": "qiang.xue@gmail.com" - } - ], - "description": "The debugger extension for the Yii framework", - "keywords": [ - "debug", - "debugger", - "yii2" - ], - "time": "2018-09-23T21:41:04+00:00" - }, - { - "name": "yiisoft/yii2-faker", - "version": "2.0.4", - "source": { - "type": "git", - "url": "https://github.com/yiisoft/yii2-faker.git", - "reference": "3df62b1dcb272a8413f9c6e532c9d73f325ccde1" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/yiisoft/yii2-faker/zipball/3df62b1dcb272a8413f9c6e532c9d73f325ccde1", - "reference": "3df62b1dcb272a8413f9c6e532c9d73f325ccde1", - "shasum": "" - }, - "require": { - "fzaninotto/faker": "~1.4", - "yiisoft/yii2": "~2.0.0" - }, - "type": "yii2-extension", - "extra": { - "branch-alias": { - "dev-master": "2.0.x-dev" - } - }, - "autoload": { - "psr-4": { - "yii\\faker\\": "" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Mark Jebri", - "email": "mark.github@yandex.ru" - } - ], - "description": "Fixture generator. The Faker integration for the Yii framework.", - "keywords": [ - "Fixture", - "faker", - "yii2" - ], - "time": "2018-02-19T20:27:10+00:00" } ], "aliases": [], From f33439d829eff92101b1f199d2e00b5bb335a31d Mon Sep 17 00:00:00 2001 From: ErickSkrauch Date: Sat, 6 Apr 2019 15:52:23 +0200 Subject: [PATCH 3/3] Completely untie the backend from the frontend. Build nginx and mariadb together with the app image. Upgrade docker-compose configuration to 3 version. Add cleanup step to the gitlab-ci. --- .dockerignore | 3 - .gitattributes | 3 + .gitlab-ci.yml | 63 ++++++++++++++---- Dockerfile | 56 ++++++++++++++-- api/{web => }/index.php | 18 ++--- api/web/robots.txt | 2 - {api/web/assets => data}/.gitignore | 0 data/mysql/.gitignore | 2 - data/redis/.gitignore | 2 - docker-compose.dev.yml | 51 +++++++++----- docker-compose.prod.yml | 42 ++++++++---- docker/mariadb/Dockerfile | 6 -- docker/mariadb/{custom.cnf => config.cnf} | 1 + docker/nginx/account.ely.by.conf.template | 66 +++++++++++++++++++ docker/nginx/docker-entrypoint.sh | 7 ++ docker/nginx/generate-upstream.sh | 15 +++++ docker/nginx/nginx.conf | 33 ++++++++++ docker/php/docker-entrypoint.sh | 4 +- docker/phpmyadmin/Dockerfile | 9 +-- .../{config.local.php => config.inc.php} | 0 docker/supervisor/.gitkeep | 0 21 files changed, 302 insertions(+), 81 deletions(-) create mode 100644 .gitattributes rename api/{web => }/index.php (61%) delete mode 100644 api/web/robots.txt rename {api/web/assets => data}/.gitignore (100%) delete mode 100644 data/mysql/.gitignore delete mode 100644 data/redis/.gitignore delete mode 100644 docker/mariadb/Dockerfile rename docker/mariadb/{custom.cnf => config.cnf} (87%) create mode 100644 docker/nginx/account.ely.by.conf.template create mode 100755 docker/nginx/docker-entrypoint.sh create mode 100755 docker/nginx/generate-upstream.sh create mode 100644 docker/nginx/nginx.conf rename docker/phpmyadmin/{config.local.php => config.inc.php} (100%) delete mode 100644 docker/supervisor/.gitkeep diff --git a/.dockerignore b/.dockerignore index 1aff8d6..79bc7b2 100644 --- a/.dockerignore +++ b/.dockerignore @@ -6,6 +6,3 @@ vendor # Все временные файлы */runtime - -# Их по идее их не должно образовываться, но мало ли -*/web/assets diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..1a22cab --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +# Fix EOL for all files, that should be executed inside Docker container +*.sh text eol=lf +yii text eol=lf diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c6a7ac0..dc16f4a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -2,9 +2,13 @@ stages: - test - build - release + - cleanup variables: - CONTAINER_IMAGE: "registry.ely.by/elyby/accounts" + VERSION: "${CI_COMMIT_TAG:-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHA:0:7}}" + APP_IMAGE_NAME: "registry.ely.by/elyby/accounts" + WEB_IMAGE_NAME: "registry.ely.by/elyby/accounts-nginx" + DB_IMAGE_NAME: "registry.ely.by/elyby/accounts-mariadb" php-cs-fixer: image: edbizarro/gitlab-ci-pipeline-php:7.3-alpine @@ -55,15 +59,28 @@ build:production: image: docker:18.02 stage: build before_script: - - docker login -u gitlab-ci -p $CI_BUILD_TOKEN registry.ely.by - - export VERSION="${CI_COMMIT_TAG:-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHA:0:7}}" - - echo "$SSH_PRIVATE_KEY" > id_rsa - - sed -i"" -e "s/{{PLACE_VERSION_HERE}}/$VERSION/g" common/config/config.php + - sed -i -e "s/{{PLACE_VERSION_HERE}}/$VERSION/g" common/config/config.php script: - - export IMAGE_NAME="$CONTAINER_IMAGE:latest" - - docker build --pull --build-arg build_env=prod -t $IMAGE_NAME . + - > + docker build + --pull + --target app + --build-arg "build_env=prod" + -t "$APP_IMAGE_NAME:$CI_PIPELINE_ID" . + - > + docker build + --pull + --target web + --build-arg "build_env=prod" + -t "$WEB_IMAGE_NAME:$CI_PIPELINE_ID" . + - > + docker build + --pull + --target db + --build-arg "build_env=prod" + -t "$DB_IMAGE_NAME:$CI_PIPELINE_ID" . only: - - develop + - master - tags release:latest: @@ -74,9 +91,16 @@ release:latest: before_script: - docker login -u gitlab-ci -p $CI_BUILD_TOKEN registry.ely.by script: - - docker push $CONTAINER_IMAGE:latest + - docker tag "$APP_IMAGE_NAME:$CI_PIPELINE_ID" "$APP_IMAGE_NAME:latest" + - docker push "$APP_IMAGE_NAME:latest" + + - docker tag "$WEB_IMAGE_NAME:$CI_PIPELINE_ID" "$WEB_IMAGE_NAME:latest" + - docker push "$WEB_IMAGE_NAME:latest" + + - docker tag "$DB_IMAGE_NAME:$CI_PIPELINE_ID" "$DB_IMAGE_NAME:latest" + - docker push "$DB_IMAGE_NAME:latest" only: - - develop + - master - tags release:tag: @@ -87,8 +111,21 @@ release:tag: before_script: - docker login -u gitlab-ci -p $CI_BUILD_TOKEN registry.ely.by script: - - export IMAGE_NAME="$CONTAINER_IMAGE:$CI_BUILD_TAG" - - docker tag $CONTAINER_IMAGE:latest $IMAGE_NAME - - docker push $IMAGE_NAME + - docker tag "$APP_IMAGE_NAME:$CI_PIPELINE_ID" "$APP_IMAGE_NAME:$VERSION" + - docker push "$APP_IMAGE_NAME:$VERSION" + + - docker tag "$WEB_IMAGE_NAME:$CI_PIPELINE_ID" "$WEB_IMAGE_NAME:$VERSION" + - docker push "$WEB_IMAGE_NAME:$VERSION" + + - docker tag "$DB_IMAGE_NAME:$CI_PIPELINE_ID" "$DB_IMAGE_NAME:$VERSION" + - docker push "$DB_IMAGE_NAME:$VERSION" only: - tags + +cleanup: + stage: cleanup + script: + - docker rmi "$APP_IMAGE_NAME:$CI_PIPELINE_ID" "$APP_IMAGE_NAME:$VERSION" "$APP_IMAGE_NAME:latest" || true + - docker rmi "$WEB_IMAGE_NAME:$CI_PIPELINE_ID" "$WEB_IMAGE_NAME:$VERSION" "$WEB_IMAGE_NAME:latest" || true + - docker rmi "$DB_IMAGE_NAME:$CI_PIPELINE_ID" "$DB_IMAGE_NAME:$VERSION" "$DB_IMAGE_NAME:latest" || true + when: always diff --git a/Dockerfile b/Dockerfile index fc12794..9946b37 100644 --- a/Dockerfile +++ b/Dockerfile @@ -63,9 +63,57 @@ COPY ./common /var/www/html/common/ COPY ./console /var/www/html/console/ COPY ./yii /var/www/html/yii -# Expose everything under /var/www/html to share it with nginx -VOLUME ["/var/www/html"] - -WORKDIR /var/www/html ENTRYPOINT ["docker-entrypoint.sh"] CMD ["php-fpm"] + +# ================================================================================ + +FROM nginx:1.15.10-alpine AS web + +ENV PHP_SERVERS php:9000 + +RUN rm /etc/nginx/conf.d/default.conf \ + && mkdir -p /data/nginx/cache \ + && mkdir -p /var/www/html + +WORKDIR /var/www/html + +COPY ./docker/nginx/docker-entrypoint.sh / +COPY ./docker/nginx/generate-upstream.sh /usr/bin/generate-upstream +COPY ./docker/nginx/nginx.conf /etc/nginx/nginx.conf +COPY ./docker/nginx/account.ely.by.conf.template /etc/nginx/conf.d/ + +COPY --from=app /var/www/html/vendor/ely/email-renderer/dist/assets /var/www/html/vendor/ely/email-renderer/dist/assets + +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["nginx", "-g", "daemon off;"] + +# ================================================================================ + +FROM mariadb:10.3.14-bionic AS db + +COPY ./docker/mariadb/config.cnf /etc/mysql/conf.d/ + +RUN set -ex \ + && fetchDeps='ca-certificates wget' \ + && apt-get update \ + && apt-get install -y --no-install-recommends $fetchDeps \ + && rm -rf /var/lib/apt/lists/* \ + && wget -O /mysql-sys.tar.gz 'https://github.com/mysql/mysql-sys/archive/1.5.1.tar.gz' \ + && mkdir /mysql-sys \ + && tar -zxf /mysql-sys.tar.gz -C /mysql-sys \ + && rm /mysql-sys.tar.gz \ + && cd /mysql-sys/*/ \ + && ./generate_sql_file.sh -v 56 -m \ + # Fix mysql-sys for MariaDB according to the https://www.fromdual.com/mysql-sys-schema-in-mariadb-10-2 notes + # and https://mariadb.com/kb/en/library/system-variable-differences-between-mariadb-100-and-mysql-56/ reference + && sed -i -e "s/@@global.server_uuid/@@global.server_id/g" gen/*.sql \ + && sed -i -e "s/@@master_info_repository/NULL/g" gen/*.sql \ + && sed -i -e "s/@@relay_log_info_repository/NULL/g" gen/*.sql \ + && mv gen/*.sql /docker-entrypoint-initdb.d/ \ + && cd / \ + && rm -rf /mysql-sys \ + && apt-get purge -y --auto-remove $fetchDeps + +ENTRYPOINT ["docker-entrypoint.sh"] +CMD ["mysqld"] diff --git a/api/web/index.php b/api/index.php similarity index 61% rename from api/web/index.php rename to api/index.php index e6e45e4..6a6fe1a 100644 --- a/api/web/index.php +++ b/api/index.php @@ -6,25 +6,25 @@ use yii\web\Application; $time = microtime(true); -require __DIR__ . '/../../vendor/autoload.php'; +require __DIR__ . '/../vendor/autoload.php'; -defined('YII_DEBUG') || define('YII_DEBUG', in_array(getenv('YII_DEBUG'), ['true', '1'])); +defined('YII_DEBUG') || define('YII_DEBUG', in_array(getenv('YII_DEBUG'), ['true', '1'], false)); defined('YII_ENV') || define('YII_ENV', getenv('YII_ENV')); // Initialize an application aspect container AspectKernel::getInstance()->init([ 'debug' => YII_DEBUG, - 'appDir' => __DIR__ . '/../../', - 'cacheDir' => __DIR__ . '/../runtime/aspect', + 'appDir' => dirname(__DIR__), + 'cacheDir' => __DIR__ . '/runtime/aspect', 'excludePaths' => [ - __DIR__ . '/../runtime/aspect', - __DIR__ . '/../../vendor', + __DIR__ . '/runtime/aspect', + __DIR__ . '/../vendor', ], ]); -require __DIR__ . '/../../vendor/yiisoft/yii2/Yii.php'; -require __DIR__ . '/../../common/config/bootstrap.php'; -require __DIR__ . '/../config/bootstrap.php'; +require __DIR__ . '/../vendor/yiisoft/yii2/Yii.php'; +require __DIR__ . '/../common/config/bootstrap.php'; +require __DIR__ . '/config/bootstrap.php'; $config = ConfigLoader::load('api'); diff --git a/api/web/robots.txt b/api/web/robots.txt deleted file mode 100644 index 6f27bb6..0000000 --- a/api/web/robots.txt +++ /dev/null @@ -1,2 +0,0 @@ -User-agent: * -Disallow: \ No newline at end of file diff --git a/api/web/assets/.gitignore b/data/.gitignore similarity index 100% rename from api/web/assets/.gitignore rename to data/.gitignore diff --git a/data/mysql/.gitignore b/data/mysql/.gitignore deleted file mode 100644 index d6b7ef3..0000000 --- a/data/mysql/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -* -!.gitignore diff --git a/data/redis/.gitignore b/data/redis/.gitignore deleted file mode 100644 index d6b7ef3..0000000 --- a/data/redis/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -* -!.gitignore diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index b58867a..a705544 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -1,5 +1,21 @@ -version: '2' +version: '3.4' services: + web: + image: registry.ely.by/elyby/accounts-nginx:latest + build: + context: . + target: web + args: + build_env: dev + depends_on: + - app + env_file: .env + volumes: + - ./:/var/www/html + networks: + - default + - nginx-proxy + app: image: registry.ely.by/elyby/accounts:dev build: @@ -10,8 +26,12 @@ services: - db - redis volumes: - - ./:/var/www/html/ + - ./:/var/www/html env_file: .env + networks: + default: + aliases: + - php worker: image: registry.ely.by/elyby/accounts:dev @@ -24,7 +44,7 @@ services: - db - redis volumes: - - ./:/var/www/html/ + - ./:/var/www/html env_file: .env cron: @@ -39,22 +59,15 @@ services: - db - redis volumes: - - ./:/var/www/html/ + - ./:/var/www/html env_file: .env - web: - image: registry.ely.by/elyby/accounts-nginx:latest - volumes_from: - - app - links: - - app:php - env_file: .env - networks: - - default - - nginx-proxy - db: - build: ./docker/mariadb + build: + context: . + target: db + args: + build_env: dev env_file: .env volumes: - ./data/mysql:/var/lib/mysql @@ -99,7 +112,11 @@ services: # 3) Uncomment the next 2 services (testdb and testredis): # # testdb: - # build: ./docker/mariadb + # build: + # context: . + # target: db + # args: + # build_env: dev # volumes: # - ./data/mysql-test:/var/lib/mysql # environment: diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index 6b0f928..019f5be 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -1,5 +1,24 @@ -version: '2' +version: '3.4' + +x-logging: + &default-logging + options: + max-size: 50m + services: + web: + image: registry.ely.by/elyby/accounts-nginx:latest + restart: always + depends_on: + - app + env_file: .env + volumes: + - ./frontend:/var/www/html/frontend + networks: + - default + - nginx-proxy + logging: *default-logging + app: image: registry.ely.by/elyby/accounts:latest restart: always @@ -7,6 +26,11 @@ services: - db - redis env_file: .env + networks: + default: + aliases: + - php + logging: *default-logging worker: image: registry.ely.by/elyby/accounts:latest @@ -16,6 +40,7 @@ services: - db - redis env_file: .env + logging: *default-logging cron: image: registry.ely.by/elyby/accounts:latest @@ -26,21 +51,10 @@ services: - db - redis env_file: .env - - web: - image: registry.ely.by/elyby/accounts-nginx:1.0.3 - restart: always - volumes_from: - - app - links: - - app:php - env_file: .env - networks: - - default - - nginx-proxy + logging: *default-logging db: - build: ./docker/mariadb + image: registry.ely.by/elyby/accounts-mariadb:latest restart: always env_file: .env volumes: diff --git a/docker/mariadb/Dockerfile b/docker/mariadb/Dockerfile deleted file mode 100644 index 2dabddb..0000000 --- a/docker/mariadb/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM mariadb:10.2.11 - -COPY custom.cnf /etc/mysql/conf.d/ - -ENTRYPOINT ["docker-entrypoint.sh"] -CMD ["mysqld"] diff --git a/docker/mariadb/custom.cnf b/docker/mariadb/config.cnf similarity index 87% rename from docker/mariadb/custom.cnf rename to docker/mariadb/config.cnf index 66a1832..72aa275 100644 --- a/docker/mariadb/custom.cnf +++ b/docker/mariadb/config.cnf @@ -4,6 +4,7 @@ default-character-set = utf8mb4 [mysqld] character-set-server = utf8mb4 collation-server = utf8mb4_unicode_ci +performance_schema = ON [client] default-character-set = utf8mb4 diff --git a/docker/nginx/account.ely.by.conf.template b/docker/nginx/account.ely.by.conf.template new file mode 100644 index 0000000..91a72e4 --- /dev/null +++ b/docker/nginx/account.ely.by.conf.template @@ -0,0 +1,66 @@ +server { + listen 80; + + set $root_path '/var/www/html'; + set $frontend_path '${root_path}/frontend'; + + root $root_path; + charset utf-8; + + add_header X-Frame-Options "sameorigin" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + + # You can uncomment the next lines to enable debug mode + # rewrite_log on; + # error_log /var/log/nginx/error.log debug; + + set $request_url $request_uri; + set $host_with_uri '${host}${request_uri}'; + + if ($host_with_uri ~ '^${AUTHSERVER_HOST}/auth') { + set $request_url '/api/authserver${request_uri}'; + rewrite ^/auth /api/authserver$uri last; + } + + if ($host_with_uri ~ '^${AUTHSERVER_HOST}/session') { + set $request_url '/api/minecraft${request_uri}'; + rewrite ^/session /api/minecraft$uri last; + } + + if ($host_with_uri ~ '^${AUTHSERVER_HOST}/api/(user|profiles)') { + set $request_url '/api/mojang${request_uri}'; + rewrite ^/api/(user|profiles) /api/mojang$uri last; + } + + location / { + root $frontend_path; + access_log off; + etag on; + expires $cache_duration; + try_files $uri /index.html =404; + } + + location /api { + try_files $uri /api/index.php$is_args$args; + } + + location /images/emails/assets { + alias '${root_path}/vendor/ely/email-renderer/dist/assets'; + access_log off; + } + + location ~* \.php$ { + fastcgi_pass php; # Use generated upstream. See