From 0ffd6913f8d4d3d1665016c4f990c9d3a4e05653 Mon Sep 17 00:00:00 2001
From: Hardware <contact@meshup.net>
Date: Sun, 14 Jan 2018 11:31:43 +0100
Subject: [PATCH] update(): alpine 3.7 and flarum 0.1.0-beta.7.1

---
 Dockerfile                                    |  32 +++-
 README.md                                     |   1 -
 rootfs/etc/nginx/nginx.conf                   | 137 ++++++++++++++++++
 .../php7/conf.d/00_opcache.ini}               |   0
 rootfs/etc/php7/php-fpm.conf                  |  15 ++
 rootfs/nginx/sites-enabled/flarum.conf        |  80 ----------
 rootfs/services/.s6-svscan/finish             |   2 +
 rootfs/services/nginx/run                     |   2 +
 rootfs/services/php/run                       |   2 +
 rootfs/usr/local/bin/run.sh                   |  12 +-
 10 files changed, 194 insertions(+), 89 deletions(-)
 create mode 100644 rootfs/etc/nginx/nginx.conf
 rename rootfs/{php/conf.d/opcache.ini => etc/php7/conf.d/00_opcache.ini} (100%)
 create mode 100644 rootfs/etc/php7/php-fpm.conf
 delete mode 100644 rootfs/nginx/sites-enabled/flarum.conf
 create mode 100644 rootfs/services/.s6-svscan/finish
 create mode 100644 rootfs/services/nginx/run
 create mode 100644 rootfs/services/php/run

diff --git a/Dockerfile b/Dockerfile
index 0c384d8..54fa45f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,13 +1,37 @@
-FROM wonderfall/nginx-php:7.1
+FROM alpine:3.7
 
 LABEL description "Next-generation forum software that makes online discussion fun" \
       maintainer="Hardware <hardware@mondedie.fr>, Magicalex <magicalex@mondedie.fr>"
 
 ARG VERSION=v0.1.0-beta.7
 
-ENV GID=991 UID=991 UPLOAD_MAX_SIZE=50M MEMORY_LIMIT=128M
+ENV GID=991 UID=991 UPLOAD_MAX_SIZE=50M
 
-RUN apk add -U curl \
+RUN echo "@community https://nl.alpinelinux.org/alpine/v3.7/community" >> /etc/apk/repositories \
+ && apk add -U \
+    nginx \
+    s6 \
+    su-exec \
+    curl \
+    php7@community \
+    php7-fileinfo@community \
+    php7-phar@community \
+    php7-fpm@community \
+    php7-curl@community \
+    php7-mbstring@community \
+    php7-openssl@community \
+    php7-json@community \
+    php7-pdo@community \
+    php7-pdo_mysql@community \
+    php7-mysqlnd@community \
+    php7-zlib@community \
+    php7-gd@community \
+    php7-dom@community \
+    php7-ctype@community \
+    php7-session@community \
+    php7-opcache@community \
+    php7-xmlwriter@community \
+    php7-tokenizer@community \
  && cd /tmp \
  && curl -s http://getcomposer.org/installer | php \
  && mv /tmp/composer.phar /usr/bin/composer \
@@ -19,7 +43,7 @@ RUN apk add -U curl \
  && rm -rf /flarum/.composer /var/cache/apk/*
 
 COPY rootfs /
-RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
+RUN chmod +x /usr/local/bin/* /services/*/run /services/.s6-svscan/*
 VOLUME /flarum/app/assets /flarum/app/extensions
 EXPOSE 8888
 CMD ["run.sh"]
diff --git a/README.md b/README.md
index 621d179..d9df701 100644
--- a/README.md
+++ b/README.md
@@ -41,7 +41,6 @@ Flarum is the next-generation forum software that makes online discussion fun. I
 | **DB_PASS** | MariaDB database password | **required** | none
 | **DB_PREF** | Flarum tables prefix | *optional* | none
 | **UPLOAD_MAX_SIZE** | The maximum size of an uploaded file | *optional* | 50M
-| **MEMORY_LIMIT** | maximum amount of memory used by php | *optional* | 128M
 
 ## Installation
 
diff --git a/rootfs/etc/nginx/nginx.conf b/rootfs/etc/nginx/nginx.conf
new file mode 100644
index 0000000..7e4d50f
--- /dev/null
+++ b/rootfs/etc/nginx/nginx.conf
@@ -0,0 +1,137 @@
+worker_processes auto;
+pid /tmp/nginx.pid;
+daemon off;
+
+events {
+  worker_connections 1024;
+  use epoll;
+}
+
+http {
+
+  include /etc/nginx/mime.types;
+  default_type application/octet-stream;
+
+  access_log off;
+  error_log /tmp/ngx_error.log error;
+
+  sendfile on;
+  keepalive_timeout 15;
+  keepalive_disable msie6;
+  keepalive_requests 100;
+  tcp_nopush on;
+  tcp_nodelay on;
+  server_tokens off;
+
+  fastcgi_temp_path /tmp/fastcgi 1 2;
+  client_body_temp_path /tmp/client_body 1 2;
+  proxy_temp_path /tmp/proxy 1 2;
+  uwsgi_temp_path /tmp/uwsgi 1 2;
+  scgi_temp_path /tmp/scgi 1 2;
+
+  gzip on;
+  gzip_comp_level 5;
+  gzip_min_length 512;
+  gzip_buffers 4 8k;
+  gzip_proxied any;
+  gzip_vary on;
+  gzip_disable "msie6";
+  gzip_types
+    text/css
+    text/javascript
+    text/xml
+    text/plain
+    text/x-component
+    application/javascript
+    application/x-javascript
+    application/json
+    application/xml
+    application/rss+xml
+    application/vnd.ms-fontobject
+    font/truetype
+    font/opentype
+    image/svg+xml;
+
+  server {
+
+    listen 8888;
+    root /flarum/app;
+    index index.php;
+    charset utf-8;
+
+    client_max_body_size <UPLOAD_MAX_SIZE>;
+    fastcgi_buffers 64 4K;
+
+    error_page 403 /403.html;
+    error_page 404 /404.html;
+    error_page 500 /500.html;
+    error_page 503 /503.html;
+
+    location = /403.html { root /flarum/app/vendor/flarum/core/error; }
+    location = /404.html { root /flarum/app/vendor/flarum/core/error; }
+    location = /500.html { root /flarum/app/vendor/flarum/core/error; }
+    location = /503.html { root /flarum/app/vendor/flarum/core/error; }
+
+    location / { try_files $uri $uri/ /index.php?$query_string; }
+    location /api { try_files $uri $uri/ /api.php?$query_string; }
+    location /admin { try_files $uri $uri/ /admin.php?$query_string; }
+
+    # Access path list
+    # --------------------------------------
+    location ~ /\. {
+      deny all;
+      return 404;
+    }
+
+    location ~* ^/(Procfile|storage|Vagrantfile|config\.php|LICENSE|vendor|flarum|scripts) {
+      deny all;
+      return 404;
+    }
+
+    location ~* composer(.*?) {
+      deny all;
+      return 404;
+    }
+
+    location ~* (.*?)\.md {
+      deny all;
+      return 404;
+    }
+
+    # Assets cache control
+    # --------------------------------------
+    location ~* \.(?:html|xml|json)$ {
+      expires -1;
+    }
+
+    location ~* \.(?:css|js)$ {
+      expires 7d;
+      add_header Pragma public;
+      add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    location ~* \.(?:gif|jpe?g|png|ico|otf|eot|svg|ttf|woff|woff2)$ {
+      expires 30d;
+      add_header Pragma public;
+      add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    # PHP Backend
+    # --------------------------------------
+    location ~* \.php$ {
+      try_files $uri =404;
+      include fastcgi_params;
+      fastcgi_split_path_info ^(.+\.php)(/.*)$;
+      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+      fastcgi_param PATH_INFO $fastcgi_path_info;
+      fastcgi_param HTTP_PROXY "";
+      fastcgi_index index.php;
+      fastcgi_pass unix:/tmp/php-fpm.sock;
+      fastcgi_intercept_errors on;
+      fastcgi_request_buffering off;
+      fastcgi_param REMOTE_ADDR $http_x_real_ip;
+    }
+
+  }
+
+}
diff --git a/rootfs/php/conf.d/opcache.ini b/rootfs/etc/php7/conf.d/00_opcache.ini
similarity index 100%
rename from rootfs/php/conf.d/opcache.ini
rename to rootfs/etc/php7/conf.d/00_opcache.ini
diff --git a/rootfs/etc/php7/php-fpm.conf b/rootfs/etc/php7/php-fpm.conf
new file mode 100644
index 0000000..2d5979c
--- /dev/null
+++ b/rootfs/etc/php7/php-fpm.conf
@@ -0,0 +1,15 @@
+[global]
+daemonize = no
+error_log = /tmp/php_error.log
+
+[www]
+listen = /tmp/php-fpm.sock
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+chdir = /
+php_admin_value[expose_php] = Off
+php_admin_value[post_max_size] = <UPLOAD_MAX_SIZE>
+php_admin_value[upload_max_filesize] = <UPLOAD_MAX_SIZE>
diff --git a/rootfs/nginx/sites-enabled/flarum.conf b/rootfs/nginx/sites-enabled/flarum.conf
deleted file mode 100644
index c3e07b1..0000000
--- a/rootfs/nginx/sites-enabled/flarum.conf
+++ /dev/null
@@ -1,80 +0,0 @@
-server {
-
-  listen 8888;
-  root /flarum/app;
-  index index.php;
-  charset utf-8;
-
-  fastcgi_buffers 64 4K;
-
-  error_page 403 /403.html;
-  error_page 404 /404.html;
-  error_page 500 /500.html;
-  error_page 503 /503.html;
-
-  location = /403.html { root /flarum/app/vendor/flarum/core/error; }
-  location = /404.html { root /flarum/app/vendor/flarum/core/error; }
-  location = /500.html { root /flarum/app/vendor/flarum/core/error; }
-  location = /503.html { root /flarum/app/vendor/flarum/core/error; }
-
-  location / { try_files $uri $uri/ /index.php?$query_string; }
-  location /api { try_files $uri $uri/ /api.php?$query_string; }
-  location /admin { try_files $uri $uri/ /admin.php?$query_string; }
-
-  # Access path list
-  # --------------------------------------
-  location ~ /\. {
-    deny all;
-    return 404;
-  }
-
-  location ~* ^/(Procfile|storage|Vagrantfile|config\.php|LICENSE|vendor|flarum|scripts) {
-    deny all;
-    return 404;
-  }
-
-  location ~* composer(.*?) {
-    deny all;
-    return 404;
-  }
-
-  location ~* (.*?)\.md {
-    deny all;
-    return 404;
-  }
-
-  # Assets cache control
-  # --------------------------------------
-  location ~* \.(?:html|xml|json)$ {
-    expires -1;
-  }
-
-  location ~* \.(?:css|js)$ {
-    expires 7d;
-    add_header Pragma public;
-    add_header Cache-Control "public, must-revalidate, proxy-revalidate";
-  }
-
-  location ~* \.(?:gif|jpe?g|png|ico|otf|eot|svg|ttf|woff|woff2)$ {
-    expires 30d;
-    add_header Pragma public;
-    add_header Cache-Control "public, must-revalidate, proxy-revalidate";
-  }
-
-  # PHP Backend
-  # --------------------------------------
-  location ~* \.php$ {
-    try_files $uri =404;
-    include /nginx/conf/fastcgi_params;
-    fastcgi_split_path_info ^(.+\.php)(/.*)$;
-    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-    fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_param HTTP_PROXY "";
-    fastcgi_index index.php;
-    fastcgi_pass unix:/php/run/php-fpm.sock;
-    fastcgi_intercept_errors on;
-    fastcgi_request_buffering off;
-    fastcgi_param REMOTE_ADDR $http_x_real_ip;
-  }
-
-}
diff --git a/rootfs/services/.s6-svscan/finish b/rootfs/services/.s6-svscan/finish
new file mode 100644
index 0000000..039e4d0
--- /dev/null
+++ b/rootfs/services/.s6-svscan/finish
@@ -0,0 +1,2 @@
+#!/bin/sh
+exit 0
diff --git a/rootfs/services/nginx/run b/rootfs/services/nginx/run
new file mode 100644
index 0000000..eaf8049
--- /dev/null
+++ b/rootfs/services/nginx/run
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec nginx
diff --git a/rootfs/services/php/run b/rootfs/services/php/run
new file mode 100644
index 0000000..e238021
--- /dev/null
+++ b/rootfs/services/php/run
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec php-fpm7
diff --git a/rootfs/usr/local/bin/run.sh b/rootfs/usr/local/bin/run.sh
index 09ace2f..f5a5055 100644
--- a/rootfs/usr/local/bin/run.sh
+++ b/rootfs/usr/local/bin/run.sh
@@ -23,14 +23,18 @@ if [ -z "$FORUM_URL" ]; then
   exit 1
 fi
 
-sed -i -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \
-       -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /php/etc/php-fpm.conf
+sed -i "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7/php-fpm.conf
 
 # Set permissions
-chown -R $UID:$GID /flarum /nginx /php /var/log /tmp /etc/s6.d
+chown -R $UID:$GID /flarum /services /var/log /var/lib/nginx
 
 cd /flarum/app
 
+# Disable custom errors pages if debug mode is enabled
+if [ "$DEBUG" = true ]; then
+  sed -i '/error_page/ s/^/#/' /etc/nginx/nginx.conf
+fi
+
 # Custom HTTP errors pages
 if [ -d 'assets/errors' ]; then
   echo "[INFO] Found custom errors pages"
@@ -92,4 +96,4 @@ fi
 chown -R $UID:$GID /flarum
 
 # RUN !
-exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d
+exec su-exec $UID:$GID /bin/s6-svscan /services