diff --git a/.dockerignore b/.dockerignore index f9baa13..ae37278 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,3 @@ .git install/* *.md -.drone - diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index adc71ea..0000000 --- a/.drone.yml +++ /dev/null @@ -1,10 +0,0 @@ -kind: pipeline -name: default -steps: -- name: docker - image: plugins/docker - settings: - registry: 192.168.10.200:5000 - repo: "192.168.10.200:5000/${DRONE_REPO_NAME}" - insecure: true - diff --git a/.env b/.env new file mode 100644 index 0000000..b596f27 --- /dev/null +++ b/.env @@ -0,0 +1,89 @@ + ### ## ## ## ## ## ## ## ## ## ## ### +## /`` /``\ |\ | |``` | /``` ## +## | | | | \ | |``` | | --| ## +## \__ \__/ | \| | | \___/ ## + ### ## ## ## ## ## ## ## ## ## ## ### + +## ## ## ## ## ## ## ## ## ## +# Build Vars. Do not change # +VER_FULL=10.0.6 +VER_MAJOR=10 + +## Replace variables below with the required settings ## +## DO NOT use quotes + +## ## ## ## ## ## ## ## ## ## +# Hubzilla/Site config # +# +# NOTES: +# REGISTER_POLICY: options are REGISTER_OPEN, REGISTER_APPROVE, OR REGISTER_CLOSED +DOMAIN=domain.com +SITE_NAME=My Cool Site +ADMIN_EMAIL=example@gmail.com +TIMEZONE=Etc/UTC +REQUIRE_EMAIL=1 +REGISTER_POLICY=REGISTER_OPEN +ADDON_LIST=logrot nsfw superblock diaspora pubcrawl + +## ## ## ## ## ## ## ## ## ## +# NGINX config # +# +# NOTES: +# LOC_NGINXCONF: location of the NGINX conf FILE, by default it's in the config folder, located where the docker-compose file is. +LOC_NGINXCONF=./config/nginx.conf + + +## ## ## ## ## ## ## ## ## ## +# Database config # +# +# NOTES: +# LOC_DB: location of the FOLDER, where the database should reside (locally, network mount, etc.., it can get fairly large, so make sure you have enough room) +# DB_HOST: needs to be the name/heading (not container name) of the database container (see docker-compose.yml) +# DB_TYPE Options: postgres or mariadb + +## ## ## ## ## +# DB Agnostic +LOC_DB=./db +DB_HOST=hub_db +DB_NAME=hub +DB_USER=hubzilla +DB_PASSWORD=P@55w0rD + +## ## ## ## ## +# MariaDB/MySQL +#DB_TYPE=mariadb +#DB_PORT=3306 + +## ## ## ## ## +# Postgres +DB_TYPE=postgres +DB_PORT=5432 + +## ## ## ## ## ## ## ## ## ## +# SMTP Config # +# +# NOTES: +# If using a personal gmail account for smtp and +# 2-factor authentication is enabled, you need to +# create an app password and use for SMTP_PASS +# https://support.google.com/accounts/answer/185833?hl=en +SMTP_HOST=smtp.gmail.com +SMTP_PORT=465 +SMTP_DOMAIN=localhost +SMTP_USER=example@gmail.com +SMTP_PASS=P@55w0rD +SMTP_USE_STARTTLS=YES + +## ## ## ## ## ## ## ## ## ## +# Logging # +# +# NOTES: +# LOGROT_SIZE = size in bytes +ENABLE_LOGROT=0 +LOGROT_PATH=log +LOGROT_SIZE=5242880 +LOGROT_MAXFILES=20 + +## ## ## ## ## ## ## ## ## ## +# Debug # +DEBUG_PHP=0 diff --git a/.github/README.md b/.github/README.md new file mode 100644 index 0000000..abfc4b2 --- /dev/null +++ b/.github/README.md @@ -0,0 +1,71 @@ +# Hubzilla Docker image +[Hubzilla](https://framagit.org/hubzilla/core) as a [docker image](https://hub.docker.com/r/dhitchenor/hubzilla) (based on php:8.2-fpm-alpine) in a multi-arch (amd64, armv6/7, arm64) format. + +# Features +- Automatic setup +- Integral addons, preinstalled +- env file for easy configuration/toggling of features + +## Supported environment variables: +| Variable | Description | +|---------------------|--------------------------------------------------------------------------------------------------------------------------------------| +| DB_TYPE | Database type: postgres or mysql | +| DB_HOST | Host name of the database | +| DB_PORT | Database port number, set to empty to use the default of your DB_TYPE (aka 3306 for mysql) | +| DB_NAME | Database name | +| DB_USER | Database user | +| DB_PASSWORD | Database user password | +| REQUIRE_EMAIL | Require