Alpinize + Dockerize Ushahidi

2018-01-24 15:18:55 +01:00 · 2018-01-24 15:18:55 +01:00 · 3e341b88bd
commit 3e341b88bd
parent 3f9555efaf
16 changed files with 149 additions and 72 deletions
--- a/ushahidi.sh
+++ b/ushahidi.sh
@ -1,54 +1,42 @@
-#!/bin/bash
+#!/bin/sh

 SOURCE_DIR=$(realpath $(dirname "${0}"))/ushahidi

-# Install dependencies for Ushahidi
-apt-get -y --no-install-recommends install php7.0-curl php7.0-gd php7.0-fpm php7.0-json php7.0-imap php7.0-mcrypt php7.0-mysql
+# Check prerequisites
+docker image ls | grep -q mariadb || $(realpath $(dirname "${0}"))/mariadb.sh

-# Install Ushahidi
-wget https://github.com/ushahidi/platform-release/releases/download/v3.7.1/ushahidi-platform-release-v3.7.1.tar.gz -O /tmp/ushahidi.tar.gz
-tar xzf /tmp/ushahidi.tar.gz -C /tmp
-mv /tmp/ushahidi-platform-release-v3.7.1/html /srv/ushahidi
-rm -f /tmp/ushahidi.tar.gz
-rm -rf /tmp/ushahidi-platform-release-v3.7.1
+# Build Docker container
+docker build -t ushahidi ${SOURCE_DIR}

 # Create database
 export USHAHIDI_PWD=$(head -c 18 /dev/urandom | base64)
-envsubst <${SOURCE_DIR}/tmp/ushahidi-createdb.sql >/tmp/ushahidi-createdb.sql
-mysql </tmp/ushahidi-createdb.sql
-rm -f /tmp/ushahidi-createdb.sql
+envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i mariadb mysql

 # Configure Ushahidi
-envsubst <${SOURCE_DIR}/srv/ushahidi/platform/.env >/srv/ushahidi/platform/.env
+mkdir /srv/ushahidi
+envsubst <${SOURCE_DIR}/srv/ushahidi/.env >/srv/ushahidi/.env

 # Populate database
-cd /srv/ushahidi/platform
-./bin/phinx migrate -c application/phinx.php
+docker run --rm -h ushahidi --link mariadb -v /srv/ushahidi/.env:/srv/ushahidi/platform/.env ushahidi /srv/ushahidi/platform/bin/phinx migrate -c /srv/ushahidi/platform/application/phinx.php

 # Create admin account
 export USHAHIDI_ADMIN_USER=admin@example.com
 export USHAHIDI_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
-export USHAHIDI_ADMIN_HASH=$(php -r "echo password_hash('${USHAHIDI_ADMIN_PWD}', PASSWORD_BCRYPT);")
-envsubst <${SOURCE_DIR}/tmp/ushahidi-adminpwd.sql >/tmp/ushahidi-adminpwd.sql
-mysql ushahidi </tmp/ushahidi-adminpwd.sql
-rm -f /tmp/ushahidi-adminpwd.sql
+export USHAHIDI_ADMIN_HASH=$(docker run --rm ushahidi php -r "echo password_hash('${USHAHIDI_ADMIN_PWD}', PASSWORD_BCRYPT);")
+envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql ushahidi

-# Create OS user
-adduser --system --group --home /srv/ushahidi --shell /bin/false ushahidi
-chown -R ushahidi:www-data /srv/ushahidi/
+# Create Ushahidi service
+cp ${SOURCE_DIR}/etc/init.d/ushahidi /etc/init.d/ushahidi
+rc-update add ushahidi boot
+service ushahidi start

-# Create PHP and nginx app definition
-cp ${SOURCE_DIR}/etc/php/7.0/fpm/pool.d/ushahidi.conf /etc/php/7.0/fpm/pool.d/ushahidi.conf
-cp ${SOURCE_DIR}/etc/nginx/sites-available/ushahidi /etc/nginx/sites-available/ushahidi
-ln -s /etc/nginx/sites-available/ushahidi /etc/nginx/sites-enabled/ushahidi
-
-# Restart services
-systemctl restart php7.0-fpm
-systemctl restart nginx
+# Create nginx app definition
+cp ${SOURCE_DIR}/etc/nginx/conf.d/ushahidi.conf /etc/nginx/conf.d/ushahidi.conf
+service nginx reload

