From fe725397eb845883f821882dc90b979bdae4b73b Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sat, 14 Nov 2020 13:10:11 -0800 Subject: [PATCH 1/5] Code cleanup and improvement --- {docker => .github/docker}/README.md | 0 {docker => .github/docker}/default.conf | 0 {docker => .github/docker}/default_ssl.conf | 0 {docker => .github/docker}/entrypoint.sh | 17 +--- {docker => .github/docker}/supervisord.conf | 0 {docker => .github/docker}/www.conf | 0 Dockerfile | 62 +++++++------- docker-compose.example.yml | 94 ++++++++++----------- 8 files changed, 80 insertions(+), 93 deletions(-) rename {docker => .github/docker}/README.md (100%) rename {docker => .github/docker}/default.conf (100%) rename {docker => .github/docker}/default_ssl.conf (100%) rename {docker => .github/docker}/entrypoint.sh (88%) rename {docker => .github/docker}/supervisord.conf (100%) rename {docker => .github/docker}/www.conf (100%) diff --git a/docker/README.md b/.github/docker/README.md similarity index 100% rename from docker/README.md rename to .github/docker/README.md diff --git a/docker/default.conf b/.github/docker/default.conf similarity index 100% rename from docker/default.conf rename to .github/docker/default.conf diff --git a/docker/default_ssl.conf b/.github/docker/default_ssl.conf similarity index 100% rename from docker/default_ssl.conf rename to .github/docker/default_ssl.conf diff --git a/docker/entrypoint.sh b/.github/docker/entrypoint.sh similarity index 88% rename from docker/entrypoint.sh rename to .github/docker/entrypoint.sh index f4e1971b4..69bb5bcf0 100644 --- a/docker/entrypoint.sh +++ b/.github/docker/entrypoint.sh @@ -1,18 +1,14 @@ #!/bin/ash -## Ensure we are in /app - cd /app mkdir -p /var/log/panel/logs/ /var/log/supervisord/ /var/log/nginx/ /var/log/php7/ \ -&& rm -rf /app/storage/logs/ \ -&& chmod 777 /var/log/panel/logs/ \ -&& ln -s /var/log/panel/logs/ /app/storage/ + && chmod 777 /var/log/panel/logs/ \ + && ln -s /var/log/panel/logs/ /app/storage/ ## check for .env file and generate app keys if missing if [ -f /app/var/.env ]; then echo "external vars exist." rm -rf /app/.env - ln -s /app/var/.env /app/ else echo "external vars don't exist." @@ -60,7 +56,6 @@ fi ## check for DB up before starting the panel echo "Checking database status." until nc -z -v -w30 $DB_HOST 3306 - do echo "Waiting for database connection..." # wait for 5 seconds before check again @@ -69,17 +64,11 @@ done ## make sure the db is set up echo -e "Migrating and Seeding D.B" -php artisan migrate --force -php artisan db:seed --force +php artisan migrate --seed --force ## start cronjobs for the queue echo -e "Starting cron jobs." crond -L /var/log/crond -l 5 -## install yarn stuff -yarn install --production -yarn add cross-env -yarn run build:production - echo -e "Starting supervisord." exec "$@" diff --git a/docker/supervisord.conf b/.github/docker/supervisord.conf similarity index 100% rename from docker/supervisord.conf rename to .github/docker/supervisord.conf diff --git a/docker/www.conf b/.github/docker/www.conf similarity index 100% rename from docker/www.conf rename to .github/docker/www.conf diff --git a/Dockerfile b/Dockerfile index f00d54d5e..744a6a402 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,36 +1,40 @@ -FROM php:7.4-fpm-alpine - +# Stage 0: +# Build the assets that are needed for the frontend. This build stage is then discarded +# since we won't need NodeJS anymore in the future. This Docker image ships a final production +# level distribution of Pterodactyl. +FROM mhart/alpine-node:14 WORKDIR /app - -RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar unzip nginx libpng-dev libxml2-dev libzip-dev certbot yarn; \ - docker-php-ext-install bcmath; \ - docker-php-ext-install gd; \ - docker-php-ext-install mbstring; \ - docker-php-ext-install pdo; \ - docker-php-ext-install pdo_mysql; \ - docker-php-ext-install tokenizer; \ - docker-php-ext-install xml; \ - docker-php-ext-configure zip --with-libzip=/usr/include; \ - docker-php-ext-install zip; \ - curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer - COPY . ./ +RUN yarn install --frozen-lockfile \ + && yarn run build:production -RUN cp .env.example .env \ - && composer install --no-dev --optimize-autoloader \ - && rm .env \ - && chown -R nginx:nginx . && chmod -R 777 storage/* bootstrap/cache +# Stage 1: +# Build the actual container with all of the needed PHP dependencies that will run the application. +FROM php:7.4-fpm-alpine +WORKDIR /app +COPY . ./ +COPY --from=0 /app/public/assets ./public/assets +RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar unzip nginx libpng-dev libxml2-dev libzip-dev certbot \ + && docker-php-ext-configure zip \ + && docker-php-ext-install bcmath gd pdo_mysql zip \ + && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \ + && cp .env.example .env \ + && mkdir -p bootstrap/cache/ storage/framework/sessions storage/framework/views storage/framework/cache \ + && chmod 777 -R bootstrap storage \ + && composer install --no-dev --optimize-autoloader \ + && rm -rf .env bootstrap/cache/*.php storage \ + && chown -R nginx:nginx . -RUN cp docker/default.conf /etc/nginx/conf.d/default.conf \ - && cat docker/www.conf > /usr/local/etc/php-fpm.d/www.conf \ - && rm /usr/local/etc/php-fpm.d/www.conf.default \ - && cat docker/supervisord.conf > /etc/supervisord.conf \ - && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \ - && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \ - && mkdir -p /var/run/php /var/run/nginx +RUN rm /usr/local/etc/php-fpm.d/www.conf.default \ + && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \ + && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \ + && mkdir -p /var/run/php /var/run/nginx \ + && apk del --no-cache libpng-dev libxml2-dev libzip-dev + +COPY .github/docker/default.conf /etc/nginx/conf.d/default.conf +COPY .github/docker/www.conf /usr/local/etc/php-fpm.d/www.conf +COPY .github/docker/supervisord.conf /etc/supervisord.conf EXPOSE 80 443 - -ENTRYPOINT ["/bin/ash", "docker/entrypoint.sh"] - +ENTRYPOINT ["/bin/ash", ".github/docker/entrypoint.sh"] CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ] diff --git a/docker-compose.example.yml b/docker-compose.example.yml index c69cce565..e04c798d6 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -1,4 +1,34 @@ -version: '2' +version: '3.8' +x-common: + database: &db-environment + # Do not remove the "&db-password" from the end of the line below, it is important + # for Panel functionality. + MYSQL_PASSWORD: "CHANGE_ME" &db-password + MYSQL_ROOT_PASSWORD: "CHANGE_ME_TOO" + panel: &panel-environment + APP_URL: "https://your.domain.here" + # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php + APP_TIMEZONE: "UTC" + APP_SERVICE_AUTHOR: "noreply@example.com" + # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt + # to generate an SSL certificate for the Panel. + # LE_EMAIL: "" + mail: &mail-environment + MAIL_FROM: "noreply@example.com" + MAIL_DRIVER: "smtp" + MAIL_HOST: "mail" + MAIL_PORT: "1025" + MAIL_USERNAME: "" + MAIL_PASSWORD: "" + MAIL_ENCRYPTION: "true" + +# +# ------------------------------------------------------------------------------------------ +# DANGER ZONE BELOW +# +# The remainder of this file likely does not need to be changed. Please only make modifications +# below if you understand what you are doing. +# services: database: image: mariadb:10.4 @@ -6,17 +36,12 @@ services: volumes: - "/srv/pterodactyl/database:/var/lib/mysql" environment: - ## Database settings - ## change if you want it to be more secure. - - "MYSQL_ROOT_PASSWORD=apassword" - - "MYSQL_DATABASE=pterodb" - - "MYSQL_USER=ptero" - - "MYSQL_PASSWORD=pterodbpass" - + <<: *db-environment + MYSQL_DATABASE: "panel" + MYSQL_USER: "pterodactyl" cache: image: redis:alpine restart: always - panel: image: quay.io/pterodactyl/panel:latest restart: always @@ -32,47 +57,16 @@ services: - "/srv/pterodactyl/certs/:/etc/letsencrypt/" - "/srv/pterodactyl/logs/:/var/log/" environment: - ## These are defaults and should be left alone - - "APP_ENV=production" - - "APP_DEBUG=false" - - "APP_THEME=pterodactyl" - - "APP_CLEAR_TASKLOG=720" - - "APP_DELETE_MINUTES=10" - - "APP_ENVIRONMENT_ONLY=false" - - "QUEUE_HIGH=high" - - "QUEUE_STANDARD=standard" - - "QUEUE_LOW=low" - ## Cache settings - - "CACHE_DRIVER=redis" - - "SESSION_DRIVER=redis" - - "QUEUE_DRIVER=redis" - - "REDIS_HOST=cache" - - "REDIS_PASSWORD=null" - - "REDIS_PORT=6379" - ## Domain settings - - "APP_URL=https://your.domain.here" ## if you are running this behind a reverse proxy with ssl app_url needs to be https still. - ## Timezone settings - - "APP_TIMEZONE=UTC" ## http://php.net/manual/en/timezones.php - ## Service egg settings - - "APP_SERVICE_AUTHOR=noreply@your.domain.here" ## this is the email that gets put on eggs you create - ## Database settings - ## These can be left alone. Only change if you know what you are doing. - - "DB_HOST=database" - - "DB_PORT=3306" - - "DB_DATABASE=pterodb" - - "DB_USERNAME=ptero" - - "DB_PASSWORD=pterodbpass" - ## Email settings - - "MAIL_FROM=noreply@your.domain.here" - - "MAIL_DRIVER=smtp" - - "MAIL_HOST=mail" - - "MAIL_PORT=1025" - - "MAIL_USERNAME=''" - - "MAIL_PASSWORD=''" - - "MAIL_ENCRYPTION=true" - ## certbot settings - Used to automatically generate ssl certs and - # - "LE_EMAIL=" ## uncomment if you are using ssl - + <<: *panel-environment + <<: *mail-environment + DB_PASSWORD: *db-password + APP_ENV: "production" + APP_ENVIRONMENT_ONLY: "false" + CACHE_DRIVER: "redis" + SESSION_DRIVER: "redis" + QUEUE_DRIVER: "redis" + REDIS_HOST: "cache" + DB_HOST: "database" networks: default: ipam: From 83707079e8aa713efd6bc042a47ec08774e6728d Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sat, 14 Nov 2020 13:26:43 -0800 Subject: [PATCH 2/5] Fixes for docker compose formatting and missing storage dir --- .github/docker/entrypoint.sh | 2 +- Dockerfile | 4 ++-- docker-compose.example.yml | 33 ++++++++++++++++++--------------- 3 files changed, 21 insertions(+), 18 deletions(-) diff --git a/.github/docker/entrypoint.sh b/.github/docker/entrypoint.sh index 69bb5bcf0..c9934335e 100644 --- a/.github/docker/entrypoint.sh +++ b/.github/docker/entrypoint.sh @@ -3,7 +3,7 @@ cd /app mkdir -p /var/log/panel/logs/ /var/log/supervisord/ /var/log/nginx/ /var/log/php7/ \ && chmod 777 /var/log/panel/logs/ \ - && ln -s /var/log/panel/logs/ /app/storage/ + && ln -s /var/log/panel/logs/ /app/storage/logs/ ## check for .env file and generate app keys if missing if [ -f /app/var/.env ]; then diff --git a/Dockerfile b/Dockerfile index 744a6a402..c2d538bef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,10 +19,10 @@ RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar un && docker-php-ext-install bcmath gd pdo_mysql zip \ && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \ && cp .env.example .env \ - && mkdir -p bootstrap/cache/ storage/framework/sessions storage/framework/views storage/framework/cache \ + && mkdir -p bootstrap/cache/ storage/logs storage/framework/sessions storage/framework/views storage/framework/cache \ && chmod 777 -R bootstrap storage \ && composer install --no-dev --optimize-autoloader \ - && rm -rf .env bootstrap/cache/*.php storage \ + && rm -rf .env bootstrap/cache/*.php \ && chown -R nginx:nginx . RUN rm /usr/local/etc/php-fpm.d/www.conf.default \ diff --git a/docker-compose.example.yml b/docker-compose.example.yml index e04c798d6..bd5e509c9 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -1,19 +1,22 @@ version: '3.8' x-common: - database: &db-environment + database: + &db-environment # Do not remove the "&db-password" from the end of the line below, it is important # for Panel functionality. - MYSQL_PASSWORD: "CHANGE_ME" &db-password + MYSQL_PASSWORD: &db-password "CHANGE_ME" MYSQL_ROOT_PASSWORD: "CHANGE_ME_TOO" - panel: &panel-environment - APP_URL: "https://your.domain.here" + panel: + &panel-environment + APP_URL: "https://example.com" # A list of valid timezones can be found here: http://php.net/manual/en/timezones.php APP_TIMEZONE: "UTC" APP_SERVICE_AUTHOR: "noreply@example.com" # Uncomment the line below and set to a non-empty value if you want to use Let's Encrypt # to generate an SSL certificate for the Panel. # LE_EMAIL: "" - mail: &mail-environment + mail: + &mail-environment MAIL_FROM: "noreply@example.com" MAIL_DRIVER: "smtp" MAIL_HOST: "mail" @@ -37,8 +40,8 @@ services: - "/srv/pterodactyl/database:/var/lib/mysql" environment: <<: *db-environment - MYSQL_DATABASE: "panel" - MYSQL_USER: "pterodactyl" + MYSQL_DATABASE: "panel" + MYSQL_USER: "pterodactyl" cache: image: redis:alpine restart: always @@ -59,14 +62,14 @@ services: environment: <<: *panel-environment <<: *mail-environment - DB_PASSWORD: *db-password - APP_ENV: "production" - APP_ENVIRONMENT_ONLY: "false" - CACHE_DRIVER: "redis" - SESSION_DRIVER: "redis" - QUEUE_DRIVER: "redis" - REDIS_HOST: "cache" - DB_HOST: "database" + DB_PASSWORD: *db-password + APP_ENV: "production" + APP_ENVIRONMENT_ONLY: "false" + CACHE_DRIVER: "redis" + SESSION_DRIVER: "redis" + QUEUE_DRIVER: "redis" + REDIS_HOST: "cache" + DB_HOST: "database" networks: default: ipam: From 7df3c1d013f02bddae368dd037e10a83153d0ed1 Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sat, 14 Nov 2020 13:58:51 -0800 Subject: [PATCH 3/5] Tweaks --- .github/docker/entrypoint.sh | 4 ++-- Dockerfile | 3 +-- docker-compose.example.yml | 3 ++- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/docker/entrypoint.sh b/.github/docker/entrypoint.sh index c9934335e..e42cf9d21 100644 --- a/.github/docker/entrypoint.sh +++ b/.github/docker/entrypoint.sh @@ -58,8 +58,8 @@ echo "Checking database status." until nc -z -v -w30 $DB_HOST 3306 do echo "Waiting for database connection..." - # wait for 5 seconds before check again - sleep 5 + # wait for 1 seconds before check again + sleep 1 done ## make sure the db is set up diff --git a/Dockerfile b/Dockerfile index c2d538bef..02da51054 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,8 +28,7 @@ RUN apk add --no-cache --update ca-certificates dcron curl git supervisor tar un RUN rm /usr/local/etc/php-fpm.d/www.conf.default \ && echo "* * * * * /usr/local/bin/php /app/artisan schedule:run >> /dev/null 2>&1" >> /var/spool/cron/crontabs/root \ && sed -i s/ssl_session_cache/#ssl_session_cache/g /etc/nginx/nginx.conf \ - && mkdir -p /var/run/php /var/run/nginx \ - && apk del --no-cache libpng-dev libxml2-dev libzip-dev + && mkdir -p /var/run/php /var/run/nginx COPY .github/docker/default.conf /etc/nginx/conf.d/default.conf COPY .github/docker/www.conf /usr/local/etc/php-fpm.d/www.conf diff --git a/docker-compose.example.yml b/docker-compose.example.yml index bd5e509c9..036bceb9a 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -34,8 +34,9 @@ x-common: # services: database: - image: mariadb:10.4 + image: library/mysql:8.0 restart: always + command: --default-authentication-plugin=mysql_native_password volumes: - "/srv/pterodactyl/database:/var/lib/mysql" environment: From 9ffb5d299587702871ae83141bc7bba419b651dc Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sat, 14 Nov 2020 19:56:43 -0800 Subject: [PATCH 4/5] Add support for automated docker builds --- .github/workflows/docker.yml | 37 ++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/workflows/docker.yml diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 000000000..90006393a --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,37 @@ +name: Publish Docker Image +on: + push: + branches: + - 'develop' + tags: + - 'v*' +jobs: + push_to_registry: + name: Push Image to Github Packages + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Release Production Build + uses: docker/build-push-action@v2 + if: contains(github.ref, 'develop') != true + env: + GITHUB_REF: ${{ github.ref }} + with: + push: true + tags: | + ghcr.io/pterodactyl/panel:latest + ghcr.io/pterodactyl/panel:${GITHUB_REF} + - name: Release Development Build + uses: docker/build-push-action@v2 + if: contains(github.ref, 'develop') + with: + push: true + tags: | + ghcr.io/pterodactyl/panel:develop From 4ef04aa604679dff248f8818c35c61d456f1bdcd Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sat, 14 Nov 2020 20:01:02 -0800 Subject: [PATCH 5/5] Update actions --- .github/workflows/docker.yml | 2 +- .github/workflows/release.yml | 18 ++++++++---------- .github/workflows/tests.yml | 2 +- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 90006393a..19a8b0707 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -30,7 +30,7 @@ jobs: ghcr.io/pterodactyl/panel:${GITHUB_REF} - name: Release Development Build uses: docker/build-push-action@v2 - if: contains(github.ref, 'develop') + if: contains(github.ref, 'develop') && && !contains(github.event.head_commit.message, '[skip docker]') && !contains(github.event.head_commit.message, '[docker skip]') with: push: true tags: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 06582c0e6..91e39431f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,10 +1,8 @@ -name: "Release" - +name: Create Release on: push: tags: - 'v*' - jobs: release: runs-on: ubuntu-20.04 @@ -13,7 +11,7 @@ jobs: - uses: actions/setup-node@v1 with: node-version: '12' - + - name: Create release branch and bump version env: REF: ${{ github.ref }} @@ -32,7 +30,7 @@ jobs: run: | yarn install yarn run build:production - + - name: Create release archive run: | rm -rf node_modules/ test/ codecov.yml CODE_OF_CONDUCT.md CONTRIBUTING.md phpunit.dusk.xml phpunit.xml Vagrantfile @@ -63,25 +61,25 @@ jobs: body_path: ./RELEASE_CHANGELOG draft: true prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'alpha') }} - + - name: Upload binary id: upload-release-archive uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - upload_url: ${{ steps.create_release.outputs.upload_url }} + upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: panel.tar.gz asset_name: panel.tar.gz asset_content_type: application/gzip - + - name: Upload checksum - id: upload-release-checksum + id: upload-release-checksum uses: actions/upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: - upload_url: ${{ steps.create_release.outputs.upload_url }} + upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./checksum.txt asset_name: checksum.txt asset_content_type: text/plain diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 00c37cc59..5d9c21e68 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -1,4 +1,4 @@ -name: tests +name: Run Test Suite on: push: branch-ignore: