From 23d8401bb229f51c4e16060cd9a612f04781d1c2 Mon Sep 17 00:00:00 2001 From: Alexey Skobkin Date: Mon, 11 Jul 2022 03:39:38 +0300 Subject: [PATCH] Docker CI build (!12) Reviewed-on: https://git.skobk.in/skobkin/magnetico-web/pulls/12 --- .dockerignore | 12 ++++++- .drone.yml | 35 +++++++++++++++++++ .env | 4 --- README.md | 70 +++++++++++++++++++++++++++++++++++-- config/packages/sentry.yaml | 2 ++ docker-compose.yml | 22 ------------ 6 files changed, 115 insertions(+), 30 deletions(-) create mode 100644 .drone.yml delete mode 100644 docker-compose.yml diff --git a/.dockerignore b/.dockerignore index 2eda646..a00ea27 100644 --- a/.dockerignore +++ b/.dockerignore @@ -37,4 +37,14 @@ /.web-server-pid # DotEnv -.env.local \ No newline at end of file +.env.local + +# Git files +/.git +/.gitignore + +# Drone config +/.drone.yml + +# Docker Ignore +/.dockerignore diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..0d615a9 --- /dev/null +++ b/.drone.yml @@ -0,0 +1,35 @@ +kind: pipeline +type: docker +name: build-app + +steps: +# TODO: prepare image with necessary extensions +# - name: build-deps +# image: 'composer:2.3' +# environment: +# APP_ENV: dev +# commands: +# - composer install --no-progress --no-interaction --optimize-autoloader +# - bin/console about +# - 'bin/console lint:container' +# - 'bin/console lint:twig' +# - 'bin/console lint:container' +# - 'bin/console lint:yaml' + - name: docker-build + # https://github.com/drone/drone-plugin-index/blob/main/plugins/docker/original.md + image: plugins/docker + when: + branch: + - master + event: + - push + settings: + username: + from_secret: docker_username + password: + from_secret: docker_token + repo: + from_secret: docker_repo + tags: + - latest + - ${DRONE_COMMIT_SHA:0:10} diff --git a/.env b/.env index 8a0b331..467f7e2 100644 --- a/.env +++ b/.env @@ -22,10 +22,6 @@ REDIS_DSN=redis://127.0.0.1:6379/0 SENTRY_DSN= ###< sentry/sentry-symfony ### -# docker-compose -PHP_FPM_PORT=9000 -APP_LOCAL_PATH=/var/www/magnetico-web/current - ###> symfony/mailer ### MAILER_DSN=smtp://localhost MAILER_FROM=no-reply@magnetico-web.tld diff --git a/README.md b/README.md index cfe907a..fb3e10d 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,4 @@ -[![Codeship Status for skobkin/magnetico-web](https://app.codeship.com/projects/9da4d3e0-57cf-0136-9885-5644a850740d/status?branch=master)](https://app.codeship.com/projects/295041) -[![Total Downloads](https://poser.pugx.org/skobkin/magnetico-web/downloads)](https://packagist.org/packages/skobkin/magnetico-web) +[![Build Status](https://ci.skobk.in/api/badges/skobkin/magnetico-web/status.svg)](https://ci.skobk.in/skobkin/magnetico-web) [![License](https://poser.pugx.org/skobkin/magnetico-web/license)](https://packagist.org/packages/skobkin/magnetico-web) # Magnetico Web PHP @@ -98,7 +97,7 @@ php bin/console invite:add echo 'APP_ENV=dev > .env.local' ``` -## Running in [RoadRunner](https://roadrunner.dev) +## Running using [RoadRunner](https://roadrunner.dev) instead of [PHP-FPM](https://www.php.net/manual/en/install.fpm.php) ```shell # First time only: @@ -112,3 +111,68 @@ bin/rr serve -c .rr.dev.yaml ``` Read more [here](https://github.com/baldinof/roadrunner-bundle) and [here](https://github.com/roadrunner-server/roadrunner). + +### Trusted proxies + +If you're running the app in RoadRunner and experiencing problems with proper URL generation (HTTP instead of HTTPS), +check beginning of the section about running in Docker below. + +## Running in Docker + +### Docker Compose example: + +When running in Docker **DO NOT FORGET** to use Nginx or other reverse-proxy server and properly set `TRUSTED_PROXIES` +environment variable. You can read more about it [here](https://symfony.com/doc/current/deployment/proxies.html#but-what-if-the-ip-of-my-reverse-proxy-changes-constantly). + +```yaml +version: '3.7' + +services: + magnetico-web: + image: skobkin/magnetico-web + container_name: magnetico-web + hostname: magnetico-web + extra_hosts: + - 'host.docker.internal:host-gateway' + ports: + - "127.0.0.1:${EXT_HTTP_PORT:-8080}:8080/tcp" + restart: unless-stopped + user: "$UID" + volumes: + - "${LOG_PATH:-./var/log}:/app/var/log" + env_file: .env + logging: + driver: "json-file" + options: + max-size: "${LOG_MAX_SIZE:-5m}" + max-file: "${LOG_MAX_FILE:-5}" +``` + +Use dotenv file to configure this stack: + +```dotenv +# Example with some useful parameters +APP_SECRET=qwerty + +APP_DATABASE_URL=postgres://magnetico-web:password@host.docker.internal:5432/magnetico-web?application_name=magnetico_web +MAGNETICOD_DATABASE_URL=postgres://magneticod:password@host.docker.internal:5432/magneticod?application_name=magnetico_web + +REDIS_DSN=redis://host.docker.internal:6379/0 + +# BE CAREFUL WITH 'REMOTE_ADDR'. Use ONLY with trusted reverse-proxy +TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR + +###> sentry/sentry-symfony ### +SENTRY_DSN=https://abcabcdaefdaef@sentry.io/123456 +###< sentry/sentry-symfony ### + +###> symfony/mailer ### +MAILER_DSN=smtp://mail@domain.tld:password@smtp.domain.tld:587 +MAILER_FROM=no-reply@domain.tld +###< symfony/mailer ### + +###> excelwebzone/recaptcha-bundle ### +EWZ_RECAPTCHA_SITE_KEY=key +EWZ_RECAPTCHA_SECRET=secret +###< excelwebzone/recaptcha-bundle ### +``` diff --git a/config/packages/sentry.yaml b/config/packages/sentry.yaml index 0c1c781..1f72eac 100644 --- a/config/packages/sentry.yaml +++ b/config/packages/sentry.yaml @@ -13,6 +13,8 @@ services: - 'Symfony\Component\HttpKernel\Exception\BadRequestHttpException' - 'Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException' + # TODO: update: + # https://docs.sentry.io/platforms/php/guides/symfony/#monolog-integration Sentry\Monolog\Handler: arguments: $hub: '@Sentry\State\HubInterface' diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index c51aebb..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,22 +0,0 @@ -version: '3.7' - -services: - magnetico-web: - image: skobkin/magnetico-web - build: - context: . - container_name: magnetico-web - hostname: magnetico-web - extra_hosts: - - 'host.docker.internal:host-gateway' - ports: - - "127.0.0.1:${EXT_HTTP_PORT:-8080}:8080/tcp" - restart: unless-stopped - user: "$UID" - volumes: - - "${LOG_PATH:-./var/log}:/app/var/log" - logging: - driver: "json-file" - options: - max-size: "${LOG_MAX_SIZE:-5m}" - max-file: "${LOG_MAX_FILE:-5}"