All services modularised \o/

2615ba9f · Pierre Ozoux · 2549a8ba · 2549a8ba · 2549a8ba · 2549a8ba
Commit 2615ba9f authored 9 years ago by Pierre Ozoux
--- a/SUPPORTED_APPLICATIONS
+++ b/SUPPORTED_APPLICATIONS
-static wordpress known piwik owncloud
--- a/dockerfiles/services/apache/Dockerfile
+++ b/dockerfiles/services/apache/Dockerfile
-FROM debian:jessie
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update \
-	&& apt-get -yq install \
-		apache2 \
-		curl \
-		mysql-client \
-		libapache2-mod-php5 \
-		php-apc \
-		php-pear \
-		php5-curl \
-		php5-gd \
-                php5-json \
-                php5-mcrypt \
-                php5-imagick \
-		php5-mysql \
-		php5-xmlrpc \
-                ssmtp \
-    unzip \
-	&& rm -rf /var/lib/apt/lists/*
-# Add image configuration and scripts
-ADD default.conf /etc/apache2/sites-enabled/000-default.conf
-ADD run.sh /run.sh
-RUN sed -i "s/variables_order.*/variables_order = \"EGPCS\"/g" /etc/php5/apache2/php.ini && \
-    sed -i "s/.*sendmail_path.*/sendmail_path = \/usr\/sbin\/ssmtp -t/g" /etc/php5/apache2/php.ini \
-	&& mkdir -p /app \
-	&& rm -rf /var/www/html \
-	&& ln -s /app /var/www/html \
-	&& a2enmod rewrite \
-	&& chmod 755 /run.sh
-COPY ssmtp.conf /etc/ssmtp/ssmtp.conf
-CMD ["/run.sh"]
-EXPOSE 80
--- a/dockerfiles/services/apache/default.conf
+++ b/dockerfiles/services/apache/default.conf
-<VirtualHost *:80>
-  # The ServerName directive sets the request scheme, hostname and port that
-  # the server uses to identify itself. This is used when creating
-  # redirection URLs. In the context of virtual hosts, the ServerName
-  # specifies what hostname must appear in the request's Host: header to
-  # match this virtual host. For the default virtual host (this file) this
-  # value is not decisive as it is used as a last resort host regardless.
-  # However, you must set it for any further virtual host explicitly.
-  #ServerName www.example.com
-  ServerAdmin webmaster@localhost
-  DocumentRoot /var/www/html
-  # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
-  # error, crit, alert, emerg.
-  # It is also possible to configure the loglevel for particular
-  # modules, e.g.
-  #LogLevel info ssl:warn
-  ErrorLog ${APACHE_LOG_DIR}/error.log
-  CustomLog ${APACHE_LOG_DIR}/access.log combined
-  # For most configuration files from conf-available/, which are
-  # enabled or disabled at a global level, it is possible to
-  # include a line for only one particular virtual host. For example the
-  # following line enables the CGI configuration for this host only
-  # after it has been globally disabled with "a2disconf".
-  #Include conf-available/serve-cgi-bin.conf
-  <Directory /var/www/html/>
-    Options -Indexes +FollowSymLinks +MultiViews
-    AllowOverride All
-    Order allow,deny
-    allow from all
-  </Directory>
-</VirtualHost>
--- a/dockerfiles/services/apache/run.sh
+++ b/dockerfiles/services/apache/run.sh
-#!/bin/bash
-source /etc/apache2/envvars
-exec apache2 -D FOREGROUND
--- a/dockerfiles/services/apache/ssmtp.conf
+++ b/dockerfiles/services/apache/ssmtp.conf
-mailhub=172.17.42.1
-root=postmaster
-FromLineOverride=YES
--- a/dockerfiles/services/known/Dockerfile
+++ b/dockerfiles/services/known/Dockerfile
-FROM indiepaas/apache
-# Download latest version of Known into /app
-RUN mkdir -p /app && \
-  cd /app && \
-  curl -L http://assets.withknown.com/releases/known-latest.zip -o known.zip && \
-  unzip known.zip && \
-  rm -rf known.zip && \
-  cd IdnoPlugins && \
-  curl -L https://github.com/idno/Twitter/archive/master.zip -o twitter.zip && \
-  unzip twitter.zip && \
-  mv Twitter-master/ Twitter && \
-  rm twitter.zip && \
-  curl -L https://github.com/idno/Facebook/archive/master.zip -o facebook.zip && \
-  unzip facebook.zip && \
-  mv Facebook-master/ Facebook && \
-  rm facebook.zip && \
-  curl -L https://github.com/idno/Markdown/archive/master.zip -o markdown.zip && \
-  unzip markdown.zip && \
-  mv Markdown-master/ Markdown && \
-  rm markdown.zip && \
-  curl -L https://github.com/pierreozoux/KnownAppNet/archive/master.zip -o app-net.zip && \
-  unzip app-net.zip && \
-  mv KnownAppNet-master AppNet && \
-  rm app-net.zip
-# Add script to create 'known' DB
-ADD run-known.sh /run-known.sh
-RUN chmod 755 /run-known.sh
-# Expose environment variables
-ENV DB_HOST **LinkMe**
-ENV DB_PORT **LinkMe**
-ENV DB_NAME known
-ENV DB_USER admin
-ENV DB_PASS **ChangeMe**
-EXPOSE 80
-VOLUME ["/app/Uploads", "/app/.htaccess"]
-CMD ["/run-known.sh"]
--- a/dockerfiles/services/known/README.md
+++ b/dockerfiles/services/known/README.md
-# Usage
-````
-PASS=`pwgen 20 1`
-sudo docker pull debian:jessie
-sudo docker build -t indiehosters/apache ../apache
-sudo docker build -t indiehosters/known .
