mirror of
https://github.com/pelican-dev/panel.git
synced 2026-05-04 18:00:48 +03:00
docker env fixes (#2234)
Co-authored-by: Charles <charles@pelican.dev> Co-authored-by: Boy132 <Boy132@users.noreply.github.com>
This commit is contained in:
Michael (Parker) Parker
committed by
GitHub
GitHub
parent
650fb16d2d
commit
677d2f742c
@@ -69,8 +69,7 @@ RUN apk add --no-cache \
|
|||||||
zip unzip 7zip bzip2-dev yarn git
|
zip unzip 7zip bzip2-dev yarn git
|
||||||
|
|
||||||
# Copy composer binary for runtime plugin dependency management
|
# Copy composer binary for runtime plugin dependency management
|
||||||
COPY --from=composer /usr/local/bin/composer /usr/local/bin/composer
|
COPY --from=composer /usr/local/bin/composer /usr/local/bin/composer
|
||||||
|
|
||||||
COPY --chown=root:www-data --chmod=770 --from=composerbuild /build .
|
COPY --chown=root:www-data --chmod=770 --from=composerbuild /build .
|
||||||
COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public
|
COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public
|
||||||
|
|
||||||
|
|||||||
@@ -74,8 +74,7 @@ RUN apk add --no-cache \
|
|||||||
zip unzip 7zip bzip2-dev yarn git
|
zip unzip 7zip bzip2-dev yarn git
|
||||||
|
|
||||||
# Copy composer binary for runtime plugin dependency management
|
# Copy composer binary for runtime plugin dependency management
|
||||||
COPY --from=composer /usr/local/bin/composer /usr/local/bin/composer
|
COPY --from=composer /usr/local/bin/composer /usr/local/bin/composer
|
||||||
|
|
||||||
COPY --chown=root:www-data --chmod=770 --from=composerbuild /build .
|
COPY --chown=root:www-data --chmod=770 --from=composerbuild /build .
|
||||||
COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public
|
COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public
|
||||||
|
|
||||||
|
|||||||
@@ -5,11 +5,11 @@
|
|||||||
{$CADDY_STRICT_PROXIES}
|
{$CADDY_STRICT_PROXIES}
|
||||||
}
|
}
|
||||||
admin off
|
admin off
|
||||||
{$PARSED_AUTO_HTTPS}
|
{$CADDY_AUTO_HTTPS}
|
||||||
{$PARSED_LE_EMAIL}
|
{$CADDY_LE_EMAIL}
|
||||||
}
|
}
|
||||||
|
|
||||||
{$PARSED_APP_URL} {
|
{$CADDY_APP_URL} {
|
||||||
root * /var/www/html/public
|
root * /var/www/html/public
|
||||||
encode gzip
|
encode gzip
|
||||||
|
|
||||||
|
|||||||
@@ -1,34 +1,48 @@
|
|||||||
#!/bin/ash -e
|
#!/bin/ash -e
|
||||||
|
# shellcheck shell=dash
|
||||||
|
|
||||||
# check for .env file or symlink and generate app keys if missing
|
# check for .env file or symlink and generate app keys if missing
|
||||||
if [ -f /var/www/html/.env ]; then
|
if [ -f /pelican-data/.env ]; then
|
||||||
echo "external vars exist."
|
echo ".env vars exist."
|
||||||
# load specific env vars from .env used in the entrypoint and they are not already set
|
# load specific env vars from .env used in the entrypoint and they are not already set
|
||||||
for VAR in "APP_KEY" "APP_INSTALLED" "DB_CONNECTION" "DB_HOST" "DB_PORT"; do if ! (printenv | grep -q ${VAR}); then export $(grep ${VAR} .env | grep -ve "^#"); fi; done
|
for VAR in "APP_KEY" "APP_INSTALLED" "DB_CONNECTION" "DB_HOST" "DB_PORT"; do
|
||||||
|
echo "checking for ${VAR}"
|
||||||
|
## skip if it looks like it might try to execute code
|
||||||
|
if (grep "${VAR}" .env | grep -qE "\$\(|=\`|\$#"); then echo "var in .env may be executable or a comment, skipping"; continue; fi
|
||||||
|
# if the variable is in .env then set it
|
||||||
|
if (grep -q "${VAR}" .env); then
|
||||||
|
echo "loading ${VAR} from .env"
|
||||||
|
export "$(grep "${VAR}" .env | sed 's/"//g')"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
## variable wasn't loaded or in the env to set
|
||||||
|
echo "didn't find variable to set"
|
||||||
|
done
|
||||||
else
|
else
|
||||||
echo "external vars don't exist."
|
echo ".env vars don't exist."
|
||||||
# webroot .env is symlinked to this path
|
# webroot .env is symlinked to this path
|
||||||
touch /pelican-data/.env
|
touch /pelican-data/.env
|
||||||
|
|
||||||
# manually generate a key because key generate --force fails
|
# manually generate a key because key generate --force fails
|
||||||
if [ -z ${APP_KEY} ]; then
|
if [ -z "${APP_KEY}" ]; then
|
||||||
echo -e "Generating key."
|
echo "No key set, Generating key."
|
||||||
APP_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
|
APP_KEY=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
|
||||||
echo -e "Generated app key: $APP_KEY"
|
echo "APP_KEY=$APP_KEY" > /pelican-data/.env
|
||||||
echo -e "APP_KEY=$APP_KEY" > /pelican-data/.env
|
echo "Generated app key written to .env file"
|
||||||
else
|
else
|
||||||
echo -e "APP_KEY exists in environment, using that."
|
echo "APP_KEY exists in environment, using that."
