From 8ffb8cf363c5c15a8faa129d1ba1352dd457b12c Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 09:27:44 +0200 Subject: [PATCH 01/22] feat: update mysql --- .github/workflows/docker.yml | 6 ++++++ mysql/8.0.Dockerfile | 5 +++++ mysql/Dockerfile | 2 +- 3 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 mysql/8.0.Dockerfile diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 6be9d85..3fdc05a 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -47,6 +47,12 @@ jobs: target: '' version: '' build-args: '' + - name: mysql + context: ./mysql + target: '' + version: '' + file: 8.0.dockerfile + build-args: '' - name: postgres context: ./postgres target: '' diff --git a/mysql/8.0.Dockerfile b/mysql/8.0.Dockerfile new file mode 100644 index 0000000..9cb7ba4 --- /dev/null +++ b/mysql/8.0.Dockerfile @@ -0,0 +1,5 @@ +# syntax=docker/dockerfile:1 +FROM mysql:8.0 + +COPY config /etc/mysql/conf.d +HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mysql/Dockerfile b/mysql/Dockerfile index 9d5a4a7..199505e 100644 --- a/mysql/Dockerfile +++ b/mysql/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM mysql:8.0.36 +FROM mysql:8.4 COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD From 9095452004a52cef99012d6f027c4a6b395344ce Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 09:28:12 +0200 Subject: [PATCH 02/22] feat: update postgres --- postgres/12.dockerfile | 2 +- postgres/14.dockerfile | 2 +- postgres/Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/postgres/12.dockerfile b/postgres/12.dockerfile index ee6a829..14b74da 100644 --- a/postgres/12.dockerfile +++ b/postgres/12.dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM postgres:12.18 AS database +FROM postgres:12.19 AS database ENV TZ="Europe/Berlin" diff --git a/postgres/14.dockerfile b/postgres/14.dockerfile index f9996e4..aca6fa9 100644 --- a/postgres/14.dockerfile +++ b/postgres/14.dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM postgres:14.10 AS database +FROM postgres:14.12 AS database ENV TZ="Europe/Berlin" diff --git a/postgres/Dockerfile b/postgres/Dockerfile index b67b87e..fa649a8 100644 --- a/postgres/Dockerfile +++ b/postgres/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM postgres:16.1 AS database +FROM postgres:16.3 AS database ENV TZ="Europe/Berlin" From 43162b3897657d6bae8104581273897e476b3d32 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 09:31:06 +0200 Subject: [PATCH 03/22] feat: remove mailhog --- .github/workflows/docker.yml | 5 ----- mailhog/Dockerfile | 18 ------------------ 2 files changed, 23 deletions(-) delete mode 100644 mailhog/Dockerfile diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 3fdc05a..9a366f9 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -146,11 +146,6 @@ jobs: target: 'prettier' version: 'stable' build-args: '' - - name: mailhog - context: ./mailhog - target: 'mailhog' - version: '1.1.0' - build-args: '' - name: mailpit context: ./mailpit target: 'mailpit' diff --git a/mailhog/Dockerfile b/mailhog/Dockerfile deleted file mode 100644 index 19385fa..0000000 --- a/mailhog/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -# syntax=docker/dockerfile:1 -FROM --platform=$BUILDPLATFORM golang:1.22-bullseye AS builder - -ARG TARGETOS -ARG TARGETARCH - -WORKDIR /src - -RUN git clone -b 'v1.1.0-beta1' --single-branch --depth 1 https://github.com/mailhog/MailHog.git . - -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/mailhog . - -FROM gcr.io/distroless/static-debian11:nonroot AS mailhog - -COPY --from=builder /out/mailhog / - -CMD ["/mailhog"] -EXPOSE 1025 8025 From 8ec0f7865554909efae511980a47a40ec8db2ecc Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 09:31:16 +0200 Subject: [PATCH 04/22] feat: update dependabot.yml --- .github/dependabot.yml | 51 +++++++++++++++++++++++++++++++----------- 1 file changed, 38 insertions(+), 13 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 552567e..02465b5 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,6 +8,22 @@ updates: schedule: interval: daily time: '07:00' + - package-ecosystem: docker + directory: /solr + schedule: + interval: daily + time: '07:00' + ignore: + - dependency-name: '*' + update-types: + - version-update:semver-patch + target-branch: main + reviewers: + - saschanowak + - paxuclus + - nlx-klein + labels: + - dependencies - package-ecosystem: docker directory: /cfssl schedule: @@ -57,7 +73,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /mailhog + directory: /mailpit schedule: interval: daily time: '07:00' @@ -153,7 +169,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-apache-exporter + directory: /prettier schedule: interval: daily time: '07:00' @@ -169,7 +185,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-elasticsearch-exporter + directory: /prometheus-apache-exporter schedule: interval: daily time: '07:00' @@ -185,7 +201,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-nginx-exporter + directory: /prometheus-elasticsearch-exporter schedule: interval: daily time: '07:00' @@ -201,7 +217,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-php-fpm-exporter + directory: /prometheus-nginx-exporter schedule: interval: daily time: '07:00' @@ -217,7 +233,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-postgres-exporter + directory: /prometheus-php-fpm-exporter schedule: interval: daily time: '07:00' @@ -233,7 +249,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-redis-exporter + directory: /prometheus-postgres-exporter schedule: interval: daily time: '07:00' @@ -249,7 +265,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-solr-exporter + directory: /prometheus-redis-exporter schedule: interval: daily time: '07:00' @@ -265,7 +281,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /prometheus-varnish-exporter + directory: /prometheus-solr-exporter schedule: interval: daily time: '07:00' @@ -281,7 +297,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /proxy + directory: /prometheus-varnish-exporter schedule: interval: daily time: '07:00' @@ -297,7 +313,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /rabbitmq + directory: /proxy schedule: interval: daily time: '07:00' @@ -313,7 +329,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /redis + directory: /rabbitmq schedule: interval: daily time: '07:00' @@ -329,7 +345,7 @@ updates: labels: - dependencies - package-ecosystem: docker - directory: /serverspec + directory: /redis schedule: interval: daily time: '07:00' @@ -424,3 +440,12 @@ updates: - nlx-klein labels: - dependencies + - package-ecosystem: npm + directory: / + schedule: + interval: daily + time: '07:00' + open-pull-requests-limit: 5 + target-branch: main + labels: + - dependencies From 09cbea37e4dd744434d78936f4b1cd6f92278fb7 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 09:35:50 +0200 Subject: [PATCH 05/22] feat: update to alpine:3.20 --- cfssl/Dockerfile | 4 ++-- prometheus-apache-exporter/Dockerfile | 2 +- prometheus-elasticsearch-exporter/Dockerfile | 2 +- prometheus-nginx-exporter/Dockerfile | 2 +- prometheus-php-fpm-exporter/Dockerfile | 2 +- prometheus-postgres-exporter/Dockerfile | 2 +- prometheus-varnish-exporter/Dockerfile | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cfssl/Dockerfile b/cfssl/Dockerfile index 2df0534..6201d02 100644 --- a/cfssl/Dockerfile +++ b/cfssl/Dockerfile @@ -17,7 +17,7 @@ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/mkbundle ./cmd/mkbundle RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/multirootca ./cmd/multirootca -FROM alpine:3.19 AS cfssl-server +FROM alpine:3.20 AS cfssl-server COPY --from=builder /out/* / @@ -27,7 +27,7 @@ EXPOSE 8080 CMD ["/cfssl"] -FROM alpine:3.19 AS cfssl +FROM alpine:3.20 AS cfssl COPY --from=builder /out/* / diff --git a/prometheus-apache-exporter/Dockerfile b/prometheus-apache-exporter/Dockerfile index acc2526..8106ed7 100644 --- a/prometheus-apache-exporter/Dockerfile +++ b/prometheus-apache-exporter/Dockerfile @@ -12,7 +12,7 @@ RUN git clone -b $EXPORTER_VERSION --single-branch --depth 1 https://github.com/ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/apache_exporter -FROM alpine:3.19 AS prometheus-apache-exporter +FROM alpine:3.20 AS prometheus-apache-exporter COPY --from=builder /out/* / diff --git a/prometheus-elasticsearch-exporter/Dockerfile b/prometheus-elasticsearch-exporter/Dockerfile index 6e21a7a..c33b503 100644 --- a/prometheus-elasticsearch-exporter/Dockerfile +++ b/prometheus-elasticsearch-exporter/Dockerfile @@ -12,7 +12,7 @@ RUN git clone -b $EXPORTER_VERSION --single-branch --depth 1 https://github.com/ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/elasticsearch_exporter -FROM alpine:3.19 AS prometheus-elasticsearch-exporter +FROM alpine:3.20 AS prometheus-elasticsearch-exporter COPY --from=builder /out/* / diff --git a/prometheus-nginx-exporter/Dockerfile b/prometheus-nginx-exporter/Dockerfile index f84f390..485bdbb 100644 --- a/prometheus-nginx-exporter/Dockerfile +++ b/prometheus-nginx-exporter/Dockerfile @@ -12,7 +12,7 @@ RUN git clone -b $EXPORTER_VERSION --single-branch --depth 1 https://github.com/ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/nginx_exporter -FROM alpine:3.19 AS prometheus-nginx-exporter +FROM alpine:3.20 AS prometheus-nginx-exporter COPY --from=builder /out/* / diff --git a/prometheus-php-fpm-exporter/Dockerfile b/prometheus-php-fpm-exporter/Dockerfile index 485f0ef..8d40a69 100644 --- a/prometheus-php-fpm-exporter/Dockerfile +++ b/prometheus-php-fpm-exporter/Dockerfile @@ -12,7 +12,7 @@ RUN git clone -b $EXPORTER_VERSION --single-branch --depth 1 https://github.com/ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/php-fpm_exporter -FROM alpine:3.19 AS prometheus-php-fpm-exporter +FROM alpine:3.20 AS prometheus-php-fpm-exporter COPY --from=builder /out/* / diff --git a/prometheus-postgres-exporter/Dockerfile b/prometheus-postgres-exporter/Dockerfile index adcd061..78f9a0e 100644 --- a/prometheus-postgres-exporter/Dockerfile +++ b/prometheus-postgres-exporter/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM alpine:3.19 AS prometheus-postgres-exporter +FROM alpine:3.20 AS prometheus-postgres-exporter COPY --from=quay.io/prometheuscommunity/postgres-exporter /bin/postgres_exporter / diff --git a/prometheus-varnish-exporter/Dockerfile b/prometheus-varnish-exporter/Dockerfile index 19c5d6c..f697d6b 100644 --- a/prometheus-varnish-exporter/Dockerfile +++ b/prometheus-varnish-exporter/Dockerfile @@ -12,7 +12,7 @@ RUN git clone -b $EXPORTER_VERSION --single-branch --depth 1 https://github.com/ RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o /out/varnish_exporter -FROM alpine:3.19 AS prometheus-varnish-exporter +FROM alpine:3.20 AS prometheus-varnish-exporter RUN apk add --no-cache docker-cli COPY --from=builder /out/* / From 01f3ef4af4540a12f57f6cf2e60955d2cff1c943 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 09:44:43 +0200 Subject: [PATCH 06/22] feat: update mariadb mariadb:10.3 is not build and maintained anymore --- .github/workflows/docker.yml | 4 ++-- mariadb/{10.3.dockerfile => 10.11.dockerfile} | 4 ++-- mariadb/10.6.dockerfile | 2 +- mariadb/Dockerfile | 2 +- mysql/{8.0.Dockerfile => 8.0.dockerfile} | 0 solr/{8.Dockerfile => 8.dockerfile} | 0 6 files changed, 6 insertions(+), 6 deletions(-) rename mariadb/{10.3.dockerfile => 10.11.dockerfile} (75%) rename mysql/{8.0.Dockerfile => 8.0.dockerfile} (100%) rename solr/{8.Dockerfile => 8.dockerfile} (100%) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 9a366f9..bd9ebdf 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -40,7 +40,7 @@ jobs: context: ./mariadb target: '' version: '' - file: 10.3.dockerfile + file: 10.11.dockerfile build-args: '' - name: mysql context: ./mysql @@ -94,7 +94,7 @@ jobs: context: ./solr target: '' version: '' - file: 8.Dockerfile + file: 8.dockerfile build-args: '' - name: varnish context: ./varnish diff --git a/mariadb/10.3.dockerfile b/mariadb/10.11.dockerfile similarity index 75% rename from mariadb/10.3.dockerfile rename to mariadb/10.11.dockerfile index f36e819..50be16f 100644 --- a/mariadb/10.3.dockerfile +++ b/mariadb/10.11.dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 -# Version of Ubuntu 20.04 -FROM mariadb:10.3.39 as mariadb +# Version of Ubuntu 24.04 +FROM mariadb:10.11 as mariadb COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mariadb/10.6.dockerfile b/mariadb/10.6.dockerfile index 3fe6e2b..c959140 100644 --- a/mariadb/10.6.dockerfile +++ b/mariadb/10.6.dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 # Version of Ubuntu 22.04 -FROM mariadb:10.6.16 as mariadb +FROM mariadb:10.6 as mariadb COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mariadb/Dockerfile b/mariadb/Dockerfile index 7a39e4f..22dcac3 100644 --- a/mariadb/Dockerfile +++ b/mariadb/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 # This is always the latest -FROM mariadb:10.11.7 as mariadb +FROM mariadb:11.4 as mariadb COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mysql/8.0.Dockerfile b/mysql/8.0.dockerfile similarity index 100% rename from mysql/8.0.Dockerfile rename to mysql/8.0.dockerfile diff --git a/solr/8.Dockerfile b/solr/8.dockerfile similarity index 100% rename from solr/8.Dockerfile rename to solr/8.dockerfile From ae95b54ca5f3548af14eeb2fe4f95721745514fa Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 12:18:46 +0200 Subject: [PATCH 07/22] feat: update to varnish 7.5 --- varnish/Dockerfile | 7 +- varnish/config/default.vcl | 668 ++++++++---------- varnish/config/includes/acls.vcl | 2 + ...kend_response_post_static_file_caching.vcl | 0 varnish/docker-varnish-entrypoint | 4 +- 5 files changed, 287 insertions(+), 394 deletions(-) delete mode 100644 varnish/config/includes/backend_response_post_static_file_caching.vcl diff --git a/varnish/Dockerfile b/varnish/Dockerfile index fbeae45..bd3fef2 100644 --- a/varnish/Dockerfile +++ b/varnish/Dockerfile @@ -1,7 +1,9 @@ # syntax=docker/dockerfile:1 -FROM varnish:6.6.2 +FROM varnish:7.5 -ENV VARNISH_SIZE 1G +ENV VARNISH_SIZE=1G + +USER root RUN apt-get update && \ apt-get install -y wget && \ @@ -11,4 +13,5 @@ COPY config /etc/varnish/ COPY docker-varnish-entrypoint /usr/local/bin/ +USER varnish HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD wget -qO- http://localhost:80/health | grep -q 'health' diff --git a/varnish/config/default.vcl b/varnish/config/default.vcl index 17143dd..7c22c7d 100644 --- a/varnish/config/default.vcl +++ b/varnish/config/default.vcl @@ -1,7 +1,8 @@ -vcl 4.0; +vcl 4.1; import std; import directors; +import xkey; # Import modules include "includes/imports.vcl"; @@ -16,426 +17,311 @@ include "includes/backends.vcl"; include "includes/acls.vcl"; sub vcl_init { - # Import file with director definitions; - include "includes/directors.vcl"; + # Import file with director definitions; + include "includes/directors.vcl"; } sub vcl_recv { - # https://info.varnish-software.com/blog/blog-sysadmin-monitoring-health-varnish-cache - if (req.method == "GET" && req.url == "/health") { - return(synth(200, "health")); - } - - # Remove tracking parameter from url and normalize query arguments - include "includes/cache_hitrate_booster.vcl"; - - # Shopware: Set a header announcing Surrogate Capability to the origin - set req.http.Surrogate-Capability = "shopware=ESI/1.0"; - - set req.http.X-Varnish-Esi-Level = req.esi_level; - - # Extract real client ip from X-Forwarded-For header. We do trust X-Forwarded-For header here as it is generated by - # nginx and any client supplied value is removed. - if (req.http.X-Real-Ip) { - set req.http.X-Client-Ip = req.http.X-Real-Ip; - } elseif (req.http.X-Forwarded-For) { - set req.http.X-Client-Ip = regsub(req.http.X-Forwarded-For, "[, ].*$", ""); - } else { - set req.http.X-Client-Ip = client.ip; - } - - # backend selection logic - include "includes/backendselection.vcl"; - - unset req.http.X-Restart-After-Purge; - - if (req.method == "BAN") { - if (!std.ip(req.http.X-Client-Ip, client.ip) ~ purge) { - return (synth(405, "Not allowed.")); - } - - set req.http.Host = regsub(req.http.host, ":\d+$", ""); - - # TYPO3/Neos: Cache Tags - if (req.http.X-Cache-Tags) { - ban("obj.http.X-Cache-Tags ~ " + req.http.X-Cache-Tags); - } - # Shopware: Cache Tags - elsif (req.http.X-Shopware-Invalidates) { - ban("obj.http.X-Shopware-Cache-Id ~ " + ";" + req.http.X-Shopware-Invalidates + ";"); - return (synth(200, "BAN of content connected to the X-Shopware-Cache-Id (" + req.http.X-Shopware-Invalidates + ") done.")); - } - # Neos: Flush cache by url - elseif (req.http.X-Site && req.http.X-Host && req.http.X-Url) { - ban("obj.http.X-Host ~ " + req.http.X-Host - + " && obj.http.X-Url ~ " + req.http.X-Url - + " && obj.http.X-Site ~ " + req.http.X-Site - ); - } else { - ban("obj.http.x-url ~ " + req.url + " && obj.http.x-host == " + req.http.Host); - } - return (synth(200, "Ban added.")); - } - - if (req.method == "PURGE") { - if (!std.ip(req.http.X-Client-Ip, client.ip) ~ purge) { - return (synth(405, "Not allowed.")); - } - set req.http.Host = regsub(req.http.host, ":\d+$", ""); - return (purge); - } - - if (std.healthy(req.backend_hint)) { - set req.grace = 30s; - } else { - set req.grace = 24h; - } - - # parse accept encoding rulesets to normalize - if (req.http.Accept-Encoding) { - if (req.http.Accept-Encoding ~ "gzip") { - set req.http.Accept-Encoding = "gzip"; - } elseif (req.http.Accept-Encoding ~ "deflate") { - set req.http.Accept-Encoding = "deflate"; - } else { - # unkown algorithm - unset req.http.Accept-Encoding; - } - } - - if (req.method == "PRI") { - /* We do not support SPDY or HTTP/2.0 */ - return (synth(405)); - } - - if (!req.http.host && - req.esi_level == 0 && - req.proto ~ "^(?i)HTTP/1.1") { - /* In HTTP/1.1, Host is required. */ - return (synth(400)); - } - - if (req.method != "GET" && - req.method != "HEAD" && - req.method != "PUT" && - req.method != "POST" && - req.method != "TRACE" && - req.method != "OPTIONS" && - req.method != "DELETE" && - req.method != "PATCH") { - /* Non-RFC2616 or CONNECT which is weird. */ - return (pipe); - } - - # We only deal with GET and HEAD by default - if (req.method != "GET" && req.method != "HEAD") { - return (pass); - } - - # Detect backend user by different cookies - if (req.http.Cookie ~ "\bbe_typo_user=") { - set req.http.X-Is-Backend-User-Authenticated = "true"; - } elseif (req.http.Cookie ~ "\bNeos_Session=") { - set req.http.X-Is-Backend-User-Authenticated = "true"; - } elseif (req.http.Cookie ~ "\bSHOPWAREBACKEND=") { - set req.http.X-Is-Backend-User-Authenticated = "true"; - } else { - unset req.http.X-Is-Backend-User-Authenticated; - } - - # Purge varnish when force reloading the page and backend user is detected - if (req.restarts == 0 && req.http.Cache-Control ~ "no-cache" && req.http.X-Is-Backend-User-Authenticated) { - set req.http.X-Restart-After-Purge = 1; - return (purge); - } - - include "includes/recv.vcl"; - - # Shopware: Don't cache selfhealing-redirect - if (req.http.Cookie ~ "ShopwarePluginsCoreSelfHealingRedirect") { - return (pass); - } - - # Shopware: Always pass these paths directly to php without caching - # Note: virtual URLs might bypass this rule (e.g. /en/checkout) - if (req.url ~ "^/(checkout|account)(/.*)?$") { - return (pass); - } - - # TYPO3: Always pass EXT:solr indexing requests - if (req.http.X-Tx-Solr-Iq && std.ip(req.http.X-Client-Ip, client.ip) ~ webserver) { - return (pass); - } - - # don't cache for TYPO3, Shopware, Neos backend - if (req.url ~ "^/(typo3|backend|neos|_token-login)(/.*)?$") { - return (pass); - } - - # TYPO3: Admin panel should work - if (req.url ~ "TSFE_ADMIN_PANEL") { - return (pass); - } - - # video streaming must be in pipe to work - if (req.url ~ "\.(?:mp4|webm)$") { - return (pipe); - } - - return (hash); + # https://info.varnish-software.com/blog/blog-sysadmin-monitoring-health-varnish-cache + if (req.url == "/health") { + return(synth(200, "health")); + } + + # Remove tracking parameter from url and normalize query arguments + include "includes/cache_hitrate_booster.vcl"; + + set req.http.X-Varnish-Esi-Level = req.esi_level; + + # Extract real client ip from X-Forwarded-For header. We do trust X-Forwarded-For header here as it is generated by + # nginx and any client supplied value is removed. + if (req.http.X-Real-Ip) { + set req.http.X-Client-Ip = req.http.X-Real-Ip; + } elseif (req.http.X-Forwarded-For) { + set req.http.X-Client-Ip = regsub(req.http.X-Forwarded-For, "[, ].*$", ""); + } else { + set req.http.X-Client-Ip = client.ip; + } + + # backend selection logic + include "includes/backendselection.vcl"; + + unset req.http.X-Restart-After-Purge; + + if (req.method == "BAN") { + if (std.ip(req.http.X-Client-Ip, client.ip) !~ purge) { + return (synth(405, "Method not allowed")); + } + + set req.http.Host = regsub(req.http.host, ":\d+$", ""); + + # TYPO3/Neos: Cache Tags + if (req.http.X-Cache-Tags) { + ban("obj.http.X-Cache-Tags ~ " + req.http.X-Cache-Tags); + return (synth(200, "BAN Cache-Tags (" + req.http.X-Cache-Tags + ") done")); + } + + ban("req.url ~ "+req.url); + return (synth(200, "BAN URLs containing (" + req.url + ") done.")); + } + + # Handle PURGE + if (req.method == "PURGE") { + if (std.ip(req.http.X-Client-Ip, client.ip) !~ purge) { + return (synth(403, "Forbidden")); + } + if (req.http.xkey) { + set req.http.n-gone = xkey.purge(req.http.xkey); + return (synth(200, "Invalidated " + req.http.n-gone + " objects")); + } else { + return (purge); + } + } + + if (std.healthy(req.backend_hint)) { + set req.grace = 30s; + } else { + set req.grace = 24h; + } + + # Normalize Accept-Encoding header + # straight from the manual: https://www.varnish-cache.org/docs/3.0/tutorial/vary.html + if (req.http.Accept-Encoding) { + if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") { + # No point in compressing these + unset req.http.Accept-Encoding; + } elsif (req.http.Accept-Encoding ~ "gzip") { + set req.http.Accept-Encoding = "gzip"; + } elsif (req.http.Accept-Encoding ~ "deflate") { + set req.http.Accept-Encoding = "deflate"; + } else { + # unknown algorithm + unset req.http.Accept-Encoding; + } + } + + if (req.method == "PRI") { + /* We do not support SPDY or HTTP/2.0 */ + return (synth(405)); + } + + if (!req.http.host && + req.esi_level == 0 && + req.proto ~ "^(?i)HTTP/1.1") { + /* In HTTP/1.1, Host is required. */ + return (synth(400)); + } + + if (req.method != "GET" && + req.method != "HEAD" && + req.method != "PUT" && + req.method != "POST" && + req.method != "TRACE" && + req.method != "OPTIONS" && + req.method != "DELETE" && + req.method != "PATCH") { + /* Non-RFC2616 or CONNECT which is weird. */ + return (pipe); + } + + # We only deal with GET and HEAD by default + if (req.method != "GET" && req.method != "HEAD") { + return (pass); + } + + # Detect backend user by different cookies + if (req.http.Cookie ~ "\bbe_typo_user=") { + set req.http.X-Is-Backend-User-Authenticated = "true"; + } elseif (req.http.Cookie ~ "\bNeos_Session=") { + set req.http.X-Is-Backend-User-Authenticated = "true"; + } else { + unset req.http.X-Is-Backend-User-Authenticated; + } + + # Purge varnish when force reloading the page and backend user is detected + if (req.restarts == 0 && req.http.Cache-Control ~ "no-cache" && req.http.X-Is-Backend-User-Authenticated) { + set req.http.X-Restart-After-Purge = 1; + return (purge); + } + + include "includes/recv.vcl"; + + # TYPO3: Always pass EXT:solr indexing requests + if (req.http.X-Tx-Solr-Iq && std.ip(req.http.X-Client-Ip, client.ip) ~ webserver) { + return (pass); + } + + # Don't cache for TYPO3, Neos backend + if (req.url ~ "^/(typo3|neos|_token-login)(/.*)?$") { + return (pass); + } + + # TYPO3: Admin panel should work + if (req.url ~ "TSFE_ADMIN_PANEL") { + return (pass); + } + + # video streaming must be in pipe to work + if (req.url ~ "\.(?:mp4|webm)$") { + return (pipe); + } + + return (hash); } sub vcl_backend_response { - set beresp.http.x-url = bereq.url; - set beresp.http.x-host = bereq.http.host; - - # Allow 24hour stale content, before an error 500/404 is thrown - set beresp.grace = 24h; - - include "includes/backend_response_pre_cookie_unset.vcl"; - - # Clean up cookies, we normally don't need session cookies - # FIXME: we need to check, whether we still have to fight unnecessary cookies or if nowadays TYPO3 and Neos set cookies responsibly -# if (beresp.http.Set-Cookie) { -# if (!(beresp.http.Set-Cookie ~ "\b(?:be_typo_user|Typo3InstallTool|PHPSESSID|SHOPWAREBACKEND)=" || bereq.url ~ "^/neos" || bereq.url ~ "^/_token-login" || beresp.http.X-Allow-Cookie)) { -# unset beresp.http.Set-Cookie; -# } -# } - unset beresp.http.X-Allow-Cookie; - - # ESI requests returning an error should not return the error page (possibly containing esi tags in the error document) - if (beresp.status >= 400 && bereq.http.X-Varnish-Esi-Level && std.integer(bereq.http.X-Varnish-Esi-Level, 0) > 0) { - return (abandon); - } - - # Respect force-reload, and clear cache accordingly. This means that a ctrl-reload will actually purge - # the cache for this URL with backend user. - if (bereq.http.Cache-Control ~ "no-cache" && bereq.http.X-Is-Backend-User-Authenticated) { - set beresp.http.X-Cacheable = "NO: force-reload with backend user"; - set beresp.ttl = 0s; - } elseif (beresp.http.X-Is-Static-File) { - unset beresp.http.Set-Cookie; - set beresp.http.X-Cacheable = "YES: static files are always cached"; - - if (beresp.status == 200) { - # Cache in varnish for one week if not told otherwise - if (beresp.ttl <= 0s) { - set beresp.ttl = 1w; - } - - # Long cache lifetime for versioned files - # TYPO3 processed files and assets - if (bereq.url ~ "/_processed_/|^/typo3temp/assets/") { - set beresp.http.cache-control = "public, max-age=31536000"; - } - # Neos persistent Resource - elseif (bereq.url ~ "^/_Resources/Persistent/(?:[a-f0-9]/[a-f0-9]/[a-f0-9]/[a-f0-9]/)?[a-f0-9]{40}/") { - set beresp.http.cache-control = "public, max-age=31536000"; - } - # Stencil js files in Public "Build" folder of TYPO3 extension or Neos package - elseif (bereq.url ~ "^/(?:typo3conf/ext/.*/Resources/Public|_Resources/Static/Packages/[a-zA-Z0-9.]+)/Build/[a-zA-Z0-9._/-]+[._/-][a-z0-9]{8}(\.es5|\.entry)?\.js$") { - set beresp.http.cache-control = "public, max-age=31536000"; - } - # Check query string for patterns like ${timestamp} or v=${versionNumber} or bust=${hash} or ${hash} - elseif (bereq.url ~ "\?(?:(?:\d+|v=[\d.]+|bust=[a-z0-9]{8}|[a-z0-9.-]+)(?:&|$))+$") { - set beresp.http.cache-control = "public, max-age=31536000"; - } - # Check if filename contains a timestamp in the filename - elseif (bereq.url ~ "\.[0-9]{10}\.[a-z0-9]+$") { - set beresp.http.cache-control = "public, max-age=31536000"; - } - # Shopware files, statically cacheable - elseif (bereq.url ~ "/media/(archive|banner|image|music|pdf|unknown|video)/[a-zA-Z0-9_/-]+\.(jpe?g|png|webp|gif|svg|pdf)$") { - set beresp.http.cache-control = "public, max-age=31536000"; - } - # Use custom cache life time for example when caching the sitemap.xml for only 5m - elseif (beresp.ttl < 1h) { - set beresp.http.cache-control = "public, max-age=" + regsub(beresp.ttl, "\..*$", ""); - } - # Fallback to minimum cache lifetime of 1h - else { - set beresp.http.cache-control = "public, max-age=3600"; - } - } - - unset beresp.http.Expires; - unset beresp.http.Pragma; - set beresp.http.X-Set-Age-Zero = "true"; - - # Don't cache file larger than 10MB - if (beresp.http.Content-Length ~ "[0-9]{8,}") { - set beresp.http.X-Cacheable = "NO: file too large"; - set beresp.ttl = 1w; - set beresp.uncacheable = true; - } - - return (deliver); - } - - include "includes/backend_response_post_static_file_caching.vcl"; - - # Allow edgeside includes - set beresp.do_esi = true; - unset beresp.http.Surrogate-Control; - - # Since we rely on backend to send the correct Cache-control headers, we do nothing except for removing the cache-control headers before output - - # Handle Cache-Control private/no-cache/no-store headers - if (beresp.http.Cache-Control ~ "(?i:no-cache|no-store|private)") { - set beresp.ttl = 0s; - } - - # Make sure that we unset all cache headers, so the browser does not cache it for us! - unset beresp.http.Cache-Control; - unset beresp.http.Pragma; - unset beresp.http.Expires; - unset beresp.http.Last-Modified; - unset beresp.http.ETag; - - if (!beresp.http.X-Cacheable) { - set beresp.http.X-Cacheable = "NO"; - if (beresp.ttl > 0s) { - set beresp.http.X-Cacheable = "YES"; - } - } - - if (beresp.http.Set-Cookie) { - set beresp.http.X-Cacheable = "NO: Set-Cookie header present"; - set beresp.ttl = 0s; - } - - # Set TTL as header for debugging - set beresp.http.X-Cache-TTL = beresp.ttl; - - # Make sure a lot of requests to uncached pages do not yam too much - if (beresp.ttl <= 0s) { - set beresp.ttl = 10s; - set beresp.http.Cache-Control = "private"; - set beresp.uncacheable = true; - } - - # Don't cache file larger than 10MB - if (beresp.http.Content-Length ~ "[0-9]{8,}") { - set beresp.http.X-Cacheable = "NO: file too large"; - set beresp.ttl = 1w; - set beresp.uncacheable = true; - } - - return (deliver); + set beresp.http.x-url = bereq.url; + set beresp.http.x-host = bereq.http.host; + + # Allow 24d stale content, before an error 500/404 is thrown + set beresp.grace = 24h; + + # Allow edgeside includes + if (beresp.http.content-type ~ "text") { + set beresp.do_esi = true; + } + + include "includes/backend_response_pre_cookie_unset.vcl"; + + # ESI requests returning an error should not return the error page (possibly containing esi tags in the error document) + if (beresp.status >= 400 && bereq.http.X-Varnish-Esi-Level && std.integer(bereq.http.X-Varnish-Esi-Level, 0) > 0) { + return (abandon); + } + + # cache only successfully responses and 404s + if (beresp.status != 200 && beresp.status != 404) { + set beresp.http.X-Cacheable = "NO: server response with error"; + set beresp.ttl = 0s; + } + + # Respect force-reload, and clear cache accordingly. This means that a ctrl-reload will actually purge + # the cache for this URL with backend user. + if (bereq.http.Cache-Control ~ "no-cache" && bereq.http.X-Is-Backend-User-Authenticated) { + set beresp.http.X-Cacheable = "NO: force-reload with backend user"; + set beresp.ttl = 0s; + } + + # Since we rely on backend to send the correct Cache-control headers, we do nothing except for removing the cache-control headers before output + # Handle Cache-Control private/no-cache/no-store headers + if (beresp.http.Cache-Control ~ "(?i:no-cache|no-store|private)") { + set beresp.http.X-Cacheable = "NO: cache-control header is not public"; + set beresp.ttl = 0s; + } + + # Make sure that we unset all cache headers, so the browser does not cache it for us! + unset beresp.http.Cache-Control; + unset beresp.http.Pragma; + unset beresp.http.Expires; + unset beresp.http.Last-Modified; + unset beresp.http.ETag; + + if (!beresp.http.X-Cacheable) { + set beresp.http.X-Cacheable = "NO"; + if (beresp.ttl > 0s) { + set beresp.http.X-Cacheable = "YES"; + } + } + + if (beresp.http.Set-Cookie) { + set beresp.http.X-Cacheable = "NO: Set-Cookie header is present"; + set beresp.ttl = 0s; + } + + # Set TTL as header for debugging + set beresp.http.X-Cache-TTL = beresp.ttl; + + # Make sure a lot of requests to uncached pages do not yam too much + if (beresp.ttl <= 0s) { + set beresp.ttl = 10s; + set beresp.http.Cache-Control = "private"; + set beresp.uncacheable = true; + } + + # Don't cache file larger than 1MB + if (beresp.http.Content-Length ~ "[0-9]{7,}") { + set beresp.http.X-Cacheable = "NO: file too large"; + set beresp.ttl = 1w; + set beresp.uncacheable = true; + } + + return (deliver); } sub vcl_hash { - include "includes/hash.vcl"; - ## normalize shop and currency cookie in hash to improve hitrate - if (req.http.cookie ~ "shop=") { - hash_data("+shop=" + regsub(req.http.cookie, "^.*?shop=([^;]*);*.*$", "\1")); - } else { - hash_data("+shop=1"); - } - - if (req.http.cookie ~ "currency=") { - hash_data("+currency=" + regsub(req.http.cookie, "^.*?currency=([^;]*);*.*$", "\1")); - } else { - hash_data("+currency=1"); - } - - if (req.http.cookie ~ "x-cache-context-hash=") { - hash_data("+context=" + regsub(req.http.cookie, "^.*?x-cache-context-hash=([^;]*);*.*$", "\1")); - } + include "includes/hash.vcl"; } sub vcl_hit { - include "includes/hit.vcl"; - if (obj.http.X-Shopware-Allow-Nocache && req.http.cookie ~ "nocache=") { - if (obj.http.X-Shopware-Allow-Nocache && req.http.cookie ~ "slt=") { - set req.http.X-Cookie-Nocache = regsub(req.http.Cookie, "^.*?nocache=([^;]*);*.*$", "\1, slt"); - } else { - set req.http.X-Cookie-Nocache = regsub(req.http.Cookie, "^.*?nocache=([^;]*);*.*$", "\1"); - } - if (std.strstr(req.http.X-Cookie-Nocache, obj.http.X-Shopware-Allow-Nocache)) { - return (pass); - } - } + include "includes/hit.vcl"; } sub vcl_miss { - include "includes/miss.vcl"; + include "includes/miss.vcl"; } sub vcl_backend_fetch { - include "includes/backend_fetch.vcl"; - if (bereq.method == "GET") { - unset bereq.body; - } - - # range requests may have response code 206 which are not handled properly by varnish - if (bereq.http.Range) { - unset bereq.http.Range; - } + include "includes/backend_fetch.vcl"; + if (bereq.method == "GET") { + unset bereq.body; + } + + # range requests may have response code 206 which are not handled properly by varnish + if (bereq.http.Range) { + unset bereq.http.Range; + } } sub vcl_deliver { - # For static files, the browser should always get Age: 0 to cache it as long as possible - if (resp.http.X-Set-Age-Zero) { - unset resp.http.X-Set-Age-Zero; - - # By definition we have a fresh object - set resp.http.age = "0"; - } - - unset resp.http.x-url; - unset resp.http.x-host; - - # remove link header, if session is already started to save client resources - if (req.http.cookie ~ "session-") { - unset resp.http.Link; - } - - if (!std.ip(req.http.X-Client-Ip, client.ip) ~ debug) { - unset resp.http.X-Cacheable; - unset resp.http.X-Cache-Tags; - unset resp.http.X-Cache-TTL; - unset resp.http.X-Is-Static-File; - unset resp.http.X-Site; - - # Shopware: unset the headers, thus remove them from the response the client sees - unset resp.http.X-Shopware-Allow-Nocache; - unset resp.http.X-Shopware-Cache-Id; - } elseif (obj.hits > 0) { - set resp.http.X-Cache = "HIT"; - set resp.http.X-Cache-Hits = obj.hits; - } else { - set resp.http.X-Cache = "MISS"; - } - - include "includes/deliver.vcl"; - - return (deliver); + # For static files, the browser should always get Age: 0 to cache it as long as possible + if (resp.http.X-Set-Age-Zero) { + unset resp.http.X-Set-Age-Zero; + + # By definition we have a fresh object + set resp.http.age = "0"; + } + + unset resp.http.x-url; + unset resp.http.x-host; + unset resp.http.xkey; + + if (std.ip(req.http.X-Client-Ip, client.ip) !~ debug) { + unset resp.http.X-Cacheable; + unset resp.http.X-Cache-Tags; + unset resp.http.X-Cache-TTL; + unset resp.http.X-Is-Static-File; + unset resp.http.X-Site; + } elseif (obj.hits > 0) { + set resp.http.X-Cache = "HIT"; + set resp.http.X-Cache-Hits = obj.hits; + } else { + set resp.http.X-Cache = "MISS"; + } + + include "includes/deliver.vcl"; } sub vcl_purge { - if (req.http.X-Restart-After-Purge) { - return (restart); - } + if (req.http.X-Restart-After-Purge) { + return (restart); + } } sub vcl_backend_error { - # ESI requests returning an error should not return the error page (possibly containing esi tags in the error document) - if (bereq.http.X-Varnish-Esi-Level && std.integer(bereq.http.X-Varnish-Esi-Level, 0) > 0) { - set beresp.http.Content-Type = "text/html; charset=utf-8"; - synthetic(""); - set beresp.ttl = 0s; - return (deliver); - } + # ESI requests returning an error should not return the error page (possibly containing esi tags in the error document) + if (bereq.http.X-Varnish-Esi-Level && std.integer(bereq.http.X-Varnish-Esi-Level, 0) > 0) { + set beresp.http.Content-Type = "text/html; charset=utf-8"; + synthetic(""); + set beresp.ttl = 0s; + return (deliver); + } } sub vcl_synth { - if (req.http.X-Varnish-Esi-Level && std.integer(req.http.X-Varnish-Esi-Level, 0) > 0) { - set resp.http.Content-Type = "text/html; charset=utf-8"; - synthetic(""); - return (deliver); - } + if (req.http.X-Varnish-Esi-Level && std.integer(req.http.X-Varnish-Esi-Level, 0) > 0) { + set resp.http.Content-Type = "text/html; charset=utf-8"; + synthetic(""); + return (deliver); + } - include "includes/synth.vcl"; + include "includes/synth.vcl"; } diff --git a/varnish/config/includes/acls.vcl b/varnish/config/includes/acls.vcl index b0c7ecc..edc9514 100644 --- a/varnish/config/includes/acls.vcl +++ b/varnish/config/includes/acls.vcl @@ -11,4 +11,6 @@ acl purge { acl webserver { "website_fpm"; + "website_cli"; + "website_cron"; } diff --git a/varnish/config/includes/backend_response_post_static_file_caching.vcl b/varnish/config/includes/backend_response_post_static_file_caching.vcl deleted file mode 100644 index e69de29..0000000 diff --git a/varnish/docker-varnish-entrypoint b/varnish/docker-varnish-entrypoint index 74d7789..507b894 100755 --- a/varnish/docker-varnish-entrypoint +++ b/varnish/docker-varnish-entrypoint @@ -8,7 +8,9 @@ if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then set -- varnishd \ -F \ -f /etc/varnish/default.vcl \ - -a :${VARNISH_HTTP_PORT:-80} \ + -a http=:${VARNISH_HTTP_PORT:-80},HTTP \ + -a proxy=:${VARNISH_PROXY_PORT:-8443},PROXY \ + -p feature=+http2 \ -s malloc,${VARNISH_SIZE:-1G} \ -t 120 \ -p thread_pool_min=5 \ From badf7ef33259318136f4c427915f020e44527d4e Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 16:20:06 +0200 Subject: [PATCH 08/22] feat: update nginx proxy and remove lua module --- proxy/Dockerfile | 25 ++++---- proxy/config/accept.lua | 97 ----------------------------- proxy/config/includes/neos | 1 - proxy/config/includes/parsed_accept | 3 - proxy/config/includes/php | 1 - proxy/config/includes/shop | 1 - proxy/config/includes/typo3 | 1 - proxy/config/nginx.conf | 2 - 8 files changed, 11 insertions(+), 120 deletions(-) delete mode 100644 proxy/config/accept.lua delete mode 100644 proxy/config/includes/parsed_accept diff --git a/proxy/Dockerfile b/proxy/Dockerfile index 966ee4f..86afed7 100644 --- a/proxy/Dockerfile +++ b/proxy/Dockerfile @@ -1,19 +1,18 @@ # syntax=docker/dockerfile:1 # Adding third-party modules to nginx official image # SEE https://github.com/nginxinc/docker-nginx/tree/master/modules -FROM nginx:1.27.0 as builder +FROM nginx:1.27.0 AS builder -ENV ENABLED_MODULES="ndk headers-more lua subs-filter geoip2" +ENV ENABLED_MODULES="headers-more subs-filter geoip2" +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] -RUN set -ex \ - && if [ "$ENABLED_MODULES" = "" ]; then \ +RUN if [ "$ENABLED_MODULES" = "" ]; then \ echo "No additional modules enabled, exiting"; \ exit 1; \ fi -RUN set -ex \ - && apt update \ - && apt install -y --no-install-suggests --no-install-recommends \ +RUN apt-get update \ + && apt-get install -y --no-install-suggests --no-install-recommends \ patch make wget mercurial devscripts debhelper dpkg-dev \ quilt lsb-release build-essential libxml2-utils xsltproc \ equivs git g++ libparse-recdescent-perl \ @@ -42,7 +41,7 @@ RUN set -ex \ # some modules require build dependencies if [ -f /modules/$module/build-deps ]; then \ echo "Installing $module build dependencies"; \ - apt update && apt install -y --no-install-suggests --no-install-recommends $(cat /modules/$module/build-deps | xargs); \ + apt-get update && apt-get install -y --no-install-suggests --no-install-recommends $(cat /modules/$module/build-deps | xargs); \ fi; \ # if a module has a build dependency that is not in a distro, provide a # shell script to fetch/build/install those @@ -73,17 +72,15 @@ FROM nginx:1.27.0 ENV TZ="Europe/Berlin" RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone -COPY --from=builder /tmp/packages /tmp/packages -RUN set -ex \ - && apt update \ +RUN --mount=type=bind,target=/tmp/packages/,source=/tmp/packages/,from=builder \ + apt-get update \ && . /tmp/packages/modules.env \ && for module in $BUILT_MODULES; do \ - apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb; \ + apt-get install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb; \ done \ - && rm -rf /tmp/packages \ && rm -rf /var/lib/apt/lists/ -RUN curl -L https://github.com/a8m/envsubst/releases/download/v1.2.0/envsubst-Linux-x86_64 -o /usr/local/bin/envsubst && chmod +x /usr/local/bin/envsubst +RUN curl -L https://github.com/a8m/envsubst/releases/download/v1.4.2/envsubst-Linux-x86_64 -o /usr/local/bin/envsubst && chmod +x /usr/local/bin/envsubst COPY config /etc/nginx COPY docker-entrypoint.d /docker-entrypoint.d diff --git a/proxy/config/accept.lua b/proxy/config/accept.lua deleted file mode 100644 index 94a4592..0000000 --- a/proxy/config/accept.lua +++ /dev/null @@ -1,97 +0,0 @@ ------------------------------------------------------------------------------------ --- HTTP Accept-Language header handler -- --- @originalAuthor: f.ghibellini@gmail.com -- --- @originalRepository: https://github.com/fghibellini/nginx-http-accept-lang -- --- @modifiedBy: marian.hello@mapilary.com -- --- @gist: https://gist.github.com/mauron85/47ed1075262d9e020fe2 -- --- @modifiedBy: lienhart.woitok@netlogix.de -- --- @license: MIT -- --- @requires: -- --- @description: -- --- returns accept header with only supported types ordered by priority -- --- according to RFC:2616 -- --- @example configuration: -- --- -- --- server { -- --- listen 8080 default_server; -- --- index index.html index.htm; -- --- server_name localhost; -- --- -- --- root usr/share/nginx/html; -- --- -- --- location = / { -- --- # $accept_sup holds comma separated mime types supported by site -- --- # if no match */* will be used. */*;q=0.8 will be appended. -- --- set $accept_sup = "text/html,image/webp" -- --- set_by_lua_file $parsed_accept /etc/nginx/accept.lua $accept_sup; -- --- proxy_set_header Accept $parsed_accept; -- --- } -- --- } -- --- -- ------------------------------------------------------------------------------------ - -function inTable(tbl, item) - for key, value in pairs(tbl) do - if value == item then - return key - end - end - return false -end - -function string:split( inSplitPattern, outResults ) - if not outResults then - outResults = { } - end - local theStart = 1 - local theSplitStart, theSplitEnd = string.find( self, inSplitPattern, theStart ) - while theSplitStart do - table.insert( outResults, string.sub( self, theStart, theSplitStart-1 ) ) - theStart = theSplitEnd + 1 - theSplitStart, theSplitEnd = string.find( self, inSplitPattern, theStart ) - end - table.insert( outResults, string.sub( self, theStart ) ) - return outResults -end - -local supportedMimeTypes = {} -if ( ngx.arg[1] ~= nil ) then - supportedMimeTypes = ngx.arg[1]:split(",") -end - -local acceptHeader = ngx.var.http_accept -if ( acceptHeader == nil ) then - return supportedMimeTypes[1] -end - -local cleaned = ngx.re.sub(acceptHeader, "^.*:", "") -local options = {} -local iterator, err = ngx.re.gmatch(cleaned, "\\s*([a-z]+/(?:[a-z0-9+-]+|\\*)|\\*/\\*)\\s*(?:;q=([0-9]+(?:.[0-9]*)?))?