From 894b20dd749d7d22e6065060ccefb580084daf2f Mon Sep 17 00:00:00 2001 From: turegjorup Date: Fri, 5 Sep 2025 11:21:13 +0200 Subject: [PATCH 1/4] 5402: Remove unmaintained infrastructure code for os2display images --- infrastructure/os2display/Readme.md | 3 - .../os2display/display-api-service/Dockerfile | 155 ------------------ .../display-api-service/docker-entrypoint.sh | 22 --- .../etc/confd/conf.d/env.local.toml | 8 - .../etc/confd/templates/env.local.tmpl | 71 -------- .../os2display/display-api-service/gitconfig | 9 - .../display-api-service/php/apcu.ini | 7 - .../display-api-service/php/fpm.ini | 17 -- .../display-api-service/php/opcache.ini | 15 -- .../display-api-service/php/php.ini | 13 -- infrastructure/os2display/nginx/Dockerfile | 37 ----- .../os2display/nginx/docker-entrypoint.sh | 49 ------ .../nginx/etc/confd/conf.d/default.conf.toml | 7 - .../nginx/etc/confd/conf.d/nginx.conf.toml | 7 - .../etc/confd/templates/default.conf.tmpl | 52 ------ .../nginx/etc/confd/templates/nginx.conf.tmpl | 51 ------ infrastructure/os2display/run.sh | 13 -- 17 files changed, 536 deletions(-) delete mode 100644 infrastructure/os2display/Readme.md delete mode 100644 infrastructure/os2display/display-api-service/Dockerfile delete mode 100644 infrastructure/os2display/display-api-service/docker-entrypoint.sh delete mode 100644 infrastructure/os2display/display-api-service/etc/confd/conf.d/env.local.toml delete mode 100644 infrastructure/os2display/display-api-service/etc/confd/templates/env.local.tmpl delete mode 100644 infrastructure/os2display/display-api-service/gitconfig delete mode 100644 infrastructure/os2display/display-api-service/php/apcu.ini delete mode 100644 infrastructure/os2display/display-api-service/php/fpm.ini delete mode 100644 infrastructure/os2display/display-api-service/php/opcache.ini delete mode 100644 infrastructure/os2display/display-api-service/php/php.ini delete mode 100644 infrastructure/os2display/nginx/Dockerfile delete mode 100644 infrastructure/os2display/nginx/docker-entrypoint.sh delete mode 100644 infrastructure/os2display/nginx/etc/confd/conf.d/default.conf.toml delete mode 100644 infrastructure/os2display/nginx/etc/confd/conf.d/nginx.conf.toml delete mode 100644 infrastructure/os2display/nginx/etc/confd/templates/default.conf.tmpl delete mode 100644 infrastructure/os2display/nginx/etc/confd/templates/nginx.conf.tmpl delete mode 100755 infrastructure/os2display/run.sh diff --git a/infrastructure/os2display/Readme.md b/infrastructure/os2display/Readme.md deleted file mode 100644 index def6e8a45..000000000 --- a/infrastructure/os2display/Readme.md +++ /dev/null @@ -1,3 +0,0 @@ -# OS2display image build - -This folder contains the infrastructure files for building the `os2display/*` images diff --git a/infrastructure/os2display/display-api-service/Dockerfile b/infrastructure/os2display/display-api-service/Dockerfile deleted file mode 100644 index 2809349f8..000000000 --- a/infrastructure/os2display/display-api-service/Dockerfile +++ /dev/null @@ -1,155 +0,0 @@ -FROM php:8.3-fpm-alpine -LABEL maintainer="ITK Dev " - -############# SETUP CONTAINER ############# - -USER root - -ARG APP_VERSION="develop" - -ENV APP_PATH=/var/www/html \ - # PHP - TZ="Europe/Copenhagen" \ - PHP_TIMEZONE="Europe/Copenhagen" \ - PHP_MAX_EXECUTION_TIME="30" \ - PHP_MEMORY_LIMIT="128M" \ - PHP_POST_MAX_SIZE="8M" \ - PHP_UPLOAD_MAX_FILESIZE="2M" \ - PHP_USER="www-data" \ - PHP_GROUP="www-data" \ - PHP_SENDMAIL_PATH='/usr/sbin/sendmail -S host.docker.internal -t -i' \ - # OpCache - PHP_OPCACHE_ENABLED="1" \ - PHP_OPCACHE_JIT="off" \ - PHP_OPCACHE_REVALIDATE_FREQ=0 \ - PHP_OPCACHE_VALIDATE_TIMESTAMPS="1" \ - PHP_OPCACHE_MAX_ACCELERATED_FILES="20000" \ - PHP_OPCACHE_MEMORY_CONSUMPTION="64" \ - PHP_OPCACHE_MAX_WASTED_PERCENTAGE="10" \ - # APCU - PHP_APCU_ENABLED=0 \ - PHP_APCU_ENABLED_CLI=0 \ - PHP_APCU_MEMORY_SIZE="16M" \ - PHP_APCU_SEGMENTS=1 \ - PHP_APCU_PRELOAD_PATH='' \ - # FPM pool - PHP_PM_TYPE="static" \ - PHP_PM_MAX_CHILDREN="8" \ - PHP_PM_MAX_REQUESTS="0" \ - PHP_PM_START_SERVERS="5" \ - PHP_PM_MIN_SPARE_SERVERS="5" \ - PHP_PM_MAX_SPARE_SERVERS="8" \ - # Other - PHP_REQUEST_SLOWLOG_TIMEOUT="0" \ - PHP_SLOWLOG="/dev/stderr" \ - COMPOSER_ALLOW_SUPERUSER=1 - -RUN apk upgrade --no-cache --ignore curl -RUN apk --update add --no-cache \ - libxslt-dev \ - libzip-dev \ - libpng-dev \ - gettext-dev \ - git \ - unzip \ - icu-dev \ - icu-data-full \ - openldap-dev \ - libmcrypt-dev \ - mysql-client \ - libmemcached-libs \ - zlib \ - patch \ - tzdata \ - freetype-dev \ - libjpeg-turbo-dev \ - libjpeg-turbo \ - libwebp-dev \ - && docker-php-ext-configure gd --with-freetype --with-webp --with-jpeg \ - && docker-php-ext-install -j$(nproc) \ - bcmath \ - calendar \ - gd \ - gettext \ - intl \ - ldap \ - mysqli \ - opcache \ - pdo_mysql \ - sysvsem \ - soap \ - xsl \ - zip - -# Extension that are not available via ext- -RUN apk --update add --no-cache --virtual .build-deps autoconf g++ make zlib-dev libmemcached-dev cyrus-sasl-dev \ - && pecl channel-update pecl.php.net \ - && pecl install redis memcached apcu \ - && docker-php-ext-enable apcu redis memcached \ - && apk del .build-deps - -# Install AMQP support -RUN apk --update add --no-cache rabbitmq-c -RUN apk --update add --no-cache --virtual .build-deps autoconf g++ make rabbitmq-c-dev \ - && pecl install amqp \ - && docker-php-ext-enable amqp memcached \ - && apk del .build-deps - -# Install composer -COPY --from=composer:2 /usr/bin/composer /usr/local/bin/composer - -# Use default PHP production configuration. -RUN mv ${PHP_INI_DIR}/php.ini-production ${PHP_INI_DIR}/php.ini - -# # Copy custom PHP configuration. -COPY php/opcache.ini ${PHP_INI_DIR}/conf.d/docker-php-ext-opcache.ini -COPY php/php.ini ${PHP_INI_DIR}/conf.d/zz-php.ini -COPY php/apcu.ini ${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini - -# Custom FPM configuration. -COPY php/fpm.ini ${PHP_INI_DIR}/../php-fpm.d/zz-fpm-docker.conf - -# Add mhsendmail for mailhog -ADD https://github.com/mailhog/mhsendmail/releases/download/v0.2.0/mhsendmail_linux_amd64 /usr/local/bin/mhsendmail -RUN chmod +x /usr/local/bin/mhsendmail - -# Added FPM health check script (https://github.com/renatomefi/php-fpm-healthcheck) -ADD https://raw.githubusercontent.com/renatomefi/php-fpm-healthcheck/master/php-fpm-healthcheck /usr/local/bin/php-fpm-healthcheck -RUN chmod +x /usr/local/bin/php-fpm-healthcheck - -# Add git global config -COPY gitconfig /root/.gitconfig - -############# SETUP APPLICATION ############# - -# Move site into the container. -ADD https://github.com/os2display/display-api-service/archive/${APP_VERSION}.tar.gz /tmp/app.tar -RUN tar -zxf /tmp/app.tar --strip-components=1 -C ${APP_PATH} \ - && rm /tmp/app.tar - -## Install assets, which requires a HACK as redis is not available (should be removed later on). -RUN APP_ENV=prod composer install --no-dev -o --classmap-authoritative \ - && rm -rf infrastructure \ - && APP_ENV=prod composer clear-cache - -# Install the application. -RUN mkdir -p ${APP_PATH}/config/secrets \ - && chown -R www-data:www-data ${APP_PATH} - -# Copy configuration. -COPY etc /etc/ - -# Install configuration template handler -ADD https://github.com/kelseyhightower/confd/releases/download/v0.16.0/confd-0.16.0-linux-amd64 /usr/local/bin/confd -RUN chmod +x /usr/local/bin/confd - -# Copy confd onfiguration. -COPY etc /etc/ - -COPY docker-entrypoint.sh /usr/local/bin/ -RUN chmod +x /usr/local/bin/docker-entrypoint.sh - -WORKDIR ${APP_PATH} - -CMD ["php-fpm"] -ENTRYPOINT [ "docker-entrypoint.sh" ] diff --git a/infrastructure/os2display/display-api-service/docker-entrypoint.sh b/infrastructure/os2display/display-api-service/docker-entrypoint.sh deleted file mode 100644 index 8ad622b4d..000000000 --- a/infrastructure/os2display/display-api-service/docker-entrypoint.