|
||||||
echo -e "APP_KEY=$APP_KEY" > /pelican-data/.env
|
echo "APP_KEY=$APP_KEY" > /pelican-data/.env
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# enable installer
|
# enable installer
|
||||||
echo -e "APP_INSTALLED=false" >> /pelican-data/.env
|
echo "APP_INSTALLED=false" >> /pelican-data/.env
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# create directories for volumes
|
# create directories for volumes
|
||||||
mkdir -p /pelican-data/database /pelican-data/storage/avatars /pelican-data/storage/fonts /pelican-data/storage/icons /pelican-data/plugins /var/www/html/storage/logs/supervisord 2>/dev/null
|
mkdir -p /pelican-data/database /pelican-data/storage/avatars /pelican-data/storage/fonts /pelican-data/storage/icons /pelican-data/plugins /var/www/html/storage/logs/supervisord 2>/dev/null
|
||||||
|
|
||||||
# if the app is installed then we need to run migrations on start. New installs will run migrations when you run the installer.
|
# if the app is installed then we need to run migrations on start. New installs will run migrations when you run the installer.
|
||||||
if [ "${APP_INSTALLED}" == "true" ]; then
|
if [ "${APP_INSTALLED}" = "true" ]; then
|
||||||
#if the db is anything but sqlite wait until it's accepting connections
|
#if the db is anything but sqlite wait until it's accepting connections
|
||||||
if [ "${DB_CONNECTION}" != "sqlite" ]; then
|
if [ "${DB_CONNECTION}" != "sqlite" ]; then
|
||||||
# check for DB up before starting the panel
|
# check for DB up before starting the panel
|
||||||
@@ -39,36 +53,44 @@ if [ "${APP_INSTALLED}" == "true" ]; then
|
|||||||
# wait for 1 seconds before check again
|
# wait for 1 seconds before check again
|
||||||
sleep 1
|
sleep 1
|
||||||
done
|
done
|
||||||
|
else
|
||||||
|
echo "using sqlite database"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# run migration
|
# run migration
|
||||||
php artisan migrate --force
|
php artisan migrate --force
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo -e "Optimizing Filament"
|
echo "Optimizing Filament"
|
||||||
php artisan filament:optimize
|
php artisan filament:optimize
|
||||||
|
|
||||||
# default to caddy not starting
|
# default to caddy not starting
|
||||||
export SUPERVISORD_CADDY=false
|
export SUPERVISORD_CADDY=false
|
||||||
export PARSED_APP_URL=${APP_URL}
|
export CADDY_APP_URL="${APP_URL}"
|
||||||
|
|
||||||
# checking if app url is using https
|
# checking if app url is https
|
||||||
if echo "${APP_URL}" | grep -qE '^https://'; then
|
if (echo "${APP_URL}" | grep -qE '^https://'); then
|
||||||
|
# check lets encrypt email was set without a proxy
|
||||||
|
if [ -z "${LE_EMAIL}" ] && [ "${BEHIND_PROXY}" != "true" ]; then
|
||||||
|
echo "when app url is https a lets encrypt email must be set when not behind a proxy"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
echo "https domain found setting email var"
|
echo "https domain found setting email var"
|
||||||
export PARSED_LE_EMAIL="email ${LE_EMAIL}"
|
export CADDY_LE_EMAIL="email ${LE_EMAIL}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# when running behind a proxy
|
# when running behind a proxy
|
||||||
if [ "${BEHIND_PROXY}" == "true" ]; then
|
if [ "${BEHIND_PROXY}" = "true" ]; then
|
||||||
echo "running behind proxy"
|
echo "running behind proxy"
|
||||||
echo "listening on port 80 internally"
|
echo "listening on port 80 internally"
|
||||||
export PARSED_LE_EMAIL=""
|
export CADDY_LE_EMAIL=""
|
||||||
export PARSED_APP_URL=":80"
|
export CADDY_APP_URL=":80"
|
||||||
export PARSED_AUTO_HTTPS="auto_https off"
|
export CADDY_AUTO_HTTPS="auto_https off"
|
||||||
export ASSET_URL=${APP_URL}
|
export ASSET_URL="${APP_URL}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# disable caddy if SKIP_CADDY is set
|
# disable caddy if SKIP_CADDY is set
|
||||||
if [ "${SKIP_CADDY:-}" == "true" ]; then
|
if [ "${SKIP_CADDY:-}" = "true" ]; then
|
||||||
echo "Starting PHP-FPM only"
|
echo "Starting PHP-FPM only"
|
||||||
else
|
else
|
||||||
echo "Starting PHP-FPM and Caddy"
|
echo "Starting PHP-FPM and Caddy"
|
||||||
@@ -76,8 +98,9 @@ else
|
|||||||
export SUPERVISORD_CADDY=true
|
export SUPERVISORD_CADDY=true
|
||||||
|
|
||||||
# handle trusted proxies for caddy when variable has data
|
# handle trusted proxies for caddy when variable has data
|
||||||
if [ ! -z ${TRUSTED_PROXIES} ]; then
|
if [ -n "${TRUSTED_PROXIES:-}" ]; then
|
||||||
export CADDY_TRUSTED_PROXIES=$(echo "trusted_proxies static ${TRUSTED_PROXIES}" | sed 's/,/ /g')
|
FORMATTED_PROXIES=$(echo "trusted_proxies static ${TRUSTED_PROXIES}" | sed 's/,/ /g')
|
||||||
|
export CADDY_TRUSTED_PROXIES="${FORMATTED_PROXIES}"
|
||||||
export CADDY_STRICT_PROXIES="trusted_proxies_strict"
|
export CADDY_STRICT_PROXIES="trusted_proxies_strict"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user