email address to register | +| REGISTER_POLICY | Allow (or disallow) new user registrations | +| SMTP_HOST | Mail server hostname | +| SMTP_PORT | Mail server port number | +| SMTP_USER | User name for the mail server | +| SMTP_DOMAIN | Mail domain | +| SMTP_PASS | Password for the user on the mail server, if set empty, then no authentication on the smtp server will be used | +| DOMAIN | Web domain name for hubzilla | +| ADMIN_EMAIL | Administrators email of the deployed hub | +| REDIS_PATH | If set (to something like " tcp://redis") then php sessions will be stored in this redis server (useful for horizontal scalability) | +| LDAP_SERVER | LDAP server name (dont forget to add "ldapauth" to the ADDON_LIST) | +| LDAP_ROOT_DN | LDAP username to connect to (ex: cn=admin,dc=domain,dc=com) | +| LDAP_ADMIN_PASSWORD | Password for that LDAP user | +| LDAP_BASE | Path to look for users in the directory (ex: ou=people,,dc=domain,dc=com) | +| ADDON_LIST | Addons to install/activate during initial configuration | + +# Quick Setup +#### 1. Clone git repository to your server (or wherever you desire Hubzilla to be deployed from). +- eg: `git clone https://github.com/dhitchenor/hubzilla` + - NOTE: you will need to install git for this to work, otherwise you can download the repository in a zip file from GitHub + +#### 2. Edit nginx.conf: +- on line 19, change `domain.com` to your desired server name (eg. funnylookingfaces.com, or www.potatogram.net) +- on line 43, change `hub:9000` to match the name (not, container name) of your hubzilla container in your docker-compose.yml file + - NOTE: retain the port (:9000) on this line (see screenshot) + ![hub_9000.png](https://raw.githubusercontent.com/dhitchenor/hubzilla/10.0.6/.github/images/hub_9000.png) +#### 3. Edit .env file +##### a) Locations +- depending on how your infrastructure is structured, change the following items appropriately + - LOC_NGINXCONF: the location where the nginx.conf FILE is located (by default, it is in the config folder, which is in the same directory as the docker-compose file) + - LOC_DB: the folder location (directory), where the database should be stored (is your Database stored locally, or on another server?) +##### b) Domain value +- change the `DOMAIN` value to reflect the domain name that you changed earlier, in the `nginx.conf` file +##### c) Further Database Configurations +- depending on the database that you are using, uncomment/comment the appropriate lines, ENSURE the code for the unused database is commented out + - HINT: don't change any port numbers, unless you have to; including database ports, nginx ports, hubzilla ports +- change the `DB agnostic` options to reflect your desired database credentials + - HINT: if you already have a database, you will need to change the values of `DB_NAME`, `DB_USER`, and `DB_PASSWORD` to reflect that database; if no database is present, a database is created for you using these details + - HINT: `DB_HOST` should match the name (not, container name) of the database container used for hubzilla or within the docker-compose.yml file (see screenshot) + ![hub_db.png](https://raw.githubusercontent.com/dhitchenor/hubzilla/10.0.6/.github/images/hub_db.png) + +#### 4. Edit docker-compose.yml file +- depending on the database that you are using, uncomment/comment the appropriate healthcheck lines, ENSURE the code for the unused database is commented out + - HINT: default database is postgres; unless you want to use MySQL, you won't need to touch this + +#### 5. Ensure placement of files +- if you have changed the location of any files that you gained when cloning this git repository, ensure the changes are reflected within the docker-compose.yml file + - HINT: by default, the '.env' file should be in the same directory as the docker-compose file + - HINT: by default, the nginx.conf file is in the config folder, which is in the same directory as the docker-compose file + +#### 6. Run docker compose +- eg, `docker-compose up -d` (or `docker-compose up` if you want to see the output of the deployment), and navigate to your domain (in a web browser), after deployment has finished. + - NOTE: the new version of docker compose is out (usage: `docker compose up -d` or `docker compose up` if you want to see the output, as before) + - the `version` level in the docker-compose.yml file is not necessary in the new version of docker compose; for backwards compatibility, it has been retained diff --git a/.github/images/hub_9000.png b/.github/images/hub_9000.png new file mode 100644 index 0000000..dfd437e Binary files /dev/null and b/.github/images/hub_9000.png differ diff --git a/.github/images/hub_db.png b/.github/images/hub_db.png new file mode 100644 index 0000000..672584c Binary files /dev/null and b/.github/images/hub_db.png differ diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 2d33468..fcd97e4 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -1,48 +1,40 @@ -name: Docker Image CI +name: Hubzilla Container CI -on: - push: - branches: [ master ] +on: push jobs: - build: + if: | + !contains(fromJson('["refs/heads/dev"]'), github.ref) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Get versions - id: version - run: | - echo "::set-output name=major::$(awk -F, '{print $2}' .tags)" - echo "::set-output name=full::$(awk -F, '{print $1}' .tags)" - - - name: Docker Setup qemu-action - uses: docker/setup-qemu-action@v1 - - name: Docker Setup Buildx - uses: docker/setup-buildx-action@v1 - - name: DockerHub Login - uses: docker/login-action@v1.6.0 + - id: checkout + name: Checkout + uses: actions/checkout@v4.1.1 + - id: dotenv + name: Dotenv + uses: falti/dotenv-action@v1.1 + - id: qemu_setup + name: Setup QEMU + uses: docker/setup-qemu-action@v3.0.0 + - id: buildx_setup + name: Setup Buildx + uses: docker/setup-buildx-action@v3.1.0 + - id: dckrhub_login + name: DockerHub Login + uses: docker/login-action@v3.0.0 with: - username: ${{ github.repository_owner }} + username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Github Login - uses: docker/login-action@v1.6.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GH_CAT_TOKEN }} - - - name: Build the Docker image - uses: docker/build-push-action@v2 + - id: build_push + name: Build the Docker image + uses: docker/build-push-action@v5.1.0 with: context: . file: ./Dockerfile platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 push: true tags: | - ${{ github.repository }}:latest - ${{ github.repository }}:${{ steps.version.outputs.full }} - ${{ github.repository }}:${{ steps.version.outputs.major }} - ghcr.io/${{ github.repository }}:latest - ghcr.io/${{ github.repository }}:${{ steps.version.outputs.full }} - ghcr.io/${{ github.repository }}:${{ steps.version.outputs.major }} + dhitchenor/hubzilla:latest + dhitchenor/hubzilla:${{ steps.dotenv.outputs.ver_full }} + dhitchenor/hubzilla:${{ steps.dotenv.outputs.ver_major }} diff --git a/.tags b/.tags deleted file mode 100644 index 2c00624..0000000 --- a/.tags +++ /dev/null @@ -1 +0,0 @@ -5.6,5.6.0,latest diff --git a/Dockerfile b/Dockerfile index 42be377..3527050 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,49 +1,140 @@ -FROM alpine:latest as build -RUN sed -i 's/dl-cdn.alpinelinux.org/ftp.halifax.rwth-aachen.de/g' /etc/apk/repositories \ - && apk add bash curl gd php7 php7-curl php7-gd php7-json php7-openssl php7-xml php7-pecl-imagick php7-pgsql php7-mysqli php7-mbstring php7-pecl-mcrypt php7-zip \ - && apk add git patch \ - && git clone https://framagit.org/hubzilla/core.git /hubzilla +FROM alpine:3.20.2 as build + +ARG HZ_REPO=https://framagit.org/hubzilla/core +ARG HZ_VERSION=10.0.6 + +RUN apk add bash \ + curl \ + gd \ + git \ + patch \ + php82 \ + php82-bcmath \ + php82-common \ + php82-curl \ + php82-gd \ + php82-iconv \ + php82-intl \ + php82-mbstring \ + php82-mysqli \ + php82-openssl \ + php82-pecl-imagick \ + php82-pecl-mcrypt \ + php82-pgsql \ + php82-xml \ + php82-zip \ + && git clone $HZ_REPO /hubzilla + WORKDIR /hubzilla + COPY entrypoint.sh /hubzilla -COPY .tags /tmp/ -RUN sed 's/,.