Merge pull request #79 from linuxserver/standard-base

Standard base
This commit is contained in:
Eric Nemchik
2022-11-23 17:06:49 -06:00
committed by GitHub
12 changed files with 224 additions and 255 deletions

View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.15
# set version label
ARG BUILD_DATE
@@ -14,13 +14,15 @@ RUN \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
php7-ctype \
php7-curl \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-pdo_mysql \
php7-tokenizer \
php7-zip && \
php8-ctype \
php8-curl \
php8-intl \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pdo_mysql \
php8-tokenizer \
php8-zip \
tar && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
@@ -37,3 +39,7 @@ RUN \
# add local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.15
# set version label
ARG BUILD_DATE
@@ -14,13 +14,15 @@ RUN \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
php7-ctype \
php7-curl \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-pdo_mysql \
php7-tokenizer \
php7-zip && \
php8-ctype \
php8-curl \
php8-intl \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pdo_mysql \
php8-tokenizer \
php8-zip \
tar && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
@@ -37,3 +39,7 @@ RUN \
# add local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.15
# set version label
ARG BUILD_DATE
@@ -14,13 +14,15 @@ RUN \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
php7-ctype \
php7-curl \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-pdo_mysql \
php7-tokenizer \
php7-zip && \
php8-ctype \
php8-curl \
php8-intl \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pdo_mysql \
php8-tokenizer \
php8-zip \
tar && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
@@ -37,3 +39,7 @@ RUN \
# add local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

View File

@@ -76,7 +76,7 @@ Access the web gui at http://SERVERIP:PORT
### Adding password protection
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. Uncomment the `basic auth` lines in `/config/nginx/site-confs/default.conf` and restart the container.
## Usage
@@ -240,9 +240,9 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **14.11.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)).
* **04.11.22:** - Build commits to upstream branch 2.x for the `development` tag.
* **13.03.21:** - Make searchproviders.yaml user configurable.
* **11.03.21:** - Rebase to alpine 3.14.
* **10.02.21:** - Revert to alpine 3.12 as php 7.4 broke laravel.
* **10.02.21:** - Rebasing to alpine 3.13.
* **17.08.20:** - Add php7-curl.
@@ -265,5 +265,5 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
* **07.10.18:** - Symlink `.env` rather than copy. It now resides under `/config/www`
* **30.09.18:** - Multi-arch image. Move `.env` to `/config`.
* **05.09.18:** - Rebase to alpine linux 3.8.
* **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place
* **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place
* **12.02.18:** - Initial Release.

View File

@@ -45,13 +45,13 @@ app_setup_block: |
### Adding password protection
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. Uncomment the `basic auth` lines in `/config/nginx/site-confs/default.conf` and restart the container.
# changelog
changelogs:
- { date: "14.11.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
- { date: "04.11.22:", desc: "Build commits to upstream branch 2.x for the `development` tag." }
- { date: "13.03.21:", desc: "Make searchproviders.yaml user configurable." }
- { date: "11.03.21:", desc: "Rebase to alpine 3.14." }
- { date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel." }
- { date: "10.02.21:", desc: "Rebasing to alpine 3.13." }
- { date: "17.08.20:", desc: "Add php7-curl." }
@@ -74,5 +74,5 @@ changelogs:
- { date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`" }
- { date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`." }
- { date: "05.09.18:", desc: "Rebase to alpine linux 3.8." }
- { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place" }
- { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place" }
- { date: "12.02.18:", desc: "Initial Release." }

View File

@@ -1,43 +0,0 @@
## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
server {
listen 80 default_server;
listen 443 ssl;
root /var/www/localhost/heimdall/public;
index index.php index.html index.htm;
server_name _;
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
client_max_body_size 0;
error_page 599 = @noauth;
location / {
if (!-f /config/nginx/.htpasswd) {
return 599;
}
auth_basic "Restricted";
auth_basic_user_file /config/nginx/.htpasswd;
try_files $uri $uri/ /index.php?$args;
}
location @noauth {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# With php5-cgi alone:
fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}

View File

@@ -1,98 +0,0 @@
user abc;
worker_processes 4;
pid /run/nginx.pid;
include /etc/nginx/modules/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
client_max_body_size 0;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /config/log/nginx/access.log;
error_log /config/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /config/nginx/site-confs/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
daemon off;

View File

@@ -0,0 +1,34 @@
## Version 2022/11/14 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/nginx/site-confs/default.conf.sample
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
root /app/www/public;
index index.html index.htm index.php;
location / {
# enable for basic auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
try_files $uri $uri/ /index.html /index.php$is_args$args;
}
location ~ ^(.+\.php)(.*)$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
# deny access to .htaccess/.htpasswd files
location ~ /\.ht {
deny all;
}
}

