Multiple Container Fixes (#2063)

Co-authored-by: MartinOscar <40749467+rmartinoscar@users.noreply.github.com>

Dockerfile

@@ -38,7 +38,7 @@ RUN yarn config set network-timeout 300000 \
 FROM --platform=$TARGETOS/$TARGETARCH composer AS composerbuild
 
 # Copy full code to optimize autoload
-COPY --exclude=Caddyfile --exclude=docker/ . ./
+COPY --exclude=docker/ . ./
 
 RUN composer dump-autoload --optimize
 
@@ -50,7 +50,7 @@ FROM --platform=$TARGETOS/$TARGETARCH yarn AS yarnbuild
 WORKDIR /build
 
 # Copy full code
-COPY --exclude=Caddyfile --exclude=docker/ . ./
+COPY --exclude=docker/ . ./
 COPY --from=composer /build .
 
 RUN yarn run build
@@ -62,38 +62,34 @@ FROM --platform=$TARGETOS/$TARGETARCH localhost:5000/base-php:$TARGETARCH AS fin
 
 WORKDIR /var/www/html
 
-# Install additional required libraries
 RUN apk add --no-cache \
-    caddy ca-certificates supervisor supercronic fcgi
+    # packages for running the panel
+    caddy ca-certificates supervisor supercronic fcgi \
+    # required for installing plugins. Pulled from https://github.com/pelican-dev/panel/pull/2034
+    zip unzip 7zip bzip2-dev yarn git
 
-COPY --chown=root:www-data --chmod=640 --from=composerbuild /build .
-COPY --chown=root:www-data --chmod=640 --from=yarnbuild /build/public ./public
+COPY --chown=root:www-data --chmod=770 --from=composerbuild /build .
+COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public
 
-# Set permissions
-# First ensure all files are owned by root and restrict www-data to read access
-RUN chown root:www-data ./ \
-    && chmod 750 ./ \
-    # Files should not have execute set, but directories need it
-    && find ./ -type d -exec chmod 750 {} \; \
-    # Create necessary directories
-    && mkdir -p /pelican-data/storage /pelican-data/plugins /var/www/html/storage/app/public /var/run/supervisord /etc/supercronic \
-    # Symlinks for env, database, storage, and plugins
-    && ln -s /pelican-data/.env ./.env \
-    && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \
-    && ln -sf /var/www/html/storage/app/public /var/www/html/public/storage \
-    && ln -s  /pelican-data/storage/avatars /var/www/html/storage/app/public/avatars \
-    && ln -s  /pelican-data/storage/fonts /var/www/html/storage/app/public/fonts \
-    && ln -s  /pelican-data/plugins /var/www/html/plugins \
-    # Allow www-data write permissions where necessary
-    && chown -R www-data:www-data /pelican-data ./storage ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \
-    && chmod -R u+rwX,g+rwX,o-rwx /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \
-    && chown -R www-data: /usr/local/etc/php/
+# Create and remove directories
+RUN mkdir -p /pelican-data/storage /pelican-data/plugins /var/run/supervisord \
+    && rm -rf /var/www/html/plugins \
+# Symlinks for env, database, storage, and plugins
+    && ln -s  /pelican-data/.env /var/www/html/.env \
+    && ln -s  /pelican-data/database/database.sqlite ./database/database.sqlite \
+    && ln -s  /pelican-data/storage /var/www/html/public/storage \
+    && ln -s  /pelican-data/storage /var/www/html/storage/app/public \
+    && ln -s  /pelican-data/plugins /var/www/html \
+# Allow www-data write permissions where necessary
+    && chown -R www-data: /pelican-data .env ./storage ./plugins ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \
+    && chmod -R 770 /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \
+    && chown -R www-data: /usr/local/etc/php/ /usr/local/etc/php-fpm.d/
 
 # Configure Supervisor
 COPY docker/supervisord.conf /etc/supervisord.conf
 COPY docker/Caddyfile /etc/caddy/Caddyfile
 # Add Laravel scheduler to crontab
-COPY docker/crontab /etc/supercronic/crontab
+COPY docker/crontab /etc/crontabs/crontab
 
 COPY docker/entrypoint.sh /entrypoint.sh
 COPY docker/healthcheck.sh /healthcheck.sh

Dockerfile.base

@@ -5,6 +5,6 @@ FROM --platform=$TARGETOS/$TARGETARCH php:8.4-fpm-alpine
 
 ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
 
-RUN install-php-extensions bcmath gd intl zip opcache pcntl posix pdo_mysql pdo_pgsql
+RUN install-php-extensions bcmath gd intl zip pcntl pdo_mysql pdo_pgsql bz2
 
 RUN rm /usr/local/bin/install-php-extensions

Dockerfile.dev

@@ -5,7 +5,7 @@ FROM --platform=$TARGETOS/$TARGETARCH php:8.4-fpm-alpine AS base
 
 ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
 
-RUN install-php-extensions bcmath gd intl zip opcache pcntl posix pdo_mysql pdo_pgsql
+RUN install-php-extensions bcmath gd intl zip pcntl pdo_mysql pdo_pgsql bz2
 
 RUN rm /usr/local/bin/install-php-extensions
 
@@ -42,7 +42,7 @@ RUN yarn config set network-timeout 300000 \
 FROM --platform=$TARGETOS/$TARGETARCH composer AS composerbuild
 
 # Copy full code to optimize autoload
-COPY --exclude=Caddyfile --exclude=docker/ . ./
+COPY --exclude=docker/ . ./
 
 RUN composer dump-autoload --optimize
 
@@ -54,7 +54,7 @@ FROM --platform=$TARGETOS/$TARGETARCH yarn AS yarnbuild
 WORKDIR /build
 
 # Copy full code
-COPY --exclude=Caddyfile --exclude=docker/ . ./
+COPY --exclude=docker/ . ./
 COPY --from=composer /build .
 