*//' /tmp/.tags >/hubzilla/version \ - && chmod +x /hubzilla/entrypoint.sh \ - && git pull \ - && git checkout tags/$(cat /hubzilla/version) \ + +RUN chmod +x /hubzilla/entrypoint.sh \ + && git checkout tags/$HZ_VERSION \ && rm -rf .git \ + && mkdir -p "addon" \ + && mkdir -p "extend" \ + && mkdir -p "log" \ && mkdir -p "store/[data]/smarty3" \ + && mkdir -p "view/theme" \ + && mkdir -p "widget" \ && util/add_widget_repo https://framagit.org/hubzilla/widgets.git hubzilla-widgets \ && util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons \ - && util/add_addon_repo https://framagit.org/dentm42/dm42-hz-addons.git dm42 - -FROM php:7.4-fpm-alpine -RUN sed -i 's/dl-cdn.alpinelinux.org/ftp.halifax.rwth-aachen.de/g' /etc/apk/repositories \ - && apk --update --no-cache --no-progress add libpng imagemagick-libs libjpeg-turbo rsync ssmtp shadow mysql-client postgresql-client libmcrypt tzdata ssmtp bash git tzdata openldap-clients imagemagick oniguruma libzip \ - && apk --update --no-progress add --virtual build-deps autoconf curl-dev freetype-dev build-base icu-dev libjpeg-turbo-dev imagemagick-dev libldap libmcrypt-dev libpng-dev libtool libxml2-dev openldap-dev postgresql-dev postgresql-libs unzip libmcrypt-dev libxml2-dev openldap-dev oniguruma-dev libzip-dev \ - && docker-php-ext-configure gd --enable-gd --with-jpeg --with-freetype \ - && docker-php-ext-install gd json mbstring mysqli pgsql xml zip curl json xml zip pdo pdo_mysql pdo_pgsql ldap opcache \ - && pecl install -o -f redis \ - && docker-php-ext-enable redis.so \ - && pecl install imagick \ - && docker-php-ext-enable imagick \ + && util/add_addon_repo https://framagit.org/dentm42/dm42-hz-addons.git dm42 \ + && util/update_widget_repo hubzilla-widgets \ + && util/update_addon_repo hzaddons \ + && util/update_addon_repo dm42 + +FROM php:8.2.22-fpm-alpine3.20 + +RUN apk --update --no-cache --no-progress add \ + bash \ + git \ + icu-libs \ + imagemagick \ + jpeg \ + libavif \ + libgcc \ + libgd \ + libjpeg-turbo \ + libmcrypt \ + libpng \ + libsodium \ + libstdc++ \ + libwebp \ + libzip \ + mysql-client \ + musl \ + oniguruma \ + openldap-clients \ + postgresql-client \ + rsync \ + ssmtp \ + shadow \ + tzdata \ + zlib \ + && apk --update --no-progress add --virtual .build-deps \ + autoconf \ + build-base \ + curl-dev \ + freetype-dev \ + icu-dev \ + icu-data-full \ + imagemagick-dev \ + libavif-dev \ + libjpeg-turbo-dev \ + libldap \ + libmcrypt-dev \ + libpng-dev \ + libsodium-dev \ + libtool \ + libwebp-dev \ + libxml2-dev \ + libzip-dev \ + make \ + oniguruma-dev \ + openldap-dev \ + postgresql-dev \ + postgresql-libs \ + unzip \ + && docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp --with-avif \ + ### Make sure they're are NO 'configure' commands after this command. Ref: https://github.com/docker-library/php/issues/926 ### + && docker-php-ext-install \ + bcmath \ + curl \ + gd \ + intl \ + ldap \ + mbstring \ + mysqli \ + opcache \ + pdo \ + pdo_mysql \ + pdo_pgsql \ + pgsql \ + sodium \ + xml \ + zip \ + && docker-php-ext-enable intl.so \ + && pecl install imagick \ + && docker-php-ext-enable imagick \ + && pecl install -o -f redis \ + && docker-php-ext-enable redis.so \ && pecl install xhprof \ && docker-php-ext-enable xhprof.so \ && echo 'xhprof.output_dir = "/var/www/html/xhprof"'|tee -a /usr/local/etc/php/conf.d/docker-php-ext-xhprof.ini \ - && sed -i '/www-data/s#:[^:]*$#:/bin/ash#' /etc/passwd \ + && sed -i '/www-data/s#:[^:]*$#:/bin/bash#' /etc/passwd \ && echo 'sendmail_path = "/usr/sbin/ssmtp -t"' > /usr/local/etc/php/conf.d/mail.ini \ && echo -e 'upload_max_filesize = 100M\npost_max_size = 101M' > /usr/local/etc/php/conf.d/hubzilla.ini \ && echo -e '#!