commit ae2e37e9df252e59fdc0682ffe10c4954d82e2ab Author: Etudiant-Admin Date: Fri Dec 8 11:34:29 2017 +0100 add librenms diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..1bb83df --- /dev/null +++ b/.drone.yml @@ -0,0 +1,12 @@ +pipeline: + build: + image: plugins/docker + registry: registry.dryusdan.fr + repo: registry.dryusdan.fr/dryusdan/librenms + secrets: [ docker_username, docker_password ] + + push: + image: appleboy/drone-git-push + branch: master + remote: git@github.com:Dryusdan/docker-librenms.git + secrets: [ git_push_ssh_key ] diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..d2502ad --- /dev/null +++ b/Dockerfile @@ -0,0 +1,200 @@ +FROM xataz/alpine:3.7 + +ARG BUILD_CORES + +ARG NGINX_VER=1.13.7 +ARG NGINX_CONF="--prefix=/nginx \ + --sbin-path=/usr/local/sbin/nginx \ + --http-log-path=/nginx/logs/nginx_access.log \ + --error-log-path=/nginx/logs/nginx_error.log \ + --pid-path=/nginx/run/nginx.pid \ + --lock-path=/nginx/run/nginx.lock \ + --user=web --group=web \ + --with-http_ssl_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_stub_status_module \ + --with-threads \ + --with-stream \ + --with-stream_ssl_module \ + --with-http_slice_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-http_v2_module \ + --with-ipv6" +ARG NGINX_GPG="573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 \ + A09CD539B8BB8CBE96E82BDFABD4D3B3F5806B4D \ + 4C2C85E705DC730833990C38A9376139A524C53E \ + 65506C02EFC250F1B7A3D694ECF0E90B2C172083 \ + B0F4253373F8F6F510D42178520A9993A1C052F8 \ + 7338973069ED3F443F4D37DFA64FD5B17ADB39A8" + +ARG PHP_VER=7.1.10 +ARG PHP_MIRROR=http://fr2.php.net +ARG PHP_CONF="--enable-fpm \ + --with-fpm-user=web \ + --with-fpm-group=web \ + --with-config-file-path="/php" \ + --with-config-file-scan-dir="/php/conf.d" \ + --disable-cgi \ + --enable-mysqlnd \ + --enable-mbstring \ + --with-curl \ + --with-libedit \ + --with-openssl \ + --with-zlib" +ARG PHP_GPG="A917B1ECDA84AEC2B568FED6F50ABC807BD5DCD0 \ + 528995BFEDFBA7191D46839EF9BA0ADA31CBD89E" + +ARG PHP_EXT_LIST="gd \ + mysqli \ + ctype \ + dom \ + iconv \ + json \ + xml \ + mbstring \ + posix \ + xmlwriter \ + zip \ + sqlite3 \ + pdo_sqlite \ + pdo_pgsql \ + pdo_mysql \ + curl \ + fileinfo \ + bz2 \ + intl \ + mcrypt \ + openssl \ + ldap \ + simplexml \ + pgsql \ + ftp \ + exif \ + gmp \ + snmp \ + mbstring" +ARG CUSTOM_BUILD_PKGS="freetype-dev \ + openldap-dev \ + gmp-dev \ + sqlite-dev \ + postgresql-dev \ + libmcrypt-dev \ + bzip2-dev \ + icu-dev \ + libzip-dev \ + libc-dev" +ARG CUSTOM_PKGS="freetype \ + openldap \ + gmp \ + libmcrypt \ + libpng \ + libjpeg-turbo \ + freetype \ + libwebp \ + libxpm \ + libzip \ + sqlite-libs \ + libpq \ + libcurl \ + libbz2 \ + icu-libs \ + libgcc \ + libstdc++ \ + whois \ + snmptt \ + rrdtool \ + py-mysqldb \ + nmap \ + mtr \ + mariadb-client \ + imagemagick \ + graphviz \ + git \ + fping \ + composer \ + libldap" + +ENV UID=991 \ + GID=991 + +COPY rootfs / + +RUN export BUILD_DEPS="build-base \ + wget \ + gnupg \ + autoconf \ + libressl-dev \ + g++ \ + pcre-dev \ + curl-dev \ + libedit-dev \ + gcc \ + zlib-dev \ + make \ + pkgconf \ + wget \ + ca-certificates \ + libxml2-dev \ + ${CUSTOM_BUILD_PKGS}" \ + && NB_CORES=${BUILD_CORES-$(grep -c "processor" /proc/cpuinfo)} \ + && apk add -U ${BUILD_DEPS} \ + curl \ + libedit \ + libxml2 \ + libressl \ + pcre \ + zlib \ + s6 \ + su-exec \ + ${CUSTOM_PKGS} \ + && wget http://nginx.org/download/nginx-${NGINX_VER}.tar.gz -O /tmp/nginx-${NGINX_VER}.tar.gz \ + && wget http://nginx.org/download/nginx-${NGINX_VER}.tar.gz.asc -O /tmp/nginx-${NGINX_VER}.tar.gz.asc \ + && wget ${PHP_MIRROR}/get/php-${PHP_VER}.tar.gz/from/this/mirror -O /tmp/php-${PHP_VER}.tar.gz \ + && wget ${PHP_MIRROR}/get/php-${PHP_VER}.tar.gz.asc/from/this/mirror -O /tmp/php-${PHP_VER}.tar.gz.asc \ + && for server in ha.pool.sks-keyservers.net hkp://keyserver.ubuntu.com:80 hkp://p80.pool.sks-keyservers.net:80 pgp.mit.edu; \ + do \ + echo "Fetching GPG key $NGINX_GPG from $server"; \ + gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys $NGINX_GPG && found=yes && break; \ + done \ + && gpg --batch --verify /tmp/nginx-${NGINX_VER}.tar.gz.asc /tmp/nginx-${NGINX_VER}.tar.gz \ + && for server in ha.pool.sks-keyservers.net hkp://keyserver.ubuntu.com:80 hkp://p80.pool.sks-keyservers.net:80 pgp.mit.edu; \ + do \ + echo "Fetching GPG key $PHP_GPG from $server"; \ + gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys $PHP_GPG && found=yes && break; \ + done \ + && gpg --batch --verify /tmp/php-${PHP_VER}.tar.gz.asc /tmp/php-${PHP_VER}.tar.gz \ + && mkdir -p /php/conf.d \ + && mkdir -p /usr/src \ + && tar xzf /tmp/nginx-${NGINX_VER}.tar.gz -C /usr/src \ + && tar xzvf /tmp/php-${PHP_VER}.tar.gz -C /usr/src \ + && cd /usr/src/nginx-${NGINX_VER} \ + && ./configure ${NGINX_CONF} \ + && make -j ${NB_CORES} \ + && make install \ + && mv /usr/src/php-${PHP_VER} /usr/src/php \ + && cd /usr/src/php \ + && ./configure ${PHP_CONF} \ + && make -j ${NB_CORES} \ + && make install \ + && { find /usr/local/bin /usr/local/sbin -type f -perm +0111 -exec strip --strip-all '{}' + || true; } \ + && make clean \ + && chmod u+x /usr/local/bin/* /etc/s6.d/*/* \ + && if [ "${PHP_EXT_LIST}" != "" ]; then docker-php-ext-install ${PHP_EXT_LIST}; fi \ + && git clone https://github.com/librenms/librenms.git /librenms \ + && apk del ${BUILD_DEPS} \ + && rm -rf /tmp/* /var/cache/apk/* /usr/src/* + +EXPOSE 8080 8443 + +ENTRYPOINT ["/usr/local/bin/startup"] +CMD ["/bin/s6-svscan", "/etc/s6.d"] diff --git a/rootfs/etc/s6.d/.s6-svscan/finish b/rootfs/etc/s6.d/.s6-svscan/finish new file mode 100644 index 0000000..92b94c4 --- /dev/null +++ b/rootfs/etc/s6.d/.s6-svscan/finish @@ -0,0 +1,3 @@ +#!/bin/sh + +exit 0 \ No newline at end of file diff --git a/rootfs/etc/s6.d/nginx/run b/rootfs/etc/s6.d/nginx/run new file mode 100644 index 0000000..d4cc3ab --- /dev/null +++ b/rootfs/etc/s6.d/nginx/run @@ -0,0 +1,7 @@ +#!