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh - -set -eux - -## Run templates with configuration. -/usr/local/bin/confd --onetime --backend env --confdir /etc/confd - -## Bump env.local into PHP for better performance. -composer dump-env prod - -## Warm-up Symfony cache (with the current configuration). -/var/www/html/bin/console --env=prod cache:warmup - -# first arg is `-f` or `--some-option` -if [ "${1#-}" != "$1" ]; then - set -- php-fpm "$@" -fi - -## Start the PHP FPM process. -echo "Starting PHP 8.3 FPM" - -exec "$@" diff --git a/infrastructure/os2display/display-api-service/etc/confd/conf.d/env.local.toml b/infrastructure/os2display/display-api-service/etc/confd/conf.d/env.local.toml deleted file mode 100644 index e7f303a3e..000000000 --- a/infrastructure/os2display/display-api-service/etc/confd/conf.d/env.local.toml +++ /dev/null @@ -1,8 +0,0 @@ -[template] -src = "env.local.tmpl" -dest = "/var/www/html/.env.local" -owner = "www-data" -mode = "0644" -keys = [ - "/app-config" -] diff --git a/infrastructure/os2display/display-api-service/etc/confd/templates/env.local.tmpl b/infrastructure/os2display/display-api-service/etc/confd/templates/env.local.tmpl deleted file mode 100644 index 1fa420ab2..000000000 --- a/infrastructure/os2display/display-api-service/etc/confd/templates/env.local.tmpl +++ /dev/null @@ -1,71 +0,0 @@ -###> symfony/framework-bundle ### -APP_ENV={{ getenv "APP_ENV" "prod" }} -APP_SECRET={{ getenv "APP_SECRET" "MySuperSecret" }} -TRUSTED_PROXIES={{ getenv "APP_TRUSTED_PROXIES" "127.0.0.1,REMOTE_ADDR" }} -###< symfony/framework-bundle ### - -###> doctrine/doctrine-bundle ### -DATABASE_URL={{ getenv "APP_DATABASE_URL" "mysql://db:db@mariadb:3306/db?serverVersion=mariadb-10.4.0" }} -###< doctrine/doctrine-bundle ### - -###> nelmio/cors-bundle ### -CORS_ALLOW_ORIGIN={{ getenv "APP_CORS_ALLOW_ORIGIN" "'^https?://localhost(:[0-9]+)?$'" }} -###< nelmio/cors-bundle ### - -###> App ### -APP_DEFAULT_DATE_FORMAT='{{ getenv "APP_DEFAULT_DATE_FORMAT" "Y-m-d\\TH:i:s\\Z" }}' -APP_ACTIVATION_CODE_EXPIRE_INTERNAL='{{ getenv "APP_ACTIVATION_CODE_EXPIRE_INTERNAL" "P2D" }}' -###< App ### - -###> lexik/jwt-authentication-bundle ### -JWT_PASSPHRASE={{ getenv "APP_JWT_PASSPHRASE" }} -JWT_TOKEN_TTL={{ getenv "APP_JWT_TOKEN_TTL" "3600" }} -JWT_SCREEN_TOKEN_TTL={{ getenv "APP_JWT_SCREEN_TOKEN_TTL" "3600" }} -###< lexik/jwt-authentication-bundle ### - -###> gesdinet/jwt-refresh-token-bundle ### -JWT_REFRESH_TOKEN_TTL={{ getenv "APP_JWT_REFRESH_TOKEN_TTL" "2592000" }} -JWT_SCREEN_REFRESH_TOKEN_TTL={{ getenv "APP_JWT_SCREEN_REFRESH_TOKEN_TTL" "2592000" }} -###< gesdinet/jwt-refresh-token-bundle ### - -###> itk-dev/openid-connect-bundle ### -# internal provider -INTERNAL_OIDC_METADATA_URL={{ getenv "APP_INTERNAL_OIDC_METADATA_URL" "" }} -INTERNAL_OIDC_CLIENT_ID={{ getenv "APP_INTERNAL_OIDC_CLIENT_ID" "" }} -INTERNAL_OIDC_CLIENT_SECRET={{ getenv "APP_INTERNAL_OIDC_CLIENT_SECRET" "" }} -INTERNAL_OIDC_REDIRECT_URI={{ getenv "APP_INTERNAL_OIDC_REDIRECT_URI" "" }} -INTERNAL_OIDC_LEEWAY={{ getenv "APP_INTERNAL_OIDC_LEEWAY" "30" }} - -# external provider -EXTERNAL_OIDC_METADATA_URL={{ getenv "APP_EXTERNAL_OIDC_METADATA_URL" "" }} -EXTERNAL_OIDC_CLIENT_ID={{ getenv "APP_EXTERNAL_OIDC_CLIENT_ID" "" }} -EXTERNAL_OIDC_CLIENT_SECRET={{ getenv "APP_EXTERNAL_OIDC_CLIENT_SECRET" "" }} -EXTERNAL_OIDC_REDIRECT_URI={{ getenv "APP_EXTERNAL_OIDC_REDIRECT_URI" "" }} -EXTERNAL_OIDC_LEEWAY={{ getenv "APP_EXTERNAL_OIDC_LEEWAY" "30" }} -EXTERNAL_OIDC_HASH_SALT={{ getenv "APP_EXTERNAL_OIDC_HASH_SALT" "" }} - -CLI_REDIRECT={{ getenv "APP_CLI_REDIRECT" "" }} -###< itk-dev/openid-connect-bundle ### - -###> redis ### -REDIS_CACHE_PREFIX={{ getenv "APP_CLI_REDIRECT" "DisplayApiService" }} -REDIS_CACHE_DSN={{ getenv "APP_CLI_REDIRECT" "redis://redis:6379/0" }} -###< redis ### - -###> Calendar Api Feed Source ### -CALENDAR_API_FEED_SOURCE_LOCATION_ENDPOINT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_LOCATION_ENDPOINT" "" }} -CALENDAR_API_FEED_SOURCE_RESOURCE_ENDPOINT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_RESOURCE_ENDPOINT" "" }} -CALENDAR_API_FEED_SOURCE_EVENT_ENDPOINT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_EVENT_ENDPOINT" "" }} -CALENDAR_API_FEED_SOURCE_CUSTOM_MAPPINGS={{ getenv "APP_CALENDAR_API_FEED_SOURCE_CUSTOM_MAPPINGS" "'{}'" }} -CALENDAR_API_FEED_SOURCE_EVENT_MODIFIERS={{ getenv "APP_CALENDAR_API_FEED_SOURCE_EVENT_MODIFIERS" "'{}'" }} -CALENDAR_API_FEED_SOURCE_DATE_FORMAT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_DATE_FORMAT" "" }} -CALENDAR_API_FEED_SOURCE_DATE_TIMEZONE={{ getenv "APP_CALENDAR_API_FEED_SOURCE_DATE_TIMEZONE" "" }} -CALENDAR_API_FEED_SOURCE_CACHE_EXPIRE_SECONDS={{ getenv "CALENDAR_API_FEED_SOURCE_CACHE_EXPIRE_SECONDS" "300" }} -###< Calendar Api Feed Source ### - -EVENTDATABASE_API_V2_CACHE_EXPIRE_SECONDS={{ getenv "APP_EVENTDATABASE_API_V2_CACHE_EXPIRE_SECONDS" "300" }} - -TRACK_SCREEN_INFO={{ getenv "APP_TRACK_SCREEN_INFO" "false" }} -TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS={{ getenv "APP_TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS" "300" }} - -APP_KEY_VAULT_JSON={{ getenv "APP_KEY_VAULT_JSON" "{}" }} diff --git a/infrastructure/os2display/display-api-service/gitconfig b/infrastructure/os2display/display-api-service/gitconfig deleted file mode 100644 index 60a3b0202..000000000 --- a/infrastructure/os2display/display-api-service/gitconfig +++ /dev/null @@ -1,9 +0,0 @@ -[color] - ui = true - -[alias] - branch-name = !git for-each-ref --format='%(refname:short)' `git symbolic-ref HEAD` - lg = log --graph --pretty=format:'%Cred%h%Creset %Cgreen(%cr) -%C(yellow)%d%Creset %s %C(bold blue)<%an>%Creset' --abbrev-commit --date=relative - -[safe] - directory = * \ No newline at end of file diff --git a/infrastructure/os2display/display-api-service/php/apcu.ini b/infrastructure/os2display/display-api-service/php/apcu.ini deleted file mode 100644 index 86164be82..000000000 --- a/infrastructure/os2display/display-api-service/php/apcu.ini +++ /dev/null @@ -1,7 +0,0 @@ -extension=apcu -apc.enabled=${PHP_APCU_ENABLED} -apc.shm_segments=${PHP_APCU_SEGMENTS} -apc.shm_size=${PHP_APCU_MEMORY_SIZE} - -apc.enable_cli=${PHP_APCU_ENABLED_CLI} -apc.preload_path=${PHP_APCU_PRELOAD_PATH} \ No newline at end of file diff --git a/infrastructure/os2display/display-api-service/php/fpm.ini b/infrastructure/os2display/display-api-service/php/fpm.ini deleted file mode 100644 index 49e0aeb48..000000000 --- a/infrastructure/os2display/display-api-service/php/fpm.ini +++ /dev/null @@ -1,17 +0,0 @@ -[www] -pm = ${PHP_PM_TYPE} -pm.max_children = ${PHP_PM_MAX_CHILDREN} -pm.start_servers = ${PHP_PM_START_SERVERS} -pm.min_spare_servers = ${PHP_PM_MIN_SPARE_SERVERS} -pm.max_spare_servers = ${PHP_PM_MAX_SPARE_SERVERS} -pm.max_requests = ${PHP_PM_MAX_REQUESTS} - -request_slowlog_timeout = ${PHP_REQUEST_SLOWLOG_TIMEOUT} -slowlog = ${PHP_SLOWLOG} - -; Enable the FPM status page -pm.status_path = /status - -user = ${PHP_USER} -group = ${PHP_GROUP} - diff --git a/infrastructure/os2display/display-api-service/php/opcache.ini b/infrastructure/os2display/display-api-service/php/opcache.ini deleted file mode 100644 index 8ff178634..000000000 --- a/infrastructure/os2display/display-api-service/php/opcache.ini +++ /dev/null @@ -1,15 +0,0 @@ -zend_extension=opcache.so - -[opcache] -opcache.jit=${PHP_OPCACHE_JIT} - -opcache.enable=${PHP_OPCACHE_ENABLED} -opcache.revalidate_freq=${PHP_OPCACHE_REVALIDATE_FREQ} -opcache.validate_timestamps=${PHP_OPCACHE_VALIDATE_TIMESTAMPS} -opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES} -opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION} -opcache.max_wasted_percentage=${PHP_OPCACHE_MAX_WASTED_PERCENTAGE} -opcache.interned_strings_buffer=16 -opcache.fast_shutdown=1 - -opcache.optimization_level=0xFFFFFFEF diff --git a/infrastructure/os2display/display-api-service/php/php.ini b/infrastructure/os2display/display-api-service/php/php.ini deleted file mode 100644 index 2bfde2b40..000000000 --- a/infrastructure/os2display/display-api-service/php/php.ini +++ /dev/null @@ -1,13 +0,0 @@ -realpath_cache_size = 4096k -realpath_cache_ttl = 600 - -expose_php = Off -max_execution_time = ${PHP_MAX_EXECUTION_TIME} -memory_limit = ${PHP_MEMORY_LIMIT} - -post_max_size = ${PHP_POST_MAX_SIZE} -upload_max_filesize = ${PHP_UPLOAD_MAX_FILESIZE} - -date.timezone = ${PHP_TIMEZONE} - -sendmail_path = ${PHP_SENDMAIL_PATH} diff --git a/infrastructure/os2display/nginx/Dockerfile b/infrastructure/os2display/nginx/Dockerfile deleted file mode 100644 index bc13dcd12..000000000 --- a/infrastructure/os2display/nginx/Dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -ARG APP_VERSION="develop" -FROM os2display/display-api-service:${APP_VERSION} as APPLICATION - -FROM nginxinc/nginx-unprivileged:alpine -LABEL maintainer="ITK Dev " -ARG UID=101 -ARG GID=101 - -ENV APP_PATH=/var/www/html - -USER root - -RUN mkdir -p ${APP_PATH}/public - -COPY --from=APPLICATION ${APP_PATH}/public ${APP_PATH}/public - -WORKDIR ${APP_PATH} - -# Copy configuration. -COPY etc /etc/ - -# Install configuration template handler -ADD https://github.com/kelseyhightower/confd/releases/download/v0.16.0/confd-0.16.0-linux-amd64 /usr/local/bin/confd -RUN chmod +x /usr/local/bin/confd - -COPY docker-entrypoint.sh / -RUN chmod +x /docker-entrypoint.sh \ - && chown -R $UID:0 ${APP_PATH} \ - && chmod -R g+w ${APP_PATH} - -USER $UID - -EXPOSE 8080 - -ENTRYPOINT [ "/docker-entrypoint.sh" ] - -CMD ["nginx", "-g", "daemon off;"] diff --git a/infrastructure/os2display/nginx/docker-entrypoint.sh b/infrastructure/os2display/nginx/docker-entrypoint.sh deleted file mode 100644 index 978fa9f4e..000000000 --- a/infrastructure/os2display/nginx/docker-entrypoint.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/sh - -set -eux - -## Run templates with configuration. -/usr/local/bin/confd --onetime --backend env --confdir /etc/confd - -entrypoint_log() { - if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then - echo "$@" - fi -} - -if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - entrypoint_log "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - - entrypoint_log "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do - case "$f" in - *.envsh) - if [ -x "$f" ]; then - entrypoint_log "$0: Sourcing $f"; - . "$f" - else - # warn on shell scripts without exec bit - entrypoint_log "$0: Ignoring $f, not executable"; - fi - ;; - *.sh) - if [ -x "$f" ]; then - entrypoint_log "$0: Launching $f"; - "$f" - else - # warn on shell scripts without exec bit - entrypoint_log "$0: Ignoring $f, not executable"; - fi - ;; - *) entrypoint_log "$0: Ignoring $f";; - esac - done - - entrypoint_log "$0: Configuration complete; ready for start up" - else - entrypoint_log "$0: No files found in /docker-entrypoint.d/, skipping configuration" - fi -fi - -exec "$@" diff --git a/infrastructure/os2display/nginx/etc/confd/conf.d/default.conf.toml b/infrastructure/os2display/nginx/etc/confd/conf.d/default.conf.toml deleted file mode 100644 index 185954f0d..000000000 --- a/infrastructure/os2display/nginx/etc/confd/conf.d/default.conf.toml +++ /dev/null @@ -1,7 +0,0 @@ -[template] -src = "default.conf.tmpl" -dest = "/etc/nginx/conf.d/default.conf" -mode = "0644" -keys = [ - "/nginx-config" -] diff --git a/infrastructure/os2display/nginx/etc/confd/conf.d/nginx.conf.toml b/infrastructure/os2display/nginx/etc/confd/conf.d/nginx.conf.toml deleted file mode 100644 index 7c81a661f..000000000 --- a/infrastructure/os2display/nginx/etc/confd/conf.d/nginx.conf.toml +++ /dev/null @@ -1,7 +0,0 @@ -[template] -src = "nginx.conf.tmpl" -dest = "/etc/nginx/nginx.conf" -mode = "0644" -keys = [ - "/nginx-config" -] diff --git a/infrastructure/os2display/nginx/etc/confd/templates/default.conf.tmpl b/infrastructure/os2display/nginx/etc/confd/templates/default.conf.tmpl deleted file mode 100644 index b6f32099b..000000000 --- a/infrastructure/os2display/nginx/etc/confd/templates/default.conf.tmpl +++ /dev/null @@ -1,52 +0,0 @@ -# @see https://symfony.com/doc/current/setup/web_server_configuration.html -server { - listen 8080; - server_name localhost; - root /var/www/html/public; - - location / { - add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive"; - - # try to serve file directly, fallback to index.php - try_files $uri /index.php$is_args$args; - } - - location = /robots.txt { - add_header Content-Type text/plain; - add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive"; - return 200 "User-agent: *\nDisallow: /\n"; - } - - location ~ ^/index\.php(/|$) { - fastcgi_pass {{ getenv "PHP_FPM_SERVER" "phpfpm" }}:{{ getenv "PHP_FPM_SERVER_PORT" "9000" }}; - fastcgi_split_path_info ^(.+\.php)(/.*)$; - include fastcgi_params; - - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - fastcgi_param DOCUMENT_ROOT $realpath_root; - - internal; - } - - # return 404 for all other php files not matching the front controller - # this prevents access to other php files you don't want to be accessible. - location ~ \.php$ { - return 404; - } - - error_log /var/log/nginx/error.log; - access_log /var/log/nginx/access.log; -} - -server { - listen 8080; - server_name localhost; - root /var/www/html/public; - - error_log off; - access_log off; - - location /stub_status { - stub_status; - } -} diff --git a/infrastructure/os2display/nginx/etc/confd/templates/nginx.conf.tmpl b/infrastructure/os2display/nginx/etc/confd/templates/nginx.conf.tmpl deleted file mode 100644 index 254adf3ec..000000000 --- a/infrastructure/os2display/nginx/etc/confd/templates/nginx.conf.tmpl +++ /dev/null @@ -1,51 +0,0 @@ -worker_processes auto; - -error_log /var/log/nginx/error.log warn; -pid /tmp/nginx.pid; - -events { - worker_connections 2048; - multi_accept on; -} - - -http { - open_file_cache max=10000 inactive=5m; - open_file_cache_valid 5m; - open_file_cache_min_uses 5; - open_file_cache_errors off; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 15 15; - types_hash_max_size 2048; - - server_tokens off; - - client_max_body_size {{ getenv "NGINX_FPM_UPLOAD_MAX" "8M" }}; - - gzip on; - gzip_disable "msie6"; - gzip_vary on; - gzip_proxied any; - gzip_comp_level 6; - gzip_buffers 16 8k; - gzip_http_version 1.0; - gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - set_real_ip_from 172.16.0.0/8; - real_ip_recursive on; - real_ip_header X-Forwarded-For; - - log_format main '$http_x_real_ip - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - error_log /dev/stderr; - access_log /dev/stdout main; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/infrastructure/os2display/run.sh b/infrastructure/os2display/run.sh deleted file mode 100755 index ae23d67b4..000000000 --- a/infrastructure/os2display/run.