diff --git a/Makefile b/Makefile index eaf3847..9b02cc3 100644 --- a/Makefile +++ b/Makefile @@ -28,7 +28,7 @@ export # convert lowercase componentname to uppercase COMPONENT = $(shell echo $(component) | tr a-z A-Z) -build-all: build-base build-core build-kdav build-konnect build-kwmserver build-ldap-demo build-meet build-playground build-scheduler build-ssl build-utils build-web build-webapp build-zpush +build-all: build-base build-core build-kdav build-konnect build-kwmserver build-ldap-demo build-meet build-php build-playground build-scheduler build-ssl build-utils build-web build-webapp build-zpush .PHONY: build build: component ?= base @@ -115,6 +115,9 @@ build-ldap-demo: build-meet: build-base component=meet make build +build-php: build-base + component=php make build + build-playground: component=playground make build-builder component=playground make build-simple @@ -135,7 +138,7 @@ build-utils: build-core build-web: component=web make build-simple -build-webapp: build-base +build-webapp: build-php component=webapp make build build-zpush: @@ -175,6 +178,11 @@ tag-meet: $(shell docker run --rm $(docker_repo)/kopano_meet cat /kopano/buildversion | grep meet | cut -d- -f2 | cut -d+ -f1)) component=meet make tag-container +tag-php: + $(eval php_version := \ + $(shell docker run --rm $(docker_repo)/kopano_php cat /kopano/buildversion | cut -d- -f2)) + component=php make tag-container + tag-scheduler: $(eval scheduler_version := \ $(shell docker run --rm $(docker_repo)/kopano_scheduler env | grep SUPERCRONIC_VERSION | cut -d'=' -f2)) @@ -204,7 +212,7 @@ tag-zpush: repo-login: @docker login -u $(docker_login) -p $(docker_pwd) -publish: repo-login publish-base publish-core publish-kdav publish-konnect publish-kwmserver publish-meet publish-playground publish-scheduler publish-ssl publish-utils publish-web publish-webapp publish-zpush +publish: repo-login publish-base publish-core publish-kdav publish-konnect publish-kwmserver publish-meet publish-php publish-playground publish-scheduler publish-ssl publish-utils publish-web publish-webapp publish-zpush publish-container: component ?= base publish-container: @@ -227,12 +235,14 @@ publish-kwmserver: build-kwmserver tag-kwmserver publish-meet: build-meet tag-meet component=meet make publish-container +publish-php: build-php tag-php + component=php make publish-container + publish-playground: build-playground docker push $(docker_repo)/kopano_playground:latest docker push $(docker_repo)/kopano_playground:builder publish-kdav: build-kdav #tag-kdav - #component=zpush make publish-container docker push $(docker_repo)/kopano_kdav:latest docker push $(docker_repo)/kopano_kdav:builder @@ -257,7 +267,7 @@ publish-zpush: build-zpush tag-zpush check-scripts: grep -rIl '^#![[:blank:]]*/bin/\(bash\|sh\|zsh\)' \ --exclude-dir=.git --exclude=*.sw? \ - | xargs shellcheck + | xargs shellcheck -x # List files which name starts with 'Dockerfile' # eg. Dockerfile, Dockerfile.build, etc. git ls-files --exclude='Dockerfile*' --ignored | xargs --max-lines=1 hadolint diff --git a/README.md b/README.md index ebf12c5..2112b63 100644 --- a/README.md +++ b/README.md @@ -133,8 +133,8 @@ The built image includes your subscription key! Do not push this image to any pu While using kweb is recommended, this is of course possible. -- The `kopano_webapp` image is accessible on port 80 and serves the WebApp both on `/` and `/webapp`. -- The `kopano_zpush` image is accessible on port 80 and serves Z-Push on `/Microsoft-Server-ActiveSync` (additional urls may be needed in the future see #39). +- The `kopano_webapp` container is accessible on port 9080 and serves the WebApp on `/webapp`. +- The `kopano_zpush` container is accessible on port 80 and serves Z-Push on `/Microsoft-Server-ActiveSync` ((additional urls are needed in case auto discover should be used). ### What are and how can I use the Kapi Playground and OIDC Playground? diff --git a/docker-compose.yml b/docker-compose.yml index 786e38a..3af7af8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -203,7 +203,6 @@ services: - SERVICE_TO_START=server - TZ=${TZ} - KCCONF_SERVER_COREDUMP_ENABLED=no - - KCCONF_SERVER_LOG_LEVEL=3 - KCCONF_SERVER_MYSQL_HOST=${MYSQL_HOST} - KCCONF_SERVER_MYSQL_PORT=3306 - KCCONF_SERVER_MYSQL_DATABASE=${MYSQL_DATABASE} diff --git a/php/Dockerfile b/php/Dockerfile new file mode 100644 index 0000000..5f5d6a9 --- /dev/null +++ b/php/Dockerfile @@ -0,0 +1,79 @@ +ARG docker_repo=zokradonh +FROM ${docker_repo}/kopano_base + +ARG DEBIAN_FRONTEND=noninteractive + +ARG ADDITIONAL_KOPANO_PACKAGES="" +ENV ADDITIONAL_KOPANO_PACKAGES=$ADDITIONAL_KOPANO_PACKAGES +ARG ADDITIONAL_KOPANO_WEBAPP_PLUGINS="" +ENV ADDITIONAL_KOPANO_WEBAPP_PLUGINS=$ADDITIONAL_KOPANO_WEBAPP_PLUGINS +ARG DOWNLOAD_COMMUNITY_PACKAGES=1 +ENV DOWNLOAD_COMMUNITY_PACKAGES=$DOWNLOAD_COMMUNITY_PACKAGES +ARG KOPANO_CORE_REPOSITORY_URL="file:/kopano/repo/core" +ENV KOPANO_CORE_REPOSITORY_URL=$KOPANO_CORE_REPOSITORY_URL +ARG KOPANO_REPOSITORY_FLAGS="trusted=yes" +ENV KOPANO_REPOSITORY_FLAGS=$KOPANO_REPOSITORY_FLAGS +ARG KOPANO_WEBAPP_REPOSITORY_URL="file:/kopano/repo/webapp" +ENV KOPANO_WEBAPP_REPOSITORY_URL=$KOPANO_WEBAPP_REPOSITORY_URL +ARG KOPANO_WEBAPP_SMIME_REPOSITORY_URL="file:/kopano/repo/smime" +ENV KOPANO_WEBAPP_SMIME_REPOSITORY_URL=$KOPANO_WEBAPP_SMIME_REPOSITORY_URL +ARG KOPANO_WEBAPP_MDM_REPOSITORY_URL="file:/kopano/repo/mdm" +ENV KOPANO_WEBAPP_MDM_REPOSITORY_URL=$KOPANO_WEBAPP_MDM_REPOSITORY_URL +ARG KOPANO_WEBAPP_FILES_REPOSITORY_URL="file:/kopano/repo/files" +ENV KOPANO_WEBAPP_FILES_REPOSITORY_URL=$KOPANO_WEBAPP_FILES_REPOSITORY_URL +ARG KOPANO_CORE_VERSION=newest +ENV KOPANO_CORE_VERSION=$KOPANO_CORE_VERSION +ARG KOPANO_WEBAPP_VERSION=newest +ENV KOPANO_WEBAPP_VERSION=$KOPANO_WEBAPP_VERSION +ARG KOPANO_WEBAPP_FILES_VERSION=newest +ENV KOPANO_WEBAPP_FILES_VERSION=$KOPANO_WEBAPP_FILES_VERSION +ARG KOPANO_WEBAPP_MDM_VERSION=newest +ENV KOPANO_WEBAPP_MDM_VERSION=$KOPANO_WEBAPP_MDM_VERSION +ARG KOPANO_WEBAPP_SMIME_VERSION=newest +ENV KOPANO_WEBAPP_SMIME_VERSION=$KOPANO_WEBAPP_SMIME_VERSION +ARG RELEASE_KEY_DOWNLOAD=0 +ENV RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# add install common php dependencies +# hadolint ignore=SC2129 +RUN \ + # community download and package as apt source repository + . /kopano/helper/create-kopano-repo.sh && \ + if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ + dl_and_package_community "core"; \ + fi; \ + echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ + # save kopano version + echo "core-${KOPANO_CORE_VERSION}" > /kopano/buildversion; \ + # install apt keys if supported kopano + if [ ${RELEASE_KEY_DOWNLOAD} -eq 1 ]; then \ + curl -s -S -o - "${KOPANO_CORE_REPOSITORY_URL}/Release.key" | apt-key add -; \ + fi; \ + # install + set -x && \ + apt-get update && apt-get install -y --no-install-recommends \ + kopano-kwebd \ + php-fpm \ + crudini \ + ca-certificates \ + ${ADDITIONAL_KOPANO_PACKAGES} \ + && rm -rf /var/cache/apt /var/lib/apt/lists + +# configure basics +RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ + sed -i -e 's/# de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen && \ + dpkg-reconfigure --frontend=noninteractive locales && \ + update-locale LANG=en_US.UTF-8 && \ + # configure php-fpm + mkdir -p /run/php && chown www-data:www-data /run/php && \ + crudini --set /etc/php/7.0/fpm/php.ini PHP upload_max_filesize 500M && \ + crudini --set /etc/php/7.0/fpm/php.ini PHP post_max_size 500M && \ + crudini --set /etc/php/7.0/fpm/php.ini PHP max_input_vars 1800 && \ + crudini --set /etc/php/7.0/fpm/php.ini Session session.save_path /run/sessions + +EXPOSE 9080/tcp + +COPY start-helper.sh /kopano/start-helper.sh +COPY kweb.cfg /etc/kweb.cfg \ No newline at end of file diff --git a/php/README.md b/php/README.md new file mode 100644 index 0000000..9817b66 --- /dev/null +++ b/php/README.md @@ -0,0 +1 @@ +Common base image for php based Kopano containers diff --git a/php/kweb.cfg b/php/kweb.cfg new file mode 100644 index 0000000..a2a4e5f --- /dev/null +++ b/php/kweb.cfg @@ -0,0 +1,10 @@ +:9080 { + errors stderr + + alias /webapp/ /usr/share/kopano-webapp/ + fastcgi2 /webapp/ /run/php/php7.0-fpm.sock php { + without /webapp/ + root /usr/share/kopano-webapp/ + } + folderish /webapp +} diff --git a/php/start-helper.sh b/php/start-helper.sh new file mode 100755 index 0000000..5176664 --- /dev/null +++ b/php/start-helper.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +php_cfg_gen() { + local cfg_file="$1" + local cfg_setting="$2" + local cfg_value="$3" + if [ -e "$cfg_file" ]; then + echo "Setting $cfg_setting = $cfg_value in $cfg_file" + if ! grep -q "$cfg_setting" "$cfg_file"; then + echo "WARNING: Config option $cfg_setting not found in $cfg_file! You may have misspelled the confing setting." + echo "define('$cfg_setting', '$cfg_value');" >> "$cfg_file" + cat "$cfg_file" + return + fi + case $cfg_value in + true|TRUE|false|FALSE) + sed -ri "s#(\s*define).+${cfg_setting}.+#\tdefine(\x27${cfg_setting}\x27, ${cfg_value}\);#g" "$cfg_file" + ;; + *) + sed -ri "s#(\s*define).+${cfg_setting}.+#\tdefine(\x27${cfg_setting}\x27, \x27${cfg_value}\x27\);#g" "$cfg_file" + ;; + esac + else + echo "Error: Config file $cfg_file not found. Plugin not installed?" + local dir + dir=$(dirname "$cfg_file") + ls -la "$dir" + exit 1 + fi +} \ No newline at end of file diff --git a/tests/startup-test/test.sh b/tests/startup-test/test.sh index 56f14eb..d691ea4 100755 --- a/tests/startup-test/test.sh +++ b/tests/startup-test/test.sh @@ -14,6 +14,6 @@ exec dockerize \ -wait tcp://kopano_server:236 \ -wait tcp://kopano_server:237 \ -wait tcp://web:2015 \ - -wait tcp://kopano_webapp:80 \ + -wait tcp://kopano_webapp:9080 \ -wait tcp://kopano_zpush:80 \ -timeout 120s diff --git a/web/kweb.cfg b/web/kweb.cfg index e51b002..f3e9a49 100644 --- a/web/kweb.cfg +++ b/web/kweb.cfg @@ -131,7 +131,7 @@ } folderish /meet - proxy /webapp/ kopano_webapp:80 { + proxy /webapp/ kopano_webapp:9080 { fail_timeout 10s try_duration 30s transparent diff --git