From 3e341b88bd1ba8b207376765dcbb9de1da472287 Mon Sep 17 00:00:00 2001
From: Disassembler <disassembler@dasm.cz>
Date: Wed, 24 Jan 2018 15:18:55 +0100
Subject: [PATCH] Alpinize + Dockerize Ushahidi

---
 ushahidi.sh                                   | 52 +++++++------------
 ushahidi/Dockerfile                           | 27 ++++++++++
 .../ushahidi-adminpwd.sql => adminpwd.sql}    |  0
 .../ushahidi-createdb.sql => createdb.sql}    |  0
 ushahidi/docker/etc/nginx/nginx.conf          | 42 +++++++++++++++
 ushahidi/docker/etc/php7/php-fpm.conf         | 13 +++++
 .../docker/etc/services.d/.s6-svscan/finish   |  3 ++
 ushahidi/docker/etc/services.d/nginx/run      |  3 ++
 ushahidi/docker/etc/services.d/php-fpm/run    |  3 ++
 ushahidi/etc/cron.d/ushahidi                  |  4 --
 ushahidi/etc/init.d/ushahidi                  | 17 ++++++
 ushahidi/etc/nginx/conf.d/ushahidi.conf       | 14 +++++
 ushahidi/etc/nginx/sites-available/ushahidi   | 23 --------
 ushahidi/etc/periodic/15min/ushahidi          |  6 +++
 ushahidi/etc/php/7.0/fpm/pool.d/ushahidi.conf | 12 -----
 ushahidi/srv/ushahidi/{platform => }/.env     |  2 +-
 16 files changed, 149 insertions(+), 72 deletions(-)
 create mode 100644 ushahidi/Dockerfile
 rename ushahidi/{tmp/ushahidi-adminpwd.sql => adminpwd.sql} (100%)
 rename ushahidi/{tmp/ushahidi-createdb.sql => createdb.sql} (100%)
 create mode 100644 ushahidi/docker/etc/nginx/nginx.conf
 create mode 100644 ushahidi/docker/etc/php7/php-fpm.conf
 create mode 100755 ushahidi/docker/etc/services.d/.s6-svscan/finish
 create mode 100755 ushahidi/docker/etc/services.d/nginx/run
 create mode 100755 ushahidi/docker/etc/services.d/php-fpm/run
 delete mode 100644 ushahidi/etc/cron.d/ushahidi
 create mode 100755 ushahidi/etc/init.d/ushahidi
 create mode 100644 ushahidi/etc/nginx/conf.d/ushahidi.conf
 delete mode 100644 ushahidi/etc/nginx/sites-available/ushahidi
 create mode 100755 ushahidi/etc/periodic/15min/ushahidi
 delete mode 100644 ushahidi/etc/php/7.0/fpm/pool.d/ushahidi.conf
 rename ushahidi/srv/ushahidi/{platform => }/.env (80%)

diff --git a/ushahidi.sh b/ushahidi.sh
index ce3c6ed..0166a33 100755
--- a/ushahidi.sh
+++ b/ushahidi.sh
@@ -1,54 +1,42 @@
-#!/bin/bash
+#!/bin/sh
 
 SOURCE_DIR=$(realpath $(dirname "${0}"))/ushahidi
 
-# Install dependencies for Ushahidi
-apt-get -y --no-install-recommends install php7.0-curl php7.0-gd php7.0-fpm php7.0-json php7.0-imap php7.0-mcrypt php7.0-mysql
+# Check prerequisites
+docker image ls | grep -q mariadb || $(realpath $(dirname "${0}"))/mariadb.sh
 
-# Install Ushahidi
-wget https://github.com/ushahidi/platform-release/releases/download/v3.7.1/ushahidi-platform-release-v3.7.1.tar.gz -O /tmp/ushahidi.tar.gz
-tar xzf /tmp/ushahidi.tar.gz -C /tmp
-mv /tmp/ushahidi-platform-release-v3.7.1/html /srv/ushahidi
-rm -f /tmp/ushahidi.tar.gz
-rm -rf /tmp/ushahidi-platform-release-v3.7.1
+# Build Docker container
+docker build -t ushahidi ${SOURCE_DIR}
 
 # Create database
 export USHAHIDI_PWD=$(head -c 18 /dev/urandom | base64)
-envsubst <${SOURCE_DIR}/tmp/ushahidi-createdb.sql >/tmp/ushahidi-createdb.sql
-mysql </tmp/ushahidi-createdb.sql
-rm -f /tmp/ushahidi-createdb.sql
+envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i mariadb mysql
 
 # Configure Ushahidi
-envsubst <${SOURCE_DIR}/srv/ushahidi/platform/.env >/srv/ushahidi/platform/.env
+mkdir /srv/ushahidi
+envsubst <${SOURCE_DIR}/srv/ushahidi/.env >/srv/ushahidi/.env
 
 # Populate database
-cd /srv/ushahidi/platform
-./bin/phinx migrate -c application/phinx.php
+docker run --rm -h ushahidi --link mariadb -v /srv/ushahidi/.env:/srv/ushahidi/platform/.env ushahidi /srv/ushahidi/platform/bin/phinx migrate -c /srv/ushahidi/platform/application/phinx.php
 
 # Create admin account
 export USHAHIDI_ADMIN_USER=admin@example.com
 export USHAHIDI_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
-export USHAHIDI_ADMIN_HASH=$(php -r "echo password_hash('${USHAHIDI_ADMIN_PWD}', PASSWORD_BCRYPT);")
-envsubst <${SOURCE_DIR}/tmp/ushahidi-adminpwd.sql >/tmp/ushahidi-adminpwd.sql
-mysql ushahidi </tmp/ushahidi-adminpwd.sql
-rm -f /tmp/ushahidi-adminpwd.sql
+export USHAHIDI_ADMIN_HASH=$(docker run --rm ushahidi php -r "echo password_hash('${USHAHIDI_ADMIN_PWD}', PASSWORD_BCRYPT);")
+envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql ushahidi
 
-# Create OS user
-adduser --system --group --home /srv/ushahidi --shell /bin/false ushahidi
-chown -R ushahidi:www-data /srv/ushahidi/
+# Create Ushahidi service
+cp ${SOURCE_DIR}/etc/init.d/ushahidi /etc/init.d/ushahidi
+rc-update add ushahidi boot
+service ushahidi start
 
-# Create PHP and nginx app definition
-cp ${SOURCE_DIR}/etc/php/7.0/fpm/pool.d/ushahidi.conf /etc/php/7.0/fpm/pool.d/ushahidi.conf
-cp ${SOURCE_DIR}/etc/nginx/sites-available/ushahidi /etc/nginx/sites-available/ushahidi
-ln -s /etc/nginx/sites-available/ushahidi /etc/nginx/sites-enabled/ushahidi
-
-# Restart services
-systemctl restart php7.0-fpm
-systemctl restart nginx
+# Create nginx app definition
+cp ${SOURCE_DIR}/etc/nginx/conf.d/ushahidi.conf /etc/nginx/conf.d/ushahidi.conf
+service nginx reload
 
 # Install cron job
-cp ${SOURCE_DIR}/etc/cron.d/ushahidi /etc/cron.d/ushahidi
+cp ${SOURCE_DIR}/etc/periodic/15min/ushahidi /etc/periodic/15min/ushahidi
 