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh - -set -eux - -APP_VERSION=develop - -docker pull nginxinc/nginx-unprivileged:alpine - -docker build --pull --no-cache --build-arg APP_VERSION=${APP_VERSION} --tag=os2display/display-api-service:${APP_VERSION} --file="display-api-service/Dockerfile" display-api-service -docker build --no-cache --build-arg VERSION=${APP_VERSION} --tag=os2display/display-api-service-nginx:${APP_VERSION} --file="nginx/Dockerfile" nginx - -# docker push os2display/display-api-service:${APP_VERSION} -# docker push os2display/display-api-service-nginx:${APP_VERSION} From a4fd679f5ef35525cb9d85891c8a7cf4515c3bf6 Mon Sep 17 00:00:00 2001 From: turegjorup Date: Fri, 5 Sep 2025 11:23:16 +0200 Subject: [PATCH 2/4] 5402: Refacktor itk-dev images to single infrastructure. Rename itk-dev images to os2display --- infrastructure/{itkdev => }/Readme.md | 2 +- infrastructure/{itkdev => }/display-api-service/Dockerfile | 2 +- .../{itkdev => }/display-api-service/docker-entrypoint.sh | 0 .../display-api-service/etc/confd/conf.d/env.local.toml | 0 .../display-api-service/etc/confd/templates/env.local.tmpl | 0 infrastructure/{itkdev => }/nginx/Dockerfile | 2 +- infrastructure/{itkdev => }/nginx/docker-entrypoint.sh | 0 .../{itkdev => }/nginx/etc/confd/conf.d/default.conf.toml | 0 .../{itkdev => }/nginx/etc/confd/conf.d/nginx.conf.toml | 0 .../nginx/etc/confd/templates/default.conf.tmpl | 0 .../{itkdev => }/nginx/etc/confd/templates/nginx.conf.tmpl | 0 infrastructure/package-lock.json | 6 ------ infrastructure/{itkdev => }/run.sh | 0 13 files changed, 3 insertions(+), 9 deletions(-) rename infrastructure/{itkdev => }/Readme.md (81%) rename infrastructure/{itkdev => }/display-api-service/Dockerfile (97%) rename infrastructure/{itkdev => }/display-api-service/docker-entrypoint.sh (100%) rename infrastructure/{itkdev => }/display-api-service/etc/confd/conf.d/env.local.toml (100%) rename infrastructure/{itkdev => }/display-api-service/etc/confd/templates/env.local.tmpl (100%) rename infrastructure/{itkdev => }/nginx/Dockerfile (98%) rename infrastructure/{itkdev => }/nginx/docker-entrypoint.sh (100%) rename infrastructure/{itkdev => }/nginx/etc/confd/conf.d/default.conf.toml (100%) rename infrastructure/{itkdev => }/nginx/etc/confd/conf.d/nginx.conf.toml (100%) rename infrastructure/{itkdev => }/nginx/etc/confd/templates/default.conf.tmpl (100%) rename infrastructure/{itkdev => }/nginx/etc/confd/templates/nginx.conf.tmpl (100%) delete mode 100644 infrastructure/package-lock.json rename infrastructure/{itkdev => }/run.sh (100%) diff --git a/infrastructure/itkdev/Readme.md b/infrastructure/Readme.md similarity index 81% rename from infrastructure/itkdev/Readme.md rename to infrastructure/Readme.md index abf2b9d1e..17978bc45 100644 --- a/infrastructure/itkdev/Readme.md +++ b/infrastructure/Readme.md @@ -1,3 +1,3 @@ # ITK-development image build -This folder contains the infrastructure files for building the `itkdev/*` images +This folder contains the infrastructure files for building the `os2display/*` images diff --git a/infrastructure/itkdev/display-api-service/Dockerfile b/infrastructure/display-api-service/Dockerfile similarity index 97% rename from infrastructure/itkdev/display-api-service/Dockerfile rename to infrastructure/display-api-service/Dockerfile index b30ecff1a..5e9c835dd 100644 --- a/infrastructure/itkdev/display-api-service/Dockerfile +++ b/infrastructure/display-api-service/Dockerfile @@ -1,4 +1,4 @@ -FROM itkdev/php8.3-fpm:alpine AS APP_BUILDER +FROM itkdev/php8.4-fpm:alpine AS APP_BUILDER LABEL maintainer="ITK Dev " ARG APP_VERSION="develop" diff --git a/infrastructure/itkdev/display-api-service/docker-entrypoint.sh b/infrastructure/display-api-service/docker-entrypoint.sh similarity index 100% rename from infrastructure/itkdev/display-api-service/docker-entrypoint.sh rename to infrastructure/display-api-service/docker-entrypoint.sh diff --git a/infrastructure/itkdev/display-api-service/etc/confd/conf.d/env.local.toml b/infrastructure/display-api-service/etc/confd/conf.d/env.local.toml similarity index 100% rename from infrastructure/itkdev/display-api-service/etc/confd/conf.d/env.local.toml rename to infrastructure/display-api-service/etc/confd/conf.d/env.local.toml diff --git a/infrastructure/itkdev/display-api-service/etc/confd/templates/env.local.tmpl b/infrastructure/display-api-service/etc/confd/templates/env.local.tmpl similarity index 100% rename from infrastructure/itkdev/display-api-service/etc/confd/templates/env.local.tmpl rename to infrastructure/display-api-service/etc/confd/templates/env.local.tmpl diff --git a/infrastructure/itkdev/nginx/Dockerfile b/infrastructure/nginx/Dockerfile similarity index 98% rename from infrastructure/itkdev/nginx/Dockerfile rename to infrastructure/nginx/Dockerfile index 7a0334dd9..6be4be3c4 100644 --- a/infrastructure/itkdev/nginx/Dockerfile +++ b/infrastructure/nginx/Dockerfile @@ -17,7 +17,7 @@ COPY --from=APPLICATION ${APP_PATH}/public ${APP_PATH}/public WORKDIR ${APP_PATH} # Copy configuration. -COPY etc/ /etc/ +COPY etc /etc/ # Install configuration template handler ADD https://github.com/kelseyhightower/confd/releases/download/v0.16.0/confd-0.16.0-linux-amd64 /usr/local/bin/confd diff --git a/infrastructure/itkdev/nginx/docker-entrypoint.sh b/infrastructure/nginx/docker-entrypoint.sh similarity index 100% rename from infrastructure/itkdev/nginx/docker-entrypoint.sh rename to infrastructure/nginx/docker-entrypoint.sh diff --git a/infrastructure/itkdev/nginx/etc/confd/conf.d/default.conf.toml b/infrastructure/nginx/etc/confd/conf.d/default.conf.toml similarity index 100% rename from infrastructure/itkdev/nginx/etc/confd/conf.d/default.conf.toml rename to infrastructure/nginx/etc/confd/conf.d/default.conf.toml diff --git a/infrastructure/itkdev/nginx/etc/confd/conf.d/nginx.conf.toml b/infrastructure/nginx/etc/confd/conf.d/nginx.conf.toml similarity index 100% rename from infrastructure/itkdev/nginx/etc/confd/conf.d/nginx.conf.toml rename to infrastructure/nginx/etc/confd/conf.d/nginx.conf.toml diff --git a/infrastructure/itkdev/nginx/etc/confd/templates/default.conf.tmpl b/infrastructure/nginx/etc/confd/templates/default.conf.tmpl similarity index 100% rename from infrastructure/itkdev/nginx/etc/confd/templates/default.conf.tmpl rename to infrastructure/nginx/etc/confd/templates/default.conf.tmpl diff --git a/infrastructure/itkdev/nginx/etc/confd/templates/nginx.conf.tmpl b/infrastructure/nginx/etc/confd/templates/nginx.conf.tmpl similarity index 100% rename from infrastructure/itkdev/nginx/etc/confd/templates/nginx.conf.tmpl rename to infrastructure/nginx/etc/confd/templates/nginx.conf.tmpl diff --git a/infrastructure/package-lock.json b/infrastructure/package-lock.json deleted file mode 100644 index 4ca926f5d..000000000 --- a/infrastructure/package-lock.