a/webapp/Dockerfile b/webapp/Dockerfile index 8b7cbf4..556015e 100644 --- a/webapp/Dockerfile +++ b/webapp/Dockerfile @@ -1,5 +1,5 @@ ARG docker_repo=zokradonh -FROM ${docker_repo}/kopano_base +FROM ${docker_repo}/kopano_php ARG DEBIAN_FRONTEND=noninteractive @@ -42,19 +42,16 @@ RUN \ # community download and package as apt source repository . /kopano/helper/create-kopano-repo.sh && \ if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ - dl_and_package_community "core"; \ dl_and_package_community "webapp"; \ dl_and_package_community "files"; \ dl_and_package_community "mdm"; \ dl_and_package_community "smime"; \ fi; \ - echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_REPOSITORY_URL} ./" >> /etc/apt/sources.list.d/kopano.list; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_SMIME_REPOSITORY_URL} ./" >> /etc/apt/sources.list.d/kopano.list; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_MDM_REPOSITORY_URL} ./" >> /etc/apt/sources.list.d/kopano.list; \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_WEBAPP_FILES_REPOSITORY_URL} ./" >> /etc/apt/sources.list.d/kopano.list; \ # save kopano version - echo "core-${KOPANO_CORE_VERSION}" > /kopano/buildversion; \ echo "webapp-${KOPANO_WEBAPP_VERSION}" >> /kopano/buildversion; \ echo "files-${KOPANO_WEBAPP_FILES_VERSION}" >> /kopano/buildversion; \ echo "mdm-${KOPANO_WEBAPP_MDM_VERSION}" >> /kopano/buildversion; \ @@ -66,38 +63,11 @@ RUN \ # install set -x && \ apt-get update && apt-get install -y --no-install-recommends \ - apache2 \ - libapache2-mod-php7.0 \ - crudini \ - ca-certificates \ kopano-webapp \ ${ADDITIONAL_KOPANO_PACKAGES} \ ${ADDITIONAL_KOPANO_WEBAPP_PLUGINS} \ && rm -rf /var/cache/apt /var/lib/apt/lists -COPY apache2-kopano.conf /etc/apache2/sites-available/kopano.conf - -# configure basics -RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ - sed -i -e 's/# de_DE.UTF-8 UTF-8/de_DE.UTF-8 UTF-8/' /etc/locale.gen && \ - dpkg-reconfigure --frontend=noninteractive locales && \ - update-locale LANG=en_US.UTF-8 && \ - # configure apache - rm /etc/apache2/sites-enabled/* && \ - sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf && \ - sed -e "s,MaxSpareServers[^:].*,MaxSpareServers 5," -i /etc/apache2/mods-available/mpm_prefork.conf && \ - a2disconf other-vhosts-access-log && \ - a2ensite kopano kopano-webapp && \ - echo "Listen 80" > /etc/apache2/ports.conf && \ - # configure mod_php - a2enmod rewrite && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 500M && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP post_max_size 500M && \ - crudini --set /etc/php/7.0/apache2/php.ini PHP max_input_vars 1800 && \ - crudini --set /etc/php/7.0/apache2/php.ini Session session.save_path /run/sessions - -EXPOSE 80/tcp - COPY start.sh /kopano/start.sh ENV LANG en_US.UTF-8 diff --git a/webapp/apache2-kopano.conf b/webapp/apache2-kopano.conf deleted file mode 100644 index ef60690..0000000 --- a/webapp/apache2-kopano.conf +++ /dev/null @@ -1,79 +0,0 @@ - - DocumentRoot /usr/share/kopano-webapp - - LogFormat "%{X-Forwarded-For}i %{%a %b %d %T %Y}t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy - ErrorLog "|/bin/cat" - CustomLog "|/bin/cat" proxy - - - DirectoryIndex index.php - Options -Indexes +FollowSymLinks - - - Allow from all - AllowOverride Options Limit - Order allow,deny - - - = 2.4> - AllowOverride Options Limit Authconfig - Require all granted - - - FileETag All - - # Uncomment to enhance security of WebApp by restricting cookies to only - # be provided over HTTPS connections - # php_flag session.cookie_secure on - # php_flag session.cookie_httponly on - - # Manipulate the cache control headers if mod_expires and - # mod_headers are both enabled; otherwise the client will depend - # on the ETag header. However, you can set FileETag to "None" if - # you have multiple servers serving WebApp to the same user. In - # that case, apache will fall back to the config below so make - # sure these two modules are loaded! - - - ExpiresActive On - ExpiresDefault "now" - - - # All (static) resources set to 2 months expiration time. - ExpiresDefault "access plus 2 months" - Header append Cache-Control "public" - - - - # All non-dynamic files set to 2 weeks expiration time. - ExpiresDefault "access plus 2 weeks" - # User agents are requested to revalidate for each resource - # so that the server can always serve a newer version if - # necessary. - Header append Cache-Control "no-cache, must-revalidate" - - # Treat IE a little differently due to the remarks on no-cache - # on http://support.microsoft.com/kb/234067 - - BrowserMatch MSIE ie_bug - - Header set Cache-Control "must-revalidate, private" env=ie_bug - - - - # PHP files must always be retrieved from the server. - ExpiresActive Off - Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform" - Header set Pragma "no-cache" - - - - - # Enable gzip compression if the module is available - - - SetOutputFilter DEFLATE - - - - diff --git a/webapp/start.sh b/webapp/start.sh index 68c7f69..5159e3b 100755 --- a/webapp/start.sh +++ b/webapp/start.sh @@ -8,34 +8,8 @@ ADDITIONAL_KOPANO_WEBAPP_PLUGINS=${ADDITIONAL_KOPANO_WEBAPP_PLUGINS:-""} set -eu # unset variables are errors & non-zero return values exit the whole script -php_cfg_gen() { - local cfg_file="$1" - local cfg_setting="$2" - local cfg_value="$3" - if [ -e "$cfg_file" ]; then - echo "Setting $cfg_setting = $cfg_value in $cfg_file" - if ! grep -q "$cfg_setting" "$cfg_file"; then - echo "WARNING: Config option $cfg_setting not found in $cfg_file! You may have misspelled the confing setting." - echo "define('$cfg_setting', '$cfg_value');" >> "$cfg_file" - cat "$cfg_file" - return - fi - case $cfg_value in - true|TRUE|false|FALSE) - sed -ri "s#(\s*define).+${cfg_setting}.+#\tdefine(\x27${cfg_setting}\x27, ${cfg_value}\);#g" "$cfg_file" - ;; - *) - sed -ri "s#(\s*define).+${cfg_setting}.+#\tdefine(\x27${cfg_setting}\x27, \x27${cfg_value}\x27\);#g" "$cfg_file" - ;; - esac - else - echo "Error: Config file $cfg_file not found. Plugin not installed?" - local dir - dir=$(dirname "$cfg_file") - ls -la "$dir" - exit 1 - fi -} +# shellcheck source=php/start-helper.sh +source /kopano/start-helper.sh ADDITIONAL_KOPANO_PACKAGES="$ADDITIONAL_KOPANO_PACKAGES $ADDITIONAL_KOPANO_WEBAPP_PLUGINS" @@ -78,8 +52,8 @@ chown -R www-data:www-data /run/sessions /tmp/webapp echo "Starting Apache" rm -f /run/apache2/apache2.pid set +u -# shellcheck disable=SC1091 -source /etc/apache2/envvars # cleaning up env variables unset "${!KCCONF_@}" -exec /usr/sbin/apache2 -DFOREGROUND +echo "Starting php-fpm" +php-fpm7.0 -F & +exec /usr/libexec/kopano/kwebd caddy -conf /etc/kweb.cfg \ No newline at end of file