generate-upstream.sh + fastcgi_index /index.php; + fastcgi_cache cache; + + include fastcgi_params; + + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REQUEST_URI $request_url; + fastcgi_param REMOTE_ADDR $http_x_real_ip; + # Override HTTPS param to handle ssl from nginx-proxy container + fastcgi_param HTTPS $http_x_forwarded_ssl if_not_empty; + } +} diff --git a/docker/nginx/docker-entrypoint.sh b/docker/nginx/docker-entrypoint.sh new file mode 100755 index 0000000..1a2e74a --- /dev/null +++ b/docker/nginx/docker-entrypoint.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env sh + +generate-upstream + +envsubst '$AUTHSERVER_HOST' < /etc/nginx/conf.d/account.ely.by.conf.template > /etc/nginx/conf.d/default.conf + +exec "$@" diff --git a/docker/nginx/generate-upstream.sh b/docker/nginx/generate-upstream.sh new file mode 100755 index 0000000..40376c3 --- /dev/null +++ b/docker/nginx/generate-upstream.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env sh + +result="upstream php {" + +for x in $(echo $PHP_SERVERS | tr "," "\n"); do + parts=$(echo $x | tr "x" "\n") + host=$(echo $parts | awk '{print $1}') + weight=$(echo $parts | awk '{print $2}') + + result="$result\n server $host weight=${weight:-1};" +done + +result="$result\n}" + +echo -e $result > /etc/nginx/conf.d/upstream.conf diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf new file mode 100644 index 0000000..eac3609 --- /dev/null +++ b/docker/nginx/nginx.conf @@ -0,0 +1,33 @@ +user nginx; +worker_processes auto; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + keepalive_timeout 10; + + fastcgi_cache_path /data/nginx/cache levels=1:2 keys_zone=cache:128m inactive=600m use_temp_path=off; + fastcgi_cache_key "$scheme$request_method$host$request_uri"; + + map $uri $cache_duration { + "~*^.+\.(jpe?g|gif|png|svg|js|json|css|zip|rar|eot|ttf|woff|woff2|ico|xml)$" "max"; + default "off"; + } + + include /etc/nginx/conf.d/*.conf; +} diff --git a/docker/php/docker-entrypoint.sh b/docker/php/docker-entrypoint.sh index c34f9fa..7898d21 100755 --- a/docker/php/docker-entrypoint.sh +++ b/docker/php/docker-entrypoint.sh @@ -18,8 +18,8 @@ fi cd /var/www/html # Create all necessary folders -mkdir -p api/runtime api/web/assets console/runtime -chown -R www-data:www-data api/runtime api/web/assets console/runtime +mkdir -p api/runtime console/runtime +chown -R www-data:www-data api/runtime console/runtime if [ "$YII_ENV" = "test" ] then diff --git a/docker/phpmyadmin/Dockerfile b/docker/phpmyadmin/Dockerfile index 6b03cfe..3848199 100644 --- a/docker/phpmyadmin/Dockerfile +++ b/docker/phpmyadmin/Dockerfile @@ -1,8 +1,3 @@ -FROM phpmyadmin/phpmyadmin:4.7.9-1 +FROM phpmyadmin/phpmyadmin:4.8.5 -RUN printf "\n\nrequire('./config.local.php');\n" >> /www/config.inc.php - -COPY config.local.php /www/ - -ENTRYPOINT [ "/run.sh" ] -CMD ["phpmyadmin"] +COPY config.inc.php /usr/src/phpmyadmin/ diff --git a/docker/phpmyadmin/config.local.php b/docker/phpmyadmin/config.inc.php similarity index 100% rename from docker/phpmyadmin/config.local.php rename to docker/phpmyadmin/config.inc.php diff --git a/docker/supervisor/.gitkeep b/docker/supervisor/.gitkeep deleted file mode 100644 index e69de29..0000000