diff --git a/.env.dist b/.env.dist index 1cd1cfa..3c7aace 100644 --- a/.env.dist +++ b/.env.dist @@ -4,11 +4,17 @@ COMPOSE_PROJECT_NAME=wwwgmo # must be the same that SITE_VERSION # define in php-fpm/.env -DOCKER_IMAGE_VERSION="3.25" +DOCKER_IMAGE_VERSION="3.3.0" +# docker login user +DOCKER_USER=gmouchet +# docker login password +DOCKER_PASS=TOBECOMPLETED # docker image tag = DOCKER_IMAGE_VERSION -DOCKER_IMAGE=gmouchet/wwwgmo-php-fpm +DOCKER_IMAGE=${DOCKER_USER}/wwwgmo-php-fpm +# docker login user +DOCKER_USER=gmouchet # docker ports NGINX_PORT=8085 PMA_PORT_WEB_HTTPS=8084 # elastic version -ELASTIC_VERSION=8.18.2 \ No newline at end of file +ELASTIC_VERSION=9.0.2 \ No newline at end of file diff --git a/.gitignore b/.gitignore index 0ae7719..20f10a5 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ .env helm-old mariadb-old +staging diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..3a35fa3 --- /dev/null +++ b/LICENSE @@ -0,0 +1,33 @@ +Non-Commercial Use License – [docker.sh.sh] + +Copyright (c) [2025] [Gilles Mouchet] + +This script is provided free of charge with its source code. You are permitted to: + +Use the script for personal, educational, or non-commercial professional purposes. +Study, modify, and share the script freely, provided this license is included. + +You are strictly prohibited from: + +- Selling this script or any modified version. +- Using it in commercial services or products. +- Distributing it in exchange for financial compensation, directly or indirectly. + +This script is provided "as is", without any warranty of any kind. +----------------------------------------------------------------------------------------- + Licence d’utilisation non commerciale – [docker.sh] + +Copyright (c) [2025] [Gilles Mouchet] + +Ce script est fourni gratuitement avec son code source. Toute personne est autorisée à : + +Utiliser le script à des fins personnelles, éducatives ou professionnelles non commerciales. +Étudier, modifier et partager le script gratuitement, à condition de conserver cette licence. + +Il est strictement interdit de : + +- Vendre ce script ou une version modifiée. + - L’utiliser dans des services ou produits commerciaux. + - Le distribuer en échange d’une contrepartie financière, directe ou indirecte. + + Ce script est fourni "tel quel", sans garantie d’aucune sorte. \ No newline at end of file diff --git a/README.md b/README.md index aca9903..5256e86 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,8 @@ Copy file ALL `.env.dist` to `.env` Complete or modify the values according to your needs ### Build +The **docker.sh** script is use to manage docker image. See `./docker.sh -h` for more informations + #### Build image ```bash ./docker.sh build @@ -29,6 +31,15 @@ or ```bash ./docker.sh build-no-cache ``` +#### Build image multi-plaform (amd64 and amr64) +```bash +./docker.sh build-multi +``` +or +```bash +./docker.sh build-multi-no-cache +``` + ### Start ```bash ./docker.sh start @@ -217,3 +228,4 @@ https://www.elastic.co/guide/en/elasticsearch/reference/8.18/docker.html ### 1.0 (2024-03-01) * Created from scratch + diff --git a/docker-compose.yml b/docker-compose.yml index e2422fe..297dae5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,49 +1,42 @@ services: -# Linux nginx mysql php -#-------------------------------------- -# service http nginx -#-------------------------------------- nginx: image: nginxinc/nginx-unprivileged:1.23-alpine +# platform: linux/amd64,linux/arm64 volumes: - './docker/nginx/default.conf:/etc/nginx/conf.d/default.conf' - './certs:/etc/nginx/certs/' - './src:/var/www/html:rw,cached' ports: - #- '${NGINX_PORT}:8080' - '${NGINX_PORT}:8443' depends_on: - php-fpm -#-------------------------------------- -# service php-fpm -#-------------------------------------- + php-fpm: - image: ${DOCKER_IMAGE}:${DOCKER_IMAGE_VERSION} + image: ${DOCKER_USER}/${DOCKER_IMAGE}:${DOCKER_IMAGE_VERSION} +# platform: linux/amd64,linux/arm64 env_file: - ./docker/php-fpm/.env volumes: - './src/:/var/www/html:rw,cached' - build: + build: context: . dockerfile: ./docker/php-fpm/Dockerfile ports: - '9000:9000' depends_on: - mariadb -#-------------------------------------- -# service mariadb -#-------------------------------------- + mariadb: image: mariadb:10.11.7 +# platform: linux/amd64,linux/arm64 volumes: - 'mariadb:/var/lib/mysql:z' env_file: - ./docker/mariadb/.env -#-------------------------------------- -# service phpmyadmin -#-------------------------------------- + phpmyadmin: image: phpmyadmin +# platform: linux/amd64,linux/arm64 volumes: - ./certs:/etc/apache2/ssl - ./docker/phpmyadmin/apache-ssl.conf:/etc/apache2/sites-available/default-ssl.conf @@ -60,12 +53,9 @@ services: a2ensite default-ssl && apache2-foreground" -#-------------------------------------- -# service elasticsearch -#-------------------------------------- elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION} - #container_name: elasticsearch +# platform: linux/amd64,linux/arm64 env_file: - ./docker/elasticsearch/.env ulimits: @@ -86,11 +76,10 @@ services: bash /usr/local/bin/create_kibana_user.sh; wait $pid " -#-------------------------------------- -# service kibana -#-------------------------------------- + kibana: image: docker.elastic.co/kibana/kibana:${ELASTIC_VERSION} +# platform: linux/amd64,linux/arm64 env_file: - ./docker/kibana/.env volumes: @@ -103,3 +92,4 @@ services: volumes: elasticsearch: mariadb: + diff --git a/docker.sh b/docker.sh index 6e6c7d8..3815251 100755 --- a/docker.sh +++ b/docker.sh @@ -1,83 +1,196 @@ #!/bin/bash +############################################################ +# Decription: this script manage docker image +# file with an AWX inventory +# +# Author: Gilles Mouchet (gilles.mouchet@gmail.com) +# Creation Date: 28.06.2025 +# Version: 1.0 +# +# Usage: ./docker.sh --help +# Changelog: +# V1.0 - 28.06.2025 - GMo +# Added +# - Creation of script from scratch +# +############################################################ +version="1.0" + +# with set -e, as soon as a command returns an exit code other than 0, +# the script stops immediately. set -e _UID=$(id -u) _GID=$(id -g) - +############################################################ +# functions +############################################################ +# function usage +usage() { + cat << EOF +Usage: ./$(basename "$0") options +Manage docker image +Options: + build build docker image + build-no-cache build an image from scratch, without using the cache from previous steps. + build-multi build a multi-platform image (amd64, arm64) + build-multi-no-cache build a multi-platform image from scratch , without using the cache from previous steps. + start start the stack + stop stop the stack and delete the container + restart stop and start stack + bash open the ${COMPOSE_PROJECT_NAME}-php-fpm-1 container bash + bash-root open the ${COMPOSE_PROJECT_NAME}-php-fpm-1 container bash with root user + logs tail logs from ${COMPOSE_PROJECT_NAME}-php-fpm-1 -f + push push image php-fpm on docker registry + down stop and delete the container + help|-h|--help display this help + version|-v|--version display script version +EOF +} +# read the varoables export $(grep -v '^#' .env | xargs) +# check param exist +if [ -z "$1" ]; then + usage + exit +fi + # check if certs folder exite in src if [ ! -d "./src/certs" ]; then mkdir ./src/certs fi + while test $# -gt 0 do case "$1" in -# install) -# env UID=${_UID} GID=${_GID} docker compose up -d php-fpm -# docker exec --user root ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh -c "cd /var/www/html; composer require elasticsearch/elasticsearch" -# env UID=${_UID} GID=${_GID} docker compose stop -# ;; start) sudo chown -R $_UID:$_GID ./certs/ - env UID=${_UID} GID=${_GID} docker compose up -d; + # The env before the docker command is there to assign rights in case different + # users are called upon to work on this project. We comment it for documentation purposes. + # env UID=${_UID} GID=${_GID} docker compose up -d + docker compose up -d ;; restart) sudo chown -R $_UID:$_GID ./certs/ docker compose down --remove-orphans - env UID=${_UID} GID=${_GID} docker compose up -d; + docker compose up -d; ;; stop) - env UID=${_UID} GID=${_GID} docker compose stop + docker compose stop ;; bash) - docker exec -it wwwgmo-php-fpm /bin/sh + docker exec -it ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh ;; bash-root) - docker exec --user root -it wwwgmo-php-fpm /bin/sh + docker exec --user root -it ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh ;; logs) - docker logs wwwgmo-php-fpm -f + docker logs ${COMPOSE_PROJECT_NAME}-php-fpm-1 -f ;; - build-no-cache) - #cp ./certs/ca.pem ./src/certs/. - sudo chown -R $_UID:$_GID ./src/ - env UID=${_UID} GID=${_GID} docker compose build --pull --no-cache - env UID=${_UID} GID=${_GID} docker compose up -d; - # install lasticsearch client for PHP - docker exec --user root ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh -c "cd /var/www/html; composer require elasticsearch/elasticsearch" - #docker exec --user root wwwgmo-php-fpm composer install --no-interaction - sleep 5 # wait mysql container up - #docker exec -it wwwgmo-mariadb /bin/bash -c "mysql -u root --password=password -e \ - # \"CREATE USER IF NOT EXISTS 'xmaroot'@'%' IDENTIFIED BY 'sqlAdmin'; \ - # GRANT ALL PRIVILEGES ON *.* TO 'xmaroot'@'%'; \ - # flush privileges;\"" - env UID=${_UID} GID=${_GID} docker compose stop - ;; build) - #cp ./certs/ca.pem ./src/certs/. + # build image in local sudo chown -R $_UID:$_GID ./src/ - env UID=${_UID} GID=${_GID} docker compose build - env UID=${_UID} GID=${_GID} docker compose up -d; - # install lasticsearch client for PHP + docker compose build --pull + docker compose up -d; docker exec --user root ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh -c "cd /var/www/html; composer require elasticsearch/elasticsearch" - #docker exec --user root wwwgmo-php-fpm composer install --no-interaction + # not needed. We comment it for documentation purposes. #sleep 5 # wait mysql container up #docker exec -it wwwgmo-mysql /bin/bash -c "mysql -u root --password=password -e \ # \"CREATE USER IF NOT EXISTS 'xmaroot'@'%' IDENTIFIED BY 'sqlAdmin'; \ # GRANT ALL PRIVILEGES ON *.* TO 'xmaroot'@'%'; \ # flush privileges;\"" - env UID=${_UID} GID=${_GID} docker compose stop + docker compose stop + ;; + build-no-cache) + # build image in local + sudo chown -R $_UID:$_GID ./src/ + docker compose build --pull --no-cache + docker compose up -d; + docker exec --user root ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh -c "cd /var/www/html; composer require elasticsearch/elasticsearch" + docker compose stop + ;; + build-multi-no-cache) + # build image multi platform linux/amd64 and linux/arm64 + # + # This operation may take some time (env. 15 min). Please be patient. + # + #echo "${DOCKER_USER}/wwwgmo-php-fpm:${DOCKER_IMAGE_VERSION}" + #cp ./certs/ca.pem ./src/certs/. + sudo chown -R $_UID:$_GID ./src/ + # load images needed to buil docker iomage for multi platform + if [ "$(docker images -q moby/buildkit)" == "" ]; then + docker buildx create --use --name gmobuilder + docker buildx inspect gmobuilder --bootstrap + fi + # login to docker hub + docker login -u="${DOCKER_USER}" -p="${DOCKER_PASS}" + # builds image for linux/amd64 and linux/arm64 + docker buildx build --no-cache --platform linux/amd64,linux/arm64 -t "${DOCKER_USER}/wwwgmo-php-fpm:${DOCKER_IMAGE_VERSION}" --push -f ./docker/php-fpm/Dockerfile . + # start stack + docker compose up -d + # install elasticsearch client for PHP + docker exec --user root ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh -c "cd /var/www/html; composer require elasticsearch/elasticsearch" + # stop stack + docker compose stop + # logout from docker hub + docker logout + # cleanup container, image and instance to create multi platform image + docker stop buildx_buildkit_gmobuilder0 + docker container rm buildx_buildkit_gmobuilder0 + docker rmi moby/buildkit:buildx-stable-1 --force + docker buildx rm --all-inactive --force + ;; + build-multi) + # build image multi platform linux/amd64 and linux/arm64 + # + # This operation may take some time (env. 15 min). Please be patient. + # + #echo "${DOCKER_USER}/wwwgmo-php-fpm:${DOCKER_IMAGE_VERSION}" + #cp ./certs/ca.pem ./src/certs/. + sudo chown -R $_UID:$_GID ./src/ + # load images needed to buil docker iomage for multi platform + if [ "$(docker images -q moby/buildkit)" == "" ]; then + docker buildx create --use --name gmobuilder + docker buildx inspect gmobuilder --bootstrap + fi + # login to docker hub + docker login -u="${DOCKER_USER}" -p="${DOCKER_PASS}" + # builds image for linux/amd64 and linux/arm64 + docker buildx build --platform linux/amd64,linux/arm64 -t "${DOCKER_USER}/wwwgmo-php-fpm:${DOCKER_IMAGE_VERSION}" --push -f ./docker/php-fpm/Dockerfile . + # start stack + docker compose up -d + # install elasticsearch client for PHP + docker exec --user root ${COMPOSE_PROJECT_NAME}-php-fpm-1 /bin/sh -c "cd /var/www/html; composer require elasticsearch/elasticsearch" + # stop stack + docker compose stop + # logout from docker hub + docker logout + # cleanup container, image and instance to create multi platform image + docker stop buildx_buildkit_gmobuilder0 + docker container rm buildx_buildkit_gmobuilder0 + docker rmi moby/buildkit:buildx-stable-1 --force + docker buildx rm --all-inactive --force ;; push) - docker image push ${DOCKER_IMAGE}:${DOCKER_IMAGE_VERSION} + docker login -u="${DOCKER_USER}" -p="${DOCKER_PASS}" + docker image push ${DOCKER_IMAGE}:${DOCKER_IMAGE_VERSION} + docker logout ;; down) - docker compose down --remove-orphans + docker compose down --remove-orphans ;; - *) - echo "docker.sh [start|stop||logs|bash-root|bash|build|build-no-cache|push|down]" + version|-v|--version) + cat << EOF +$(basename "$0") v$version (c) 1990 - $(date +%Y) by Gilles Mouchet +Non-Commercial Use License – See LICENSE for details +EOF + exit + ;; + *|help|-h|--help) + usage + exit ;; esac shift diff --git a/docker/kibana/.env.dist b/docker/kibana/.env.dist index ca59fe5..f753573 100644 --- a/docker/kibana/.env.dist +++ b/docker/kibana/.env.dist @@ -6,3 +6,7 @@ ELASTICSEARCH_HOSTS=http://elasticsearch:9200 ELASTICSEARCH_USERNAME=kibana_system_user # password for username ELASTICSEARCH_PASSWORD=kibanapassword +# acitve https +SERVER_SSL_ENABLED=true +SERVER_SSL_KEY="/usr/share/kibana/config/certs/tls.key" +SERVER_SSL_CERTIFICATE="/usr/share/kibana/config/certs/tls.crt" \ No newline at end of file diff --git a/docker/php-fpm/.env.dist b/docker/php-fpm/.env.dist index c14ca96..f2a78ff 100644 --- a/docker/php-fpm/.env.dist +++ b/docker/php-fpm/.env.dist @@ -1,7 +1,6 @@ # site SITE_TITLE="Stack GMo - PHP-FPM - MariaDB - Elasticsearch" # must be the same that DOCKER_IMAGE_VERSION define in .env -#SITE_VERSION="3.25-arm64" SITE_VERSION=${DOCKER_IMAGE_VERSION} # db DB_NAME=wwwgmo diff --git a/docker/php-fpm/Dockerfile b/docker/php-fpm/Dockerfile index c462094..e273d81 100644 --- a/docker/php-fpm/Dockerfile +++ b/docker/php-fpm/Dockerfile @@ -1,7 +1,6 @@ #https://hub.docker.com/r/rhamdeew/docker-php-8-fpm-alpine/dockerfile #https://github.com/elastic/elasticsearch-php -#FROM php:8.2.6-fpm-alpine FROM php:8.4-fpm-alpine3.22 LABEL maintainer="gilles.mouchet@gmail.com"