/bin/sh + +if test -f ./setup; then + source ./setup +fi + +exec nginx -g 'daemon off;' \ No newline at end of file diff --git a/rootfs/etc/s6.d/nginx/setup b/rootfs/etc/s6.d/nginx/setup new file mode 100644 index 0000000..d3473c8 --- /dev/null +++ b/rootfs/etc/s6.d/nginx/setup @@ -0,0 +1,32 @@ +#!/bin/sh + +mkdir -p /nginx/logs /nginx/run /nginx/sites-enabled /nginx/www/html + +if [ "$(ls /nginx/sites-enabled)" == "" ];then + echo " + server { + listen 8080; + root /nginx/www/html; + index index.html index.htm index.php; + + location ~ \.php$ { + include /nginx/conf.d/php.conf; + } + } + " > /nginx/sites-enabled/default.conf +fi + +if [ "$(ls /nginx/www/html/)" == "" ];then +mkdir -p /nginx/www/html +echo " + + Alpine Docker and Nginx +

Nginx $(nginx -v 2>&1 | cut -d/ -f2) and $(php-fpm -v | head -1 | awk '{print $1,$2}') on $(hostname)

+

+ Nginx + php-fpm running inside a $(du -sh / 2> /dev/null | awk '{print $1}') Alpine Docker Container.
+

+ +" > /nginx/www/html/index.php +fi \ No newline at end of file diff --git a/rootfs/etc/s6.d/php/run b/rootfs/etc/s6.d/php/run new file mode 100644 index 0000000..8ddacf0 --- /dev/null +++ b/rootfs/etc/s6.d/php/run @@ -0,0 +1,7 @@ +#!/bin/sh + +if test -f ./setup; then + source ./setup +fi + +exec php-fpm \ No newline at end of file diff --git a/rootfs/etc/s6.d/php/setup b/rootfs/etc/s6.d/php/setup new file mode 100644 index 0000000..fee789e --- /dev/null +++ b/rootfs/etc/s6.d/php/setup @@ -0,0 +1,3 @@ +#!/bin/sh + +mkdir -p /php/php-fpm.d /php/logs /php/run \ No newline at end of file diff --git a/rootfs/nginx/conf.d/php.conf b/rootfs/nginx/conf.d/php.conf new file mode 100644 index 0000000..911615e --- /dev/null +++ b/rootfs/nginx/conf.d/php.conf @@ -0,0 +1,6 @@ +location ~ \.php$ { + fastcgi_index index.php; + fastcgi_pass unix:/php/run/php-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /nginx/conf/fastcgi_params; +} diff --git a/rootfs/nginx/conf/nginx.conf b/rootfs/nginx/conf/nginx.conf new file mode 100644 index 0000000..2d15f00 --- /dev/null +++ b/rootfs/nginx/conf/nginx.conf @@ -0,0 +1,49 @@ +#user web; +worker_processes auto; +pid /nginx/run/nginx.pid; + +events { + worker_connections 1024; + use epoll; +} + +http { + include /nginx/conf/mime.types; + default_type application/octet-stream; + + access_log /nginx/logs/nginx_access.log combined; + error_log /nginx/logs/nginx_error.log error; + + sendfile on; + keepalive_timeout 15; + keepalive_disable msie6; + keepalive_requests 100; + tcp_nopush on; + tcp_nodelay off; + server_tokens off; + + gzip on; + gzip_comp_level 5; + gzip_min_length 512; + gzip_buffers 4 8k; + gzip_proxied any; + gzip_vary on; + gzip_disable "msie6"; + gzip_types + text/css + text/javascript + text/xml + text/plain + text/x-component + application/javascript + application/x-javascript + application/json + application/xml + application/rss+xml + application/vnd.ms-fontobject + font/truetype + font/opentype + image/svg+xml; + + include /nginx/sites-enabled/*.conf; +} diff --git a/rootfs/nginx/sites-enabled/librenms.conf b/rootfs/nginx/sites-enabled/librenms.conf new file mode 100644 index 0000000..0a9c107 --- /dev/null +++ b/rootfs/nginx/sites-enabled/librenms.conf @@ -0,0 +1,23 @@ +server { + listen 8080; + + root /librenms/html; + index index.php; + + location ~ /\.ht { + deny all; + } + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + location /api/v0 { + try_files $uri $uri/ /api_v0.php?