From ea317237c36b80a300a2eae3ff98992fe973d224 Mon Sep 17 00:00:00 2001 From: Angus Goody Date: Mon, 7 Aug 2023 12:09:50 +0100 Subject: [PATCH] Ci update (#7) * updating config * updated README.md * updated Readme.md again * updating integration scripts * converted to lowercase * fix problem * forgot to rename test run * upgraded workflows * updated login step --- .github/workflows/cd.yml | 11 +++--- .github/workflows/ci.yml | 13 +++++--- Dockerfile | 11 +++--- README.md | 16 +++++++-- nginx.conf | 72 +++++++++++++++++++++++----------------- start_prod.sh | 3 +- 6 files changed, 79 insertions(+), 47 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 358d75d..5bbae97 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -16,10 +16,13 @@ jobs: environment: production steps: - name: Check out code - uses: actions/checkout@v2 + uses: actions/checkout@v3 + + - name: Convert repository name to lowercase + run: echo "REPO_NAME=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV - name: Log in to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -29,10 +32,10 @@ jobs: id: meta uses: docker/metadata-action@v3 with: - images: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }} + images: ${{ env.REGISTRY }}/${{env.REPO_NAME}}/${{ env.IMAGE_NAME }} - name: Build and push Docker image - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v4 with: context: . push: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 52fe146..74908e6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,7 +7,7 @@ on: # - main env: - IMAGE_NAME: laravellous-test-image + IMAGE_NAME: laravellous-test-image # Needs to be lowercase REGISTRY: ghcr.io jobs: @@ -17,23 +17,26 @@ jobs: environment: testing # The Github environment to use steps: - name: Check out code - uses: actions/checkout@v2 + uses: actions/checkout@v3 + + - name: Convert repository name to lowercase + run: echo "REPO_NAME=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV #- name: create env.testing file # - Uncomment this to load testing env vars from secrets (then add --env-file .env.testing to docker run below) #run: echo "${{ secrets.ENV_FILE_TESTING }}" > .env.testing - name: Build Docker image - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v4 with: context: . push: false - tags: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}:testing + tags: ${{ env.REGISTRY }}/${{env.REPO_NAME}}/${{ env.IMAGE_NAME }}:testing load: true target: test # Target the test build target in the Dockerfile - name: Run Tests run: | - docker run -d --name my_container ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}:testing + docker run -d --name my_container ${{ env.REGISTRY }}/${{ env.REPO_NAME }}/${{ env.IMAGE_NAME }}:testing diff --git a/Dockerfile b/Dockerfile index fe76c9b..438a50b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -57,15 +57,18 @@ WORKDIR /var/www/html # Remove the 'tests' directory (to ensure they are not in prod image, they can be added back later for testing) RUN rm -rf /var/www/html/tests -# Set folder permissions for Laravel -RUN chmod -R 777 /var/www/html/storage - # Copy our prod script and set permissions COPY start_prod.sh /start.sh RUN chmod +x /start.sh +# Change the owner group of the directories to www-data +RUN chown -R :www-data /var/www/html && chmod -R g+rwxs /var/www/html + +# Set group permissions +RUN chmod -R 775 /var/www/html + # Copy Nginx config file -COPY nginx.conf /etc/nginx/http.d/default.conf +COPY nginx.conf /etc/nginx/nginx.conf # Expose port 80 EXPOSE 80 diff --git a/README.md b/README.md index 69f2e50..0fe844a 100644 --- a/README.md +++ b/README.md @@ -111,7 +111,7 @@ Currently the Github workflows are set to only trigger manually, to setup an aut After the Docker image is pushed to the container registry, you will need to pull the image on your server and restart your application. This process will depend on your server setup. -When running the Docker container, it is important to inject your environment variables at runtime. The Dockerfile and start scripts are set up to generate an `.env` file from the environment variables in the Docker container. This is done by running the command `printenv | grep -v "no_proxy" > .env` at the start of the script. +When running the Docker container, it is important to inject your environment variables at runtime. The Dockerfile and start scripts are set up to generate an `.env` file from the environment variables in the Docker container. This is done by running the command `printenv | awk -F "=" 'NF==2 && $2 !~ /[\n\t ]/' > .env` at the start of the script. Ensure that your Docker run command includes the `-e` option to set the environment variables, for example: @@ -126,6 +126,18 @@ docker run -d -p 80:80 --name my-app \ **_NOTE:_** The above can normally be automated using a server management tool such as [CapRover](https://caprover.com/), [EasyPanel](https://easypanel.io/) etc. +#### Volume mounting + +In a Dockerized environment, volume mounting is often used to ensure that certain data persists beyond the life of a container or to share data between the host and container. In the case of LaraVellous, you may want to volume mount the storage folder to ensure that any uploaded files, logs, or other persistent data are kept intact across container restarts or rebuilds. + +```bash +docker run -d -p 3000:80 --name laravellous \ + -v /path/to/laravellous/storage:/var/www/html/storage \ + # Other env variables and options etc... + laravellous-prod-image + +``` + ## Building and Running Docker Images Locally For development and troubleshooting, Laravel Sail is generally recommended. However, you can also build and run the Docker images locally, especially when testing changes or finalizing your production setup. @@ -136,7 +148,7 @@ You can build a Docker image of your application using the `docker build` comman ```bash docker build --target test -t laravellous-test-image . # Build the testing image -docker build --target prod -t laravellous-prod-image . # Build the production image (will start nginx etc) +docker build --target prod -t laravellous-prod-image . # Build the production image (will start nginx, php-fpm etc) ``` **_NOTE:_** Running docker build with no target specified will produce an image that is not optimized for it's environment and may cause unexpected behavior diff --git a/nginx.conf b/nginx.conf index eba8db3..dd83496 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,31 +1,43 @@ -server { - listen 80; - server_name localhost; - root /var/www/html/public; - - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-Content-Type-Options "nosniff"; - - index index.php; - - charset utf-8; - - location / { - try_files $uri $uri/ /index.php?$query_string; - } - - location = /favicon.ico { access_log off; log_not_found off; } - location = /robots.txt { access_log off; log_not_found off; } - - error_page 404 /index.php; - - location ~ \.php$ { - fastcgi_pass 127.0.0.1:9000; - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - include fastcgi_params; - } - - location ~ /\.(?!well-known).* { - deny all; - } +user www-data; + +events {} + +http { + include mime.types; + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + client_max_body_size 25M; + + server { + listen 80; + server_name localhost; + root /var/www/html/public; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-Content-Type-Options "nosniff"; + + index index.php; + + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + error_page 404 /index.php; + + location ~ \.php$ { + fastcgi_pass 127.0.0.1:9000; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + include fastcgi_params; + } + + location ~ /\.(?!well-known).* { + deny all; + } + } } + diff --git a/start_prod.sh b/start_prod.sh index bbcb3a7..7bc1051 100644 --- a/start_prod.sh +++ b/start_prod.sh @@ -12,7 +12,6 @@ php artisan view:clear php artisan storage:link php artisan migrate --force -chmod -R 777 storage # Finally, start PHP-FPM and nginx -php-fpm -D && nginx -g "daemon off;" +php-fpm -D && nginx -g "daemon off;" \ No newline at end of file