From f7e555c8a65c5935c49b0001415ce0d0ac871dba Mon Sep 17 00:00:00 2001 From: Homer Date: Mon, 2 Jul 2018 13:14:09 +0100 Subject: [PATCH] Initial upload First upload to Github --- .dockerignore | 6 ++ .gitattributes | 15 +++++ .gitignore | 43 +++++++++++++++ Dockerfile | 72 ++++++++++++++++++++++++ README.md | 90 ++++++++++++++++++++++++++++++ root/defaults/default | 39 +++++++++++++ root/defaults/nginx.conf | 98 +++++++++++++++++++++++++++++++++ root/etc/cont-init.d/50-config | 48 ++++++++++++++++ root/etc/services.d/php-fpm/run | 3 + 9 files changed, 414 insertions(+) create mode 100644 .dockerignore create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 README.md create mode 100644 root/defaults/default create mode 100644 root/defaults/nginx.conf create mode 100644 root/etc/cont-init.d/50-config create mode 100644 root/etc/services.d/php-fpm/run diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..cdb1a82 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,6 @@ +.git +.gitignore +.github +.gitattributes +READMETEMPLATE.md +README.md diff --git a/.gitattributes b/.gitattributes index dfe0770..bdb0cab 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,17 @@ # Auto detect text files and perform LF normalization * text=auto + +# Custom for Visual Studio +*.cs diff=csharp + +# Standard to msysgit +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..96374c4 --- /dev/null +++ b/.gitignore @@ -0,0 +1,43 @@ +# Windows image file caches +Thumbs.db +ehthumbs.db + +# Folder config file +Desktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msm +*.msp + +# Windows shortcuts +*.lnk + +# ========================= +# Operating System Files +# ========================= + +# OSX +# ========================= + +.DS_Store +.AppleDouble +.LSOverride + +# Thumbnails +._* + +# Files that might appear on external disk +.Spotlight-V100 +.Trashes + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..acbd3b5 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,72 @@ +# using ideas/code from other sparklyballs templates +# set variable to get archive based on github api data (sparklyballs heimdall inspiration) + +FROM lsiobase/alpine.nginx:3.7 + +# set version label +ARG BUILD_DATE +ARG VERSION +LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" +LABEL maintainer="homerr" + +# install packages +RUN \ +echo "**** install build packages ****" && \ +apk add --no-cache \ + curl \ + php7-openssl \ + php7-pdo_mysql \ + php7-mbstring \ + php7-tidy \ + php7-phar \ + php7-dom \ + php7-tokenizer \ + php7-gd \ + php7-mysqlnd \ + php7-tidy \ + php7-simplexml \ + tar && \ + +echo "**** configure php-fpm to pass env vars ****" && \ + sed -i \ + 's/;clear_env = no/clear_env = no/g' \ + /etc/php7/php-fpm.d/www.conf && \ + echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php7/php-fpm.conf && \ + +echo "**** get bookstack ****" && \ + +BSAPP_VER="$(curl -sX GET https://api.github.com/repos/BookStackApp/BookStack/releases/latest | grep 'tag_name' | cut -d\" -f4)" && \ + +mkdir -p\ + /var/www/html && \ + +curl -o \ +/tmp/bookstack.tar.gz -L \ + "https://github.com/BookStackApp/BookStack/archive/${BSAPP_VER}.tar.gz" && \ + +tar xf \ +/tmp/bookstack.tar.gz -C \ + /var/www/html/ --strip-components=1 && \ + +cp /var/www/html/.env.example /var/www/html/.env && \ + +echo "**** get composer ****" && \ + +cd /tmp && \ + curl -sS https://getcomposer.org/installer | php && \ + mv /tmp/composer.phar /usr/local/bin/composer && \ + +echo "**** run composer install ****" + +composer install -d /var/www/html/ && \ + +echo "**** cleanup ****" && \ +rm -rf \ + /root/.composer \ + /tmp/* + +# copy local files +COPY root/ / + +# ports and volumes +VOLUME /config diff --git a/README.md b/README.md new file mode 100644 index 0000000..fdbfff5 --- /dev/null +++ b/README.md @@ -0,0 +1,90 @@ +[linuxserverurl]: https://linuxserver.io +[forumurl]: https://forum.linuxserver.io +[ircurl]: https://www.linuxserver.io/irc/ +[podcasturl]: https://www.linuxserver.io/podcast/ +[appurl]: https://github.com/linuxserver/Heimdall +[hub]: https://hub.docker.com/r/linuxserver/heimdall/ + +[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] + +The [LinuxServer.io][linuxserverurl] team brings you another container release featuring easy user mapping and community support. Find us for support at: +* [forum.linuxserver.io][forumurl] +* [IRC][ircurl] on freenode at `#linuxserver.io` +* [Podcast][podcasturl] covers everything to do with getting the most from your Linux Server plus a focus on all things Docker and containerisation! + +# linuxserver/heimdall +[![](https://images.microbadger.com/badges/version/linuxserver/heimdall.svg)](https://microbadger.com/images/linuxserver/heimdall "Get your own version badge on microbadger.com")[![](https://images.microbadger.com/badges/image/linuxserver/heimdall.svg)](https://microbadger.com/images/linuxserver/heimdall "Get your own image badge on microbadger.com")[![Docker Pulls](https://img.shields.io/docker/pulls/linuxserver/heimdall.svg)][hub][![Docker Stars](https://img.shields.io/docker/stars/linuxserver/heimdall.svg)][hub][![Build Status](https://ci.linuxserver.io/buildStatus/icon?job=Docker-Builders/x86-64/x86-64-heimdall)](https://ci.linuxserver.io/job/Docker-Builders/job/x86-64/job/x86-64-heimdall/) + +Heimdall is a way to organise all those links to your most used web sites and web applications in a simple way. + +Simplicity is the key to Heimdall. + +Why not use it as your browser start page? It even has the ability to include a search bar using either Google, Bing or DuckDuckGo. + +[![heimdall](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/heimdall-banner.png)][appurl] + +## Usage + +``` +docker create \ +--name=heimdall \ +-v :/config \ +-e PGID= -e PUID= \ +-p 80:80 -p 443:443 \ +-e TZ= \ +linuxserver/heimdall +``` + +## Parameters + +`The parameters are split into two halves, separated by a colon, the left hand side representing the host and the right the container side. +For example with a port -p external:internal - what this shows is the port mapping from internal to external of the container. +So -p 8080:80 would expose port 80 from inside the container to be accessible from the host's IP on port 8080 +http://192.168.x.x:8080 would show you what's running INSIDE the container on port 80.` + + +* `-p 80` - The web-services. +* `-p 443` - The SSL-Based Webservice +* `-v /config` - Contains your www content and all relevant configuration files. +* `-e PGID` for GroupID - see below for explanation +* `-e PUID` for UserID - see below for explanation +* `-e TZ` - timezone ie. `America/New_York` + +It is based on alpine linux with s6 overlay, for shell access whilst the container is running do `docker exec -it heimdall /bin/bash`. + +### User / Group Identifiers + +Sometimes when using data volumes (`-v` flags) permissions issues can arise between the host OS and the container. We avoid this issue by allowing you to specify the user `PUID` and group `PGID`. Ensure the data volume directory on the host is owned by the same user you specify and it will "just work" ™. + +In this instance `PUID=1001` and `PGID=1001`. To find yours use `id user` as below: + +``` + $ id + uid=1001(dockeruser) gid=1001(dockergroup) groups=1001(dockergroup) +``` + +## Setting up the application + +Access the web gui at http://SERVERIP:PORT + +## Adding password protection + +This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd `. Replace with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place. + +## Info + +* To monitor the logs of the container in realtime `docker logs -f heimdall`. + + +* container version number + +`docker inspect -f '{{ index .Config.Labels "build_version" }}' heimdall` + +* image version number + +`docker inspect -f '{{ index .Config.Labels "build_version" }}' linuxserver/heimdall` + +## Versions + ++ **06.03.18:** Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place ++ **12.02.18:** Initial Release. diff --git a/root/defaults/default b/root/defaults/default new file mode 100644 index 0000000..da56e4c --- /dev/null +++ b/root/defaults/default @@ -0,0 +1,39 @@ +## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default + +server { + listen 80 default_server; + + listen 443 ssl; + + root /var/www/html/public; + index index.php index.html index.htm; + + server_name _; + + ssl_certificate /config/keys/cert.crt; + ssl_certificate_key /config/keys/cert.key; + + client_max_body_size 0; + + error_page 599 = @noauth; + + location @noauth { + try_files $uri $uri/ /index.php?