LAB-linuxserver/docker-grav
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-grav.git synced 2026-02-20 08:41:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9 from linuxserver/standard-base

Browse Source 
Standard base
This commit is contained in:
Eric Nemchik 2022-08-22 08:08:07 -05:00 committed by GitHub
commit 6d26f7ffe4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 246 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
Dockerfile
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.15
ARG BUILD_DATE
ARG VERSION
@ -7,42 +7,60 @@ LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DA
LABEL maintainer="TheSpad"
RUN \
apk add --update --no-cache \
curl \
composer \
php7-dom \
php7-gd \
php7-tokenizer \
php7-opcache \
php7-pecl-apcu \
php7-pecl-yaml \
php7-intl \
php7-redis \
echo "**** install runtime packages ****" && \
apk add --no-cache \
busybox-suid \
composer \
curl \
php8-ctype \
php8-curl \
php8-dom \
php8-gd \
php8-intl \
php8-json \
php8-mbstring \
php8-opcache \
php8-openssl \
php8-pecl-apcu \
php8-pecl-yaml \
php8-phar \
php8-redis \
php8-session \
php8-simplexml \
php8-tokenizer \
php8-xml \
php8-zip \
unzip && \
echo "**** setup php opcache ****" && \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.enable_cli=1'; \
} > /etc/php7/conf.d/php-opcache.ini && \
} > /etc/php8/conf.d/php-opcache.ini && \
if [ -z ${GRAV_RELEASE+x} ]; then \
GRAV_RELEASE=$(curl -sX GET "https://api.github.com/repos/getgrav/grav/releases/latest" \
| awk '/tag_name/{print $4;exit}' FS='[""]'); \
fi && \
echo "*** Installing Grav ***" && \
mkdir -p \
/app/www/public && \
curl -o \
/tmp/grav.zip -L \
"https://github.com/getgrav/grav/releases/download/${GRAV_RELEASE}/grav-admin-v${GRAV_RELEASE}.zip" && \
unzip -q \
/tmp/grav.zip -d /app && \
echo "*** Cleaning Up ***" && \
/tmp/grav.zip -d /tmp/grav && \
mv /tmp/grav/grav-admin/* /app/www/public/ && \
echo "**** cleanup ****" && \
rm -rf \
/root/.composer \
/root/.cache \
/tmp/*
# copy local files
COPY root/ /
EXPOSE 80
# ports and volumes
EXPOSE 80 443
VOLUME /config

52
Dockerfile.aarch64
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.15
ARG BUILD_DATE
ARG VERSION
@ -7,42 +7,60 @@ LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DA
LABEL maintainer="TheSpad"
RUN \
apk add --update --no-cache \
curl \
composer \
php7-dom \
php7-gd \
php7-tokenizer \
php7-opcache \
php7-pecl-apcu \
php7-pecl-yaml \
php7-intl \
php7-redis \
echo "**** install runtime packages ****" && \
apk add --no-cache \
busybox-suid \
composer \
curl \
php8-ctype \
php8-curl \
php8-dom \
php8-gd \
php8-intl \
php8-json \
php8-mbstring \
php8-opcache \
php8-openssl \
php8-pecl-apcu \
php8-pecl-yaml \
php8-phar \
php8-redis \
php8-session \
php8-simplexml \
php8-tokenizer \
php8-xml \
php8-zip \
unzip && \
echo "**** setup php opcache ****" && \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.enable_cli=1'; \
} > /etc/php7/conf.d/php-opcache.ini && \
} > /etc/php8/conf.d/php-opcache.ini && \
if [ -z ${GRAV_RELEASE+x} ]; then \
GRAV_RELEASE=$(curl -sX GET "https://api.github.com/repos/getgrav/grav/releases/latest" \
| awk '/tag_name/{print $4;exit}' FS='[""]'); \
fi && \
echo "*** Installing Grav ***" && \
mkdir -p \
/app/www/public && \
curl -o \
/tmp/grav.zip -L \
"https://github.com/getgrav/grav/releases/download/${GRAV_RELEASE}/grav-admin-v${GRAV_RELEASE}.zip" && \
unzip -q \
/tmp/grav.zip -d /app && \
echo "*** Cleaning Up ***" && \
/tmp/grav.zip -d /tmp/grav && \
mv /tmp/grav/grav-admin/* /app/www/public/ && \
echo "**** cleanup ****" && \
rm -rf \
/root/.composer \
/root/.cache \
/tmp/*
# copy local files
COPY root/ /
EXPOSE 80
# ports and volumes
EXPOSE 80 443
VOLUME /config

