chore: Add server configuration

PrestaShopCorp · Jun 14, 2024 · ab42d55 · ab42d55
1 parent 6a6038a
commit ab42d55
Show file tree

Hide file tree

Showing 13 changed files with 505 additions and 57 deletions.
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
@@ -35,7 +35,7 @@ jobs:
       fail-fast: false # TODO: Test only should be removed
       matrix:
         os_flavour: ["alpine", "debian"]
-        ps_version: ["1.6.1.24", "1.7.8.10", "8.1.5"]
+        ps_version: ["1.6.1.24", "1.7.8.10", "8.1.6"]
         server_flavour: ["fpm", "nginx", "apache"]
     steps:
       - name: Checkout repository
@@ -50,7 +50,7 @@ jobs:
           TARGET_PLATFORM: ${{ env.TARGET_PLATFORM }}
 
       - name: Test the image
-        run: docker run --env PS_DOMAIN='localhost:80' $DOCKER_IMAGE cat VERSION
-#        run: docker run --env PS_DOMAIN='localhost:80' --entrypoint cat $DOCKER_IMAGE cat VERSION
+        timeout-minutes: 10
+        run: docker run --rm -t --env PS_DOMAIN='localhost:80' --entrypoint /bin/sh $DOCKER_IMAGE cat VERSION
         env:
           DOCKER_IMAGE: prestashop/prestashop:${{ matrix.ps_version }}-${{ matrix.os_flavour }}
diff --git a/assets/docker_run.sh b/assets/docker_run.sh
@@ -18,7 +18,7 @@ elif [ "$DB_SERVER" != "<to be defined>" -a $PS_INSTALL_AUTO = 1 ]; then
             sleep 5
         fi
     done
-        echo "\n* DB server $DB_SERVER is available, let's continue !"
+        echo "\n* DB server $DB_SERVER is available, let's continue!"
 fi
 
 # From now, stop at error
@@ -128,7 +128,7 @@ if [ $PS_DEMO_MODE -ne 0 ]; then
     sed -ie "s/define('_PS_MODE_DEMO_', false);/define('_PS_MODE_DEMO_',\ true);/g" /var/www/html/config/defines.inc.php
 fi
 
-echo "\n* Almost ! Starting web server now\n";
+echo "\n* Almost! Starting web server now\n";
 
 if [ -d /tmp/init-scripts/ ]; then
     echo "\n* Running init script(s)..."

diff --git a/assets/nginx.conf b/assets/nginx.conf
@@ -0,0 +1,147 @@
+user www-data www-data;
+worker_processes  1;
+
+events {
+	worker_connections  1024;
+}
+
+http {
+  include       mime.types;
+  default_type  application/octet-stream;
+
+  sendfile        on;
+  keepalive_timeout  65;
+
+  gzip on;
+  gzip_disable "msie6";
+  gzip_vary on;
+  gzip_proxied any;
+  gzip_types
+    application/atom+xml
+    application/geo+json
+    application/javascript
+    application/json
+    application/ld+json
+    application/manifest+json
+    application/rdf+xml
+    application/rss+xml
+    application/x-javascript
+    application/xhtml+xml
+    application/xml
+    font/eot
+    font/otf
+    font/ttf
+    image/svg+xml
+    text/css
+    text/javascript
+    text/plain
+    text/xml;
+
+  # Source: https://devdocs.prestashop-project.org/8/basics/installation/nginx/
+  # Other optimizasions: https://medium.com/@jituboss/nginx-and-php-fpm-optimization-for-high-traffic-web-applications-f790bf1b30fb
+  server {
+    listen 80;
+    server_name localhost;
+
+    error_log  /dev/stdout notice;
+    access_log /dev/stdout;
+
+    root /var/www/html;
+
+    index index.php;
+
+    # This should match the `post_max_size` and/or `upload_max_filesize` in your php.ini.
+    client_max_body_size 40M;
+
+    # Uploaded files temporary dir
+    client_body_temp_path /tmp/client_body;
+
+    error_page 404 /index.php?controller=404;
+
+    # Enable browser cache
+    location ~* \.(?:css|eot|gif|ico|jpe?g|otf|png|ttf|woff2?)$ {
+      expires 1d;
+      add_header Cache-Control "public";
+    }
+
+    # Disable logs
+    location = /favicon.ico {
+      access_log off;
+      log_not_found off;
+    }
+
+    location = /admin-dev/robots.txt {
+      access_log off;
+      log_not_found off;
+    }
+
+    # Images
+    rewrite ^/(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$1$2.jpg last;
+    rewrite ^/(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3.jpg last;
+    rewrite ^/(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last;
+    rewrite ^/c/([\w.-]+)/.+\.jpg$ /img/c/$1.jpg last;
+
+    # AlphaImageLoader for IE and FancyBox.
+    rewrite ^images_ie/?([^/]+)\.(gif|jpe?g|png)$ js/jquery/plugins/fancybox/images/$1.$2 last;
+
+    # Web service API.
+    rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
+
+    # .htaccess, .DS_Store, .htpasswd, etc.
+    location ~ /\. {
+      deny all;
+    }
+
+    # Source code directories.
+    location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|var|vendor)/ {
+      deny all;
+    }
+
+    # vendor in modules directory.
+    location ~ ^/modules/.*/vendor/ {
+      deny all;
+    }
+
+    # Prevent exposing other sensitive files.
+    location ~ \.(log|tpl|twig|sass|yml)$ {
+      deny all;
+    }
+
+    # Prevent injection of PHP files.
+    location /img {
+      location ~ \.php$ { deny all; }
+    }
+
+    location /upload {
+      location ~ \.php$ { deny all; }
+    }
+
+    location = / {
+        rewrite ^ /index.php last;
+    }
+
+    location / {
+      try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+      try_files $fastcgi_script_name =404;
+
+      include fastcgi_params;
+      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+
+      fastcgi_index index.php;
+
+      fastcgi_keep_conn on;
+      fastcgi_read_timeout 30s;
+      fastcgi_send_timeout 30s;
+
+      fastcgi_pass unix:/var/run/php/php-fpm.sock;
+    }
+  }
+}
diff --git a/assets/php-fpm-local.conf b/assets/php-fpm-local.conf
@@ -0,0 +1,21 @@
+[global]
+pid = /var/run/php/fpm.pid
+error_log = /proc/self/fd/2
+
+[www]
+listen = /var/run/php/php-fpm.sock
+listen.owner = www-data
+listen.group = www-data
+; ignored when FPM is not running as root
+user = www-data
+group = www-data
+
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+php_admin_value[memory_limit]=-1
+php_admin_value[post_max_size]=42M
+php_admin_value[upload_max_filesize]=42M
diff --git a/assets/php-fpm-standalone.conf b/assets/php-fpm-standalone.conf
@@ -0,0 +1,21 @@
+[global]
+pid = /var/run/php/fpm.pid
+error_log = /proc/self/fd/2
+
+[www]
+listen = 0.0.0.0:9000
+listen.owner = www-data
+listen.group = www-data
+; ignored when FPM is not running as root
+user = www-data
+group = www-data
+
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+php_admin_value[memory_limit]=-1
+php_admin_value[post_max_size]=42M
+php_admin_value[upload_max_filesize]=42M
diff --git a/build.sh b/build.sh
@@ -105,17 +105,26 @@ get_target_images() {
   local PHP_VERSION=${3:-};
   local OS_FLAVOUR=${4:-};
   declare RES;
-  if [ "$PS_VERSION" = "$(get_latest_prestashop_version)" ] && [ "$OS_FLAVOUR" = "$DEFAULT_OS" ]; then
-    RES="-t ${DEFAULT_DOCKER_IMAGE}:latest";
-  fi
-  if [ "$OS_FLAVOUR" = "$DEFAULT_OS" ]; then
-    RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}-${PHP_VERSION}";
-    if [ "$PHP_VERSION" = "$(get_recommended_php_version "$PS_VERSION")" ]; then
-      RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}";
+  if [ "$PS_VERSION" == "nightly" ]; then
+      if [ "$OS_FLAVOUR" = "$DEFAULT_OS" ]; then
+        RES="-t ${DEFAULT_DOCKER_IMAGE}:nightly";
+      else
+        RES="-t ${DEFAULT_DOCKER_IMAGE}:nightly-${OS_FLAVOUR}";
+      fi
+  else
+    if [ "$PS_VERSION" = "$(get_latest_prestashop_version)" ] && [ "$OS_FLAVOUR" = "$DEFAULT_OS" ] && [ "$PHP_VERSION" = "$(get_recommended_php_version "$PS_VERSION")" ]; then
+      RES="-t ${DEFAULT_DOCKER_IMAGE}:latest";
+    fi
+    if [ "$OS_FLAVOUR" = "$DEFAULT_OS" ]; then
+      RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}-${PHP_VERSION}";
+      if [ "$PHP_VERSION" = "$(get_recommended_php_version "$PS_VERSION")" ]; then
+        RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}";
+        RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:php-${PHP_VERSION}";
+      fi
     fi
+    RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}-${PHP_FLAVOUR}";
+    RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}-${OS_FLAVOUR}";
   fi
-  RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}-${PHP_FLAVOUR}";
-  RES="${RES} -t ${DEFAULT_DOCKER_IMAGE}:${PS_VERSION}-${OS_FLAVOUR}";
   echo "$RES";
 }
 
@@ -168,9 +177,9 @@ docker buildx build \
   --build-arg GIT_SHA="$GIT_SHA" \
   --build-arg ZIP_SOURCE="$ZIP_SOURCE" \
   --label org.opencontainers.image.title="PrestaShop" \
-  --label org.opencontainers.image.description="PrestaShop docker image" \
+  --label org.opencontainers.image.description="PrestaShop official docker image" \
   --label org.opencontainers.image.source=https://github.com/PrestaShop/docker \
-  --label org.opencontainers.image.url=https://github.com/PrestaShop/docker \
+  --label org.opencontainers.image.url=https://hub.docker.com/r/prestashop/prestashop \
   --label org.opencontainers.image.licenses=MIT \
   --label org.opencontainers.image.created="$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")" \
   "${TARGET_IMAGES[@]}" \

diff --git a/docker/alpine.Dockerfile b/docker/alpine.Dockerfile
@@ -42,7 +42,7 @@ COPY ./assets/php-configuration.sh /tmp/
 # Install base tools
 RUN \
   apk --no-cache add -U \
-  ca-certificates geoip tzdata zip curl jq make \
+  ca-certificates geoip tzdata zip curl jq make fcgi \
   gnu-libiconv php-common mariadb-client oniguruma-dev \
   zlib-dev libzip-dev libjpeg-turbo-dev libpng-dev \
   icu-dev libmcrypt-dev libxml2 libxml2-dev \
@@ -59,16 +59,52 @@ php-fpm -D\n\
 /usr/sbin/httpd -D FOREGROUND\n\
  ' > /usr/bin/apache-foreground; \
   chmod +x /usr/bin/apache-foreground; \
+elif [ "$SERVER_FLAVOUR" = "nginx" ]; then \
+    apk --no-cache add -U nginx nginx-mod-http-headers-more nginx-mod-http-geoip \
+    nginx-mod-stream nginx-mod-stream-geoip; \
+    printf '\
+#!/bin/sh\n\
+php-fpm -D\n\
+nginx -g "daemon off;"\n\
+ ' > /usr/bin/nginx-foreground; \
+    chmod +x /usr/bin/nginx-foreground; \
 fi
 
+## Healthcheck
+RUN if [ "$SERVER_FLAVOUR" = "apache" ]; then \
+    printf '\
+    #!/bin/sh\n\
+    curl -Isf http://localhost:80/robots.txt || exit 1' > /tmp/healthcheck; \
+  elif [ "$SERVER_FLAVOUR" = "nginx" ]; then \
+    printf '\
+    #!/bin/sh\n\
+    curl -Isf http://localhost:80/robots.txt || exit 1' > /tmp/healthcheck; \
+  else \
+    printf '\
+    #!/bin/sh\n\
+    cgi-fcgi -bind -connect localhost:9000' > /tmp/healthcheck; \
+  fi; \
+  chmod +x /tmp/healthcheck;
+
+# Add configuration
+COPY ./assets/nginx.conf /tmp/
+COPY ./assets/php-fpm*.conf /tmp/
+
 # The PrestaShop docker entrypoint
 COPY ./assets/docker_run.sh /tmp/
 
 RUN if [ "$SERVER_FLAVOUR" = "fpm" ]; then \
-     sed -i 's/{PHP_CMD}/php-fpm/' /tmp/docker_run.sh; \
+      sed -i 's/{PHP_CMD}/php-fpm -R/' /tmp/docker_run.sh; \
+      mv /tmp/php-fpm-standalone.conf /usr/local/etc/php-fpm.conf; \
+    elif [ "$SERVER_FLAVOUR" = "nginx" ]; then \
+      sed -i 's/{PHP_CMD}/nginx-foreground/' /tmp/docker_run.sh; \
+      mv /tmp/php-fpm-local.conf /usr/local/etc/php-fpm.conf; \
+      mv /tmp/nginx.conf /etc/nginx/nginx.conf; \
+      mkdir -p /var/run/php; \
     else \
-     sed -i 's/{PHP_CMD}/apache2-foreground/' /tmp/docker_run.sh; \
-    fi
+      sed -i 's/{PHP_CMD}/apache2-foreground/' /tmp/docker_run.sh; \
+    fi; \
+    rm -rf /tmp/*.conf;
 
 # Handling a dynamic domain
 # Probably, or at least its usage must be described in the README file
@@ -128,7 +164,7 @@ LABEL maintainer="PrestaShop Core Team <[email protected]>"
 COPY --chown=www-data:www-data --from=alpine-download-prestashop ${PS_FOLDER} ${PS_FOLDER}
 
 HEALTHCHECK --interval=5s --timeout=5s --retries=10 --start-period=10s \
-  CMD curl -Isf http://localhost:80/robots.txt || exit 1
+  CMD /tmp/healthcheck
 
 EXPOSE 80