 # Install cron job
-cp ${SOURCE_DIR}/etc/cron.d/ushahidi /etc/cron.d/ushahidi
+cp ${SOURCE_DIR}/etc/periodic/15min/ushahidi /etc/periodic/15min/ushahidi

 # Add portal application definition
-portal-app-manager ushahidi "https://{host}:8002/" "${USHAHIDI_ADMIN_USER}" "${USHAHIDI_ADMIN_PWD}"
+portal-app-manager ushahidi "https://{host}:8414/" "${USHAHIDI_ADMIN_USER}" "${USHAHIDI_ADMIN_PWD}"
 portal-app-manager ushahidi-mobile
--- a/ushahidi/Dockerfile
+++ b/ushahidi/Dockerfile
@ -0,0 +1,27 @@
+FROM alpine:3.7
+MAINTAINER Disassembler <disassembler@dasm.cz>
+
+RUN \
+ # Install PHP runtime
+ apk --no-cache add nginx php7-fpm s6
+
+RUN \
+ # Install runtime dependencies
+ apk --no-cache add php7 php7-ctype php7-curl php7-gd php7-imap php7-json php7-mbstring php7-mcrypt php7-mysqli php7-opcache php7-pdo_mysql
+
+RUN \
+ # Download Ushahidi
+ wget https://github.com/ushahidi/platform-release/releases/download/v3.8.0/ushahidi-platform-release-v3.8.0.tar.gz -O /tmp/ushahidi.tgz \
+ && tar xzf /tmp/ushahidi.tgz -C /tmp \
+ && mv /tmp/ushahidi-platform-release-v3.8.0/html /srv/ushahidi \
+ # Create OS user
+ && addgroup -S -g 8014 ushahidi \
+ && adduser -S -u 8014 -h /srv/ushahidi -s /bin/false -g ushahidi -G ushahidi ushahidi \
+ # Cleanup
+ && rm -rf /tmp/ushahidi.tgz /tmp/ushahidi-platform-release-v3.8.0
+
+COPY docker/ /
+
+EXPOSE 8014
+
+CMD ["s6-svscan", "/etc/services.d"]
--- a/ushahidi/tmp/ushahidi-adminpwd.sql
+++ b/ushahidi/tmp/ushahidi-adminpwd.sql
--- a/ushahidi/tmp/ushahidi-createdb.sql
+++ b/ushahidi/tmp/ushahidi-createdb.sql
--- a/ushahidi/docker/etc/nginx/nginx.conf
+++ b/ushahidi/docker/etc/nginx/nginx.conf
@ -0,0 +1,42 @@
+user nginx;
+pid /run/nginx.pid;
+worker_processes 1;
+error_log /dev/stderr warn;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	include mime.types;
+	default_type application/octet-stream;
+
+	access_log off;
+	server_tokens off;
+	client_max_body_size 100m;
+	keepalive_timeout 65;
+	sendfile on;
+	tcp_nodelay on;
+
+	server {
+		listen 8014;
+		server_name localhost;
+
+		root /srv/ushahidi;
+		index index.php;
+
+		location / {
+			try_files $uri /index.html;
+		}
+
+		location /platform {
+			fastcgi_index index.php;
+			include fastcgi_params;
+			fastcgi_param SCRIPT_FILENAME $document_root/platform/httpdocs/index.php;
+			fastcgi_split_path_info ^(/platform/)(.*)$;
+			fastcgi_param PATH_INFO $fastcgi_path_info;
+			fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
+			fastcgi_pass unix:/var/run/ushahidi.sock;
+		}
+	}
+}
--- a/ushahidi/docker/etc/php7/php-fpm.conf
+++ b/ushahidi/docker/etc/php7/php-fpm.conf
@ -0,0 +1,13 @@
+[global]
+error_log = /proc/self/fd/2
+daemonize = no
+
+[ushahidi]
+catch_workers_output = yes
+user = ushahidi
+group = ushahidi
+listen.owner = nginx
+listen.group = nginx
+listen = /var/run/ushahidi.sock
+pm = ondemand
+pm.max_children = 8
--- a/ushahidi/docker/etc/services.d/.s6-svscan/finish
+++ b/ushahidi/docker/etc/services.d/.s6-svscan/finish
@ -0,0 +1,3 @@
+#!/bin/sh
+
+/bin/true
--- a/ushahidi/docker/etc/services.d/nginx/run
+++ b/ushahidi/docker/etc/services.d/nginx/run
@ -0,0 +1,3 @@
+#!/bin/execlineb -P
+
+/usr/sbin/nginx -g "daemon off;"
--- a/ushahidi/docker/etc/services.d/php-fpm/run