52
Dockerfile.armhf
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.15
ARG BUILD_DATE
ARG VERSION
@ -7,42 +7,60 @@ LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DA
LABEL maintainer="TheSpad"
RUN \
apk add --update --no-cache \
curl \
composer \
php7-dom \
php7-gd \
php7-tokenizer \
php7-opcache \
php7-pecl-apcu \
php7-pecl-yaml \
php7-intl \
php7-redis \
echo "**** install runtime packages ****" && \
apk add --no-cache \
busybox-suid \
composer \
curl \
php8-ctype \
php8-curl \
php8-dom \
php8-gd \
php8-intl \
php8-json \
php8-mbstring \
php8-opcache \
php8-openssl \
php8-pecl-apcu \
php8-pecl-yaml \
php8-phar \
php8-redis \
php8-session \
php8-simplexml \
php8-tokenizer \
php8-xml \
php8-zip \
unzip && \
echo "**** setup php opcache ****" && \
{ \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.enable_cli=1'; \
} > /etc/php7/conf.d/php-opcache.ini && \
} > /etc/php8/conf.d/php-opcache.ini && \
if [ -z ${GRAV_RELEASE+x} ]; then \
GRAV_RELEASE=$(curl -sX GET "https://api.github.com/repos/getgrav/grav/releases/latest" \
| awk '/tag_name/{print $4;exit}' FS='[""]'); \
fi && \
echo "*** Installing Grav ***" && \
mkdir -p \
/app/www/public && \
curl -o \
/tmp/grav.zip -L \
"https://github.com/getgrav/grav/releases/download/${GRAV_RELEASE}/grav-admin-v${GRAV_RELEASE}.zip" && \
unzip -q \
/tmp/grav.zip -d /app && \
echo "*** Cleaning Up ***" && \
/tmp/grav.zip -d /tmp/grav && \
mv /tmp/grav/grav-admin/* /app/www/public/ && \
echo "**** cleanup ****" && \
rm -rf \
/root/.composer \
/root/.cache \
/tmp/*
# copy local files
COPY root/ /
EXPOSE 80
# ports and volumes
EXPOSE 80 443
VOLUME /config

3
README.md
View File

@ -223,6 +223,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **03.09.21** - Added support for Redis caching.
* **20.08.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)).
* **03.09.21:** - Added support for Redis caching.
* **01.07.21:** - Rebase to Alpine 3.14.
* **09.04.21:** - Initial Release.

3
readme-vars.yml
View File

@ -40,6 +40,7 @@ app_setup_block: |
# changelog
changelogs:
- { date: "03.09.21", desc: "Added support for Redis caching."}
- { date: "20.08.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
- { date: "03.09.21:", desc: "Added support for Redis caching."}
- { date: "01.07.21:", desc: "Rebase to Alpine 3.14." }
- { date: "09.04.21:", desc: "Initial Release." }

40
root/app/grav-admin/index.html Normal file
View File

@ -0,0 +1,40 @@
<html>
<head>
<title>Upgrade Required!</title>
<style>
body{
font-family: Helvetica, Arial, sans-serif;
}
.message{
width:440px;
padding:20px 40px;
margin:0 auto;
background-color:#f9f9f9;
border:1px solid #ddd;
color: #1e3d62;
}
center{
margin:40px 0;
}
h1{
font-size: 18px;
line-height: 26px;
}
p{
font-size: 12px;
}
a{
color: rgb(207, 48, 139);
}
</style>
</head>
<body>
<div class="message">
<h1>Upgrade Required!</h1>
<p>The application inside this image has been moved to a new folder.</p>
<p>You will need to update your <strong>/config/nginx/nginx.conf</strong> and <strong>/config/nginx/site-confs/default.conf</strong> in order for the application to work.</p>
<p>New config samples are located at <strong>/config/nginx/nginx.conf.sample</strong> and <strong>/config/nginx/site-confs/default.conf.sample</strong></p>
<p>Please review our announcement: <a target="_blank" href="https://info.linuxserver.io/issues/2022-08-20-nginx-base/">Significant changes to nginx based images</a></p>
</div>
</body>
</html>