-sudo docker run -d -e MYSQL_PASS=$PASS --name mysql indiehosters/mysql
-sudo docker run -d -p 80:80 --link mysql:db -e DB_PASS=$PASS indiehosters/known
-echo Using $PASS as the database password. Waiting for everything to be up...
-sleep 20
-curl -I http://localhost/
-````
--- a/dockerfiles/services/known/VOLUME
+++ b/dockerfiles/services/known/VOLUME
-/app/Uploads
--- a/dockerfiles/services/known/run-known.sh
+++ b/dockerfiles/services/known/run-known.sh
-#!/bin/bash
-# Initialization after docker mount
-if [ ! -s /app/.htaccess ]; then
-  cat /app/htaccess.dist > /app/.htaccess
-fi
-chown -R root:www-data /app
-chmod -R 650 /app
-chmod -R 770 /app/Uploads
-chmod -R 660 /app/.htaccess
-DB_HOST=${DB_PORT_3306_TCP_ADDR:-${DB_HOST}}
-DB_HOST=${DB_1_PORT_3306_TCP_ADDR:-${DB_HOST}}
-DB_PORT=${DB_PORT_3306_TCP_PORT:-${DB_PORT}}
-DB_PORT=${DB_1_PORT_3306_TCP_PORT:-${DB_PORT}}
-if [ "$DB_PASS" = "**ChangeMe**" ] && [ -n "$DB_1_ENV_MYSQL_PASS" ]; then
-    DB_PASS="$DB_1_ENV_MYSQL_PASS"
-fi
-echo "=> Trying to connect to MySQL/MariaDB using:"
-echo "========================================================================"
-echo "      Database Host Address:  $DB_HOST"
-echo "      Database Port number:   $DB_PORT"
-echo "      Database Name:          $DB_NAME"
-echo "      Database Username:      $DB_USER"
-echo "      Database Password:      $DB_PASS"
-echo "========================================================================"
-for ((i=0;i<10;i++))
-do
-    DB_CONNECTABLE=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e 'status' >/dev/null 2>&1; echo "$?")
-    if [[ DB_CONNECTABLE -eq 0 ]]; then
-        break
-    fi
-    sleep 5
-done
-if [[ $DB_CONNECTABLE -eq 0 ]]; then
-    DB_EXISTS=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "SHOW DATABASES LIKE '"$DB_NAME"';" 2>&1 |grep "$DB_NAME" > /dev/null ; echo "$?")
-    if [[ DB_EXISTS -eq 1 ]]; then
-        echo "=> Creating database $DB_NAME"
-        RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e "CREATE DATABASE $DB_NAME")
-        if [[ RET -ne 0 ]]; then
-            echo "Cannot create database for known"
-            exit RET
-        fi
-        if [ -f /app/schemas/mysql/mysql.sql ]; then
-            echo "=> Loading initial database data to $DB_NAME"
-            RET=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT $DB_NAME < /app/schemas/mysql/mysql.sql)
-            if [[ RET -ne 0 ]]; then
-                echo "Cannot load initial database data for known"
-                exit RET
-            fi
-        fi
-        echo "=> Done!"