/bin/sh\ncd /var/www/html\n/usr/local/bin/php /var/www/html/Zotlabs/Daemon/Master.php Cron' >/etc/periodic/15min/hubzilla \ && chmod 755 /etc/periodic/15min/hubzilla \ - && apk --purge del build-deps \ + && apk --purge del .build-deps \ && rm -rf /tmp/* /var/cache/apk/*gz -COPY --from=build /hubzilla /hubzilla -ENTRYPOINT [ "/hubzilla/entrypoint.sh" ] +COPY --from=build /hubzilla /var/www/html + +ENTRYPOINT [ "/var/www/html/entrypoint.sh" ] + CMD ["php-fpm"] + VOLUME /var/www/html -ENV SMTP_HOST smtp.domain.com -ENV SMTP_PORT 587 -ENV SMTP_DOMAIN domain.com -ENV SMTP_USER user -ENV SMTP_PASS password -ENV SMTP_USE_STARTTLS YES diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..68b7e8f --- /dev/null +++ b/LICENSE @@ -0,0 +1,9 @@ +MIT License + +Copyright (c) 2024 Dale Hitchenor + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md deleted file mode 100644 index a73431c..0000000 --- a/README.md +++ /dev/null @@ -1,34 +0,0 @@ -[![Docker Image CI](https://github.com/sebt3/hubzilla/workflows/Docker%20Image%20CI/badge.svg)](https://github.com/sebt3/hubzilla/actions) - -# Hubzilla Docker image - -This is the packaging of [hubzilla](https://framagit.org/hubzilla/core) as a [docker image](https://hub.docker.com/r/sebt3/hubzilla) based on php:7.4-fpm-alpine in a multi-arch (amd64, arm, arm64) format. - -## Supported environnement variables: - -| Variable | Default | Description | -|-------------------|---------------|---------------| -| DB_TYPE | postgres | Database type : postgres or mysql | -| DB_HOST | postgres | Host name of the database | -| DB_PORT | 5432 | Database port number, set empty to use the default of your DB_TYPE (aka 3306 for mysql) | -| DB_NAME | hub | Database name | -| DB_USER | hubzilla | Database user to connect to | -| DB_PASSWORD | hubzilla | Database user password | -| SMTP_HOST | smtp.domain.com | Mail server hostname | -| SMTP_PORT | 587 | Mail server port number | -| SMTP_USER | user | User name for the mail server | -| SMTP_DOMAIN | domain.com | Mail domain | -| SMTP_PASS | password | Password for the user on the mail server, if set empty, then no authentication on the smtp server will be used | -| HUBZILLA_DOMAIN | domain.com | Web domain name for hubzilla | -| HUBZILLA_ADMIN | | email of this hubzilla administrator (you) | -| REDIS_PATH | | If set (to something like " tcp://redis") then php sessions will be stored in this redis server (usefull for horizontal scalability) | -| LDAP_SERVER | | LDAP serveur name (dont forget to add "ldapauth" to the ADDON_LIST) | -| LDAP_ROOT_DN | | LDAP username to connect to (ex: cn=admin,dc=domain,dc=com) | -| LDAP_ADMIN_PASSWORD | | Password for that LDAP user | -| LDAP_BASE | | Path to look for users in the directory (ex: ou=people,,dc=domain,dc=com) | -| ADDON_LIST | nsfw superblock diaspora pubcrawl | Addons to activate during initial configuration | - -## Usage - -Please see the [install directory](https://github.com/sebt3/hubzilla/tree/master/install) for usage examples. - diff --git a/install/nginx.conf b/config/nginx.conf similarity index 98% rename from install/nginx.conf rename to config/nginx.conf index db8af1c..443738f 100644 --- a/install/nginx.conf +++ b/config/nginx.conf @@ -40,7 +40,7 @@ http { location ~* \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass hubzilla:9000; + fastcgi_pass hub:9000; include fastcgi_params; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..f12ad9b --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,81 @@ +version: '3.5' + +networks: + public: + external: true + hubzilla: + +services: + hub_db: + container_name: hubzilla_database # ARBITARY (user can/should change) + image: postgres:16-alpine + restart: unless-stopped + env_file: + - .env + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${DB_USER} -d ${DB_NAME}"] + interval: 10s + timeout: 5s + retries: 5 + #healthcheck: + # test: ["/usr/bin/mysql --user=${DB_USER} --password=${DB_PASSWORD} --execute \"SHOW DATABASES;\""] + # interval: 10s + # timeout: 5s + # retries: 5 + networks: + - hubzilla + volumes: + - "${LOC_DB}:/var/lib/postgresql/data" + + hub_web: + container_name: hubzilla_webserver # ARBITARY (user can/should change) + image: nginx:1.25.3-alpine + restart: unless-stopped + depends_on: + - hub + - hub_cron + env_file: + - .env + volumes: + - "${LOC_NGINXCONF}:/etc/nginx/nginx.conf:ro" + - web_root:/var/www/html:Z # Retain the capital Z (SELinux permission issues) + networks: + - public + labels: # Traefik rules: may NOT work/ be applicable to everyone + - traefik.enable=true + - traefik.http.routers.hub_web.rule=Host(`domain.com`) + - traefik.http.routers.hub_web.tls=true + - traefik.http.routers.hub_web.tls.certresolver=le + - traefik.http.routers.hub_web.entrypoints=websecure + - traefik.http.services.hub_web.loadbalancer.server.port=80 + - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https + - traefik.http.routers.redirect.rule=Host(`domain.com`) + - traefik.http.routers.redirect.middlewares=redirect-to-https + - traefik.http.routers.redirect.entrypoints=web + + hub: + container_name: hubzilla_itself # ARBITARY (user can/should change) + image: "dhitchenor/hubzilla:${VER_FULL}" + restart: unless-stopped + depends_on: + - hub_db + env_file: + - .env + networks: + - public + - hubzilla + volumes: + - web_root:/var/www/html:Z # Retain the capital Z (SELinux permission issues) + + hub_cron: + container_name: hubzilla_cronjob # ARBITARY (user can/should change) + image: "dhitchenor/hubzilla:${VER_FULL}" + restart: unless-stopped + depends_on: + - hub_db + networks: + - hubzilla + command: ["crond", "-f"] + +volumes: + web_root: diff --git a/entrypoint.sh b/entrypoint.sh index 69d6f99..f95faf8 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,87 +1,90 @@ -#!/bin/sh +#!/bin/bash -CURVER="5" -[ -f /var/www/html/version ] && CURVER=$(cat /var/www/html/version|sed 's/\..*//') -if ! [ -f /var/www/html/version ] || ! diff /hubzilla/version /var/www/html/version;then - cp -Rapf /hubzilla/* /hubzilla/.htaccess /var/www/html/ - FORCE_CONFIG=1 -fi - -if [ "${1:-"failed"}" != "crond" ];then # Do no configuration for crond - - - -# Check for database +### CHECK FOR, AND SET THE DATABASE ### CNT=0 case "${DB_TYPE}" in -mysqli|mysql|mariadb|0|"") -srv() { mysql -u "${DB_USER:="hubzilla"}" "-p${DB_PASSWORD:="hubzilla"}" -h "${DB_HOST:="mariadb"}" -P "${DB_PORT:=3306}" "$@" 2>/dev/null ; } -db() { srv -D "${DB_NAME:="hub"}" "$@" ; } -sql() { db -e "$@" ; } - # Warning mysql is largely untested - while ! srv -e "status" >/dev/null;do - echo "Waiting for mysql to be ready ($((CNT+=1)))" - sleep 2 - done - if ! sql 'SELECT count(*) FROM pconfig;' >/dev/null;then - echo "Database doesnt contain the 'pconfig' table... Installing database schema" - db < install/schema_mysql.sql - if [ $? -ne 0 ];then - echo "***** Installing schema generated errors *****" - echo "***** Even if this sound very bad, continuing *****" + # WARNING # mysql is still largely untested.. + [Mm][Yy][Ss][Qq][Ll]|[Mm][Yy][Ss][Qq][Ll][Ii]|[Mm][Aa][Rr][Ii][Aa][Dd][Bb]|0) + srv() { mysql -u "${DB_USER:-hubzilla}" -p "${DB_PASSWORD:-hubzilla}" -h "${DB_HOST:-mariadb}" -P "${DB_PORT:-3306}" "$@"; } + db() { srv -D "${DB_NAME:-hub}" "$@"; } + sql() { db -e "$@" ; } + while ! srv -e "status" > /dev/null; do + echo "Waiting