$args; + } + + location / { + try_files $uri $uri/ /index.php?$query_string; + + } + + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + # With php5-cgi alone: + fastcgi_pass 127.0.0.1:9000; + # With php5-fpm: + #fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + + } +} diff --git a/root/defaults/nginx.conf b/root/defaults/nginx.conf new file mode 100644 index 0000000..70e8488 --- /dev/null +++ b/root/defaults/nginx.conf @@ -0,0 +1,98 @@ +user abc; +worker_processes 4; +pid /run/nginx.pid; +include /etc/nginx/modules/*.conf; + +events { + worker_connections 768; + # multi_accept on; +} + +http { + + ## + # Basic Settings + ## + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + # server_tokens off; + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + client_max_body_size 0; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # Logging Settings + ## + + access_log /config/log/nginx/access.log; + error_log /config/log/nginx/error.log; + + ## + # Gzip Settings + ## + + gzip on; + gzip_disable "msie6"; + + # gzip_vary on; + # gzip_proxied any; + # gzip_comp_level 6; + # gzip_buffers 16 8k; + # gzip_http_version 1.1; + # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; + + ## + # nginx-naxsi config + ## + # Uncomment it if you installed nginx-naxsi + ## + + #include /etc/nginx/naxsi_core.rules; + + ## + # nginx-passenger config + ## + # Uncomment it if you installed nginx-passenger + ## + + #passenger_root /usr; + #passenger_ruby /usr/bin/ruby; + + ## + # Virtual Host Configs + ## + include /etc/nginx/conf.d/*.conf; + include /config/nginx/site-confs/*; +} + + +#mail { +# # See sample authentication script at: +# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript +# +# # auth_http localhost/auth.php; +# # pop3_capabilities "TOP" "USER"; +# # imap_capabilities "IMAP4rev1" "UIDPLUS"; +# +# server { +# listen localhost:110; +# protocol pop3; +# proxy on; +# } +# +# server { +# listen localhost:143; +# protocol imap; +# proxy on; +# } +#} +daemon off; diff --git a/root/etc/cont-init.d/50-config b/root/etc/cont-init.d/50-config new file mode 100644 index 0000000..33f5fd8 --- /dev/null +++ b/root/etc/cont-init.d/50-config @@ -0,0 +1,48 @@ +#!/usr/bin/with-contenv bash + +# create folders +mkdir -p \ + /config/storage \ + /config/uploads + +# make symlinks +[[ ! -L /var/www/html/storage ]] && \ + ln -sf /config/storage /var/www/html/storage +[[ ! -L /var/www/html/public/uploads ]] && \ + ln -sf /config/uploads /var/www/html/public/uploads + +for i in "${symlinks[@]}" +do +[[ -e "$i" && ! -L "$i" ]] && rm -rf "$i" +[[ ! -L "$i" ]] && ln -s /config/www/"$(basename "$i")" "$i" +done + +# Create API key if needed - taken from https://github.com/linuxserver/docker-snipe-it/blob/master/root/etc/cont-init.d/40-config courtesy of thelamer +if [ ! -f "/config/www" ] +then + echo "Generating BookStack app key for first run" + key=$(php /var/www/html/artisan key:generate --show) + echo $key > /config/BOOKSTACK_APP_KEY.txt + echo "App Key set to $key you can modify the file to update /config/BOOKSTACK_APP_KEY.txt" +fi + +# set up .env + +sed -i "s/APP_KEY=SomeRandomString/APP_KEY=$key/g" /var/www/html/.env + +sed -i "s/DB_HOST=localhost/DB_HOST=${DB_HOST}/g" /var/www/html/.env + +sed -i "s/DB_DATABASE=database_database/DB_DATABASE=${DB_DATABASE}/g" /var/www/html/.env + +sed -i "s/DB_USERNAME=database_username/DB_USER=${DB_USER}/g" /var/www/html/.env + +sed -i "s/DB_PASSWORD=database_user_password/DB_PASSWORD=${DB_PASS}/g" /var/www/html/.env + +# update database - will set up database if fresh, or, migrate existing + +php /var/www/html/artisan migrate --force + +# set file permissions permissions +chown -R abc:abc \ + /config \ + /var/www/ diff --git a/root/etc/services.d/php-fpm/run b/root/etc/services.d/php-fpm/run new file mode 100644 index 0000000..29ad5cb --- /dev/null +++ b/root/etc/services.d/php-fpm/run @@ -0,0 +1,3 @@ +#!/usr/bin/with-contenv bash +export APP_KEY=$(cat /config/BOOKSTACK_APP_KEY.txt) +exec /usr/sbin/php-fpm7 -F