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "name": "app", - "lockfileVersion": 3, - "requires": true, - "packages": {} -} diff --git a/infrastructure/itkdev/run.sh b/infrastructure/run.sh similarity index 100% rename from infrastructure/itkdev/run.sh rename to infrastructure/run.sh From 6901548d6b0d8a54b5a0471c3f6028fe8c9e6ec2 Mon Sep 17 00:00:00 2001 From: turegjorup Date: Fri, 5 Sep 2025 11:24:39 +0200 Subject: [PATCH 3/4] 5402: Update github action image uild jobs for new infrastructure --- ...l => docker_build_images_from_develop.yml} | 18 +++--- ...g.yml => docker_build_images_from_tag.yml} | 18 +++--- .../os2display_docker_build_develop.yml | 60 ------------------ .../workflows/os2display_docker_build_tag.yml | 63 ------------------- 4 files changed, 18 insertions(+), 141 deletions(-) rename .github/workflows/{itkdev_docker_build_develop.yml => docker_build_images_from_develop.yml} (71%) rename .github/workflows/{itkdev_docker_build_tag.yml => docker_build_images_from_tag.yml} (73%) delete mode 100644 .github/workflows/os2display_docker_build_develop.yml delete mode 100644 .github/workflows/os2display_docker_build_tag.yml diff --git a/.github/workflows/itkdev_docker_build_develop.yml b/.github/workflows/docker_build_images_from_develop.yml similarity index 71% rename from .github/workflows/itkdev_docker_build_develop.yml rename to .github/workflows/docker_build_images_from_develop.yml index aaef33621..bcf6cd50f 100644 --- a/.github/workflows/itkdev_docker_build_develop.yml +++ b/.github/workflows/docker_build_images_from_develop.yml @@ -4,8 +4,8 @@ on: branches: - "develop" -# This Action builds to itkdev/* using ./infrastructure/itkdev/* -name: ITK Dev - Build docker image (develop) +# This Action builds to os2display/* using ./infrastructure/* +name: Build docker image (develop) jobs: docker: @@ -15,7 +15,7 @@ jobs: COMPOSER_ALLOW_SUPERUSER: 1 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Login to DockerHub uses: docker/login-action@v3 @@ -28,13 +28,13 @@ jobs: id: meta-api uses: docker/metadata-action@v5 with: - images: itkdev/os2display-api-service + images: os2display/os2display-api-service - name: Build and push (API) uses: docker/build-push-action@v5 with: - context: ./infrastructure/itkdev/display-api-service/ - file: ./infrastructure/itkdev/display-api-service/Dockerfile + context: ./infrastructure/display-api-service/ + file: ./infrastructure/display-api-service/Dockerfile build-args: | VERSION=${{ env.APP_VERSION }} push: true @@ -46,13 +46,13 @@ jobs: id: meta-nginx uses: docker/metadata-action@v5 with: - images: itkdev/os2display-api-service-nginx + images: os2display/os2display-api-service-nginx - name: Build and push (Nginx) uses: docker/build-push-action@v5 with: - context: ./infrastructure/itkdev/nginx/ - file: ./infrastructure/itkdev/nginx/Dockerfile + context: ./infrastructure/nginx/ + file: ./infrastructure/nginx/Dockerfile build-args: | APP_VERSION=${{ env.APP_VERSION }} push: true diff --git a/.github/workflows/itkdev_docker_build_tag.yml b/.github/workflows/docker_build_images_from_tag.yml similarity index 73% rename from .github/workflows/itkdev_docker_build_tag.yml rename to .github/workflows/docker_build_images_from_tag.yml index f64644a28..208a41b61 100644 --- a/.github/workflows/itkdev_docker_build_tag.yml +++ b/.github/workflows/docker_build_images_from_tag.yml @@ -4,8 +4,8 @@ on: tags: - "*" -# This Action builds to itkdev/* using ./infrastructure/itkdev/* -name: ITK Dev - Build docker image (tag) +# This Action builds to os2display/* using ./infrastructure/* +name: Build docker image (tag) jobs: docker: @@ -14,7 +14,7 @@ jobs: COMPOSER_ALLOW_SUPERUSER: 1 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Login to DockerHub uses: docker/login-action@v3 @@ -27,13 +27,13 @@ jobs: id: meta-api uses: docker/metadata-action@v5 with: - images: itkdev/os2display-api-service + images: os2display/os2display-api-service - name: Build and push (API) uses: docker/build-push-action@v5 with: - context: ./infrastructure/itkdev/display-api-service/ - file: ./infrastructure/itkdev/display-api-service/Dockerfile + context: ./infrastructure/display-api-service/ + file: ./infrastructure/display-api-service/Dockerfile build-args: | APP_VERSION=${{ github.ref }} push: true @@ -45,7 +45,7 @@ jobs: id: meta-nginx uses: docker/metadata-action@v5 with: - images: itkdev/os2display-api-service-nginx + images: os2display/os2display-api-service-nginx - name: Get the tag id: get_tag @@ -54,8 +54,8 @@ jobs: - name: Build and push (Nginx) uses: docker/build-push-action@v5 with: - context: ./infrastructure/itkdev/nginx/ - file: ./infrastructure/itkdev/nginx/Dockerfile + context: ./infrastructure/nginx/ + file: ./infrastructure/nginx/Dockerfile build-args: | APP_VERSION=${{ steps.get_tag.outputs.git_tag }} push: true diff --git a/.github/workflows/os2display_docker_build_develop.yml b/.github/workflows/os2display_docker_build_develop.yml deleted file mode 100644 index bcdf09a6c..000000000 --- a/.github/workflows/os2display_docker_build_develop.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- -on: - push: - branches: - - "develop" - -# This Action builds to os2display/* using ./infrastructure/os2display/* -name: OS2display - Build docker image (develop) - -jobs: - docker: - runs-on: ubuntu-latest - env: - APP_VERSION: develop - COMPOSER_ALLOW_SUPERUSER: 1 - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USER }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - # Build api - - name: Docker meta (API) - id: meta-api - uses: docker/metadata-action@v5 - with: - images: os2display/display-api-service - - - name: Build and push (API) - uses: docker/build-push-action@v5 - with: - context: ./infrastructure/os2display/display-api-service/ - file: ./infrastructure/os2display/display-api-service/Dockerfile - build-args: | - VERSION=${{ env.APP_VERSION }} - push: true - tags: ${{ steps.meta-api.outputs.tags }} - labels: ${{ steps.meta-api.outputs.labels }} - - # Build nginx (depends on api build) - - name: Docker meta (Nginx) - id: meta-nginx - uses: docker/metadata-action@v5 - with: - images: os2display/display-api-service-nginx - - - name: Build and push (Nginx) - uses: docker/build-push-action@v5 - with: - context: ./infrastructure/os2display/nginx/ - file: ./infrastructure/os2display/nginx/Dockerfile - build-args: | - APP_VERSION=${{ env.APP_VERSION }} - push: true - tags: ${{ steps.meta-nginx.outputs.tags }} - labels: ${{ steps.meta-nginx.outputs.labels }} diff --git a/.github/workflows/os2display_docker_build_tag.yml b/.github/workflows/os2display_docker_build_tag.yml deleted file mode 100644 index 8bd2b12aa..000000000 --- a/.github/workflows/os2display_docker_build_tag.yml +++ /dev/null @@ -1,63 +0,0 @@ ---- -on: - push: - tags: - - "*" - -# This Action builds to os2display/* using ./infrastructure/os2display/* -name: OS2display - Build docker image (tag) - -jobs: - docker: - runs-on: ubuntu-latest - env: - COMPOSER_ALLOW_SUPERUSER: 1 - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USER }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - # Build api - - name: Docker meta (API) - id: meta-api - uses: docker/metadata-action@v5 - with: - images: os2display/display-api-service - - - name: Build and push (API) - uses: docker/build-push-action@v5 - with: - context: ./infrastructure/os2display/display-api-service/ - file: ./infrastructure/os2display/display-api-service/Dockerfile - build-args: | - APP_VERSION=${{ github.ref }} - push: true - tags: ${{ steps.meta-api.outputs.tags }} - labels: ${{ steps.meta-api.outputs.labels }} - - # Build nginx (depends on api build) - - name: Docker meta (Nginx) - id: meta-nginx - uses: docker/metadata-action@v5 - with: - images: os2display/display-api-service-nginx - - - name: Get the tag - id: get_tag - run: echo ::set-output name=git_tag::$(echo $GITHUB_REF_NAME) - - - name: Build and push (Nginx) - uses: docker/build-push-action@v5 - with: - context: ./infrastructure/os2display/nginx/ - file: ./infrastructure/os2display/nginx/Dockerfile - build-args: | - APP_VERSION=${{ steps.get_tag.outputs.git_tag }} - push: true - tags: ${{ steps.meta-nginx.outputs.tags }} - labels: ${{ steps.meta-nginx.outputs.labels }} From 2b84d3255b150d87f87b7bee7d58435bd178c36c Mon Sep 17 00:00:00 2001 From: turegjorup Date: Mon, 3 Nov 2025 13:03:56 +0100 Subject: [PATCH 4/4] 5402: Update infrastructure for 3.0 --- .dockerignore | 68 ++++++++++++++++++ .github/Taskfile.yml | 46 ++++++++++++ .../docker_build_images_from_develop.yml | 23 ++++-- .../docker_build_images_from_tag.yml | 21 +++--- .github/workflows/github_build_release.yml | 20 +++--- .gitignore | 2 - docker-compose.server.yml | 2 +- docker-compose.yml | 2 +- infrastructure/build-n-push.sh | 27 +++++++ infrastructure/display-api-service/Dockerfile | 59 ++++++++------- .../display-api-service/docker-entrypoint.sh | 6 +- .../etc/confd/conf.d/env.local.toml | 8 --- .../etc/confd/templates/env.local.tmpl | 71 ------------------- infrastructure/nginx/Dockerfile | 45 +++++++++--- .../etc/confd/templates/default.conf.tmpl | 23 ++++++ infrastructure/run.sh | 13 ---- 16 files changed, 273 insertions(+), 163 deletions(-) create mode 100644 .dockerignore create mode 100644 .github/Taskfile.yml create mode 100755 infrastructure/build-n-push.sh delete mode 100644 infrastructure/display-api-service/etc/confd/conf.d/env.local.toml delete mode 100644 infrastructure/display-api-service/etc/confd/templates/env.local.tmpl delete mode 100755 infrastructure/run.sh diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..7e18bc03c --- /dev/null +++ b/.dockerignore @@ -0,0 +1,68 @@ +/.git +!/.git/config + +# Unneeded application files +/.docker/data/README.md +/.github +/docs +/fixtures +/infrastructure +/public/build +/public/fixtures +public/build +public/fixtures +public/media/* +!public/media/thumbnail_other.png +!public/media/thumbnail_video.png +/scripts +/tests + +###> symfony/framework-bundle ### +/.env.local +/.env.local.php +/.env.*.local +/config/secrets/prod/prod.decrypt.private.php +/var/ +/vendor/ +###< symfony/framework-bundle ### + +###> friendsofphp/php-cs-fixer ### +/.php-cs-fixer.php +/.php-cs-fixer.cache +###< friendsofphp/php-cs-fixer ### + +###> phpunit/phpunit ### +/phpunit.xml +.phpunit.result.cache +###< phpunit/phpunit ### + +###> lexik/jwt-authentication-bundle ### +/config/jwt/*.pem +###< lexik/jwt-authentication-bundle ### + +xdebug.ini +launch.json + +###> liip/imagine-bundle ### +/public/media/cache/ +###< liip/imagine-bundle ### + +###> phpstan/phpstan ### +phpstan.neon +###< phpstan/phpstan ### + +###> pentatrion/vite-bundle ### +/node_modules/ +/public/build/ +###< pentatrion/vite-bundle ### + +#> Playwright +/test-results/ +/playwright-report/ +/blob-report/ +/playwright/.cache/ +#< Playwright + +###> vincentlanglet/twig-cs-fixer ### +/.twig-cs-fixer.cache +###< vincentlanglet/twig-cs-fixer ### diff --git a/.github/Taskfile.yml b/.github/Taskfile.yml new file mode 100644 index 000000000..2cb169d48 --- /dev/null +++ b/.github/Taskfile.yml @@ -0,0 +1,46 @@ +# Task file for GitHub Actions, https://taskfile.dev/ + +version: "3" + +# https://taskfile.dev/usage/#env-files +dotenv: [".env.local", ".env"] + +tasks: + default: + desc: "List all tasks" + cmds: + - task --list-all + silent: true + + build-prod: + desc: "Build application for production" + cmds: + - task setup-network + - task composer-install + - task npm-install + - task install-cleanup + + setup-network: + desc: "Setup docker frontend network" + cmds: + - docker network create frontend + + composer-install: + desc: "Install dependencies with composer." + cmds: + - docker compose run --rm --env APP_ENV=prod phpfpm composer install --no-dev -o --classmap-authoritative + - docker compose run --rm --env APP_ENV=prod phpfpm composer clear-cache + + npm-install: + desc: "Installs node dependencies with npm." + cmds: + - docker compose run --rm node npm install + - docker compose run --rm node npm run build + + install-cleanup: + desc: "Cleanup after install" + cmds: + - rm -rf infrastructure + - rm -rf fixtures + - rm -rf tests + - rm -rf node_modules diff --git a/.github/workflows/docker_build_images_from_develop.yml b/.github/workflows/docker_build_images_from_develop.yml index bcf6cd50f..0becba3b0 100644 --- a/.github/workflows/docker_build_images_from_develop.yml +++ b/.github/workflows/docker_build_images_from_develop.yml @@ -14,24 +14,27 @@ jobs: APP_VERSION: develop COMPOSER_ALLOW_SUPERUSER: 1 steps: - - name: Checkout - uses: actions/checkout@v5 - - name: Login to DockerHub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + # Build api - name: Docker meta (API) id: meta-api uses: docker/metadata-action@v5 with: - images: os2display/os2display-api-service + images: os2display/display-api-service - name: Build and push (API) - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: ./infrastructure/display-api-service/ file: ./infrastructure/display-api-service/Dockerfile @@ -40,16 +43,19 @@ jobs: push: true tags: ${{ steps.meta-api.outputs.tags }} labels: ${{ steps.meta-api.outputs.labels }} + provenance: mode=max + sbom: true + platforms: linux/amd64,linux/arm64 # Build nginx (depends on api build) - name: Docker meta (Nginx) id: meta-nginx uses: docker/metadata-action@v5 with: - images: os2display/os2display-api-service-nginx + images: os2display/display-api-service-nginx - name: Build and push (Nginx) - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: ./infrastructure/nginx/ file: ./infrastructure/nginx/Dockerfile @@ -58,3 +64,6 @@ jobs: push: true tags: ${{ steps.meta-nginx.outputs.tags }} labels: ${{ steps.meta-nginx.outputs.labels }} + provenance: mode=max + sbom: true + platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/docker_build_images_from_tag.yml b/.github/workflows/docker_build_images_from_tag.yml index 208a41b61..4b441be89 100644 --- a/.github/workflows/docker_build_images_from_tag.yml +++ b/.github/workflows/docker_build_images_from_tag.yml @@ -10,27 +10,28 @@ name: Build docker image (tag) jobs: docker: runs-on: ubuntu-latest - env: - COMPOSER_ALLOW_SUPERUSER: 1 steps: - - name: Checkout - uses: actions/checkout@v5 - - name: Login to DockerHub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + # Build api - name: Docker meta (API) id: meta-api uses: docker/metadata-action@v5 with: - images: os2display/os2display-api-service + images: os2display/display-api-service - name: Build and push (API) - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: ./infrastructure/display-api-service/ file: ./infrastructure/display-api-service/Dockerfile @@ -39,13 +40,15 @@ jobs: push: true tags: ${{ steps.meta-api.outputs.tags }} labels: ${{ steps.meta-api.outputs.labels }} + provenance: mode=max + sbom: true # Build nginx (depends on api build) - name: Docker meta (Nginx) id: meta-nginx uses: docker/metadata-action@v5 with: - images: os2display/os2display-api-service-nginx + images: os2display/display-api-service-nginx - name: Get the tag id: get_tag @@ -61,3 +64,5 @@ jobs: push: true tags: ${{ steps.meta-nginx.outputs.tags }} labels: ${{ steps.meta-nginx.outputs.labels }} + provenance: mode=max + sbom: true diff --git a/.github/workflows/github_build_release.yml b/.github/workflows/github_build_release.yml index 2ca6b44d7..810ab96e3 100644 --- a/.github/workflows/github_build_release.yml +++ b/.github/workflows/github_build_release.yml @@ -8,23 +8,23 @@ name: Create Github Release permissions: contents: write +env: + COMPOSE_USER: runner + jobs: create-release: runs-on: ubuntu-latest - env: - COMPOSER_ALLOW_SUPERUSER: 1 - APP_ENV: prod steps: - name: Checkout uses: actions/checkout@v4 - - name: Composer install - run: | - docker network create frontend - docker compose run --rm --user=root --env APP_ENV=prod phpfpm composer install --no-dev -o --classmap-authoritative - docker compose run --rm --user=root --env APP_ENV=prod phpfpm composer clear-cache - rm -rf infrastructure + - name: Install Task task runner + uses: go-task/setup-task@v1 + - name: Install, Build, Cleanup + run: | + task --taskfile=.github/Taskfile.yaml build-prod + - name: Make assets dir run: | mkdir -p ../assets @@ -39,7 +39,7 @@ jobs: - name: Create a release in GitHub and uploads assets run: | - gh release create ${{ github.ref_name }} --verify-tag --generate-notes ../assets/*.