$query_string; + } + location ~ \.php$ { + fastcgi_index index.php; + fastcgi_pass unix:/php/run/php-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /nginx/conf/fastcgi_params; + } +} \ No newline at end of file diff --git a/rootfs/usr/local/bin/docker-php-ext-configure b/rootfs/usr/local/bin/docker-php-ext-configure new file mode 100644 index 0000000..47b0d50 --- /dev/null +++ b/rootfs/usr/local/bin/docker-php-ext-configure @@ -0,0 +1,22 @@ +#!/bin/sh +set -e + +ext="$1" +extDir="/usr/src/php/ext/$ext" +if [ -z "$ext" ] || ! [ -d "$extDir" ]; then + echo >&2 "usage: $0 ext-name [configure flags]" + echo >&2 " ie: $0 gd --with-jpeg-dir=/usr/local/something" + echo >&2 + echo >&2 'Possible values for ext-name:' + echo >&2 $(find /usr/src/php/ext -mindepth 2 -maxdepth 2 -type f -name 'config.m4' | cut -d/ -f6 | sort) + exit 1 +fi +shift + +set -x +cd "$extDir" +if [ -e config0.m4 ]; then + mv config0.m4 config.m4 +fi +phpize +./configure "$@" diff --git a/rootfs/usr/local/bin/docker-php-ext-enable b/rootfs/usr/local/bin/docker-php-ext-enable new file mode 100644 index 0000000..4ed34c7 --- /dev/null +++ b/rootfs/usr/local/bin/docker-php-ext-enable @@ -0,0 +1,83 @@ +#!/bin/sh +set -e + +cd "$(php -r 'echo ini_get("extension_dir");')" + +usage() { + echo "usage: $0 [options] module-name [module-name ...]" + echo " ie: $0 gd mysqli" + echo " $0 pdo pdo_mysql" + echo " $0 --ini-name 0-apc.ini apcu apc" + echo + echo 'Possible values for module-name:' + echo $(find -maxdepth 1 -type f -name '*.so' -exec basename '{}' ';' | sort) +} + +opts="$(getopt -o 'h?' --long 'help,ini-name:' -- "$@" || { usage >&2 && false; })" +eval set -- "$opts" + +iniName= +while true; do + flag="$1" + shift + case "$flag" in + --help|-h|'-?') usage && exit 0 ;; + --ini-name) iniName="$1" && shift ;; + --) break ;; + *) + { + echo "error: unknown flag: $flag" + usage + } >&2 + exit 1 + ;; + esac +done + +modules= +for module; do + if [ -z "$module" ]; then + continue + fi + if [ -f "$module.so" ] && ! [ -f "$module" ]; then + # allow ".so" to be optional + module="$module.so" + fi + if ! [ -f "$module" ]; then + echo >&2 "error: $(readlink -f "$module") does not exist" + echo >&2 + usage >&2 + exit 1 + fi + modules="$modules $module" +done + +if [ -z "$modules" ]; then + usage >&2 + exit 1 +fi + +for module in $modules; do + if nm -g "$module" | grep -q ' zend_extension_entry$'; then + # https://wiki.php.net/internals/extensions#loading_zend_extensions + line="zend_extension=$(readlink -f "$module")" + else + line="extension=$module" + fi + + ext="$(basename "$module")" + ext="${ext%.*}" + if php -r 'exit(extension_loaded("'"$ext"'") ? 