Add all-in-one docker configuration

README.md

@@ -25,3 +25,28 @@ This extension is translated in French and English.
 - `LDAP user mail field`: name of the field containing the user's email address. The extension will use the first email found for the user's registration in Flarum.
 - `LDAP username field`: name of the field containing the username that uniquely identifies the user. Can be `uid` or `sAMAccountname`, for example.
 - `Disable Flarum login and only use LDAP authentication`: merely hides the standard login links and buttons. Users can still use the standard login method through the API.
+
+## Development (With docker)
+
+- Clone the repository
+- Copy docker.conf : `cp docker/.docker.conf.dist docker/.docker.conf`
+- Change UID in `docker/.docker.conf` if needed.
+- Start dockers : `./install.sh install`
+- Open http://flarum.localhost
+  * MySQL host: mysql
+  * MySQL DB: flarum
+  * MySQL user: flarum
+  * MySQL password: flarum
+- Go to Admin panel and enable extension
+  * LDAP domain: ldap
+  * LDAP DN: dc=flarum,dc=com
+  * Check connect with Ldap admin
+  * LDAP admin: cn=admin,dc=flarum,dc=com
+  * LDAP admin password: flarum
+  * LDAP search user fields: cn,mail
+  * LDAP user mail: mail
+  * LDAP user username: cn
+- Add and user on : http://localhost:8081/
+  * Login: cn=admin,dc=flarum,dc=com
+  * Password: flarum
+  * Create a new entry -> Default -> inetOrgPerson

docker/.docker.conf.dist

@@ -0,0 +1,12 @@
+# Docker conf
+UID=1000
+
+#MYSQL
+MYSQL_ROOT_PASSWORD=root
+MYSQL_DATABASE=flarum
+MYSQL_USER=flarum
+MYSQL_PASSWORD=flarum
+
+#PMA
+PMA_HOST=mysql
+PMA_PORT=3306

docker/docker-compose.yml

@@ -0,0 +1,82 @@
+---
+version: '3.7'
+services:
+  nginx:
+    build: services/nginx
+    links:
+      - php
+    networks:
+      - flarum
+    volumes:
+      - ../:/var/www/:cached
+    ports:
+      - "80:80"
+
+  php:
+    # uncomment for use local docker configuration
+    # build:
+    #   context: services/php-fpm
+    image: scodazzi/php-flarum:7.4
+    user: ${UID}:${UID}
+    working_dir: /var/www
+    env_file:
+      - ./.docker.conf
+    links:
+      - mysql
+      - ldap
+    networks:
+      - flarum
+    volumes:
+      - ../:/var/www:cached
+    expose:
+      - "9000"
+
+  mysql:
+    image: mariadb:10.3
+    networks:
+      - flarum
+    expose:
+      - "3306"
+    env_file:
+      - ./.docker.conf
+
+  phpmyadmin:
+    image: phpmyadmin/phpmyadmin
+    ports:
+      - 8080:80
+    links:
+      - mysql
+    networks:
+      - flarum
+    env_file:
+      - ./.docker.conf
+
+  ldap:
+    image: osixia/openldap
+    networks:
+      - flarum
+    expose:
+      - "389"
+      - "636"
+    ports:
+      - "389:389"
+    environment:
+      LDAP_ORGANISATION: "Flarum organisation"
+      LDAP_DOMAIN: "flarum.com"
+      LDAP_ADMIN_PASSWORD: "flarum"
+      # Default DN = cn=admin,dc=flarum,dc=com
+
+  ldapadmin:
+    image: osixia/phpldapadmin
+    networks:
+      - flarum
+    environment:
+      PHPLDAPADMIN_LDAP_HOSTS: "ldap"
+      PHPLDAPADMIN_HTTPS: "false"
+    ports:
+      - "8081:80"
+    links:
+      - "ldap"
+
+networks:
+  flarum:

docker/install-flarum.sh

@@ -0,0 +1,10 @@
+rm -rf /var/www/flarum
+mkdir /var/www/flarum
+cd /var/www/flarum || exit
+echo "Installing Flarum ..."
+composer create-project --stability=dev flarum/flarum .
+composer config minimum-stability dev
+
+echo "Installing LDAP extension ..."
+composer config repositories.repo-name path /var/www
+composer require tituspijean/flarum-ext-auth-ldap

docker/services/nginx/Dockerfile

@@ -0,0 +1,15 @@
+FROM alpine:3.8
+
+RUN apk add --update nginx
+RUN rm -rf /var/cache/apk/* && rm -rf /tmp/*
+
+ADD nginx.conf /etc/nginx/
+ADD conf.d /etc/nginx/conf.d/
+
+RUN adduser -D -g '' -G www-data www-data
+RUN chown -R www-data:www-data /var/tmp/nginx
+
+EXPOSE 80
+EXPOSE 443
+
+CMD ["nginx"]