 # Add portal application definition
-portal-app-manager ushahidi "https://{host}:8002/" "${USHAHIDI_ADMIN_USER}" "${USHAHIDI_ADMIN_PWD}"
+portal-app-manager ushahidi "https://{host}:8414/" "${USHAHIDI_ADMIN_USER}" "${USHAHIDI_ADMIN_PWD}"
 portal-app-manager ushahidi-mobile
diff --git a/ushahidi/Dockerfile b/ushahidi/Dockerfile
new file mode 100644
index 0000000..cc22b80
--- /dev/null
+++ b/ushahidi/Dockerfile
@@ -0,0 +1,27 @@
+FROM alpine:3.7
+MAINTAINER Disassembler <disassembler@dasm.cz>
+
+RUN \
+ # Install PHP runtime
+ apk --no-cache add nginx php7-fpm s6
+
+RUN \
+ # Install runtime dependencies
+ apk --no-cache add php7 php7-ctype php7-curl php7-gd php7-imap php7-json php7-mbstring php7-mcrypt php7-mysqli php7-opcache php7-pdo_mysql
+
+RUN \
+ # Download Ushahidi
+ wget https://github.com/ushahidi/platform-release/releases/download/v3.8.0/ushahidi-platform-release-v3.8.0.tar.gz -O /tmp/ushahidi.tgz \
+ && tar xzf /tmp/ushahidi.tgz -C /tmp \
+ && mv /tmp/ushahidi-platform-release-v3.8.0/html /srv/ushahidi \
+ # Create OS user
+ && addgroup -S -g 8014 ushahidi \
+ && adduser -S -u 8014 -h /srv/ushahidi -s /bin/false -g ushahidi -G ushahidi ushahidi \
+ # Cleanup
+ && rm -rf /tmp/ushahidi.tgz /tmp/ushahidi-platform-release-v3.8.0
+
+COPY docker/ /
+
+EXPOSE 8014
+
+CMD ["s6-svscan", "/etc/services.d"]
diff --git a/ushahidi/tmp/ushahidi-adminpwd.sql b/ushahidi/adminpwd.sql
similarity index 100%
rename from ushahidi/tmp/ushahidi-adminpwd.sql
rename to ushahidi/adminpwd.sql
diff --git a/ushahidi/tmp/ushahidi-createdb.sql b/ushahidi/createdb.sql
similarity index 100%
rename from ushahidi/tmp/ushahidi-createdb.sql
rename to ushahidi/createdb.sql
diff --git a/ushahidi/docker/etc/nginx/nginx.conf b/ushahidi/docker/etc/nginx/nginx.conf
new file mode 100644
index 0000000..f13b742
--- /dev/null
+++ b/ushahidi/docker/etc/nginx/nginx.conf
@@ -0,0 +1,42 @@
+user nginx;
+pid /run/nginx.pid;
+worker_processes 1;
+error_log /dev/stderr warn;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	include mime.types;
+	default_type application/octet-stream;
+
+	access_log off;
+	server_tokens off;
+	client_max_body_size 100m;
+	keepalive_timeout 65;
+	sendfile on;
+	tcp_nodelay on;
+
+	server {
+		listen 8014;
+		server_name localhost;
+
+		root /srv/ushahidi;
+		index index.php;
+
+		location / {
+			try_files $uri /index.html;
+		}
+
+		location /platform {
+			fastcgi_index index.php;
+			include fastcgi_params;
+			fastcgi_param SCRIPT_FILENAME $document_root/platform/httpdocs/index.php;
+			fastcgi_split_path_info ^(/platform/)(.*)$;
+			fastcgi_param PATH_INFO $fastcgi_path_info;
+			fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
+			fastcgi_pass unix:/var/run/ushahidi.sock;
+		}
+	}
+}
diff --git a/ushahidi/docker/etc/php7/php-fpm.conf b/ushahidi/docker/etc/php7/php-fpm.conf
new file mode 100644
index 0000000..dbc127a
--- /dev/null
+++ b/ushahidi/docker/etc/php7/php-fpm.conf
@@ -0,0 +1,13 @@
+[global]
+error_log = /proc/self/fd/2
+daemonize = no
+
+[ushahidi]
+catch_workers_output = yes
+user = ushahidi
+group = ushahidi
+listen.owner = nginx
+listen.group = nginx
+listen = /var/run/ushahidi.sock
+pm = ondemand
+pm.max_children = 8
diff --git a/ushahidi/docker/etc/services.d/.s6-svscan/finish b/ushahidi/docker/etc/services.d/.s6-svscan/finish
new file mode 100755
index 0000000..78d5fdc
--- /dev/null
+++ b/ushahidi/docker/etc/services.d/.s6-svscan/finish
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+/bin/true
diff --git a/ushahidi/docker/etc/services.d/nginx/run b/ushahidi/docker/etc/services.d/nginx/run
new file mode 100755
index 0000000..d09b7cd
--- /dev/null
+++ b/ushahidi/docker/etc/services.d/nginx/run
@@ -0,0 +1,3 @@
+#!/bin/execlineb -P
+
+/usr/sbin/nginx -g "daemon off;"
diff --git a/ushahidi/docker/etc/services.d/php-fpm/run b/ushahidi/docker/etc/services.d/php-fpm/run
new file mode 100755
index 0000000..852e80e
--- /dev/null
+++ b/ushahidi/docker/etc/services.d/php-fpm/run
@@ -0,0 +1,3 @@
+#!/bin/execlineb -P
+
+/usr/sbin/php-fpm7 -F