0 : 1);'; then + # this isn't perfect, but it's better than nothing + # (for example, 'opcache.so' presents inside PHP as 'Zend OPcache', not 'opcache') + echo >&2 + echo >&2 "warning: $ext ($module) is already loaded!" + echo >&2 + continue + fi + + ini="/php/conf.d/${iniName:-"docker-php-ext-$ext.ini"}" + if ! grep -q "$line" "$ini" 2>/dev/null; then + echo "$line" >> "$ini" + fi +done diff --git a/rootfs/usr/local/bin/docker-php-ext-install b/rootfs/usr/local/bin/docker-php-ext-install new file mode 100644 index 0000000..e47b537 --- /dev/null +++ b/rootfs/usr/local/bin/docker-php-ext-install @@ -0,0 +1,71 @@ +#!/bin/sh +set -e + +cd /usr/src/php/ext + +usage() { + echo "usage: $0 [-jN] ext-name [ext-name ...]" + echo " ie: $0 gd mysqli" + echo " $0 pdo pdo_mysql" + echo " $0 -j5 gd mbstring mysqli pdo pdo_mysql shmop" + echo + echo 'if custom ./configure arguments are necessary, see docker-php-ext-configure' + echo + echo 'Possible values for ext-name:' + echo $(find /usr/src/php/ext -mindepth 2 -maxdepth 2 -type f -name 'config.m4' | cut -d/ -f6 | sort) +} + +opts="$(getopt -o 'h?j:' --long 'help,jobs:' -- "$@" || { usage >&2 && false; })" +eval set -- "$opts" + +j=1 +while true; do + flag="$1" + shift + case "$flag" in + --help|-h|'-?') usage && exit 0 ;; + --jobs|-j) j="$1" && shift ;; + --) break ;; + *) + { + echo "error: unknown flag: $flag" + usage + } >&2 + exit 1 + ;; + esac +done + +exts= +for ext; do + if [ -z "$ext" ]; then + continue + fi + if [ ! -d "$ext" ]; then + echo >&2 "error: $(pwd -P)/$ext does not exist" + echo >&2 + usage >&2 + exit 1 + fi + exts="$exts $ext" +done + +if [ -z "$exts" ]; then + usage >&2 + exit 1 +fi + +for ext in $exts; do + ( + cd "$ext" + [ -e Makefile ] || docker-php-ext-configure "$ext" + make -j"$j" + make -j"$j" install + find modules \ + -maxdepth 1 \ + -name '*.so' \ + -exec basename '{}' ';' \ + | xargs -r docker-php-ext-enable + make -j"$j" clean + ) +done diff --git a/rootfs/usr/local/bin/startup b/rootfs/usr/local/bin/startup new file mode 100644 index 0000000..2f14d5f --- /dev/null +++ b/rootfs/usr/local/bin/startup @@ -0,0 +1,14 @@ +#!/bin/sh + +addgroup -g ${GID} web && adduser -H -s /bin/sh -D -G web -u ${UID} web + +mkdir -p /nginx /php + +chown -R web:web /nginx /php /etc/s6.d +chmod +x /etc/s6.d/*/run /etc/s6.d/.s6-svscan/finish + +if [ '$@' == '' ]; then + exec su-exec web:web /bin/s6-svscan /etc/s6.d +else + exec su-exec web:web "$@" +fi diff --git a/rootfs/usr/local/etc/php-fpm.conf b/rootfs/usr/local/etc/php-fpm.conf new file mode 100644 index 0000000..863beba --- /dev/null +++ b/rootfs/usr/local/etc/php-fpm.conf @@ -0,0 +1,18 @@ +[global] +daemonize = no +error_log = /php/logs/error.log + +[www] +user = web +group = web +listen = /php/run/php-fpm.sock +listen.owner = web +listen.group = web +pm = dynamic +pm.max_children = 5 +pm.start_servers = 2 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 +chdir = / + +include=/php/php-fpm.d/*.conf \ No newline at end of file