61
root/defaults/default
View File

@ -1,61 +0,0 @@
#config-v1
server {
listen 80 default_server;
listen 443 ssl;
root /app/grav-admin;
index index.html index.htm index.php;
server_name _;
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
client_max_body_size 0;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires 30d;
add_header Vary Accept-Encoding;
log_not_found off;
}
location ~* ^.+\.(?:css|cur|js|jpe?g|gif|htc|ico|png|html|xml|otf|ttf|eot|woff|woff2|svg)$ {
access_log off;
expires 30d;
add_header Cache-Control public;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay off;
## Set the OS file cache.
open_file_cache max=3000 inactive=120s;
open_file_cache_valid 45s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
}

71
root/defaults/nginx/site-confs/default.conf.sample Normal file
View File

@ -0,0 +1,71 @@
## Version 2022/08/20 - Changelog: https://github.com/linuxserver/docker-grav/commits/main/root/defaults/nginx/site-confs/default.conf.sample
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name _;
root /app/www/public;
index index.html index.htm index.php;
location / {
# enable for basic auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
try_files $uri $uri/ /index.php?$query_string;
}
## https://github.com/getgrav/grav/blob/develop/webserver-configs/nginx.conf
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
## https://learn.getgrav.org/17/webservers-hosting/servers/nginx#nginx-cache-headers-for-a
## Begin - Caching
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires 30d;
add_header Vary Accept-Encoding;
log_not_found off;
}
location ~* ^.+\.(?:css|cur|js|jpe?g|gif|htc|ico|png|html|xml|otf|ttf|eot|woff|woff2|svg)$ {
access_log off;
expires 30d;
add_header Cache-Control public;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay off;
## Set the OS file cache.
open_file_cache max=3000 inactive=120s;
open_file_cache_valid 45s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
}
## End - Caching
location ~ ^(.+\.php)(.*)$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
# deny access to .htaccess/.htpasswd files
location ~ /\.ht {
deny all;
}
}

24
root/etc/cont-init.d/50-config
View File

@ -1,21 +1,27 @@
#!/usr/bin/with-contenv bash
if ! grep -q 'config-v1' /config/nginx/site-confs/default; then
cp /defaults/default /config/nginx/site-confs
if ! grep -q 'Version 2022/08/20' /config/nginx/site-confs/default.conf; then
cp /defaults/nginx/site-confs/default.conf.sample /config/nginx/site-confs/default.conf
fi
symlinks=( \
/app/grav-admin/backup \
/app/grav-admin/logs \
/app/grav-admin/user \
/app/www/public/backup \
/app/www/public/logs \
/app/www/public/user \
)
shopt -s globstar dotglob
for i in "${symlinks[@]}"; do
[[ -d /config/www/"$(basename "$i")" && ! -L "$i" ]] && rm -rf "$i"
[[ ! -d /config/www/"$(basename "$i")" && ! -L "$i" ]] && mv "$i" /config/www/
[[ -d /config/www/"$(basename "$i")" && ! -L "$i" ]] && ln -s /config/www/"$(basename "$i")" "$i"
if [[ -d /config/www/"$(basename "$i")" && ! -L "$i" ]]; then
rm -rf "$i"
fi
if [[ ! -d /config/www/"$(basename "$i")" && ! -L "$i" ]]; then
mv "$i" /config/www/
fi
if [[ -d /config/www/"$(basename "$i")" && ! -L "$i" ]]; then
ln -s /config/www/"$(basename "$i")" "$i"
fi
done
shopt -u globstar dotglob
@ -24,4 +30,4 @@ sed -i 's/enable_auto_updates_check: true/enable_auto_updates_check: false/' /co
chown -R abc:abc \
/app \
/config
/config

2
root/etc/crontabs/abc
View File

@ -1,2 +1,2 @@
# min hour day month weekday command
* * * * * cd /app/grav-admin;/usr/bin/php bin/grav scheduler 1>> /dev/null 2>&1
* * * * * cd /app/www/public;/usr/bin/php bin/grav scheduler 1>> /dev/null 2>&1

10
root/migrations/02-default-location Normal file
View File

@ -0,0 +1,10 @@
#!/usr/bin/with-contenv bash
DEFAULT_CONF="/config/nginx/site-confs/default.conf"
OLD_ROOT="root /app/grav-admin;"
NEW_ROOT="root /app/www/public;"
if grep -q "${OLD_ROOT}" "${DEFAULT_CONF}";then
echo "updating root in ${DEFAULT_CONF}"
sed -i "s|${OLD_ROOT}|${NEW_ROOT}|" "${DEFAULT_CONF}"
fi