diff --git a/ushahidi/etc/cron.d/ushahidi b/ushahidi/etc/cron.d/ushahidi
deleted file mode 100644
index c4b5792..0000000
--- a/ushahidi/etc/cron.d/ushahidi
+++ /dev/null
@@ -1,4 +0,0 @@
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi dataprovider outgoing >/dev/null
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi dataprovider incoming >/dev/null
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi savedsearch >/dev/null
-*/5 * * * * ushahidi cd /srv/ushahidi/platform && ./bin/ushahidi notification queue >/dev/null
diff --git a/ushahidi/etc/init.d/ushahidi b/ushahidi/etc/init.d/ushahidi
new file mode 100755
index 0000000..cb91566
--- /dev/null
+++ b/ushahidi/etc/init.d/ushahidi
@@ -0,0 +1,17 @@
+#!/sbin/openrc-run
+
+description="Ushahidi docker container"
+
+depend() {
+	need docker net
+	use dns logger netmount
+	after mariadb
+}
+
+start() {
+	/usr/bin/docker run -d --rm --name ushahidi -h ushahidi --link mariadb -p 127.0.0.1:9014:8014 -v /srv/ushahidi/.env:/srv/ushahidi/platform/.env ushahidi
+}
+
+stop() {
+	/usr/bin/docker stop ushahidi
+}
diff --git a/ushahidi/etc/nginx/conf.d/ushahidi.conf b/ushahidi/etc/nginx/conf.d/ushahidi.conf
new file mode 100644
index 0000000..a3c7d55
--- /dev/null
+++ b/ushahidi/etc/nginx/conf.d/ushahidi.conf
@@ -0,0 +1,14 @@
+server {
+    listen [::]:8014 ipv6only=off;
+    listen [::]:8414 ssl http2 ipv6only=off;
+
+    access_log /var/log/nginx/ushahidi.access.log;
+    error_log /var/log/nginx/ushahidi.error.log;
+
+    location / {
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Host $host:$server_port;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_pass http://127.0.0.1:9014;
+    }
+}
diff --git a/ushahidi/etc/nginx/sites-available/ushahidi b/ushahidi/etc/nginx/sites-available/ushahidi
deleted file mode 100644
index 69e065f..0000000
--- a/ushahidi/etc/nginx/sites-available/ushahidi
+++ /dev/null
@@ -1,23 +0,0 @@
-server {
-    listen 8002 ssl http2;
-    listen [::]:8002 ssl http2;
-
-    access_log /var/log/nginx/ushahidi.access.log;
-    error_log /var/log/nginx/ushahidi.error.log;
-
-    root /srv/ushahidi;
-
-    location /platform {
-        fastcgi_index index.php;
-        include fastcgi.conf;
-        fastcgi_param SCRIPT_FILENAME $document_root/platform/httpdocs/index.php;
-        fastcgi_split_path_info ^(/platform/)(.*)$;
-        fastcgi_param PATH_INFO $fastcgi_path_info;
-        fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
-        fastcgi_pass unix:/run/php/ushahidi.sock;
-    }
-
-    location / {
-        try_files $uri /index.html;
-    }
-}
diff --git a/ushahidi/etc/periodic/15min/ushahidi b/ushahidi/etc/periodic/15min/ushahidi
new file mode 100755
index 0000000..cba71b6
--- /dev/null
+++ b/ushahidi/etc/periodic/15min/ushahidi
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi dataprovider outgoing' >/dev/null
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi dataprovider incoming' >/dev/null
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi savedsearch' >/dev/null
+docker exec ushahidi sh -c 'cd /srv/ushahidi/platform && bin/ushahidi notification queue' >/dev/null
diff --git a/ushahidi/etc/php/7.0/fpm/pool.d/ushahidi.conf b/ushahidi/etc/php/7.0/fpm/pool.d/ushahidi.conf
deleted file mode 100644
index ada9a4a..0000000
--- a/ushahidi/etc/php/7.0/fpm/pool.d/ushahidi.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-[ushahidi]
-user = ushahidi
-group = ushahidi
-
-listen = /run/php/ushahidi.sock
-listen.owner = www-data
-listen.group = www-data
-
-pm = ondemand
-pm.max_children = 8
-
-php_admin_value[open_basedir] = /srv/ushahidi:/tmp
diff --git a/ushahidi/srv/ushahidi/platform/.env b/ushahidi/srv/ushahidi/.env
similarity index 80%
rename from ushahidi/srv/ushahidi/platform/.env
rename to ushahidi/srv/ushahidi/.env
index 7ebde13..42aa855 100644
--- a/ushahidi/srv/ushahidi/platform/.env
+++ b/ushahidi/srv/ushahidi/.env
@@ -1,4 +1,4 @@
-DB_HOST=localhost
+DB_HOST=mariadb
 DB_NAME=ushahidi
 DB_USER=ushahidi
 DB_PASS=${USHAHIDI_PWD}