 RUN yarn run build
@@ -68,36 +68,33 @@ WORKDIR /var/www/html
 
 # Install additional required libraries
 RUN apk add --no-cache \
-    caddy ca-certificates supervisor supercronic fcgi coreutils
+    # packages for running the panel
+    caddy ca-certificates supervisor supercronic fcgi coreutils \
+    # required for installing plugins. Pulled from https://github.com/pelican-dev/panel/pull/2034
+    zip unzip 7zip bzip2-dev yarn git
 
-COPY --chown=root:www-data --chmod=640 --from=composerbuild /build .
-COPY --chown=root:www-data --chmod=640 --from=yarnbuild /build/public ./public
+COPY --chown=root:www-data --chmod=770 --from=composerbuild /build .
+COPY --chown=root:www-data --chmod=770 --from=yarnbuild /build/public ./public
 
-# Set permissions
-# First ensure all files are owned by root and restrict www-data to read access
-RUN chown root:www-data ./ \
-    && chmod 750 ./ \
-    # Files should not have execute set, but directories need it
-    && find ./ -type d -exec chmod 750 {} \; \
-    # Create necessary directories
-    && mkdir -p /pelican-data/storage /pelican-data/plugins /var/www/html/storage/app/public /var/run/supervisord /etc/supercronic \
-    # Symlinks for env, database, storage, and plugins
-    && ln -s /pelican-data/.env ./.env \
-    && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \
-    && ln -sf /var/www/html/storage/app/public /var/www/html/public/storage \
-    && ln -s  /pelican-data/storage/avatars /var/www/html/storage/app/public/avatars \
-    && ln -s  /pelican-data/storage/fonts /var/www/html/storage/app/public/fonts \
-    && ln -s  /pelican-data/plugins /var/www/html/plugins \
-    # Allow www-data write permissions where necessary
-    && chown -R www-data:www-data /pelican-data ./storage ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \
-    && chmod -R u+rwX,g+rwX,o-rwx /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \
-    && chown -R www-data: /usr/local/etc/php/
+# Create and remove directories
+RUN mkdir -p /pelican-data/storage /pelican-data/plugins /var/run/supervisord \
+    && rm -rf /var/www/html/plugins \
+# Symlinks for env, database, storage, and plugins
+    && ln -s  /pelican-data/.env /var/www/html/.env \
+    && ln -s  /pelican-data/database/database.sqlite ./database/database.sqlite \
+    && ln -s  /pelican-data/storage /var/www/html/public/storage \
+    && ln -s  /pelican-data/storage /var/www/html/storage/app/public \
+    && ln -s  /pelican-data/plugins /var/www/html \
+# Allow www-data write permissions where necessary
+    && chown -R www-data: /pelican-data .env ./storage ./plugins ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \
+    && chmod -R 770 /pelican-data ./storage ./bootstrap/cache /var/run/supervisord \
+    && chown -R www-data: /usr/local/etc/php/ /usr/local/etc/php-fpm.d/
 
 # Configure Supervisor
 COPY docker/supervisord.conf /etc/supervisord.conf
 COPY docker/Caddyfile /etc/caddy/Caddyfile
 # Add Laravel scheduler to crontab
-COPY docker/crontab /etc/supercronic/crontab
+COPY docker/crontab /etc/crontabs/crontab
 
 COPY docker/entrypoint.sh /entrypoint.sh
 COPY docker/healthcheck.sh /healthcheck.sh

docker/entrypoint.sh

@@ -2,8 +2,8 @@
 # check for .env file or symlink and generate app keys if missing
 if [ -f /var/www/html/.env ]; then
   echo "external vars exist."
-  # load env vars from .env
-  export $(grep -v '^#' .env | xargs)
+  # load specific env vars from .env used in the entrypoint and they are not already set
+  for VAR in "APP_KEY" "APP_INSTALLED" "DB_CONNECTION" "DB_HOST" "DB_PORT"; do if ! (printenv | grep -q ${VAR}); then export $(grep ${VAR} .env | grep -ve "^#"); fi; done
 else
   echo "external vars don't exist."
   # webroot .env is symlinked to this path
@@ -25,7 +25,7 @@ else
 fi
 
 # create directories for volumes
-mkdir -p /pelican-data/database /pelican-data/storage/avatars /pelican-data/storage/fonts /var/www/html/storage/logs/supervisord 2>/dev/null
+mkdir -p /pelican-data/database /pelican-data/storage/avatars /pelican-data/storage/fonts /pelican-data/storage/icons /var/www/html/storage/logs/supervisord 2>/dev/null
 
 # if the app is installed then we need to run migrations on start. New installs will run migrations when you run the installer.
 if [ "${APP_INSTALLED}" == "true" ];  then

docker/supervisord.conf

@@ -41,7 +41,7 @@ stdout_logfile_maxbytes=0
 redirect_stderr=true
 
 [program:supercronic]
-command=supercronic -overlapping /etc/supercronic/crontab
+command=supercronic -overlapping /etc/crontabs/crontab
 autostart=true
 autorestart=true
 redirect_stderr=true