From 0bac937f0b070d0c180cd5f36b280865a567594e Mon Sep 17 00:00:00 2001 From: "Fly.io" Date: Mon, 16 Dec 2024 10:21:15 +0000 Subject: [PATCH] New files from Fly.io Launch --- .dockerignore | 28 ++ .fly/entrypoint.sh | 15 + .fly/fpm/pool.d/www.conf | 528 ++++++++++++++++++++++ .fly/nginx/conf.d/access-log.conf | 14 + .fly/nginx/conf.d/websockets.conf | 5 + .fly/nginx/nginx.conf | 68 +++ .fly/nginx/sites-available/default | 60 +++ .fly/nginx/sites-available/default-octane | 78 ++++ .fly/php/ondrej_ubuntu_php.gpg | Bin 0 -> 360 bytes .fly/php/packages/7.4.txt | 17 + .fly/php/packages/8.0.txt | 16 + .fly/php/packages/8.1.txt | 16 + .fly/php/packages/8.2.txt | 16 + .fly/php/packages/8.3.txt | 16 + .fly/scripts/caches.sh | 5 + .fly/start-nginx.sh | 3 + .fly/supervisor/conf.d/fpm.conf | 11 + .fly/supervisor/conf.d/nginx.conf | 11 + .fly/supervisor/supervisord.conf | 30 ++ Dockerfile | 124 +++++ composer.json | 1 + composer.lock | 74 ++- fly.toml | 35 ++ 23 files changed, 1168 insertions(+), 3 deletions(-) create mode 100644 .dockerignore create mode 100644 .fly/entrypoint.sh create mode 100644 .fly/fpm/pool.d/www.conf create mode 100644 .fly/nginx/conf.d/access-log.conf create mode 100644 .fly/nginx/conf.d/websockets.conf create mode 100644 .fly/nginx/nginx.conf create mode 100644 .fly/nginx/sites-available/default create mode 100644 .fly/nginx/sites-available/default-octane create mode 100644 .fly/php/ondrej_ubuntu_php.gpg create mode 100644 .fly/php/packages/7.4.txt create mode 100644 .fly/php/packages/8.0.txt create mode 100644 .fly/php/packages/8.1.txt create mode 100644 .fly/php/packages/8.2.txt create mode 100644 .fly/php/packages/8.3.txt create mode 100644 .fly/scripts/caches.sh create mode 100644 .fly/start-nginx.sh create mode 100644 .fly/supervisor/conf.d/fpm.conf create mode 100644 .fly/supervisor/conf.d/nginx.conf create mode 100644 .fly/supervisor/supervisord.conf create mode 100644 Dockerfile create mode 100644 fly.toml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..7db5212 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,28 @@ +# excludes from the docker image/build + +# 1. Ignore Laravel-specific files we don't need +bootstrap/cache/* +storage/framework/cache/* +storage/framework/sessions/* +storage/framework/views/* +storage/logs/* +*.env* +.rr.yml +rr +frankenphp +vendor + +# 2. Ignore common files/directories we don't need +fly.toml +.vscode +.idea +**/*node_modules +**.git +**.gitignore +**.gitattributes +**.sass-cache +**/*~ +**/*.log +**/.DS_Store +**/Thumbs.db +public/hot diff --git a/.fly/entrypoint.sh b/.fly/entrypoint.sh new file mode 100644 index 0000000..0d11ba8 --- /dev/null +++ b/.fly/entrypoint.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env sh + +# Run user scripts, if they exist +for f in /var/www/html/.fly/scripts/*.sh; do + # Bail out this loop if any script exits with non-zero status code + bash "$f" -e +done +chown -R www-data:www-data /var/www/html + +if [ $# -gt 0 ]; then + # If we passed a command, run it as root + exec "$@" +else + exec supervisord -c /etc/supervisor/supervisord.conf +fi diff --git a/.fly/fpm/pool.d/www.conf b/.fly/fpm/pool.d/www.conf new file mode 100644 index 0000000..de8bf0b --- /dev/null +++ b/.fly/fpm/pool.d/www.conf @@ -0,0 +1,528 @@ +; @fly +[global] +; Avoid logs being sent to syslog +error_log = /proc/self/fd/2 + +; Do not daemonize (eg send process to the background) +daemonize = no + +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +; @fly +listen = /var/run/php/php-fpm.sock + +; Set listen(2) backlog. +; Default Value: 511 (-1 on Linux, FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. The owner +; and group can be specified either by name or by their numeric IDs. +; Default Values: user and group are set as the running user +; mode is set to 0660 +listen.owner = www-data +listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Set the associated the route table (FIB). FreeBSD only +; Default Value: -1 +;listen.setfib = 1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl for Linux or +; PROC_TRACE_CTL procctl for FreeBSD) even if the process user +; or group is different than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; pm.max_spawn_rate - the maximum number of rate to spawn child +; processes at once. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +; default: 5 +; @fly +pm.max_children = ${PHP_PM_MAX_CHILDREN} + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: (min_spare_servers + max_spare_servers) / 2 +; default: 2 +; @fly +pm.start_servers = ${PHP_PM_START_SERVERS} + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +; default: 1 +; @fly +pm.min_spare_servers = ${PHP_MIN_SPARE_SERVERS} + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +; default: 3 +; @fly +pm.max_spare_servers = ${PHP_MAX_SPARE_SERVERS} + +; The number of rate to spawn child processes at once. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +; Default Value: 32 +;pm.max_spawn_rate = 32 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following information: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/share/php/8.2/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The address on which to accept FastCGI status request. This creates a new +; invisible pool that can handle requests independently. This is useful +; if the main pool is busy with long running requests because it is still possible +; to get the status before finishing the long running requests. +; +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Default Value: value of the listen option +;pm.status_listen = 127.0.0.1:9001 + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +; @fly +access.log = /proc/self/fd/1 + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{milliseconds}d +; - %{milli}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some examples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsulated in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsulated in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{milli}d %{kilo}M %C%%" + +; A list of request_uri values which should be filtered from the access log. +; +; As a security precuation, this setting will be ignored if: +; - the request method is not GET or HEAD; or +; - there is a request body; or +; - there are query parameters; or +; - the response code is outwith the successful range of 200 to 299 +; +; Note: The paths are matched against the output of the access.format tag "%r". +; On common configurations, this may look more like SCRIPT_NAME than the +; expected pre-rewrite URI. +; +; Default Value: not set +;access.suppress_path[] = /ping +;access.suppress_path[] = /health_check.php + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; The timeout set by 'request_terminate_timeout' ini option is not engaged after +; application calls 'fastcgi_finish_request' or when application has finished and +; shutdown functions are being called (registered via register_shutdown_function). +; This option will enable timeout limit to be applied unconditionally +; even in such cases. +; Default Value: no +;request_terminate_timeout_track_finished = no + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environment, this can cause some delay in the page +; process time (several ms). +; Default Value: no +; @fly +catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +; @fly +decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +; @fly +clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M + +; @fly settings: +; Security measures +php_admin_value[open_basedir] = /var/www/html:/dev/stdout:/tmp +php_admin_flag[session.cookie_secure] = true + +; Regional settings +php_value[date.timezone] = ${PHP_DATE_TIMEZONE} + +; Error reporting settings +php_admin_value[display_errors] = ${PHP_DISPLAY_ERRORS} +php_admin_value[error_reporting] = ${PHP_ERROR_REPORTING} + +; Performance settings +php_admin_value[memory_limit] = ${PHP_MEMORY_LIMIT} +php_admin_value[max_execution_time] = ${PHP_MAX_EXECUTION_TIME} + +; Upload settings +php_admin_value[post_max_size] = ${PHP_POST_MAX_SIZE} +php_admin_value[upload_max_filesize] = ${PHP_UPLOAD_MAX_FILE_SIZE} + +; Allow remote file access settings +php_admin_value[allow_url_fopen] = ${PHP_ALLOW_URL_FOPEN} diff --git a/.fly/nginx/conf.d/access-log.conf b/.fly/nginx/conf.d/access-log.conf new file mode 100644 index 0000000..83212e7 --- /dev/null +++ b/.fly/nginx/conf.d/access-log.conf @@ -0,0 +1,14 @@ +# If Fly-Client-Ip is empty, set $forwarded_header_value to +# value of X-Forwarded-For, else set +# $forwarded_header_value to value of Fly-Client-Ip +map $http_fly_client_ip $forwarded_header_value { + default $http_fly_client_ip; + "" $http_x_forwarded_for; +} + +# Use variable $forwarded_header_value in place where we'd normally +# see $http_x_forwarded_For. We prefer the value of Fly-Client-Ip +# if it's available +log_format fly '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$forwarded_header_value"'; diff --git a/.fly/nginx/conf.d/websockets.conf b/.fly/nginx/conf.d/websockets.conf new file mode 100644 index 0000000..de0dbfb --- /dev/null +++ b/.fly/nginx/conf.d/websockets.conf @@ -0,0 +1,5 @@ +# See https://laravel.com/docs/9.x/octane#serving-your-application-via-nginx +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} diff --git a/.fly/nginx/nginx.conf b/.fly/nginx/nginx.conf new file mode 100644 index 0000000..e457fbf --- /dev/null +++ b/.fly/nginx/nginx.conf @@ -0,0 +1,68 @@ +user www-data; +worker_processes auto; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; +daemon off; + +events { + worker_connections 768; + # multi_accept on; +} + +http { + + ## + # Basic Settings + ## + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # SSL Settings + ## + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + ## + # Logging Settings + ## + + access_log /dev/stdout; + error_log /dev/stderr; + + ## + # Increase header size for better support on Laravel APIs + ## + http2_max_field_size 16k; + http2_max_header_size 32k; + + ## + # Gzip Settings + ## + + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} + diff --git a/.fly/nginx/sites-available/default b/.fly/nginx/sites-available/default new file mode 100644 index 0000000..26f4ac5 --- /dev/null +++ b/.fly/nginx/sites-available/default @@ -0,0 +1,60 @@ +server { + listen 8080 default_server; + listen [::]:8080 default_server; + + root /var/www/html/public; + + index index.html index.htm index.php; + + server_name _; + + charset utf-8; + + client_max_body_size 2048M; + + access_log /dev/stdout fly; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ \.php$ { + include snippets/fastcgi-php.conf; + fastcgi_param HTTP_X_FORWARDED_FOR $http_fly_client_ip; + fastcgi_pass unix:/var/run/php/php-fpm.sock; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + } + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + log_not_found off; + access_log off; + } + + location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ { + expires 7d; + access_log off; + log_not_found off; + # Pass to PHP to ensure PHP apps can handle routes that end in these filetypes + try_files $uri /index.php?