View File

@@ -3,52 +3,60 @@
# make our folders
mkdir -p \
/config/www/{backgrounds,icons,avatars,SupportedApps} \
/var/www/localhost/heimdall \
/app/www \
/config/log/heimdall
# install heimdall if necessary
[[ -f /heimdall/heimdall.tar.gz ]] && \
echo "New container detected, installing Heimdall" && \
if [[ -f /heimdall/heimdall.tar.gz ]]; then
echo "New container detected, installing Heimdall"
tar xf \
/heimdall/heimdall.tar.gz -C \
/var/www/localhost/heimdall --strip-components=1 && \
/app/www --strip-components=1
echo -e '\n# Heimdall user authorization\nfastcgi_param PHP_AUTH_USER $remote_user;\nfastcgi_param PHP_AUTH_PW $http_authorization;' >> \
/etc/nginx/fastcgi_params && \
rm -rf /heimdall && \
cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig && \
chown -R abc:abc /var/www/localhost/heimdall
/etc/nginx/fastcgi_params
rm -rf /heimdall
cp /app/www/storage/app/searchproviders.yaml /app/www/storage/app/searchproviders.yaml.orig
chown -R abc:abc /app/www
fi
# create symlinks
symlinks=( \
/var/www/localhost/heimdall/storage/app/public/avatars \
/var/www/localhost/heimdall/storage/app/public/backgrounds \
/var/www/localhost/heimdall/storage/app/public/icons \
/var/www/localhost/heimdall/app/SupportedApps \
/var/www/localhost/heimdall/database/app.sqlite \
/var/www/localhost/heimdall/.env )
/app/www/storage/app/public/avatars \
/app/www/storage/app/public/backgrounds \
/app/www/storage/app/public/icons \
/app/www/app/SupportedApps \
/app/www/database/app.sqlite \
/app/www/.env )
for i in "${symlinks[@]}"
do
[[ -e "$i" && ! -L "$i" ]] && rm -rf "$i"
[[ ! -L "$i" ]] && ln -s /config/www/"$(basename "$i")" "$i"
if [[ -e "$i" && ! -L "$i" ]]; then
rm -rf "$i"
fi
if [[ ! -L "$i" ]]; then
ln -s /config/www/"$(basename "$i")" "$i"
fi
done
[[ -e "/var/www/localhost/heimdall/storage/logs/laravel.log" && ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] \
&& rm -rf "/var/www/localhost/heimdall/storage/logs/laravel.log"
[[ ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] && \
ln -s "/config/log/heimdall/laravel.log" "/var/www/localhost/heimdall/storage/logs/laravel.log"
if [[ -e "/app/www/storage/logs/laravel.log" && ! -L "/app/www/storage/logs/laravel.log" ]]; then
rm -rf "/app/www/storage/logs/laravel.log"
fi
if [[ ! -L "/app/www/storage/logs/laravel.log" ]]; then
ln -s "/config/log/heimdall/laravel.log" "/app/www/storage/logs/laravel.log"
fi
# copy .env if not exists
[[ ! -f /config/www/.env ]] && \
cp /var/www/localhost/heimdall/.env.example /config/www/.env && \
echo "Creating app key. This may take a while on slower systems" && \
php /var/www/localhost/heimdall/artisan key:generate
if [[ ! -f /config/www/.env ]]; then
cp /app/www/.env.example /config/www/.env
echo "Creating app key. This may take a while on slower systems"
php /app/www/artisan key:generate
fi
# copy searchproviders if not exists and symlink
[[ ! -f /config/www/searchproviders.yaml ]] && \
cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml
rm -rf /var/www/localhost/heimdall/storage/app/searchproviders.yaml
ln -s /config/www/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml
if [[ ! -f /config/www/searchproviders.yaml ]]; then
cp /app/www/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml
fi
rm -rf /app/www/storage/app/searchproviders.yaml
ln -s /config/www/searchproviders.yaml /app/www/storage/app/searchproviders.yaml
# set queue driver to database
sed -i 's/QUEUE_DRIVER=sync/QUEUE_DRIVER=database/' /config/www/.env

View File

@@ -1,4 +1,4 @@
#!/usr/bin/with-contenv bash
exec \
s6-setuidgid abc php /var/www/localhost/heimdall/artisan queue:work database --sleep=3 --tries=3
s6-setuidgid abc php /app/www/artisan queue:work database --sleep=3 --tries=3

View File

@@ -0,0 +1,10 @@
#!/usr/bin/with-contenv bash
DEFAULT_CONF="/config/nginx/site-confs/default.conf"
OLD_ROOT="root /var/www/localhost/heimdall/public;"
NEW_ROOT="root /app/www/public;"
if grep -q "${OLD_ROOT}" "${DEFAULT_CONF}" 2>/dev/null; then
echo "updating root in ${DEFAULT_CONF}"
sed -i "s|${OLD_ROOT}|${NEW_ROOT}|" "${DEFAULT_CONF}"
fi

View File

@@ -0,0 +1,40 @@
<html>
<head>
<title>Upgrade Required!</title>
<style>
body{
font-family: Helvetica, Arial, sans-serif;
}
.message{
width:440px;
padding:20px 40px;
margin:0 auto;
background-color:#f9f9f9;
border:1px solid #ddd;
color: #1e3d62;
}
center{
margin:40px 0;
}
h1{
font-size: 18px;
line-height: 26px;
}
p{
font-size: 12px;
}
a{
color: rgb(207, 48, 139);
}
</style>
</head>
<body>
<div class="message">
<h1>Upgrade Required!</h1>
<p>The application inside this image has been moved to a new folder.</p>
<p>You will need to update your <strong>/config/nginx/nginx.conf</strong> and <strong>/config/nginx/site-confs/default.conf</strong> in order for the application to work.</p>
<p>New config samples are located at <strong>/config/nginx/nginx.conf.sample</strong> and <strong>/config/nginx/site-confs/default.conf.sample</strong></p>
<p>Please review our announcement: <a target="_blank" href="https://info.linuxserver.io/issues/2022-08-20-nginx-base/">Significant changes to nginx based images</a></p>
</div>
</body>
</html>