-    else
-        echo "=> Skipped creation of database $DB_NAME – it already exists."
-    fi
-else
-    echo "Cannot connect to Mysql"
-    exit $DB_CONNECTABLE
-fi
-# Environment creation
-echo "filesystem = 'local'"         > /app/config.ini
-echo "uploadpath = '/app/Uploads'" >> /app/config.ini
-echo "database = 'MySQL'"          >> /app/config.ini
-echo "dbname = '${DB_NAME}'"       >> /app/config.ini
-echo "dbhost = '${DB_HOST}'"       >> /app/config.ini
-echo "dbuser = '${DB_USER}'"       >> /app/config.ini
-echo "dbpass = '${DB_PASS}'"       >> /app/config.ini
-echo "url = 'https://${URL}/'"     >> /app/config.ini
-echo "smtp_host = ${MAIL_HOST}"    >> /app/config.ini
-echo "smtp_port = ${MAIL_PORT}"    >> /app/config.ini
-echo "smtp_username = ${MAIL_USER}" >> /app/config.ini
-echo "smtp_password = ${MAIL_PASS}" >> /app/config.ini
-exec /run.sh
--- a/dockerfiles/services/mysql/Dockerfile
+++ b/dockerfiles/services/mysql/Dockerfile
-FROM tutum/mysql
--- a/dockerfiles/services/nginx-php/Dockerfile
+++ b/dockerfiles/services/nginx-php/Dockerfile
-FROM nginx
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update && apt-get install -y \
-      mysql-client \
-      php5-fpm \
-      php5-mysql \
-      ssmtp \
-      curl && \
-    rm -rf /var/lib/apt/lists/* && \
-    rm -rf /etc/nginx/conf.d/* && \
-    rm -rf /usr/share/nginx/html/* && \
-    mkdir -p /etc/nginx/external && \
-    sed -i 's/access_log.*/access_log \/dev\/stdout;/g' /etc/nginx/nginx.conf && \
-    sed -i 's/error_log.*/error_log \/dev\/stdout info;/g' /etc/nginx/nginx.conf && \
-    sed -i 's/^pid/daemon off;\npid/g' /etc/nginx/nginx.conf && \
-    sed -i "s/.*sendmail_path.*/sendmail_path = \/usr\/sbin\/ssmtp -t/g" /etc/php5/fpm/php.ini && \
-    sed -i 's/;default_charset.*/default_charset = "UTF-8"/g' /etc/php5/fpm/php.ini && \
-    sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php5/fpm/php.ini
-ADD basic.conf /etc/nginx/conf.d/basic.conf
-ADD entrypoint.sh /opt/entrypoint.sh
-RUN chmod u+x /opt/entrypoint.sh
-ADD mysql-check.sh /opt/mysql-check.sh
-RUN chmod u+x /opt/mysql-check.sh
-COPY ssmtp.conf /etc/ssmtp/ssmtp.conf
-ADD environment /etc/environment
-ENTRYPOINT ["/opt/entrypoint.sh"]
-CMD ["nginx"]
--- a/dockerfiles/services/nginx-php/basic.conf
+++ b/dockerfiles/services/nginx-php/basic.conf
-# hide nginx version
-server_tokens off;
-# add nosniff header (https://www.owasp.org/index.php/List_of_useful_HTTP_headers)
-add_header X-Content-Type-Options nosniff;
--- a/dockerfiles/services/nginx-php/entrypoint.sh
+++ b/dockerfiles/services/nginx-php/entrypoint.sh
-#!/bin/bash -eux
-/etc/init.d/php5-fpm start
-chmod a+rwx /var/run/php5-fpm.sock
-echo "127.0.0.1 ${URL}" >> /etc/hosts
-# exec CMD
-echo ">> exec docker CMD"
-echo "$@"
-"$@"
--- a/dockerfiles/services/nginx-php/environment
+++ b/dockerfiles/services/nginx-php/environment
-#!/bin/bash -eux
-DB_HOST=db
-DB_PORT=${DB_PORT_3306_TCP_PORT:-${DB_PORT}}
-DB_PORT=${DB_1_PORT_3306_TCP_PORT:-${DB_PORT}}
--- a/dockerfiles/services/nginx-php/mysql-check.sh
+++ b/dockerfiles/services/nginx-php/mysql-check.sh
-#!/bin/bash -eux
-source /etc/environment
-echo "=> Trying to connect to MySQL/MariaDB using:"
-echo "========================================================================"
-echo "      Database Host Address:  $DB_HOST"
-echo "      Database Port number:   $DB_PORT"
-echo "      Database Username:      $DB_USER"
-echo "      Database Password:      $DB_PASS"
-echo "========================================================================"
-for ((i=0;i<10;i++))
-do
-    DB_CONNECTABLE=$(mysql -u$DB_USER -p$DB_PASS -h$DB_HOST -P$DB_PORT -e 'status' >/dev/null 2>&1; echo "$?")