* + gh release create ${{ github.ref_name }} --verify-tag --generate-notes ${{ steps.prerelease.outputs.flag }} ../assets/*.* env: GITHUB_TOKEN: ${{ github.TOKEN }} shell: bash diff --git a/.gitignore b/.gitignore index 6a75d6466..521b8cb58 100644 --- a/.gitignore +++ b/.gitignore @@ -25,8 +25,6 @@ /.php-cs-fixer.cache ###< friendsofphp/php-cs-fixer ### -node_modules - public/media/* !public/media/thumbnail_video.png !public/media/thumbnail_other.png diff --git a/docker-compose.server.yml b/docker-compose.server.yml index 614d67b10..bc011cac0 100644 --- a/docker-compose.server.yml +++ b/docker-compose.server.yml @@ -8,7 +8,7 @@ networks: services: phpfpm: - image: itkdev/php8.3-fpm:alpine + image: itkdev/php8.4-fpm:alpine restart: unless-stopped networks: - app diff --git a/docker-compose.yml b/docker-compose.yml index b5c08946d..b18ab3814 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -27,7 +27,7 @@ services: #- ENCRYPT=1 # Uncomment to enable database encryption. phpfpm: - image: itkdev/php8.3-fpm:latest + image: itkdev/php8.4-fpm:latest user: ${COMPOSE_USER:-deploy} networks: - app diff --git a/infrastructure/build-n-push.sh b/infrastructure/build-n-push.sh new file mode 100755 index 000000000..04f244043 --- /dev/null +++ b/infrastructure/build-n-push.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +set -eux + +APP_VERSION=develop + +docker pull itkdev/php8.4-fpm:alpine +docker pull nginxinc/nginx-unprivileged:alpine + +docker build --build-context repository-root=.. \ + --platform linux/amd64,linux/arm64 \ + --pull \ + --no-cache \ + --build-arg APP_VERSION=${APP_VERSION} \ + --tag=turegjorup/display-api-service:${APP_VERSION} \ + --file="display-api-service/Dockerfile" display-api-service + + +docker build --build-context repository-root=.. \ + --platform linux/amd64,linux/arm64 \ + --no-cache \ + --build-arg VERSION=${APP_VERSION} \ + --tag=turegjorup/display-api-service-nginx:${APP_VERSION} \ + --file="nginx/Dockerfile" nginx + +docker push os2display/display-api-service:${APP_VERSION} +docker push os2display/display-api-service-nginx:${APP_VERSION} diff --git a/infrastructure/display-api-service/Dockerfile b/infrastructure/display-api-service/Dockerfile index 5e9c835dd..f50de55ff 100644 --- a/infrastructure/display-api-service/Dockerfile +++ b/infrastructure/display-api-service/Dockerfile @@ -1,33 +1,43 @@ -FROM itkdev/php8.4-fpm:alpine AS APP_BUILDER +######### API backend ######## +FROM itkdev/php8.4-fpm:alpine AS api_app_builder LABEL maintainer="ITK Dev " ARG APP_VERSION="develop" -ENV APP_PATH=/var/www/html +ENV APP_API_PATH=/var/www/html USER root -# Move site into the container. -ADD https://github.com/os2display/display-api-service/archive/${APP_VERSION}.tar.gz /tmp/app.tar -RUN tar -zxf /tmp/app.tar --strip-components=1 -C ${APP_PATH} \ - && rm /tmp/app.tar - # Add composer in from the official composer image (also alpine). COPY --from=composer:2 /usr/bin/composer /usr/local/bin/composer -WORKDIR ${APP_PATH} +WORKDIR ${APP_API_PATH} + +USER deploy + +# Copy only composer files first for better layer caching +COPY --chown=deploy:deploy --from=repository-root composer.json composer.lock symfony.lock ${APP_API_PATH}/ + +# Install composer packages first (better image layer caching) +RUN APP_ENV=prod composer install --no-dev -o --classmap-authoritative --no-scripts + +# Copy application source (needed for build step) +COPY --chown=deploy:deploy --from=repository-root ./ ${APP_API_PATH}/ + +# Remove frontend apps from api build +RUN rm -rf /assets -## Install assets, which requires a HACK as redis is not available (should be removed later on). -RUN COMPOSER_ALLOW_SUPERUSER=1 APP_ENV=prod composer install --no-dev -o --classmap-authoritative +# Install composer packages, which requires a HACK as redis is not available (should be removed later on). +RUN APP_ENV=prod composer install --no-dev -o --classmap-authoritative -RUN rm -rf infrastructure #### ## Build main application image. #### -FROM itkdev/php8.3-fpm:alpine + +FROM itkdev/php8.4-fpm:alpine LABEL maintainer="ITK Dev " -ENV APP_PATH=/var/www/html \ +ENV APP_API_PATH=/var/www/html \ COMPOSER_VERSION=2 USER root @@ -35,29 +45,18 @@ USER root # Add composer needed to run optimizations after config is loaded. COPY --from=composer:2 /usr/bin/composer /usr/local/bin/composer -# Install the application. -COPY --from=APP_BUILDER ${APP_PATH} ${APP_PATH} -RUN mkdir -p ${APP_PATH}/config/secrets \ - && chown -R deploy:deploy ${APP_PATH} - # Download Prometheus php-fpm export. -COPY --from=hipages/php-fpm_exporter:1.1.1 /php-fpm_exporter /usr/local/bin/php-fpm_exporter - -# Copy configuration. -COPY etc /etc/ - -# Install configuration template handler -ADD https://github.com/kelseyhightower/confd/releases/download/v0.16.0/confd-0.16.0-linux-amd64 /usr/local/bin/confd -RUN chmod +x /usr/local/bin/confd - -# Copy confd onfiguration. -COPY etc /etc/ +COPY --from=hipages/php-fpm_exporter:2.2.0 /php-fpm_exporter /usr/local/bin/php-fpm_exporter COPY docker-entrypoint.sh /usr/local/bin/ RUN chmod +x /usr/local/bin/docker-entrypoint.sh USER deploy -WORKDIR ${APP_PATH} +# Install the api application. +COPY --chown=deploy:deploy --from=api_app_builder ${APP_API_PATH} ${APP_API_PATH} +RUN mkdir -p ${APP_API_PATH}/config/secrets + +WORKDIR ${APP_API_PATH} CMD [ "docker-entrypoint.sh" ] diff --git a/infrastructure/display-api-service/docker-entrypoint.sh b/infrastructure/display-api-service/docker-entrypoint.sh index 306e9f13d..744897e8b 100644 --- a/infrastructure/display-api-service/docker-entrypoint.sh +++ b/infrastructure/display-api-service/docker-entrypoint.sh @@ -2,10 +2,8 @@ set -eux -## Run templates with configuration. -/usr/local/bin/confd --onetime --backend env --confdir /etc/confd - -## Bump env.local into PHP for better performance. +## Dump dotenv files into PHP for better performance. +## @see https://symfony.com/doc/6.4/configuration.html#configuring-environment-variables-in-production composer dump-env prod ## Warm-up Symfony cache (with the current configuration). diff --git a/infrastructure/display-api-service/etc/confd/conf.d/env.local.toml b/infrastructure/display-api-service/etc/confd/conf.d/env.local.toml deleted file mode 100644 index d614cc69a..000000000 --- a/infrastructure/display-api-service/etc/confd/conf.d/env.local.toml +++ /dev/null @@ -1,8 +0,0 @@ -[template] -src = "env.local.tmpl" -dest = "/var/www/html/.env.local" -owner = "deploy" -mode = "0644" -keys = [ - "/app-config" -] diff --git a/infrastructure/display-api-service/etc/confd/templates/env.local.tmpl b/infrastructure/display-api-service/etc/confd/templates/env.local.tmpl deleted file mode 100644 index 76e585b97..000000000 --- a/infrastructure/display-api-service/etc/confd/templates/env.local.tmpl +++ /dev/null @@ -1,71 +0,0 @@ -###> symfony/framework-bundle ### -APP_ENV={{ getenv "APP_ENV" "prod" }} -APP_SECRET={{ getenv "APP_SECRET" "MySuperSecret" }} -TRUSTED_PROXIES={{ getenv "APP_TRUSTED_PROXIES" "127.0.0.1,REMOTE_ADDR" }} -###< symfony/framework-bundle ### - -###> doctrine/doctrine-bundle ### -DATABASE_URL={{ getenv "APP_DATABASE_URL" "mysql://db:db@mariadb:3306/db?serverVersion=mariadb-10.4.0" }} -###< doctrine/doctrine-bundle ### - -###> nelmio/cors-bundle ### -CORS_ALLOW_ORIGIN={{ getenv "APP_CORS_ALLOW_ORIGIN" "'^https?://localhost(:[0-9]+)?