for MariaDB/MySQL to be ready ($((CNT+=1)))" + sleep 2 + done + if ! sql 'SELECT count(*) FROM pconfig;' >/dev/null; then + echo "======== INSTALLING: database schema ========" + db < install/schema_mysql.sql + if [ $? -ne 0 ]; then + echo "======== ERROR: Installing schema generated errors ========" + echo "======== RESULT: Continuing.. See repo if further errors occur ========" + fi + FORCE_CONFIG=1 fi - FORCE_CONFIG=1 - fi - DB_TYPE=0;; -pgsql|postgres|1) -db() { PGPASSWORD="${DB_PASSWORD:="hubzilla"}" psql -h "${DB_HOST:="postgres"}" -p "${DB_PORT:=5432}" -U "${DB_USER:="hubzilla"}" -d "${DB_NAME:="hub"}" -wt "$@" 2>/dev/null ; } -sql() { db -c "$@" ; } - while ! sql 'SELECT * FROM pg_settings WHERE 0=1;' >/dev/null;do - echo "Waiting for postgres to be ready ($((CNT+=1)))" - sleep 2 - done - if ! sql 'SELECT count(*) FROM pconfig;' >/dev/null;then - echo "Database doesnt contain the 'pconfig' table... Installing database schema" - db < install/schema_postgres.sql - if [ $? -ne 0 ];then - echo "***** Installing schema generated errors *****" - echo "***** Even if this sound very bad, continuing *****" + DB_TYPE=0 + ;; + [Pp][Ss][Qq][Ll]|[Pp][Gg][Ss][Qq][Ll]|[Pp][Oo][Ss][Tt][Gg][Rr][Ee][Ss]|1) + db() { PGPASSWORD="${DB_PASSWORD=hubzilla}" psql -h "${DB_HOST=postgres}" -p "${DB_PORT=5432}" -U "${DB_USER=hubzilla}" -d "${DB_NAME=hub}" -wt "$@"; } + sql() { db -c "$@"; } + while ! sql '\q'; do + echo "Waiting for Postgres to be ready ($((CNT+=1)))" + sleep 2 + done + if ! sql 'SELECT count(*) FROM pconfig;' >/dev/null; then + echo "======== INSTALLING: database schema ========" + db < install/schema_postgres.sql + if [ $? -ne 0 ]; then + echo "======== ERROR: Installing schema generated errors ========" + echo "======== RESULT: Continuing.. See repo if further errors occur ========" + fi + FORCE_CONFIG=1 fi - FORCE_CONFIG=1 - fi - DB_TYPE=1;; -*) echo "***** Unknown DB_TYPE=$DB_TYPE ******" - echo "***** Skipping database check/setup ******" - echo "***** YOU ARE on your OWN now ******" - FORCE_CONFIG=0;; + DB_TYPE=1 + ;; + *) + echo "======== ERROR: Unknown DB_TYPE=${DB_TYPE=Unknown} ========" + echo "======== RESULT: Skipping DB Setup/Check ========" + FORCE_CONFIG=0 + ;; esac +cd /var/www/html - -cat > /etc/ssmtp/ssmtp.conf < /etc/ssmtp/ssmtp.conf mailhub=${SMTP_HOST}:${SMTP_PORT} UseSTARTTLS=${SMTP_USE_STARTTLS} root=${SMTP_USER}@${SMTP_DOMAIN} rewriteDomain=${SMTP_DOMAIN} FromLineOverride=YES -END -if [ ${SMTP_PASS:-"nope"} != "nope" ];then - cat >> /etc/ssmtp/ssmtp.conf <> /etc/ssmtp/ssmtp.conf AuthUser=${SMTP_USER} AuthPass=${SMTP_PASS} -END +SMTPCONF fi -echo "root:${SMTP_USER}@${SMTP_DOMAIN}">/etc/ssmtp/revaliases -echo "www-data:${SMTP_USER}@${SMTP_DOMAIN}">>/etc/ssmtp/revaliases +echo "root:${SMTP_USER}@${SMTP_DOMAIN}" > /etc/ssmtp/revaliases +echo "www-data:${SMTP_USER}@${SMTP_DOMAIN}" >> /etc/ssmtp/revaliases + +# Arrange permissions for folders +for folder in "${folders=addon extend log store view widget}"; do + echo "Fixing folder: $folder" + if [ "$folder" = view ]; then + chmod -R 755 $folder + else + chmod 755 $folder + fi +done -chown -R www-data:www-data "store" chown www-data:www-data . -if [ ${FORCE_CONFIG:-"0"} -eq 1 ];then -db() { PGPASSWORD="${DB_PASSWORD:="hubzilla"}" psql -h "${DB_HOST:="postgres"}" -p "${DB_PORT:=5432}" -U "${DB_USER:="hubzilla"}" -d "${DB_NAME:="hub"}" -wt "$@" 2>/dev/null ; } - if ! [ -f .htconfig.php ];then - random_string() { tr -dc '0-9a-f' .htconfig.php < .htconfig.php addon/jappixmini.tgz - util/config jappixmini bosh_address "https://$HUBZILLA_DOMAIN/http-bind";; - #xmpp) util/config xmpp bosh_proxy "https://$HUBZILLA_DOMAIN/http-bind";; - ldapauth) util/config ldapauth ldap_server ldap://$LDAP_SERVER - util/config ldapauth ldap_binddn $LDAP_ROOT_DN - util/config ldapauth ldap_bindpw $LDAP_ADMIN_PASSWORD - util/config ldapauth ldap_searchdn $LDAP_BASE + diaspora) + util/config system diaspora_allowed 1 + ;; + xmpp) + util/config xmpp bosh_proxy "https://${DOMAIN}/http-bind" + ;; + ldapauth) + util/config ldapauth ldap_server ldap://${LDAP_SERVER} + util/config ldapauth ldap_binddn ${LDAP_ROOT_DN} + util/config ldapauth ldap_bindpw ${LDAP_ADMIN_PASSWORD} + util/config ldapauth ldap_searchdn ${LDAP_BASE} util/config ldapauth ldap_userattr uid - util/config ldapauth create_account 1;; + util/config ldapauth create_account 1 + ;; esac done util/service_class system default_service_class firstclass - util/config system disable_email_validation 1 util/config system ignore_imagick true + util/config system register_policy ${REGISTER_POLICY} + #util/config system disable_email_validation 1 fi -if [ ${CURVER:-'5'} == "4" ];then - - echo "======== Running udall ========" -if [ -d extend ] ; then - for a in theme addon widget ; do - if [ -d extend/$a ]; then - for b in `ls extend/$a` ; do - echo Updating $b - 'util/update_'$a'_repo' $b - done - fi - done -fi - echo "======== udall SUCCESS ========" - echo "======== Running z6convert ========" - echo "This Will take a while..." +# Extra configurations needed if Hubzilla version is 4 or below +CURVER=$(printf "%d" "${HZ_VERSION}") +MAXVER=$(printf "%d" "5") +if [ CURVER -lt MAXVER ]; then + + echo "======== RUNNING: udall ========" + util/udall + echo "======== SUCCESS: udall ========" + echo "======== RUNNING: z6convert ========" + echo "This may take a while..." php util/z6convert.php R=$? - if [ $R -ne 0 ];then - echo "======== FAILED z6convert ========" + if [ $R -ne 0 ]; then + echo "======== FAILED: z6convert ========" else - echo "======== z6convert SUCCESS ========" + echo "======== SUCCESS: z6convert ========" fi fi -mkdir -p /var/www/html/xhprof -chown www-data:www-data /var/www/html/xhprof +chown -R www-data:www-data /var/www/html/* +chown -R www-data:www-data /var/www/html/.* -fi echo "Starting $@" exec "$@" diff --git a/install/docker-compose.yml b/install/docker-compose.yml deleted file mode 100644 index e7205de..0000000 --- a/install/docker-compose.yml +++ /dev/null @@ -1,72 +0,0 @@ -version: '3.5' -networks: - hubzilla: - public: - external: true -volumes: - voldb: - volweb: -configs: - nginx: - file: nginx.conf -services: - postgres: - image: postgres:12-alpine - environment: - POSTGRES_PASSWORD: hubzilla - POSTGRES_USER: hubzilla - POSTGRES_DB: hub - volumes: - - voldb:/var/lib/postgresql/data - networks: - - hubzilla - nginx: - image: nginx:alpine - configs: - - source: nginx - target: /etc/nginx/nginx.conf - volumes: - - volweb:/var/www/html - networks: - - hubzilla - - public - deploy: - labels: - - traefik.enable=true - - traefik.http.routers.hubzilla.rule=Host(`domain.com`) - - traefik.http.routers.hubzilla.tls=true - - traefik.http.routers.hubzilla.tls.certresolver=le - - traefik.http.routers.hubzilla.entrypoints=websecure - - traefik.http.services.hubzilla.loadbalancer.server.port=80 - - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https - - traefik.http.routers.redirect.rule=Host(`domain.com`) - - traefik.http.routers.redirect.middlewares=redirect-to-https - - traefik.http.routers.redirect.entrypoints=web - hubzilla: - image: sebt3/hubzilla:5.0 - depends_on: - - postgres - - nginx - environment: - DB_HOST: postgres - DB_PORT: 5432 - DB_TYPE: pgsql - DB_NAME: hub - DB_USER: hubzilla - DB_PASSWORD: hubzilla - HUBZILLA_DOMAIN: "domain.com" - HUBZILLA_ADMIN: "admin@domain.com" - ADDON_LIST: "nsfw superblock diaspora pubcrawl openstreetmap bookmarker" - networks: - - hubzilla - volumes: - - volweb:/var/www/html - cron: - image: sebt3/hubzilla:5.0 - depends_on: - - postgres - command: ["crond", "-f"] - networks: - - hubzilla - volumes: - - volweb:/var/www/html