+++ b/ushahidi/docker/etc/services.d/php-fpm/run
@ -0,0 +1,3 @@
+#!/bin/execlineb -P
+
+/usr/sbin/php-fpm7 -F
--- a/ushahidi/etc/cron.d/ushahidi
+++ b/ushahidi/etc/cron.d/ushahidi
@ -1,4 +0,0 @@
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi dataprovider outgoing >/dev/null
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi dataprovider incoming >/dev/null
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi savedsearch >/dev/null
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi notification queue >/dev/null
--- a/ushahidi/etc/init.d/ushahidi
+++ b/ushahidi/etc/init.d/ushahidi
@ -0,0 +1,17 @@
+#!/sbin/openrc-run
+
+description="Ushahidi docker container"
+
+depend() {
+	need docker net
+	use dns logger netmount
+	after mariadb
+}
+
+start() {
+	/usr/bin/docker run -d --rm --name ushahidi -h ushahidi --link mariadb -p 127.0.0.1:9014:8014 -v /srv/ushahidi/.env:/srv/ushahidi/platform/.env ushahidi
+}
+
+stop() {
+	/usr/bin/docker stop ushahidi
+}
--- a/ushahidi/etc/nginx/conf.d/ushahidi.conf
+++ b/ushahidi/etc/nginx/conf.d/ushahidi.conf
@ -0,0 +1,14 @@
+server {
+    listen [::]:8014 ipv6only=off;
+    listen [::]:8414 ssl http2 ipv6only=off;
+
+    access_log /var/log/nginx/ushahidi.access.log;
+    error_log /var/log/nginx/ushahidi.error.log;
+
+    location / {
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Host $host:$server_port;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_pass http://127.0.0.1:9014;
+    }
+}
--- a/ushahidi/etc/nginx/sites-available/ushahidi
+++ b/ushahidi/etc/nginx/sites-available/ushahidi
@ -1,23 +0,0 @@
-server {
-    listen 8002 ssl http2;
-    listen [::]:8002 ssl http2;
-
-    access_log /var/log/nginx/ushahidi.access.log;
-    error_log /var/log/nginx/ushahidi.error.log;
-
-    root /srv/ushahidi;
-
-    location /platform {
-        fastcgi_index index.php;
-        include fastcgi.conf;
-        fastcgi_param SCRIPT_FILENAME $document_root/platform/httpdocs/index.php;
-        fastcgi_split_path_info ^(/platform/)(.*)$;
-        fastcgi_param PATH_INFO $fastcgi_path_info;
-        fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
-        fastcgi_pass unix:/run/php/ushahidi.sock;
-    }
-
-    location / {
-        try_files $uri /index.html;
-    }
-}
--- a/ushahidi/etc/periodic/15min/ushahidi
+++ b/ushahidi/etc/periodic/15min/ushahidi
@ -0,0 +1,6 @@
+#!/bin/sh
+
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi dataprovider outgoing' >/dev/null
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi dataprovider incoming' >/dev/null
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi savedsearch' >/dev/null
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi notification queue' >/dev/null
--- a/ushahidi/etc/php/7.0/fpm/pool.d/ushahidi.conf
+++ b/ushahidi/etc/php/7.0/fpm/pool.d/ushahidi.conf
@ -1,12 +0,0 @@
-[ushahidi]
-user = ushahidi
-group = ushahidi
-
-listen = /run/php/ushahidi.sock
-listen.owner = www-data
-listen.group = www-data
-
-pm = ondemand
-pm.max_children = 8
-
-php_admin_value[open_basedir] = /srv/ushahidi:/tmp
--- a/ushahidi/srv/ushahidi/platform/.env
+++ b/ushahidi/srv/ushahidi/platform/.env
@ -1,4 +1,4 @@
-DB_HOST=localhost
+DB_HOST=mariadb
 DB_NAME=ushahidi
 DB_USER=ushahidi
 DB_PASS=${USHAHIDI_PWD}