\\s*(?:,|$)", "i") -for m, err in iterator do - local mimeType = m[1] - local priority = 1 - if m[2] ~= nil then - priority = tonumber(m[2]) - if priority == nil then - priority = 1 - end - end - table.insert(options, {mimeType, priority}) -end - -table.sort(options, function(a,b) return b[2] < a[2] end) - -local result = {} - -for index, mimeType in pairs(options) do - if inTable(supportedMimeTypes, mimeType[1]) then - table.insert(result, mimeType[1]) - end -end - -if #result == 0 then - return "*/*" -end - -table.insert(result, "*/*;q=0.8") -return table.concat(result, ",") diff --git a/proxy/config/includes/neos b/proxy/config/includes/neos index fb443e8..704c291 100644 --- a/proxy/config/includes/neos +++ b/proxy/config/includes/neos @@ -28,4 +28,3 @@ proxy_buffers 8 64k; include includes/clear_headers; include includes/security_headers; -include includes/parsed_accept; diff --git a/proxy/config/includes/parsed_accept b/proxy/config/includes/parsed_accept deleted file mode 100644 index b8700cc..0000000 --- a/proxy/config/includes/parsed_accept +++ /dev/null @@ -1,3 +0,0 @@ -set_by_lua_file $parsed_accept /etc/nginx/accept.lua text/html,image/webp,image/*,application/json; -proxy_set_header X-Original-Accept $http_accept; -proxy_set_header Accept $parsed_accept; diff --git a/proxy/config/includes/php b/proxy/config/includes/php index 06d1ae8..17bfa38 100644 --- a/proxy/config/includes/php +++ b/proxy/config/includes/php @@ -15,4 +15,3 @@ proxy_buffers 8 64k; include includes/clear_headers; include includes/security_headers; -include includes/parsed_accept; diff --git a/proxy/config/includes/shop b/proxy/config/includes/shop index 06d1ae8..17bfa38 100644 --- a/proxy/config/includes/shop +++ b/proxy/config/includes/shop @@ -15,4 +15,3 @@ proxy_buffers 8 64k; include includes/clear_headers; include includes/security_headers; -include includes/parsed_accept; diff --git a/proxy/config/includes/typo3 b/proxy/config/includes/typo3 index 45be15a..c0791f2 100644 --- a/proxy/config/includes/typo3 +++ b/proxy/config/includes/typo3 @@ -15,4 +15,3 @@ proxy_buffers 8 64k; include includes/clear_headers; include includes/security_headers; -include includes/parsed_accept; diff --git a/proxy/config/nginx.conf b/proxy/config/nginx.conf index 1acd9ad..2d2ed83 100644 --- a/proxy/config/nginx.conf +++ b/proxy/config/nginx.conf @@ -5,9 +5,7 @@ pid /var/run/nginx.pid; ## # Include modules ## -load_module modules/ndk_http_module.so; load_module modules/ngx_http_headers_more_filter_module.so; -load_module modules/ngx_http_lua_module.so; load_module modules/ngx_http_subs_filter_module.so; load_module modules/ngx_http_geoip2_module.so; load_module modules/ngx_http_js_module.so; From 39c71f68fed353bef30d275ea2cf5a1da9a2db6c Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 16:21:46 +0200 Subject: [PATCH 09/22] feat: remove mailhog from proxy --- proxy/config/includes/mailhog | 6 ------ proxy/config/sites-example/mailhog.conf.template | 10 ---------- 2 files changed, 16 deletions(-) delete mode 100644 proxy/config/includes/mailhog delete mode 100644 proxy/config/sites-example/mailhog.conf.template diff --git a/proxy/config/includes/mailhog b/proxy/config/includes/mailhog deleted file mode 100644 index a1b0373..0000000 --- a/proxy/config/includes/mailhog +++ /dev/null @@ -1,6 +0,0 @@ -location / { - proxy_pass http://mailhog:8025; - include includes/proxy_params; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; -} diff --git a/proxy/config/sites-example/mailhog.conf.template b/proxy/config/sites-example/mailhog.conf.template deleted file mode 100644 index fb3b161..0000000 --- a/proxy/config/sites-example/mailhog.conf.template +++ /dev/null @@ -1,10 +0,0 @@ -server { - listen 443 ssl http2; - - server_name ${DOMAIN_MAILHOG}; - - include includes/mailhog; - - ssl_certificate /etc/nginx/ssl/${DOMAIN_ENV_SSL_CERTIFICATE:-cert.pem}; - ssl_certificate_key /etc/nginx/ssl/${DOMAIN_ENV_SSL_CERTIFICATE_KEY:-cert.key}; -} From ad976da2eb2b508b6af9adad479da363ffe9cd79 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 17:12:36 +0200 Subject: [PATCH 10/22] feat: refactor nginx build --- .github/workflows/docker.yml | 34 ++------ .github/workflows/nginx.yml | 77 +++++++++++++++++++ {proxy => nginx}/.dockerignore | 0 {proxy => nginx}/Dockerfile | 7 +- .../21-envsubst-on-sites-available.sh | 0 .../etc/nginx}/conf.d/default.conf | 0 .../etc/nginx}/conf.d/forwarded.conf | 0 .../etc/nginx}/conf.d/log.conf | 2 +- .../etc/nginx}/conf.d/map.conf | 0 .../etc/nginx}/conf.d/security.conf | 0 .../etc/nginx}/conf.d/tracing.conf | 0 .../etc/nginx}/conf.d/upstream.conf | 0 .../etc/nginx}/includes/clear_headers | 0 .../etc/nginx/includes/defaults | 10 +-- .../config => nginx/etc/nginx}/includes/neos | 18 ++--- nginx/etc/nginx/includes/php | 5 ++ .../etc/nginx}/includes/proxy_params | 0 .../etc/nginx}/includes/security_headers | 0 nginx/etc/nginx/includes/shop | 5 ++ .../etc/nginx}/includes/styleguide | 0 nginx/etc/nginx/includes/typo3 | 9 +++ {proxy/config => nginx/etc/nginx}/nginx.conf | 0 .../etc/nginx}/sites-available/.gitkeep | 0 .../etc/nginx}/sites-enabled/.gitkeep | 0 .../nginx}/sites-enabled/health-check.conf | 0 .../examples}/domain-redirect.conf.template | 0 .../examples}/neos.conf.template | 0 .../examples}/php.conf.template | 0 .../examples}/redirect-https.conf.template | 0 .../examples}/shop.conf.template | 0 .../examples}/styleguide.conf.template | 0 .../examples}/typo3.conf.template | 0 .../examples}/www-redirect.conf.template | 0 .../styleguide}/conf.d/default.conf | 0 proxy/config/conf.d/ssl.conf | 12 --- proxy/config/dhparam/dhparam.pem | 8 -- proxy/config/includes/php | 17 ---- proxy/config/includes/pki_validation | 6 -- proxy/config/includes/shop | 17 ---- styleguide/Dockerfile | 9 --- styleguide/etc/nginx/conf.d/health-check.conf | 18 ----- styleguide/etc/nginx/nginx.conf | 45 ----------- 42 files changed, 115 insertions(+), 184 deletions(-) create mode 100644 .github/workflows/nginx.yml rename {proxy => nginx}/.dockerignore (100%) rename {proxy => nginx}/Dockerfile (98%) rename {proxy => nginx}/docker-entrypoint.d/21-envsubst-on-sites-available.sh (100%) rename {proxy/config => nginx/etc/nginx}/conf.d/default.conf (100%) rename {proxy/config => nginx/etc/nginx}/conf.d/forwarded.conf (100%) rename {proxy/config => nginx/etc/nginx}/conf.d/log.conf (89%) rename {proxy/config => nginx/etc/nginx}/conf.d/map.conf (100%) rename {proxy/config => nginx/etc/nginx}/conf.d/security.conf (100%) rename {proxy/config => nginx/etc/nginx}/conf.d/tracing.conf (100%) rename {proxy/config => nginx/etc/nginx}/conf.d/upstream.conf (100%) rename {proxy/config => nginx/etc/nginx}/includes/clear_headers (100%) rename proxy/config/includes/typo3 => nginx/etc/nginx/includes/defaults (66%) rename {proxy/config => nginx/etc/nginx}/includes/neos (64%) create mode 100644 nginx/etc/nginx/includes/php rename {proxy/config => nginx/etc/nginx}/includes/proxy_params (100%) rename {proxy/config => nginx/etc/nginx}/includes/security_headers (100%) create mode 100644 nginx/etc/nginx/includes/shop rename {proxy/config => nginx/etc/nginx}/includes/styleguide (100%) create mode 100644 nginx/etc/nginx/includes/typo3 rename {proxy/config => nginx/etc/nginx}/nginx.conf (100%) rename {proxy/config => nginx/etc/nginx}/sites-available/.gitkeep (100%) rename {proxy/config => nginx/etc/nginx}/sites-enabled/.gitkeep (100%) rename {proxy/config => nginx/etc/nginx}/sites-enabled/health-check.conf (100%) rename {proxy/config/sites-example => nginx/examples}/domain-redirect.conf.template (100%) rename {proxy/config/sites-example => nginx/examples}/neos.conf.template (100%) rename {proxy/config/sites-example => nginx/examples}/php.conf.template (100%) rename {proxy/config/sites-example => nginx/examples}/redirect-https.conf.template (100%) rename {proxy/config/sites-example => nginx/examples}/shop.conf.template (100%) rename {proxy/config/sites-example => nginx/examples}/styleguide.conf.template (100%) rename {proxy/config/sites-example => nginx/examples}/typo3.conf.template (100%) rename {proxy/config/sites-example => nginx/examples}/www-redirect.conf.template (100%) rename {styleguide/etc/nginx => nginx/styleguide}/conf.d/default.conf (100%) delete mode 100644 proxy/config/conf.d/ssl.conf delete mode 100644 proxy/config/dhparam/dhparam.pem delete mode 100644 proxy/config/includes/php delete mode 100644 proxy/config/includes/pki_validation delete mode 100644 proxy/config/includes/shop delete mode 100644 styleguide/Dockerfile delete mode 100644 styleguide/etc/nginx/conf.d/health-check.conf delete mode 100644 styleguide/etc/nginx/nginx.conf diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index bd9ebdf..b12a34a 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,4 +1,4 @@ -name: 'Build basic docker container' +name: 'Build basic docker images' concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -18,7 +18,7 @@ on: jobs: build-docker-images: - name: 'Build Docker Images' + name: 'Build ${{ matrix.image.name }} docker image' runs-on: ubuntu-latest strategy: fail-fast: false @@ -70,11 +70,6 @@ jobs: version: '' file: 12.dockerfile build-args: '' - - name: proxy - context: ./proxy - target: '' - version: '' - build-args: '' - name: rabbitmq context: ./rabbitmq target: '' @@ -206,11 +201,6 @@ jobs: target: 'prometheus-varnish-exporter' version: '1.6.1' build-args: '' - - name: styleguide - context: ./styleguide - target: '' - version: '' - build-args: '' - name: node context: ./node target: 'node' @@ -513,21 +503,8 @@ jobs: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and export to Docker - uses: docker/build-push-action@v6 - with: - builder: ${{ steps.buildx.outputs.name }} - context: ${{ matrix.image.context }} - target: ${{ matrix.image.target }} - file: ${{ matrix.image.context }}/${{ matrix.image.file || 'Dockerfile' }} - build-args: ${{ matrix.image.build-args }} - load: true - tags: ${{ matrix.image.name }}:${{ steps.docker.outputs.version }} - cache-from: type=gha, scope=${{ github.workflow }}-${{ matrix.image.name }}-${{ matrix.image.version }} - cache-to: type=gha, scope=${{ github.workflow }}-${{ matrix.image.name }}-${{ matrix.image.version }}, mode=max - - name: Build and push to GHCR - id: docker_push + id: docker_build_push uses: docker/build-push-action@v6 with: builder: ${{ steps.buildx.outputs.name }} @@ -538,5 +515,6 @@ jobs: push: ${{ github.event_name != 'pull_request' }} tags: ${{ env.DOCKER_IMAGE }}:latest,${{ env.DOCKER_IMAGE }}:${{ steps.docker.outputs.version }} platforms: linux/amd64,linux/arm64 - cache-from: type=gha, scope=${{ github.workflow }}-${{ matrix.image.name }}-${{ matrix.image.version }} - cache-to: type=gha, scope=${{ github.workflow }}-${{ matrix.image.name }}-${{ matrix.image.version }}, mode=max + cache-from: type=gha, scope=${{ matrix.image.name }}-${{ steps.docker.outputs.version }} + cache-to: type=gha, scope=${{ matrix.image.name }}-${{ steps.docker.outputs.version }}, mode=max + diff --git a/.github/workflows/nginx.yml b/.github/workflows/nginx.yml new file mode 100644 index 0000000..e937ccf --- /dev/null +++ b/.github/workflows/nginx.yml @@ -0,0 +1,77 @@ +name: 'Build nginx docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - nginx/** + pull_request: + branches: + - main + paths: + - nginx/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build nginx docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./nginx/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (nginx) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: nginx + context: ./nginx + target: nginx + file: ./nginx/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/nginx:latest,ghcr.io/netlogix/docker/nginx:${{ steps.docker.outputs.version }},ghcr.io/netlogix/docker/proxy:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-nginx + cache-to: type=gha, scope=${{ github.workflow }}-nginx, mode=max + + - name: Build and push (nginx) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: styleguide + context: ./nginx + target: styleguide + file: ./nginx/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/styleguide:latest,ghcr.io/netlogix/docker/styleguide:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha,mode=max + diff --git a/proxy/.dockerignore b/nginx/.dockerignore similarity index 100% rename from proxy/.dockerignore rename to nginx/.dockerignore diff --git a/proxy/Dockerfile b/nginx/Dockerfile similarity index 98% rename from proxy/Dockerfile rename to nginx/Dockerfile index 86afed7..046ddb1 100644 --- a/proxy/Dockerfile +++ b/nginx/Dockerfile @@ -68,7 +68,7 @@ RUN apt-get update \ done \ && echo "BUILT_MODULES=\"$BUILT_MODULES\"" > /tmp/packages/modules.env -FROM nginx:1.27.0 +FROM nginx:1.27.0 AS nginx ENV TZ="Europe/Berlin" RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone @@ -82,6 +82,7 @@ RUN --mount=type=bind,target=/tmp/packages/,source=/tmp/packages/,from=builder \ RUN curl -L https://github.com/a8m/envsubst/releases/download/v1.4.2/envsubst-Linux-x86_64 -o /usr/local/bin/envsubst && chmod +x /usr/local/bin/envsubst +COPY etc /etc/ COPY config /etc/nginx COPY docker-entrypoint.d /docker-entrypoint.d @@ -89,3 +90,7 @@ COPY docker-entrypoint.d /docker-entrypoint.d RUN nginx -t HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD curl --silent --fail http://127.0.0.1:90/health || exit 1 + +FROM nginx AS styleguide + +COPY styleguide /etc/nginx diff --git a/proxy/docker-entrypoint.d/21-envsubst-on-sites-available.sh b/nginx/docker-entrypoint.d/21-envsubst-on-sites-available.sh similarity index 100% rename from proxy/docker-entrypoint.d/21-envsubst-on-sites-available.sh rename to nginx/docker-entrypoint.d/21-envsubst-on-sites-available.sh diff --git a/proxy/config/conf.d/default.conf b/nginx/etc/nginx/conf.d/default.conf similarity index 100% rename from proxy/config/conf.d/default.conf rename to nginx/etc/nginx/conf.d/default.conf diff --git a/proxy/config/conf.d/forwarded.conf b/nginx/etc/nginx/conf.d/forwarded.conf similarity index 100% rename from proxy/config/conf.d/forwarded.conf rename to nginx/etc/nginx/conf.d/forwarded.conf diff --git a/proxy/config/conf.d/log.conf b/nginx/etc/nginx/conf.d/log.conf similarity index 89% rename from proxy/config/conf.d/log.conf rename to nginx/etc/nginx/conf.d/log.conf index c1d2344..625d78a 100644 --- a/proxy/config/conf.d/log.conf +++ b/nginx/etc/nginx/conf.d/log.conf @@ -5,6 +5,6 @@ log_format combined_upstream '$host:$server_port $http_x_forwarded_for - $remot log_format combined_with_time '$host:$server_port $http_x_forwarded_for - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" ' '$request_time "-" "-" "$ssl_protocol" "$ssl_cipher" "$sent_http_location" "$traceId"'; -log_format combined_with_trace '$http_x_forwarded_for - $remote_user [$time_local] ' +log_format combined_with_trace '$host:$server_port $http_x_forwarded_for - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" "$traceId"'; diff --git a/proxy/config/conf.d/map.conf b/nginx/etc/nginx/conf.d/map.conf similarity index 100% rename from proxy/config/conf.d/map.conf rename to nginx/etc/nginx/conf.d/map.conf diff --git a/proxy/config/conf.d/security.conf b/nginx/etc/nginx/conf.d/security.conf similarity index 100% rename from proxy/config/conf.d/security.conf rename to nginx/etc/nginx/conf.d/security.conf diff --git a/proxy/config/conf.d/tracing.conf b/nginx/etc/nginx/conf.d/tracing.conf similarity index 100% rename from proxy/config/conf.d/tracing.conf rename to nginx/etc/nginx/conf.d/tracing.conf diff --git a/proxy/config/conf.d/upstream.conf b/nginx/etc/nginx/conf.d/upstream.conf similarity index 100% rename from proxy/config/conf.d/upstream.conf rename to nginx/etc/nginx/conf.d/upstream.conf diff --git a/proxy/config/includes/clear_headers b/nginx/etc/nginx/includes/clear_headers similarity index 100% rename from proxy/config/includes/clear_headers rename to nginx/etc/nginx/includes/clear_headers diff --git a/proxy/config/includes/typo3 b/nginx/etc/nginx/includes/defaults similarity index 66% rename from proxy/config/includes/typo3 rename to nginx/etc/nginx/includes/defaults index c0791f2..43683a5 100644 --- a/proxy/config/includes/typo3 +++ b/nginx/etc/nginx/includes/defaults @@ -1,17 +1,9 @@ client_max_body_size 128m; -include includes/proxy_params; - -location / { - proxy_pass http://varnish; -} - -# SSL certificate validation -include includes/pki_validation; - # Increase buffer size for X-Cache-Tags header proxy_buffer_size 64k; proxy_buffers 8 64k; +include includes/proxy_params; include includes/clear_headers; include includes/security_headers; diff --git a/proxy/config/includes/neos b/nginx/etc/nginx/includes/neos similarity index 64% rename from proxy/config/includes/neos rename to nginx/etc/nginx/includes/neos index 704c291..59f9f35 100644 --- a/proxy/config/includes/neos +++ b/nginx/etc/nginx/includes/neos @@ -1,6 +1,4 @@ -client_max_body_size 128m; - -include includes/proxy_params; +include includes/defaults; location / { proxy_pass http://varnish; @@ -16,15 +14,9 @@ location ~ /_Resources/.*\.(ttf|woff2?|eot|svg|css)$ { add_header Referrer-Policy "same-origin" always; add_header X-XSS-Protection "1; mode=block" always; - proxy_pass http://varnish; + proxy_pass http://webserver; } -# SSL certificate validation -include includes/pki_validation; - -# Increase buffer size for X-Cache-Tags header -proxy_buffer_size 64k; -proxy_buffers 8 64k; - -include includes/clear_headers; -include includes/security_headers; +location ~ ^/(_Resources/Static|_Resources/Persistent)/ { + proxy_pass http://webserver; +} diff --git a/nginx/etc/nginx/includes/php b/nginx/etc/nginx/includes/php new file mode 100644 index 0000000..559c184 --- /dev/null +++ b/nginx/etc/nginx/includes/php @@ -0,0 +1,5 @@ +include includes/defaults; + +location / { + proxy_pass http://webserver; +} diff --git a/proxy/config/includes/proxy_params b/nginx/etc/nginx/includes/proxy_params similarity index 100% rename from proxy/config/includes/proxy_params rename to nginx/etc/nginx/includes/proxy_params diff --git a/proxy/config/includes/security_headers b/nginx/etc/nginx/includes/security_headers similarity index 100% rename from proxy/config/includes/security_headers rename to nginx/etc/nginx/includes/security_headers diff --git a/nginx/etc/nginx/includes/shop b/nginx/etc/nginx/includes/shop new file mode 100644 index 0000000..559c184 --- /dev/null +++ b/nginx/etc/nginx/includes/shop @@ -0,0 +1,5 @@ +include includes/defaults; + +location / { + proxy_pass http://webserver; +} diff --git a/proxy/config/includes/styleguide b/nginx/etc/nginx/includes/styleguide similarity index 100% rename from proxy/config/includes/styleguide rename to nginx/etc/nginx/includes/styleguide diff --git a/nginx/etc/nginx/includes/typo3 b/nginx/etc/nginx/includes/typo3 new file mode 100644 index 0000000..3c534b0 --- /dev/null +++ b/nginx/etc/nginx/includes/typo3 @@ -0,0 +1,9 @@ +include includes/defaults; + +location / { + proxy_pass http://varnish; +} + +location ~ ^/(fileadmin|typo3temp/assets|_assets)/ { + proxy_pass http://webserver; +} diff --git a/proxy/config/nginx.conf b/nginx/etc/nginx/nginx.conf similarity index 100% rename from proxy/config/nginx.conf rename to nginx/etc/nginx/nginx.conf diff --git a/proxy/config/sites-available/.gitkeep b/nginx/etc/nginx/sites-available/.gitkeep similarity index 100% rename from proxy/config/sites-available/.gitkeep rename to nginx/etc/nginx/sites-available/.gitkeep diff --git a/proxy/config/sites-enabled/.gitkeep b/nginx/etc/nginx/sites-enabled/.gitkeep similarity index 100% rename from proxy/config/sites-enabled/.gitkeep rename to nginx/etc/nginx/sites-enabled/.gitkeep diff --git a/proxy/config/sites-enabled/health-check.conf b/nginx/etc/nginx/sites-enabled/health-check.conf similarity index 100% rename from proxy/config/sites-enabled/health-check.conf rename to nginx/etc/nginx/sites-enabled/health-check.conf diff --git a/proxy/config/sites-example/domain-redirect.conf.template b/nginx/examples/domain-redirect.conf.template similarity index 100% rename from proxy/config/sites-example/domain-redirect.conf.template rename to nginx/examples/domain-redirect.conf.template diff --git a/proxy/config/sites-example/neos.conf.template b/nginx/examples/neos.conf.template similarity index 100% rename from proxy/config/sites-example/neos.conf.template rename to nginx/examples/neos.conf.template diff --git a/proxy/config/sites-example/php.conf.template b/nginx/examples/php.conf.template similarity index 100% rename from proxy/config/sites-example/php.conf.template rename to nginx/examples/php.conf.template diff --git a/proxy/config/sites-example/redirect-https.conf.template b/nginx/examples/redirect-https.conf.template similarity index 100% rename from proxy/config/sites-example/redirect-https.conf.template rename to nginx/examples/redirect-https.conf.template diff --git a/proxy/config/sites-example/shop.conf.template b/nginx/examples/shop.conf.template similarity index 100% rename from proxy/config/sites-example/shop.conf.template rename to nginx/examples/shop.conf.template diff --git a/proxy/config/sites-example/styleguide.conf.template b/nginx/examples/styleguide.conf.template similarity index 100% rename from proxy/config/sites-example/styleguide.conf.template rename to nginx/examples/styleguide.conf.template diff --git a/proxy/config/sites-example/typo3.conf.template b/nginx/examples/typo3.conf.template similarity index 100% rename from proxy/config/sites-example/typo3.conf.template rename to nginx/examples/typo3.conf.template diff --git a/proxy/config/sites-example/www-redirect.conf.template b/nginx/examples/www-redirect.conf.template similarity index 100% rename from proxy/config/sites-example/www-redirect.conf.template rename to nginx/examples/www-redirect.conf.template diff --git a/styleguide/etc/nginx/conf.d/default.conf b/nginx/styleguide/conf.d/default.conf similarity index 100% rename from styleguide/etc/nginx/conf.d/default.conf rename to nginx/styleguide/conf.d/default.conf diff --git a/proxy/config/conf.d/ssl.conf b/proxy/config/conf.d/ssl.conf deleted file mode 100644 index c9bafdc..0000000 --- a/proxy/config/conf.d/ssl.conf +++ /dev/null @@ -1,12 +0,0 @@ -# https://ssl-config.mozilla.org/#server=nginx&version=1.23.1&config=intermediate&openssl=1.1.1k&guideline=5.6 -ssl_session_timeout 1d; -ssl_session_cache shared:SSL:10m; # about 40000 sessions -ssl_session_tickets off; - -# Downloaded version of https://ssl-config.mozilla.org/ffdhe2048.txt -ssl_dhparam /etc/nginx/dhparam/dhparam.pem; - -# intermediate configuration -ssl_protocols TLSv1.2 TLSv1.3; -ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; -ssl_prefer_server_ciphers off; diff --git a/proxy/config/dhparam/dhparam.pem b/proxy/config/dhparam/dhparam.pem deleted file mode 100644 index 9b182b7..0000000 --- a/proxy/config/dhparam/dhparam.pem +++ /dev/null @@ -1,8 +0,0 @@ ------BEGIN DH PARAMETERS----- -MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz -+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a -87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7 -YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi -7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD -ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg== ------END DH PARAMETERS----- diff --git a/proxy/config/includes/php b/proxy/config/includes/php deleted file mode 100644 index 17bfa38..0000000 --- a/proxy/config/includes/php +++ /dev/null @@ -1,17 +0,0 @@ -client_max_body_size 128m; - -include includes/proxy_params; - -location / { - proxy_pass http://webserver; -} - -# SSL certificate validation -include includes/pki_validation; - -# Increase buffer size for X-Cache-Tags header -proxy_buffer_size 64k; -proxy_buffers 8 64k; - -include includes/clear_headers; -include includes/security_headers; diff --git a/proxy/config/includes/pki_validation b/proxy/config/includes/pki_validation deleted file mode 100644 index dfd4b63..0000000 --- a/proxy/config/includes/pki_validation +++ /dev/null @@ -1,6 +0,0 @@ -# SSL certificate validation -location ^~ /.well-known/pki-validation/ { - root /usr/share/nginx/html/pki-validation/; - auth_basic off; - allow all; -} diff --git a/proxy/config/includes/shop b/proxy/config/includes/shop deleted file mode 100644 index 17bfa38..0000000 --- a/proxy/config/includes/shop +++ /dev/null @@ -1,17 +0,0 @@ -client_max_body_size 128m; - -include includes/proxy_params; - -location / { - proxy_pass http://webserver; -} - -# SSL certificate validation -include includes/pki_validation; - -# Increase buffer size for X-Cache-Tags header -proxy_buffer_size 64k; -proxy_buffers 8 64k; - -include includes/clear_headers; -include includes/security_headers; diff --git a/styleguide/Dockerfile b/styleguide/Dockerfile deleted file mode 100644 index 8b6ade4..0000000 --- a/styleguide/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -# syntax=docker/dockerfile:1 -FROM nginx:1.27.0 -ENV TZ="Europe/Berlin" -RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone - -COPY etc /etc/ -RUN mkdir -p /var/www - -HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD curl --silent --fail http://127.0.0.1:90/health || exit 1 diff --git a/styleguide/etc/nginx/conf.d/health-check.conf b/styleguide/etc/nginx/conf.d/health-check.conf deleted file mode 100644 index 4478fe3..0000000 --- a/styleguide/etc/nginx/conf.d/health-check.conf +++ /dev/null @@ -1,18 +0,0 @@ -server { - listen 90 default_server; - - location /nginx_status { - stub_status on; - - access_log off; - } - - location /health { - add_header 'Content-Type' 'text/plain'; - return 200 "health"; - - access_log off; - allow 127.0.0.1; - deny all; - } -} diff --git a/styleguide/etc/nginx/nginx.conf b/styleguide/etc/nginx/nginx.conf deleted file mode 100644 index a970999..0000000 --- a/styleguide/etc/nginx/nginx.conf +++ /dev/null @@ -1,45 +0,0 @@ -user nginx; -worker_processes 1; -pid /var/run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - - ## - # Basic Settings - ## - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 60; - server_tokens off; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # Logging Settings - ## - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for" "$http_x_tracing_id"'; - - access_log /var/log/nginx/access.log main; - error_log /var/log/nginx/error.log; - - ## - # Gzip Settings - ## - gzip on; - gzip_vary on; - gzip_proxied any; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml; - - ## - # Custom Configs - ## - include /etc/nginx/conf.d/*.conf; -} From d23ba14005e6aeb5591354228dfe1b846add1ebe Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 17:37:57 +0200 Subject: [PATCH 11/22] feat: refactor php build --- .github/workflows/docker.yml | 264 ----------------------------------- .github/workflows/php.yml | 168 ++++++++++++++++++++++ php/8.2.dockerfile | 4 +- php/8.3.dockerfile | 246 -------------------------------- php/Dockerfile | 9 +- 5 files changed, 176 insertions(+), 515 deletions(-) create mode 100644 .github/workflows/php.yml delete mode 100644 php/8.3.dockerfile diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index b12a34a..dfe5e63 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -214,270 +214,6 @@ jobs: build-args: | NODE_VERSION=20 - - name: php-fpm - context: ./php - target: 'php-fpm' - version: 7.2 - build-args: | - PHP_VERSION=7.2 - UBUNTU_VERSION=18.04 - - name: php-fpm-dev - context: ./php - target: 'php-fpm-dev' - version: 7.2 - build-args: | - PHP_VERSION=7.2 - UBUNTU_VERSION=18.04 - - name: php-cli - context: ./php - target: 'php-cli' - version: 7.2 - build-args: | - PHP_VERSION=7.2 - UBUNTU_VERSION=18.04 - - name: php-cli-dev - context: ./php - target: 'php-cli-dev' - version: 7.2 - build-args: | - PHP_VERSION=7.2 - UBUNTU_VERSION=18.04 - - name: php-cron - context: ./php - target: 'php-cron' - version: 7.2 - build-args: | - PHP_VERSION=7.2 - UBUNTU_VERSION=18.04 - - name: php-cron-dev - context: ./php - target: 'php-cron-dev' - version: 7.2 - build-args: | - PHP_VERSION=7.2 - UBUNTU_VERSION=18.04 - - name: php-supervisor - context: ./php - target: 'php-supervisor' - version: 7.2 - build-args: | - PHP_VERSION=7.2 - UBUNTU_VERSION=18.04 - - - name: php-fpm - context: ./php - target: 'php-fpm' - version: 7.4 - build-args: | - PHP_VERSION=7.4 - UBUNTU_VERSION=20.04 - - name: php-fpm-dev - context: ./php - target: 'php-fpm-dev' - version: 7.4 - build-args: | - PHP_VERSION=7.4 - UBUNTU_VERSION=20.04 - - name: php-cli - context: ./php - target: 'php-cli' - version: 7.4 - build-args: | - PHP_VERSION=7.4 - UBUNTU_VERSION=20.04 - - name: php-cli-dev - context: ./php - target: 'php-cli-dev' - version: 7.4 - build-args: | - PHP_VERSION=7.4 - UBUNTU_VERSION=20.04 - - name: php-cron - context: ./php - target: 'php-cron' - version: 7.4 - build-args: | - PHP_VERSION=7.4 - UBUNTU_VERSION=20.04 - - name: php-cron-dev - context: ./php - target: 'php-cron-dev' - version: 7.4 - build-args: | - PHP_VERSION=7.4 - UBUNTU_VERSION=20.04 - - name: php-supervisor - context: ./php - target: 'php-supervisor' - version: 7.4 - build-args: | - PHP_VERSION=7.4 - UBUNTU_VERSION=20.04 - - - name: php-fpm - context: ./php - target: 'php-fpm' - version: 8.1 - build-args: | - PHP_VERSION=8.1 - UBUNTU_VERSION=22.04 - - name: php-fpm-dev - context: ./php - target: 'php-fpm-dev' - version: 8.1 - build-args: | - PHP_VERSION=8.1 - UBUNTU_VERSION=22.04 - - name: php-cli - context: ./php - target: 'php-cli' - version: 8.1 - build-args: | - PHP_VERSION=8.1 - UBUNTU_VERSION=22.04 - - name: php-cli-dev - context: ./php - target: 'php-cli-dev' - version: 8.1 - build-args: | - PHP_VERSION=8.1 - UBUNTU_VERSION=22.04 - - name: php-cron - context: ./php - target: 'php-cron' - version: 8.1 - build-args: | - PHP_VERSION=8.1 - UBUNTU_VERSION=22.04 - - name: php-cron-dev - context: ./php - target: 'php-cron-dev' - version: 8.1 - build-args: | - PHP_VERSION=8.1 - UBUNTU_VERSION=22.04 - - name: php-supervisor - context: ./php - target: 'php-supervisor' - version: 8.1 - build-args: | - PHP_VERSION=8.1 - UBUNTU_VERSION=22.04 - - - name: php-fpm - context: ./php - target: 'php-fpm' - version: 8.2 - file: 8.2.dockerfile - build-args: | - PHP_VERSION=8.2 - UBUNTU_VERSION=22.04 - - name: php-fpm-dev - context: ./php - target: 'php-fpm-dev' - version: 8.2 - file: 8.2.dockerfile - build-args: | - PHP_VERSION=8.2 - UBUNTU_VERSION=22.04 - - name: php-cli - context: ./php - target: 'php-cli' - version: 8.2 - file: 8.2.dockerfile - build-args: | - PHP_VERSION=8.2 - UBUNTU_VERSION=22.04 - - name: php-cli-dev - context: ./php - target: 'php-cli-dev' - version: 8.2 - file: 8.2.dockerfile - build-args: | - PHP_VERSION=8.2 - UBUNTU_VERSION=22.04 - - name: php-cron - context: ./php - target: 'php-cron' - version: 8.2 - file: 8.2.dockerfile - build-args: | - PHP_VERSION=8.2 - UBUNTU_VERSION=22.04 - - name: php-cron-dev - context: ./php - target: 'php-cron-dev' - version: 8.2 - file: 8.2.dockerfile - build-args: | - PHP_VERSION=8.2 - UBUNTU_VERSION=22.04 - - name: php-supervisor - context: ./php - target: 'php-supervisor' - version: 8.2 - file: 8.2.dockerfile - build-args: | - PHP_VERSION=8.2 - UBUNTU_VERSION=22.04 - - - name: php-fpm - context: ./php - target: 'php-fpm' - version: 8.3 - file: 8.3.dockerfile - build-args: | - PHP_VERSION=8.3 - UBUNTU_VERSION=22.04 - - name: php-fpm-dev - context: ./php - target: 'php-fpm-dev' - version: 8.3 - file: 8.3.dockerfile - build-args: | - PHP_VERSION=8.3 - UBUNTU_VERSION=22.04 - - name: php-cli - context: ./php - target: 'php-cli' - version: 8.3 - file: 8.3.dockerfile - build-args: | - PHP_VERSION=8.3 - UBUNTU_VERSION=22.04 - - name: php-cli-dev - context: ./php - target: 'php-cli-dev' - version: 8.3 - file: 8.3.dockerfile - build-args: | - PHP_VERSION=8.3 - UBUNTU_VERSION=22.04 - - name: php-cron - context: ./php - target: 'php-cron' - version: 8.3 - file: 8.3.dockerfile - build-args: | - PHP_VERSION=8.3 - UBUNTU_VERSION=22.04 - - name: php-cron-dev - context: ./php - target: 'php-cron-dev' - version: 8.3 - file: 8.3.dockerfile - build-args: | - PHP_VERSION=8.3 - UBUNTU_VERSION=22.04 - - name: php-supervisor - context: ./php - target: 'php-supervisor' - version: 8.3 - file: 8.3.dockerfile - build-args: | - PHP_VERSION=8.3 - UBUNTU_VERSION=22.04 - env: DOCKER_IMAGE: ghcr.io/netlogix/docker/${{ matrix.image.name }} diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml new file mode 100644 index 0000000..5570f0a --- /dev/null +++ b/.github/workflows/php.yml @@ -0,0 +1,168 @@ +name: 'Build php docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - php/** + pull_request: + branches: + - main + paths: + - php/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build php-${{ matrix.image.version }} docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - version: 7.2 + build-args: | + PHP_VERSION=7.2 + UBUNTU_VERSION=18.04 + XDEBUG_VERSION=3.1.6 + - version: 7.4 + build-args: | + PHP_VERSION=7.4 + UBUNTU_VERSION=20.04 + XDEBUG_VERSION=3.1.6 + - version: 8.1 + build-args: | + PHP_VERSION=8.1 + UBUNTU_VERSION=22.04 + XDEBUG_VERSION=3.3.2 + - version: 8.2 + file: 8.2.dockerfile + build-args: | + PHP_VERSION=8.2 + UBUNTU_VERSION=24.04 + XDEBUG_VERSION=3.3.2 + - version: 8.3 + build-args: | + PHP_VERSION=8.3 + UBUNTU_VERSION=24.04 + XDEBUG_VERSION=3.3.2 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (php-fpm) + uses: docker/build-push-action@v6 + with: + builder: php-fpm + context: ./php + target: php-fpm + file: ./php/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/php-fpm:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-php + cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + + - name: Build and push (php-cli) + uses: docker/build-push-action@v6 + with: + builder: php-cli + context: ./php + target: php-cli + file: ./php/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/php-cli:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-php + cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + + - name: Build and push (php-cron) + uses: docker/build-push-action@v6 + with: + builder: php-cron + context: ./php + target: php-cron + file: ./php/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/php-cron:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-php + cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + + - name: Build and push (php-supervisor) + uses: docker/build-push-action@v6 + with: + builder: php-supervisor + context: ./php + target: php-supervisor + file: ./php/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/php-supervisor:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-php + cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + + - name: Build and push (php-fpm-dev) + uses: docker/build-push-action@v6 + with: + builder: php-fpm-dev + context: ./php + target: php-fpm-dev + file: ./php/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/php-fpm-dev:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-php + cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + + - name: Build and push (php-cli-dev) + uses: docker/build-push-action@v6 + with: + builder: php-cli-dev + context: ./php + target: php-cli-dev + file: ./php/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/php-cli-dev:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-php + cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + + - name: Build and push (php-cron-dev) + uses: docker/build-push-action@v6 + with: + builder: php-cron-dev + context: ./php + target: php-cron-dev + file: ./php/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/php-cron-dev:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-php + cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + diff --git a/php/8.2.dockerfile b/php/8.2.dockerfile index 59a2ffc..d85f0de 100644 --- a/php/8.2.dockerfile +++ b/php/8.2.dockerfile @@ -1,8 +1,8 @@ # syntax=docker/dockerfile:1 -ARG UBUNTU_VERSION=22.04 +ARG UBUNTU_VERSION=24.04 FROM ubuntu:${UBUNTU_VERSION} as base ARG PHP_VERSION=8.2 -ARG XDEBUG_VERSION=3.2.2 +ARG XDEBUG_VERSION=3.3.2 ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ diff --git a/php/8.3.dockerfile b/php/8.3.dockerfile deleted file mode 100644 index 651ecc9..0000000 --- a/php/8.3.dockerfile +++ /dev/null @@ -1,246 +0,0 @@ -# syntax=docker/dockerfile:1 -ARG UBUNTU_VERSION=22.04 -FROM ubuntu:${UBUNTU_VERSION} as base -ARG PHP_VERSION=8.3 -ARG XDEBUG_VERSION="3.3.0alpha3" - -ENV DEBIAN_FRONTEND=noninteractive \ - TZ=UTC \ - LANG="C.UTF-8" - -ENV PHP_VERSION=${PHP_VERSION} \ - PHP_MEMORY_LIMIT=128m \ - PHP_MAX_EXECUTION_TIME=30 \ - PHP_MAX_INPUT_VARS=1500 \ - PHP_ASSERT=-1 \ - PHP_POST_MAX_SIZE=100M \ - PHP_UPLOAD_MAX_FILESIZE=100M \ - PHP_OPCACHE_ENABLE_FILE_OVERRIDE=0 \ - PHP_OPCACHE_INTERNED_STRINGS_BUFFER=8 \ - PHP_REALPATH_CACHE_TTL=512 \ - PHP_XDEBUG_HOST=host.docker.internal \ - PHP_XDEBUG_MODE=off \ - XDEBUG_VERSION=${XDEBUG_VERSION} \ - TIDEWAYS_APIKEY="" \ - TIDEWAYS_DAEMON="tcp://tideways-daemon:9135" \ - TIDEWAYS_SAMPLERATE=25 - -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - software-properties-common \ - apt-transport-https\ - libfcgi-bin \ - ca-certificates \ - curl \ - gnupg2 \ - locales - -RUN locale-gen de_DE.UTF-8 && \ - locale-gen en_GB.UTF-8 && \ - locale-gen en_US.UTF-8 && \ - locale-gen es_ES.UTF-8 && \ - locale-gen fr_FR.UTF-8 && \ - locale-gen nl_NL.UTF-8 && \ - locale-gen pt_PT.UTF-8 && \ - locale-gen it_IT.UTF-8 - -# Install dev certificates -COPY certs/* /usr/share/ca-certificates/netlogix/ -RUN echo "netlogix/docker-dev-ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates - -RUN echo 'deb https://packages.tideways.com/apt-packages-main any-version main' > /etc/apt/sources.list.d/tideways.list && \ - curl -L -sS 'https://packages.tideways.com/key.gpg' | apt-key add - - -RUN add-apt-repository ppa:ondrej/php -y - -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - ghostscript \ - gifsicle \ - imagemagick \ - jpegoptim \ - openssl \ - optipng \ - pngquant \ - tar \ - unzip \ - webp \ - zip \ - php${PHP_VERSION} \ - php${PHP_VERSION}-apcu \ - php${PHP_VERSION}-bcmath \ - php${PHP_VERSION}-common \ - php${PHP_VERSION}-cli \ - php${PHP_VERSION}-curl \ - php${PHP_VERSION}-fpm \ - php${PHP_VERSION}-gd \ - php${PHP_VERSION}-igbinary \ - php${PHP_VERSION}-imagick \ - php${PHP_VERSION}-intl \ - php${PHP_VERSION}-mbstring \ - php${PHP_VERSION}-mysql \ - php${PHP_VERSION}-opcache \ - php${PHP_VERSION}-pgsql \ - php${PHP_VERSION}-readline \ - php${PHP_VERSION}-redis \ - php${PHP_VERSION}-xml \ - php${PHP_VERSION}-yaml \ - php${PHP_VERSION}-zip \ - && apt-get -y install --no-install-suggests --no-install-recommends \ - tideways-php \ - tideways-cli \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache - -RUN ln -s /usr/sbin/php-fpm${PHP_VERSION} /usr/sbin/php-fpm - -RUN mkdir -p "/run/php/" \ - && chown -R www-data:www-data /run/php/ \ - && chmod 755 /run/php/ \ - && touch /var/log/xdebug.log \ - && chown www-data:www-data /var/log/xdebug.log - -# Config files -COPY config/conf.d /etc/php/${PHP_VERSION}/cli/conf.d/ -COPY config/conf.d /etc/php/${PHP_VERSION}/fpm/conf.d/ -COPY config/fpm/pool.d /etc/php/${PHP_VERSION}/fpm/pool.d/ -COPY config/fpm-${PHP_VERSION}/pool.d /etc/php/${PHP_VERSION}/fpm/pool.d/ - -# Test php-fpm config and php info -RUN php-fpm -tt -RUN php -i - -WORKDIR /var/www - -FROM base AS php-fpm - -COPY fpm /usr/local/bin/ - -STOPSIGNAL SIGQUIT -EXPOSE 9000 - -HEALTHCHECK --interval=2s --timeout=5s --retries=10 CMD php-fpm-healthcheck || exit 1 -ENTRYPOINT ["docker-php-entrypoint"] -CMD ["php-fpm"] - -FROM base AS php-cli - -ENV PHP_MEMORY_LIMIT=-1 \ - PHP_MAX_EXECUTION_TIME=-1 - -COPY cli/docker-php-entrypoint /usr/local/bin/ - -ENTRYPOINT ["docker-php-entrypoint"] -CMD ["php", "-a"] - -FROM php-cli AS php-cron - -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - cron \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - -WORKDIR /var/www - -COPY cron/docker-cron-entrypoint /usr/local/bin/ - -ENTRYPOINT ["docker-cron-entrypoint"] -CMD ["cron", "-f", "-l", "2"] - -FROM php-cli AS php-supervisor - -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - supervisor \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - -RUN touch /var/run/supervisord.pid \ - && chown www-data:www-data /var/run/supervisord.pid - -WORKDIR /var/www - -COPY supervisor/docker-supervisor-entrypoint /usr/local/bin/ -COPY supervisor/supervisord.conf /etc/supervisor/supervisord.conf - -USER www-data - -ENTRYPOINT ["docker-supervisor-entrypoint"] -CMD ["supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"] - -# Dev PHP fpm -FROM php-fpm AS php-fpm-dev - -ENV PHP_ASSERT=1 \ - COMPOSER_CACHE_DIR=/.cache/composer/ \ - YARN_CACHE_FOLDER=/.cache/yarn/ \ - npm_config_cache=/.cache/npm/ \ - TERM=xterm-256color - -# enable debugging with PhpStorm -ENV PHP_IDE_CONFIG="serverName=localhost" - -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - make php${PHP_VERSION}-dev php${PHP_VERSION}-sqlite3 php-pear openssh-client git patch \ - && mkdir -p /tmp/pear/cache \ - && pecl channel-update pecl.php.net \ - && pecl install xdebug-${XDEBUG_VERSION} \ - && echo "zend_extension=xdebug.so" > /etc/php/${PHP_VERSION}/mods-available/xdebug.ini \ - && phpenmod xdebug \ - && apt-get -y autoremove --purge make php${PHP_VERSION}-dev php-pear \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /root/.pearrc \ - && rm -rf /tmp/pear \ - && rm -rf /var/lib/php/modules/${PHP_VERSION}/cli/disabled_by_maint \ - && rm -rf /var/lib/php/modules/${PHP_VERSION}/fpm/disabled_by_maint \ - && rm -rf /usr/share/php/.registry /usr/share/php/.depdb /usr/share/php/.filemap \ - && rm -rf /usr/share/bug/file \ - && rm -rf /usr/share/doc/file \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && touch /var/log/xdebug.log \ - && chown www-data:www-data /var/log/xdebug.log - -COPY --from=composer:2 /usr/bin/composer /usr/bin/composer -COPY dev/scripts /usr/local/bin/ -COPY dev/bash /root/ - -# Dev PHP cli -FROM php-fpm-dev AS php-cli-dev - -ENV PHP_MEMORY_LIMIT=-1 -ENV PHP_MAX_EXECUTION_TIME=-1 - -COPY cli/docker-php-entrypoint /usr/local/bin/ - -# Disabling the health check of the descendant php-fpm-dev image, since the production php-cron image does neither have a healthcheck. -HEALTHCHECK NONE -ENTRYPOINT ["docker-php-entrypoint"] -CMD ["php", "-a"] - -# Dev PHP cron -FROM php-cli-dev AS php-cron-dev - -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - cron \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - -WORKDIR /var/www - -COPY cron/docker-cron-entrypoint /usr/local/bin/ - -# Disabling the health check of the descendant php-fpm-dev image, since the production php-cron image does neither have a healthcheck. -HEALTHCHECK NONE -ENTRYPOINT ["docker-cron-entrypoint"] -CMD ["cron", "-f", "-l", "2"] diff --git a/php/Dockerfile b/php/Dockerfile index dd61834..fc74253 100644 --- a/php/Dockerfile +++ b/php/Dockerfile @@ -1,7 +1,8 @@ # syntax=docker/dockerfile:1 -ARG UBUNTU_VERSION=22.04 +ARG UBUNTU_VERSION=24.04 FROM ubuntu:${UBUNTU_VERSION} as base -ARG PHP_VERSION=8.1 +ARG PHP_VERSION=8.3 +ARG XDEBUG_VERSION=3.3.2 ENV DEBIAN_FRONTEND=noninteractive \ TZ=UTC \ @@ -19,6 +20,7 @@ ENV PHP_VERSION=${PHP_VERSION} \ PHP_REALPATH_CACHE_TTL=512 \ PHP_XDEBUG_HOST=host.docker.internal \ PHP_XDEBUG_MODE=off \ + XDEBUG_VERSION=${XDEBUG_VERSION} \ TIDEWAYS_APIKEY="" \ TIDEWAYS_DAEMON="tcp://tideways-daemon:9135" \ TIDEWAYS_SAMPLERATE=25 @@ -60,6 +62,7 @@ RUN apt-get update && \ unzip \ webp \ zip \ + php${PHP_VERSION} \ php${PHP_VERSION}-apcu \ php${PHP_VERSION}-bcmath \ php${PHP_VERSION}-common \ @@ -184,7 +187,7 @@ RUN apt-get update && \ make php${PHP_VERSION}-dev php${PHP_VERSION}-sqlite3 php-pear openssh-client git patch \ && mkdir -p /tmp/pear/cache \ && pecl channel-update pecl.php.net \ - && pecl install xdebug-3.1.6 \ + && pecl install xdebug-${XDEBUG_VERSION} \ && echo "zend_extension=xdebug.so" > /etc/php/${PHP_VERSION}/mods-available/xdebug.ini \ && phpenmod xdebug \ && apt-get -y autoremove --purge make php${PHP_VERSION}-dev php-pear \ From c38bb2a3e468be8071f90eaf154e912ddf1d3b85 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 17:42:48 +0200 Subject: [PATCH 12/22] feat: refactor chromium build --- .github/workflows/chromium.yml | 59 ++++++++++++++++++++++++++++++++++ .github/workflows/docker.yml | 5 --- 2 files changed, 59 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/chromium.yml diff --git a/.github/workflows/chromium.yml b/.github/workflows/chromium.yml new file mode 100644 index 0000000..80ac311 --- /dev/null +++ b/.github/workflows/chromium.yml @@ -0,0 +1,59 @@ +name: 'Build chromium docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - chromium/** + pull_request: + branches: + - main + paths: + - chromium/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build chromium docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (chromium) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: chromium + context: ./chromium + target: chromium + file: ./chromium/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/chromium:latest + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index dfe5e63..c55d88e 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -131,11 +131,6 @@ jobs: target: 'webserver-symfony' version: '' build-args: '' - - name: chromium - context: ./chromium - target: 'chromium' - version: 'stable' - build-args: '' - name: prettier context: ./prettier target: 'prettier' From 55c06c86bd5e48f58f6f54344023c1978059102f Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 18:19:04 +0200 Subject: [PATCH 13/22] feat: use single workflows for every docker image --- .github/workflows/cfssl.yml | 73 +++++ .github/workflows/docker.yml | 251 ------------------ .github/workflows/elasticsearch.yml | 63 +++++ .github/workflows/httpd.yml | 74 ++++++ .github/workflows/mailpit.yml | 63 +++++ .github/workflows/mariadb.yml | 70 +++++ .github/workflows/mysql.yml | 70 +++++ .github/workflows/node.yml | 70 +++++ .github/workflows/prettier.yml | 59 ++++ .../workflows/prometheus-apache-exporter.yml | 59 ++++ .../prometheus-elasticsearch-exporter.yml | 59 ++++ .../workflows/prometheus-nginx-exporter.yml | 59 ++++ .../workflows/prometheus-php-fpm-exporter.yml | 59 ++++ .../prometheus-postgres-exporter.yml | 59 ++++ .../workflows/prometheus-redis-exporter.yml | 63 +++++ .../workflows/prometheus-solr-exporter.yml | 63 +++++ .../workflows/prometheus-varnish-exporter.yml | 59 ++++ .github/workflows/rabbitmq.yml | 63 +++++ .github/workflows/redis.yml | 63 +++++ .github/workflows/tideways-daemon.yml | 63 +++++ .github/workflows/varnish.yml | 63 +++++ build-container.sh | 132 ++++----- cfssl/Dockerfile | 16 +- {webserver => httpd}/Dockerfile | 12 +- .../defaults/conf/extra/additional-mime.conf | 0 .../config/defaults/conf/extra/dir.conf | 0 .../config/defaults/conf/extra/logging.conf | 0 .../config/defaults/conf/extra/security.conf | 0 .../config/defaults/conf/http_custom.conf | 0 .../config/defaults/vhosts/health-check.conf | 0 {webserver => httpd}/config/neos/default.conf | 0 .../config/shopware/default.conf | 0 .../config/shopware6/default.conf | 0 .../config/static/default.conf | 0 .../config/symfony/default.conf | 0 .../config/typo3/default.conf | 0 mysql/8.4.dockerfile | 5 + mysql/Dockerfile | 2 +- php/8.2.dockerfile | 2 +- php/Dockerfile | 2 +- prometheus-apache-exporter/Dockerfile | 2 +- prometheus-nginx-exporter/Dockerfile | 2 +- 42 files changed, 1364 insertions(+), 336 deletions(-) create mode 100644 .github/workflows/cfssl.yml delete mode 100644 .github/workflows/docker.yml create mode 100644 .github/workflows/elasticsearch.yml create mode 100644 .github/workflows/httpd.yml create mode 100644 .github/workflows/mailpit.yml create mode 100644 .github/workflows/mariadb.yml create mode 100644 .github/workflows/mysql.yml create mode 100644 .github/workflows/node.yml create mode 100644 .github/workflows/prettier.yml create mode 100644 .github/workflows/prometheus-apache-exporter.yml create mode 100644 .github/workflows/prometheus-elasticsearch-exporter.yml create mode 100644 .github/workflows/prometheus-nginx-exporter.yml create mode 100644 .github/workflows/prometheus-php-fpm-exporter.yml create mode 100644 .github/workflows/prometheus-postgres-exporter.yml create mode 100644 .github/workflows/prometheus-redis-exporter.yml create mode 100644 .github/workflows/prometheus-solr-exporter.yml create mode 100644 .github/workflows/prometheus-varnish-exporter.yml create mode 100644 .github/workflows/rabbitmq.yml create mode 100644 .github/workflows/redis.yml create mode 100644 .github/workflows/tideways-daemon.yml create mode 100644 .github/workflows/varnish.yml rename {webserver => httpd}/Dockerfile (80%) rename {webserver => httpd}/config/defaults/conf/extra/additional-mime.conf (100%) rename {webserver => httpd}/config/defaults/conf/extra/dir.conf (100%) rename {webserver => httpd}/config/defaults/conf/extra/logging.conf (100%) rename {webserver => httpd}/config/defaults/conf/extra/security.conf (100%) rename {webserver => httpd}/config/defaults/conf/http_custom.conf (100%) rename {webserver => httpd}/config/defaults/vhosts/health-check.conf (100%) rename {webserver => httpd}/config/neos/default.conf (100%) rename {webserver => httpd}/config/shopware/default.conf (100%) rename {webserver => httpd}/config/shopware6/default.conf (100%) rename {webserver => httpd}/config/static/default.conf (100%) rename {webserver => httpd}/config/symfony/default.conf (100%) rename {webserver => httpd}/config/typo3/default.conf (100%) create mode 100644 mysql/8.4.dockerfile diff --git a/.github/workflows/cfssl.yml b/.github/workflows/cfssl.yml new file mode 100644 index 0000000..2d93b77 --- /dev/null +++ b/.github/workflows/cfssl.yml @@ -0,0 +1,73 @@ +name: 'Build cfssl docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - cfssl/** + pull_request: + branches: + - main + paths: + - cfssl/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build cfssl docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (cfssl) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: cfssl + context: ./cfssl + target: cfssl + file: ./cfssl/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/cfssl:latest,ghcr.io/netlogix/docker/cfssl:1.6 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + + - name: Build and push (cfssl) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: cfssl-server + context: ./cfssl + target: cfssl-server + file: ./cfssl/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/cfssl-server:latest,ghcr.io/netlogix/docker/cfssl:1.6 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index c55d88e..0000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,251 +0,0 @@ -name: 'Build basic docker images' - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -on: - schedule: - - cron: 0 7 * * THU - push: - branches: - - main - pull_request: - branches: - - main - workflow_dispatch: - inputs: {} - -jobs: - build-docker-images: - name: 'Build ${{ matrix.image.name }} docker image' - runs-on: ubuntu-latest - strategy: - fail-fast: false - max-parallel: 10 - matrix: - image: - - name: mariadb - context: ./mariadb - target: '' - version: '' - build-args: '' - - name: mariadb - context: ./mariadb - target: '' - version: '' - file: 10.6.dockerfile - build-args: '' - - name: mariadb - context: ./mariadb - target: '' - version: '' - file: 10.11.dockerfile - build-args: '' - - name: mysql - context: ./mysql - target: '' - version: '' - build-args: '' - - name: mysql - context: ./mysql - target: '' - version: '' - file: 8.0.dockerfile - build-args: '' - - name: postgres - context: ./postgres - target: '' - version: '' - build-args: '' - - name: postgres - context: ./postgres - target: '' - version: '' - file: 14.dockerfile - build-args: '' - - name: postgres - context: ./postgres - target: '' - version: '' - file: 12.dockerfile - build-args: '' - - name: rabbitmq - context: ./rabbitmq - target: '' - version: '' - build-args: '' - - name: redis - context: ./redis - target: '' - version: '' - build-args: '' - - name: solr - context: ./solr - target: '' - version: '' - build-args: '' - - name: solr - context: ./solr - target: '' - version: '' - file: 8.dockerfile - build-args: '' - - name: varnish - context: ./varnish - target: '' - version: '' - build-args: '' - - name: elasticsearch - context: ./elasticsearch - target: '' - version: '' - build-args: '' - - name: webserver-neos - context: ./webserver - target: 'webserver-neos' - version: '' - build-args: '' - - name: webserver-typo3 - context: ./webserver - target: 'webserver-typo3' - version: '' - build-args: '' - - name: webserver-shopware - context: ./webserver - target: 'webserver-shopware' - version: '' - build-args: '' - - name: webserver-shopware6 - context: ./webserver - target: 'webserver-shopware6' - version: '' - build-args: '' - - name: webserver-static - context: ./webserver - target: 'webserver-static' - version: '' - build-args: '' - - name: webserver-symfony - context: ./webserver - target: 'webserver-symfony' - version: '' - build-args: '' - - name: prettier - context: ./prettier - target: 'prettier' - version: 'stable' - build-args: '' - - name: mailpit - context: ./mailpit - target: 'mailpit' - version: '' - build-args: '' - - name: cfssl - context: ./cfssl - target: 'cfssl' - version: '1.6' - build-args: '' - - name: cfssl-server - context: ./cfssl - target: 'cfssl-server' - version: '1.6' - build-args: '' - - name: tideways-daemon - context: ./tideways-daemon - target: 'tideways-daemon' - version: '' - build-args: '' - - name: prometheus-apache-exporter - context: ./prometheus-apache-exporter - target: 'prometheus-apache-exporter' - version: '1.0.6' - build-args: '' - - name: prometheus-elasticsearch-exporter - context: ./prometheus-elasticsearch-exporter - target: 'prometheus-elasticsearch-exporter' - version: '1.7.0' - build-args: '' - - name: prometheus-nginx-exporter - context: ./prometheus-nginx-exporter - target: 'prometheus-nginx-exporter' - version: '1.1.0' - build-args: '' - - name: prometheus-php-fpm-exporter - context: ./prometheus-php-fpm-exporter - target: 'prometheus-php-fpm-exporter' - version: '2.2.0' - build-args: '' - - name: prometheus-postgres-exporter - context: ./prometheus-postgres-exporter - target: 'prometheus-postgres-exporter' - version: '0.15.0' - build-args: '' - - name: prometheus-redis-exporter - context: ./prometheus-redis-exporter - target: 'prometheus-redis-exporter' - version: '' - build-args: '' - - name: prometheus-solr-exporter - context: ./prometheus-solr-exporter - target: 'prometheus-solr-exporter' - version: '' - build-args: '' - - name: prometheus-varnish-exporter - context: ./prometheus-varnish-exporter - target: 'prometheus-varnish-exporter' - version: '1.6.1' - build-args: '' - - name: node - context: ./node - target: 'node' - version: 18 - build-args: | - NODE_VERSION=18 - - name: node - context: ./node - target: 'node' - version: 20 - build-args: | - NODE_VERSION=20 - - env: - DOCKER_IMAGE: ghcr.io/netlogix/docker/${{ matrix.image.name }} - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup QEMU - uses: docker/setup-qemu-action@v3 - - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Read version from Dockerfile or matrix - id: docker - run: echo "version=$(./extract-version.sh ${{ matrix.image.context }}/${{ matrix.image.file || 'Dockerfile' }} ${{ matrix.image.version }})" >> $GITHUB_OUTPUT - - - name: Login to GHCR - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push to GHCR - id: docker_build_push - uses: docker/build-push-action@v6 - with: - builder: ${{ steps.buildx.outputs.name }} - context: ${{ matrix.image.context }} - target: ${{ matrix.image.target }} - file: ${{ matrix.image.context }}/${{ matrix.image.file || 'Dockerfile' }} - build-args: ${{ matrix.image.build-args }} - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ env.DOCKER_IMAGE }}:latest,${{ env.DOCKER_IMAGE }}:${{ steps.docker.outputs.version }} - platforms: linux/amd64,linux/arm64 - cache-from: type=gha, scope=${{ matrix.image.name }}-${{ steps.docker.outputs.version }} - cache-to: type=gha, scope=${{ matrix.image.name }}-${{ steps.docker.outputs.version }}, mode=max - diff --git a/.github/workflows/elasticsearch.yml b/.github/workflows/elasticsearch.yml new file mode 100644 index 0000000..28109da --- /dev/null +++ b/.github/workflows/elasticsearch.yml @@ -0,0 +1,63 @@ +name: 'Build elasticsearch docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - elasticsearch/** + pull_request: + branches: + - main + paths: + - elasticsearch/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build elasticsearch docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./elasticsearch/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (elasticsearch) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: elasticsearch + context: ./elasticsearch + target: elasticsearch + file: ./elasticsearch/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/elasticsearch:latest,ghcr.io/netlogix/docker/elasticsearch:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/httpd.yml b/.github/workflows/httpd.yml new file mode 100644 index 0000000..905fc34 --- /dev/null +++ b/.github/workflows/httpd.yml @@ -0,0 +1,74 @@ +name: 'Build httpd docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - httpd/** + pull_request: + branches: + - main + paths: + - httpd/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build httpd-${{ matrix.image.name }} docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - name: typo3 + - name: neos + - name: shopware + - name: shopware6 + - name: symfony + - name: static + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./httpd/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (httpd-fpm) + uses: docker/build-push-action@v6 + with: + builder: httpd + context: ./httpd + target: httpd-${{ matrix.image.name }} + file: ./httpd/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/httpd-${{ matrix.image.name }}:${{ steps.docker.outputs.version }},ghcr.io/netlogix/docker/webserver-${{ matrix.image.name }}:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-httpd + cache-to: type=gha, scope=${{ github.workflow }}-httpd, mode=max + diff --git a/.github/workflows/mailpit.yml b/.github/workflows/mailpit.yml new file mode 100644 index 0000000..f60a212 --- /dev/null +++ b/.github/workflows/mailpit.yml @@ -0,0 +1,63 @@ +name: 'Build mailpit docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - mailpit/** + pull_request: + branches: + - main + paths: + - mailpit/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build mailpit docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./mailpit/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (mailpit) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: mailpit + context: ./mailpit + target: mailpit + file: ./mailpit/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/mailpit:latest,ghcr.io/netlogix/docker/mailpit:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml new file mode 100644 index 0000000..e4fb02c --- /dev/null +++ b/.github/workflows/mariadb.yml @@ -0,0 +1,70 @@ +name: 'Build mariadb docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - mariadb/** + pull_request: + branches: + - main + paths: + - mariadb/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build mariadb-${{ matrix.image.version }} docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - version: 10.6 + file: 10.6.dockerfile + - version: 10.11 + file: 10.11.dockerfile + - version: latest + file: Dockerfile + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (mariadb-fpm) + uses: docker/build-push-action@v6 + with: + builder: mariadb + context: ./mariadb + target: mariadb + file: ./mariadb/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/mariadb:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-mariadb + cache-to: type=gha, scope=${{ github.workflow }}-mariadb, mode=max + diff --git a/.github/workflows/mysql.yml b/.github/workflows/mysql.yml new file mode 100644 index 0000000..4a29c86 --- /dev/null +++ b/.github/workflows/mysql.yml @@ -0,0 +1,70 @@ +name: 'Build mysql docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - mysql/** + pull_request: + branches: + - main + paths: + - mysql/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build mysql-${{ matrix.image.version }} docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - version: 8.0 + file: 8.0.dockerfile + - version: 8.4 + file: 8.4.dockerfile + - version: latest + file: Dockerfile + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (mysql-fpm) + uses: docker/build-push-action@v6 + with: + builder: mysql + context: ./mysql + target: mysql + file: ./mysql/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/mysql:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-mysql + cache-to: type=gha, scope=${{ github.workflow }}-mysql, mode=max + diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml new file mode 100644 index 0000000..a767c47 --- /dev/null +++ b/.github/workflows/node.yml @@ -0,0 +1,70 @@ +name: 'Build node docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - node/** + pull_request: + branches: + - main + paths: + - node/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build node-${{ matrix.image.version }} docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - version: 18 + build-args: | + NODE_VERSION=18 + - version: 20 + build-args: | + NODE_VERSION=20 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (node-fpm) + uses: docker/build-push-action@v6 + with: + builder: node + context: ./node + target: node + file: ./node/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/node:${{ matrix.image.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-node + cache-to: type=gha, scope=${{ github.workflow }}-node, mode=max + diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml new file mode 100644 index 0000000..3695287 --- /dev/null +++ b/.github/workflows/prettier.yml @@ -0,0 +1,59 @@ +name: 'Build prettier docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prettier/** + pull_request: + branches: + - main + paths: + - prettier/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prettier docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prettier) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prettier + context: ./prettier + target: prettier + file: ./prettier/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prettier:latest,ghcr.io/netlogix/docker/prettier:stable + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-apache-exporter.yml b/.github/workflows/prometheus-apache-exporter.yml new file mode 100644 index 0000000..4cac4b5 --- /dev/null +++ b/.github/workflows/prometheus-apache-exporter.yml @@ -0,0 +1,59 @@ +name: 'Build prometheus-apache-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-apache-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-apache-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-apache-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-apache-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-apache-exporter + context: ./prometheus-apache-exporter + target: prometheus-apache-exporter + file: ./prometheus-apache-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-apache-exporter:latest,ghcr.io/netlogix/docker/prometheus-apache-exporter:1.0.8 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-elasticsearch-exporter.yml b/.github/workflows/prometheus-elasticsearch-exporter.yml new file mode 100644 index 0000000..20342f4 --- /dev/null +++ b/.github/workflows/prometheus-elasticsearch-exporter.yml @@ -0,0 +1,59 @@ +name: 'Build prometheus-elasticsearch-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-elasticsearch-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-elasticsearch-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-elasticsearch-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-elasticsearch-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-elasticsearch-exporter + context: ./prometheus-elasticsearch-exporter + target: prometheus-elasticsearch-exporter + file: ./prometheus-elasticsearch-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-elasticsearch-exporter:latest,ghcr.io/netlogix/docker/prometheus-elasticsearch-exporter:1.7.0 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-nginx-exporter.yml b/.github/workflows/prometheus-nginx-exporter.yml new file mode 100644 index 0000000..8434d23 --- /dev/null +++ b/.github/workflows/prometheus-nginx-exporter.yml @@ -0,0 +1,59 @@ +name: 'Build prometheus-nginx-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-nginx-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-nginx-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-nginx-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-nginx-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-nginx-exporter + context: ./prometheus-nginx-exporter + target: prometheus-nginx-exporter + file: ./prometheus-nginx-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-nginx-exporter:latest,ghcr.io/netlogix/docker/prometheus-nginx-exporter:1.2.0 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-php-fpm-exporter.yml b/.github/workflows/prometheus-php-fpm-exporter.yml new file mode 100644 index 0000000..5efbe77 --- /dev/null +++ b/.github/workflows/prometheus-php-fpm-exporter.yml @@ -0,0 +1,59 @@ +name: 'Build prometheus-php-fpm-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-php-fpm-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-php-fpm-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-php-fpm-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-php-fpm-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-php-fpm-exporter + context: ./prometheus-php-fpm-exporter + target: prometheus-php-fpm-exporter + file: ./prometheus-php-fpm-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-php-fpm-exporter:latest,ghcr.io/netlogix/docker/prometheus-php-fpm-exporter:2.2.0 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-postgres-exporter.yml b/.github/workflows/prometheus-postgres-exporter.yml new file mode 100644 index 0000000..b0eb7b7 --- /dev/null +++ b/.github/workflows/prometheus-postgres-exporter.yml @@ -0,0 +1,59 @@ +name: 'Build prometheus-postgres-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-postgres-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-postgres-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-postgres-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-postgres-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-postgres-exporter + context: ./prometheus-postgres-exporter + target: prometheus-postgres-exporter + file: ./prometheus-postgres-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-postgres-exporter:latest,ghcr.io/netlogix/docker/prometheus-postgres-exporter:0.15.0 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-redis-exporter.yml b/.github/workflows/prometheus-redis-exporter.yml new file mode 100644 index 0000000..8cf927b --- /dev/null +++ b/.github/workflows/prometheus-redis-exporter.yml @@ -0,0 +1,63 @@ +name: 'Build prometheus-redis-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-redis-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-redis-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-redis-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./prometheus-redis-exporter/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-redis-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-redis-exporter + context: ./prometheus-redis-exporter + target: prometheus-redis-exporter + file: ./prometheus-redis-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-redis-exporter:latest,ghcr.io/netlogix/docker/prometheus-redis-exporter:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-solr-exporter.yml b/.github/workflows/prometheus-solr-exporter.yml new file mode 100644 index 0000000..b4dc00f --- /dev/null +++ b/.github/workflows/prometheus-solr-exporter.yml @@ -0,0 +1,63 @@ +name: 'Build prometheus-solr-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-solr-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-solr-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-solr-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./prometheus-solr-exporter/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-solr-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-solr-exporter + context: ./prometheus-solr-exporter + target: prometheus-solr-exporter + file: ./prometheus-solr-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-solr-exporter:latest,ghcr.io/netlogix/docker/prometheus-solr-exporter:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/prometheus-varnish-exporter.yml b/.github/workflows/prometheus-varnish-exporter.yml new file mode 100644 index 0000000..a6e883f --- /dev/null +++ b/.github/workflows/prometheus-varnish-exporter.yml @@ -0,0 +1,59 @@ +name: 'Build prometheus-varnish-exporter docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - prometheus-varnish-exporter/** + pull_request: + branches: + - main + paths: + - prometheus-varnish-exporter/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build prometheus-varnish-exporter docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (prometheus-varnish-exporter) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: prometheus-varnish-exporter + context: ./prometheus-varnish-exporter + target: prometheus-varnish-exporter + file: ./prometheus-varnish-exporter/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/prometheus-varnish-exporter:latest,ghcr.io/netlogix/docker/prometheus-varnish-exporter:1.6.1 + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/rabbitmq.yml b/.github/workflows/rabbitmq.yml new file mode 100644 index 0000000..2f66fd9 --- /dev/null +++ b/.github/workflows/rabbitmq.yml @@ -0,0 +1,63 @@ +name: 'Build rabbitmq docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - rabbitmq/** + pull_request: + branches: + - main + paths: + - rabbitmq/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build rabbitmq docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./rabbitmq/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (rabbitmq) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: rabbitmq + context: ./rabbitmq + target: rabbitmq + file: ./rabbitmq/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/rabbitmq:latest,ghcr.io/netlogix/docker/rabbitmq:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/redis.yml b/.github/workflows/redis.yml new file mode 100644 index 0000000..8af235f --- /dev/null +++ b/.github/workflows/redis.yml @@ -0,0 +1,63 @@ +name: 'Build redis docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - redis/** + pull_request: + branches: + - main + paths: + - redis/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build redis docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./redis/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (redis) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: redis + context: ./redis + target: redis + file: ./redis/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/redis:latest,ghcr.io/netlogix/docker/redis:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/tideways-daemon.yml b/.github/workflows/tideways-daemon.yml new file mode 100644 index 0000000..6d93a33 --- /dev/null +++ b/.github/workflows/tideways-daemon.yml @@ -0,0 +1,63 @@ +name: 'Build tideways-daemon docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - tideways-daemon/** + pull_request: + branches: + - main + paths: + - tideways-daemon/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build tideways-daemon docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./tideways-daemon/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (tideways-daemon) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: tideways-daemon + context: ./tideways-daemon + target: tideways-daemon + file: ./tideways-daemon/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/tideways-daemon:latest,ghcr.io/netlogix/docker/tideways-daemon:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/.github/workflows/varnish.yml b/.github/workflows/varnish.yml new file mode 100644 index 0000000..15a0d5f --- /dev/null +++ b/.github/workflows/varnish.yml @@ -0,0 +1,63 @@ +name: 'Build varnish docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 3 * * * + push: + branches: + - main + paths: + - varnish/** + pull_request: + branches: + - main + paths: + - varnish/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build varnish docker image' + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./varnish/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (varnish) + id: docker_build_push + uses: docker/build-push-action@v6 + with: + builder: varnish + context: ./varnish + target: varnish + file: ./varnish/Dockerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/varnish:latest,ghcr.io/netlogix/docker/varnish:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha, mode=max + diff --git a/build-container.sh b/build-container.sh index 8672185..5916e8e 100755 --- a/build-container.sh +++ b/build-container.sh @@ -7,77 +7,77 @@ if [ "${VERSION:-}" = "" ]; then export VERSION=latest fi -docker buildx build -t serverspec:${VERSION} -f serverspec/Dockerfile serverspec +docker buildx build -t ghcr.io/netlogix/docker/serverspec:${VERSION} -f serverspec/Dockerfile serverspec -docker buildx build -t mariadb:${VERSION} -f mariadb/Dockerfile mariadb -docker buildx build -t mysql:${VERSION} -f mysql/Dockerfile mysql -docker buildx build -t postgres:${VERSION} -f postgres/Dockerfile postgres -docker buildx build -t prettier:${VERSION} -f prettier/Dockerfile prettier -docker buildx build -t proxy:${VERSION} -f proxy/Dockerfile proxy -docker buildx build -t rabbitmq:${VERSION} -f rabbitmq/Dockerfile rabbitmq -docker buildx build -t redis:${VERSION} -f redis/Dockerfile redis -docker buildx build -t solr:${VERSION} -f solr/Dockerfile solr -docker buildx build -t varnish:${VERSION} -f varnish/Dockerfile varnish -docker buildx build -t elasticsearch:${VERSION} -f elasticsearch/Dockerfile elasticsearch -docker buildx build -t styleguide:${VERSION} -f styleguide/Dockerfile styleguide -docker buildx build -t webserver-neos:${VERSION} -f webserver/Dockerfile --target=webserver-neos webserver -docker buildx build -t webserver-static:${VERSION} -f webserver/Dockerfile --target=webserver-static webserver -docker buildx build -t webserver-typo3:${VERSION} -f webserver/Dockerfile --target=webserver-typo3 webserver -docker buildx build -t webserver-shopware:${VERSION} -f webserver/Dockerfile --target=webserver-shopware webserver -docker buildx build -t chromium:${VERSION} -f chromium/Dockerfile chromium -docker buildx build -t mailpit:${VERSION} -f mailpit/Dockerfile mailpit -docker buildx build -t cfssl:${VERSION} -f cfssl/Dockerfile --target=cfssl cfssl -docker buildx build -t cfssl-server:${VERSION} -f cfssl/Dockerfile --target=cfssl-server cfssl -docker buildx build -t tideways-daemon:${VERSION} -f tideways-daemon/Dockerfile tideways-daemon +docker buildx build -t ghcr.io/netlogix/docker/mariadb:${VERSION} -f mariadb/Dockerfile mariadb +docker buildx build -t ghcr.io/netlogix/docker/mysql:${VERSION} -f mysql/Dockerfile mysql +docker buildx build -t ghcr.io/netlogix/docker/postgres:${VERSION} -f postgres/Dockerfile postgres +docker buildx build -t ghcr.io/netlogix/docker/prettier:${VERSION} -f prettier/Dockerfile prettier +docker buildx build -t ghcr.io/netlogix/docker/proxy:${VERSION} -f proxy/Dockerfile proxy +docker buildx build -t ghcr.io/netlogix/docker/rabbitmq:${VERSION} -f rabbitmq/Dockerfile rabbitmq +docker buildx build -t ghcr.io/netlogix/docker/redis:${VERSION} -f redis/Dockerfile redis +docker buildx build -t ghcr.io/netlogix/docker/solr:${VERSION} -f solr/Dockerfile solr +docker buildx build -t ghcr.io/netlogix/docker/varnish:${VERSION} -f varnish/Dockerfile varnish +docker buildx build -t ghcr.io/netlogix/docker/elasticsearch:${VERSION} -f elasticsearch/Dockerfile elasticsearch +docker buildx build -t ghcr.io/netlogix/docker/styleguide:${VERSION} -f styleguide/Dockerfile styleguide +docker buildx build -t ghcr.io/netlogix/docker/webserver-neos:${VERSION} -f webserver/Dockerfile --target=webserver-neos webserver +docker buildx build -t ghcr.io/netlogix/docker/webserver-static:${VERSION} -f webserver/Dockerfile --target=webserver-static webserver +docker buildx build -t ghcr.io/netlogix/docker/webserver-typo3:${VERSION} -f webserver/Dockerfile --target=webserver-typo3 webserver +docker buildx build -t ghcr.io/netlogix/docker/webserver-shopware:${VERSION} -f webserver/Dockerfile --target=webserver-shopware webserver +docker buildx build -t ghcr.io/netlogix/docker/chromium:${VERSION} -f chromium/Dockerfile chromium +docker buildx build -t ghcr.io/netlogix/docker/mailpit:${VERSION} -f mailpit/Dockerfile mailpit +docker buildx build -t ghcr.io/netlogix/docker/cfssl:${VERSION} -f cfssl/Dockerfile --target=cfssl cfssl +docker buildx build -t ghcr.io/netlogix/docker/cfssl-server:${VERSION} -f cfssl/Dockerfile --target=cfssl-server cfssl +docker buildx build -t ghcr.io/netlogix/docker/tideways-daemon:${VERSION} -f tideways-daemon/Dockerfile tideways-daemon -docker buildx build -t prometheus-apache-exporter:${VERSION} -f prometheus-apache-exporter/Dockerfile prometheus-apache-exporter -docker buildx build -t prometheus-elasticsearch-exporter:${VERSION} -f prometheus-elasticsearch-exporter/Dockerfile prometheus-elasticsearch-exporter -docker buildx build -t prometheus-nginx-exporter:${VERSION} -f prometheus-nginx-exporter/Dockerfile prometheus-nginx-exporter -docker buildx build -t prometheus-php-fpm-exporter:${VERSION} -f prometheus-php-fpm-exporter/Dockerfile prometheus-php-fpm-exporter -docker buildx build -t prometheus-postgres-exporter:${VERSION} -f prometheus-postgres-exporter/Dockerfile prometheus-postgres-exporter -docker buildx build -t prometheus-redis-exporter:${VERSION} -f prometheus-redis-exporter/Dockerfile prometheus-redis-exporter -docker buildx build -t prometheus-solr-exporter:${VERSION} -f prometheus-solr-exporter/Dockerfile prometheus-solr-exporter -docker buildx build -t prometheus-varnish-exporter:${VERSION} -f prometheus-varnish-exporter/Dockerfile prometheus-varnish-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-apache-exporter:${VERSION} -f prometheus-apache-exporter/Dockerfile prometheus-apache-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-elasticsearch-exporter:${VERSION} -f prometheus-elasticsearch-exporter/Dockerfile prometheus-elasticsearch-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-nginx-exporter:${VERSION} -f prometheus-nginx-exporter/Dockerfile prometheus-nginx-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-php-fpm-exporter:${VERSION} -f prometheus-php-fpm-exporter/Dockerfile prometheus-php-fpm-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-postgres-exporter:${VERSION} -f prometheus-postgres-exporter/Dockerfile prometheus-postgres-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-redis-exporter:${VERSION} -f prometheus-redis-exporter/Dockerfile prometheus-redis-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-solr-exporter:${VERSION} -f prometheus-solr-exporter/Dockerfile prometheus-solr-exporter +docker buildx build -t ghcr.io/netlogix/docker/prometheus-varnish-exporter:${VERSION} -f prometheus-varnish-exporter/Dockerfile prometheus-varnish-exporter -docker buildx build -t php-fpm:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-fpm php -docker buildx build -t php-cli:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cli php -docker buildx build -t php-fpm-dev:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-fpm-dev php -docker buildx build -t php-cli-dev:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cli-dev php -docker buildx build -t php-cron:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cron php -docker buildx build -t php-cron-dev:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cron-dev php -docker buildx build -t php-supervisor:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-supervisor php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-fpm php +docker buildx build -t ghcr.io/netlogix/docker/php-cli:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cli php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm-dev:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-fpm-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cli-dev:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cli-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cron:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cron php +docker buildx build -t ghcr.io/netlogix/docker/php-cron-dev:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-cron-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-supervisor:7.2 --build-arg PHP_VERSION=7.2 --build-arg UBUNTU_VERSION=18.04 -f php/Dockerfile --target=php-supervisor php -docker buildx build -t php-fpm:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-fpm php -docker buildx build -t php-cli:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cli php -docker buildx build -t php-fpm-dev:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-fpm-dev php -docker buildx build -t php-cli-dev:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cli-dev php -docker buildx build -t php-cron:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cron php -docker buildx build -t php-cron-dev:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cron-dev php -docker buildx build -t php-supervisor:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-supervisor php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-fpm php +docker buildx build -t ghcr.io/netlogix/docker/php-cli:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cli php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm-dev:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-fpm-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cli-dev:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cli-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cron:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cron php +docker buildx build -t ghcr.io/netlogix/docker/php-cron-dev:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-cron-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-supervisor:7.4 --build-arg PHP_VERSION=7.4 --build-arg UBUNTU_VERSION=20.04 -f php/Dockerfile --target=php-supervisor php -docker buildx build -t php-fpm:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-fpm php -docker buildx build -t php-cli:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cli php -docker buildx build -t php-fpm-dev:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-fpm-dev php -docker buildx build -t php-cli-dev:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cli-dev php -docker buildx build -t php-cron:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cron php -docker buildx build -t php-cron-dev:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cron-dev php -docker buildx build -t php-supervisor:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-supervisor php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-fpm php +docker buildx build -t ghcr.io/netlogix/docker/php-cli:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cli php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm-dev:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-fpm-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cli-dev:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cli-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cron:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cron php +docker buildx build -t ghcr.io/netlogix/docker/php-cron-dev:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-cron-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-supervisor:8.1 --build-arg PHP_VERSION=8.1 --build-arg UBUNTU_VERSION=22.04 -f php/Dockerfile --target=php-supervisor php -docker buildx build -t php-fpm:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=22.04 -f php/8.2.dockerfile --target=php-fpm php -docker buildx build -t php-cli:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=22.04 -f php/8.2.dockerfile --target=php-cli php -docker buildx build -t php-fpm-dev:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=22.04 -f php/8.2.dockerfile --target=php-fpm-dev php -docker buildx build -t php-cli-dev:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=22.04 -f php/8.2.dockerfile --target=php-cli-dev php -docker buildx build -t php-cron:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=22.04 -f php/8.2.dockerfile --target=php-cron php -docker buildx build -t php-cron-dev:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=22.04 -f php/8.2.dockerfile --target=php-cron-dev php -docker buildx build -t php-supervisor:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=22.04 -f php/8.2.dockerfile --target=php-supervisor php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=24.04 -f php/8.2.dockerfile --target=php-fpm php +docker buildx build -t ghcr.io/netlogix/docker/php-cli:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=24.04 -f php/8.2.dockerfile --target=php-cli php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm-dev:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=24.04 -f php/8.2.dockerfile --target=php-fpm-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cli-dev:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=24.04 -f php/8.2.dockerfile --target=php-cli-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cron:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=24.04 -f php/8.2.dockerfile --target=php-cron php +docker buildx build -t ghcr.io/netlogix/docker/php-cron-dev:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=24.04 -f php/8.2.dockerfile --target=php-cron-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-supervisor:8.2 --build-arg PHP_VERSION=8.2 --build-arg UBUNTU_VERSION=24.04 -f php/8.2.dockerfile --target=php-supervisor php -docker buildx build -t php-fpm:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=22.04 -f php/8.3.dockerfile --target=php-fpm php -docker buildx build -t php-cli:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=22.04 -f php/8.3.dockerfile --target=php-cli php -docker buildx build -t php-fpm-dev:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=22.04 -f php/8.3.dockerfile --target=php-fpm-dev php -docker buildx build -t php-cli-dev:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=22.04 -f php/8.3.dockerfile --target=php-cli-dev php -docker buildx build -t php-cron:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=22.04 -f php/8.3.dockerfile --target=php-cron php -docker buildx build -t php-cron-dev:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=22.04 -f php/8.3.dockerfile --target=php-cron-dev php -docker buildx build -t php-supervisor:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=22.04 -f php/8.3.dockerfile --target=php-supervisor php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=24.04 -f php/Dockerfile --target=php-fpm php +docker buildx build -t ghcr.io/netlogix/docker/php-cli:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=24.04 -f php/Dockerfile --target=php-cli php +docker buildx build -t ghcr.io/netlogix/docker/php-fpm-dev:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=24.04 -f php/Dockerfile --target=php-fpm-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cli-dev:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=24.04 -f php/Dockerfile --target=php-cli-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-cron:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=24.04 -f php/Dockerfile --target=php-cron php +docker buildx build -t ghcr.io/netlogix/docker/php-cron-dev:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=24.04 -f php/Dockerfile --target=php-cron-dev php +docker buildx build -t ghcr.io/netlogix/docker/php-supervisor:8.3 --build-arg PHP_VERSION=8.3 --build-arg UBUNTU_VERSION=24.04 -f php/Dockerfile --target=php-supervisor php -docker buildx build -t node:18 --build-arg NODE_VERSION=18 -f node/Dockerfile node -docker buildx build -t node:20 --build-arg NODE_VERSION=20 -f node/Dockerfile node +docker buildx build -t ghcr.io/netlogix/docker/node:18 --build-arg NODE_VERSION=18 -f node/Dockerfile node +docker buildx build -t ghcr.io/netlogix/docker/node:20 --build-arg NODE_VERSION=20 -f node/Dockerfile node diff --git a/cfssl/Dockerfile b/cfssl/Dockerfile index 6201d02..14fc3db 100644 --- a/cfssl/Dockerfile +++ b/cfssl/Dockerfile @@ -8,14 +8,14 @@ WORKDIR /src RUN git clone -b 'v1.6.4' --single-branch --depth 1 https://github.com/cloudflare/cfssl.git . -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/cfssl ./cmd/cfssl -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/cfssl-bundle ./cmd/cfssl-bundle -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/cfssl-certinfo ./cmd/cfssl-certinfo -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/cfssl-newkey ./cmd/cfssl-newkey -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/cfssl-scan ./cmd/cfssl-scan -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/cfssljson ./cmd/cfssljson -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/mkbundle ./cmd/mkbundle -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.3" -o /out/multirootca ./cmd/multirootca +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/cfssl ./cmd/cfssl +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/cfssl-bundle ./cmd/cfssl-bundle +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/cfssl-certinfo ./cmd/cfssl-certinfo +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/cfssl-newkey ./cmd/cfssl-newkey +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/cfssl-scan ./cmd/cfssl-scan +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/cfssljson ./cmd/cfssljson +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/mkbundle ./cmd/mkbundle +RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags "-s -w -X github.com/cloudflare/cfssl/cli/version.version=1.6.5" -o /out/multirootca ./cmd/multirootca FROM alpine:3.20 AS cfssl-server diff --git a/webserver/Dockerfile b/httpd/Dockerfile similarity index 80% rename from webserver/Dockerfile rename to httpd/Dockerfile index 324764c..9ce76c5 100644 --- a/webserver/Dockerfile +++ b/httpd/Dockerfile @@ -10,20 +10,20 @@ EXPOSE 90 HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD wget -qO- http://localhost:90/health | grep -q 'health' -FROM base AS webserver-typo3 +FROM base AS httpd-typo3 COPY config/typo3 /usr/local/apache2/vhosts -FROM base AS webserver-neos +FROM base AS httpd-neos COPY config/neos /usr/local/apache2/vhosts -FROM base AS webserver-shopware +FROM base AS httpd-shopware COPY config/shopware /usr/local/apache2/vhosts -FROM base AS webserver-shopware6 +FROM base AS httpd-shopware6 COPY config/shopware6 /usr/local/apache2/vhosts -FROM base AS webserver-symfony +FROM base AS httpd-symfony COPY config/symfony /usr/local/apache2/vhosts -FROM base AS webserver-static +FROM base AS httpd-static COPY config/static /usr/local/apache2/vhosts diff --git a/webserver/config/defaults/conf/extra/additional-mime.conf b/httpd/config/defaults/conf/extra/additional-mime.conf similarity index 100% rename from webserver/config/defaults/conf/extra/additional-mime.conf rename to httpd/config/defaults/conf/extra/additional-mime.conf diff --git a/webserver/config/defaults/conf/extra/dir.conf b/httpd/config/defaults/conf/extra/dir.conf similarity index 100% rename from webserver/config/defaults/conf/extra/dir.conf rename to httpd/config/defaults/conf/extra/dir.conf diff --git a/webserver/config/defaults/conf/extra/logging.conf b/httpd/config/defaults/conf/extra/logging.conf similarity index 100% rename from webserver/config/defaults/conf/extra/logging.conf rename to httpd/config/defaults/conf/extra/logging.conf diff --git a/webserver/config/defaults/conf/extra/security.conf b/httpd/config/defaults/conf/extra/security.conf similarity index 100% rename from webserver/config/defaults/conf/extra/security.conf rename to httpd/config/defaults/conf/extra/security.conf diff --git a/webserver/config/defaults/conf/http_custom.conf b/httpd/config/defaults/conf/http_custom.conf similarity index 100% rename from webserver/config/defaults/conf/http_custom.conf rename to httpd/config/defaults/conf/http_custom.conf diff --git a/webserver/config/defaults/vhosts/health-check.conf b/httpd/config/defaults/vhosts/health-check.conf similarity index 100% rename from webserver/config/defaults/vhosts/health-check.conf rename to httpd/config/defaults/vhosts/health-check.conf diff --git a/webserver/config/neos/default.conf b/httpd/config/neos/default.conf similarity index 100% rename from webserver/config/neos/default.conf rename to httpd/config/neos/default.conf diff --git a/webserver/config/shopware/default.conf b/httpd/config/shopware/default.conf similarity index 100% rename from webserver/config/shopware/default.conf rename to httpd/config/shopware/default.conf diff --git a/webserver/config/shopware6/default.conf b/httpd/config/shopware6/default.conf similarity index 100% rename from webserver/config/shopware6/default.conf rename to httpd/config/shopware6/default.conf diff --git a/webserver/config/static/default.conf b/httpd/config/static/default.conf similarity index 100% rename from webserver/config/static/default.conf rename to httpd/config/static/default.conf diff --git a/webserver/config/symfony/default.conf b/httpd/config/symfony/default.conf similarity index 100% rename from webserver/config/symfony/default.conf rename to httpd/config/symfony/default.conf diff --git a/webserver/config/typo3/default.conf b/httpd/config/typo3/default.conf similarity index 100% rename from webserver/config/typo3/default.conf rename to httpd/config/typo3/default.conf diff --git a/mysql/8.4.dockerfile b/mysql/8.4.dockerfile new file mode 100644 index 0000000..199505e --- /dev/null +++ b/mysql/8.4.dockerfile @@ -0,0 +1,5 @@ +# syntax=docker/dockerfile:1 +FROM mysql:8.4 + +COPY config /etc/mysql/conf.d +HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mysql/Dockerfile b/mysql/Dockerfile index 199505e..ead7848 100644 --- a/mysql/Dockerfile +++ b/mysql/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM mysql:8.4 +FROM mysql:9.0 COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/php/8.2.dockerfile b/php/8.2.dockerfile index d85f0de..40ab4c4 100644 --- a/php/8.2.dockerfile +++ b/php/8.2.dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 ARG UBUNTU_VERSION=24.04 -FROM ubuntu:${UBUNTU_VERSION} as base +FROM ubuntu:${UBUNTU_VERSION} AS base ARG PHP_VERSION=8.2 ARG XDEBUG_VERSION=3.3.2 diff --git a/php/Dockerfile b/php/Dockerfile index fc74253..6e0b44c 100644 --- a/php/Dockerfile +++ b/php/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 ARG UBUNTU_VERSION=24.04 -FROM ubuntu:${UBUNTU_VERSION} as base +FROM ubuntu:${UBUNTU_VERSION} AS base ARG PHP_VERSION=8.3 ARG XDEBUG_VERSION=3.3.2 diff --git a/prometheus-apache-exporter/Dockerfile b/prometheus-apache-exporter/Dockerfile index 8106ed7..1ffb505 100644 --- a/prometheus-apache-exporter/Dockerfile +++ b/prometheus-apache-exporter/Dockerfile @@ -3,7 +3,7 @@ FROM --platform=$BUILDPLATFORM golang:1.22-alpine AS builder ARG TARGETOS ARG TARGETARCH -ARG EXPORTER_VERSION='v1.0.6' +ARG EXPORTER_VERSION='v1.0.8' WORKDIR /src diff --git a/prometheus-nginx-exporter/Dockerfile b/prometheus-nginx-exporter/Dockerfile index 485bdbb..6be15c5 100644 --- a/prometheus-nginx-exporter/Dockerfile +++ b/prometheus-nginx-exporter/Dockerfile @@ -3,7 +3,7 @@ FROM --platform=$BUILDPLATFORM golang:1.22-alpine AS builder ARG TARGETOS ARG TARGETARCH -ARG EXPORTER_VERSION='v1.1.0' +ARG EXPORTER_VERSION='v1.2.0' WORKDIR /src From 207b8557af964a93a55823133dc08f342154ae75 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 18:29:23 +0200 Subject: [PATCH 14/22] fix: warning that 'as' and 'FROM' keywords' casing do not match (FromAsCasing) --- httpd/Dockerfile | 2 +- mariadb/10.11.dockerfile | 2 +- mariadb/10.6.dockerfile | 2 +- mariadb/Dockerfile | 2 +- prometheus-redis-exporter/Dockerfile | 2 +- solr/8.dockerfile | 2 +- solr/Dockerfile | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/httpd/Dockerfile b/httpd/Dockerfile index 9ce76c5..fe1dbe1 100644 --- a/httpd/Dockerfile +++ b/httpd/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM httpd:2.4-alpine as base +FROM httpd:2.4-alpine AS base ENV FPM_BACKEND=php-fpm:9000 COPY config/defaults /usr/local/apache2/ RUN sed -i 's/LoadModule autoindex_module/#LoadModule autoindex_module/g' /usr/local/apache2/conf/httpd.conf diff --git a/mariadb/10.11.dockerfile b/mariadb/10.11.dockerfile index 50be16f..cc4b886 100644 --- a/mariadb/10.11.dockerfile +++ b/mariadb/10.11.dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 # Version of Ubuntu 24.04 -FROM mariadb:10.11 as mariadb +FROM mariadb:10.11 AS mariadb COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mariadb/10.6.dockerfile b/mariadb/10.6.dockerfile index c959140..a115783 100644 --- a/mariadb/10.6.dockerfile +++ b/mariadb/10.6.dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 # Version of Ubuntu 22.04 -FROM mariadb:10.6 as mariadb +FROM mariadb:10.6 AS mariadb COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mariadb/Dockerfile b/mariadb/Dockerfile index 22dcac3..7ef5cb1 100644 --- a/mariadb/Dockerfile +++ b/mariadb/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 # This is always the latest -FROM mariadb:11.4 as mariadb +FROM mariadb:11.4 AS mariadb COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/prometheus-redis-exporter/Dockerfile b/prometheus-redis-exporter/Dockerfile index 5caead1..2613eea 100644 --- a/prometheus-redis-exporter/Dockerfile +++ b/prometheus-redis-exporter/Dockerfile @@ -1 +1 @@ -FROM oliver006/redis_exporter:v1.61.0 as prometheus-redis-exporter +FROM oliver006/redis_exporter:v1.61.0 AS prometheus-redis-exporter diff --git a/solr/8.dockerfile b/solr/8.dockerfile index a5ccac7..8aac087 100644 --- a/solr/8.dockerfile +++ b/solr/8.dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM solr:8.11.3 as builder +FROM solr:8.11.3 AS builder ENV TYPO3_SOLR=11.5.0 \ TYPO3_SOLR_DOWNLOAD_SHA512="a0c0181993606dbaa587520e8aa8988f1b0eb845215828cf31df0dc181497ab4932db03359bc89655366197247210b4a82cbba1b7bcc5abba85545811e17eefe" diff --git a/solr/Dockerfile b/solr/Dockerfile index e755b0b..8c08474 100644 --- a/solr/Dockerfile +++ b/solr/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM solr:9.5.0 as builder +FROM solr:9.5.0 AS builder ENV TYPO3_SOLR=12.0.3 \ TYPO3_SOLR_DOWNLOAD_SHA512="882f24a44d221f5d85a2066ab1235c9aedcd31c8a8f2009f9343b73de2931fd354fed6a8175fe18fa6fa0c284dd07d428c4f547f24875129e5a1d57c5ffd283f" From 1ac48a465692d8491eee9888ee0eac8e3e0076f3 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 18:36:34 +0200 Subject: [PATCH 15/22] fix: builder in workflows --- .github/workflows/cfssl.yml | 6 ++---- .github/workflows/chromium.yml | 3 +-- .github/workflows/elasticsearch.yml | 3 +-- .github/workflows/httpd.yml | 2 +- .github/workflows/mailpit.yml | 3 +-- .github/workflows/mariadb.yml | 2 +- .github/workflows/mysql.yml | 2 +- .github/workflows/nginx.yml | 6 ++---- .github/workflows/node.yml | 2 +- .github/workflows/php.yml | 14 +++++++------- .github/workflows/prettier.yml | 3 +-- .github/workflows/prometheus-apache-exporter.yml | 3 +-- .../prometheus-elasticsearch-exporter.yml | 3 +-- .github/workflows/prometheus-nginx-exporter.yml | 3 +-- .github/workflows/prometheus-php-fpm-exporter.yml | 3 +-- .github/workflows/prometheus-postgres-exporter.yml | 3 +-- .github/workflows/prometheus-redis-exporter.yml | 3 +-- .github/workflows/prometheus-solr-exporter.yml | 3 +-- .github/workflows/prometheus-varnish-exporter.yml | 3 +-- .github/workflows/rabbitmq.yml | 3 +-- .github/workflows/redis.yml | 3 +-- .github/workflows/tideways-daemon.yml | 3 +-- .github/workflows/varnish.yml | 3 +-- 23 files changed, 31 insertions(+), 51 deletions(-) diff --git a/.github/workflows/cfssl.yml b/.github/workflows/cfssl.yml index 2d93b77..97be4e0 100644 --- a/.github/workflows/cfssl.yml +++ b/.github/workflows/cfssl.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (cfssl) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: cfssl + builder: ${{ steps.buildx.outputs.name }} context: ./cfssl target: cfssl file: ./cfssl/Dockerfile @@ -58,10 +57,9 @@ jobs: cache-to: type=gha, mode=max - name: Build and push (cfssl) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: cfssl-server + builder: ${{ steps.buildx.outputs.name }} context: ./cfssl target: cfssl-server file: ./cfssl/Dockerfile diff --git a/.github/workflows/chromium.yml b/.github/workflows/chromium.yml index 80ac311..496d84c 100644 --- a/.github/workflows/chromium.yml +++ b/.github/workflows/chromium.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (chromium) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: chromium + builder: ${{ steps.buildx.outputs.name }} context: ./chromium target: chromium file: ./chromium/Dockerfile diff --git a/.github/workflows/elasticsearch.yml b/.github/workflows/elasticsearch.yml index 28109da..7bb99b5 100644 --- a/.github/workflows/elasticsearch.yml +++ b/.github/workflows/elasticsearch.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (elasticsearch) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: elasticsearch + builder: ${{ steps.buildx.outputs.name }} context: ./elasticsearch target: elasticsearch file: ./elasticsearch/Dockerfile diff --git a/.github/workflows/httpd.yml b/.github/workflows/httpd.yml index 905fc34..5729b0a 100644 --- a/.github/workflows/httpd.yml +++ b/.github/workflows/httpd.yml @@ -62,7 +62,7 @@ jobs: - name: Build and push (httpd-fpm) uses: docker/build-push-action@v6 with: - builder: httpd + builder: ${{ steps.buildx.outputs.name }} context: ./httpd target: httpd-${{ matrix.image.name }} file: ./httpd/Dockerfile diff --git a/.github/workflows/mailpit.yml b/.github/workflows/mailpit.yml index f60a212..cab849a 100644 --- a/.github/workflows/mailpit.yml +++ b/.github/workflows/mailpit.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (mailpit) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: mailpit + builder: ${{ steps.buildx.outputs.name }} context: ./mailpit target: mailpit file: ./mailpit/Dockerfile diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index e4fb02c..1b74def 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -58,7 +58,7 @@ jobs: - name: Build and push (mariadb-fpm) uses: docker/build-push-action@v6 with: - builder: mariadb + builder: ${{ steps.buildx.outputs.name }} context: ./mariadb target: mariadb file: ./mariadb/${{ matrix.image.file || 'Dockerfile' }} diff --git a/.github/workflows/mysql.yml b/.github/workflows/mysql.yml index 4a29c86..19bfdf7 100644 --- a/.github/workflows/mysql.yml +++ b/.github/workflows/mysql.yml @@ -58,7 +58,7 @@ jobs: - name: Build and push (mysql-fpm) uses: docker/build-push-action@v6 with: - builder: mysql + builder: ${{ steps.buildx.outputs.name }} context: ./mysql target: mysql file: ./mysql/${{ matrix.image.file || 'Dockerfile' }} diff --git a/.github/workflows/nginx.yml b/.github/workflows/nginx.yml index e937ccf..fe5264a 100644 --- a/.github/workflows/nginx.yml +++ b/.github/workflows/nginx.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (nginx) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: nginx + builder: ${{ steps.buildx.outputs.name }} context: ./nginx target: nginx file: ./nginx/Dockerfile @@ -62,10 +61,9 @@ jobs: cache-to: type=gha, scope=${{ github.workflow }}-nginx, mode=max - name: Build and push (nginx) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: styleguide + builder: ${{ steps.buildx.outputs.name }} context: ./nginx target: styleguide file: ./nginx/Dockerfile diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml index a767c47..75e188a 100644 --- a/.github/workflows/node.yml +++ b/.github/workflows/node.yml @@ -58,7 +58,7 @@ jobs: - name: Build and push (node-fpm) uses: docker/build-push-action@v6 with: - builder: node + builder: ${{ steps.buildx.outputs.name }} context: ./node target: node file: ./node/Dockerfile diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index 5570f0a..7970c8f 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -78,7 +78,7 @@ jobs: - name: Build and push (php-fpm) uses: docker/build-push-action@v6 with: - builder: php-fpm + builder: ${{ steps.buildx.outputs.name }} context: ./php target: php-fpm file: ./php/${{ matrix.image.file || 'Dockerfile' }} @@ -91,7 +91,7 @@ jobs: - name: Build and push (php-cli) uses: docker/build-push-action@v6 with: - builder: php-cli + builder: ${{ steps.buildx.outputs.name }} context: ./php target: php-cli file: ./php/${{ matrix.image.file || 'Dockerfile' }} @@ -104,7 +104,7 @@ jobs: - name: Build and push (php-cron) uses: docker/build-push-action@v6 with: - builder: php-cron + builder: ${{ steps.buildx.outputs.name }} context: ./php target: php-cron file: ./php/${{ matrix.image.file || 'Dockerfile' }} @@ -117,7 +117,7 @@ jobs: - name: Build and push (php-supervisor) uses: docker/build-push-action@v6 with: - builder: php-supervisor + builder: ${{ steps.buildx.outputs.name }} context: ./php target: php-supervisor file: ./php/${{ matrix.image.file || 'Dockerfile' }} @@ -130,7 +130,7 @@ jobs: - name: Build and push (php-fpm-dev) uses: docker/build-push-action@v6 with: - builder: php-fpm-dev + builder: ${{ steps.buildx.outputs.name }} context: ./php target: php-fpm-dev file: ./php/${{ matrix.image.file || 'Dockerfile' }} @@ -143,7 +143,7 @@ jobs: - name: Build and push (php-cli-dev) uses: docker/build-push-action@v6 with: - builder: php-cli-dev + builder: ${{ steps.buildx.outputs.name }} context: ./php target: php-cli-dev file: ./php/${{ matrix.image.file || 'Dockerfile' }} @@ -156,7 +156,7 @@ jobs: - name: Build and push (php-cron-dev) uses: docker/build-push-action@v6 with: - builder: php-cron-dev + builder: ${{ steps.buildx.outputs.name }} context: ./php target: php-cron-dev file: ./php/${{ matrix.image.file || 'Dockerfile' }} diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml index 3695287..f2263b6 100644 --- a/.github/workflows/prettier.yml +++ b/.github/workflows/prettier.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prettier) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prettier + builder: ${{ steps.buildx.outputs.name }} context: ./prettier target: prettier file: ./prettier/Dockerfile diff --git a/.github/workflows/prometheus-apache-exporter.yml b/.github/workflows/prometheus-apache-exporter.yml index 4cac4b5..7a5ef16 100644 --- a/.github/workflows/prometheus-apache-exporter.yml +++ b/.github/workflows/prometheus-apache-exporter.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-apache-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-apache-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-apache-exporter target: prometheus-apache-exporter file: ./prometheus-apache-exporter/Dockerfile diff --git a/.github/workflows/prometheus-elasticsearch-exporter.yml b/.github/workflows/prometheus-elasticsearch-exporter.yml index 20342f4..2cd26c8 100644 --- a/.github/workflows/prometheus-elasticsearch-exporter.yml +++ b/.github/workflows/prometheus-elasticsearch-exporter.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-elasticsearch-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-elasticsearch-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-elasticsearch-exporter target: prometheus-elasticsearch-exporter file: ./prometheus-elasticsearch-exporter/Dockerfile diff --git a/.github/workflows/prometheus-nginx-exporter.yml b/.github/workflows/prometheus-nginx-exporter.yml index 8434d23..a57fa94 100644 --- a/.github/workflows/prometheus-nginx-exporter.yml +++ b/.github/workflows/prometheus-nginx-exporter.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-nginx-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-nginx-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-nginx-exporter target: prometheus-nginx-exporter file: ./prometheus-nginx-exporter/Dockerfile diff --git a/.github/workflows/prometheus-php-fpm-exporter.yml b/.github/workflows/prometheus-php-fpm-exporter.yml index 5efbe77..e493394 100644 --- a/.github/workflows/prometheus-php-fpm-exporter.yml +++ b/.github/workflows/prometheus-php-fpm-exporter.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-php-fpm-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-php-fpm-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-php-fpm-exporter target: prometheus-php-fpm-exporter file: ./prometheus-php-fpm-exporter/Dockerfile diff --git a/.github/workflows/prometheus-postgres-exporter.yml b/.github/workflows/prometheus-postgres-exporter.yml index b0eb7b7..77defbf 100644 --- a/.github/workflows/prometheus-postgres-exporter.yml +++ b/.github/workflows/prometheus-postgres-exporter.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-postgres-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-postgres-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-postgres-exporter target: prometheus-postgres-exporter file: ./prometheus-postgres-exporter/Dockerfile diff --git a/.github/workflows/prometheus-redis-exporter.yml b/.github/workflows/prometheus-redis-exporter.yml index 8cf927b..8edff48 100644 --- a/.github/workflows/prometheus-redis-exporter.yml +++ b/.github/workflows/prometheus-redis-exporter.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-redis-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-redis-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-redis-exporter target: prometheus-redis-exporter file: ./prometheus-redis-exporter/Dockerfile diff --git a/.github/workflows/prometheus-solr-exporter.yml b/.github/workflows/prometheus-solr-exporter.yml index b4dc00f..f60c068 100644 --- a/.github/workflows/prometheus-solr-exporter.yml +++ b/.github/workflows/prometheus-solr-exporter.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-solr-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-solr-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-solr-exporter target: prometheus-solr-exporter file: ./prometheus-solr-exporter/Dockerfile diff --git a/.github/workflows/prometheus-varnish-exporter.yml b/.github/workflows/prometheus-varnish-exporter.yml index a6e883f..14d72a3 100644 --- a/.github/workflows/prometheus-varnish-exporter.yml +++ b/.github/workflows/prometheus-varnish-exporter.yml @@ -44,10 +44,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (prometheus-varnish-exporter) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: prometheus-varnish-exporter + builder: ${{ steps.buildx.outputs.name }} context: ./prometheus-varnish-exporter target: prometheus-varnish-exporter file: ./prometheus-varnish-exporter/Dockerfile diff --git a/.github/workflows/rabbitmq.yml b/.github/workflows/rabbitmq.yml index 2f66fd9..58aa4d1 100644 --- a/.github/workflows/rabbitmq.yml +++ b/.github/workflows/rabbitmq.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (rabbitmq) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: rabbitmq + builder: ${{ steps.buildx.outputs.name }} context: ./rabbitmq target: rabbitmq file: ./rabbitmq/Dockerfile diff --git a/.github/workflows/redis.yml b/.github/workflows/redis.yml index 8af235f..5e04ad6 100644 --- a/.github/workflows/redis.yml +++ b/.github/workflows/redis.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (redis) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: redis + builder: ${{ steps.buildx.outputs.name }} context: ./redis target: redis file: ./redis/Dockerfile diff --git a/.github/workflows/tideways-daemon.yml b/.github/workflows/tideways-daemon.yml index 6d93a33..0972268 100644 --- a/.github/workflows/tideways-daemon.yml +++ b/.github/workflows/tideways-daemon.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (tideways-daemon) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: tideways-daemon + builder: ${{ steps.buildx.outputs.name }} context: ./tideways-daemon target: tideways-daemon file: ./tideways-daemon/Dockerfile diff --git a/.github/workflows/varnish.yml b/.github/workflows/varnish.yml index 15a0d5f..8e75291 100644 --- a/.github/workflows/varnish.yml +++ b/.github/workflows/varnish.yml @@ -48,10 +48,9 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push (varnish) - id: docker_build_push uses: docker/build-push-action@v6 with: - builder: varnish + builder: ${{ steps.buildx.outputs.name }} context: ./varnish target: varnish file: ./varnish/Dockerfile From f8eaa52658901320094c5fedb36beff4a31ede21 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 18:39:50 +0200 Subject: [PATCH 16/22] fix: add missing target stage --- mysql/8.0.dockerfile | 2 +- mysql/8.4.dockerfile | 2 +- mysql/Dockerfile | 2 +- varnish/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mysql/8.0.dockerfile b/mysql/8.0.dockerfile index 9cb7ba4..9458579 100644 --- a/mysql/8.0.dockerfile +++ b/mysql/8.0.dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM mysql:8.0 +FROM mysql:8.0 AS mysql COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mysql/8.4.dockerfile b/mysql/8.4.dockerfile index 199505e..937f256 100644 --- a/mysql/8.4.dockerfile +++ b/mysql/8.4.dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM mysql:8.4 +FROM mysql:8.4 AS mysql COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/mysql/Dockerfile b/mysql/Dockerfile index ead7848..21c1f40 100644 --- a/mysql/Dockerfile +++ b/mysql/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM mysql:9.0 +FROM mysql:9.0 AS mysql COPY config /etc/mysql/conf.d HEALTHCHECK --interval=2s --timeout=20s --retries=10 CMD mysqladmin ping -h localhost -u root -p$MYSQL_ROOT_PASSWORD diff --git a/varnish/Dockerfile b/varnish/Dockerfile index bd3fef2..4cc1763 100644 --- a/varnish/Dockerfile +++ b/varnish/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM varnish:7.5 +FROM varnish:7.5 AS varnish ENV VARNISH_SIZE=1G From 1b98be53af239d470c16de5d3050eea26b3436fa Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 18:40:20 +0200 Subject: [PATCH 17/22] fix: failed to compute cache key --- .github/workflows/nginx.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nginx.yml b/.github/workflows/nginx.yml index fe5264a..69320e0 100644 --- a/.github/workflows/nginx.yml +++ b/.github/workflows/nginx.yml @@ -57,8 +57,8 @@ jobs: push: ${{ github.event_name != 'pull_request' }} tags: ghcr.io/netlogix/docker/nginx:latest,ghcr.io/netlogix/docker/nginx:${{ steps.docker.outputs.version }},ghcr.io/netlogix/docker/proxy:${{ steps.docker.outputs.version }} platforms: linux/amd64,linux/arm64 - cache-from: type=gha, scope=${{ github.workflow }}-nginx - cache-to: type=gha, scope=${{ github.workflow }}-nginx, mode=max + cache-from: type=gha + cache-to: type=gha,mode=max - name: Build and push (nginx) uses: docker/build-push-action@v6 From 436c4dc971654d97b1acb53e79953c9cbe6fa27d Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 18:44:19 +0200 Subject: [PATCH 18/22] fix: "/config": not found in nginx --- build-container.sh | 14 ++++++-------- nginx/Dockerfile | 1 - 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/build-container.sh b/build-container.sh index 5916e8e..14384d4 100755 --- a/build-container.sh +++ b/build-container.sh @@ -7,23 +7,21 @@ if [ "${VERSION:-}" = "" ]; then export VERSION=latest fi -docker buildx build -t ghcr.io/netlogix/docker/serverspec:${VERSION} -f serverspec/Dockerfile serverspec - docker buildx build -t ghcr.io/netlogix/docker/mariadb:${VERSION} -f mariadb/Dockerfile mariadb docker buildx build -t ghcr.io/netlogix/docker/mysql:${VERSION} -f mysql/Dockerfile mysql docker buildx build -t ghcr.io/netlogix/docker/postgres:${VERSION} -f postgres/Dockerfile postgres docker buildx build -t ghcr.io/netlogix/docker/prettier:${VERSION} -f prettier/Dockerfile prettier -docker buildx build -t ghcr.io/netlogix/docker/proxy:${VERSION} -f proxy/Dockerfile proxy +docker buildx build -t ghcr.io/netlogix/docker/nginx:${VERSION} -f nginx/Dockerfile --target=nginx nginx +docker buildx build -t ghcr.io/netlogix/docker/styleguide:${VERSION} -f nginx/Dockerfile --target=styleguide nginx docker buildx build -t ghcr.io/netlogix/docker/rabbitmq:${VERSION} -f rabbitmq/Dockerfile rabbitmq docker buildx build -t ghcr.io/netlogix/docker/redis:${VERSION} -f redis/Dockerfile redis docker buildx build -t ghcr.io/netlogix/docker/solr:${VERSION} -f solr/Dockerfile solr docker buildx build -t ghcr.io/netlogix/docker/varnish:${VERSION} -f varnish/Dockerfile varnish docker buildx build -t ghcr.io/netlogix/docker/elasticsearch:${VERSION} -f elasticsearch/Dockerfile elasticsearch -docker buildx build -t ghcr.io/netlogix/docker/styleguide:${VERSION} -f styleguide/Dockerfile styleguide -docker buildx build -t ghcr.io/netlogix/docker/webserver-neos:${VERSION} -f webserver/Dockerfile --target=webserver-neos webserver -docker buildx build -t ghcr.io/netlogix/docker/webserver-static:${VERSION} -f webserver/Dockerfile --target=webserver-static webserver -docker buildx build -t ghcr.io/netlogix/docker/webserver-typo3:${VERSION} -f webserver/Dockerfile --target=webserver-typo3 webserver -docker buildx build -t ghcr.io/netlogix/docker/webserver-shopware:${VERSION} -f webserver/Dockerfile --target=webserver-shopware webserver +docker buildx build -t ghcr.io/netlogix/docker/httpd-neos:${VERSION} -f httpd/Dockerfile --target=httpd-neos httpd +docker buildx build -t ghcr.io/netlogix/docker/httpd-static:${VERSION} -f httpd/Dockerfile --target=httpd-static httpd +docker buildx build -t ghcr.io/netlogix/docker/httpd-typo3:${VERSION} -f httpd/Dockerfile --target=httpd-typo3 httpd +docker buildx build -t ghcr.io/netlogix/docker/httpd-shopware:${VERSION} -f httpd/Dockerfile --target=httpd-shopware httpd docker buildx build -t ghcr.io/netlogix/docker/chromium:${VERSION} -f chromium/Dockerfile chromium docker buildx build -t ghcr.io/netlogix/docker/mailpit:${VERSION} -f mailpit/Dockerfile mailpit docker buildx build -t ghcr.io/netlogix/docker/cfssl:${VERSION} -f cfssl/Dockerfile --target=cfssl cfssl diff --git a/nginx/Dockerfile b/nginx/Dockerfile index 046ddb1..e8c531d 100644 --- a/nginx/Dockerfile +++ b/nginx/Dockerfile @@ -83,7 +83,6 @@ RUN --mount=type=bind,target=/tmp/packages/,source=/tmp/packages/,from=builder \ RUN curl -L https://github.com/a8m/envsubst/releases/download/v1.4.2/envsubst-Linux-x86_64 -o /usr/local/bin/envsubst && chmod +x /usr/local/bin/envsubst COPY etc /etc/ -COPY config /etc/nginx COPY docker-entrypoint.d /docker-entrypoint.d # Test nginx config From ff2ae4cf37830f3560c2b71845e9afb1be69a22d Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Sun, 7 Jul 2024 21:52:38 +0200 Subject: [PATCH 19/22] feat: make php builds faster --- .github/workflows/php.yml | 54 ++++++++++++++++++++++++++ php/8.2.dockerfile | 82 ++++++++++++++------------------------- php/Dockerfile | 82 ++++++++++++++------------------------- 3 files changed, 114 insertions(+), 104 deletions(-) diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index 7970c8f..d7cda44 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -127,6 +127,60 @@ jobs: cache-from: type=gha, scope=${{ github.workflow }}-php cache-to: type=gha, scope=${{ github.workflow }}-php, mode=max + build-docker-dev-image: + name: 'Build php-${{ matrix.image.version }}-dev docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - version: 7.2 + build-args: | + PHP_VERSION=7.2 + UBUNTU_VERSION=18.04 + XDEBUG_VERSION=3.1.6 + - version: 7.4 + build-args: | + PHP_VERSION=7.4 + UBUNTU_VERSION=20.04 + XDEBUG_VERSION=3.1.6 + - version: 8.1 + build-args: | + PHP_VERSION=8.1 + UBUNTU_VERSION=22.04 + XDEBUG_VERSION=3.3.2 + - version: 8.2 + file: 8.2.dockerfile + build-args: | + PHP_VERSION=8.2 + UBUNTU_VERSION=24.04 + XDEBUG_VERSION=3.3.2 + - version: 8.3 + build-args: | + PHP_VERSION=8.3 + UBUNTU_VERSION=24.04 + XDEBUG_VERSION=3.3.2 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push (php-fpm-dev) uses: docker/build-push-action@v6 with: diff --git a/php/8.2.dockerfile b/php/8.2.dockerfile index 40ab4c4..8d3fe99 100644 --- a/php/8.2.dockerfile +++ b/php/8.2.dockerfile @@ -31,30 +31,18 @@ RUN apt-get update && \ apt-transport-https\ libfcgi-bin \ ca-certificates \ - curl \ + wget \ gnupg2 \ locales -RUN locale-gen de_DE.UTF-8 && \ - locale-gen en_GB.UTF-8 && \ - locale-gen en_US.UTF-8 && \ - locale-gen es_ES.UTF-8 && \ - locale-gen fr_FR.UTF-8 && \ - locale-gen nl_NL.UTF-8 && \ - locale-gen pt_PT.UTF-8 && \ - locale-gen it_IT.UTF-8 - -# Install dev certificates -COPY certs/* /usr/share/ca-certificates/netlogix/ -RUN echo "netlogix/docker-dev-ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates - -RUN echo 'deb https://packages.tideways.com/apt-packages-main any-version main' > /etc/apt/sources.list.d/tideways.list && \ - curl -L -sS 'https://packages.tideways.com/key.gpg' | apt-key add - +RUN echo 'deb [signed-by=/usr/share/keyrings/tideways.gpg] https://packages.tideways.com/apt-packages-main any-version main' | tee /etc/apt/sources.list.d/tideways.list && \ + wget -qO - 'https://packages.tideways.com/key.gpg' | gpg --dearmor | tee /usr/share/keyrings/tideways.gpg > /dev/null RUN add-apt-repository ppa:ondrej/php -y RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ + cron \ ghostscript \ gifsicle \ imagemagick \ @@ -62,6 +50,7 @@ RUN apt-get update && \ openssl \ optipng \ pngquant \ + supervisor \ tar \ unzip \ webp \ @@ -69,8 +58,8 @@ RUN apt-get update && \ php${PHP_VERSION} \ php${PHP_VERSION}-apcu \ php${PHP_VERSION}-bcmath \ - php${PHP_VERSION}-common \ php${PHP_VERSION}-cli \ + php${PHP_VERSION}-common \ php${PHP_VERSION}-curl \ php${PHP_VERSION}-fpm \ php${PHP_VERSION}-gd \ @@ -83,15 +72,30 @@ RUN apt-get update && \ php${PHP_VERSION}-pgsql \ php${PHP_VERSION}-readline \ php${PHP_VERSION}-redis \ + php${PHP_VERSION}-sqlite3 \ php${PHP_VERSION}-xml \ php${PHP_VERSION}-yaml \ php${PHP_VERSION}-zip \ - && apt-get -y install --no-install-suggests --no-install-recommends \ tideways-php \ tideways-cli \ && apt-get autoremove \ && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache + && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ + && rm -rf /etc/cron.*/* + +# Install locales +RUN locale-gen de_DE.UTF-8 && \ + locale-gen en_GB.UTF-8 && \ + locale-gen en_US.UTF-8 && \ + locale-gen es_ES.UTF-8 && \ + locale-gen fr_FR.UTF-8 && \ + locale-gen nl_NL.UTF-8 && \ + locale-gen pt_PT.UTF-8 && \ + locale-gen it_IT.UTF-8 + +# Install dev certificates +COPY certs/* /usr/share/ca-certificates/netlogix/ +RUN echo "netlogix/docker-dev-ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates RUN ln -s /usr/sbin/php-fpm${PHP_VERSION} /usr/sbin/php-fpm @@ -101,12 +105,18 @@ RUN mkdir -p "/run/php/" \ && touch /var/log/xdebug.log \ && chown www-data:www-data /var/log/xdebug.log +RUN touch /var/run/supervisord.pid \ + && chown www-data:www-data /var/run/supervisord.pid + # Config files COPY config/conf.d /etc/php/${PHP_VERSION}/cli/conf.d/ COPY config/conf.d /etc/php/${PHP_VERSION}/fpm/conf.d/ COPY config/fpm/pool.d /etc/php/${PHP_VERSION}/fpm/pool.d/ COPY config/fpm-${PHP_VERSION}/pool.d /etc/php/${PHP_VERSION}/fpm/pool.d/ +# Config files +COPY dev/bash /root/ + # Test php-fpm config and php info RUN php-fpm -tt RUN php -i @@ -136,16 +146,6 @@ CMD ["php", "-a"] FROM php-cli AS php-cron -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - cron \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - -WORKDIR /var/www - COPY cron/docker-cron-entrypoint /usr/local/bin/ ENTRYPOINT ["docker-cron-entrypoint"] @@ -153,19 +153,6 @@ CMD ["cron", "-f", "-l", "2"] FROM php-cli AS php-supervisor -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - supervisor \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - -RUN touch /var/run/supervisord.pid \ - && chown www-data:www-data /var/run/supervisord.pid - -WORKDIR /var/www - COPY supervisor/docker-supervisor-entrypoint /usr/local/bin/ COPY supervisor/supervisord.conf /etc/supervisor/supervisord.conf @@ -188,7 +175,7 @@ ENV PHP_IDE_CONFIG="serverName=localhost" RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ - make php${PHP_VERSION}-dev php${PHP_VERSION}-sqlite3 php-pear openssh-client git patch \ + make php${PHP_VERSION}-dev php-pear openssh-client git patch \ && mkdir -p /tmp/pear/cache \ && pecl channel-update pecl.php.net \ && pecl install xdebug-${XDEBUG_VERSION} \ @@ -210,7 +197,6 @@ RUN apt-get update && \ COPY --from=composer:2 /usr/bin/composer /usr/bin/composer COPY dev/scripts /usr/local/bin/ -COPY dev/bash /root/ # Dev PHP cli FROM php-fpm-dev AS php-cli-dev @@ -228,14 +214,6 @@ CMD ["php", "-a"] # Dev PHP cron FROM php-cli-dev AS php-cron-dev -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - cron \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - WORKDIR /var/www COPY cron/docker-cron-entrypoint /usr/local/bin/ diff --git a/php/Dockerfile b/php/Dockerfile index 6e0b44c..e893379 100644 --- a/php/Dockerfile +++ b/php/Dockerfile @@ -29,28 +29,16 @@ RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ libfcgi-bin \ ca-certificates \ - curl \ + wget \ gnupg2 \ locales -RUN locale-gen de_DE.UTF-8 && \ - locale-gen en_GB.UTF-8 && \ - locale-gen en_US.UTF-8 && \ - locale-gen es_ES.UTF-8 && \ - locale-gen fr_FR.UTF-8 && \ - locale-gen nl_NL.UTF-8 && \ - locale-gen pt_PT.UTF-8 && \ - locale-gen it_IT.UTF-8 - -# Install dev certificates -COPY certs/* /usr/share/ca-certificates/netlogix/ -RUN echo "netlogix/docker-dev-ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates - -RUN echo 'deb https://packages.tideways.com/apt-packages-main any-version main' > /etc/apt/sources.list.d/tideways.list && \ - curl -L -sS 'https://packages.tideways.com/key.gpg' | apt-key add - +RUN echo 'deb [signed-by=/usr/share/keyrings/tideways.gpg] https://packages.tideways.com/apt-packages-main any-version main' | tee /etc/apt/sources.list.d/tideways.list && \ + wget -qO - 'https://packages.tideways.com/key.gpg' | gpg --dearmor | tee /usr/share/keyrings/tideways.gpg > /dev/null RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ + cron \ ghostscript \ gifsicle \ imagemagick \ @@ -58,6 +46,7 @@ RUN apt-get update && \ openssl \ optipng \ pngquant \ + supervisor \ tar \ unzip \ webp \ @@ -65,8 +54,8 @@ RUN apt-get update && \ php${PHP_VERSION} \ php${PHP_VERSION}-apcu \ php${PHP_VERSION}-bcmath \ - php${PHP_VERSION}-common \ php${PHP_VERSION}-cli \ + php${PHP_VERSION}-common \ php${PHP_VERSION}-curl \ php${PHP_VERSION}-fpm \ php${PHP_VERSION}-gd \ @@ -79,15 +68,30 @@ RUN apt-get update && \ php${PHP_VERSION}-pgsql \ php${PHP_VERSION}-readline \ php${PHP_VERSION}-redis \ + php${PHP_VERSION}-sqlite3 \ php${PHP_VERSION}-xml \ php${PHP_VERSION}-yaml \ php${PHP_VERSION}-zip \ - && apt-get -y install --no-install-suggests --no-install-recommends \ tideways-php \ tideways-cli \ && apt-get autoremove \ && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache + && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ + && rm -rf /etc/cron.*/* + +# Install locales +RUN locale-gen de_DE.UTF-8 && \ + locale-gen en_GB.UTF-8 && \ + locale-gen en_US.UTF-8 && \ + locale-gen es_ES.UTF-8 && \ + locale-gen fr_FR.UTF-8 && \ + locale-gen nl_NL.UTF-8 && \ + locale-gen pt_PT.UTF-8 && \ + locale-gen it_IT.UTF-8 + +# Install dev certificates +COPY certs/* /usr/share/ca-certificates/netlogix/ +RUN echo "netlogix/docker-dev-ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates RUN ln -s /usr/sbin/php-fpm${PHP_VERSION} /usr/sbin/php-fpm @@ -97,12 +101,18 @@ RUN mkdir -p "/run/php/" \ && touch /var/log/xdebug.log \ && chown www-data:www-data /var/log/xdebug.log +RUN touch /var/run/supervisord.pid \ + && chown www-data:www-data /var/run/supervisord.pid + # Config files COPY config/conf.d /etc/php/${PHP_VERSION}/cli/conf.d/ COPY config/conf.d /etc/php/${PHP_VERSION}/fpm/conf.d/ COPY config/fpm/pool.d /etc/php/${PHP_VERSION}/fpm/pool.d/ COPY config/fpm-${PHP_VERSION}/pool.d /etc/php/${PHP_VERSION}/fpm/pool.d/ +# Config files +COPY dev/bash /root/ + # Test php-fpm config and php info RUN php-fpm -tt RUN php -i @@ -132,16 +142,6 @@ CMD ["php", "-a"] FROM php-cli AS php-cron -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - cron \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - -WORKDIR /var/www - COPY cron/docker-cron-entrypoint /usr/local/bin/ ENTRYPOINT ["docker-cron-entrypoint"] @@ -149,19 +149,6 @@ CMD ["cron", "-f", "-l", "2"] FROM php-cli AS php-supervisor -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - supervisor \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - -RUN touch /var/run/supervisord.pid \ - && chown www-data:www-data /var/run/supervisord.pid - -WORKDIR /var/www - COPY supervisor/docker-supervisor-entrypoint /usr/local/bin/ COPY supervisor/supervisord.conf /etc/supervisor/supervisord.conf @@ -184,7 +171,7 @@ ENV PHP_IDE_CONFIG="serverName=localhost" RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ - make php${PHP_VERSION}-dev php${PHP_VERSION}-sqlite3 php-pear openssh-client git patch \ + make php${PHP_VERSION}-dev php-pear openssh-client git patch \ && mkdir -p /tmp/pear/cache \ && pecl channel-update pecl.php.net \ && pecl install xdebug-${XDEBUG_VERSION} \ @@ -206,7 +193,6 @@ RUN apt-get update && \ COPY --from=composer:2 /usr/bin/composer /usr/bin/composer COPY dev/scripts /usr/local/bin/ -COPY dev/bash /root/ # Dev PHP cli FROM php-fpm-dev AS php-cli-dev @@ -224,14 +210,6 @@ CMD ["php", "-a"] # Dev PHP cron FROM php-cli-dev AS php-cron-dev -RUN apt-get update && \ - apt-get -y install --no-install-suggests --no-install-recommends \ - cron \ - && apt-get autoremove \ - && find /var/log -type f -name "*.log" -delete \ - && rm -rf /var/lib/apt/lists/* /var/cache/ldconfig/aux-cache \ - && rm -rf /etc/cron.*/* - WORKDIR /var/www COPY cron/docker-cron-entrypoint /usr/local/bin/ From 60aafe4db045a3c716f491108be5b1ec033968c4 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Mon, 8 Jul 2024 08:50:03 +0200 Subject: [PATCH 20/22] feat: Rename Dockerfiles according to documentation https://docs.docker.com/build/building/packaging/#filename --- .github/workflows/mariadb.yml | 4 ++-- .github/workflows/mysql.yml | 4 ++-- .github/workflows/php.yml | 4 ++-- mariadb/{10.11.dockerfile => 10.11.Dockerfile} | 0 mariadb/{10.6.dockerfile => 10.6.Dockerfile} | 0 mysql/{8.0.dockerfile => 8.0.Dockerfile} | 0 mysql/{8.4.dockerfile => 8.4.Dockerfile} | 0 php/{8.2.dockerfile => 8.2.Dockerfile} | 0 postgres/{12.dockerfile => 12.Dockerfile} | 0 postgres/{14.dockerfile => 14.Dockerfile} | 0 solr/{8.dockerfile => 8.Dockerfile} | 0 11 files changed, 6 insertions(+), 6 deletions(-) rename mariadb/{10.11.dockerfile => 10.11.Dockerfile} (100%) rename mariadb/{10.6.dockerfile => 10.6.Dockerfile} (100%) rename mysql/{8.0.dockerfile => 8.0.Dockerfile} (100%) rename mysql/{8.4.dockerfile => 8.4.Dockerfile} (100%) rename php/{8.2.dockerfile => 8.2.Dockerfile} (100%) rename postgres/{12.dockerfile => 12.Dockerfile} (100%) rename postgres/{14.dockerfile => 14.Dockerfile} (100%) rename solr/{8.dockerfile => 8.Dockerfile} (100%) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 1b74def..02014a1 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -31,9 +31,9 @@ jobs: matrix: image: - version: 10.6 - file: 10.6.dockerfile + file: 10.6.Dockerfile - version: 10.11 - file: 10.11.dockerfile + file: 10.11.Dockerfile - version: latest file: Dockerfile diff --git a/.github/workflows/mysql.yml b/.github/workflows/mysql.yml index 19bfdf7..1036a1c 100644 --- a/.github/workflows/mysql.yml +++ b/.github/workflows/mysql.yml @@ -31,9 +31,9 @@ jobs: matrix: image: - version: 8.0 - file: 8.0.dockerfile + file: 8.0.Dockerfile - version: 8.4 - file: 8.4.dockerfile + file: 8.4.Dockerfile - version: latest file: Dockerfile diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml index d7cda44..c223557 100644 --- a/.github/workflows/php.yml +++ b/.github/workflows/php.yml @@ -46,7 +46,7 @@ jobs: UBUNTU_VERSION=22.04 XDEBUG_VERSION=3.3.2 - version: 8.2 - file: 8.2.dockerfile + file: 8.2.Dockerfile build-args: | PHP_VERSION=8.2 UBUNTU_VERSION=24.04 @@ -152,7 +152,7 @@ jobs: UBUNTU_VERSION=22.04 XDEBUG_VERSION=3.3.2 - version: 8.2 - file: 8.2.dockerfile + file: 8.2.Dockerfile build-args: | PHP_VERSION=8.2 UBUNTU_VERSION=24.04 diff --git a/mariadb/10.11.dockerfile b/mariadb/10.11.Dockerfile similarity index 100% rename from mariadb/10.11.dockerfile rename to mariadb/10.11.Dockerfile diff --git a/mariadb/10.6.dockerfile b/mariadb/10.6.Dockerfile similarity index 100% rename from mariadb/10.6.dockerfile rename to mariadb/10.6.Dockerfile diff --git a/mysql/8.0.dockerfile b/mysql/8.0.Dockerfile similarity index 100% rename from mysql/8.0.dockerfile rename to mysql/8.0.Dockerfile diff --git a/mysql/8.4.dockerfile b/mysql/8.4.Dockerfile similarity index 100% rename from mysql/8.4.dockerfile rename to mysql/8.4.Dockerfile diff --git a/php/8.2.dockerfile b/php/8.2.Dockerfile similarity index 100% rename from php/8.2.dockerfile rename to php/8.2.Dockerfile diff --git a/postgres/12.dockerfile b/postgres/12.Dockerfile similarity index 100% rename from postgres/12.dockerfile rename to postgres/12.Dockerfile diff --git a/postgres/14.dockerfile b/postgres/14.Dockerfile similarity index 100% rename from postgres/14.dockerfile rename to postgres/14.Dockerfile diff --git a/solr/8.dockerfile b/solr/8.Dockerfile similarity index 100% rename from solr/8.dockerfile rename to solr/8.Dockerfile From b954e6e29c92b6bdbc18946bf0e715d96c876e7d Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Mon, 8 Jul 2024 08:57:04 +0200 Subject: [PATCH 21/22] fix: keep curl instead of wget --- php/8.2.Dockerfile | 4 ++-- php/Dockerfile | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/php/8.2.Dockerfile b/php/8.2.Dockerfile index 8d3fe99..454c745 100644 --- a/php/8.2.Dockerfile +++ b/php/8.2.Dockerfile @@ -31,12 +31,12 @@ RUN apt-get update && \ apt-transport-https\ libfcgi-bin \ ca-certificates \ - wget \ + curl \ gnupg2 \ locales RUN echo 'deb [signed-by=/usr/share/keyrings/tideways.gpg] https://packages.tideways.com/apt-packages-main any-version main' | tee /etc/apt/sources.list.d/tideways.list && \ - wget -qO - 'https://packages.tideways.com/key.gpg' | gpg --dearmor | tee /usr/share/keyrings/tideways.gpg > /dev/null + curl -L -sS 'https://packages.tideways.com/key.gpg' | gpg --dearmor | tee /usr/share/keyrings/tideways.gpg > /dev/null RUN add-apt-repository ppa:ondrej/php -y diff --git a/php/Dockerfile b/php/Dockerfile index e893379..8ef9a74 100644 --- a/php/Dockerfile +++ b/php/Dockerfile @@ -29,12 +29,12 @@ RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ libfcgi-bin \ ca-certificates \ - wget \ + curl \ gnupg2 \ locales RUN echo 'deb [signed-by=/usr/share/keyrings/tideways.gpg] https://packages.tideways.com/apt-packages-main any-version main' | tee /etc/apt/sources.list.d/tideways.list && \ - wget -qO - 'https://packages.tideways.com/key.gpg' | gpg --dearmor | tee /usr/share/keyrings/tideways.gpg > /dev/null + curl -L -sS 'https://packages.tideways.com/key.gpg' | gpg --dearmor | tee /usr/share/keyrings/tideways.gpg > /dev/null RUN apt-get update && \ apt-get -y install --no-install-suggests --no-install-recommends \ From ae39b64f0d0276da749f271450ad98a7dab08565 Mon Sep 17 00:00:00 2001 From: Sascha Nowak Date: Mon, 8 Jul 2024 08:57:22 +0200 Subject: [PATCH 22/22] feat: Add workflows for postgres and solr --- .github/workflows/postgres.yml | 71 ++++++++++++++++++++++++++++++++++ .github/workflows/solr.yml | 70 +++++++++++++++++++++++++++++++++ postgres/12.Dockerfile | 2 +- postgres/14.Dockerfile | 2 +- postgres/Dockerfile | 2 +- solr/8.Dockerfile | 2 +- solr/Dockerfile | 2 +- 7 files changed, 146 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/postgres.yml create mode 100644 .github/workflows/solr.yml diff --git a/.github/workflows/postgres.yml b/.github/workflows/postgres.yml new file mode 100644 index 0000000..24089d2 --- /dev/null +++ b/.github/workflows/postgres.yml @@ -0,0 +1,71 @@ +name: 'Build postgres docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - postgres/** + pull_request: + branches: + - main + paths: + - postgres/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build postgres-${{ matrix.image.version }} docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - file: 12.Dockerfile + - file: 14.Dockerfile + - file: Dockerfile + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./postgres/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (postgres-fpm) + uses: docker/build-push-action@v6 + with: + builder: ${{ steps.buildx.outputs.name }} + context: ./postgres + target: postgres + file: ./postgres/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/postgres:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-postgres + cache-to: type=gha, scope=${{ github.workflow }}-postgres, mode=max + diff --git a/.github/workflows/solr.yml b/.github/workflows/solr.yml new file mode 100644 index 0000000..45d552b --- /dev/null +++ b/.github/workflows/solr.yml @@ -0,0 +1,70 @@ +name: 'Build solr docker image' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + schedule: + - cron: 0 7 * * THU + push: + branches: + - main + paths: + - solr/** + pull_request: + branches: + - main + paths: + - solr/** + workflow_dispatch: + inputs: {} + +jobs: + build-docker-image: + name: 'Build solr-${{ matrix.image.version }} docker image' + runs-on: ubuntu-latest + + strategy: + fail-fast: false + max-parallel: 10 + matrix: + image: + - file: 8.Dockerfile + - file: Dockerfile + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Read version from Dockerfile + id: docker + run: echo "version=$(./extract-version.sh ./solr/Dockerfile)" >> $GITHUB_OUTPUT + + - name: Login to GHCR + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push (solr-fpm) + uses: docker/build-push-action@v6 + with: + builder: ${{ steps.buildx.outputs.name }} + context: ./solr + target: solr + file: ./solr/${{ matrix.image.file || 'Dockerfile' }} + push: ${{ github.event_name != 'pull_request' }} + tags: ghcr.io/netlogix/docker/solr:${{ steps.docker.outputs.version }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha, scope=${{ github.workflow }}-solr + cache-to: type=gha, scope=${{ github.workflow }}-solr, mode=max + diff --git a/postgres/12.Dockerfile b/postgres/12.Dockerfile index 14b74da..86c31f7 100644 --- a/postgres/12.Dockerfile +++ b/postgres/12.Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM postgres:12.19 AS database +FROM postgres:12.19 AS postgres ENV TZ="Europe/Berlin" diff --git a/postgres/14.Dockerfile b/postgres/14.Dockerfile index aca6fa9..15af7f9 100644 --- a/postgres/14.Dockerfile +++ b/postgres/14.Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM postgres:14.12 AS database +FROM postgres:14.12 AS postgres ENV TZ="Europe/Berlin" diff --git a/postgres/Dockerfile b/postgres/Dockerfile index fa649a8..e5b7b02 100644 --- a/postgres/Dockerfile +++ b/postgres/Dockerfile @@ -1,5 +1,5 @@ # syntax=docker/dockerfile:1 -FROM postgres:16.3 AS database +FROM postgres:16.3 AS postgres ENV TZ="Europe/Berlin" diff --git a/solr/8.Dockerfile b/solr/8.Dockerfile index 8aac087..9936bfa 100644 --- a/solr/8.Dockerfile +++ b/solr/8.Dockerfile @@ -17,7 +17,7 @@ RUN sed -i "s|name=core_|name=website-|i" /tmp/solr/Resources/Private/Solr/cores && cd /tmp/solr/Resources/Private/Solr/configsets/ext_solr_11_5_0/conf \ && for f in _schema_analysis_*_core_*.json; do mv "$f" "$(echo "$f" | sed s/core_/website-/)"; done -FROM solr:8.11.3 +FROM solr:8.11.3 AS solr ENV SOLR_LOG_LEVEL=WARN \ SOLR_PORT=8983 \ diff --git a/solr/Dockerfile b/solr/Dockerfile index 8c08474..d23ab9f 100644 --- a/solr/Dockerfile +++ b/solr/Dockerfile @@ -15,7 +15,7 @@ RUN apt-get update && \ mkdir -p /tmp/solr && \ tar -zxvf /tmp/solr.tar.gz -C /tmp/solr --strip-components=1; -FROM solr:9.5.0 +FROM solr:9.5.0 AS solr ENV TERM=linux \ SOLR_LOG_LEVEL=WARN \ SOLR_PORT=8983 \