docker/services/nginx/conf.d/flarum.conf

@@ -0,0 +1,84 @@
+server {
+    server_name flarum.localhost nginx;
+    root /var/www/flarum/public;
+    index index.php;
+
+    # Pass requests that don't refer directly to files in the filesystem to index.php
+    location / {
+      try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    # The following directives are based on best practices from H5BP Nginx Server Configs
+    # https://github.com/h5bp/server-configs-nginx
+
+    # Expire rules for static content
+    location ~* \.(?:manifest|appcache|html?|xml|json)$ {
+      add_header Cache-Control "max-age=0";
+    }
+
+    location ~* \.(?:rss|atom)$ {
+      add_header Cache-Control "max-age=3600";
+    }
+
+    location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|mp4|ogg|ogv|webm|htc)$ {
+      add_header Cache-Control "max-age=2592000";
+      access_log off;
+    }
+
+    location ~* \.(?:css|js)$ {
+      add_header Cache-Control "max-age=31536000";
+      access_log off;
+    }
+
+    location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
+      add_header Cache-Control "max-age=2592000";
+      access_log off;
+    }
+
+    # Gzip compression
+    gzip on;
+    gzip_comp_level 5;
+    gzip_min_length 256;
+    gzip_proxied any;
+    gzip_vary on;
+    gzip_types
+        application/atom+xml
+        application/javascript
+        application/json
+        application/ld+json
+        application/manifest+json
+        application/rss+xml
+        application/vnd.geo+json
+        application/vnd.ms-fontobject
+        application/x-font-ttf
+        application/x-web-app-manifest+json
+        application/xhtml+xml
+        application/xml
+        font/opentype
+        image/bmp
+        image/svg+xml
+        image/x-icon
+        text/cache-manifest
+        text/css
+        text/plain
+        text/vcard
+        text/vnd.rim.location.xloc
+        text/vtt
+        text/x-component
+        text/x-cross-domain-policy;
+
+    location ~ \.php$ {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto https;
+
+        fastcgi_pass php:9000;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_log /dev/stderr;
+    access_log /dev/stdout;
+}

docker/services/nginx/nginx.conf

@@ -0,0 +1,36 @@
+user www-data;
+worker_processes 4;
+pid /run/nginx.pid;
+
+events {
+  worker_connections  2048;
+  multi_accept on;
+  use epoll;
+}
+
+http {
+    server_tokens off;
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 15;
+    types_hash_max_size 2048;
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    access_log off;
+    error_log off;
+    gzip on;
+    gzip_disable "msie6";
+    include /etc/nginx/conf.d/*;
+    open_file_cache max=100;
+    client_max_body_size 1024M;
+
+    # kill cache
+    add_header Last-Modified $date_gmt;
+    add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+    if_modified_since off;
+    expires off;
+    etag off;
+}
+
+daemon off;

docker/services/php-fpm/Dockerfile

@@ -0,0 +1,66 @@
+FROM php:7.4-fpm
+
+RUN groupadd dev
+RUN useradd dev -g dev -d /home/dev -m
+
+# For upgrade PHP : https://github.com/chialab/docker-php/
+
+# Install PHP extensions and PECL modules.
+RUN buildDeps=" \
+        default-libmysqlclient-dev \
+        libbz2-dev \
+        libmemcached-dev \
+        libsasl2-dev \
+    " \
+    runtimeDeps=" \
+        curl \
+        git \
+        libfreetype6-dev \
+        libicu-dev \
+        libjpeg-dev \
+        libldap2-dev \
+        libmemcachedutil2 \
+        libpng-dev \
+        libpq-dev \
+        libxml2-dev \
+        libzip-dev \
+        libonig-dev \
+    " \
+    && apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y $buildDeps $runtimeDeps \
+    && docker-php-ext-install bcmath bz2 calendar iconv intl mbstring mysqli opcache pdo_mysql pdo_pgsql pgsql soap zip \
+    && docker-php-ext-configure gd --with-freetype --with-jpeg \
+    && docker-php-ext-install gd \
+    && docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ \
+    && docker-php-ext-install ldap \
+    && docker-php-ext-install exif \
+    && pecl install memcached redis \
+    && docker-php-ext-enable memcached.so redis.so \
+    && apt-get purge -y --auto-remove $buildDeps \
+    && rm -r /var/lib/apt/lists/*
+
+### COMMON EXT
+RUN apt-get update && apt-get install -y --no-install-recommends wget zip unzip dnsutils libzip-dev \
+    gnupg gnupg1 gnupg2 rsync bzip2 openssh-client ssh whois ntp
+
+### XDEBUG
+RUN apt-get update && pecl install xdebug && docker-php-ext-enable xdebug.so
+
+# COMPOSER
+RUN curl -sSk https://getcomposer.org/installer | php -- --disable-tls && \
+    mv composer.phar /usr/local/bin/composer && \
+    rm -rf /var/lib/apt/lists/*
+RUN composer --global config process-timeout 6000
+
+### Move php.ini
+COPY php.ini /usr/local/etc/php/
+COPY php-fpm-pool.conf /usr/local/etc/php-fpm.d/www.conf
+
+### NODEJS
+RUN curl -sL https://deb.nodesource.com/setup_12.x | bash - && apt-get install -y nodejs build-essential
+
+# FIX FILES
+RUN mkdir /.composer && chmod -R 777 /.composer && \
+    mkdir /.npm && chmod -R 777 /.npm && \
+    mkdir /.config && chmod -R 777 /.config
+
+CMD ["php-fpm"]

docker/services/php-fpm/php-fpm-pool.conf

@@ -0,0 +1,53 @@
+; Start a new pool named 'www'.
+; the variable $pool can we used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Unix user/group of processes
+user = dev
+group = dev
+
+; The address on which to accept FastCGI requests.
+listen = 0.0.0.0:9000
+
+; Set listen(2) backlog.
+listen.backlog = 1023
+
+; Choose how the process manager will control the number of child processes.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+pm.max_children = 8
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+pm.status_path = /php-fpm-status
+ping.path = /php-fpm-ping
+
+; The timeout for serving a single request after which the worker process will be killed. 
+request_terminate_timeout = 5m
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+chdir = /
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+catch_workers_output = yes