$'" }} -###< nelmio/cors-bundle ### - -###> App ### -APP_DEFAULT_DATE_FORMAT='{{ getenv "APP_DEFAULT_DATE_FORMAT" "Y-m-d\\TH:i:s\\Z" }}' -APP_ACTIVATION_CODE_EXPIRE_INTERVAL='{{ getenv "APP_ACTIVATION_CODE_EXPIRE_INTERVAL" "P2D" }}' -###< App ### - -###> lexik/jwt-authentication-bundle ### -JWT_PASSPHRASE={{ getenv "APP_JWT_PASSPHRASE" }} -JWT_TOKEN_TTL={{ getenv "APP_JWT_TOKEN_TTL" "3600" }} -JWT_SCREEN_TOKEN_TTL={{ getenv "APP_JWT_SCREEN_TOKEN_TTL" "3600" }} -###< lexik/jwt-authentication-bundle ### - -###> gesdinet/jwt-refresh-token-bundle ### -JWT_REFRESH_TOKEN_TTL={{ getenv "APP_JWT_REFRESH_TOKEN_TTL" "2592000" }} -JWT_SCREEN_REFRESH_TOKEN_TTL={{ getenv "APP_JWT_SCREEN_REFRESH_TOKEN_TTL" "2592000" }} -###< gesdinet/jwt-refresh-token-bundle ### - -###> itk-dev/openid-connect-bundle ### -# internal provider -INTERNAL_OIDC_METADATA_URL={{ getenv "APP_INTERNAL_OIDC_METADATA_URL" "" }} -INTERNAL_OIDC_CLIENT_ID={{ getenv "APP_INTERNAL_OIDC_CLIENT_ID" "" }} -INTERNAL_OIDC_CLIENT_SECRET={{ getenv "APP_INTERNAL_OIDC_CLIENT_SECRET" "" }} -INTERNAL_OIDC_REDIRECT_URI={{ getenv "APP_INTERNAL_OIDC_REDIRECT_URI" "" }} -INTERNAL_OIDC_LEEWAY={{ getenv "APP_INTERNAL_OIDC_LEEWAY" "30" }} - -# external provider -EXTERNAL_OIDC_METADATA_URL={{ getenv "APP_EXTERNAL_OIDC_METADATA_URL" "" }} -EXTERNAL_OIDC_CLIENT_ID={{ getenv "APP_EXTERNAL_OIDC_CLIENT_ID" "" }} -EXTERNAL_OIDC_CLIENT_SECRET={{ getenv "APP_EXTERNAL_OIDC_CLIENT_SECRET" "" }} -EXTERNAL_OIDC_REDIRECT_URI={{ getenv "APP_EXTERNAL_OIDC_REDIRECT_URI" "" }} -EXTERNAL_OIDC_LEEWAY={{ getenv "APP_EXTERNAL_OIDC_LEEWAY" "30" }} -EXTERNAL_OIDC_HASH_SALT={{ getenv "APP_EXTERNAL_OIDC_HASH_SALT" "" }} - -CLI_REDIRECT={{ getenv "APP_CLI_REDIRECT" "" }} -###< itk-dev/openid-connect-bundle ### - -###> redis ### -REDIS_CACHE_PREFIX={{ getenv "APP_CLI_REDIRECT" "DisplayApiService" }} -REDIS_CACHE_DSN={{ getenv "APP_CLI_REDIRECT" "redis://redis:6379/0" }} -###< redis ### - -###> Calendar Api Feed Source ### -CALENDAR_API_FEED_SOURCE_LOCATION_ENDPOINT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_LOCATION_ENDPOINT" "" }} -CALENDAR_API_FEED_SOURCE_RESOURCE_ENDPOINT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_RESOURCE_ENDPOINT" "" }} -CALENDAR_API_FEED_SOURCE_EVENT_ENDPOINT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_EVENT_ENDPOINT" "" }} -CALENDAR_API_FEED_SOURCE_CUSTOM_MAPPINGS={{ getenv "APP_CALENDAR_API_FEED_SOURCE_CUSTOM_MAPPINGS" "'{}'" }} -CALENDAR_API_FEED_SOURCE_EVENT_MODIFIERS={{ getenv "APP_CALENDAR_API_FEED_SOURCE_EVENT_MODIFIERS" "'{}'" }} -CALENDAR_API_FEED_SOURCE_DATE_FORMAT={{ getenv "APP_CALENDAR_API_FEED_SOURCE_DATE_FORMAT" "" }} -CALENDAR_API_FEED_SOURCE_DATE_TIMEZONE={{ getenv "APP_CALENDAR_API_FEED_SOURCE_DATE_TIMEZONE" "" }} -CALENDAR_API_FEED_SOURCE_CACHE_EXPIRE_SECONDS={{ getenv "APP_CALENDAR_API_FEED_SOURCE_CACHE_EXPIRE_SECONDS" "300" }} -###< Calendar Api Feed Source ### - -EVENTDATABASE_API_V2_CACHE_EXPIRE_SECONDS={{ getenv "APP_EVENTDATABASE_API_V2_CACHE_EXPIRE_SECONDS" "300" }} - -TRACK_SCREEN_INFO={{ getenv "APP_TRACK_SCREEN_INFO" "false" }} -TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS={{ getenv "APP_TRACK_SCREEN_INFO_UPDATE_INTERVAL_SECONDS" "300" }} - -APP_KEY_VAULT_JSON={{ getenv "APP_KEY_VAULT_JSON" "{}" }} diff --git a/infrastructure/nginx/Dockerfile b/infrastructure/nginx/Dockerfile index 6be4be3c4..6754aba58 100644 --- a/infrastructure/nginx/Dockerfile +++ b/infrastructure/nginx/Dockerfile @@ -1,20 +1,49 @@ +######## Client [Screen|Admin] build ######## +FROM node:24-alpine AS client_app_builder +LABEL maintainer="ITK Dev " + ARG APP_VERSION="develop" -FROM itkdev/os2display-api-service:${APP_VERSION} as APPLICATION +ARG APP_RELEASE_VERSION="develop" +ARG APP_RELEASE_TIMESTAMP=0 +ENV APP_CLIENT_PATH=/app + +WORKDIR ${APP_CLIENT_PATH} + +# Copy only necessary files for npm install +COPY --from=repository-root package.json package-lock.json vite.config.js ${APP_CLIENT_PATH}/ + +# Install dependencies +RUN npm ci --no-audit --no-fund +# Copy source files needed for build +COPY --from=repository-root assets/ ${APP_CLIENT_PATH}/assets/ +COPY --from=repository-root public/client/ ${APP_CLIENT_PATH}/public/client/ +COPY --from=repository-root vite.config.js ${APP_CLIENT_PATH}/ + +# Build the application +RUN npm run build + +# Clean up build dependencies and cache +RUN npm cache clean --force && \ + rm -rf node_modules/.cache && \ + rm -rf /root/.npm + + +######## Nginx build ######## FROM nginxinc/nginx-unprivileged:alpine LABEL maintainer="ITK Dev " ARG UID=101 ARG GID=101 -ENV APP_PATH=/var/www/html +ENV APP_CLIENT_PATH=/app +ENV APP_API_PATH=/var/www/html USER root -RUN mkdir -p ${APP_PATH}/public - -COPY --from=APPLICATION ${APP_PATH}/public ${APP_PATH}/public +RUN mkdir -p ${APP_API_PATH}/public +COPY --from=client_app_builder ${APP_CLIENT_PATH}/public ${APP_API_PATH}/public -WORKDIR ${APP_PATH} +WORKDIR ${APP_API_PATH} # Copy configuration. COPY etc /etc/ @@ -25,8 +54,8 @@ RUN chmod +x /usr/local/bin/confd COPY docker-entrypoint.sh / RUN chmod +x /docker-entrypoint.sh \ - && chown -R $UID:0 ${APP_PATH} \ - && chmod -R g+w ${APP_PATH} + && chown -R $UID:0 ${APP_API_PATH} \ + && chmod -R g+w ${APP_API_PATH} USER $UID diff --git a/infrastructure/nginx/etc/confd/templates/default.conf.tmpl b/infrastructure/nginx/etc/confd/templates/default.conf.tmpl index b6f32099b..7fcd10283 100644 --- a/infrastructure/nginx/etc/confd/templates/default.conf.tmpl +++ b/infrastructure/nginx/etc/confd/templates/default.conf.tmpl @@ -11,6 +11,29 @@ server { try_files $uri /index.php$is_args$args; } + # Cache static assets built by Vite under /public/build + location /build/ { + access_log off; + log_not_found off; + + # Serve files directly + try_files $uri =404; + + # Long-term caching for fingerprinted assets + add_header Cache-Control "public, max-age=31536000, immutable"; + expires 1y; + + # Also allow CORS for fonts and similar assets if needed + add_header Access-Control-Allow-Origin "*" always; + + # Do not set X-Robots-Tag for assets + } + + # Screen client online check should just serve static files + location /client/online-check { + index index.html index.htm; + } + location = /robots.txt { add_header Content-Type text/plain; add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive"; diff --git a/infrastructure/run.sh b/infrastructure/run.sh deleted file mode 100755 index b028f5cdc..000000000 --- a/infrastructure/run.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh - -set -eux - -APP_VERSION=develop - -docker pull nginxinc/nginx-unprivileged:alpine - -docker build --pull --no-cache --build-arg APP_VERSION=${APP_VERSION} --tag=itkdev/os2display-api-service:${APP_VERSION} --file="display-api-service/Dockerfile" display-api-service -docker build --no-cache --build-arg VERSION=${APP_VERSION} --tag=itkdev/os2display-api-service-nginx:${APP_VERSION} --file="nginx/Dockerfile" nginx - -# docker push itkdev/os2display-api-service:${APP_VERSION} -# docker push itkdev/os2display-api-service-nginx:${APP_VERSION}