$query_string; + } + + location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ { + add_header Access-Control-Allow-Origin "*"; + expires 7d; + access_log off; + } + + location ~ /\.(?!well-known) { + deny all; + } + + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; +} diff --git a/.fly/nginx/sites-available/default-octane b/.fly/nginx/sites-available/default-octane new file mode 100644 index 0000000..5afd28e --- /dev/null +++ b/.fly/nginx/sites-available/default-octane @@ -0,0 +1,78 @@ +server { + listen 8080 default_server; + listen [::]:8080 default_server; + + root /var/www/html/public; + + index index.html index.htm index.php; + + server_name _; + + charset utf-8; + + client_max_body_size 2048M; + + access_log /dev/stdout fly; + + location /index.php { + try_files /not_exists @octane; + } + + location / { + try_files $uri $uri/ @octane; + } + + location @octane { + set $suffix ""; + + if ($uri = /index.php) { + set $suffix ?$query_string; + } + + proxy_http_version 1.1; + proxy_set_header Host $http_host; + proxy_set_header Scheme $scheme; + proxy_set_header SERVER_PORT $server_port; + proxy_set_header REMOTE_ADDR $remote_addr; + proxy_set_header X-Forwarded-For $http_fly_client_ip; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + proxy_buffers 16 16k; + proxy_buffer_size 32k; + + proxy_pass http://127.0.0.1:8000$suffix; + } + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + log_not_found off; + access_log off; + } + + location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ { + expires 7d; + access_log off; + log_not_found off; + # Pass to PHP to ensure PHP apps can handle routes that end in these filetypes + try_files $uri @octane; + } + + location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ { + add_header Access-Control-Allow-Origin "*"; + expires 7d; + access_log off; + } + + location ~ /\.(?!well-known) { + deny all; + } + + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; +} diff --git a/.fly/php/ondrej_ubuntu_php.gpg b/.fly/php/ondrej_ubuntu_php.gpg new file mode 100644 index 0000000000000000000000000000000000000000..82ef42b08cd94b2944e73af8c16fad296ad9a8a2 GIT binary patch literal 360 zcmV-u0hj)mjRZ-3`J4d+0J4J#K-FIPmiB*>|Lw-qIn$%n}5`Po1Hf*FNak#Awd|4UVGNDlnmns{I%0={+EnmwAK-9N=MgOdZaJMeU`N6ls? zm-dLl=KY)D^VV#b{j4GeZUGpY9*-r)gwihAieAGv7Q$7Q>oR)*-vAK-00FcgOks6y zV`y+;WFSybK_F&tav)D`WW||fY9Lc}a>KodwgeLa0stTd0!e-OoB|sI1`7!Y2Ll2G z6#@tY1Qr4V0RkQY0vCV)3JDNTPN1sgCVFf_HUs`OwKh@(0#y1E@pi@aTapnGiZ4uR znA%drtfPg?2uYcAL6_%&kkeZ)UV7rc3Elolp(^~b3aE`NHa~Rcitxg}{jkXDYMm-! zyj`>QzQ=6F7@ssRh9C2=XfyAhRPtaRx!z1NuHc3iF((SQnN7r0yJ`VLDkV7(<@gze G;5f_TDWV?$ literal 0 HcmV?d00001 diff --git a/.fly/php/packages/7.4.txt b/.fly/php/packages/7.4.txt new file mode 100644 index 0000000..bb73888 --- /dev/null +++ b/.fly/php/packages/7.4.txt @@ -0,0 +1,17 @@ +php7.4-bcmath +php7.4-cli +php7.4-common +php7.4-curl +php7.4-gd +php7.4-intl +php7.4-json +php7.4-mbstring +php7.4-mysql +php7.4-pgsql +php7.4-redis +php7.4-soap +php7.4-sqlite3 +php7.4-xml +php7.4-zip +php7.4-swoole +php7.4-fpm diff --git a/.fly/php/packages/8.0.txt b/.fly/php/packages/8.0.txt new file mode 100644 index 0000000..1416d1c --- /dev/null +++ b/.fly/php/packages/8.0.txt @@ -0,0 +1,16 @@ +php8.0-bcmath +php8.0-cli +php8.0-common +php8.0-curl +php8.0-gd +php8.0-intl +php8.0-mbstring +php8.0-mysql +php8.0-pgsql +php8.0-redis +php8.0-soap +php8.0-sqlite3 +php8.0-xml +php8.0-zip +php8.0-swoole +php8.0-fpm diff --git a/.fly/php/packages/8.1.txt b/.fly/php/packages/8.1.txt new file mode 100644 index 0000000..07e5391 --- /dev/null +++ b/.fly/php/packages/8.1.txt @@ -0,0 +1,16 @@ +php8.1-bcmath +php8.1-cli +php8.1-common +php8.1-curl +php8.1-gd +php8.1-intl +php8.1-mbstring +php8.1-mysql +php8.1-pgsql +php8.1-redis +php8.1-soap +php8.1-sqlite3 +php8.1-xml +php8.1-zip +php8.1-swoole +php8.1-fpm diff --git a/.fly/php/packages/8.2.txt b/.fly/php/packages/8.2.txt new file mode 100644 index 0000000..f45672f --- /dev/null +++ b/.fly/php/packages/8.2.txt @@ -0,0 +1,16 @@ +php8.2-bcmath +php8.2-cli +php8.2-common +php8.2-curl +php8.2-gd +php8.2-intl +php8.2-mbstring +php8.2-mysql +php8.2-pgsql +php8.2-redis +php8.2-soap +php8.2-sqlite3 +php8.2-xml +php8.2-zip +php8.2-swoole +php8.2-fpm diff --git a/.fly/php/packages/8.3.txt b/.fly/php/packages/8.3.txt new file mode 100644 index 0000000..370e554 --- /dev/null +++ b/.fly/php/packages/8.3.txt @@ -0,0 +1,16 @@ +php8.3-bcmath +php8.3-cli +php8.3-common +php8.3-curl +php8.3-gd +php8.3-intl +php8.3-mbstring +php8.3-mysql +php8.3-pgsql +php8.3-redis +php8.3-soap +php8.3-sqlite3 +php8.3-xml +php8.3-zip +php8.3-swoole +php8.3-fpm diff --git a/.fly/scripts/caches.sh b/.fly/scripts/caches.sh new file mode 100644 index 0000000..7ab868a --- /dev/null +++ b/.fly/scripts/caches.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +/usr/bin/php /var/www/html/artisan config:cache --no-ansi -q +/usr/bin/php /var/www/html/artisan route:cache --no-ansi -q +/usr/bin/php /var/www/html/artisan view:cache --no-ansi -q diff --git a/.fly/start-nginx.sh b/.fly/start-nginx.sh new file mode 100644 index 0000000..c4057e0 --- /dev/null +++ b/.fly/start-nginx.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +sleep 0.25 && exec nginx diff --git a/.fly/supervisor/conf.d/fpm.conf b/.fly/supervisor/conf.d/fpm.conf new file mode 100644 index 0000000..20bdd09 --- /dev/null +++ b/.fly/supervisor/conf.d/fpm.conf @@ -0,0 +1,11 @@ +[program:php] +priority=5 +autostart=true +autorestart=true +stdout_events_enabled=true +stderr_events_enabled=true +command=php-fpm +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/.fly/supervisor/conf.d/nginx.conf b/.fly/supervisor/conf.d/nginx.conf new file mode 100644 index 0000000..270aae9 --- /dev/null +++ b/.fly/supervisor/conf.d/nginx.conf @@ -0,0 +1,11 @@ +[program:nginx] +priority=10 +autostart=true +autorestart=true +stdout_events_enabled=true +stderr_events_enabled=true +command=/usr/local/bin/start-nginx +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/.fly/supervisor/supervisord.conf b/.fly/supervisor/supervisord.conf new file mode 100644 index 0000000..6f587d0 --- /dev/null +++ b/.fly/supervisor/supervisord.conf @@ -0,0 +1,30 @@ +; supervisor config file + +[unix_http_server] +file=/var/run/supervisor.sock ; (the path to the socket file) +chmod=0700 ; sockef file mode (default 0700) + +[supervisord] +logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) +pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) +childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP) +; @fly +nodaemon=true + +; the below section must remain in the config file for RPC +; (supervisorctl/web interface) to work, additional interfaces may be +; added by defining them in separate rpcinterface: sections +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[supervisorctl] +serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket + +; The [include] section can just contain the "files" setting. This +; setting can list multiple files (separated by whitespace or +; newlines). It can also contain wildcards. The filenames are +; interpreted as relative to this file. Included files *cannot* +; include files themselves. + +[include] +files = /etc/supervisor/conf.d/*.conf diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..115f410 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,124 @@ +# syntax = docker/dockerfile:experimental + +ARG PHP_VERSION=8.2 +ARG NODE_VERSION=18 +FROM ubuntu:22.04 as base +LABEL fly_launch_runtime="laravel" + +# PHP_VERSION needs to be repeated here +# See https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact +ARG PHP_VERSION +ENV DEBIAN_FRONTEND=noninteractive \ + COMPOSER_ALLOW_SUPERUSER=1 \ + COMPOSER_HOME=/composer \ + COMPOSER_MAX_PARALLEL_HTTP=24 \ + PHP_PM_MAX_CHILDREN=10 \ + PHP_PM_START_SERVERS=3 \ + PHP_MIN_SPARE_SERVERS=2 \ + PHP_MAX_SPARE_SERVERS=4 \ + PHP_DATE_TIMEZONE=UTC \ + PHP_DISPLAY_ERRORS=Off \ + PHP_ERROR_REPORTING=22527 \ + PHP_MEMORY_LIMIT=256M \ + PHP_MAX_EXECUTION_TIME=90 \ + PHP_POST_MAX_SIZE=100M \ + PHP_UPLOAD_MAX_FILE_SIZE=100M \ + PHP_ALLOW_URL_FOPEN=Off + +# Prepare base container: +# 1. Install PHP, Composer +COPY --from=composer:2 /usr/bin/composer /usr/bin/composer +COPY .fly/php/ondrej_ubuntu_php.gpg /etc/apt/trusted.gpg.d/ondrej_ubuntu_php.gpg +ADD .fly/php/packages/${PHP_VERSION}.txt /tmp/php-packages.txt + +RUN apt-get update \ + && apt-get install -y --no-install-recommends gnupg2 ca-certificates git-core curl zip unzip \ + rsync vim-tiny htop sqlite3 nginx supervisor cron \ + && ln -sf /usr/bin/vim.tiny /etc/alternatives/vim \ + && ln -sf /etc/alternatives/vim /usr/bin/vim \ + && echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu jammy main" > /etc/apt/sources.list.d/ondrej-ubuntu-php-focal.list \ + && apt-get update \ + && apt-get -y --no-install-recommends install $(cat /tmp/php-packages.txt) \ + && ln -sf /usr/sbin/php-fpm${PHP_VERSION} /usr/sbin/php-fpm \ + && mkdir -p /var/www/html/public && echo "index" > /var/www/html/public/index.php \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/* + +# 2. Copy config files to proper locations +COPY .fly/nginx/ /etc/nginx/ +COPY .fly/fpm/ /etc/php/${PHP_VERSION}/fpm/ +COPY .fly/supervisor/ /etc/supervisor/ +COPY .fly/entrypoint.sh /entrypoint +COPY .fly/start-nginx.sh /usr/local/bin/start-nginx +RUN chmod 754 /usr/local/bin/start-nginx + +# 3. Copy application code, skipping files based on .dockerignore +COPY . /var/www/html +WORKDIR /var/www/html + +# 4. Setup application dependencies +RUN composer install --optimize-autoloader --no-dev \ + && mkdir -p storage/logs \ + && php artisan optimize:clear \ + && chown -R www-data:www-data /var/www/html \ + && echo "MAILTO=\"\"\n* * * * * www-data /usr/bin/php /var/www/html/artisan schedule:run" > /etc/cron.d/laravel \ + && sed -i='' '/->withMiddleware(function (Middleware \$middleware) {/a\ + \$middleware->trustProxies(at: "*");\ + ' bootstrap/app.php; \ + if [ -d .fly ]; then cp .fly/entrypoint.sh /entrypoint; chmod +x /entrypoint; fi; + + + + +# Multi-stage build: Build static assets +# This allows us to not include Node within the final container +FROM node:${NODE_VERSION} as node_modules_go_brrr + +RUN mkdir /app + +RUN mkdir -p /app +WORKDIR /app +COPY . . +COPY --from=base /var/www/html/vendor /app/vendor + +# Use yarn or npm depending on what type of +# lock file we might find. Defaults to +# NPM if no lock file is found. +# Note: We run "production" for Mix and "build" for Vite +RUN if [ -f "vite.config.js" ]; then \ + ASSET_CMD="build"; \ + else \ + ASSET_CMD="production"; \ + fi; \ + if [ -f "yarn.lock" ]; then \ + yarn install --frozen-lockfile; \ + yarn $ASSET_CMD; \ + elif [ -f "pnpm-lock.yaml" ]; then \ + corepack enable && corepack prepare pnpm@latest-8 --activate; \ + pnpm install --frozen-lockfile; \ + pnpm run $ASSET_CMD; \ + elif [ -f "package-lock.json" ]; then \ + npm ci --no-audit; \ + npm run $ASSET_CMD; \ + else \ + npm install; \ + npm run $ASSET_CMD; \ + fi; + +# From our base container created above, we +# create our final image, adding in static +# assets that we generated above +FROM base + +# Packages like Laravel Nova may have added assets to the public directory +# or maybe some custom assets were added manually! Either way, we merge +# in the assets we generated above rather than overwrite them +COPY --from=node_modules_go_brrr /app/public /var/www/html/public-npm +RUN rsync -ar /var/www/html/public-npm/ /var/www/html/public/ \ + && rm -rf /var/www/html/public-npm \ + && chown -R www-data:www-data /var/www/html/public + +# 5. Setup Entrypoint +EXPOSE 8080 + +ENTRYPOINT ["/entrypoint"] diff --git a/composer.json b/composer.json index c0c5d8b..9422218 100644 --- a/composer.json +++ b/composer.json @@ -11,6 +11,7 @@ }, "require-dev": { "fakerphp/faker": "^1.23", + "fly-apps/dockerfile-laravel": "^1.0", "laravel/pint": "^1.13", "laravel/sail": "^1.26", "mockery/mockery": "^1.6", diff --git a/composer.lock b/composer.lock index 46b0809..c716f0d 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "0a6e3c5e985fc7375fa674c3cc594a7b", + "content-hash": "db8ced2ae160c59ce45a579237103534", "packages": [ { "name": "brick/math", @@ -6015,6 +6015,74 @@ ], "time": "2023-11-03T12:00:00+00:00" }, + { + "name": "fly-apps/dockerfile-laravel", + "version": "1.0.7", + "source": { + "type": "git", + "url": "https://github.com/fly-apps/dockerfile-laravel.git", + "reference": "762b43f8641787fdcd82a0b7f984e204d9f367ac" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/fly-apps/dockerfile-laravel/zipball/762b43f8641787fdcd82a0b7f984e204d9f367ac", + "reference": "762b43f8641787fdcd82a0b7f984e204d9f367ac", + "shasum": "" + }, + "require-dev": { + "illuminate/view": "^10.0", + "laravel-zero/framework": "^10.2", + "laravel/pint": "^1.13", + "mockery/mockery": "^1.6", + "nunomaduro/termwind": "^1.15.1", + "pestphp/pest": "^2.22", + "phpspec/php-diff": "^1.1" + }, + "bin": [ + "builds/dockerfile-laravel" + ], + "type": "project", + "autoload": { + "psr-4": { + "App\\": "app/", + "Database\\Seeders\\": "database/seeders/", + "Database\\Factories\\": "database/factories/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Chris Fidao", + "email": "fideloper@gmail.com" + }, + { + "name": "Kathryn Anne Tan", + "email": "kathryn@fly.io" + }, + { + "name": "Sam Ruby", + "email": "rubys@fly.io" + } + ], + "description": "Dockerfile generator and Fly.io helper.", + "homepage": "https://fly.io/docs/laravel", + "keywords": [ + "Fly.io", + "cli", + "docker", + "dockerfile", + "generate", + "laravel" + ], + "support": { + "issues": "https://github.com/fly-apps/dockerfile-laravel/issues", + "source": "https://github.com/fly-apps/dockerfile-laravel/tree/1.0.7" + }, + "time": "2024-12-09T15:59:57+00:00" + }, { "name": "hamcrest/hamcrest-php", "version": "v2.0.1", @@ -8678,12 +8746,12 @@ ], "aliases": [], "minimum-stability": "stable", - "stability-flags": [], + "stability-flags": {}, "prefer-stable": true, "prefer-lowest": false, "platform": { "php": "^8.2" }, - "platform-dev": [], + "platform-dev": {}, "plugin-api-version": "2.6.0" } diff --git a/fly.toml b/fly.toml new file mode 100644 index 0000000..c4b1e3c --- /dev/null +++ b/fly.toml @@ -0,0 +1,35 @@ +# fly.toml app configuration file generated for workwave on 2024-12-16T10:19:08Z +# +# See https://fly.io/docs/reference/configuration/ for information about how to use this file. +# + +app = 'workwave' +primary_region = 'fra' +console_command = 'php /var/www/html/artisan tinker' + +[build] + [build.args] + NODE_VERSION = '18' + PHP_VERSION = '8.2' + +[env] + APP_ENV = 'production' + LOG_CHANNEL = 'stderr' + LOG_LEVEL = 'info' + LOG_STDERR_FORMATTER = 'Monolog\Formatter\JsonFormatter' + SESSION_DRIVER = 'cookie' + SESSION_SECURE_COOKIE = 'true' + +[http_service] + internal_port = 8080 + force_https = true + auto_stop_machines = 'stop' + auto_start_machines = true + min_machines_running = 0 + processes = ['app'] + +[[vm]] + memory = '1gb' + cpu_kind = 'shared' + cpus = 1 + memory_mb = 1024