-    if [[ DB_CONNECTABLE -eq 0 ]]; then
-        exit 0
-    fi
-    sleep 5
-done
-exit 1
--- a/dockerfiles/services/nginx-php/ssmtp.conf
+++ b/dockerfiles/services/nginx-php/ssmtp.conf
-mailhub=##MAIL_HOST##:##MAIL_PORT##
-root=##MAIL_USER##
-FromLineOverride=YES
-# Use SSL/TLS before starting negotiation
-UseTLS=Yes
-UseSTARTTLS=Yes
-# Username/Password
-AuthUser=##MAIL_USER##
-AuthPass=##MAIL_PASS##
--- a/dockerfiles/services/nginx/Dockerfile
+++ b/dockerfiles/services/nginx/Dockerfile
-FROM tutum/nginx
--- a/unit-files/backup@.service
+++ b/unit-files/backup@.service
-[Unit]
-Description=Back up data from %i
-[Service]
-Type=oneshot
-TimeoutStartSec=0
-EnvironmentFile=/etc/environment
-ExecStartPre=/usr/bin/docker run --rm -v /opt/bin:/opt/bin ibuildthecloud/systemd-docker
-ExecStartPre=-/usr/bin/docker kill mysqldump-%i
-ExecStartPre=-/usr/bin/docker rm mysqldump-%i
-ExecStartPre=-/usr/bin/docker rm clean-%i
-ExecStartPre=-/usr/bin/docker rm backup-%i
-ExecStartPre=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name clean-%i \
-    -e PASSPHRASE \
-    -v /root:/root \
-    indiepaas/duplicity \
-      remove-older-than 10D --force \
-      sftp://${BACKUP_DESTINATION}/%i'
-ExecStartPre=/bin/bash -euxc '\
-  if [ -d /data/domains/%i/mysql ]; then \
-    echo "Backing up mysql databases for %i"; \
-    mysql_passwd=`cat /data/domains/%i/mysql/.env | cut -d= -f2`; \
-    /usr/bin/docker run \
-      --rm \
-      --name mysqldump-%i \
-      --link mysql-%i:db \
-      --env-file /data/domains/%i/mysql/.env \
-      indiepaas/mysql \
-        mysqldump \
-          --all-databases \
-          --events \
-          -uadmin \
-          -p$mysql_passwd \
-          -h db > /data/domains/%i/mysql/dump.sql; \
-  fi'
-ExecStart=/bin/bash -euxc ' \
-  /bin/docker run \
-    --rm \
-    --name backup-%i \
-    --cpu-shares=40 \
-    -e PASSPHRASE \
-    -h backup.container \
-    -v /dev/random:/dev/random \
-    -v /dev/urandom:/dev/urandom \
-    -v /root:/root \
-    -v /data/domains/%i:/backup indiepaas/duplicity \
-      --volsize 500 \
-      --asynchronous-upload \
-      --encrypt-key ${ENCRYPT_KEY} \
-        /backup \
-        sftp://${BACKUP_DESTINATION}/%i' 
--- a/unit-files/backup@.timer
+++ b/unit-files/backup@.timer
-[Unit]
-Description=Hourly backup of www and mysql content.
-# Dependency binding
-BindsTo=web@%i.service
-[Timer]
-OnActiveSec=20
-OnUnitActiveSec=60min
-AccuracySec=50min
--- a/unit-files/discovery@.service
+++ b/unit-files/discovery@.service
-[Unit]
-Description=%p for %i etcd registration
-# Requirements
-Requires=etcd.service
-# Dependency binding
-BindsTo=web@%i.service
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-ExecStart=/bin/bash -euxc ' \
-  ip=`docker inspect --format \'{{.NetworkSettings.IPAddress}}\' %i`; \
-  etcdctl --peers 172.17.42.1:4001 set /services/web/%i \'{"ip":"\'$ip\'", "port":"80"}\';'
-ExecStop=-/usr/bin/etcdctl rm /services/web/%i