diff --git a/docker/README.md b/.github/docker/README.md similarity index 100% rename from docker/README.md rename to .github/docker/README.md diff --git a/docker/default.conf b/.github/docker/default.conf similarity index 100% rename from docker/default.conf rename to .github/docker/default.conf diff --git a/docker/default_ssl.conf b/.github/docker/default_ssl.conf similarity index 100% rename from docker/default_ssl.conf rename to .github/docker/default_ssl.conf diff --git a/docker/entrypoint.sh b/.github/docker/entrypoint.sh similarity index 88% rename from docker/entrypoint.sh rename to .github/docker/entrypoint.sh index f4e1971b4..69bb5bcf0 100644 --- a/docker/entrypoint.sh +++ b/.github/docker/entrypoint.sh @@ -1,18 +1,14 @@ #!/bin/ash -## Ensure we are in /app - cd /app mkdir -p /var/log/panel/logs/ /var/log/supervisord/ /var/log/nginx/ /var/log/php7/ \ -&& rm -rf /app/storage/logs/ \ -&& chmod 777 /var/log/panel/logs/ \ -&& ln -s /var/log/panel/logs/ /app/storage/ + && chmod 777 /var/log/panel/logs/ \ + && ln -s /var/log/panel/logs/ /app/storage/ ## check for .env file and generate app keys if missing if [ -f /app/var/.env ]; then echo "external vars exist." rm -rf /app/.env - ln -s /app/var/.env /app/ else echo "external vars don't exist." @@ -60,7 +56,6 @@ fi ## check for DB up before starting the panel echo "Checking database status." until nc -z -v -w30 $DB_HOST 3306 - do echo "Waiting for database connection..." # wait for 5 seconds before check again @@ -69,17 +64,11 @@ done ## make sure the db is set up echo -e "Migrating and Seeding D.B" -php artisan migrate --force -php artisan db:seed --force +php artisan migrate --seed --force ## start cronjobs for the queue echo -e "Starting cron jobs." crond -L /var/log/crond -l 5 -## install yarn stuff -yarn install --production -yarn add cross-env -yarn run build:production - echo -e "Starting supervisord." exec "$@" diff --git a/docker/supervisord.conf b/.github/docker/supervisord.conf similarity index 100% rename from docker/supervisord.conf rename to .github/docker/supervisord.conf diff --git a/docker/www.conf b/.github/docker/www.conf similarity index 100% rename from docker/www.conf rename to .github/docker/www.conf diff --git a/Dockerfile b/Dockerfile index f00d54d5e..744a6a402 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,36 +1,40 @@ -FROM php:7.4-fpm-alpine - +# Stage 0: +# Build the assets that are needed for the frontend. This build stage is then discarded +# since we won't need NodeJS anymore in the future. This Docker image ships a final production +# level distribution of Pterodactyl. +FROM mhart/alpine-node:14 WORKDIR /app - -RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar unzip nginx libpng-dev libxml2-dev libzip-dev certbot yarn; \ - docker-php-ext-install bcmath; \ - docker-php-ext-install gd; \ - docker-php-ext-install mbstring; \ - docker-php-ext-install pdo; \ - docker-php-ext-install pdo_mysql; \ - docker-php-ext-install tokenizer; \ - docker-php-ext-install xml; \ - docker-php-ext-configure zip --with-libzip=/usr/include; \ - docker-php-ext-install zip; \ - curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer - COPY . ./ +RUN yarn install --frozen-lockfile \ + && yarn run build:production -RUN cp .env.example .env \ - && composer install --no-dev --optimize-autoloader \ - && rm .env \ - && chown -R nginx:nginx . && chmod -R 777 storage/* bootstrap/cache +# Stage 1: +# Build the actual container with all of the needed PHP dependencies that will run the application. +FROM php:7.4-fpm-alpine +WORKDIR /app +COPY . ./ +COPY --from=0 /app/public/assets ./public/assets +RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar unzip nginx libpng-dev libxml2-dev libzip-dev certbot \ + && docker-php-ext-configure zip \ + && docker-php-ext-install bcmath gd pdo_mysql zip \ + && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \ + && cp .env.example .env \ + && mkdir -p bootstrap/cache/ storage/framework/sessions storage/framework/views storage/framework/cache \ + && chmod 777 -R bootstrap storage \ + && composer install --no-dev --optimize-autoloader \ + && rm -rf .env bootstrap/cache/*.php storage \ + && chown -R nginx:nginx . -RUN cp docker/default.conf /etc/nginx/conf.d/default.conf \ - && cat docker/www.conf > /usr/local/etc/php-fpm.d/www.conf \ - && rm /usr/local/etc/php-fpm.d/www.conf.default \ - && cat docker/supervisord.conf > /etc/supervisord.conf \ - && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \ - && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \ - && mkdir -p /var/run/php /var/run/nginx +RUN rm /usr/local/etc/php-fpm.d/www.conf.default \ + && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \ + && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \ + && mkdir -p /var/run/php /var/run/nginx \ + && apk del --no-cache libpng-dev libxml2-dev libzip-dev + +COPY .github/docker/default.conf /etc/nginx/conf.d/default.conf +COPY .github/docker/www.conf /usr/local/etc/php-fpm.d/www.conf +COPY .github/docker/supervisord.conf /etc/supervisord.conf EXPOSE 80 443 - -ENTRYPOINT ["/bin/ash", "docker/entrypoint.sh"] - +ENTRYPOINT ["/bin/ash", ".github/docker/entrypoint.sh"] CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ] diff --git a/docker-compose.example.yml b/docker-compose.example.yml index c69cce565..e04c798d6 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -1,4 +1,34 @@ -version: '2' +version: '3.8' +x-common: + database: &db-environment + # Do not remove the "&db-password" from the end of the line below, it is important + # for Panel functionality. + MYSQL_PASSWORD: "CHANGE_ME" &db-password + MYSQL_ROOT_PASSWORD: "CHANGE_ME_TOO" + panel: &panel-environment + APP_URL: "https://your.domain.here" + # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php + APP_TIMEZONE: "UTC" + APP_SERVICE_AUTHOR: "noreply@example.com" + # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt + # to generate an SSL certificate for the Panel. + # LE_EMAIL: "" + mail: &mail-environment + MAIL_FROM: "noreply@example.com" + MAIL_DRIVER: "smtp" + MAIL_HOST: "mail" + MAIL_PORT: "1025" + MAIL_USERNAME: "" + MAIL_PASSWORD: "" + MAIL_ENCRYPTION: "true" + +# +# ------------------------------------------------------------------------------------------ +# DANGER ZONE BELOW +# +# The remainder of this file likely does not need to be changed. Please only make modifications +# below if you understand what you are doing. +# services: database: image: mariadb:10.4 @@ -6,17 +36,12 @@ services: volumes: - "/srv/pterodactyl/database:/var/lib/mysql" environment: - ## Database settings - ## change if you want it to be more secure. - - "MYSQL_ROOT_PASSWORD=apassword" - - "MYSQL_DATABASE=pterodb" - - "MYSQL_USER=ptero" - - "MYSQL_PASSWORD=pterodbpass" - + <<: *db-environment + MYSQL_DATABASE: "panel" + MYSQL_USER: "pterodactyl" cache: image: redis:alpine restart: always - panel: image: quay.io/pterodactyl/panel:latest restart: always @@ -32,47 +57,16 @@ services: - "/srv/pterodactyl/certs/:/etc/letsencrypt/" - "/srv/pterodactyl/logs/:/var/log/" environment: - ## These are defaults and should be left alone - - "APP_ENV=production" - - "APP_DEBUG=false" - - "APP_THEME=pterodactyl" - - "APP_CLEAR_TASKLOG=720" - - "APP_DELETE_MINUTES=10" - - "APP_ENVIRONMENT_ONLY=false" - - "QUEUE_HIGH=high" - - "QUEUE_STANDARD=standard" - - "QUEUE_LOW=low" - ## Cache settings - - "CACHE_DRIVER=redis" - - "SESSION_DRIVER=redis" - - "QUEUE_DRIVER=redis" - - "REDIS_HOST=cache" - - "REDIS_PASSWORD=null" - - "REDIS_PORT=6379" - ## Domain settings - - "APP_URL=https://your.domain.here" ## if you are running this behind a reverse proxy with ssl app_url needs to be https still. - ## Timezone settings - - "APP_TIMEZONE=UTC" ## http://php.net/manual/en/timezones.php - ## Service egg settings - - "APP_SERVICE_AUTHOR=noreply@your.domain.here" ## this is the email that gets put on eggs you create - ## Database settings - ## These can be left alone. Only change if you know what you are doing. - - "DB_HOST=database" - - "DB_PORT=3306" - - "DB_DATABASE=pterodb" - - "DB_USERNAME=ptero" - - "DB_PASSWORD=pterodbpass" - ## Email settings - - "MAIL_FROM=noreply@your.domain.here" - - "MAIL_DRIVER=smtp" - - "MAIL_HOST=mail" - - "MAIL_PORT=1025" - - "MAIL_USERNAME=''" - - "MAIL_PASSWORD=''" - - "MAIL_ENCRYPTION=true" - ## certbot settings - Used to automatically generate ssl certs and - # - "LE_EMAIL=" ## uncomment if you are using ssl - + <<: *panel-environment + <<: *mail-environment + DB_PASSWORD: *db-password + APP_ENV: "production" + APP_ENVIRONMENT_ONLY: "false" + CACHE_DRIVER: "redis" + SESSION_DRIVER: "redis" + QUEUE_DRIVER: "redis" + REDIS_HOST: "cache" + DB_HOST: "database" networks: default: ipam: