From f847f6f5b9fec7bc6a418c94d6839c93bd947f5b Mon Sep 17 00:00:00 2001 From: Yann Autissier Date: Fri, 11 Nov 2022 23:37:28 +0100 Subject: [PATCH] split make files in `myos` project and install files in `yaip` project --- .env.dist | 2 - CHANGELOG.md | 4 + Makefile | 19 +- README.md | 2 +- ansible/ansible.mk | 37 - ansible/def.ansible.mk | 61 - ansible/install.mk | 8 - aws/aws.mk | 203 --- aws/def.aws.mk | 23 - docker/ansible/Dockerfile | 42 - docker/aws/Dockerfile | 43 - docker/certbot/Dockerfile | 51 - docker/certbot/certbot-renew | 4 - docker/certbot/docker-entrypoint.sh | 16 - docker/compose/Dockerfile | 20 - docker/consul/Dockerfile | 23 - docker/consul/docker-healthcheck | 43 - docker/elastic/apm-server-oss/Dockerfile | 9 - .../elastic/apm-server-oss/apm-server.docker.yml | 931 ------------ docker/elastic/apm-server-oss/apm-server.yml | 30 - .../apm-server-oss/dashboards/error_details.json | 98 -- .../elastic/apm-server-oss/dashboards/errors.json | 82 - .../apm-server-oss/dashboards/services.json | 111 -- .../apm-server-oss/dashboards/span_details.json | 67 - .../apm-server-oss/dashboards/transactions.json | 111 -- docker/elastic/apm-server/Dockerfile | 9 - docker/elastic/curator/Dockerfile | 26 - docker/elastic/curator/action.yml | 23 - docker/elastic/curator/config.yml | 18 - docker/elastic/curator/docker-entrypoint.sh | 16 - docker/fabio/Dockerfile | 25 - docker/goofys/Dockerfile | 24 - docker/grafana/Dockerfile | 26 - docker/grafana/config.ini | 2 - docker/grafana/dashboards/containers.json | 1383 ----------------- docker/grafana/dashboards/host.json | 1607 -------------------- docker/grafana/docker-entrypoint.sh | 5 - .../grafana/provisioning/dashboards/dashboards.yml | 6 - .../provisioning/datasources/datasources.tmpl | 30 - docker/http/alpine/Dockerfile | 24 - docker/http/alpine/docker-entrypoint.sh | 9 - docker/http/alpine/httpd-vhosts.ctmpl | 21 - docker/ipfs/Dockerfile | 45 - docker/ipfs/ipfs-config.sh | 102 -- docker/myos/.screenrc | 3 - docker/myos/.tmux.conf | 32 - docker/myos/Dockerfile | 173 --- docker/myos/docker-entrypoint.sh | 31 - docker/mysql/5.6/Dockerfile | 19 - docker/mysql/5.6/conf.d/all.cnf | 22 - docker/mysql/5.6/conf.d/master.cnf | 8 - docker/mysql/5.6/goss.yml | 23 - docker/openstack/Dockerfile | 49 - docker/packer/Dockerfile | 67 - docker/pdns-server/.gitrepo | 12 - docker/pdns-server/Dockerfile | 67 - docker/pdns-server/README.md | 22 - docker/pdns-server/docker-entrypoint.sh | 9 - docker/phabricator-daemon/Dockerfile | 11 - docker/phabricator/Dockerfile | 10 - docker/php/5.6-fpm-alpine/Dockerfile | 239 --- docker/php/5.6-fpm-alpine/apc.ini | 5 - docker/php/5.6-fpm-alpine/blackfire.ini | 1 - docker/php/5.6-fpm-alpine/newrelic.ini | 4 - docker/php/5.6-fpm-alpine/opcache.ini | 8 - docker/php/5.6-fpm-alpine/php-fpm-pool.conf | 412 ----- docker/php/5.6-fpm-alpine/php.ini | 56 - docker/php/5.6-fpm-alpine/suhosin.ini | 1 - docker/php/5.6-fpm-alpine/xdebug.ini | 13 - docker/php/7.0-fpm-alpine/Dockerfile | 270 ---- docker/php/7.0-fpm-alpine/apc.ini | 5 - docker/php/7.0-fpm-alpine/blackfire.ini | 1 - docker/php/7.0-fpm-alpine/memcached.ini | 1 - docker/php/7.0-fpm-alpine/newrelic.ini | 4 - docker/php/7.0-fpm-alpine/opcache.ini | 8 - docker/php/7.0-fpm-alpine/php-fpm-pool.conf | 412 ----- docker/php/7.0-fpm-alpine/php.ini | 56 - docker/php/7.0-fpm-alpine/xdebug.ini | 13 - docker/php/7.1-fpm-alpine/Dockerfile | 262 ---- docker/php/7.1-fpm-alpine/apc.ini | 5 - docker/php/7.1-fpm-alpine/blackfire.ini | 1 - docker/php/7.1-fpm-alpine/memcached.ini | 1 - docker/php/7.1-fpm-alpine/newrelic.ini | 4 - docker/php/7.1-fpm-alpine/opcache.ini | 8 - docker/php/7.1-fpm-alpine/php-fpm-pool.conf | 412 ----- docker/php/7.1-fpm-alpine/php.ini | 56 - docker/php/7.1-fpm-alpine/xdebug.ini | 13 - docker/php/7.2-fpm-alpine/Dockerfile | 267 ---- docker/php/7.2-fpm-alpine/apc.ini | 5 - docker/php/7.2-fpm-alpine/blackfire.ini | 1 - docker/php/7.2-fpm-alpine/memcached.ini | 1 - docker/php/7.2-fpm-alpine/newrelic.ini | 4 - docker/php/7.2-fpm-alpine/opcache.ini | 8 - docker/php/7.2-fpm-alpine/php-fpm-pool.conf | 412 ----- docker/php/7.2-fpm-alpine/php.ini | 56 - docker/php/7.2-fpm-alpine/xdebug.ini | 13 - docker/php/7.3-fpm-alpine/Dockerfile | 264 ---- docker/php/7.3-fpm-alpine/apc.ini | 5 - docker/php/7.3-fpm-alpine/blackfire.ini | 1 - docker/php/7.3-fpm-alpine/memcached.ini | 1 - docker/php/7.3-fpm-alpine/newrelic.ini | 4 - docker/php/7.3-fpm-alpine/opcache.ini | 8 - docker/php/7.3-fpm-alpine/php-fpm-pool.conf | 412 ----- docker/php/7.3-fpm-alpine/php.ini | 56 - docker/php/7.3-fpm-alpine/xdebug.ini | 13 - docker/prometheus/alertmanager/Dockerfile | 9 - docker/prometheus/alertmanager/config.tmpl | 224 --- docker/prometheus/blackbox-exporter/Dockerfile | 7 - docker/prometheus/blackbox-exporter/config.yml | 38 - docker/prometheus/es-exporter/Dockerfile | 7 - docker/prometheus/es-exporter/exporter.cfg | 112 -- docker/prometheus/prometheus/Dockerfile | 21 - docker/prometheus/prometheus/alert-rules.yml | 147 -- docker/prometheus/prometheus/docker-entrypoint.sh | 11 - docker/prometheus/prometheus/prometheus.tmpl | 107 -- docker/registrator/Dockerfile | 42 - docker/riofs/Dockerfile | 44 - docker/s3fs/Dockerfile | 68 - docker/s3fs/docker-entrypoint.sh | 64 - docker/sematext/logagent/Dockerfile | 23 - docker/ssh/AUTHORS.md | 4 - docker/ssh/CHANGELOG.md | 10 - docker/ssh/Dockerfile | 54 - docker/ssh/LICENSE | 20 - docker/ssh/README.md | 72 - docker/ssh/docker-entrypoint.sh | 31 - docker/terraform/Dockerfile | 35 - docker/theia/.screenrc | 3 - docker/theia/.tmux.conf | 32 - docker/theia/Dockerfile | 266 ---- docker/theia/latest.package.json | 50 - docker/theia/next.package.json | 56 - docker/theia/package.json | 57 - docker/toggle/ui/config.js | 1 - docker/vsftpd-s3/.gitrepo | 12 - docker/vsftpd-s3/CHANGELOG.md | 10 - docker/vsftpd-s3/Dockerfile | 56 - docker/vsftpd-s3/LICENSE | 18 - docker/vsftpd-s3/README.md | 86 -- docker/vsftpd-s3/docker-entrypoint.sh | 137 -- docker/vsftpd-s3/lftp-sync.sh | 43 - docker/x2go/xfce-debian/Dockerfile | 34 - docker/x2go/xfce-debian/run.sh | 55 - docker/x2go/xfce-debian/setup_ecryptfs.sh | 32 - docker/x2go/xfce-debian/setup_ecryptfs_sshagent.sh | 69 - docker/x2go/xfce-debian/setup_locales.sh | 10 - docker/x2go/xfce-debian/setup_sshd.sh | 20 - docker/x2go/xfce-debian/setup_timezone.sh | 7 - docker/x2go/xfce-debian/setup_users.sh | 33 - docker/zen/Dockerfile | 121 -- docker/zen/docker-entrypoint.sh | 33 - make/apps/build.mk | 37 - make/apps/common.mk | 223 --- make/apps/def.build.mk | 50 - make/apps/def.deploy.mk | 11 - make/apps/def.docker.mk | 141 -- make/apps/def.install.mk | 9 - make/apps/def.mk | 26 - make/apps/deploy.mk | 40 - make/apps/docker.mk | 252 --- make/apps/git.mk | 74 - make/apps/install.mk | 50 - make/apps/myos/def.mk | 14 - make/apps/myos/def.setup.mk | 18 - make/apps/myos/def.ssh.mk | 31 - make/apps/myos/setup.mk | 38 - make/apps/myos/ssh.mk | 47 - make/apps/release.mk | 47 - make/apps/subrepo/def.mk | 2 - make/apps/subrepo/subrepo.mk | 21 - make/common.mk | 114 -- make/def.app.mk | 138 -- make/def.docker.mk | 109 -- make/def.mk | 297 ---- make/end.mk | 7 - make/env.mk | 102 -- make/help.mk | 83 - make/include.mk | 25 - make/monorepo/common.mk | 103 -- make/monorepo/def.drone.mk | 14 - make/monorepo/def.mk | 6 - make/monorepo/release.mk | 49 - make/monorepo/subrepo.mk | 91 -- make/myos.mk | 7 - make/utils.mk | 136 -- openstack/.env.dist | 6 - openstack/def.openstack.mk | 14 - openstack/openstack.mk | 9 - packer/def.packer.alpine.mk | 6 - packer/def.packer.mk | 125 -- packer/packer.mk | 44 - stack/User.mk | 18 - stack/User/.env.dist | 6 - stack/User/User.yml | 57 - stack/cloud/.env.dist | 5 - stack/cloud/nextcloud.yml | 33 - stack/default.mk | 4 - stack/develop.mk | 1 - stack/drone.mk | 1 - stack/drone/.env.dist | 9 - stack/drone/drone-runner-docker.1.1.yml | 5 - stack/drone/drone-runner-docker.1.2.yml | 5 - stack/drone/drone-runner-docker.1.3.yml | 5 - stack/drone/drone-runner-docker.debug.yml | 7 - stack/drone/drone-runner-docker.latest.yml | 5 - stack/drone/drone-runner-docker.yml | 24 - stack/drone/drone.1.6.yml | 5 - stack/drone/drone.1.7.yml | 5 - stack/drone/drone.debug | 7 - stack/drone/drone.latest.yml | 5 - stack/drone/drone.yml | 43 - stack/drone/gc.1.0.yml | 5 - stack/drone/gc.debug.yml | 8 - stack/drone/gc.latest.yml | 5 - stack/drone/gc.yml | 18 - stack/elastic.mk | 11 - stack/elastic/.env.dist | 11 - stack/elastic/apm-server-oss.yml | 29 - stack/elastic/apm-server.yml | 27 - stack/elastic/curator.local.yml | 6 - stack/elastic/curator.yml | 26 - stack/elastic/elasticsearch.5.3.yml | 7 - stack/elastic/elasticsearch.7.4.yml | 7 - stack/elastic/elasticsearch.latest.yml | 5 - stack/elastic/elasticsearch.local.7.4.yml | 7 - stack/elastic/elasticsearch.yml | 47 - stack/elastic/kibana-oss.7.4.yml | 9 - stack/elastic/kibana-oss.latest.yml | 9 - stack/elastic/kibana-oss.local.yml | 6 - stack/elastic/kibana-oss.yml | 22 - stack/elastic/kibana.5.3.yml | 7 - stack/elastic/kibana.7.4.yml | 9 - stack/elastic/kibana.latest.yml | 9 - stack/elastic/kibana.local.yml | 6 - stack/elastic/kibana.yml | 22 - stack/grafana/.env.dist | 6 - stack/grafana/grafana.yml | 40 - stack/ipfs.mk | 9 - stack/ipfs/.env.dist | 10 - stack/ipfs/ipfs.yml | 96 -- stack/logs.mk | 6 - stack/memcached/memcached.yml | 18 - stack/monitoring.mk | 1 - stack/mysql/.env.dist | 1 - stack/mysql/mysql.5.6.yml | 10 - stack/mysql/mysql.dev.yml | 6 - stack/mysql/mysql.latest.yml | 5 - stack/mysql/mysql.local.yml | 6 - stack/mysql/mysql.yml | 24 - stack/newrelic.mk | 1 - stack/newrelic/php-daemon.yml | 19 - stack/nginx/.env.dist | 1 - stack/nginx/static.yml | 29 - stack/node.mk | 95 -- stack/node/.env.dist | 4 - stack/node/backup/.env.dist | 2 - stack/node/backup/restic.yml | 27 - stack/node/exporter/.env.dist | 2 - stack/node/exporter/exporter.yml | 49 - stack/node/ipfs/.env.dist | 9 - stack/node/ipfs/ipfs.yml | 82 - stack/node/mail/.env.dist | 4 - stack/node/mail/mailserver.yml | 166 -- stack/node/node.yml | 125 -- stack/node/pdns/pdns-recursor.yml | 15 - stack/node/portainer/.env.dist | 1 - stack/node/portainer/portainer.yml | 28 - stack/node/vsftpd/.env.dist | 3 - stack/node/vsftpd/vsftpd-s3.yml | 38 - stack/portainer/.env.dist | 1 - stack/portainer/portainer.yml | 27 - stack/postgres/.env.dist | 3 - stack/postgres/postgres.9.6.yml | 5 - stack/postgres/postgres.dev.yml | 6 - stack/postgres/postgres.latest.yml | 5 - stack/postgres/postgres.local.yml | 24 - stack/postgres/postgres.yml | 26 - stack/prometheus/.env.dist | 8 - stack/prometheus/alertmanager.yml | 29 - stack/prometheus/blackbox-exporter.yml | 28 - stack/prometheus/es-exporter.yml | 29 - stack/prometheus/prometheus.yml | 35 - stack/rabbitmq/.env.dist | 1 - stack/rabbitmq/rabbitmq.yml | 35 - stack/redis/redis.yml | 27 - stack/redmine/.env.dist | 33 - stack/redmine/redmine.3.4.yml | 5 - stack/redmine/redmine.4.0.yml | 5 - stack/redmine/redmine.latest.yml | 5 - stack/redmine/redmine.yml | 47 - stack/redmine/redmine3.yml | 40 - stack/sematext/logagent.yml | 28 - stack/testing.mk | 1 - stack/theia/.env.dist | 6 - stack/theia/theia.yml | 56 - stack/x2go/.env.dist | 5 - stack/x2go/xfce_debian.yml | 47 - stack/zen.mk | 14 - stack/zen/.env.dist | 7 - stack/zen/zen.yml | 51 - terraform/def.terraform.mk | 5 - terraform/terraform.mk | 4 - 302 files changed, 10 insertions(+), 16952 deletions(-) delete mode 100644 ansible/ansible.mk delete mode 100644 ansible/def.ansible.mk delete mode 100644 ansible/install.mk delete mode 100644 aws/aws.mk delete mode 100644 aws/def.aws.mk delete mode 100644 docker/ansible/Dockerfile delete mode 100644 docker/aws/Dockerfile delete mode 100644 docker/certbot/Dockerfile delete mode 100755 docker/certbot/certbot-renew delete mode 100755 docker/certbot/docker-entrypoint.sh delete mode 100644 docker/compose/Dockerfile delete mode 100644 docker/consul/Dockerfile delete mode 100755 docker/consul/docker-healthcheck delete mode 100644 docker/elastic/apm-server-oss/Dockerfile delete mode 100644 docker/elastic/apm-server-oss/apm-server.docker.yml delete mode 100644 docker/elastic/apm-server-oss/apm-server.yml delete mode 100644 docker/elastic/apm-server-oss/dashboards/error_details.json delete mode 100644 docker/elastic/apm-server-oss/dashboards/errors.json delete mode 100644 docker/elastic/apm-server-oss/dashboards/services.json delete mode 100644 docker/elastic/apm-server-oss/dashboards/span_details.json delete mode 100644 docker/elastic/apm-server-oss/dashboards/transactions.json delete mode 100644 docker/elastic/apm-server/Dockerfile delete mode 100644 docker/elastic/curator/Dockerfile delete mode 100644 docker/elastic/curator/action.yml delete mode 100644 docker/elastic/curator/config.yml delete mode 100755 docker/elastic/curator/docker-entrypoint.sh delete mode 100644 docker/fabio/Dockerfile delete mode 100644 docker/goofys/Dockerfile delete mode 100644 docker/grafana/Dockerfile delete mode 100644 docker/grafana/config.ini delete mode 100644 docker/grafana/dashboards/containers.json delete mode 100644 docker/grafana/dashboards/host.json delete mode 100644 docker/grafana/docker-entrypoint.sh delete mode 100644 docker/grafana/provisioning/dashboards/dashboards.yml delete mode 100644 docker/grafana/provisioning/datasources/datasources.tmpl delete mode 100644 docker/http/alpine/Dockerfile delete mode 100755 docker/http/alpine/docker-entrypoint.sh delete mode 100644 docker/http/alpine/httpd-vhosts.ctmpl delete mode 100644 docker/ipfs/Dockerfile delete mode 100755 docker/ipfs/ipfs-config.sh delete mode 100644 docker/myos/.screenrc delete mode 100644 docker/myos/.tmux.conf delete mode 100644 docker/myos/Dockerfile delete mode 100755 docker/myos/docker-entrypoint.sh delete mode 100644 docker/mysql/5.6/Dockerfile delete mode 100644 docker/mysql/5.6/conf.d/all.cnf delete mode 100644 docker/mysql/5.6/conf.d/master.cnf delete mode 100644 docker/mysql/5.6/goss.yml delete mode 100644 docker/openstack/Dockerfile delete mode 100644 docker/packer/Dockerfile delete mode 100644 docker/pdns-server/.gitrepo delete mode 100644 docker/pdns-server/Dockerfile delete mode 100644 docker/pdns-server/README.md delete mode 100755 docker/pdns-server/docker-entrypoint.sh delete mode 100644 docker/phabricator-daemon/Dockerfile delete mode 100644 docker/phabricator/Dockerfile delete mode 100644 docker/php/5.6-fpm-alpine/Dockerfile delete mode 100644 docker/php/5.6-fpm-alpine/apc.ini delete mode 100644 docker/php/5.6-fpm-alpine/blackfire.ini delete mode 100644 docker/php/5.6-fpm-alpine/newrelic.ini delete mode 100644 docker/php/5.6-fpm-alpine/opcache.ini delete mode 100644 docker/php/5.6-fpm-alpine/php-fpm-pool.conf delete mode 100644 docker/php/5.6-fpm-alpine/php.ini delete mode 100644 docker/php/5.6-fpm-alpine/suhosin.ini delete mode 100644 docker/php/5.6-fpm-alpine/xdebug.ini delete mode 100644 docker/php/7.0-fpm-alpine/Dockerfile delete mode 100644 docker/php/7.0-fpm-alpine/apc.ini delete mode 100644 docker/php/7.0-fpm-alpine/blackfire.ini delete mode 100644 docker/php/7.0-fpm-alpine/memcached.ini delete mode 100644 docker/php/7.0-fpm-alpine/newrelic.ini delete mode 100644 docker/php/7.0-fpm-alpine/opcache.ini delete mode 100644 docker/php/7.0-fpm-alpine/php-fpm-pool.conf delete mode 100644 docker/php/7.0-fpm-alpine/php.ini delete mode 100644 docker/php/7.0-fpm-alpine/xdebug.ini delete mode 100644 docker/php/7.1-fpm-alpine/Dockerfile delete mode 100644 docker/php/7.1-fpm-alpine/apc.ini delete mode 100644 docker/php/7.1-fpm-alpine/blackfire.ini delete mode 100644 docker/php/7.1-fpm-alpine/memcached.ini delete mode 100644 docker/php/7.1-fpm-alpine/newrelic.ini delete mode 100644 docker/php/7.1-fpm-alpine/opcache.ini delete mode 100644 docker/php/7.1-fpm-alpine/php-fpm-pool.conf delete mode 100644 docker/php/7.1-fpm-alpine/php.ini delete mode 100644 docker/php/7.1-fpm-alpine/xdebug.ini delete mode 100644 docker/php/7.2-fpm-alpine/Dockerfile delete mode 100644 docker/php/7.2-fpm-alpine/apc.ini delete mode 100644 docker/php/7.2-fpm-alpine/blackfire.ini delete mode 100644 docker/php/7.2-fpm-alpine/memcached.ini delete mode 100644 docker/php/7.2-fpm-alpine/newrelic.ini delete mode 100644 docker/php/7.2-fpm-alpine/opcache.ini delete mode 100644 docker/php/7.2-fpm-alpine/php-fpm-pool.conf delete mode 100644 docker/php/7.2-fpm-alpine/php.ini delete mode 100644 docker/php/7.2-fpm-alpine/xdebug.ini delete mode 100644 docker/php/7.3-fpm-alpine/Dockerfile delete mode 100644 docker/php/7.3-fpm-alpine/apc.ini delete mode 100644 docker/php/7.3-fpm-alpine/blackfire.ini delete mode 100644 docker/php/7.3-fpm-alpine/memcached.ini delete mode 100644 docker/php/7.3-fpm-alpine/newrelic.ini delete mode 100644 docker/php/7.3-fpm-alpine/opcache.ini delete mode 100644 docker/php/7.3-fpm-alpine/php-fpm-pool.conf delete mode 100644 docker/php/7.3-fpm-alpine/php.ini delete mode 100644 docker/php/7.3-fpm-alpine/xdebug.ini delete mode 100644 docker/prometheus/alertmanager/Dockerfile delete mode 100644 docker/prometheus/alertmanager/config.tmpl delete mode 100644 docker/prometheus/blackbox-exporter/Dockerfile delete mode 100644 docker/prometheus/blackbox-exporter/config.yml delete mode 100644 docker/prometheus/es-exporter/Dockerfile delete mode 100644 docker/prometheus/es-exporter/exporter.cfg delete mode 100644 docker/prometheus/prometheus/Dockerfile delete mode 100644 docker/prometheus/prometheus/alert-rules.yml delete mode 100755 docker/prometheus/prometheus/docker-entrypoint.sh delete mode 100644 docker/prometheus/prometheus/prometheus.tmpl delete mode 100644 docker/registrator/Dockerfile delete mode 100644 docker/riofs/Dockerfile delete mode 100644 docker/s3fs/Dockerfile delete mode 100755 docker/s3fs/docker-entrypoint.sh delete mode 100644 docker/sematext/logagent/Dockerfile delete mode 100644 docker/ssh/AUTHORS.md delete mode 100644 docker/ssh/CHANGELOG.md delete mode 100644 docker/ssh/Dockerfile delete mode 100644 docker/ssh/LICENSE delete mode 100644 docker/ssh/README.md delete mode 100755 docker/ssh/docker-entrypoint.sh delete mode 100644 docker/terraform/Dockerfile delete mode 100644 docker/theia/.screenrc delete mode 100644 docker/theia/.tmux.conf delete mode 100644 docker/theia/Dockerfile delete mode 100644 docker/theia/latest.package.json delete mode 100644 docker/theia/next.package.json delete mode 100644 docker/theia/package.json delete mode 100644 docker/toggle/ui/config.js delete mode 100644 docker/vsftpd-s3/.gitrepo delete mode 100644 docker/vsftpd-s3/CHANGELOG.md delete mode 100644 docker/vsftpd-s3/Dockerfile delete mode 100644 docker/vsftpd-s3/LICENSE delete mode 100644 docker/vsftpd-s3/README.md delete mode 100755 docker/vsftpd-s3/docker-entrypoint.sh delete mode 100644 docker/vsftpd-s3/lftp-sync.sh delete mode 100644 docker/x2go/xfce-debian/Dockerfile delete mode 100755 docker/x2go/xfce-debian/run.sh delete mode 100755 docker/x2go/xfce-debian/setup_ecryptfs.sh delete mode 100755 docker/x2go/xfce-debian/setup_ecryptfs_sshagent.sh delete mode 100755 docker/x2go/xfce-debian/setup_locales.sh delete mode 100755 docker/x2go/xfce-debian/setup_sshd.sh delete mode 100755 docker/x2go/xfce-debian/setup_timezone.sh delete mode 100755 docker/x2go/xfce-debian/setup_users.sh delete mode 100644 docker/zen/Dockerfile delete mode 100755 docker/zen/docker-entrypoint.sh delete mode 100644 make/apps/build.mk delete mode 100644 make/apps/common.mk delete mode 100644 make/apps/def.build.mk delete mode 100644 make/apps/def.deploy.mk delete mode 100644 make/apps/def.docker.mk delete mode 100644 make/apps/def.install.mk delete mode 100644 make/apps/def.mk delete mode 100644 make/apps/deploy.mk delete mode 100644 make/apps/docker.mk delete mode 100644 make/apps/git.mk delete mode 100644 make/apps/install.mk delete mode 100644 make/apps/myos/def.mk delete mode 100644 make/apps/myos/def.setup.mk delete mode 100644 make/apps/myos/def.ssh.mk delete mode 100644 make/apps/myos/setup.mk delete mode 100644 make/apps/myos/ssh.mk delete mode 100644 make/apps/release.mk delete mode 100644 make/apps/subrepo/def.mk delete mode 100644 make/apps/subrepo/subrepo.mk delete mode 100644 make/common.mk delete mode 100644 make/def.app.mk delete mode 100644 make/def.docker.mk delete mode 100644 make/def.mk delete mode 100644 make/end.mk delete mode 100644 make/env.mk delete mode 100644 make/help.mk delete mode 100644 make/include.mk delete mode 100644 make/monorepo/common.mk delete mode 100644 make/monorepo/def.drone.mk delete mode 100644 make/monorepo/def.mk delete mode 100644 make/monorepo/release.mk delete mode 100644 make/monorepo/subrepo.mk delete mode 100644 make/myos.mk delete mode 100644 make/utils.mk delete mode 100644 openstack/.env.dist delete mode 100644 openstack/def.openstack.mk delete mode 100644 openstack/openstack.mk delete mode 100644 packer/def.packer.alpine.mk delete mode 100644 packer/def.packer.mk delete mode 100644 packer/packer.mk delete mode 100644 stack/User.mk delete mode 100644 stack/User/.env.dist delete mode 100644 stack/User/User.yml delete mode 100644 stack/cloud/.env.dist delete mode 100644 stack/cloud/nextcloud.yml delete mode 100644 stack/default.mk delete mode 100644 stack/develop.mk delete mode 100644 stack/drone.mk delete mode 100644 stack/drone/.env.dist delete mode 100644 stack/drone/drone-runner-docker.1.1.yml delete mode 100644 stack/drone/drone-runner-docker.1.2.yml delete mode 100644 stack/drone/drone-runner-docker.1.3.yml delete mode 100644 stack/drone/drone-runner-docker.debug.yml delete mode 100644 stack/drone/drone-runner-docker.latest.yml delete mode 100644 stack/drone/drone-runner-docker.yml delete mode 100644 stack/drone/drone.1.6.yml delete mode 100644 stack/drone/drone.1.7.yml delete mode 100644 stack/drone/drone.debug delete mode 100644 stack/drone/drone.latest.yml delete mode 100644 stack/drone/drone.yml delete mode 100644 stack/drone/gc.1.0.yml delete mode 100644 stack/drone/gc.debug.yml delete mode 100644 stack/drone/gc.latest.yml delete mode 100644 stack/drone/gc.yml delete mode 100644 stack/elastic.mk delete mode 100644 stack/elastic/.env.dist delete mode 100644 stack/elastic/apm-server-oss.yml delete mode 100644 stack/elastic/apm-server.yml delete mode 100644 stack/elastic/curator.local.yml delete mode 100644 stack/elastic/curator.yml delete mode 100644 stack/elastic/elasticsearch.5.3.yml delete mode 100644 stack/elastic/elasticsearch.7.4.yml delete mode 100644 stack/elastic/elasticsearch.latest.yml delete mode 100644 stack/elastic/elasticsearch.local.7.4.yml delete mode 100644 stack/elastic/elasticsearch.yml delete mode 100644 stack/elastic/kibana-oss.7.4.yml delete mode 100644 stack/elastic/kibana-oss.latest.yml delete mode 100644 stack/elastic/kibana-oss.local.yml delete mode 100644 stack/elastic/kibana-oss.yml delete mode 100644 stack/elastic/kibana.5.3.yml delete mode 100644 stack/elastic/kibana.7.4.yml delete mode 100644 stack/elastic/kibana.latest.yml delete mode 100644 stack/elastic/kibana.local.yml delete mode 100644 stack/elastic/kibana.yml delete mode 100644 stack/grafana/.env.dist delete mode 100644 stack/grafana/grafana.yml delete mode 100644 stack/ipfs.mk delete mode 100644 stack/ipfs/.env.dist delete mode 100644 stack/ipfs/ipfs.yml delete mode 100644 stack/logs.mk delete mode 100644 stack/memcached/memcached.yml delete mode 100644 stack/monitoring.mk delete mode 100644 stack/mysql/.env.dist delete mode 100644 stack/mysql/mysql.5.6.yml delete mode 100644 stack/mysql/mysql.dev.yml delete mode 100644 stack/mysql/mysql.latest.yml delete mode 100644 stack/mysql/mysql.local.yml delete mode 100644 stack/mysql/mysql.yml delete mode 100644 stack/newrelic.mk delete mode 100644 stack/newrelic/php-daemon.yml delete mode 100644 stack/nginx/.env.dist delete mode 100644 stack/nginx/static.yml delete mode 100644 stack/node.mk delete mode 100644 stack/node/.env.dist delete mode 100644 stack/node/backup/.env.dist delete mode 100644 stack/node/backup/restic.yml delete mode 100644 stack/node/exporter/.env.dist delete mode 100644 stack/node/exporter/exporter.yml delete mode 100644 stack/node/ipfs/.env.dist delete mode 100644 stack/node/ipfs/ipfs.yml delete mode 100644 stack/node/mail/.env.dist delete mode 100644 stack/node/mail/mailserver.yml delete mode 100644 stack/node/node.yml delete mode 100644 stack/node/pdns/pdns-recursor.yml delete mode 100644 stack/node/portainer/.env.dist delete mode 100644 stack/node/portainer/portainer.yml delete mode 100644 stack/node/vsftpd/.env.dist delete mode 100644 stack/node/vsftpd/vsftpd-s3.yml delete mode 100644 stack/portainer/.env.dist delete mode 100644 stack/portainer/portainer.yml delete mode 100644 stack/postgres/.env.dist delete mode 100644 stack/postgres/postgres.9.6.yml delete mode 100644 stack/postgres/postgres.dev.yml delete mode 100644 stack/postgres/postgres.latest.yml delete mode 100644 stack/postgres/postgres.local.yml delete mode 100644 stack/postgres/postgres.yml delete mode 100644 stack/prometheus/.env.dist delete mode 100644 stack/prometheus/alertmanager.yml delete mode 100644 stack/prometheus/blackbox-exporter.yml delete mode 100644 stack/prometheus/es-exporter.yml delete mode 100644 stack/prometheus/prometheus.yml delete mode 100644 stack/rabbitmq/.env.dist delete mode 100644 stack/rabbitmq/rabbitmq.yml delete mode 100644 stack/redis/redis.yml delete mode 100644 stack/redmine/.env.dist delete mode 100644 stack/redmine/redmine.3.4.yml delete mode 100644 stack/redmine/redmine.4.0.yml delete mode 100644 stack/redmine/redmine.latest.yml delete mode 100644 stack/redmine/redmine.yml delete mode 100644 stack/redmine/redmine3.yml delete mode 100644 stack/sematext/logagent.yml delete mode 100644 stack/testing.mk delete mode 100644 stack/theia/.env.dist delete mode 100644 stack/theia/theia.yml delete mode 100644 stack/x2go/.env.dist delete mode 100644 stack/x2go/xfce_debian.yml delete mode 100644 stack/zen.mk delete mode 100644 stack/zen/.env.dist delete mode 100644 stack/zen/zen.yml delete mode 100644 terraform/def.terraform.mk delete mode 100644 terraform/terraform.mk diff --git a/.env.dist b/.env.dist index c0cf88e..1bef99d 100644 --- a/.env.dist +++ b/.env.dist @@ -1,5 +1,3 @@ -APP_NAME=myos -APP_TYPE=myos DOMAIN=localhost ENV=local STACK= diff --git a/CHANGELOG.md b/CHANGELOG.md index 58dc7f7..cc93e78 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # CHANGELOG +## v0.9 - 2022-11-11 + +* split make files in `myos` project and install files in `yaip` project + ## v0.1-beta - 2022-06-30 Beta release, welcome ipfs diff --git a/Makefile b/Makefile index 569de5a..95fd6c5 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,12 @@ -include make/include.mk +MYOS ?= ../myos +MYOS_REPOSITORY ?= https://github.com/aynicos/myos +$(MYOS): + -@git clone $(MYOS_REPOSITORY) $(MYOS) +-include $(MYOS)/make/include.mk ## # APP -app-bootstrap: bootstrap-docker - app-build: user install-build-config $(call make,docker-compose-build docker-compose-up) $(foreach service,$(or $(SERVICE),$(SERVICES)),$(call make,app-build-$(service))) @@ -21,14 +23,3 @@ app-update-default: ENV_FILE := /etc/default/myos app-update-default: .env-update; app-tests: ansible-tests - -## -# BOOTSTRAP - -# target bootstrap-docker: Install and configure docker -.PHONY: bootstrap-docker -bootstrap-docker: install-bin-docker setup-docker-group setup-binfmt setup-nfsd setup-sysctl - -# target bootstrap-stack: Call bootstrap target of each stack -.PHONY: bootstrap-stack -bootstrap-stack: docker-network-create $(foreach stack,$(STACK),bootstrap-stack-$(stack)) diff --git a/README.md b/README.md index 55efcb6..247cc65 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# myos - Make Your Own Stack +# yaip - Yet Another IPFS Project Docker paas based on docker compose files. diff --git a/ansible/ansible.mk b/ansible/ansible.mk deleted file mode 100644 index 0519633..0000000 --- a/ansible/ansible.mk +++ /dev/null @@ -1,37 +0,0 @@ -# target ansible: Fire docker-build-ansible, Call ansible ANSIBLE_ARGS ARGS or ansible-run target -.PHONY: ansible -ansible: $(if $(ANSIBLE_DOCKER_RUN),docker-build-ansible,install-ansible) - $(call ansible,$(ANSIBLE_ARGS) $(ARGS)) - -# target ansible-playbook: Call ansible-playbook ANSIBLE_ARGS ARGS -.PHONY: ansible-playbook -ansible-playbook: $(if $(ANSIBLE_DOCKER_RUN),docker-build-ansible,install-ansible) - $(call ansible-playbook,$(ANSIBLE_ARGS) $(ARGS)) - -# target ansible-pull: Call ansible-pull ANSIBLE_GIT_REPOSITORY ANSIBLE_PLAYBOOK -.PHONY: ansible-pull -ansible-pull: install-ansible - $(call ansible-pull,--url $(ANSIBLE_GIT_REPOSITORY) $(if $(ANSIBLE_GIT_KEY_FILE),--key-file $(ANSIBLE_GIT_KEY_FILE)) $(if $(ANSIBLE_GIT_VERSION),--checkout $(ANSIBLE_GIT_VERSION)) $(if $(ANSIBLE_GIT_DIRECTORY),--directory $(ANSIBLE_GIT_DIRECTORY)) $(if $(ANSIBLE_TAGS),--tags $(ANSIBLE_TAGS)) $(if $(ANSIBLE_EXTRA_VARS),--extra-vars '$(ANSIBLE_EXTRA_VARS)') $(if $(findstring true,$(FORCE)),--force) $(if $(findstring true,$(DRYRUN)),--check) --full $(if $(ANSIBLE_INVENTORY),--inventory $(ANSIBLE_INVENTORY)) $(ANSIBLE_PLAYBOOK)) - -# target ansible-pull@%: Fire ssh-get-PrivateIpAddress-% for SERVER_NAME, Call ssh-exec make ansible-pull DOCKER_IMAGE_TAG -.PHONY: ansible-pull@% -ansible-pull@%: ssh-get-PrivateIpAddress-$(SERVER_NAME) - $(call ssh-exec,$(AWS_INSTANCE_IP),make ansible-pull ANSIBLE_DOCKER_IMAGE_TAG=$(ANSIBLE_DOCKER_IMAGE_TAG) ANSIBLE_TAGS=$(ANSIBLE_TAGS) FORCE=$(FORCE)) - -# target ansible-run: Fire ssh-add ansible-run-localhost -.PHONY: ansible-run -ansible-run: ansible-run-localhost - -# target ansible-run-%: Fire docker-build-ansible, Call ansible-playbook ANSIBLE_PLAYBOOK -.PHONY: ansible-run-% -ansible-run-%: $(if $(ANSIBLE_DOCKER_RUN),docker-build-ansible,install-ansible) - $(call ansible-playbook,$(if $(ANSIBLE_TAGS),--tags $(ANSIBLE_TAGS)) $(if $(ANSIBLE_EXTRA_VARS),--extra-vars '$(patsubst target=localhost,target=$*,$(ANSIBLE_EXTRA_VARS))') $(if $(findstring true,$(DRYRUN)),--check) $(if $(ANSIBLE_INVENTORY),--inventory $(ANSIBLE_INVENTORY)) $(ANSIBLE_PLAYBOOK)) - -# target ansible-tests: Fire ssh-add ansible-tests-localhost -.PHONY: ansible-tests -ansible-tests: ansible-tests-localhost - -# target ansible-tests-%: Fire docker-run-% with ANSIBLE_PLAYBOOK ansible/roles/*/tests/playbook.yml -.PHONY: ansible-tests-% -ansible-tests-%: ANSIBLE_PLAYBOOK := $(wildcard ansible/roles/*/tests/playbook.yml) -ansible-tests-%: ansible-run-%; diff --git a/ansible/def.ansible.mk b/ansible/def.ansible.mk deleted file mode 100644 index 019bbfb..0000000 --- a/ansible/def.ansible.mk +++ /dev/null @@ -1,61 +0,0 @@ -ANSIBLE_APP_NAME ?= myos -ANSIBLE_APP_TYPE ?= myos -ANSIBLE_ARGS ?= $(if $(filter-out 0,$(UID)),$(if $(shell sudo -l 2>/dev/null |grep 'NOPASSWD: ALL'),,--ask-become-pass))$(if $(DOCKER_RUN),$(if $(shell ssh-add -l >/dev/null 2>&1 || echo false), --ask-pass)) -ANSIBLE_AWS_ACCESS_KEY_ID ?= $(AWS_ACCESS_KEY_ID) -ANSIBLE_AWS_DEFAULT_OUTPUT ?= $(AWS_DEFAULT_OUTPUT) -ANSIBLE_AWS_DEFAULT_REGION ?= $(AWS_DEFAULT_REGION) -ANSIBLE_AWS_SECRET_ACCESS_KEY ?= $(AWS_SECRET_ACCESS_KEY) -ANSIBLE_CONFIG ?= ansible/ansible.cfg -ANSIBLE_DISKS_NFS_DISK ?= $(NFS_DISK) -ANSIBLE_DISKS_NFS_OPTIONS ?= $(NFS_OPTIONS) -ANSIBLE_DISKS_NFS_PATH ?= $(NFS_PATH) -# running ansible in docker requires sshd running on localhost, -# to allow ansible to escape docker and apply changes to localhost -ANSIBLE_DOCKER ?= false -ANSIBLE_DOCKER_RUN ?= $(if $(filter-out false False FALSE,$(ANSIBLE_DOCKER)),$(ANSIBLE_DOCKER)) -ANSIBLE_DOCKER_IMAGE_TAG ?= $(DOCKER_IMAGE_TAG) -ANSIBLE_DOCKER_REGISTRY ?= $(DOCKER_REGISTRY) -ANSIBLE_EXTRA_VARS ?= target=localhost -ANSIBLE_GIT_DIRECTORY ?= /dns/$(subst $(space),/,$(strip $(call reverse,$(subst ., ,$(APP_REPOSITORY_HOST)))))/$(APP_REPOSITORY_PATH) -ANSIBLE_GIT_KEY_FILE ?= $(if $(ANSIBLE_SSH_PRIVATE_KEYS),~$(ANSIBLE_USERNAME)/.ssh/$(notdir $(firstword $(ANSIBLE_SSH_PRIVATE_KEYS)))) -ANSIBLE_GIT_REPOSITORY ?= $(GIT_REPOSITORY) -ANSIBLE_GIT_VERSION ?= $(BRANCH) -ANSIBLE_INVENTORY ?= ansible/inventories -ANSIBLE_MYOS ?= $(ANSIBLE_GIT_DIRECTORY) -ANSIBLE_PLAYBOOK ?= ansible/playbook.yml -ANSIBLE_SSH_AUTHORIZED_KEYS ?= $(strip $(SSH_AUTHORIZED_KEYS)) -ANSIBLE_SSH_BASTION_HOSTNAME ?= $(firstword $(SSH_BASTION_HOSTNAME)) -ANSIBLE_SSH_BASTION_USERNAME ?= $(firstword $(SSH_BASTION_USERNAME)) -ANSIBLE_SSH_PRIVATE_IP_RANGE ?= $(strip $(SSH_PRIVATE_IP_RANGE)) -ANSIBLE_SSH_PRIVATE_KEYS ?= $(if $(ANSIBLE_SSH_PRIVATE_KEYS_ENABLE),$(strip $(SSH_PRIVATE_KEYS))) -ANSIBLE_SSH_PRIVATE_KEYS_ENABLE ?= -ANSIBLE_SSH_PUBLIC_HOSTS ?= $(strip $(SSH_PUBLIC_HOSTS)) -ANSIBLE_SSH_USERNAME ?= $(firstword $(SSH_USER)) -ANSIBLE_SERVER_NAME ?= $(SERVER_NAME) -ANSIBLE_USERNAME ?= $(USER) -ANSIBLE_VERBOSE ?= $(if $(DEBUG),-vvvv,$(if $(VERBOSE),-v)) -CMDS += ansible ansible-playbook -DOCKER_RUN_OPTIONS_ANSIBLE ?= -it $(if $(DOCKER_INTERNAL_DOCKER_HOST),--add-host=host.docker.internal:$(DOCKER_INTERNAL_DOCKER_HOST)) -ENV_VARS += ANSIBLE_APP_NAME ANSIBLE_APP_TYPE ANSIBLE_AWS_ACCESS_KEY_ID ANSIBLE_AWS_DEFAULT_OUTPUT ANSIBLE_AWS_DEFAULT_REGION ANSIBLE_AWS_SECRET_ACCESS_KEY ANSIBLE_CONFIG ANSIBLE_DISKS_NFS_DISK ANSIBLE_DISKS_NFS_OPTIONS ANSIBLE_DISKS_NFS_PATH ANSIBLE_DOCKER_IMAGE_TAG ANSIBLE_DOCKER_REGISTRY ANSIBLE_EXTRA_VARS ANSIBLE_GIT_DIRECTORY ANSIBLE_GIT_KEY_FILE ANSIBLE_GIT_REPOSITORY ANSIBLE_GIT_VERSION ANSIBLE_INVENTORY ANSIBLE_MYOS ANSIBLE_PLAYBOOK ANSIBLE_SSH_AUTHORIZED_KEYS ANSIBLE_SSH_BASTION_HOSTNAME ANSIBLE_SSH_BASTION_USERNAME ANSIBLE_SSH_PRIVATE_IP_RANGE ANSIBLE_SSH_PRIVATE_KEYS ANSIBLE_SSH_PUBLIC_HOSTS ANSIBLE_SSH_USERNAME ANSIBLE_USERNAME ANSIBLE_VERBOSE - -# function ansible: Call run ansible ANSIBLE_ARGS with arg 1 -define ansible - $(call INFO,ansible,$(1)) - $(RUN) $(call $(if $(ANSIBLE_DOCKER_RUN),run,env-run),$(if $(ANSIBLE_DOCKER_RUN),,$(RUN) )ansible $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(if $(ANSIBLE_DOCKER_RUN),-i $(ANSIBLE_INVENTORY)/.host.docker.internal) $(1),$(DOCKER_RUN_OPTIONS_ANSIBLE) $(DOCKER_REPOSITORY)/) -endef -# function ansible-playbook: Call run ansible-playbook ANSIBLE_ARGS with arg 1 -define ansible-playbook - $(call INFO,ansible-playbook,$(1)) - $(RUN) $(call $(if $(ANSIBLE_DOCKER_RUN),run,env-run),$(if $(ANSIBLE_DOCKER_RUN),,$(RUN) )ansible$(if $(ANSIBLE_DOCKER_RUN),,-playbook) $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(if $(ANSIBLE_DOCKER_RUN),-i $(ANSIBLE_INVENTORY)/.host.docker.internal) $(1),$(DOCKER_RUN_OPTIONS_ANSIBLE) --entrypoint=ansible-playbook $(DOCKER_REPOSITORY)/) -endef -# function ansible-pull: Call run ansible-pull ANSIBLE_ARGS with arg 1 -define ansible-pull - $(call INFO,ansible-pull,$(1)) - $(call $(if $(ANSIBLE_DOCKER_RUN),run,env-run),$(if $(ANSIBLE_DOCKER_RUN),,$(RUN) )ansible-pull $(ANSIBLE_ARGS) $(ANSIBLE_VERBOSE) $(1)) -endef -# function ansible-user-add-groups: Call ansible to add user 1 in groups 2 -define ansible-user-add-groups - $(call INFO,ansible-user-add-groups,$(1)$(comma) $(2)) - $(if $(ANSIBLE_DOCKER_RUN),$(call make,docker-build-ansible),$(call make,install-ansible)) - $(call ansible,-b -m user -a 'name=$(1) groups=$(2) append=yes' localhost) -endef diff --git a/ansible/install.mk b/ansible/install.mk deleted file mode 100644 index 26ad8b3..0000000 --- a/ansible/install.mk +++ /dev/null @@ -1,8 +0,0 @@ -## -# INSTALL - -# target install-ansible; Install ansible on local host -.PHONY: install-ansible -install-ansible: - $(if $(shell type -p ansible),,$(RUN) $(INSTALL) ansible) - diff --git a/aws/aws.mk b/aws/aws.mk deleted file mode 100644 index 5aa9a78..0000000 --- a/aws/aws.mk +++ /dev/null @@ -1,203 +0,0 @@ -# target aws: Fire docker-build-aws, Call aws ARGS -.PHONY: aws -aws: $(if $(DOCKER_RUN),docker-build-aws) - $(call aws,$(ARGS)) - -# target aws-deploy: Call aws deploy create-deployment with application-name CODEDEPLOY_APP_NAME -.PHONY: aws-deploy -aws-deploy: - $(call aws,deploy create-deployment \ - --application-name $(CODEDEPLOY_APP_NAME) \ - --deployment-config-name $(CODEDEPLOY_DEPLOYMENT_CONFIG) \ - --deployment-group-name $(CODEDEPLOY_DEPLOYMENT_GROUP) \ - --description "$(CODEDEPLOY_DESCRIPTION)" \ - --github-location repository=$(CODEDEPLOY_GITHUB_REPO)$(comma)commitId=$(CODEDEPLOY_GITHUB_COMMIT_ID)) - -# target aws-docker-login: Fire aws-ecr-get-login -.PHONY: aws-docker-login -aws-docker-login: aws-ecr-get-login - -# target aws-ecr-get-login: Call aws ecr get-login -.PHONY: aws-ecr-get-login -aws-ecr-get-login: - $(eval IGNORE_DRYRUN := true) - $(eval docker_login := $(shell $(call aws,ecr get-login --no-include-email --region $(AWS_DEFAULT_REGION)))) - $(eval IGNORE_DRYRUN := FALSE) - $(RUN) $(docker_login) - -# target aws-iam-create-role-%: Call aws iam create-role with role-name % and role-policy file aws/policies/%-trust.json -.PHONY: aws-iam-create-role-% -aws-iam-create-role-%: user docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval json := $(shell $(call exec,sh -c 'envsubst < aws/policies/$*-trust.json'))) - $(eval IGNORE_DRYRUN := false) - $(call aws,iam create-role --role-name $* --assume-role-policy-document '$(json)') - -# target aws-iam-put-role-policy-%: Call aws iam put-role-policy with policy-name % and policy-document file aws/policies/%.json -.PHONY: aws-iam-put-role-policy-% -aws-iam-put-role-policy-%: user docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval json := $(shell $(call exec,sh -c 'envsubst < aws/policies/$*.json'))) - $(eval IGNORE_DRYRUN := false) - $(call aws,iam put-role-policy --role-name $* --policy-name $* --policy-document '$(json)') - -# target aws-role-create-import-image: Fire aws-iam-create-role-% aws-iam-put-role-policy-% for AWS_VM_IMPORT_ROLE_NAME -.PHONY: aws-role-create-import-image -aws-role-create-import-image: aws-iam-create-role-$(AWS_VM_IMPORT_ROLE_NAME) aws-iam-put-role-policy-$(AWS_VM_IMPORT_ROLE_NAME) - -# target aws-s3-check-upload: Fire aws-s3api-get-head-object-etag, Eval upload=false if remote s3 file already exists -.PHONY: aws-s3-check-upload -aws-s3-check-upload: docker-build-aws aws-s3api-get-head-object-etag - $(eval upload := true) - $(eval IGNORE_DRYRUN := true) - $(if $(AWS_S3_KEY_ETAG),$(if $(filter $(AWS_S3_KEY_ETAG),"$(shell cat $(PACKER_ISO_INFO) |awk '$$1 == "etag:" {print $$2}' 2>/dev/null)"),$(eval upload := false))) - $(eval IGNORE_DRYRUN := false) - -# target aws-s3-cp: Fire aws-s3-check-upload, Call aws s3 cp PACKER_ISO_FILE s3://AWS_S3_BUCKET/AWS_S3_KEY, Call aws-s3-etag-save target -.PHONY: aws-s3-cp -aws-s3-cp: docker-build-aws $(PACKER_ISO_FILE) aws-s3-check-upload - $(if $(filter $(upload),true),$(call aws,s3 cp $(PACKER_ISO_FILE) s3://$(AWS_S3_BUCKET)/$(AWS_S3_KEY)) $(call make,aws-s3-etag-save)) - -# target aws-s3-etag-save: Fire aws-s3api-get-head-object-etag, Add line 'etag: AWS_S3_KEY_TAG' to file PACKER_ISO_INFO -.PHONY: aws-s3-etag-save -aws-s3-etag-save: docker-build-aws aws-s3api-get-head-object-etag - echo "etag: $(AWS_S3_KEY_ETAG)" >> $(PACKER_ISO_INFO) - -# target aws-s3api-get-head-object-etag: Eval AWS_S3_KEY_ETAG, Echo 'ETag: AWS_S3_KEY_ETAG' -.PHONY: aws-s3api-get-head-object-etag -aws-s3api-get-head-object-etag: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_S3_KEY_ETAG := $(shell $(call aws,s3api head-object --bucket $(AWS_S3_BUCKET) --key $(AWS_S3_KEY) --output text --query ETag) |grep -v 'operation: Not Found' 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo ETag: $(AWS_S3_KEY_ETAG) - -# target aws-s3api-get-head-object-lastmodified: Eval AWS_S3_KEY_DATE, Echo 'LastModified: AWS_S3_KEY_DATE' -.PHONY: aws-s3api-get-head-object-lastmodified -aws-s3api-get-head-object-lastmodified: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_S3_KEY_DATE := $(shell $(call aws,s3api head-object --bucket $(AWS_S3_BUCKET) --key $(AWS_S3_KEY) --output text --query LastModified) |grep -v 'operation: Not Found' 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo LastModified: $(AWS_S3_KEY_DATE) - -# target aws-ec2-import-snapshot: Call aws ec2 import-snapshot with S3Bucket AWS_S3_BUCKET and S3Key AWS_S3_KEY -.PHONY: aws-ec2-import-snapshot -aws-ec2-import-snapshot: user docker-build-aws aws-s3api-get-head-object-etag aws-s3api-get-head-object-lastmodified - $(eval IGNORE_DRYRUN := true) - $(eval json := $(shell $(call exec,sh -c 'envsubst < aws/import-snapshot.json'))) - $(eval IGNORE_DRYRUN := false) - $(eval AWS_TASK_ID := $(shell $(call aws,ec2 import-snapshot --description '$(AWS_SNAP_DESCRIPTION)' --output text --query ImportTaskId --disk-container '$(json)'))) - echo ImportTaskId: $(AWS_TASK_ID) - -# target aws-ec2-describe-import-snapshot-tasks-%: Call aws ec2 describe-import-snapshot-tasks with import-task-id % -.PHONY: aws-ec2-describe-import-snapshot-tasks-% -aws-ec2-describe-import-snapshot-tasks-%: docker-build-aws - $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $*) - -# target aws-ec2-describe-import-snapshot-tasks: Call aws ec2 describe-import-snapshots-tasks -.PHONY: aws-ec2-describe-import-snapshot-tasks -aws-ec2-describe-import-snapshot-tasks: docker-build-aws - $(call aws,ec2 describe-import-snapshot-tasks) - -# target aws-ec2-describe-instances-PrivateIpAddress: Call aws ec2 describe-instances, Print list of PrivateIpAddress -.PHONY: aws-ec2-describe-instances-PrivateIpAddress -aws-ec2-describe-instances-PrivateIpAddress: docker-build-aws - $(call aws,ec2 describe-instances --no-paginate --query 'Reservations[*].Instances[*].[Tags[?Key==`Name`].Value$(comma)PrivateIpAddress]' --output text) |sed '$$!N;s/\r\n/ /' |awk 'BEGIN {printf "%-24s%s\r\n"$(comma)"PrivateIpAddress"$(comma)"Name"}; $$1 != "None" {printf "%-24s%s\n"$(comma)$$1$(comma)$$2}' - -# target aws-ec2-describe-instances-PrivateIpAddress-%: Call aws ec2 describe-instances, Print list of PrivateIpAddress for Name matching % -.PHONY: aws-ec2-describe-instances-PrivateIpAddress-% -aws-ec2-describe-instances-PrivateIpAddress-%: docker-build-aws - $(call aws,ec2 describe-instances --no-paginate --query 'Reservations[*].Instances[*].[Tags[?Key==`Name`].Value$(comma)PrivateIpAddress]' --output text) |sed '$$!N;s/\r\n/ /' |awk 'BEGIN {printf "%-24s%s\r\n"$(comma)"PrivateIpAddress"$(comma)"Name"}; $$1 != "None" && $$2 ~ /$*/ {printf "%-24s%s\n"$(comma)$$1$(comma)$$2}' - -# target aws-ec2-get-instances-PrivateIpAddress: Eval AWS_INSTANCE_IP, Echo 'PrivateIpAddress: AWS_INSTANCE_IP' -.PHONY: aws-ec2-get-instances-PrivateIpAddress -aws-ec2-get-instances-PrivateIpAddress: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_INSTANCE_IP := $(shell $(call aws,ec2 describe-instances --no-paginate --query 'Reservations[*].Instances[*].PrivateIpAddress' --output text) 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo PrivateIpAddress: $(AWS_INSTANCE_IP) - -# target aws-ec2-get-instances-PrivateIpAddress-%: Eval AWS_INSTANCE_IP with Name matching %, Echo 'PrivateIpAddress: AWS_INSTANCE_IP' -.PHONY: aws-ec2-get-instances-PrivateIpAddress-% -aws-ec2-get-instances-PrivateIpAddress-%: - $(eval IGNORE_DRYRUN := true) - $(eval AWS_INSTANCE_IP := $(shell $(call aws,ec2 describe-instances --no-paginate --filter 'Name=tag:Name$(comma)Values=$**' --query 'Reservations[*].Instances[*].PrivateIpAddress' --output text) 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo PrivateIpAddress: $(AWS_INSTANCE_IP) - -# target aws-ec2-get-import-snapshot-tasks-id: Fire aws-ec2-get-import-snapshot-tasks-id-% for AWS_TASK_ID -.PHONY: aws-ec2-get-import-snapshot-tasks-id -aws-ec2-get-import-snapshot-tasks-id: aws-ec2-get-import-snapshot-tasks-id-$(AWS_TASK_ID) - -# target aws-ec2-get-import-snapshot-tasks-id-%: Eval AWS_SNAP_IP with import-task-ids %, Echo 'SnapshotId: AWS_SNAP_IP' -.PHONY: aws-ec2-get-import-snapshot-tasks-id-% -aws-ec2-get-import-snapshot-tasks-id-%: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_SNAP_ID := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.SnapshotId) 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo SnapshotId: $(AWS_SNAP_ID) - -# target aws-ec2-get-import-snapshot-tasks-message-%: Eval AWS_SNAP_MESSAGE with import-task-ids %, Echo 'StatusMessage: AWS_SNAP_MESSAGE' -.PHONY: aws-ec2-get-import-snapshot-tasks-message-% -aws-ec2-get-import-snapshot-tasks-message-%: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_SNAP_MESSAGE := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.StatusMessage) 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo StatusMessage: $(AWS_SNAP_MESSAGE) - -# target aws-ec2-get-import-snapshot-tasks-progress-%: Eval AWS_SNAP_PROGRESS with import-task-ids %, Echo 'Progress: AWS_SNAP_PROGRESS' -.PHONY: aws-ec2-get-import-snapshot-tasks-progress-% -aws-ec2-get-import-snapshot-tasks-progress-%: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_SNAP_PROGRESS := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.Progress) 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo Progress: $(AWS_SNAP_PROGRESS) - -# target aws-ec2-get-import-snapshot-tasks-size-%: Eval AWS_SNAP_SIZE with import-task-ids %, Echo 'DiskImageSize: AWS_SNAP_SIZE' -.PHONY: aws-ec2-get-import-snapshot-tasks-size-% -aws-ec2-get-import-snapshot-tasks-size-%: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_SNAP_SIZE := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.DiskImageSize) 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo DiskImageSize: $(AWS_SNAP_SIZE) - -# target aws-ec2-get-import-snapshot-tasks-status-%: Eval AWS_SNAP_STATUS with import-task-ids %, Echo 'Status: AWS_SNAP_STATUS' -.PHONY: aws-ec2-get-import-snapshot-tasks-status-% -aws-ec2-get-import-snapshot-tasks-status-%: docker-build-aws - $(eval IGNORE_DRYRUN := true) - $(eval AWS_SNAP_STATUS := $(shell $(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.Status) 2>/dev/null)) - $(eval IGNORE_DRYRUN := false) - echo Status: $(AWS_SNAP_STATUS) - -# target aws-ec2-wait-import-snapshot-tasks-status-completed: Fire aws-ec2-wait-import-snapshot-tasks-status-completed-% for AWS_TASK_ID -.PHONY: aws-ec2-wait-import-snapshot-tasks-status-completed -aws-ec2-wait-import-snapshot-tasks-status-completed: aws-ec2-wait-import-snapshot-tasks-status-completed-$(AWS_TASK_ID) - -# target aws-ec2-wait-import-snapshot-tasks-status-completed-%: Wait SnapshotTaskDetail.Status=completed for import-task-ids % -.PHONY: aws-ec2-wait-import-snapshot-tasks-status-completed-% -aws-ec2-wait-import-snapshot-tasks-status-completed-%: docker-build-aws - while [ `$(call aws,ec2 describe-import-snapshot-tasks --import-task-ids $* --output text --query ImportSnapshotTasks[0].SnapshotTaskDetail.Status)` != "completed$$(printf '\r')" ]; \ - do \ - count=$$(( $${count:-0}+1 )); \ - [ "$${count}" -eq 99 ] && exit 1; \ - sleep 10; \ - done - -# target aws-ec2-wait-snapshot-completed-%: Call ec2 wait snapshot-completed with shapshot-ids % -.PHONY: aws-ec2-wait-snapshot-completed-% -aws-ec2-wait-snapshot-completed-%: docker-build-aws - $(call aws,ec2 wait snapshot-completed --snapshot-ids $* --output text) - -# target aws-ec2-register-image: Fire aws-ec2-get-import-snapshot-tasks-id, Eval AWS_AMI_ID with Name AWS_AMI_NAME, Echo 'ImageId: AWS_AMI_ID' -.PHONY: aws-ec2-register-image -aws-ec2-register-image: user docker-build-aws aws-ec2-get-import-snapshot-tasks-id - $(eval IGNORE_DRYRUN := true) - $(eval json := $(shell $(call exec,sh -c 'envsubst < aws/register-image-device-mappings.json'))) - $(eval IGNORE_DRYRUN := false) - $(eval AWS_AMI_ID := $(shell $(call aws,ec2 register-image --name '$(AWS_AMI_NAME)' --description '$(AWS_AMI_DESCRIPTION)' --architecture x86_64 --root-device-name /dev/sda1 --virtualization-type hvm --block-device-mappings '$(json)') 2>/dev/null)) - echo ImageId: $(AWS_AMI_ID) - -# target aws-ami: Fire aws-s3-cp aws-ec2-import-snapshot, Call aws-ec2-wait-import-snapshot-tasks-status-completed target, Call aws-ec2-register-image target -.PHONY: aws-ami -aws-ami: aws-s3-cp aws-ec2-import-snapshot - $(call make,aws-ec2-wait-import-snapshot-tasks-status-completed,,AWS_TASK_ID) - $(call make,aws-ec2-register-image,,AWS_TASK_ID) diff --git a/aws/def.aws.mk b/aws/def.aws.mk deleted file mode 100644 index a248060..0000000 --- a/aws/def.aws.mk +++ /dev/null @@ -1,23 +0,0 @@ -AWS_ACCESS_KEY_ID := $(if $(AWS_CREDENTIALS),$(shell $(call conf,$(AWS_CREDENTIALS),$(or $(AWS_PROFILE),default),aws_access_key_id))) -AWS_AMI_DESCRIPTION ?= $(AWS_SERVICE_VERSION) -AWS_AMI_NAME ?= $(AWS_SERVICE_NAME)-$(AWS_S3_FILENAME) -AWS_CREDENTIALS ?= $(wildcard $(HOME)/.aws/credentials) -AWS_DEFAULT_REGION ?= eu-west-1 -AWS_DEFAULT_OUTPUT ?= text -AWS_INSTANCE_ID ?= $(shell timeout 0.1 curl -s http://169.254.169.254/latest/meta-data/instance-id 2>/dev/null) -AWS_VM_IMPORT_ROLE_NAME ?= vmimport -AWS_S3_BUCKET ?= $(AWS_SERVICE_NAME) -AWS_S3_FILENAME ?= $(PACKER_ISO_NAME) -AWS_S3_KEY ?= $(PACKER_ISO_FILE) -AWS_SECRET_ACCESS_KEY := $(if $(AWS_CREDENTIALS),$(shell $(call conf,$(AWS_CREDENTIALS),$(or $(AWS_PROFILE),default),aws_secret_access_key))) -AWS_SERVICE_NAME ?= $(COMPOSE_SERVICE_NAME) -AWS_SERVICE_VERSION ?= $(BUILD_DATE)-$(VERSION) -AWS_SNAP_DESCRIPTION ?= $(AWS_SERVICE_NAME)-$(AWS_SERVICE_VERSION)-$(AWS_S3_FILENAME) -CMDS += aws -DOCKER_RUN_VOLUME += -v $(HOME)/.aws:/home/$(USER)/.aws -ENV_VARS += AWS_ACCESS_KEY_ID AWS_AMI_DESCRIPTION AWS_AMI_NAME AWS_DEFAULT_OUTPUT AWS_DEFAULT_REGION AWS_INSTANCE_ID AWS_PROFILE AWS_S3_BUCKET AWS_S3_KEY AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_SNAP_DESCRIPTION AWS_SNAP_ID - -# function aws: Call run aws with arg 1 -define aws - $(RUN) $(call run,aws $(1),$(DOCKER_REPOSITORY)/) -endef diff --git a/docker/ansible/Dockerfile b/docker/ansible/Dockerfile deleted file mode 100644 index 2318e1e..0000000 --- a/docker/ansible/Dockerfile +++ /dev/null @@ -1,42 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os - -RUN apk --no-cache add \ - ansible \ - py3-pip \ - && pip3 install boto - -RUN apk --no-cache upgrade - -ENTRYPOINT ["/usr/bin/ansible"] -CMD ["--help"] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a numeric UID -RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \ - echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -USER $USER diff --git a/docker/aws/Dockerfile b/docker/aws/Dockerfile deleted file mode 100644 index 8c16dfe..0000000 --- a/docker/aws/Dockerfile +++ /dev/null @@ -1,43 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os - -RUN apk --no-cache add \ - groff \ - less \ - py-pip3 \ - && pip3 install awscli - -RUN apk --no-cache upgrade - -ENTRYPOINT ["/usr/bin/aws"] -CMD ["help"] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a numeric UID -RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \ - echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -USER $USER diff --git a/docker/certbot/Dockerfile b/docker/certbot/Dockerfile deleted file mode 100644 index c4dc47f..0000000 --- a/docker/certbot/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# FROM certbot/certbot:latest as dist -FROM python:3.8-alpine as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -# RUN pip install \ -RUN apk --no-cache add --virtual .build-deps \ - build-base \ - libffi-dev \ - && pip install \ - certbot \ - certbot-dns-azure \ -# certbot-dns-bunny \ -# certbot-dns-clouddns \ - certbot-dns-cloudflare \ -# certbot-dns-cloudxns \ - certbot-dns-digitalocean \ -# certbot-dns-dnsmadeeasy \ -# certbot-dns-dnsimple \ -# certbot-dns-gehirn \ -# certbot-dns-godaddy \ - certbot-dns-google \ - certbot-dns-infomaniak \ -# certbot-dns-inwx \ - certbot-dns-ispconfig \ -# certbot-dns-lightsail \ - certbot-dns-linode \ -# certbot-dns-luadns \ -# certbot-dns-njalla \ -# certbot-dns-nsone \ - certbot-dns-ovh \ - certbot-dns-rfc2136 \ - certbot-dns-route53 \ -# certbot-dns-sakuracloud \ - certbot-dns-standalone \ -# certbot-dns-yandexcloud \ -# certbot-ext-auth future \ - certbot-plugin-gandi \ - certbot-s3front \ -# certbot_dns_duckdns \ -# certbot_dns_porkbun \ -# letsencrypt-pritunl \ -# letsencrypt-proxmox \ - && apk del .build-deps - -COPY ${DOCKER_BUILD_DIR}/certbot-renew /etc/periodic/daily/ -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh -ENTRYPOINT ["/docker-entrypoint.sh"] -CMD ["--help"] - -FROM dist as master diff --git a/docker/certbot/certbot-renew b/docker/certbot/certbot-renew deleted file mode 100755 index 1b1c550..0000000 --- a/docker/certbot/certbot-renew +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -mkdir -p /etc/letsencrypt/renewal -/usr/local/bin/certbot renew > /etc/letsencrypt/renewal/letsencrypt.log diff --git a/docker/certbot/docker-entrypoint.sh b/docker/certbot/docker-entrypoint.sh deleted file mode 100755 index 4b07039..0000000 --- a/docker/certbot/docker-entrypoint.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/env sh -set -euo errexit - -[ -n "${DEBUG:-}" -a "${DEBUG:-}" != "false" ] && set -x - -case "${1:-start}" in - - start) - exec /usr/sbin/crond -f -L/dev/stdout - ;; - - *) - exec /usr/local/bin/certbot "$@" - ;; - -esac diff --git a/docker/compose/Dockerfile b/docker/compose/Dockerfile deleted file mode 100644 index d20abe4..0000000 --- a/docker/compose/Dockerfile +++ /dev/null @@ -1,20 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -ARG COMPOSE_REMOTE=https://github.com/docker/compose -ARG COMPOSE_VERSION=2.5.0 -ARG SYSTEM=Linux -ARG MACHINE=x86_64 - -RUN apk update \ - && apk add --no-cache ca-certificates \ - && OS="$(echo ${SYSTEM} |awk '{print tolower($0)}')"; \ - ARCH="$(echo ${MACHINE})"; \ - wget -qO /usr/bin/docker-compose ${COMPOSE_REMOTE}/releases/download/v${COMPOSE_VERSION}/docker-compose-${OS}-${ARCH} \ - && chmod +x /usr/bin/docker-compose - -ENTRYPOINT ["/usr/bin/docker-compose"] - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/consul/Dockerfile b/docker/consul/Dockerfile deleted file mode 100644 index 71310f6..0000000 --- a/docker/consul/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -ARG CONSUL_VERSION=1.11.1 -FROM consul:${CONSUL_VERSION} as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG DOCKER_GID=999 - -# add user consul in group docker -RUN DOCKER_GROUP=$(awk -F: '$3 == '${DOCKER_GID}' {print $1}' < /etc/group) \ - && if [ -n "${DOCKER_GROUP}" ]; then adduser consul ${DOCKER_GROUP}; \ - else addgroup -g ${DOCKER_GID} docker && adduser consul docker; \ - fi - -COPY ${DOCKER_BUILD_DIR}/docker-healthcheck /usr/local/bin/ -RUN chmod +rx /usr/local/bin/docker-healthcheck - -HEALTHCHECK CMD ((((echo -e 'GET /v1/health/service/consul HTTP/1.0\n' \ - |nc -w 1 localhost:8500; echo $? >&3) \ - |sed -n '/^\[/,$p' \ - |jq '.[].Checks[0].Output' >&4) 3>&1) \ - | (read err; exit $err)) 4>&1 - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/consul/docker-healthcheck b/docker/consul/docker-healthcheck deleted file mode 100755 index 7d6fbd0..0000000 --- a/docker/consul/docker-healthcheck +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/sh -# link: https://github.com/hashicorp/consul/issues/3182 -# author: Yann "aya" Autissier -# license: GPL -set -eu - -DOCKER_SOCK=${DOCKER_SOCK:-/var/run/docker.sock} - -if ! which curl > /dev/null || ! which jq >/dev/null; then - >&2 echo "ERROR: curl or jq not found" - exit 2 -fi - -if [ $# -ne 1 ]; then - >&2 echo "ERROR: invalid parameter '$*'" - echo "USAGE: $0 container-id|container-name|container-ip" - exit 2 -fi - -{ - { - { - # list all dockers - for docker in $(curl --disable --fail --show-error --silent --unix-socket "${DOCKER_SOCK}" http://localhost/containers/json |jq -r '.[].Id'); do - # print "health_status id name ip_address health_output" for each docker - curl --disable --fail --show-error --silent --unix-socket "${DOCKER_SOCK}" "http://localhost/containers/${docker}/json" \ - |jq -r '[.State.Health.Status, .Id, .Name, .NetworkSettings.IPAddress, .State.Health.Log[0].Output] |@tsv' - # shorten id: .Id |capture("(?.{12})").id - # print "health_status" and "health_output" for line matching $1 - done |awk -F '\t' '/\<'"$1"'\>/ {print $1 | "cat >&3; exec 3>&-"; print $NF | "cat >&4";}' - } 3>&1 - } | { - read -r status ||: - case "$status" in - healthy) exit=0;; - starting) exit=1;; - *) exit=2;; - esac - # exit according to "health_status" - exit $exit - } -# print "health_output" -} 4>&1 diff --git a/docker/elastic/apm-server-oss/Dockerfile b/docker/elastic/apm-server-oss/Dockerfile deleted file mode 100644 index 59ab5ee..0000000 --- a/docker/elastic/apm-server-oss/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM docker.elastic.co/apm/apm-server-oss:7.4.2 as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -# config -COPY ${DOCKER_BUILD_DIR}/apm-server.yml /usr/share/apm-server/ - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/elastic/apm-server-oss/apm-server.docker.yml b/docker/elastic/apm-server-oss/apm-server.docker.yml deleted file mode 100644 index 3bb99b6..0000000 --- a/docker/elastic/apm-server-oss/apm-server.docker.yml +++ /dev/null @@ -1,931 +0,0 @@ -######################### APM Server Configuration ######################### - -################################ APM Server ################################ - -apm-server: - # Defines the host and port the server is listening on. Use "unix:/path/to.sock" to listen on a unix domain socket. - host: "0.0.0.0:8200" - - # Maximum permitted size in bytes of a request's header accepted by the server to be processed. - #max_header_size: 1048576 - - # Maximum amount of time to wait for the next incoming request before underlying connection is closed. - #idle_timeout: 45s - - # Maximum permitted duration for reading an entire request. - #read_timeout: 30s - - # Maximum permitted duration for writing a response. - #write_timeout: 30s - - # Maximum duration before releasing resources when shutting down the server. - #shutdown_timeout: 5s - - # Maximum permitted size in bytes of an event accepted by the server to be processed. - #max_event_size: 307200 - - # Maximum number of new connections to accept simultaneously (0 means unlimited). - #max_connections: 0 - - # Authorization token for sending data to the APM server. If a token is set, the - # agents must send it in the following format: Authorization: Bearer . - # It is recommended to use an authorization token in combination with SSL enabled, - # and save the token in the apm-server keystore. The token is not used for the RUM endpoint. - #secret_token: - - # Enable secure communication between APM agents and the server. By default ssl is disabled. - #ssl: - #enabled: false - - # Configure a list of root certificate authorities for verifying client certificates. - #certificate_authorities: [] - - # Path to file containing the certificate for server authentication. - # Needs to be configured when ssl is enabled. - #certificate: '' - - # Path to file containing server certificate key. - # Needs to be configured when ssl is enabled. - #key: '' - - # Optional configuration options for ssl communication. - - # Passphrase for decrypting the Certificate Key. - # It is recommended to use the provided keystore instead of entering the passphrase in plain text. - #key_passphrase: '' - - # List of supported/valid protocol versions. By default TLS versions 1.1 up to 1.2 are enabled. - #supported_protocols: [TLSv1.1, TLSv1.2] - - # Configure cipher suites to be used for SSL connections. - #cipher_suites: [] - - # Configure curve types for ECDHE based cipher suites. - #curve_types: [] - - # Configure which type of client authentication is supported. - # Options are `none`, `optional`, and `required`. Default is `optional`. - #client_authentication: "optional" - - # Configure SSL verification mode. If `none` is configured, all hosts and - # certificates will be accepted. In this mode, SSL-based connections are - # susceptible to man-in-the-middle attacks. Use only for testing. Default is `full`. - #ssl.verification_mode: full - - # Enable Real User Monitoring (RUM) Support. By default RUM is disabled. - #rum: - #enabled: false - - #event_rate: - - # Defines the maximum amount of events allowed to be sent to the APM Server RUM - # endpoint per IP per second. Defaults to 300. - #limit: 300 - - # An LRU cache is used to keep a rate limit per IP for the most recently seen IPs. - # This setting defines the number of unique IPs that can be tracked in the cache. - # Sites with many concurrent clients should consider increasing this limit. Defaults to 1000. - #lru_size: 1000 - - #-- General RUM settings - - # Comma separated list of permitted origins for real user monitoring. - # User-agents will send an origin header that will be validated against this list. - # An origin is made of a protocol scheme, host and port, without the url path. - # Allowed origins in this setting can have * to match anything (eg.: http://*.example.com) - # If an item in the list is a single '*', everything will be allowed. - #allow_origins : ['*'] - - # Regexp to be matched against a stacktrace frame's `file_name` and `abs_path` attributes. - # If the regexp matches, the stacktrace frame is considered to be a library frame. - #library_pattern: "node_modules|bower_components|~" - - # Regexp to be matched against a stacktrace frame's `file_name`. - # If the regexp matches, the stacktrace frame is not used for calculating error groups. - # The default pattern excludes stacktrace frames that have a filename starting with '/webpack' - #exclude_from_grouping: "^/webpack" - - # If a source map has previously been uploaded, source mapping is automatically applied. - # to all error and transaction documents sent to the RUM endpoint. - #source_mapping: - - # Sourcemapping is enabled by default. - #enabled: true - - # Source maps are always fetched from Elasticsearch, by default using the output.elasticsearch configuration. - # A different instance must be configured when using any other output. - # This setting only affects sourcemap reads - the output determines where sourcemaps are written. - #elasticsearch: - # Array of hosts to connect to. - # Scheme and port can be left out and will be set to the default (`http` and `9200`). - # In case you specify and additional path, the scheme is required: `http://localhost:9200/path`. - # IPv6 addresses should always be defined as: `https://[2001:db8::1]:9200`. - # hosts: ["localhost:9200"] - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "elastic" - #password: "changeme" - - # The `cache.expiration` determines how long a source map should be cached before fetching it again from Elasticsearch. - # Note that values configured without a time unit will be interpreted as seconds. - #cache: - #expiration: 5m - - # Source maps are stored in a separate index. - # If the default index pattern for source maps at 'outputs.elasticsearch.indices' - # is changed, a matching index pattern needs to be specified here. - #index_pattern: "apm-*-sourcemap*" - - - # If true (default), APM Server captures the IP of the instrumented service - # or the IP and User Agent of the real user (RUM requests). - #capture_personal_data: true - - # Enable APM Server Golang expvar support (https://golang.org/pkg/expvar/). - #expvar: - #enabled: false - - # Url to expose expvar. - #url: "/debug/vars" - - # Instrumentation support for the server's HTTP endpoints and event publisher. - #instrumentation: - # Set to true to enable instrumentation of the APM Server itself. - #enabled: false - - # Environment in which the APM Server is running on (eg: staging, production, etc.) - #environment: "" - - # Remote hosts to report instrumentation results to. - #hosts: - # - http://remote-apm-server:8200 - - # secret_token for the remote apm-servers. - #secret_token: - - # A pipeline is a definition of processors applied to documents when ingesting them to Elasticsearch. - # Using pipelines involves two steps: - # (1) registering a pipeline - # (2) applying a pipeline during data ingestion (see `output.elasticsearch.pipeline`) - # - # You can manually register a pipeline, or use this configuration option to ensure - # the pipeline is loaded and registered at the configured Elasticsearch instances. - # Find the default pipeline configuration at `ingest/pipeline/definition.json`. - # Automatic pipeline registration requires the `output.elasticsearch` to be enabled and configured. - #register.ingest.pipeline: - # Registers APM pipeline definition in Elasticsearch on APM Server startup. Defaults to true. - #enabled: true - # Overwrites existing APM pipeline definition in Elasticsearch. Defaults to false. - #overwrite: false - - # When ilm is set to `auto`, the APM Server checks a couple of preconditions: - # If a different output than Elasticsearch is configured, ILM will be disabled. - # If Elasticsearch output is configured, but specific `index` or `indices` settings are configured, ILM will be - # disabled, as it only works with default index settings. - # If the configured Elasticsearch instance is not eligible for ILM, ILM will also be disabled. - # If all preconditions are met, ILM will be enabled. - # - # When ILM is set to `true`, the APM Server ignores any configured index settings. - # For ILM to be applied, The configured output must be set to Elasticsearch and the instance - # needs to support ILM. Otherwise APM Server falls back to ordinary index management without ILM. - # - # Defaults to "auto". Disable ILM by setting it to `false`. - #ilm.enabled: "auto" - - # When using APM agent configuration, information fetched from Kibana will be cached in memory for some time. - # Specify cache key expiration via this setting. Default is 30 seconds. - #agent.config.cache.expiration: 30s - - #kibana: - # For APM Agent configuration in Kibana, enabled must be true. - #enabled: false - - # Scheme and port can be left out and will be set to the default (`http` and `5601`). - # In case you specify an additional path, the scheme is required: `http://localhost:5601/path`. - # IPv6 addresses should always be defined as: `https://[2001:db8::1]:5601`. - #host: "localhost:5601" - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "elastic" - #password: "changeme" - - # Optional HTTP path. - #path: "" - - # Enable custom SSL settings. Set to false to ignore custom SSL settings for secure communication. - #ssl.enabled: true - - # Optional SSL configuration options. SSL is off by default, change the `protocol` option if you want to enable `https`. - # Configure SSL verification mode. If `none` is configured, all server hosts - # and certificates will be accepted. In this mode, SSL based connections are - # susceptible to man-in-the-middle attacks. Use only for testing. Default is - # `full`. - #ssl.verification_mode: full - - # List of supported/valid TLS versions. By default all TLS versions 1.0 up to - # 1.2 are enabled. - #ssl.supported_protocols: [TLSv1.0, TLSv1.1, TLSv1.2] - - # List of root certificates for HTTPS server verifications. - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication. - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - - # Optional passphrase for decrypting the Certificate Key. - # It is recommended to use the provided keystore instead of entering the passphrase in plain text. - #ssl.key_passphrase: '' - - # Configure cipher suites to be used for SSL connections. - #ssl.cipher_suites: [] - - # Configure curve types for ECDHE based cipher suites. - #ssl.curve_types: [] - -#================================= General ================================= - -# Data is buffered in a memory queue before it is published to the configured output. -# The memory queue will present all available events (up to the outputs -# bulk_max_size) to the output, the moment the output is ready to serve -# another batch of events. -#queue: - # Queue type by name (default 'mem'). - #mem: - # Max number of events the queue can buffer. - #events: 4096 - - # Hints the minimum number of events stored in the queue, - # before providing a batch of events to the outputs. - # The default value is set to 2048. - # A value of 0 ensures events are immediately available - # to be sent to the outputs. - #flush.min_events: 2048 - - # Maximum duration after which events are available to the outputs, - # if the number of events stored in the queue is < `flush.min_events`. - #flush.timeout: 1s - -# Sets the maximum number of CPUs that can be executing simultaneously. The -# default is the number of logical CPUs available in the system. -#max_procs: - -#================================= Template ================================= - -# A template is used to set the mapping in Elasticsearch. -# By default template loading is enabled and the template is loaded. -# These settings can be adjusted to load your own template or overwrite existing ones. - -# Set to false to disable template loading. -#setup.template.enabled: true - -# Template name. By default the template name is "apm-%{[observer.version]}" -# The template name and pattern has to be set in case the elasticsearch index pattern is modified. -#setup.template.name: "apm-%{[observer.version]}" - -# Template pattern. By default the template pattern is "apm-%{[observer.version]}-*" to apply to the default index settings. -# The first part is the version of apm-server and then -* is used to match all daily indices. -# The template name and pattern has to be set in case the elasticsearch index pattern is modified. -#setup.template.pattern: "apm-%{[observer.version]}-*" - -# Path to fields.yml file to generate the template. -#setup.template.fields: "${path.config}/fields.yml" - -# Overwrite existing template. -#setup.template.overwrite: false - -# Elasticsearch template settings. -#setup.template.settings: - - # A dictionary of settings to place into the settings.index dictionary - # of the Elasticsearch template. For more details, please check - # https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping.html - #index: - #number_of_shards: 1 - #codec: best_compression - #number_of_routing_shards: 30 - #mapping.total_fields.limit: 2000 - -#============================= Elastic Cloud ============================= - -# These settings simplify using APM Server with the Elastic Cloud (https://cloud.elastic.co/). - -# The cloud.id setting overwrites the `output.elasticsearch.hosts` option. -# You can find the `cloud.id` in the Elastic Cloud web UI. -#cloud.id: - -# The cloud.auth setting overwrites the `output.elasticsearch.username` and -# `output.elasticsearch.password` settings. The format is `:`. -#cloud.auth: - -#================================ Outputs ================================= - -# Configure the output to use when sending the data collected by apm-server. - -#-------------------------- Elasticsearch output -------------------------- -output.elasticsearch: - # Array of hosts to connect to. - # Scheme and port can be left out and will be set to the default (`http` and `9200`). - # In case you specify and additional path, the scheme is required: `http://localhost:9200/path`. - # IPv6 addresses should always be defined as: `https://[2001:db8::1]:9200`. - hosts: ["elasticsearch:9200"] - - # Boolean flag to enable or disable the output module. - #enabled: true - - # Set gzip compression level. - #compression_level: 0 - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "elastic" - #password: "changeme" - - # Dictionary of HTTP parameters to pass within the url with index operations. - #parameters: - #param1: value1 - #param2: value2 - - # Number of workers per Elasticsearch host. - #worker: 1 - - # By using the configuration below, APM documents are stored to separate indices, - # depending on their `processor.event`: - # - error - # - transaction - # - span - # - sourcemap - # - # The indices are all prefixed with `apm-%{[observer.version]}`. - # To allow managing indices based on their age, all indices (except for sourcemaps) - # end with the information of the day they got indexed. - # e.g. "apm-7.3.0-transaction-2019.07.20" - # - # Be aware that you can only specify one Elasticsearch template. - # If you modify the index patterns you must also update these configurations accordingly, - # as they need to be aligned: - # * `setup.template.name` - # * `setup.template.pattern` - #index: "apm-%{[observer.version]}-%{+yyyy.MM.dd}" - #indices: - # - index: "apm-%{[observer.version]}-sourcemap" - # when.contains: - # processor.event: "sourcemap" - # - # - index: "apm-%{[observer.version]}-error-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "error" - # - # - index: "apm-%{[observer.version]}-transaction-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "transaction" - # - # - index: "apm-%{[observer.version]}-span-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "span" - # - # - index: "apm-%{[observer.version]}-metric-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "metric" - # - # - index: "apm-%{[observer.version]}-onboarding-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "onboarding" - - # A pipeline is a definition of processors applied to documents when ingesting them to Elasticsearch. - # APM Server comes with a default pipeline definition, located at `ingest/pipeline/definition.json`, which is - # loaded to Elasticsearch by default (see `apm-server.register.ingest.pipeline`). - # APM pipeline is enabled by default. To disable it, set `pipeline: _none`. - #pipeline: "apm" - - # Optional HTTP Path. - #path: "/elasticsearch" - - # Custom HTTP headers to add to each request. - #headers: - # X-My-Header: Contents of the header - - # Proxy server url. - #proxy_url: http://proxy:3128 - - # The number of times a particular Elasticsearch index operation is attempted. If - # the indexing operation doesn't succeed after this many retries, the events are - # dropped. The default is 3. - #max_retries: 3 - - # The maximum number of events to bulk in a single Elasticsearch bulk API index request. - # The default is 50. - #bulk_max_size: 50 - - # The number of seconds to wait before trying to reconnect to Elasticsearch - # after a network error. After waiting backoff.init seconds, apm-server - # tries to reconnect. If the attempt fails, the backoff timer is increased - # exponentially up to backoff.max. After a successful connection, the backoff - # timer is reset. The default is 1s. - #backoff.init: 1s - - # The maximum number of seconds to wait before attempting to connect to - # Elasticsearch after a network error. The default is 60s. - #backoff.max: 60s - - # Configure http request timeout before failing an request to Elasticsearch. - #timeout: 90 - - # Enable custom SSL settings. Set to false to ignore custom SSL settings for secure communication. - #ssl.enabled: true - - # Optional SSL configuration options. SSL is off by default, change the `protocol` option if you want to enable `https`. - # Configure SSL verification mode. If `none` is configured, all server hosts - # and certificates will be accepted. In this mode, SSL based connections are - # susceptible to man-in-the-middle attacks. Use only for testing. Default is - # `full`. - #ssl.verification_mode: full - - # List of supported/valid TLS versions. By default all TLS versions 1.0 up to - # 1.2 are enabled. - #ssl.supported_protocols: [TLSv1.0, TLSv1.1, TLSv1.2] - - # List of root certificates for HTTPS server verifications. - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication. - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - - # Optional passphrase for decrypting the Certificate Key. - # It is recommended to use the provided keystore instead of entering the passphrase in plain text. - #ssl.key_passphrase: '' - - # Configure cipher suites to be used for SSL connections. - #ssl.cipher_suites: [] - - # Configure curve types for ECDHE based cipher suites. - #ssl.curve_types: [] - - # Configure what types of renegotiation are supported. Valid options are - # never, once, and freely. Default is never. - #ssl.renegotiation: never - -#----------------------------- Console output ----------------------------- -#output.console: - # Boolean flag to enable or disable the output module. - #enabled: false - - # Configure JSON encoding. - #codec.json: - # Pretty-print JSON event. - #pretty: false - - # Configure escaping HTML symbols in strings. - #escape_html: false - -#---------------------------- Logstash output ----------------------------- -#output.logstash: - # Boolean flag to enable or disable the output module. - #enabled: false - - # The Logstash hosts. - #hosts: ["localhost:5044"] - - # Number of workers per Logstash host. - #worker: 1 - - # Set gzip compression level. - #compression_level: 3 - - # Configure escaping html symbols in strings. - #escape_html: true - - # Optional maximum time to live for a connection to Logstash, after which the - # connection will be re-established. A value of `0s` (the default) will - # disable this feature. - # - # Not yet supported for async connections (i.e. with the "pipelining" option set). - #ttl: 30s - - # Optional load balance the events between the Logstash hosts. Default is false. - #loadbalance: false - - # Number of batches to be sent asynchronously to Logstash while processing - # new batches. - #pipelining: 2 - - # If enabled only a subset of events in a batch of events is transferred per - # group. The number of events to be sent increases up to `bulk_max_size` - # if no error is encountered. - #slow_start: false - - # The number of seconds to wait before trying to reconnect to Logstash - # after a network error. After waiting backoff.init seconds, apm-server - # tries to reconnect. If the attempt fails, the backoff timer is increased - # exponentially up to backoff.max. After a successful connection, the backoff - # timer is reset. The default is 1s. - #backoff.init: 1s - - # The maximum number of seconds to wait before attempting to connect to - # Logstash after a network error. The default is 60s. - #backoff.max: 60s - - # Optional index name. The default index name is set to apm - # in all lowercase. - #index: 'apm' - - # SOCKS5 proxy server URL - #proxy_url: socks5://user:password@socks5-server:2233 - - # Resolve names locally when using a proxy server. Defaults to false. - #proxy_use_local_resolver: false - - # Enable SSL support. SSL is automatically enabled if any SSL setting is set. - #ssl.enabled: false - - # Optional SSL configuration options. SSL is off by default. - # Configure SSL verification mode. If `none` is configured, all server hosts - # and certificates will be accepted. In this mode, SSL based connections are - # susceptible to man-in-the-middle attacks. Use only for testing. Default is - # `full`. - #ssl.verification_mode: full - - # List of supported/valid TLS versions. By default all TLS versions 1.0 up to - # 1.2 are enabled. - #ssl.supported_protocols: [TLSv1.0, TLSv1.1, TLSv1.2] - - # List of root certificates for HTTPS server verifications. - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication. - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - - # Optional passphrase for decrypting the Certificate Key. - # It is recommended to use the provided keystore instead of entering the passphrase in plain text. - #ssl.key_passphrase: '' - - # Configure cipher suites to be used for SSL connections. - #ssl.cipher_suites: [] - - # Configure curve types for ECDHE based cipher suites. - #ssl.curve_types: [] - - # Configure what types of renegotiation are supported. Valid options are - # never, once, and freely. Default is never. - #ssl.renegotiation: never - -#------------------------------ Kafka output ------------------------------ -#output.kafka: - # Boolean flag to enable or disable the output module. - #enabled: false - - # The list of Kafka broker addresses from where to fetch the cluster metadata. - # The cluster metadata contain the actual Kafka brokers events are published - # to. - #hosts: ["localhost:9092"] - - # The Kafka topic used for produced events. The setting can be a format string - # using any event field. To set the topic from document type use `%{[type]}`. - #topic: beats - - # The Kafka event key setting. Use format string to create unique event key. - # By default no event key will be generated. - #key: '' - - # The Kafka event partitioning strategy. Default hashing strategy is `hash` - # using the `output.kafka.key` setting or randomly distributes events if - # `output.kafka.key` is not configured. - #partition.hash: - # If enabled, events will only be published to partitions with reachable - # leaders. Default is false. - #reachable_only: false - - # Configure alternative event field names used to compute the hash value. - # If empty `output.kafka.key` setting will be used. - # Default value is empty list. - #hash: [] - - # Authentication details. Password is required if username is set. - #username: '' - #password: '' - - # Kafka version libbeat is assumed to run against. Defaults to the "1.0.0". - #version: '1.0.0' - - # Configure JSON encoding. - #codec.json: - # Pretty print json event - #pretty: false - - # Configure escaping html symbols in strings. - #escape_html: true - - # Metadata update configuration. Metadata do contain leader information - # deciding which broker to use when publishing. - #metadata: - # Max metadata request retry attempts when cluster is in middle of leader - # election. Defaults to 3 retries. - #retry.max: 3 - - # Waiting time between retries during leader elections. Default is 250ms. - #retry.backoff: 250ms - - # Refresh metadata interval. Defaults to every 10 minutes. - #refresh_frequency: 10m - - # The number of concurrent load-balanced Kafka output workers. - #worker: 1 - - # The number of times to retry publishing an event after a publishing failure. - # After the specified number of retries, the events are typically dropped. - # Set max_retries to a value less than 0 to retry - # until all events are published. The default is 3. - #max_retries: 3 - - # The maximum number of events to bulk in a single Kafka request. The default - # is 2048. - #bulk_max_size: 2048 - - # The number of seconds to wait for responses from the Kafka brokers before - # timing out. The default is 30s. - #timeout: 30s - - # The maximum duration a broker will wait for number of required ACKs. The - # default is 10s. - #broker_timeout: 10s - - # The number of messages buffered for each Kafka broker. The default is 256. - #channel_buffer_size: 256 - - # The keep-alive period for an active network connection. If 0s, keep-alives - # are disabled. The default is 0 seconds. - #keep_alive: 0 - - # Sets the output compression codec. Must be one of none, snappy and gzip. The - # default is gzip. - #compression: gzip - - # Set the compression level. Currently only gzip provides a compression level - # between 0 and 9. The default value is chosen by the compression algorithm. - #compression_level: 4 - - # The maximum permitted size of JSON-encoded messages. Bigger messages will be - # dropped. The default value is 1000000 (bytes). This value should be equal to - # or less than the broker's message.max.bytes. - #max_message_bytes: 1000000 - - # The ACK reliability level required from broker. 0=no response, 1=wait for - # local commit, -1=wait for all replicas to commit. The default is 1. Note: - # If set to 0, no ACKs are returned by Kafka. Messages might be lost silently - # on error. - #required_acks: 1 - - # The configurable ClientID used for logging, debugging, and auditing - # purposes. The default is "beats". - #client_id: beats - - # Enable SSL support. SSL is automatically enabled if any SSL setting is set. - #ssl.enabled: false - - # Optional SSL configuration options. SSL is off by default. - # Configure SSL verification mode. If `none` is configured, all server hosts - # and certificates will be accepted. In this mode, SSL based connections are - # susceptible to man-in-the-middle attacks. Use only for testing. Default is - # `full`. - #ssl.verification_mode: full - - # List of supported/valid TLS versions. By default all TLS versions 1.0 up to - # 1.2 are enabled. - #ssl.supported_protocols: [TLSv1.0, TLSv1.1, TLSv1.2] - - # List of root certificates for HTTPS server verifications. - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication. - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - - # Optional passphrase for decrypting the Certificate Key. - # It is recommended to use the provided keystore instead of entering the passphrase in plain text. - #ssl.key_passphrase: '' - - # Configure cipher suites to be used for SSL connections. - #ssl.cipher_suites: [] - - # Configure curve types for ECDHE based cipher suites. - #ssl.curve_types: [] - - # Configure what types of renegotiation are supported. Valid options are - # never, once, and freely. Default is never. - #ssl.renegotiation: never - -#================================= Paths ================================== - -# The home path for the apm-server installation. This is the default base path -# for all other path settings and for miscellaneous files that come with the -# distribution. -# If not set by a CLI flag or in the configuration file, the default for the -# home path is the location of the binary. -#path.home: - -# The configuration path for the apm-server installation. This is the default -# base path for configuration files, including the main YAML configuration file -# and the Elasticsearch template file. If not set by a CLI flag or in the -# configuration file, the default for the configuration path is the home path. -#path.config: ${path.home} - -# The data path for the apm-server installation. This is the default base path -# for all the files in which apm-server needs to store its data. If not set by a -# CLI flag or in the configuration file, the default for the data path is a data -# subdirectory inside the home path. -#path.data: ${path.home}/data - -# The logs path for an apm-server installation. If not set by a CLI flag or in the -# configuration file, the default is a logs subdirectory inside the home path. -#path.logs: ${path.home}/logs - -#================================= Logging ================================= - -# There are three options for the log output: syslog, file, and stderr. -# Windows systems default to file output. All other systems default to syslog. - -# Sets the minimum log level. The default log level is info. -# Available log levels are: error, warning, info, or debug. -#logging.level: info - -# Enable debug output for selected components. To enable all selectors use ["*"]. -# Other available selectors are "beat", "publish", or "service". -# Multiple selectors can be chained. -#logging.selectors: [ ] - -# Send all logging output to syslog. The default is false. -#logging.to_syslog: true - -# If enabled, apm-server periodically logs its internal metrics that have changed -# in the last period. For each metric that changed, the delta from the value at -# the beginning of the period is logged. Also, the total values for -# all non-zero internal metrics are logged on shutdown. The default is false. -#logging.metrics.enabled: false - -# The period after which to log the internal metrics. The default is 30s. -#logging.metrics.period: 30s - -# Logging to rotating files. When true, writes all logging output to files. -# The log files are automatically rotated when the log file size limit is reached. -#logging.to_files: true -#logging.files: - # Configure the path where the logs are written. The default is the logs directory - # under the home path (the binary location). - #path: /var/log/apm-server - - # The name of the files where the logs are written to. - #name: apm-server - - # Configure log file size limit. If limit is reached, log file will be - # automatically rotated. - #rotateeverybytes: 10485760 # = 10MB - - # Number of rotated log files to keep. Oldest files will be deleted first. - #keepfiles: 7 - - # The permissions mask to apply when rotating log files. The default value is 0600. - # Must be a valid Unix-style file permissions mask expressed in octal notation. - #permissions: 0600 - - # Enable log file rotation on time intervals in addition to size-based rotation. - # Intervals must be at least 1s. Values of 1m, 1h, 24h, 7*24h, 30*24h, and 365*24h - # are boundary-aligned with minutes, hours, days, weeks, months, and years as - # reported by the local system clock. All other intervals are calculated from the - # Unix epoch. Defaults to disabled. - #interval: 0 - -# Set to true to log messages in json format. -#logging.json: false - -#=============================== HTTP Endpoint =============================== - -# apm-server can expose internal metrics through a HTTP endpoint. For security -# reasons the endpoint is disabled by default. This feature is currently experimental. -# Stats can be access through http://localhost:5066/stats. For pretty JSON output -# append ?pretty to the URL. - -# Defines if the HTTP endpoint is enabled. -#http.enabled: false - -# The HTTP endpoint will bind to this hostname or IP address. It is recommended to use only localhost. -#http.host: localhost - -# Port on which the HTTP endpoint will bind. Default is 5066. -#http.port: 5066 - -#============================= X-pack Monitoring ============================= - -# APM server can export internal metrics to a central Elasticsearch monitoring -# cluster. This requires x-pack monitoring to be enabled in Elasticsearch. The -# reporting is disabled by default. - -# Set to true to enable the monitoring reporter. -#monitoring.enabled: false - -# Most settings from the Elasticsearch output are accepted here as well. -# Note that these settings should be configured to point to your Elasticsearch *monitoring* cluster. -# Any setting that is not set is automatically inherited from the Elasticsearch -# output configuration. This means that if you have the Elasticsearch output configured, -# you can simply uncomment the following line. -#monitoring.elasticsearch: - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "apm_system" - #password: "" - - # Array of hosts to connect to. - # Scheme and port can be left out and will be set to the default (`http` and `9200`). - # In case you specify and additional path, the scheme is required: `http://localhost:9200/path`. - # IPv6 addresses should always be defined as: `https://[2001:db8::1]:9200`. - #hosts: ["localhost:9200"] - - # Set gzip compression level. - #compression_level: 0 - - # Dictionary of HTTP parameters to pass within the URL with index operations. - #parameters: - #param1: value1 - #param2: value2 - - # Custom HTTP headers to add to each request. - #headers: - # X-My-Header: Contents of the header - - # Proxy server url. - #proxy_url: http://proxy:3128 - - # The number of times a particular Elasticsearch index operation is attempted. If - # the indexing operation doesn't succeed after this many retries, the events are - # dropped. The default is 3. - #max_retries: 3 - - # The maximum number of events to bulk in a single Elasticsearch bulk API index request. - # The default is 50. - #bulk_max_size: 50 - - # The number of seconds to wait before trying to reconnect to Elasticsearch - # after a network error. After waiting backoff.init seconds, apm-server - # tries to reconnect. If the attempt fails, the backoff timer is increased - # exponentially up to backoff.max. After a successful connection, the backoff - # timer is reset. The default is 1s. - #backoff.init: 1s - - # The maximum number of seconds to wait before attempting to connect to - # Elasticsearch after a network error. The default is 60s. - #backoff.max: 60s - - # Configure HTTP request timeout before failing an request to Elasticsearch. - #timeout: 90 - - # Enable custom SSL settings. Set to false to ignore custom SSL settings for secure communication. - #ssl.enabled: true - - # Optional SSL configuration options. SSL is off by default, change the `protocol` option if you want to enable `https`. - # Configure SSL verification mode. If `none` is configured, all server hosts - # and certificates will be accepted. In this mode, SSL based connections are - # susceptible to man-in-the-middle attacks. Use only for testing. Default is - # `full`. - #ssl.verification_mode: full - - # List of supported/valid TLS versions. By default all TLS versions 1.0 up to - # 1.2 are enabled. - #ssl.supported_protocols: [TLSv1.0, TLSv1.1, TLSv1.2] - - # List of root certificates for HTTPS server verifications. - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication. - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - - # Optional passphrase for decrypting the Certificate Key. - # It is recommended to use the provided keystore instead of entering the passphrase in plain text. - #ssl.key_passphrase: '' - - # Configure cipher suites to be used for SSL connections. - #ssl.cipher_suites: [] - - # Configure curve types for ECDHE based cipher suites. - #ssl.curve_types: [] - - # Configure what types of renegotiation are supported. Valid options are - # never, once, and freely. Default is never. - #ssl.renegotiation: never - - #metrics.period: 10s - #state.period: 1m diff --git a/docker/elastic/apm-server-oss/apm-server.yml b/docker/elastic/apm-server-oss/apm-server.yml deleted file mode 100644 index 0ce7b26..0000000 --- a/docker/elastic/apm-server-oss/apm-server.yml +++ /dev/null @@ -1,30 +0,0 @@ -apm-server: - host: "0.0.0.0:8200" - -output.elasticsearch: - pipeline: _none - #index: "apm-%{[observer.version]}-%{+yyyy.MM.dd}" - #indices: - # - index: "apm-%{[observer.version]}-sourcemap" - # when.contains: - # processor.event: "sourcemap" - # - # - index: "apm-%{[observer.version]}-error-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "error" - # - # - index: "apm-%{[observer.version]}-transaction-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "transaction" - # - # - index: "apm-%{[observer.version]}-span-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "span" - # - # - index: "apm-%{[observer.version]}-metric-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "metric" - # - # - index: "apm-%{[observer.version]}-onboarding-%{+yyyy.MM.dd}" - # when.contains: - # processor.event: "onboarding" diff --git a/docker/elastic/apm-server-oss/dashboards/error_details.json b/docker/elastic/apm-server-oss/dashboards/error_details.json deleted file mode 100644 index 550d655..0000000 --- a/docker/elastic/apm-server-oss/dashboards/error_details.json +++ /dev/null @@ -1,98 +0,0 @@ -[ - { - "_id": "5f08a870-7c6a-11e7-aa55-3b0d52c71c60", - "_migrationVersion": { - "dashboard": "7.0.0" - }, - "_references": [ - { - "id": "c618e4e0-7c69-11e7-aa55-3b0d52c71c60", - "name": "panel_0", - "type": "visualization" - }, - { - "id": "ceefd050-7c6a-11e7-aa55-3b0d52c71c60", - "name": "panel_1", - "type": "search" - } - ], - "_source": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"version\":true,\"highlightAll\":true}" - }, - "optionsJSON": "{\"darkTheme\": false}", - "panelsJSON": "[{\"size_x\":12,\"size_y\":3,\"panelIndex\":1,\"col\":1,\"row\":1,\"panelRefName\":\"panel_0\"},{\"sort\":[\"@timestamp\",\"desc\"],\"size_x\":12,\"size_y\":21,\"panelIndex\":2,\"col\":1,\"columns\":[\"error.culprit\",\"error.exception.type\",\"error.exception.message\",\"error.log.message\",\"error.exception.handled\",\"service.name\"],\"row\":4,\"panelRefName\":\"panel_1\"}]", - "timeRestore": false, - "title": "[APM] Error Details", - "uiStateJSON": "{}", - "version": 1 - }, - "_type": "dashboard" - }, - { - "_id": "c618e4e0-7c69-11e7-aa55-3b0d52c71c60", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Error Occurrences [APM]", - "uiStateJSON": "{}", - "version": 1, - "visState": "{\"params\":{\"time_field\":\"@timestamp\",\"series\":[{\"line_width\":\"0\",\"terms_field\":\"error.grouping_key\",\"point_size\":1,\"color\":\"rgba(0,156,224,1)\",\"label\":\"Occurrences\",\"metrics\":[{\"type\":\"count\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"split_mode\":\"terms\",\"chart_type\":\"bar\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"fill\":\"1\"}],\"axis_formatter\":\"number\",\"interval\":\">=1m\",\"filter\":\"processor.event:error\",\"show_legend\":0,\"show_grid\":1,\"axis_position\":\"left\",\"type\":\"timeseries\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\"},\"type\":\"metrics\",\"aggs\":[],\"title\":\"Error Occurrences [APM]\"}" - }, - "_type": "visualization" - }, - { - "_id": "ceefd050-7c6a-11e7-aa55-3b0d52c71c60", - "_migrationVersion": { - "search": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - }, - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", - "type": "index-pattern" - } - ], - "_source": { - "columns": [ - "error.culprit", - "error.exception.type", - "error.exception.message", - "error.log.message", - "error.exception.handled", - "service.name" - ], - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[{\"query\":{\"match\":{\"processor.event\":{\"query\":\"error\",\"type\":\"phrase\"}}},\"meta\":{\"value\":\"error\",\"disabled\":false,\"alias\":null,\"params\":{\"query\":\"error\",\"type\":\"phrase\"},\"key\":\"processor.event\",\"negate\":false,\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"$state\":{\"store\":\"appState\"}}],\"version\":true,\"highlightAll\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "sort": [ - "@timestamp", - "desc" - ], - "title": "Error Details [APM]", - "version": 1 - }, - "_type": "search" - } -] \ No newline at end of file diff --git a/docker/elastic/apm-server-oss/dashboards/errors.json b/docker/elastic/apm-server-oss/dashboards/errors.json deleted file mode 100644 index 8fa1f60..0000000 --- a/docker/elastic/apm-server-oss/dashboards/errors.json +++ /dev/null @@ -1,82 +0,0 @@ -[ - { - "_id": "37f6fac0-7c6a-11e7-aa55-3b0d52c71c60", - "_migrationVersion": { - "dashboard": "7.0.0" - }, - "_references": [ - { - "id": "22518e70-7c69-11e7-aa55-3b0d52c71c60", - "name": "panel_0", - "type": "visualization" - }, - { - "id": "c618e4e0-7c69-11e7-aa55-3b0d52c71c60", - "name": "panel_1", - "type": "visualization" - } - ], - "_source": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"version\":true,\"highlightAll\":true}" - }, - "optionsJSON": "{\"darkTheme\": false}", - "panelsJSON": "[{\"size_x\":12,\"size_y\":10,\"panelIndex\":1,\"col\":1,\"row\":4,\"panelRefName\":\"panel_0\"},{\"size_x\":12,\"size_y\":3,\"panelIndex\":2,\"col\":1,\"row\":1,\"panelRefName\":\"panel_1\"}]", - "timeRestore": false, - "title": "[APM] Errors", - "uiStateJSON": "{\"P-1\": {\"vis\": {\"params\": {\"sort\": {\"columnIndex\": null, \"direction\": null}}}}}", - "version": 1 - }, - "_type": "dashboard" - }, - { - "_id": "22518e70-7c69-11e7-aa55-3b0d52c71c60", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Top Errors for Time Period [APM]", - "uiStateJSON": "{\"vis\": {\"params\": {\"sort\": {\"columnIndex\": null, \"direction\": null}}}}", - "version": 1, - "visState": "{\"title\":\"Top Errors for Time Period [APM]\",\"type\":\"table\",\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null},\"perPage\":25,\"showPartialRows\":false,\"totalFunc\":\"sum\",\"showTotal\":false,\"showMetricsAtAllLevels\":false,\"dimensions\":{\"metrics\":[{\"accessor\":1,\"format\":{\"id\":\"string\"},\"params\":{},\"aggType\":\"top_hits\"},{\"accessor\":2,\"format\":{\"id\":\"number\"},\"params\":{},\"aggType\":\"count\"},{\"accessor\":3,\"format\":{\"id\":\"string\"},\"params\":{},\"aggType\":\"top_hits\"},{\"accessor\":4,\"format\":{\"id\":\"string\"},\"params\":{},\"aggType\":\"top_hits\"},{\"accessor\":5,\"format\":{\"id\":\"string\"},\"params\":{},\"aggType\":\"top_hits\"}],\"buckets\":[{\"accessor\":0,\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"otherBucketLabel\":\"Other\",\"missingBucketLabel\":\"Missing\"}},\"params\":{},\"aggType\":\"terms\"}]}},\"aggs\":[{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"error.culprit\",\"size\":100,\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"customLabel\":\"Error Culprit\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"error.exception.message\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Message\"}},{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"Number of Errors\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"error.exception.type\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Type\"}},{\"id\":\"6\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"service.name\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"App Name\"}},{\"id\":\"7\",\"enabled\":true,\"type\":\"top_hits\",\"schema\":\"metric\",\"params\":{\"field\":\"error.grouping_key\",\"aggregate\":\"concat\",\"size\":1,\"sortField\":\"@timestamp\",\"sortOrder\":\"desc\",\"customLabel\":\"Error Grouping Key\"}}]}" - }, - "_type": "visualization" - }, - { - "_id": "c618e4e0-7c69-11e7-aa55-3b0d52c71c60", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Error Occurrences [APM]", - "uiStateJSON": "{}", - "version": 1, - "visState": "{\"params\":{\"time_field\":\"@timestamp\",\"series\":[{\"line_width\":\"0\",\"terms_field\":\"error.grouping_key\",\"point_size\":1,\"color\":\"rgba(0,156,224,1)\",\"label\":\"Occurrences\",\"metrics\":[{\"type\":\"count\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"split_mode\":\"terms\",\"chart_type\":\"bar\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"fill\":\"1\"}],\"axis_formatter\":\"number\",\"interval\":\">=1m\",\"filter\":\"processor.event:error\",\"show_legend\":0,\"show_grid\":1,\"axis_position\":\"left\",\"type\":\"timeseries\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\"},\"type\":\"metrics\",\"aggs\":[],\"title\":\"Error Occurrences [APM]\"}" - }, - "_type": "visualization" - } -] \ No newline at end of file diff --git a/docker/elastic/apm-server-oss/dashboards/services.json b/docker/elastic/apm-server-oss/dashboards/services.json deleted file mode 100644 index 14b2a9e..0000000 --- a/docker/elastic/apm-server-oss/dashboards/services.json +++ /dev/null @@ -1,111 +0,0 @@ -[ - { - "_id": "8d3ed660-7828-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "dashboard": "7.0.0" - }, - "_references": [ - { - "id": "1ffc5e20-7827-11e7-8c47-65b845b5cfb3", - "name": "panel_0", - "type": "visualization" - }, - { - "id": "1bdca740-7828-11e7-8c47-65b845b5cfb3", - "name": "panel_1", - "type": "visualization" - }, - { - "id": "804ffc40-7828-11e7-8c47-65b845b5cfb3", - "name": "panel_2", - "type": "visualization" - } - ], - "_source": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"version\":true,\"highlightAll\":true}" - }, - "optionsJSON": "{\"darkTheme\": false}", - "panelsJSON": "[{\"size_x\":12,\"size_y\":5,\"panelIndex\":1,\"col\":1,\"row\":4,\"panelRefName\":\"panel_0\"},{\"size_x\":6,\"size_y\":3,\"panelIndex\":2,\"col\":1,\"row\":1,\"panelRefName\":\"panel_1\"},{\"size_x\":6,\"size_y\":3,\"panelIndex\":3,\"col\":7,\"row\":1,\"panelRefName\":\"panel_2\"}]", - "timeRestore": false, - "title": "[APM] Services", - "uiStateJSON": "{\"P-1\": {\"vis\": {\"params\": {\"sort\": {\"columnIndex\": null, \"direction\": null}}}}}", - "version": 1 - }, - "_type": "dashboard" - }, - { - "_id": "1ffc5e20-7827-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Services [APM]", - "uiStateJSON": "{\"vis\": {\"params\": {\"sort\": {\"columnIndex\": null, \"direction\": null}}}}", - "version": 1, - "visState": "{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null},\"perPage\":10,\"showPartialRows\":false,\"totalFunc\":\"sum\",\"showTotal\":false,\"showMeticsAtAllLevels\":false},\"type\":\"table\",\"aggs\":[{\"type\":\"avg\",\"enabled\":true,\"id\":\"1\",\"params\":{\"field\":\"transaction.duration.us\",\"customLabel\":\"Avg. Trans. Time\"},\"schema\":\"metric\"},{\"type\":\"percentiles\",\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"transaction.duration.us\",\"percents\":[95],\"customLabel\":\"Trans. Time\"},\"schema\":\"metric\"},{\"type\":\"cardinality\",\"enabled\":true,\"id\":\"4\",\"params\":{\"field\":\"transaction.id\",\"customLabel\":\"Total Transactions\"},\"schema\":\"metric\"},{\"type\":\"cardinality\",\"enabled\":true,\"id\":\"6\",\"params\":{\"field\":\"error.id\",\"customLabel\":\"Errors\"},\"schema\":\"metric\"},{\"type\":\"terms\",\"enabled\":true,\"id\":\"2\",\"params\":{\"orderBy\":\"1\",\"field\":\"service.name\",\"order\":\"desc\",\"size\":1000},\"schema\":\"bucket\"}],\"title\":\"Services [APM]\"}" - }, - "_type": "visualization" - }, - { - "_id": "1bdca740-7828-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Top Services by Transaction Time [APM]", - "uiStateJSON": "{}", - "version": 1, - "visState": "{\"params\":{\"time_field\":\"@timestamp\",\"series\":[{\"line_width\":\"2\",\"terms_field\":\"service.name\",\"point_size\":1,\"color\":\"rgba(0,156,224,1)\",\"value_template\":\"{{value}} ms\",\"metrics\":[{\"field\":\"transaction.duration.us\",\"type\":\"avg\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"split_mode\":\"terms\",\"chart_type\":\"line\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"us,ms,0\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"split_color_mode\":\"gradient\",\"fill\":\"0\"}],\"axis_formatter\":\"number\",\"interval\":\">=1m\",\"show_legend\":1,\"show_grid\":1,\"axis_position\":\"left\",\"type\":\"timeseries\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\"},\"type\":\"metrics\",\"aggs\":[],\"title\":\"Top Services by Transaction Time [APM]\"}" - }, - "_type": "visualization" - }, - { - "_id": "804ffc40-7828-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Top Services by Transaction Per Minute [APM]", - "uiStateJSON": "{}", - "version": 1, - "visState": "{\"params\":{\"time_field\":\"@timestamp\",\"series\":[{\"line_width\":\"2\",\"terms_field\":\"service.name\",\"point_size\":1,\"color\":\"rgba(0,156,224,1)\",\"value_template\":\"{{value}} tpm\",\"metrics\":[{\"type\":\"count\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"cumulative_sum\",\"id\":\"3fcaa6c0-7828-11e7-bb25-2ff6dee07a1b\"},{\"field\":\"3fcaa6c0-7828-11e7-bb25-2ff6dee07a1b\",\"type\":\"derivative\",\"id\":\"467f1cd0-7828-11e7-bb25-2ff6dee07a1b\",\"unit\":\"1m\"},{\"field\":\"467f1cd0-7828-11e7-bb25-2ff6dee07a1b\",\"type\":\"positive_only\",\"id\":\"4bd1b8f0-7828-11e7-bb25-2ff6dee07a1b\",\"unit\":\"\"}],\"seperate_axis\":0,\"split_mode\":\"terms\",\"chart_type\":\"line\",\"terms_order_by\":\"_count\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"fill\":\"0\"}],\"axis_formatter\":\"number\",\"interval\":\">=1m\",\"show_legend\":1,\"show_grid\":1,\"axis_position\":\"left\",\"type\":\"timeseries\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\"},\"type\":\"metrics\",\"aggs\":[],\"title\":\"Top Apps by Transaction Per Minute [APM]\"}" - }, - "_type": "visualization" - } -] \ No newline at end of file diff --git a/docker/elastic/apm-server-oss/dashboards/span_details.json b/docker/elastic/apm-server-oss/dashboards/span_details.json deleted file mode 100644 index b3bdc49..0000000 --- a/docker/elastic/apm-server-oss/dashboards/span_details.json +++ /dev/null @@ -1,67 +0,0 @@ -[ - { - "_id": "3e3de700-7de0-11e7-b115-df9c90da2df1", - "_migrationVersion": { - "dashboard": "7.0.0" - }, - "_references": [ - { - "id": "d7735b90-7ddf-11e7-b115-df9c90da2df1", - "name": "panel_0", - "type": "search" - } - ], - "_source": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"version\":true,\"highlightAll\":true}" - }, - "optionsJSON": "{\"darkTheme\": false}", - "panelsJSON": "[{\"sort\":[\"span.start.us\",\"asc\"],\"col\":1,\"size_x\":12,\"size_y\":23,\"panelIndex\":1,\"columns\":[\"span.type\",\"span.name\",\"span.duration.us\",\"span.start.us\"],\"row\":1,\"panelRefName\":\"panel_0\"}]", - "timeRestore": false, - "title": "[APM] Span Details", - "uiStateJSON": "{}", - "version": 1 - }, - "_type": "dashboard" - }, - { - "_id": "d7735b90-7ddf-11e7-b115-df9c90da2df1", - "_migrationVersion": { - "search": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - }, - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", - "type": "index-pattern" - } - ], - "_source": { - "columns": [ - "span.type", - "span.name", - "span.duration.us", - "span.start.us" - ], - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[{\"query\":{\"match\":{\"processor.event\":{\"query\":\"span\",\"type\":\"phrase\"}}},\"meta\":{\"value\":\"span\",\"disabled\":false,\"alias\":null,\"params\":{\"query\":\"span\",\"type\":\"phrase\"},\"key\":\"processor.event\",\"negate\":false,\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"$state\":{\"store\":\"appState\"}}],\"version\":true,\"highlightAll\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "sort": [ - "span.start.us", - "asc" - ], - "title": "Spans [APM]", - "version": 1 - }, - "_type": "search" - } -] \ No newline at end of file diff --git a/docker/elastic/apm-server-oss/dashboards/transactions.json b/docker/elastic/apm-server-oss/dashboards/transactions.json deleted file mode 100644 index c047f56..0000000 --- a/docker/elastic/apm-server-oss/dashboards/transactions.json +++ /dev/null @@ -1,111 +0,0 @@ -[ - { - "_id": "41b5d920-7821-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "dashboard": "7.0.0" - }, - "_references": [ - { - "id": "a2e199b0-7820-11e7-8c47-65b845b5cfb3", - "name": "panel_0", - "type": "visualization" - }, - { - "id": "09bcf890-7822-11e7-8c47-65b845b5cfb3", - "name": "panel_1", - "type": "visualization" - }, - { - "id": "55606a60-7823-11e7-8c47-65b845b5cfb3", - "name": "panel_2", - "type": "visualization" - } - ], - "_source": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"version\":true,\"highlightAll\":true}" - }, - "optionsJSON": "{\"darkTheme\": false}", - "panelsJSON": "[{\"size_x\":12,\"size_y\":10,\"panelIndex\":1,\"col\":1,\"row\":4,\"panelRefName\":\"panel_0\"},{\"size_x\":6,\"size_y\":3,\"panelIndex\":2,\"col\":1,\"row\":1,\"panelRefName\":\"panel_1\"},{\"size_x\":6,\"size_y\":3,\"panelIndex\":3,\"col\":7,\"row\":1,\"panelRefName\":\"panel_2\"}]", - "timeRestore": false, - "title": "[APM] Transactions", - "uiStateJSON": "{\"P-1\": {\"vis\": {\"params\": {\"sort\": {\"columnIndex\": null, \"direction\": null}}}}}", - "version": 1 - }, - "_type": "dashboard" - }, - { - "_id": "a2e199b0-7820-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Top Transactions for Time Period [APM]", - "uiStateJSON": "{\"vis\": {\"params\": {\"sort\": {\"columnIndex\": null, \"direction\": null}}}}", - "version": 1, - "visState": "{\"type\":\"table\",\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null},\"perPage\":25,\"showPartialRows\":false,\"totalFunc\":\"sum\",\"showTotal\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"params\":{\"orderBy\":\"1\",\"field\":\"transaction.name\",\"customLabel\":\"Transaction\",\"order\":\"desc\",\"size\":1000},\"type\":\"terms\",\"enabled\":true,\"id\":\"2\",\"schema\":\"bucket\"},{\"params\":{\"sortField\":\"@timestamp\",\"customLabel\":\"Type\",\"field\":\"transaction.type\",\"sortOrder\":\"desc\",\"aggregate\":\"concat\",\"size\":1},\"type\":\"top_hits\",\"enabled\":true,\"id\":\"5\",\"schema\":\"metric\"},{\"params\":{\"field\":\"transaction.duration.us\",\"customLabel\":\"Avg. Resp Time (ms)\"},\"type\":\"avg\",\"enabled\":true,\"id\":\"1\",\"schema\":\"metric\"},{\"params\":{\"field\":\"transaction.duration.us\",\"customLabel\":\"Resp Time (ms)\",\"percents\":[95]},\"type\":\"percentiles\",\"enabled\":true,\"id\":\"3\",\"schema\":\"metric\"},{\"params\":{\"sortField\":\"@timestamp\",\"customLabel\":\"View Spans\",\"field\":\"transaction.id\",\"sortOrder\":\"desc\",\"aggregate\":\"concat\",\"size\":1},\"type\":\"top_hits\",\"enabled\":true,\"id\":\"4\",\"schema\":\"metric\"}],\"title\":\"Top Transactions for Time Period [APM]\"}" - }, - "_type": "visualization" - }, - { - "_id": "09bcf890-7822-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Transaction Times [APM]", - "uiStateJSON": "{}", - "version": 1, - "visState": "{\"params\":{\"time_field\":\"@timestamp\",\"series\":[{\"line_width\":\"2\",\"point_size\":1,\"color\":\"rgba(0,156,224,1)\",\"value_template\":\"{{value}} ms\",\"label\":\"Average\",\"metrics\":[{\"field\":\"transaction.duration.us\",\"type\":\"avg\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"seperate_axis\":0,\"split_mode\":\"everything\",\"chart_type\":\"line\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"us,ms,0\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"fill\":\"0\"},{\"line_width\":1,\"point_size\":1,\"color\":\"rgba(115,216,255,1)\",\"value_template\":\"{{value}} ms\",\"label\":\"95th Percentile\",\"metrics\":[{\"field\":\"transaction.duration.us\",\"percentiles\":[{\"mode\":\"line\",\"percentile\":\"\",\"shade\":0.2,\"value\":\"95\",\"id\":\"858ec670-7821-11e7-8745-07eaffcb65e5\"}],\"type\":\"percentile\",\"id\":\"79921481-7821-11e7-8745-07eaffcb65e5\"}],\"seperate_axis\":0,\"split_mode\":\"everything\",\"chart_type\":\"line\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"us,ms,0\",\"id\":\"79921480-7821-11e7-8745-07eaffcb65e5\",\"fill\":0.5},{\"line_width\":\"2\",\"point_size\":1,\"color\":\"rgba(254,146,0,1)\",\"value_template\":\"{{value}} ms\",\"label\":\"99th Percentile\",\"metrics\":[{\"field\":\"transaction.duration.us\",\"percentiles\":[{\"mode\":\"line\",\"percentile\":\"\",\"shade\":0.2,\"value\":\"99\",\"id\":\"858ec670-7821-11e7-8745-07eaffcb65e5\"}],\"type\":\"percentile\",\"id\":\"c1e42de1-7821-11e7-8745-07eaffcb65e5\"}],\"seperate_axis\":0,\"split_mode\":\"everything\",\"chart_type\":\"line\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"us,ms,0\",\"id\":\"c1e42de0-7821-11e7-8745-07eaffcb65e5\",\"fill\":\"0\"}],\"axis_formatter\":\"number\",\"interval\":\">=1m\",\"show_legend\":1,\"show_grid\":1,\"legend_position\":\"right\",\"axis_position\":\"left\",\"type\":\"timeseries\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\"},\"type\":\"metrics\",\"aggs\":[],\"title\":\"Transaction Times [APM]\"}" - }, - "_type": "visualization" - }, - { - "_id": "55606a60-7823-11e7-8c47-65b845b5cfb3", - "_migrationVersion": { - "visualization": "7.0.0" - }, - "_references": [ - { - "id": "apm-*", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "_source": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Transaction Per Minute [APM]", - "uiStateJSON": "{}", - "version": 1, - "visState": "{\"params\":{\"time_field\":\"@timestamp\",\"series\":[{\"line_width\":\"2\",\"terms_field\":\"transaction.result\",\"point_size\":\"0\",\"color\":\"rgba(115,216,255,1)\",\"value_template\":\"{{value}} tpm\",\"label\":\"\",\"metrics\":[{\"field\":\"transaction.id\",\"type\":\"cardinality\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"cumulative_sum\",\"id\":\"3fcaa6c0-7828-11e7-bb25-2ff6dee07a1b\"},{\"field\":\"3fcaa6c0-7828-11e7-bb25-2ff6dee07a1b\",\"type\":\"derivative\",\"id\":\"467f1cd0-7828-11e7-bb25-2ff6dee07a1b\",\"unit\":\"1m\"},{\"field\":\"467f1cd0-7828-11e7-bb25-2ff6dee07a1b\",\"type\":\"positive_only\",\"id\":\"4bd1b8f0-7828-11e7-bb25-2ff6dee07a1b\",\"unit\":\"\"}],\"seperate_axis\":0,\"split_mode\":\"everything\",\"chart_type\":\"line\",\"stacked\":\"none\",\"axis_position\":\"right\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"fill\":\"0\"}],\"axis_formatter\":\"number\",\"interval\":\">=1m\",\"show_legend\":0,\"show_grid\":1,\"axis_position\":\"left\",\"type\":\"timeseries\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\"},\"type\":\"metrics\",\"aggs\":[],\"title\":\"Transaction Per Minute [APM]\"}" - }, - "_type": "visualization" - } -] \ No newline at end of file diff --git a/docker/elastic/apm-server/Dockerfile b/docker/elastic/apm-server/Dockerfile deleted file mode 100644 index 7506e67..0000000 --- a/docker/elastic/apm-server/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM docker.elastic.co/apm/apm-server-oss:7.4.2 as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -# config -# COPY ${DOCKER_BUILD_DIR}/apm-server.yml /usr/share/apm-server/ - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/elastic/curator/Dockerfile b/docker/elastic/curator/Dockerfile deleted file mode 100644 index 39f2680..0000000 --- a/docker/elastic/curator/Dockerfile +++ /dev/null @@ -1,26 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG CURATOR_VERSION=5.8.3 - -RUN apk --no-cache add \ - bash \ - py-pip \ - && pip install elasticsearch-curator==${CURATOR_VERSION} - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh / -COPY ${DOCKER_BUILD_DIR}/config.yml /etc/curator/ -COPY ${DOCKER_BUILD_DIR}/action.yml /etc/curator/ - -ENTRYPOINT ["/docker-entrypoint.sh"] - -FROM dist as master -ARG DOCKER_BUILD_DIR - -# install cronlock -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/bin/cronlock -RUN chmod +rx /usr/bin/cronlock - -# install ssmtp -RUN apk --no-cache add ssmtp && \ - echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf diff --git a/docker/elastic/curator/action.yml b/docker/elastic/curator/action.yml deleted file mode 100644 index 8ab7635..0000000 --- a/docker/elastic/curator/action.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -actions: - 1: - action: delete_indices - description: >- - Delete indices older than ${UNIT_COUNT:1} ${UNIT:months} based on index name, for apm-* - and logs-* prefixed indices. Ignore the error if the filter does not result in an - actionable list of indices (ignore_empty_list) and exit cleanly. - options: - ignore_empty_list: True - timeout_override: - continue_if_exception: True - disable_action: False - filters: - - filtertype: pattern - kind: regex - value: '^(apm|logs)-.*$' - - filtertype: age - source: name - direction: older - timestring: '%Y.%m.%d' - unit: ${UNIT:months} - unit_count: ${UNIT_COUNT:1} diff --git a/docker/elastic/curator/config.yml b/docker/elastic/curator/config.yml deleted file mode 100644 index efdcd8a..0000000 --- a/docker/elastic/curator/config.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -client: - hosts: ${HOSTS:elasticsearch} - port: ${PORT:9200} - url_prefix: - use_ssl: ${USE_SSL:False} - certificate: - client_cert: - client_key: - ssl_no_validate: False - http_auth: - timeout: ${TIMEOUT:30} - master_only: ${MASTER_ONLY:False} -logging: - loglevel: ${LOGLEVEL:INFO} - logfile: - logformat: ${LOGFORMAT:default} - blacklist: ['elasticsearch', 'urllib3'] diff --git a/docker/elastic/curator/docker-entrypoint.sh b/docker/elastic/curator/docker-entrypoint.sh deleted file mode 100755 index 916830b..0000000 --- a/docker/elastic/curator/docker-entrypoint.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -set -euo errexit - -trap 'kill -SIGQUIT $PID' INT - -CRON_DAILY_COMMAND="/usr/bin/curator --config /etc/curator/config.yml /etc/curator/action.yml" -[ "${DEPLOY:-}" = "true" ] && CRON_DAILY_COMMAND="cronlock ${CRON_DAILY_COMMAND}" - -cat > /etc/periodic/daily/curator < -ARG DOCKER_BUILD_DIR - -ARG FABIO_REMOTE=https://github.com/fabiolb/fabio -ARG FABIO_VERSION=1.6.0 -ARG SYSTEM=Linux -ARG MACHINE=x86_64 - -RUN apk update \ - && apk add --no-cache ca-certificates \ - && OS="$(echo ${SYSTEM} |awk '{print tolower($0)}')"; \ - ARCH="$(echo ${MACHINE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}')"; \ - wget -qO /usr/bin/fabio ${FABIO_REMOTE}/releases/download/v${FABIO_VERSION}/fabio-${FABIO_VERSION}-${OS}_${ARCH} \ - && chmod +x /usr/bin/fabio - -EXPOSE 9998 9999 -ENTRYPOINT ["/usr/bin/fabio"] -CMD ["-cfg", "/etc/fabio/fabio.properties"] - -HEALTHCHECK CMD status=$(echo -e 'GET /health HTTP/1.0\n' |nc -w 1 localhost 9998 | sed -n '$p') \ - && echo "$status" && [ "$status" = "OK" ] || exit 1 - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/goofys/Dockerfile b/docker/goofys/Dockerfile deleted file mode 100644 index 70c9181..0000000 --- a/docker/goofys/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -FROM golang:1.15-alpine AS build -LABEL maintainer aynic.os -ARG GOOFYS_VERSION=v0.24.0 - -WORKDIR /src/github.com/kahing/goofys/ - -RUN apk --no-cache upgrade \ - && apk --no-cache add git make \ - && git clone https://github.com/kahing/goofys/ . \ - && git checkout tags/${GOOFYS_VERSION} -b ${GOOFYS_VERSION} \ - && go get . \ - && make install - -FROM alpine:latest as dist - -RUN apk add --no-cache ca-certificates -COPY --from=build /go/bin/goofys /bin/goofys - -ENTRYPOINT ["/bin/goofys"] - -# goofys -f --region $REGION --stat-cache-ttl $STAT_CACHE_TTL --type-cache-ttl $TYPE_CACHE_TTL --dir-mode $DIR_MODE --file-mode $FILE_MODE -o nonempty $BUCKET $MOUNT_DIR - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/grafana/Dockerfile b/docker/grafana/Dockerfile deleted file mode 100644 index 7c7fb09..0000000 --- a/docker/grafana/Dockerfile +++ /dev/null @@ -1,26 +0,0 @@ -FROM grafana/grafana:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG AWS_ACCESS_KEY -ARG AWS_SECRET_KEY -ARG MYSQL_GRAFANA_USER -ARG MYSQL_GRAFANA_PASSWORD -ARG MYSQL_GRAFANA_DB - -COPY ${DOCKER_BUILD_DIR}/config.ini /etc/grafana/config.ini -COPY ${DOCKER_BUILD_DIR}/dashboards /etc/grafana/dashboards -COPY ${DOCKER_BUILD_DIR}/provisioning /etc/grafana/provisioning - -USER root - -RUN sed 's@AWS_ACCESS_KEY@'"${AWS_ACCESS_KEY:-UNDEFINED}"'@g; s@AWS_SECRET_KEY@'"${AWS_SECRET_KEY:-UNDEFINED}"'@g; s@MYSQL_GRAFANA_USER@'"${MYSQL_GRAFANA_USER:-UNDEFINED}"'@g; s@MYSQL_GRAFANA_PASSWORD@'"${MYSQL_GRAFANA_PASSWORD:-UNDEFINED}"'@g; s@MYSQL_GRAFANA_DB@'"${MYSQL_GRAFANA_DB:-UNDEFINED}"'@g' /etc/grafana/provisioning/datasources/datasources.tmpl > /etc/grafana/provisioning/datasources/datasources.yml - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh / -RUN chmod +x /docker-entrypoint.sh - -USER grafana - -ENTRYPOINT ["/docker-entrypoint.sh"] - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/grafana/config.ini b/docker/grafana/config.ini deleted file mode 100644 index 0066b7f..0000000 --- a/docker/grafana/config.ini +++ /dev/null @@ -1,2 +0,0 @@ -[paths] -provisioning = /etc/grafana/provisioning diff --git a/docker/grafana/dashboards/containers.json b/docker/grafana/dashboards/containers.json deleted file mode 100644 index 8285073..0000000 --- a/docker/grafana/dashboards/containers.json +++ /dev/null @@ -1,1383 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "description": "Containers metrics", - "editable": true, - "gnetId": null, - "graphTooltip": 1, - "id": null, - "links": [], - "panels": [ - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 0, - "y": 0 - }, - "hideTimeOverride": true, - "id": 4, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(rate(container_cpu_user_seconds_total{image!=\"\"}[1m])) / count(node_cpu_seconds_total{mode=\"user\"}) * 100", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A", - "step": 10 - } - ], - "thresholds": "65, 90", - "timeFrom": "10s", - "title": "CPU Load", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 4, - "y": 0 - }, - "id": 7, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "machine_cpu_cores", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "", - "metric": "machine_cpu_cores", - "refId": "A", - "step": 20 - } - ], - "thresholds": "", - "title": "CPU Cores", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "Prometheus", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 8, - "y": 0 - }, - "hideTimeOverride": true, - "id": 5, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "(sum(node_memory_MemTotal_bytes) - sum(node_memory_MemFree_bytes+node_memory_Buffers_bytes+node_memory_Cached_bytes) ) / sum(node_memory_MemTotal_bytes) * 100", - "format": "time_series", - "interval": "10s", - "intervalFactor": 2, - "legendFormat": "", - "refId": "A", - "step": 20 - } - ], - "thresholds": "65, 90", - "timeFrom": "10s", - "title": "Memory Load", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 12, - "y": 0 - }, - "hideTimeOverride": true, - "id": 2, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(container_memory_usage_bytes{image!=\"\"})", - "format": "time_series", - "interval": "10s", - "intervalFactor": 2, - "legendFormat": "", - "refId": "A", - "step": 20 - } - ], - "thresholds": "", - "timeFrom": "10s", - "title": "Used Memory", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "Prometheus", - "decimals": null, - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 16, - "y": 0 - }, - "hideTimeOverride": true, - "id": 6, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "(node_filesystem_size_bytes{fstype=\"aufs\"} - node_filesystem_free_bytes{fstype=\"aufs\"}) / node_filesystem_size_bytes{fstype=\"aufs\"} * 100", - "format": "time_series", - "interval": "30s", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A", - "step": 30 - } - ], - "thresholds": "65, 90", - "timeFrom": "10s", - "title": "Storage Load", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 20, - "y": 0 - }, - "hideTimeOverride": true, - "id": 3, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(container_fs_usage_bytes)", - "interval": "30s", - "intervalFactor": 2, - "refId": "A", - "step": 60 - } - ], - "thresholds": "", - "timeFrom": "10s", - "title": "Used Storage", - "transparent": false, - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "aliasColors": {}, - "bars": true, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 0, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 4, - "w": 8, - "x": 0, - "y": 4 - }, - "id": 9, - "isNew": true, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": false, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "scalar(count(container_memory_usage_bytes{image!=\"\"}) > 0)", - "interval": "", - "intervalFactor": 2, - "legendFormat": "containers", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Running Containers", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "none", - "label": "", - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": true, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 4, - "w": 8, - "x": 8, - "y": 4 - }, - "id": 10, - "isNew": true, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": false, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "load 1m", - "color": "#BF1B00" - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_load1", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "load 1m", - "metric": "node_load1", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "System CPU Load", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 4, - "w": 8, - "x": 16, - "y": 4 - }, - "id": 15, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": false, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "read", - "yaxis": 1 - }, - { - "alias": "written", - "yaxis": 1 - }, - { - "alias": "io time", - "yaxis": 2 - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(irate(node_disk_read_bytes_total[5m]))", - "format": "time_series", - "interval": "2s", - "intervalFactor": 4, - "legendFormat": "read", - "metric": "", - "refId": "A", - "step": 8 - }, - { - "expr": "sum(irate(node_disk_written_bytes_total[5m]))", - "format": "time_series", - "interval": "2s", - "intervalFactor": 4, - "legendFormat": "written", - "metric": "", - "refId": "B", - "step": 8 - }, - { - "expr": "sum(irate(node_disk_io_time_seconds_total[5m]))", - "format": "time_series", - "interval": "2s", - "intervalFactor": 4, - "legendFormat": "io time", - "metric": "", - "refId": "C", - "step": 8 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "I/O Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "ms", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 7, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 8, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "sideWidth": null, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 2, - "points": true, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (name) (rate(container_cpu_usage_seconds_total{image!=\"\",container_label_org_label_schema_group=\"\"}[1m])) / scalar(count(node_cpu_seconds_total{mode=\"user\"})) * 100", - "format": "time_series", - "intervalFactor": 10, - "legendFormat": "{{ name }}", - "metric": "container_cpu_user_seconds_total", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Container CPU Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 7, - "w": 24, - "x": 0, - "y": 15 - }, - "id": 11, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (name)(container_memory_usage_bytes{image!=\"\",container_label_org_label_schema_group=\"\"})", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{ name }}", - "metric": "container_memory_usage", - "refId": "A", - "step": 1 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Container Memory Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 7, - "w": 24, - "x": 0, - "y": 22 - }, - "id": 12, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (name) (container_memory_cache{image!=\"\",container_label_org_label_schema_group=\"\"})", - "intervalFactor": 2, - "legendFormat": "{{name}}", - "metric": "container_memory_cache", - "refId": "A", - "step": 2 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Container Cached Memory Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 7, - "w": 24, - "x": 0, - "y": 29 - }, - "id": 13, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (name) (rate(container_network_receive_bytes_total{image!=\"\",container_label_org_label_schema_group=\"\"}[1m]))", - "intervalFactor": 10, - "legendFormat": "{{ name }}", - "metric": "container_network_receive_bytes_total", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Container Network Input", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 7, - "w": 24, - "x": 0, - "y": 36 - }, - "id": 14, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum by (name) (rate(container_network_transmit_bytes_total{image!=\"\",container_label_org_label_schema_group=\"\"}[1m]))", - "intervalFactor": 10, - "legendFormat": "{{ name }}", - "metric": "container_network_transmit_bytes_total", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Container Network Output", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "refresh": "5s", - "schemaVersion": 16, - "style": "dark", - "tags": [ - "docker" - ], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "Docker - Local Containers (Provisoned)", - "uid": "SpmMKdciz", - "version": 11 -} diff --git a/docker/grafana/dashboards/host.json b/docker/grafana/dashboards/host.json deleted file mode 100644 index 4851297..0000000 --- a/docker/grafana/dashboards/host.json +++ /dev/null @@ -1,1607 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": "-- Grafana --", - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "description": "Docker host metrics", - "editable": true, - "gnetId": null, - "graphTooltip": 1, - "id": null, - "links": [], - "panels": [ - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "decimals": 1, - "editable": true, - "error": false, - "format": "s", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 0, - "y": 0 - }, - "hideTimeOverride": true, - "id": 1, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "s", - "postfixFontSize": "80%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_time_seconds - node_boot_time_seconds", - "format": "time_series", - "interval": "30s", - "intervalFactor": 1, - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "timeFrom": "10s", - "title": "Uptime", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "avg" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(50, 172, 45, 0.97)", - "rgba(237, 129, 40, 0.89)", - "rgba(245, 54, 54, 0.9)" - ], - "datasource": "Prometheus", - "editable": true, - "error": false, - "format": "percent", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": true, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 4, - "y": 0 - }, - "hideTimeOverride": true, - "id": 13, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "$$hashKey": "object:283", - "expr": "sum(rate(node_cpu_seconds_total{mode=\"user\"}[1m])) * 100 / scalar(count(node_cpu_seconds_total{mode=\"idle\"}))", - "format": "time_series", - "interval": "10s", - "intervalFactor": 2, - "legendFormat": "", - "refId": "A", - "step": 20 - } - ], - "thresholds": "65,90", - "timeFrom": "10s", - "title": "CPU Load", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "current" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "editable": true, - "error": false, - "format": "none", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 8, - "y": 0 - }, - "hideTimeOverride": true, - "id": 12, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "machine_cpu_cores", - "format": "time_series", - "intervalFactor": 2, - "metric": "machine_cpu_cores", - "refId": "A", - "step": 2 - } - ], - "thresholds": "", - "timeFrom": "10s", - "title": "CPU Cores", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "avg" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 12, - "y": 0 - }, - "hideTimeOverride": true, - "id": 2, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_memory_MemAvailable_bytes", - "format": "time_series", - "interval": "30s", - "intervalFactor": 2, - "legendFormat": "", - "refId": "A", - "step": 60 - } - ], - "thresholds": "", - "timeFrom": "10s", - "title": "Available Memory", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "avg" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 16, - "y": 0 - }, - "hideTimeOverride": true, - "id": 3, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "node_memory_SwapFree_bytes", - "format": "time_series", - "interval": "30s", - "intervalFactor": 2, - "refId": "A", - "step": 60 - } - ], - "thresholds": "", - "timeFrom": "10s", - "title": "Free Swap", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "avg" - }, - { - "cacheTimeout": null, - "colorBackground": false, - "colorValue": false, - "colors": [ - "rgba(245, 54, 54, 0.9)", - "rgba(237, 129, 40, 0.89)", - "rgba(50, 172, 45, 0.97)" - ], - "datasource": "Prometheus", - "editable": true, - "error": false, - "format": "bytes", - "gauge": { - "maxValue": 100, - "minValue": 0, - "show": false, - "thresholdLabels": false, - "thresholdMarkers": true - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 20, - "y": 0 - }, - "hideTimeOverride": true, - "id": 4, - "interval": null, - "isNew": true, - "links": [], - "mappingType": 1, - "mappingTypes": [ - { - "name": "value to text", - "value": 1 - }, - { - "name": "range to text", - "value": 2 - } - ], - "maxDataPoints": 100, - "nullPointMode": "connected", - "nullText": null, - "postfix": "", - "postfixFontSize": "50%", - "prefix": "", - "prefixFontSize": "50%", - "rangeMaps": [ - { - "from": "null", - "text": "N/A", - "to": "null" - } - ], - "sparkline": { - "fillColor": "rgba(31, 118, 189, 0.18)", - "full": false, - "lineColor": "rgb(31, 120, 193)", - "show": false - }, - "tableColumn": "", - "targets": [ - { - "expr": "sum(node_filesystem_free_bytes{fstype=\"aufs\"})", - "format": "time_series", - "interval": "30s", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A", - "step": 30 - } - ], - "thresholds": "", - "timeFrom": "10s", - "title": "Free Storage", - "type": "singlestat", - "valueFontSize": "80%", - "valueMaps": [ - { - "op": "=", - "text": "N/A", - "value": "null" - } - ], - "valueName": "avg" - }, - { - "alert": { - "conditions": [ - { - "evaluator": { - "params": [ - 8 - ], - "type": "gt" - }, - "operator": { - "type": "and" - }, - "query": { - "params": [ - "A", - "5m", - "now" - ] - }, - "reducer": { - "params": [], - "type": "avg" - }, - "type": "query" - } - ], - "executionErrorState": "alerting", - "frequency": "60s", - "handler": 1, - "name": "Load Average 1m alert", - "noDataState": "no_data", - "notifications": [] - }, - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 6, - "w": 24, - "x": 0, - "y": 3 - }, - "id": 9, - "isNew": true, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 2, - "points": true, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "load 1m", - "color": "#1F78C1" - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "node_load1", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "load 1m", - "refId": "A", - "step": 10 - } - ], - "thresholds": [ - { - "colorMode": "critical", - "fill": true, - "line": true, - "op": "gt", - "value": 8 - } - ], - "timeFrom": null, - "timeShift": null, - "title": "Load Average 1m", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 4, - "grid": {}, - "gridPos": { - "h": 6, - "w": 24, - "x": 0, - "y": 9 - }, - "id": 5, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 2, - "points": true, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "sum(rate(node_cpu_seconds_total[1m])) by (mode) * 100 / scalar(count(node_cpu_seconds_total{mode=\"user\"}))", - "format": "time_series", - "intervalFactor": 10, - "legendFormat": "{{ mode }}", - "metric": "node_cpu_seconds_total", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "CPU Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "percent", - "label": null, - "logBase": 1, - "max": 100, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": true, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 5, - "w": 12, - "x": 0, - "y": 15 - }, - "id": 11, - "isNew": true, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": false, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "interrupts", - "color": "#806EB7" - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": " irate(node_intr_total[5m])", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "interrupts", - "metric": "node_intr", - "refId": "A", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Interrupts", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": true, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 5, - "w": 12, - "x": 12, - "y": 15 - }, - "id": 10, - "isNew": true, - "legend": { - "avg": false, - "current": false, - "max": false, - "min": false, - "show": false, - "total": false, - "values": false - }, - "lines": false, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "blocked by I/O", - "color": "#58140C" - } - ], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_procs_running", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "running", - "metric": "node_procs_running", - "refId": "A", - "step": 10 - }, - { - "expr": "node_procs_blocked", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "blocked by I/O", - "metric": "node_procs_blocked", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Processes", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 4, - "grid": {}, - "gridPos": { - "h": 6, - "w": 24, - "x": 0, - "y": 20 - }, - "id": 6, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "null", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "Used", - "color": "#BF1B00" - }, - { - "alias": "Free", - "color": "#7EB26D" - }, - { - "alias": "Buffers", - "color": "#6ED0E0" - }, - { - "alias": "Cached", - "color": "#EF843C" - } - ], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_MemTotal_bytes - (node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes)", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Used", - "refId": "A", - "step": 1 - }, - { - "expr": "node_memory_MemFree_bytes", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Free", - "refId": "B", - "step": 1 - }, - { - "expr": "node_memory_Buffers_bytes", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Buffers", - "refId": "C", - "step": 1 - }, - { - "expr": "node_memory_Cached_bytes", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Cached", - "refId": "D", - "step": 1 - }, - { - "expr": "", - "format": "time_series", - "intervalFactor": 1, - "refId": "E" - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Memory Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": "0", - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 4, - "grid": {}, - "gridPos": { - "h": 6, - "w": 12, - "x": 0, - "y": 26 - }, - "id": 14, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": false, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "Used", - "color": "#890F02" - }, - { - "alias": "Free", - "color": "#7EB26D" - } - ], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "node_memory_SwapTotal_bytes - node_memory_SwapFree_bytes", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "Used", - "refId": "A", - "step": 10 - }, - { - "expr": "node_memory_SwapFree_bytes", - "format": "time_series", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "Free", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Swap Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "bytes", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 6, - "w": 12, - "x": 12, - "y": 26 - }, - "id": 15, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "rate(node_vmstat_pswpin[1m]) * 4096 or irate(node_vmstat_pswpin[5m]) * 4096", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "In", - "refId": "A", - "step": 10 - }, - { - "expr": "rate(node_vmstat_pswpout[1m]) * 4096 or irate(node_vmstat_pswpout[5m]) * 4096", - "interval": "10s", - "intervalFactor": 1, - "legendFormat": "Out", - "refId": "B", - "step": 10 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Swap I/O", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 1, - "grid": {}, - "gridPos": { - "h": 6, - "w": 24, - "x": 0, - "y": 32 - }, - "id": 7, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [ - { - "alias": "read", - "yaxis": 1 - }, - { - "alias": "written", - "yaxis": 1 - }, - { - "alias": "io time", - "yaxis": 2 - } - ], - "spaceLength": 10, - "stack": false, - "steppedLine": false, - "targets": [ - { - "expr": "sum(irate(node_disk_read_bytes_total[1m]))", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "read", - "metric": "node_disk_bytes_read", - "refId": "A", - "step": 1 - }, - { - "expr": "sum(irate(node_disk_written_bytes_total[1m]))", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "written", - "metric": "node_disk_bytes_written", - "refId": "B", - "step": 1 - }, - { - "expr": "sum(irate(node_disk_io_time_seconds_total[1m]))", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "io time", - "metric": "node_disk_io_time_ms", - "refId": "C", - "step": 1 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "I/O Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 0, - "value_type": "cumulative" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "ms", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": true - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - }, - { - "aliasColors": {}, - "bars": false, - "dashLength": 10, - "dashes": false, - "datasource": "Prometheus", - "decimals": 2, - "editable": true, - "error": false, - "fill": 4, - "grid": {}, - "gridPos": { - "h": 5, - "w": 24, - "x": 0, - "y": 38 - }, - "id": 8, - "isNew": true, - "legend": { - "alignAsTable": true, - "avg": true, - "current": false, - "max": true, - "min": true, - "rightSide": true, - "show": true, - "total": false, - "values": true - }, - "lines": true, - "linewidth": 2, - "links": [], - "nullPointMode": "connected", - "percentage": false, - "pointradius": 5, - "points": false, - "renderer": "flot", - "seriesOverrides": [], - "spaceLength": 10, - "stack": true, - "steppedLine": false, - "targets": [ - { - "expr": "irate(node_network_receive_bytes_total{device!=\"lo\"}[1m])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "In: {{ device }}", - "metric": "node_network_receive_bytes", - "refId": "A", - "step": 1 - }, - { - "expr": "irate(node_network_transmit_bytes_total{device!=\"lo\"}[1m])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "Out: {{ device }}", - "metric": "node_network_transmit_bytes", - "refId": "B", - "step": 1 - } - ], - "thresholds": [], - "timeFrom": null, - "timeShift": null, - "title": "Network Usage", - "tooltip": { - "msResolution": true, - "shared": true, - "sort": 2, - "value_type": "individual" - }, - "type": "graph", - "xaxis": { - "buckets": null, - "mode": "time", - "name": null, - "show": true, - "values": [] - }, - "yaxes": [ - { - "format": "Bps", - "label": null, - "logBase": 1, - "max": null, - "min": 0, - "show": true - }, - { - "format": "short", - "label": null, - "logBase": 1, - "max": null, - "min": null, - "show": false - } - ], - "yaxis": { - "align": false, - "alignLevel": null - } - } - ], - "refresh": "5s", - "schemaVersion": 16, - "style": "dark", - "tags": [ - "system" - ], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": [ - "5m", - "15m", - "1h", - "6h", - "12h", - "24h", - "2d", - "7d", - "30d" - ] - }, - "timezone": "browser", - "title": "Docker - Local Host (Provisioned)", - "uid": "BVaKHOcmz", - "version": 12 -} diff --git a/docker/grafana/docker-entrypoint.sh b/docker/grafana/docker-entrypoint.sh deleted file mode 100644 index 75596a4..0000000 --- a/docker/grafana/docker-entrypoint.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -mkdir -p /var/lib/grafana/dashboards -cp -a /etc/grafana/dashboards/* /var/lib/grafana/dashboards/ -/run.sh diff --git a/docker/grafana/provisioning/dashboards/dashboards.yml b/docker/grafana/provisioning/dashboards/dashboards.yml deleted file mode 100644 index fd042f5..0000000 --- a/docker/grafana/provisioning/dashboards/dashboards.yml +++ /dev/null @@ -1,6 +0,0 @@ -- name: 'default' - org_id: 1 - folder: '' - type: 'file' - options: - path: '/var/lib/grafana/dashboards' ## Contains dashboards host.json and containers.json diff --git a/docker/grafana/provisioning/datasources/datasources.tmpl b/docker/grafana/provisioning/datasources/datasources.tmpl deleted file mode 100644 index 741c8b7..0000000 --- a/docker/grafana/provisioning/datasources/datasources.tmpl +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: 1 - -datasources: - - - name: 'Prometheus' - type: 'prometheus' - access: 'proxy' - org_id: 1 - url: 'http://prometheus:9090' - is_default: true - version: 1 - editable: true - - - name: "AWS_Cloudwatch" - type: cloudwatch - jsonData: - authType: keys - defaultRegion: eu-west-1 - secureJsonData: - accessKey: "AWS_ACCESS_KEY" - secretKey: "AWS_SECRET_KEY" - - - name: MySQL - type: mysql - url: mysql:3306 - database: MYSQL_GRAFANA_DB - user: MYSQL_GRAFANA_USER - password: MYSQL_GRAFANA_PASSWORD - - diff --git a/docker/http/alpine/Dockerfile b/docker/http/alpine/Dockerfile deleted file mode 100644 index 1133158..0000000 --- a/docker/http/alpine/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -FROM httpd:alpine as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG HTTPD_LOAD_MODULE="env expires headers lbmethod_bybusyness lbmethod_byrequests proxy proxy_balancer proxy_fcgi proxy_http setenvif slotmem_shm reqtimeout rewrite" -ARG HTTPD_CONF_EXTRA="default info mpm vhosts" - -RUN sed -E -i \ - -e 's!^#?\s*(LoadModule ('${HTTPD_LOAD_MODULE// /|}')_module modules/mod_('${HTTPD_LOAD_MODULE// /|}').so)\s*!\1!g' \ - -e 's!^#?\s*(Include conf/extra/httpd-('${HTTPD_CONF_EXTRA// /|}').conf)\s*!\1!g' \ - "$HTTPD_PREFIX/conf/httpd.conf"; - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh / -COPY ${DOCKER_BUILD_DIR}/httpd-vhosts.ctmpl /usr/local/apache2/conf/extra/ -COPY --from=hashicorp/consul-template:alpine /bin/consul-template /usr/local/bin/ - -WORKDIR /var/www - -ENTRYPOINT ["/docker-entrypoint.sh"] -CMD /usr/local/bin/consul-template -log-level info -consul-addr consul:8500 -template "/usr/local/apache2/conf/extra/httpd-vhosts.ctmpl:/usr/local/apache2/conf/extra/httpd-vhosts.conf" -exec "/usr/local/bin/httpd-foreground" - -EXPOSE 80/tcp - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/http/alpine/docker-entrypoint.sh b/docker/http/alpine/docker-entrypoint.sh deleted file mode 100755 index 2343feb..0000000 --- a/docker/http/alpine/docker-entrypoint.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -set -euo pipefail -set -o errexit - -trap 'kill -SIGQUIT $PID' INT - -# Launch httpd -[ $# -eq 0 ] && httpd-foreground || exec "$@" & -PID=$! && wait diff --git a/docker/http/alpine/httpd-vhosts.ctmpl b/docker/http/alpine/httpd-vhosts.ctmpl deleted file mode 100644 index 8992c30..0000000 --- a/docker/http/alpine/httpd-vhosts.ctmpl +++ /dev/null @@ -1,21 +0,0 @@ -{{ $serverName := printf "%s.%s.%s" (env "APP") (env "ENV") (env "USER") }} -{{ $serviceName := printf "%s-%s-%s-php-9000" (env "USER") (env "ENV") (env "APP") }} - - ServerAdmin support+apache@asycn.io - DocumentRoot "/var/www/web" - ServerName {{ $serverName }} - ServerAlias * - - SetHandler "proxy:balancer://php/" - - -{{ range service $serviceName }} BalancerMember "fcgi://{{ .Address }}:{{ .Port }}/" disablereuse=On timeout=900 -{{ end }} ProxySet lbmethod=bybusyness - - - AllowOverride All - CGIPassAuth On - Options +FollowSymLinks - Require all granted - - diff --git a/docker/ipfs/Dockerfile b/docker/ipfs/Dockerfile deleted file mode 100644 index bf07220..0000000 --- a/docker/ipfs/Dockerfile +++ /dev/null @@ -1,45 +0,0 @@ -ARG IPFS_VERSION=0.14.0 -FROM ipfs/kubo:v${IPFS_VERSION} as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -COPY ${DOCKER_BUILD_DIR}/*.sh /container-init.d/ -RUN chmod +rx /container-init.d/*.sh - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID -ENV UID=${UID} -ENV USER=ipfs - -# If we provide a numeric UID -RUN if [ "${UID}" -eq "${UID}" ] 2>/dev/null; then \ - # Force $UID of $USER if it exists - if [ "$(awk -F: '$1 == "'"${USER}"'" {print $3}' /etc/passwd)" != "${UID}" ]; then \ - sed -i 's/^\('"${USER}"':x\):[0-9]\+:/\1:'"${UID}"':/' /etc/passwd; \ - fi; \ - # Create $USER if $UID does not exist - if [ "$(awk -F: '$3 == "'"${UID}"'" {print $1}' /etc/passwd)" = "" ]; then \ - echo "${USER}:x:${UID}:${GID:-${UID}}::/home/${USER}:${SHELL:-/bin/sh}" >> /etc/passwd; \ - echo "${USER}:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - mkdir -p /home/"${USER}"; \ - fi; \ - chown "${UID}" $(awk -F: '$1 == "'"${USER}"'" {print $(NF-1)}' /etc/passwd); \ -fi - -# If we provide a numeric GID -RUN if [ "${GID}" -eq "${GID}" ] 2>/dev/null; then \ - # Force $GID of $GROUP if it already exists - if [ "$(awk -F: '$1 == "'"${GROUP}"'" {print $3}' /etc/group)" != "${GID}" ]; then \ - sed -i 's/^\('"${GROUP}"':x\):[0-9]\+:/\1:'"${GID}"':/' /etc/group; \ - fi; \ - # Create $GROUP if $GID does not exist - if [ "$(awk -F: '$3 == "'"${GID}"'" {print $1}' /etc/group)" = "" ]; then \ - echo "${GROUP}:x:${GID}:" >> /etc/group; \ - fi; \ - # Force $GID of $USER if it exists - if [ "$(awk -F: '$1 == "'"${USER}"'" {print $4}' /etc/passwd)" != "${GID}" ]; then \ - sed -i 's/^\('"${USER}"':x:[0-9]\+\):[0-9]\+:/\1:'"${GID}"':/' /etc/passwd; \ - fi; \ - chgrp "${GID}" $(awk -F: '$1 == "'"${USER}"'" {print $(NF-1)}' /etc/passwd); \ -fi diff --git a/docker/ipfs/ipfs-config.sh b/docker/ipfs/ipfs-config.sh deleted file mode 100755 index cabb0bb..0000000 --- a/docker/ipfs/ipfs-config.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/sh -[ -n "${DEBUG:-}" -a "${DEBUG:-}" != "false" ] && set -x -set -e - -## fix resource manager fatal error on arm64/linux with 2Gb RAM -# ipfs config --json Swarm.ResourceMgr.Enabled false -# ERROR p2pnode libp2p/rcmgr_defaults.go:107 ===> OOF! go-libp2p changed DefaultServiceLimits -# => changes ('test' represents the old value): -# {"op":"test","path":"/SystemLimits/Memory","value":1073741824} -# {"op":"replace","path":"/SystemLimits/Memory","value":256560128} -# => go-libp2p SetDefaultServiceLimits update needs a review: -# Please inspect if changes impact go-ipfs users, and update expectedDefaultServiceLimits in rcmgr_defaults.go to remove this message -# FATAL p2pnode libp2p/rcmgr_defaults.go:115 daemon will refuse to run with the resource manager until this is resolved - -## ipfs client needs API address -# search for ip address of $(hostname).${IPFS_ADDRESSES_API_DOMAIN} -[ -n "${IPFS_ADDRESSES_API_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_API_INET4}" ] \ - && IPFS_ADDRESSES_API_INET4=$(nslookup -type=A "$(hostname).${IPFS_ADDRESSES_API_DOMAIN}" |awk 'found && /^Address:/ {print $2; found=0}; /^Name:\t'"$(hostname).${IPFS_ADDRESSES_API_DOMAIN}"'/ {found=1};') -# check ${IPFS_ADDRESSES_API_INET4} format -echo "${IPFS_ADDRESSES_API_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >= 0 && $i <= 255); else exit 1;}; NF != 4 {exit 1;}' || unset IPFS_ADDRESSES_API_INET4 -# check ${IPFS_ADDRESSES_API_PORT} format -[ "${IPFS_ADDRESSES_API_PORT}" -eq "${IPFS_ADDRESSES_API_PORT}" ] 2>/dev/null && [ "${IPFS_ADDRESSES_API_PORT}" -ge 1 ] && [ "${IPFS_ADDRESSES_API_PORT}" -le 65535 ] \ - || unset IPFS_ADDRESSES_API_PORT -ipfs config Addresses.API "${IPFS_ADDRESSES_API:-/ip4/${IPFS_ADDRESSES_API_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_API_PORT:-5001}}" - -## gateway address -# search for ip address of $(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN} -[ -n "${IPFS_ADDRESSES_GATEWAY_DOMAIN}" ] && [ -z "${IPFS_ADDRESSES_GATEWAY_INET4}" ] \ - && IPFS_ADDRESSES_GATEWAY_INET4=$(nslookup -type=A "$(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}" |awk 'found && /^Address:/ {print $2; found=0}; /^Name:\t'"$(hostname).${IPFS_ADDRESSES_GATEWAY_DOMAIN}"'/ {found=1};') -# check ${IPFS_ADDRESSES_GATEWAY_INET4} format -echo "${IPFS_ADDRESSES_GATEWAY_INET4}" |awk -F. '{ for ( i=1; i<=4; i++ ) if ($i >= 0 && $i <= 255); else exit 1;}; NF != 4 {exit 1;}' || unset IPFS_ADDRESSES_GATEWAY_INET4 -# check ${IPFS_ADDRESSES_GATEWAY_PORT} format -[ "${IPFS_ADDRESSES_GATEWAY_PORT}" -eq "${IPFS_ADDRESSES_GATEWAY_PORT}" ] 2>/dev/null && [ "${IPFS_ADDRESSES_GATEWAY_PORT}" -ge 1 ] && [ "${IPFS_ADDRESSES_GATEWAY_PORT}" -le 65535 ] \ - || unset IPFS_ADDRESSES_GATEWAY_PORT -ipfs config Addresses.Gateway "${IPFS_ADDRESSES_GATEWAY:-/ip4/${IPFS_ADDRESSES_GATEWAY_INET4:-127.0.0.1}/tcp/${IPFS_ADDRESSES_GATEWAY_PORT:-8080}}" - -[ -n "${IPFS_ADDRESSES_NOANNOUNCE}" ] && ipfs config --json Addresses.NoAnnounce "${IPFS_ADDRESSES_NOANNOUNCE}" - -## api http headers -ipfs config --json API.HTTPHeaders "${IPFS_API_HTTPHEADERS:-{ -\"Access-Control-Allow-Credentials\": ${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-null}, -\"Access-Control-Allow-Headers\": ${IPFS_API_HTTPHEADERS_ACA_HEADERS:-null}, -\"Access-Control-Allow-Methods\": ${IPFS_API_HTTPSHEADERS_ACA_METHODS:-null}, -\"Access-Control-Allow-Origin\": ${IPFS_API_HTTPHEADERS_ACA_ORIGIN:-null} -}}" - -## bootstrap -[ -n "${IPFS_BOOTSTRAP}" ] && ipfs config --json Bootstrap "${IPFS_BOOTSTRAP}" - -## storage -# limit disk usage to 50 percent of disk size -diskSize=$(df -P ${IPFS_PATH:-~/.ipfs} | awk 'NR>1{size+=$2}END{print size}') -ipfs config Datastore.StorageMax "$((diskSize * ${IPFS_DISK_USAGE_PERCENT:-50/100}))" -# garbage collector -[ -n "${IPFS_DATASTORE_GCPERIOD}" ] && ipfs config Datastore.GCPeriod "${IPFS_DATASTORE_GCPERIOD}" - -## experimental features -[ -n "${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}" ] && ipfs config --json Experimental.AcceleratedDHTClient "${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT}" -[ -n "${IPFS_EXPERIMENTAL_FILESTOREENABLED}" ] && ipfs config --json Experimental.FilestoreEnabled "${IPFS_EXPERIMENTAL_FILESTOREENABLED}" -[ -n "${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}" ] && ipfs config --json Experimental.GraphsyncEnabled "${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED}" -[ -n "${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}" ] && ipfs config --json Experimental.Libp2pStreamMounting "${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING}" -[ -n "${IPFS_EXPERIMENTAL_P2PHTTPPROXY}" ] && ipfs config --json Experimental.P2pHttpProxy "${IPFS_EXPERIMENTAL_P2PHTTPPROXY}" -[ -n "${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}" ] && ipfs config --json Experimental.StrategicProviding "${IPFS_EXPERIMENTAL_STRATEGICPROVIDING}" -[ -n "${IPFS_EXPERIMENTAL_URLSTOREENABLED}" ] && ipfs config --json Experimental.UrlstoreEnabled "${IPFS_EXPERIMENTAL_URLSTOREENABLED}" - -## api http headers -ipfs config --json Gateway.HTTPHeaders "${IPFS_GATEWAY_HTTPHEADERS:-{ -\"Access-Control-Allow-Credentials\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_CREDENTIALS:-null}, -\"Access-Control-Allow-Headers\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_HEADERS:-[ \"X-Requested-With\", \"Range\", \"User-Agent\" ]}, -\"Access-Control-Allow-Methods\": ${IPFS_GATEWAY_HTTPSHEADERS_ACA_METHODS:-[ \"GET\" ]}, -\"Access-Control-Allow-Origin\": ${IPFS_GATEWAY_HTTPHEADERS_ACA_ORIGIN:-[ \"*\" ]} -}}" - -## ipns -[ -n "${IPFS_IPNS_REPUBLISHPERIOD}" ] && ipfs config Ipns.RepublishPeriod "${IPFS_IPNS_REPUBLISHPERIOD}" -[ -n "${IPFS_IPNS_RECORDLIFETIME}" ] && ipfs config Ipns.RecordLifetime "${IPFS_IPNS_RECORDLIFETIME}" -[ -n "${IPFS_IPNS_USEPUBSUB}" ] && ipfs config --json Ipns.UsePubsub "${IPFS_IPNS_USEPUBSUB}" - -## dht pubsub mode -[ -n "${IPFS_PUBSUB_ENABLE}" ] && ipfs config --json Pubsub.Enabled "${IPFS_PUBSUB_ENABLE}" -[ -n "${IPFS_PUBSUB_ROUTER}" ] && ipfs config Pubsub.Router "${IPFS_PUBSUB_ROUTER}" - -## routing -[ -n "${IPFS_ROUTING_TYPE}" ] && ipfs config Routing.Type "${IPFS_ROUTING_TYPE}" - -## reproviding local content to routing system -[ -n "${IPFS_REPROVIDER_INTERVAL}" ] && ipfs config Reprovider.Interval "${IPFS_REPROVIDER_INTERVAL}" -[ -n "${IPFS_REPROVIDER_STRATEGY}" ] && ipfs config Reprovider.Strategy "${IPFS_REPROVIDER_STRATEGY}" - -## swarm config -[ -n "${IPFS_SWARM_CONNMGR_HIGHWATER}" ] && ipfs config --json Swarm.ConnMgr.HighWater "${IPFS_SWARM_CONNMGR_HIGHWATER}" -[ -n "${IPFS_SWARM_CONNMGR_LOWWATER}" ] && ipfs config --json Swarm.ConnMgr.LowWater "${IPFS_SWARM_CONNMGR_LOWWATER}" -[ -n "${IPFS_SWARM_CONNMGR_TYPE}" ] && ipfs config --json Swarm.ConnMgr.Type "${IPFS_SWARM_CONNMGR_TYPE}" -[ -n "${IPFS_SWARM_DISABLENATPORTMAP}" ] && ipfs config --bool Swarm.DisableNatPortMap "${SWARM_DISABLENATPORTMAP}" -[ -n "${IPFS_SWARM_ENABLEHOLEPUNCHING}" ] && ipfs config --bool Swarm.EnableHolePunching "${SWARM_ENABLEHOLEPUNCHING}" -[ -n "${IPFS_SWARM_RELAYCLIENT_ENABLED}" ] && ipfs config --bool Swarm.RelayClient.Enabled "${SWARM_RELAYCLIENT_ENABLED}" -[ -n "${IPFS_SWARM_RELAYSERVICE_ENABLED}" ] && ipfs config --bool Swarm.RelayService.Enabled "${SWARM_RELAYSERVICE_ENABLED}" -[ -n "${IPFS_SWARM_TRANSPORTS_NETWORK_RELAY}" ] && ipfs config --bool Swarm.Transports.Network.Relay "${SWARM_TRANSPORTS_NETWORK_RELAY}" - -## REMOVE IPFS BOOTSTRAP for private usage -[ ${IPFS_NETWORK:-public} = "public" ] || ipfs bootstrap rm --all -[ ${IPFS_NETWORK:-public} = "private" ] && export LIBP2P_FORCE_PNET=1 ||: diff --git a/docker/myos/.screenrc b/docker/myos/.screenrc deleted file mode 100644 index 344dec4..0000000 --- a/docker/myos/.screenrc +++ /dev/null @@ -1,3 +0,0 @@ -hardstatus alwayslastline "%{= kw}[%{G}%H%{-}] \# %?%-Lw%?[%{G}%n%f %t%{-}]%?%+Lw%?%?%=%-17< [%{B}%l%{-}]" -defscrollback 1048576 -shell -$SHELL diff --git a/docker/myos/.tmux.conf b/docker/myos/.tmux.conf deleted file mode 100644 index 5957741..0000000 --- a/docker/myos/.tmux.conf +++ /dev/null @@ -1,32 +0,0 @@ -# this is aya's tmux configuration ! -bind r source-file ~/.tmux.conf\; display-message "tmux.conf reloaded!" -bind R move-window -r -bind C-n switch-client -n\; refresh-client -S -bind C-p switch-client -p\; refresh-client -S -bind Escape copy-mode -bind Y run "tmux save-buffer - |xsel -i" -bind P run "xsel -o |tmux load-buffer -; tmux paste-buffer" -bind C-c run "tmux save-buffer - | xclip -i -sel clipboard >/dev/null" -bind C-v run "tmux set-buffer \"$(xclip -o -sel clipboard)\"; tmux paste-buffer" -bind -n S-down new-window -bind -n S-left prev -bind -n S-right next -bind -n C-left swap-window -t -1 -bind -n C-right swap-window -t +1 -set -g aggressive-resize on -set -g status-keys vi -setw -g mode-keys vi -setw -g window-status-current-bg blue -setw -g window-status-current-fg white -setw -g monitor-activity on -set -g visual-activity on -setw -g automatic-rename on -set -g default-terminal "screen" -set -g history-limit 4242 -set -g status-bg black -set -g status-fg white -set -g status-interval 60 -set -g status-left-length 30 -set -g status-left '<#[fg=green]#S#[default]> ' -set -g status-right '#[fg=yellow] %d/%m %H:%M#[default]' -set -g update-environment "SSH_ASKPASS SSH_AUTH_SOCK SSH_AGENT_PID SSH_CONNECTION" diff --git a/docker/myos/Dockerfile b/docker/myos/Dockerfile deleted file mode 100644 index dee3745..0000000 --- a/docker/myos/Dockerfile +++ /dev/null @@ -1,173 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG GIT_AUTHOR_NAME -ARG GIT_AUTHOR_EMAIL -ARG SYSTEM=Linux -ARG MACHINE=x86_64 - -ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} -ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} -ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME} -ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL} - -RUN apk upgrade --no-cache \ - && apk add --no-cache \ - bash \ - curl \ - gettext \ - git \ - gpg \ - gpg-agent \ - make \ - nano \ - netcat-openbsd \ - openssh \ - screen \ - socat \ - tmux \ - wget \ - xz - -RUN git clone https://github.com/ingydotnet/git-subrepo \ - && cd git-subrepo \ - && git fetch origin +refs/heads/release/0.4.0: \ - && git checkout release/0.4.0 \ - && git fetch origin pull/314/head \ - && git rebase 9cbe7ba2f61552ce97fb312c8133813f970ab4a5 \ - && sed -i 's/install -C/install/' Makefile \ - && make install \ - && cd .. \ - && rm -rf git-subrepo - -ARG IPFS_VERSION=0.14.0 - -RUN { OS="$(echo ${SYSTEM} |awk '{print tolower($0)}')"; \ - ARCH="$(echo ${MACHINE})"; \ - wget -qO - https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.${OS}.${ARCH}.tar.xz \ - |tar --strip-components 1 -C /usr/local/bin -xJf - shellcheck-stable/shellcheck; } \ - && { ARCH="$(echo ${MACHINE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}')"; \ - wget -qO - https://github.com/ipfs/kubo/releases/download/v${IPFS_VERSION}/kubo_v${IPFS_VERSION}_${OS}-${ARCH}.tar.gz \ - |tar --strip-components 1 -C /usr/local/bin -xzf - kubo/ipfs; } \ - && mkdir -p /usr/local/lib/shellspec \ - && wget -qO - https://github.com/shellspec/shellspec/archive/refs/heads/master.tar.gz \ - |tar --strip-components 1 -C /usr/local/lib/shellspec -xzf - \ - && ln -s /usr/local/lib/shellspec/shellspec /usr/local/bin/shellspec - -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/local/bin/cronlock -RUN chmod +rx /usr/local/bin/cronlock - -# Setup environment variables; export SSH_AUTH_SOCK from socket directory -ENV SOCKET_DIR /tmp/ssh-agent -ENV SSH_AUTH_SOCK ${SOCKET_DIR}/socket -ENV SSH_AUTH_PROXY_SOCK ${SOCKET_DIR}/proxy-socket - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh -ENTRYPOINT ["/docker-entrypoint.sh"] - -CMD ["start"] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG DOCKER_GID -ARG SHELL=/bin/bash -ARG SSH_BASTION_HOSTNAME -ARG SSH_BASTION_USERNAME -ARG SSH_PRIVATE_IP_RANGE -ARG SSH_PUBLIC_HOSTS -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -RUN apk add --no-cache \ -# docker \ -# docker-compose \ -# mysql-client \ -# postgresql-client \ - sudo -# vim \ -# zsh - -# If we provide a numeric UID -RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \ - echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -# If we provide a numeric DOCKER_GID -RUN [ "$DOCKER_GID" -eq "$DOCKER_GID" ] 2>/dev/null \ - && if [ "$(getent group docker |awk -F: '{print $3}')" != "$DOCKER_GID" ]; then \ - sed -i 's/^docker:x:[0-9]\+:/docker:x:'$DOCKER_GID':/' /etc/group; \ - fi \ -|| true - -## User groups -RUN adduser $USER wheel \ -# && adduser $USER docker \ - && echo '%wheel ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers - -RUN echo -e "\n\ -Host *\n\ - LogLevel quiet\n\ - Compression yes\n\ -" >> /etc/ssh/ssh_config \ - && if [ -n "${SSH_PRIVATE_IP_RANGE}" ] && [ -n "${SSH_BASTION_HOSTNAME}" ]; then \ - echo -e "\ -Host ${SSH_PRIVATE_IP_RANGE}\n\ - ProxyCommand ssh -q ssh-bastion nc -q0 %h 22\n\ - HostName %h\n\ - StrictHostKeyChecking no\n\ - UserKnownHostsFile /dev/null\n\ -Host ssh-bastion\n\ - HostName ${SSH_BASTION_HOSTNAME}\ -" >> /etc/ssh/ssh_config; \ - if [ -n "${SSH_BASTION_USERNAME}" ]; then \ - echo -e "\ - User ${SSH_BASTION_USERNAME}\n\ -" >> /etc/ssh/ssh_config; \ - fi \ - fi - -# Custom rc functions -COPY ansible/roles/hosts/files/etc/profile.d/rc*.sh /etc/profile.d/ - -RUN mkdir -p $SOCKET_DIR && chown $USER $SOCKET_DIR - -VOLUME ${SOCKET_DIR} - -USER $USER -ENV SHELL=${SHELL} -WORKDIR /home/$USER - -# git config -RUN mkdir -p ~/.ssh ~/.config/git \ - && ssh-keyscan -t rsa -H ${SSH_PUBLIC_HOSTS} >> ~/.ssh/known_hosts \ - && echo -e "\ -.DS_Store\n\ -.idea/\n\ -.nfs*\n\ -.theia/settings.json\n\ -*~\n\ -*.log\n\ -*.swp\n\ -Thumbs.db\n\ -" > ~/.config/git/ignore - -# dot files -COPY ${DOCKER_BUILD_DIR}/.* /home/$USER/ diff --git a/docker/myos/docker-entrypoint.sh b/docker/myos/docker-entrypoint.sh deleted file mode 100755 index adc05ba..0000000 --- a/docker/myos/docker-entrypoint.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env sh -set -euo errexit - -# Print a debug message if debug mode is on ($DEBUG is not empty) -# @param message -debug_msg () -{ - if [ -n "${DEBUG:-}" -a "${DEBUG:-}" != "false" ]; then - echo "$@" - fi -} - -case "${1:-start}" in - - start) - debug_msg "Starting..." - - # Create proxy-socket for ssh-agent (to give everyone access to the ssh-agent socket) - debug_msg "Create proxy socket..." - rm -f ${SSH_AUTH_SOCK} ${SSH_AUTH_PROXY_SOCK} > /dev/null 2>&1 - socat UNIX-LISTEN:${SSH_AUTH_PROXY_SOCK},perm=0666,fork UNIX-CONNECT:${SSH_AUTH_SOCK} & - - debug_msg "Launch ssh-agent..." - exec /usr/bin/ssh-agent -a ${SSH_AUTH_SOCK} -D >/dev/null - ;; - - *) - debug_msg "Exec: $@" - exec "$@" - ;; -esac diff --git a/docker/mysql/5.6/Dockerfile b/docker/mysql/5.6/Dockerfile deleted file mode 100644 index 6997ff6..0000000 --- a/docker/mysql/5.6/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM mysql:5.6.44 as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -# config -COPY ${DOCKER_BUILD_DIR}/conf.d/all.cnf /etc/mysql/conf.d/ - -# install goss -ADD https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 /usr/bin/goss -RUN chmod +rx /usr/bin/goss -COPY ${DOCKER_BUILD_DIR}/goss.yml /tests/goss.yml - -HEALTHCHECK CMD goss -g /tests/goss.yml validate --format tap - -FROM dist as master -ARG DOCKER_BUILD_DIR - -# config -COPY ${DOCKER_BUILD_DIR}/conf.d/master.cnf /etc/mysql/conf.d/ diff --git a/docker/mysql/5.6/conf.d/all.cnf b/docker/mysql/5.6/conf.d/all.cnf deleted file mode 100644 index 82445c7..0000000 --- a/docker/mysql/5.6/conf.d/all.cnf +++ /dev/null @@ -1,22 +0,0 @@ -[mysqld] -binlog_cache_size = 32768 -character_set_server = utf8mb4 -collation_server = utf8mb4_unicode_ci -innodb_file_per_table = 1 -innodb_flush_method = O_DIRECT -innodb_log_buffer_size = 8388608 -innodb_log_file_size = 134217728 -key_buffer_size = 16777216 -# local_infile = 1 -log_bin_trust_function_creators = 1 -log_output = FILE -max_allowed_packet = 1G -max_binlog_size = 128M -query_cache_limit = 16M -query_cache_size = 128M -query_cache_type = 1 -read_buffer_size = 262144 -read_rnd_buffer_size = 524288 -slow_query_log = 1 -table_open_cache_instances = 16 -wait_timeout = 31536000 diff --git a/docker/mysql/5.6/conf.d/master.cnf b/docker/mysql/5.6/conf.d/master.cnf deleted file mode 100644 index 1707395..0000000 --- a/docker/mysql/5.6/conf.d/master.cnf +++ /dev/null @@ -1,8 +0,0 @@ -[mysqld] -innodb_buffer_pool_size = 1G -max_connections = 128 -sort_buffer_size = 1M - -innodb_strict_mode = 1 -local_infile = 0 -; sql-mode = "TRADITIONAL" diff --git a/docker/mysql/5.6/goss.yml b/docker/mysql/5.6/goss.yml deleted file mode 100644 index 9163f89..0000000 --- a/docker/mysql/5.6/goss.yml +++ /dev/null @@ -1,23 +0,0 @@ -file: - /usr/sbin/mysqld: - exists: true - filetype: file - mode: "0755" - owner: root - sha256: bf5ba9081d08792048ef8459e1ea6ddd155b82bc1a22cd5c8666e47050cd6208 -package: - mysql-server: - installed: true - mysql-common: - installed: true -port: - tcp6:3306: - listening: true - ip: -process: - mysqld: - running: true -user: - mysql: - exists: true - uid: 999 diff --git a/docker/openstack/Dockerfile b/docker/openstack/Dockerfile deleted file mode 100644 index 8008105..0000000 --- a/docker/openstack/Dockerfile +++ /dev/null @@ -1,49 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -RUN apk --no-cache add libffi openssl python3 py3-pip py3-netifaces - -RUN apk --no-cache add --virtual .build-deps \ - build-base \ - libffi-dev \ - openssl-dev \ - python3-dev \ - && pip install --upgrade pip \ - && pip install python-openstackclient \ - && apk del .build-deps - -RUN apk --no-cache upgrade - -ENTRYPOINT ["/usr/bin/openstack"] -CMD ["help"] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a numeric UID -RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \ - echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -USER $USER diff --git a/docker/packer/Dockerfile b/docker/packer/Dockerfile deleted file mode 100644 index 22baa02..0000000 --- a/docker/packer/Dockerfile +++ /dev/null @@ -1,67 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -ARG MACHINE="x86_64" -ARG SYSTEM="Linux" - -RUN apk --no-cache add \ - ansible \ - bash \ - dirmngr \ - git \ - gpg \ - gpg-agent \ - qemu \ - qemu-system-x86_64 \ - qemu-img \ - openssh-client \ - openssl \ - socat \ - wget - -ARG PACKER_VERSION=1.8.3 - -RUN { OS="$(echo ${SYSTEM} |awk '{print tolower($0)}')"; \ - ARCH="$(echo ${MACHINE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}')"; \ - wget https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_${OS}_${ARCH}.zip \ - && wget https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_SHA256SUMS \ - && wget https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_SHA256SUMS.sig \ - && GNUPGHOME="./.gnupg" gpg --batch --recv-keys C874011F0AB405110D02105534365D9472D7468F \ - && GNUPGHOME="./.gnupg" gpg --batch --verify packer_${PACKER_VERSION}_SHA256SUMS.sig packer_${PACKER_VERSION}_SHA256SUMS \ - && grep packer_${PACKER_VERSION}_${OS}_${ARCH}.zip packer_${PACKER_VERSION}_SHA256SUMS |sha256sum -c - \ - && unzip "packer_${PACKER_VERSION}_${OS}_${ARCH}.zip" -d /usr/local/bin \ - && rm -f "packer_${PACKER_VERSION}_${OS}_${ARCH}.zip" packer_${PACKER_VERSION}_SHA256SUMS.sig packer_${PACKER_VERSION}_SHA256SUMS ./.gnupg \ - ; } - -ENTRYPOINT ["/usr/local/bin/packer"] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -USER $USER diff --git a/docker/pdns-server/.gitrepo b/docker/pdns-server/.gitrepo deleted file mode 100644 index 6e2f8e9..0000000 --- a/docker/pdns-server/.gitrepo +++ /dev/null @@ -1,12 +0,0 @@ -; DO NOT EDIT (unless you know what you are doing) -; -; This subdirectory is a git "subrepo", and this file is maintained by the -; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme -; -[subrepo] - remote = ssh://git@github.com/aynicos/docker-pdns-server - branch = master - commit = 6d3c4ce70cbb38d237be757206bfbf082ce2ba3e - parent = 9de6b77b0d944fe6efa7b020ba7c2dbbba5df4f8 - method = merge - cmdver = 0.4.0 diff --git a/docker/pdns-server/Dockerfile b/docker/pdns-server/Dockerfile deleted file mode 100644 index 887fd32..0000000 --- a/docker/pdns-server/Dockerfile +++ /dev/null @@ -1,67 +0,0 @@ -FROM alpine:3.11 as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG VERSION_PDNS_REC=4.2.1 -ARG VERSION_PDNS_AUTH=4.2.1 -ARG VERSION_PDNS_DNSDIST=1.4.0 - -RUN apk upgrade --no-cache \ - && apk add --no-cache --virtual .build-deps \ - autoconf \ - automake \ - bison \ - boost-dev \ - boost-program_options \ - boost-serialization \ - build-base \ - curl \ - curl-dev \ - file \ - flex \ - g++ \ - git \ - py-virtualenv \ - libedit-dev \ - libressl-dev \ - libstdc++ \ - libtool \ - lua-dev \ - make \ - musl \ - ragel \ - && git clone https://github.com/PowerDNS/pdns \ - && cd pdns \ - && git checkout tags/auth-${VERSION_PDNS_AUTH} -b auth-${VERSION_PDNS_AUTH} \ - && autoreconf -vi \ - && ./configure --enable-static --disable-systemd --without-systemd --with-modules="" \ - && make install clean \ - && git checkout tags/rec-${VERSION_PDNS_REC} -b rec-${VERSION_PDNS_REC} \ - && cd pdns/recursordist \ - && autoreconf -vi \ - && ./configure --enable-static --disable-systemd --without-systemd \ - && make install clean \ - && cd ../.. \ - && git checkout tags/dnsdist-${VERSION_PDNS_DNSDIST} -b dnsdist-${VERSION_PDNS_DNSDIST} \ - && cd pdns/dnsdistdist \ - && autoreconf -vi \ - && ./configure --enable-static --disable-systemd --without-systemd \ - && make install clean \ - && cd ../../.. \ - && rm -fr pdns \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps \ - lua - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh / -ENTRYPOINT ["/docker-entrypoint.sh"] - -EXPOSE 53/udp 53/tcp - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/pdns-server/README.md b/docker/pdns-server/README.md deleted file mode 100644 index 75ae238..0000000 --- a/docker/pdns-server/README.md +++ /dev/null @@ -1,22 +0,0 @@ -# docker-pdns - -Alpine based Dockerfile running a powerdns authoritative and/or recursive DNS server. - -## Usage - -Following environment variables can be customized. - -## Example - -Build a docker image named "pdns". - -```shell -$ docker build -t pdns . -``` - -Start a docker from this image. - -```shell -$ docker run --net host pdns -``` - diff --git a/docker/pdns-server/docker-entrypoint.sh b/docker/pdns-server/docker-entrypoint.sh deleted file mode 100755 index 1e6ee7e..0000000 --- a/docker/pdns-server/docker-entrypoint.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/ash -set -euo pipefail -set -o errexit - -trap 'kill -SIGQUIT $PID' INT - -# Launch pdns_recursor by default -[ $# -eq 0 ] && /usr/local/sbin/pdns_recursor || exec "$@" & -PID=$! && wait diff --git a/docker/phabricator-daemon/Dockerfile b/docker/phabricator-daemon/Dockerfile deleted file mode 100644 index 25756b9..0000000 --- a/docker/phabricator-daemon/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -FROM phabricator/daemon:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - openssh-client \ - && rm -rf /var/lib/apt/lists/* - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/phabricator/Dockerfile b/docker/phabricator/Dockerfile deleted file mode 100644 index 9a0fce0..0000000 --- a/docker/phabricator/Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -FROM phabricator/phabricator:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -RUN { \ - echo 'mysqli.allow_local_infile = 0'; \ - } > /usr/local/etc/php/conf.d/mysql.ini - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/php/5.6-fpm-alpine/Dockerfile b/docker/php/5.6-fpm-alpine/Dockerfile deleted file mode 100644 index ac9df52..0000000 --- a/docker/php/5.6-fpm-alpine/Dockerfile +++ /dev/null @@ -1,239 +0,0 @@ -FROM php:5.6-fpm-alpine as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG AMQP_VERSION=stable -ARG APCU_VERSION=4.0.11 -ARG BLACKFIRE_VERSION=1.31.0 -ARG CACHETOOL_VERSION=3.2.1 -ARG IMAGICK_VERSION=stable -ARG GEOIP_VERSION=stable -ARG MEMCACHE_VERSION=3.0.8 -ARG MEMCACHED_VERSION=2.2.0 -ARG MONGODB_VERSION=1.6.1 -ARG NEWRELIC_VERSION=9.6.1.256 -ARG RAR_VERSION=stable -ARG REDIS_VERSION=4.3.0 -ARG UUID_VERSION=1.0.4 -ARG SUHOSIN_VERSION=0.9.38 -ARG TWIG_VERSION=1.35.3 -ARG XCACHE_VERSION=3.2.0 -ARG XDEBUG_VERSION=2.5.5 - -RUN apk --no-cache upgrade \ - && apk add --no-cache --virtual .build-deps \ - $PHPIZE_DEPS \ - aspell-dev \ - bison \ - bzip2-dev \ - curl-dev \ - flex \ - freetype-dev \ - gawk \ - geoip-dev \ - gettext-dev \ - gmp-dev \ - icu-dev \ - imagemagick-dev \ - imap-dev \ - libjpeg-turbo-dev \ - libmcrypt-dev \ - libmemcached-dev \ - libpng-dev \ - libressl-dev \ - libxml2-dev \ - libxslt-dev \ - make \ - net-snmp-dev \ - openldap-dev \ - postgresql-dev \ - python \ - rabbitmq-c-dev \ - zlib-dev \ - && wget https://packages.blackfire.io/binaries/blackfire-php/${BLACKFIRE_VERSION}/blackfire-php-alpine_amd64-php-$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;").so -O $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz -O /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz \ - && mkdir -p /tmp/newrelic-${NEWRELIC_VERSION} \ - && tar xzf /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz -C /tmp/newrelic-${NEWRELIC_VERSION} --strip-components=1 \ - && rm /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz \ - && mv /tmp/newrelic-${NEWRELIC_VERSION}/agent/x64/newrelic-20131226.so $(php -r "echo ini_get('extension_dir');")/newrelic.so \ - && wget --no-check-certificate https://download.suhosin.org/suhosin-${SUHOSIN_VERSION}.tar.gz -O /tmp/suhosin-${SUHOSIN_VERSION}.tar.gz \ - && mkdir -p /tmp/suhosin-${SUHOSIN_VERSION} \ - && tar xzf /tmp/suhosin-${SUHOSIN_VERSION}.tar.gz -C /tmp/suhosin-${SUHOSIN_VERSION} --strip-components=1 \ - && rm /tmp/suhosin-${SUHOSIN_VERSION}.tar.gz \ - && cd /tmp/suhosin-${SUHOSIN_VERSION} \ - && sed -i '1i#include ' log.c \ - && wget https://github.com/twigphp/Twig/archive/v${TWIG_VERSION}.tar.gz -O /tmp/twig-${TWIG_VERSION}.tar.gz \ - && mkdir -p /tmp/twig-${TWIG_VERSION} \ - && tar xzf /tmp/twig-${TWIG_VERSION}.tar.gz -C /tmp/twig-${TWIG_VERSION} --strip-components=1 \ - && rm /tmp/twig-${TWIG_VERSION}.tar.gz \ - && wget https://web.archive.org/web/20181118151821if_/http://xcache.lighttpd.net/pub/Releases/${XCACHE_VERSION}/xcache-${XCACHE_VERSION}.tar.gz -O /tmp/xcache-${XCACHE_VERSION}.tar.gz \ - && mkdir -p /tmp/xcache-${XCACHE_VERSION} \ - && tar xzf /tmp/xcache-${XCACHE_VERSION}.tar.gz -C /tmp/xcache-${XCACHE_VERSION} --strip-components=1 \ - && rm /tmp/xcache-${XCACHE_VERSION}.tar.gz \ - && docker-php-ext-configure /tmp/xcache-${XCACHE_VERSION} --enable-xcache --enable-xcache-constant --enable-xcache-optimizer --enable-xcache-coverager \ - && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/ \ - && docker-php-ext-install -j$(nproc) \ - /tmp/suhosin-${SUHOSIN_VERSION} \ - /tmp/twig-${TWIG_VERSION}/ext/twig \ - /tmp/xcache-${XCACHE_VERSION} \ - bcmath \ - bz2 \ - calendar \ - dba \ - exif \ - gd \ - gettext \ - gmp \ - imap \ - intl \ - ldap \ - mcrypt \ - mysql \ - mysqli \ - opcache \ - pcntl \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - pspell \ - shmop \ - snmp \ - soap \ - sockets \ - sysvmsg \ - sysvsem \ - sysvshm \ - xmlrpc \ - xsl \ - zip \ - && rm /usr/local/etc/php/conf.d/docker-php-ext-* \ - && rm -rf /tmp/newrelic-* \ - && rm -rf /tmp/suhosin-* \ - && rm -rf /tmp/twig-* \ - && rm -rf /tmp/xcache-* \ - && pecl install amqp-${AMQP_VERSION} \ - && pecl install apcu-${APCU_VERSION} \ - && pecl install geoip-${GEOIP_VERSION} \ - && pecl install imagick-${IMAGICK_VERSION} \ - && pecl install memcache-${MEMCACHE_VERSION} \ - && pecl install memcached-${MEMCACHED_VERSION} \ - && pecl install mongodb-${MONGODB_VERSION} \ - && pecl install rar-${RAR_VERSION} \ - && pecl install redis-${REDIS_VERSION} \ - && echo |pecl install uuid-${UUID_VERSION} \ - && pecl install xdebug-${XDEBUG_VERSION} \ - && pecl clear-cache \ - && runDeps="$( scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps - -RUN wget http://gordalina.github.io/cachetool/downloads/cachetool-${CACHETOOL_VERSION}.phar -O /usr/local/bin/cachetool \ - && chmod +x /usr/local/bin/cachetool \ - && echo -e "\ -adapter: fastcgi \n\ -fastcgi: 127.0.0.1:9000 \n\ -" > /etc/cachetool.yml - -RUN mkdir -p /etc/ssh && echo -e "\ -Host * \n\ - Compression yes \n\ -" >> /etc/ssh/ssh_config - -RUN apk add --no-cache \ - bash \ - bzip2 \ - coreutils \ - gettext \ - git \ - imagemagick \ - lftp \ - mailx \ - make \ - mysql-client \ - nano \ - openssh-client \ - ssmtp \ - vim - -# Iconv fix: https://github.com/docker-library/php/issues/240#issuecomment-305038173 -RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ gnu-libiconv -ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so - -# enable php modules -# available modules : amqp apcu bcmath blackfire bz2 calendar curl dba exif gettext gd geoip gmp imap imagick intl json ldap mbstring mcrypt memcache memcached mongodb mysql mysqli newrelic opcache pcntl pdo_mysql pdo_pgsql pgsql pspell rar redis shmop simplexml snmp soap sockets suhosin sysvmsg sysvsem sysvshm tokenizer twig uuid xcache xdebug xmlrpc xsl zip -# fix: disabled memcache to avoid relocation errors -ARG PHP_EXT_ENABLE="amqp apcu bcmath blackfire bz2 calendar gd geoip imagick intl mcrypt memcached mysql mysqli opcache pdo_mysql redis soap sockets twig uuid zip" -RUN docker-php-ext-enable ${PHP_EXT_ENABLE} - -# copy *.ini -COPY ${DOCKER_BUILD_DIR}/*.ini /usr/local/etc/php/conf.d/ -COPY ${DOCKER_BUILD_DIR}/php-fpm-*.conf /usr/local/etc/php-fpm.d/ - -# custom php config -ARG PHP_INI_CONFIG -RUN echo -e ${PHP_INI_CONFIG// /\\n} >> /usr/local/etc/php/conf.d/config.ini - -# custom php cli -ARG PHP_CLI_CONFIG="apc.enable_cli=0 max_execution_time=-1 memory_limit=-1 opcache.enable_cli=0 xdebug.default_enable=0" -RUN echo '#!/usr/bin/env sh' > /usr/local/bin/php-cli \ - && chmod +x /usr/local/bin/php-cli \ - && echo -e "\ -/usr/local/bin/php -d ${PHP_CLI_CONFIG// / -d } \"\$@\"\ -" >> /usr/local/bin/php-cli - -# install cronlock -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/bin/cronlock -RUN chmod +rx /usr/bin/cronlock - -# config ssmtp -RUN echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf - -# https://bugs.php.net/bug.php?id=71880 -ENV LOG_STREAM="/tmp/stdout" -RUN mkfifo $LOG_STREAM && chmod 777 $LOG_STREAM - -# default www-data homedir to /var/www for crontabs -RUN sed -i 's|/home/www-data|/var/www|' /etc/passwd -WORKDIR /var/www - -# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env -CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ] - -FROM dist as master -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -RUN chown -R $USER /usr/local/etc/php/conf.d/ - -USER $USER - -ARG SSH_REMOTE_HOSTS - -RUN mkdir -p ~/.ssh \ - && ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts diff --git a/docker/php/5.6-fpm-alpine/apc.ini b/docker/php/5.6-fpm-alpine/apc.ini deleted file mode 100644 index 448cee9..0000000 --- a/docker/php/5.6-fpm-alpine/apc.ini +++ /dev/null @@ -1,5 +0,0 @@ -apc.enable_cli = 0 -apc.enabled = 1 -apc.shm_segments = 1 -apc.shm_size = 32M - diff --git a/docker/php/5.6-fpm-alpine/blackfire.ini b/docker/php/5.6-fpm-alpine/blackfire.ini deleted file mode 100644 index 566668c..0000000 --- a/docker/php/5.6-fpm-alpine/blackfire.ini +++ /dev/null @@ -1 +0,0 @@ -blackfire.agent_socket=tcp://blackfire:8707 diff --git a/docker/php/5.6-fpm-alpine/newrelic.ini b/docker/php/5.6-fpm-alpine/newrelic.ini deleted file mode 100644 index d90b2dc..0000000 --- a/docker/php/5.6-fpm-alpine/newrelic.ini +++ /dev/null @@ -1,4 +0,0 @@ -[newrelic] -newrelic.logfile = /dev/self/fd/2 -newrelic.daemon.logfile = /dev/self/fd/2 - diff --git a/docker/php/5.6-fpm-alpine/opcache.ini b/docker/php/5.6-fpm-alpine/opcache.ini deleted file mode 100644 index b0244ec..0000000 --- a/docker/php/5.6-fpm-alpine/opcache.ini +++ /dev/null @@ -1,8 +0,0 @@ -opcache.enable = 1 -opcache.enable_cli = 0 -opcache.error_log = /proc/self/fd/2 -opcache.interned_strings_buffer = 16 -opcache.log_verbosity_level = 2 -opcache.max_accelerated_files = 20000 -opcache.memory_consumption = 256 -opcache.validate_timestamps = 1 diff --git a/docker/php/5.6-fpm-alpine/php-fpm-pool.conf b/docker/php/5.6-fpm-alpine/php-fpm-pool.conf deleted file mode 100644 index c1e5fc8..0000000 --- a/docker/php/5.6-fpm-alpine/php-fpm-pool.conf +++ /dev/null @@ -1,412 +0,0 @@ -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = www-data -group = www-data - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -;listen = /var/run/php5-fpm.sock -listen = 0.0.0.0:9000 - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -listen.backlog = 1023 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 0.0.0.0 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 8 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php5/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -pm.status_path = /php-fpm-status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -ping.path = /php-fpm-ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 5m - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -chdir = / - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M diff --git a/docker/php/5.6-fpm-alpine/php.ini b/docker/php/5.6-fpm-alpine/php.ini deleted file mode 100644 index f631e55..0000000 --- a/docker/php/5.6-fpm-alpine/php.ini +++ /dev/null @@ -1,56 +0,0 @@ -[PHP] -expose_php = Off -disable_functions = exec,system,popen,passthru,apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_note,apache_setenv,virtual,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority -enable_dl = Off -allow_url_fopen = On -allow_url_include = Off -engine = On -short_open_tag = On -output_buffering = 4096 -realpath_cache_size = 4096k -realpath_cache_ttl = 600 -include_path = .:/usr/share/php -date.timezone = Europe/Paris -default_socket_timeout = 10 -max_execution_time = 30 -max_input_time = 60 -max_input_vars = 1000 -memory_limit = 512M -post_max_size = 32M -file_uploads = On -upload_tmp_dir = /tmp -upload_max_filesize = 32M -max_file_uploads = 20 -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT -display_errors = Off -display_startup_errors = Off -log_errors = On -html_errors = On -SMTP = mailcatcher -smtp_port = 1025 -sendmail_path = /usr/sbin/sendmail -t -i -mail_log = syslog -session.save_handler = memcached -session.save_path = memcached:11211 -session.use_cookies = 1 -session.cookie_secure = -session.use_only_cookies = 1 -session.name = PHPSESSID -session.auto_start = 0 -session.cookie_lifetime = 0 -session.cookie_path = / -session.cookie_domain = -session.cookie_httponly = -session.serialize_handler = php -session.gc_probability = 0 -session.gc_divisor = 1000 -session.gc_maxlifetime = 2592000 -session.bug_compat_42 = Off -session.bug_compat_warn = Off -session.referer_check = -session.entropy_length = 512 -session.entropy_file = /dev/urandom -session.cache_limiter = nocache -session.cache_expire = 180 -session.use_trans_sid = 0 -session.hash_function = 0 diff --git a/docker/php/5.6-fpm-alpine/suhosin.ini b/docker/php/5.6-fpm-alpine/suhosin.ini deleted file mode 100644 index 3863c34..0000000 --- a/docker/php/5.6-fpm-alpine/suhosin.ini +++ /dev/null @@ -1 +0,0 @@ -suhosin.executor.disable_eval = On diff --git a/docker/php/5.6-fpm-alpine/xdebug.ini b/docker/php/5.6-fpm-alpine/xdebug.ini deleted file mode 100644 index efb017f..0000000 --- a/docker/php/5.6-fpm-alpine/xdebug.ini +++ /dev/null @@ -1,13 +0,0 @@ -xdebug.collect_params = 1 -xdebug.collect_return = 1 -xdebug.default_enable = 1 -xdebug.force_display_errors = 1 -xdebug.force_error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED -xdebug.halt_level = E_WARNING -xdebug.idekey = PHPSTORM -xdebug.max_nesting_level = 1024 -xdebug.remote_enable = 1 -xdebug.remote_connect_back = 1 -xdebug.scream = 0 -xdebug.show_error_trace = 1 -xdebug.show_exception_trace = 1 diff --git a/docker/php/7.0-fpm-alpine/Dockerfile b/docker/php/7.0-fpm-alpine/Dockerfile deleted file mode 100644 index b931efa..0000000 --- a/docker/php/7.0-fpm-alpine/Dockerfile +++ /dev/null @@ -1,270 +0,0 @@ -FROM php:7.0-fpm-alpine as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG AMQP_VERSION=stable -ARG AST_VERSION=stable -ARG APCU_VERSION=stable -ARG BLACKFIRE_VERSION=1.34.3 -ARG CACHETOOL_VERSION=4.0.1 -ARG DS_VERSION=stable -ARG EVENT_VERSION=stable -ARG IGBINARY_VERSION=stable -ARG IMAGICK_VERSION=stable -ARG GEOIP_VERSION=beta -ARG GRPC_VERSION=stable -ARG MCRYPT_VERSION=stable -ARG MEMCACHE_VERSION=4.0.1-php73 -ARG MEMCACHED_VERSION=stable -ARG MONGODB_VERSION=1.6.1 -ARG NEWRELIC_VERSION=9.11.0.267 -ARG OAUTH_VERSION=stable -ARG RAR_VERSION=stable -ARG REDIS_VERSION=stable -ARG SNUFFLEUPAGUS_VERSION=0.5.1 -ARG UUID_VERSION=stable -ARG XDEBUG_VERSION=2.7.2 -ARG XHPROF_VERSION=2.2.0 -ARG YAML_VERSION=stable - -RUN apk --no-cache upgrade \ - && apk add --no-cache --virtual .build-deps \ - $PHPIZE_DEPS \ - aspell-dev \ - bison \ - bzip2-dev \ - curl-dev \ - enchant-dev \ - flex \ - freetype-dev \ - gawk \ - geoip-dev \ - gettext-dev \ - gmp-dev \ - icu-dev \ - imagemagick-dev \ - imap-dev \ - libevent-dev \ - libjpeg-turbo-dev \ - libmcrypt-dev \ - libmemcached-dev \ - libpng-dev \ - libressl-dev \ - libxml2-dev \ - libxslt-dev \ - linux-headers \ - make \ - net-snmp-dev \ - openldap-dev \ - postgresql-dev \ - pcre-dev \ - rabbitmq-c-dev \ - tidyhtml-dev \ - yaml-dev \ - zlib-dev \ - # blackfire \ - && wget https://packages.blackfire.io/binaries/blackfire-php/${BLACKFIRE_VERSION}/blackfire-php-alpine_amd64-php-$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;").so -O $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - # gd \ - && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/ \ - # memcache \ - && wget https://github.com/websupport-sk/pecl-memcache/archive/v${MEMCACHE_VERSION}.tar.gz -O /tmp/memcache-${MEMCACHE_VERSION}.tar.gz \ - && mkdir -p /tmp/memcache-${MEMCACHE_VERSION} \ - && tar xzf /tmp/memcache-${MEMCACHE_VERSION}.tar.gz -C /tmp/memcache-${MEMCACHE_VERSION} --strip-components=1 \ - # https://github.com/websupport-sk/pecl-memcache/pull/39 \ - && sed -i '399s/);/, char *);/' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.h \ - # https://github.com/websupport-sk/pecl-memcache/pull/40 \ - && sed -i '47i#if PHP_VERSION_ID < 70200\n register size_t newlen;\n#endif' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.c \ - # newrelic \ - && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz -O /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz \ - && mkdir -p /tmp/newrelic-${NEWRELIC_VERSION} \ - && tar xzf /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz -C /tmp/newrelic-${NEWRELIC_VERSION} --strip-components=1 \ - && rm /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz \ - && mv /tmp/newrelic-${NEWRELIC_VERSION}/agent/x64/newrelic-20151012.so $(php -r "echo ini_get('extension_dir');")/newrelic.so \ - # snuffleupagus \ - && wget https://github.com/jvoisin/snuffleupagus/archive/v${SNUFFLEUPAGUS_VERSION}.tar.gz -O /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz \ - && mkdir -p /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} \ - && tar xzf /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz -C /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src --prefix=/usr --enable-snuffleupagus \ - # xhprof \ - && wget https://github.com/longxinH/xhprof/archive/v${XHPROF_VERSION}.tar.gz -O /tmp/xhprof-${XHPROF_VERSION}.tar.gz \ - && mkdir -p /tmp/xhprof-${XHPROF_VERSION} \ - && tar xzf /tmp/xhprof-${XHPROF_VERSION}.tar.gz -C /tmp/xhprof-${XHPROF_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/xhprof-${XHPROF_VERSION}/extension --with-php-config=/usr/local/bin/php-config \ - # tidy \ - && docker-php-source extract \ - && cd /usr/src/php \ - && sed -i 's/buffio.h/tidybuffio.h/' ext/tidy/*.c \ - && docker-php-ext-install -j$(nproc) \ - bcmath \ - bz2 \ - calendar \ - dba \ - enchant \ - exif \ - gd \ - gettext \ - gmp \ - imap \ - intl \ - ldap \ - mcrypt \ - /tmp/memcache-${MEMCACHE_VERSION} \ - mysqli \ - opcache \ - pcntl \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - pspell \ - shmop \ - snmp \ - soap \ - sockets \ - sysvmsg \ - sysvsem \ - sysvshm \ - tidy \ - /tmp/xhprof-${XHPROF_VERSION}/extension \ - xmlrpc \ - xsl \ - zip \ - # docker-php-ext-install fails after snuffleupagus is enabled - /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src \ - && docker-php-source delete \ - && rm /usr/local/etc/php/conf.d/docker-php-ext-* \ - && rm -rf /tmp/memcache-* \ - && rm -rf /tmp/newrelic-* \ - && rm -rf /tmp/snuffleupagus-* \ - && rm -rf /tmp/xhprof-* \ - && pecl install amqp-${AMQP_VERSION} \ - && pecl install apcu-${APCU_VERSION} \ - && pecl install ast-${AST_VERSION} \ - && pecl install ds-${DS_VERSION} \ - && pecl install event-${EVENT_VERSION} \ - && pecl install geoip-${GEOIP_VERSION} \ - && pecl install grpc-${GRPC_VERSION} \ - && pecl install igbinary-${IGBINARY_VERSION} \ - && pecl install imagick-${IMAGICK_VERSION} \ - && pecl install memcached-${MEMCACHED_VERSION} \ - && pecl install mongodb-${MONGODB_VERSION} \ - && pecl install oauth-${OAUTH_VERSION} \ - && pecl install rar-${RAR_VERSION} \ - && pecl install redis-${REDIS_VERSION} \ - && echo |pecl install uuid-${UUID_VERSION} \ - && pecl install xdebug-${XDEBUG_VERSION} \ - && pecl install yaml-${YAML_VERSION} \ - && pecl clear-cache \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps - -RUN wget http://gordalina.github.io/cachetool/downloads/cachetool-${CACHETOOL_VERSION}.phar -O /usr/local/bin/cachetool \ - && chmod +x /usr/local/bin/cachetool \ - && echo -e "\ -adapter: fastcgi \n\ -fastcgi: 127.0.0.1:9000 \n\ -" > /etc/cachetool.yml - -RUN mkdir -p /etc/ssh && echo -e "\ -Host * \n\ - Compression yes \n\ -" >> /etc/ssh/ssh_config - -RUN apk add --no-cache \ - bash \ - bzip2 \ - coreutils \ - gettext \ - git \ - imagemagick \ - lftp \ - mailx \ - make \ - mysql-client \ - nano \ - openssh-client \ - ssmtp \ - vim - -# Iconv fix: https://github.com/docker-library/php/issues/240#issuecomment-305038173 -RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ gnu-libiconv -ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so - -# builtin modules : Core ctype curl date dom fileinfo filter ftp hash iconv json libxml mbstring mysqlnd openssl pcre PDO pdo_sqlite Phar posix readline Reflection session SimpleXML SPL sqlite3 standard tokenizer xml xmlreader xmlwriter zlib -# available modules : amqp apcu ast bcmath blackfire bz2 calendar dba ds enchant event exif gd geoip gmp grpc igbinary imap imagick intl ldap mcrypt memcache memcached mongodb mysqli newrelic oauth opcache pcntl pdo_mysql pdo_pgsql pgsql pspell rar redis shmop snmp snuffleupagus soap sockets sysvmsg sysvsem sysvshm xhprof tidy uuid wddx xdebug xhprof xmlrpc xsl yaml zip -ARG PHP_EXT_ENABLE="amqp apcu bcmath bz2 calendar gd geoip imagick intl mcrypt memcached mysqli oauth opcache pdo_mysql redis soap sockets uuid yaml zip" -RUN docker-php-ext-enable ${PHP_EXT_ENABLE} - -# copy *.ini -COPY ${DOCKER_BUILD_DIR}/*.ini /usr/local/etc/php/conf.d/ -COPY ${DOCKER_BUILD_DIR}/php-fpm-*.conf /usr/local/etc/php-fpm.d/ - -# custom php config -ARG PHP_INI_CONFIG -RUN echo -e ${PHP_INI_CONFIG// /\\n} >> /usr/local/etc/php/conf.d/config.ini - -# custom php cli -ARG PHP_CLI_CONFIG="apc.enable_cli=0 max_execution_time=-1 memory_limit=-1 opcache.enable_cli=0 xdebug.default_enable=0" -RUN echo '#!/usr/bin/env sh' > /usr/local/bin/php-cli \ - && chmod +x /usr/local/bin/php-cli \ - && echo -e "\ -/usr/local/bin/php -d ${PHP_CLI_CONFIG// / -d } \"\$@\"\ -" >> /usr/local/bin/php-cli - -# install cronlock -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/bin/cronlock -RUN chmod +rx /usr/bin/cronlock - -# config ssmtp -RUN echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf - -# https://bugs.php.net/bug.php?id=71880 -ENV LOG_STREAM="/tmp/stdout" -RUN mkfifo $LOG_STREAM && chmod 777 $LOG_STREAM - -# default www-data homedir to /var/www for crontabs -RUN sed -i 's|/home/www-data|/var/www|' /etc/passwd -WORKDIR /var/www - -# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env -CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ] - -FROM dist as master -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -RUN chown -R $USER /usr/local/etc/php/conf.d/ - -USER $USER - -ARG SSH_REMOTE_HOSTS - -RUN mkdir -p ~/.ssh \ - && ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts diff --git a/docker/php/7.0-fpm-alpine/apc.ini b/docker/php/7.0-fpm-alpine/apc.ini deleted file mode 100644 index 448cee9..0000000 --- a/docker/php/7.0-fpm-alpine/apc.ini +++ /dev/null @@ -1,5 +0,0 @@ -apc.enable_cli = 0 -apc.enabled = 1 -apc.shm_segments = 1 -apc.shm_size = 32M - diff --git a/docker/php/7.0-fpm-alpine/blackfire.ini b/docker/php/7.0-fpm-alpine/blackfire.ini deleted file mode 100644 index 566668c..0000000 --- a/docker/php/7.0-fpm-alpine/blackfire.ini +++ /dev/null @@ -1 +0,0 @@ -blackfire.agent_socket=tcp://blackfire:8707 diff --git a/docker/php/7.0-fpm-alpine/memcached.ini b/docker/php/7.0-fpm-alpine/memcached.ini deleted file mode 100644 index 361f58b..0000000 --- a/docker/php/7.0-fpm-alpine/memcached.ini +++ /dev/null @@ -1 +0,0 @@ -memcached.sess_locking = Off \ No newline at end of file diff --git a/docker/php/7.0-fpm-alpine/newrelic.ini b/docker/php/7.0-fpm-alpine/newrelic.ini deleted file mode 100644 index d90b2dc..0000000 --- a/docker/php/7.0-fpm-alpine/newrelic.ini +++ /dev/null @@ -1,4 +0,0 @@ -[newrelic] -newrelic.logfile = /dev/self/fd/2 -newrelic.daemon.logfile = /dev/self/fd/2 - diff --git a/docker/php/7.0-fpm-alpine/opcache.ini b/docker/php/7.0-fpm-alpine/opcache.ini deleted file mode 100644 index b0244ec..0000000 --- a/docker/php/7.0-fpm-alpine/opcache.ini +++ /dev/null @@ -1,8 +0,0 @@ -opcache.enable = 1 -opcache.enable_cli = 0 -opcache.error_log = /proc/self/fd/2 -opcache.interned_strings_buffer = 16 -opcache.log_verbosity_level = 2 -opcache.max_accelerated_files = 20000 -opcache.memory_consumption = 256 -opcache.validate_timestamps = 1 diff --git a/docker/php/7.0-fpm-alpine/php-fpm-pool.conf b/docker/php/7.0-fpm-alpine/php-fpm-pool.conf deleted file mode 100644 index bfc8efa..0000000 --- a/docker/php/7.0-fpm-alpine/php-fpm-pool.conf +++ /dev/null @@ -1,412 +0,0 @@ -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = www-data -group = www-data - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -;listen = /var/run/php5-fpm.sock -listen = 0.0.0.0:9000 - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -listen.backlog = 1023 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 0.0.0.0 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 16 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php5/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -pm.status_path = /php-fpm-status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -ping.path = /php-fpm-ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 5m - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -chdir = / - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M diff --git a/docker/php/7.0-fpm-alpine/php.ini b/docker/php/7.0-fpm-alpine/php.ini deleted file mode 100644 index f631e55..0000000 --- a/docker/php/7.0-fpm-alpine/php.ini +++ /dev/null @@ -1,56 +0,0 @@ -[PHP] -expose_php = Off -disable_functions = exec,system,popen,passthru,apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_note,apache_setenv,virtual,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority -enable_dl = Off -allow_url_fopen = On -allow_url_include = Off -engine = On -short_open_tag = On -output_buffering = 4096 -realpath_cache_size = 4096k -realpath_cache_ttl = 600 -include_path = .:/usr/share/php -date.timezone = Europe/Paris -default_socket_timeout = 10 -max_execution_time = 30 -max_input_time = 60 -max_input_vars = 1000 -memory_limit = 512M -post_max_size = 32M -file_uploads = On -upload_tmp_dir = /tmp -upload_max_filesize = 32M -max_file_uploads = 20 -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT -display_errors = Off -display_startup_errors = Off -log_errors = On -html_errors = On -SMTP = mailcatcher -smtp_port = 1025 -sendmail_path = /usr/sbin/sendmail -t -i -mail_log = syslog -session.save_handler = memcached -session.save_path = memcached:11211 -session.use_cookies = 1 -session.cookie_secure = -session.use_only_cookies = 1 -session.name = PHPSESSID -session.auto_start = 0 -session.cookie_lifetime = 0 -session.cookie_path = / -session.cookie_domain = -session.cookie_httponly = -session.serialize_handler = php -session.gc_probability = 0 -session.gc_divisor = 1000 -session.gc_maxlifetime = 2592000 -session.bug_compat_42 = Off -session.bug_compat_warn = Off -session.referer_check = -session.entropy_length = 512 -session.entropy_file = /dev/urandom -session.cache_limiter = nocache -session.cache_expire = 180 -session.use_trans_sid = 0 -session.hash_function = 0 diff --git a/docker/php/7.0-fpm-alpine/xdebug.ini b/docker/php/7.0-fpm-alpine/xdebug.ini deleted file mode 100644 index efb017f..0000000 --- a/docker/php/7.0-fpm-alpine/xdebug.ini +++ /dev/null @@ -1,13 +0,0 @@ -xdebug.collect_params = 1 -xdebug.collect_return = 1 -xdebug.default_enable = 1 -xdebug.force_display_errors = 1 -xdebug.force_error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED -xdebug.halt_level = E_WARNING -xdebug.idekey = PHPSTORM -xdebug.max_nesting_level = 1024 -xdebug.remote_enable = 1 -xdebug.remote_connect_back = 1 -xdebug.scream = 0 -xdebug.show_error_trace = 1 -xdebug.show_exception_trace = 1 diff --git a/docker/php/7.1-fpm-alpine/Dockerfile b/docker/php/7.1-fpm-alpine/Dockerfile deleted file mode 100644 index 525a769..0000000 --- a/docker/php/7.1-fpm-alpine/Dockerfile +++ /dev/null @@ -1,262 +0,0 @@ -FROM php:7.1-fpm-alpine as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG AMQP_VERSION=stable -ARG AST_VERSION=stable -ARG APCU_VERSION=stable -ARG BLACKFIRE_VERSION=1.34.3 -ARG CACHETOOL_VERSION=4.0.1 -ARG DS_VERSION=stable -ARG EVENT_VERSION=stable -ARG IGBINARY_VERSION=stable -ARG IMAGICK_VERSION=stable -ARG GEOIP_VERSION=beta -ARG GRPC_VERSION=stable -ARG MCRYPT_VERSION=stable -ARG MEMCACHE_VERSION=4.0.1-php73 -ARG MEMCACHED_VERSION=stable -ARG MONGODB_VERSION=stable -ARG NEWRELIC_VERSION=9.11.0.267 -ARG OAUTH_VERSION=stable -ARG RAR_VERSION=stable -ARG REDIS_VERSION=stable -ARG SNUFFLEUPAGUS_VERSION=0.5.1 -ARG UUID_VERSION=stable -ARG XDEBUG_VERSION=stable -ARG XHPROF_VERSION=2.2.0 -ARG YAML_VERSION=stable - -RUN apk --no-cache upgrade \ - && apk add --no-cache --virtual .build-deps \ - $PHPIZE_DEPS \ - aspell-dev \ - bison \ - bzip2-dev \ - curl-dev \ - enchant-dev \ - flex \ - freetype-dev \ - gawk \ - geoip-dev \ - gettext-dev \ - gmp-dev \ - icu-dev \ - imagemagick-dev \ - imap-dev \ - libevent-dev \ - libjpeg-turbo-dev \ - libmcrypt-dev \ - libmemcached-dev \ - libpng-dev \ - libressl-dev \ - libxml2-dev \ - libxslt-dev \ - make \ - net-snmp-dev \ - openldap-dev \ - postgresql-dev \ - pcre-dev \ - rabbitmq-c-dev \ - yaml-dev \ - zlib-dev \ - # blackfire \ - && wget https://packages.blackfire.io/binaries/blackfire-php/${BLACKFIRE_VERSION}/blackfire-php-alpine_amd64-php-$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;").so -O $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - # gd \ - && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/ \ - # memcache \ - && wget https://github.com/websupport-sk/pecl-memcache/archive/v${MEMCACHE_VERSION}.tar.gz -O /tmp/memcache-${MEMCACHE_VERSION}.tar.gz \ - && mkdir -p /tmp/memcache-${MEMCACHE_VERSION} \ - && tar xzf /tmp/memcache-${MEMCACHE_VERSION}.tar.gz -C /tmp/memcache-${MEMCACHE_VERSION} --strip-components=1 \ - # https://github.com/websupport-sk/pecl-memcache/pull/39 \ - && sed -i '399s/);/, char *);/' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.h \ - # https://github.com/websupport-sk/pecl-memcache/pull/40 \ - && sed -i '47i#if PHP_VERSION_ID < 70200\n register size_t newlen;\n#endif' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.c \ - # newrelic \ - && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz -O /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz \ - && mkdir -p /tmp/newrelic-${NEWRELIC_VERSION} \ - && tar xzf /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz -C /tmp/newrelic-${NEWRELIC_VERSION} --strip-components=1 \ - && mv /tmp/newrelic-${NEWRELIC_VERSION}/agent/x64/newrelic-20160303.so $(php -r "echo ini_get('extension_dir');")/newrelic.so \ - # snuffleupagus \ - && wget https://github.com/jvoisin/snuffleupagus/archive/v${SNUFFLEUPAGUS_VERSION}.tar.gz -O /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz \ - && mkdir -p /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} \ - && tar xzf /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz -C /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src --prefix=/usr --enable-snuffleupagus \ - # xhprof \ - && wget https://github.com/longxinH/xhprof/archive/v${XHPROF_VERSION}.tar.gz -O /tmp/xhprof-${XHPROF_VERSION}.tar.gz \ - && mkdir -p /tmp/xhprof-${XHPROF_VERSION} \ - && tar xzf /tmp/xhprof-${XHPROF_VERSION}.tar.gz -C /tmp/xhprof-${XHPROF_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/xhprof-${XHPROF_VERSION}/extension --with-php-config=/usr/local/bin/php-config \ - && docker-php-ext-install -j$(nproc) \ - bcmath \ - bz2 \ - calendar \ - dba \ - enchant \ - exif \ - gd \ - gettext \ - gmp \ - imap \ - intl \ - ldap \ - mcrypt \ - /tmp/memcache-${MEMCACHE_VERSION} \ - mysqli \ - opcache \ - pcntl \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - pspell \ - shmop \ - snmp \ - soap \ - sockets \ - sysvmsg \ - sysvsem \ - sysvshm \ - /tmp/xhprof-${XHPROF_VERSION}/extension \ - xmlrpc \ - xsl \ - zip \ - # docker-php-ext-install fails after snuffleupagus is enabled - /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src \ - && docker-php-source delete \ - && rm /usr/local/etc/php/conf.d/docker-php-ext-* \ - && rm -rf /tmp/memcache-* \ - && rm -rf /tmp/newrelic-* \ - && rm -rf /tmp/snuffleupagus-* \ - && rm -rf /tmp/xhprof-* \ - && pecl install amqp-${AMQP_VERSION} \ - && pecl install apcu-${APCU_VERSION} \ - && pecl install ast-${AST_VERSION} \ - && pecl install ds-${DS_VERSION} \ - && pecl install event-${EVENT_VERSION} \ - && pecl install geoip-${GEOIP_VERSION} \ - && pecl install grpc-${GRPC_VERSION} \ - && pecl install igbinary-${IGBINARY_VERSION} \ - && pecl install imagick-${IMAGICK_VERSION} \ - && pecl install memcached-${MEMCACHED_VERSION} \ - && pecl install mongodb-${MONGODB_VERSION} \ - && pecl install oauth-${OAUTH_VERSION} \ - && pecl install rar-${RAR_VERSION} \ - && pecl install redis-${REDIS_VERSION} \ - && echo |pecl install uuid-${UUID_VERSION} \ - && pecl install xdebug-${XDEBUG_VERSION} \ - && pecl install yaml-${YAML_VERSION} \ - && pecl clear-cache \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps - -RUN wget http://gordalina.github.io/cachetool/downloads/cachetool-${CACHETOOL_VERSION}.phar -O /usr/local/bin/cachetool \ - && chmod +x /usr/local/bin/cachetool \ - && echo -e "\ -adapter: fastcgi \n\ -fastcgi: 127.0.0.1:9000 \n\ -" > /etc/cachetool.yml - -RUN mkdir -p /etc/ssh && echo -e "\ -Host * \n\ - Compression yes \n\ -" >> /etc/ssh/ssh_config - -RUN apk add --no-cache \ - bash \ - bzip2 \ - coreutils \ - gettext \ - git \ - imagemagick \ - lftp \ - mailx \ - make \ - mysql-client \ - nano \ - openssh-client \ - ssmtp \ - vim - -# Iconv fix: https://github.com/docker-library/php/issues/240#issuecomment-305038173 -RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ gnu-libiconv -ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so - -# builtin modules : Core ctype curl date dom fileinfo filter ftp hash iconv json libxml mbstring mysqlnd openssl pcre PDO pdo_sqlite Phar posix readline Reflection session SimpleXML SPL sqlite3 standard tokenizer xml xmlreader xmlwriter zlib -# available modules : amqp apcu ast bcmath blackfire bz2 calendar dba ds enchant event exif gd geoip gmp grpc igbinary imap imagick intl ldap mcrypt memcache memcached mongodb mysqli newrelic oauth opcache pcntl pdo_mysql pdo_pgsql pgsql pspell rar redis shmop snmp snuffleupagus soap sockets sysvmsg sysvsem sysvshm xhprof uuid wddx xdebug xhprof xmlrpc xsl yaml zip -ARG PHP_EXT_ENABLE="amqp apcu bcmath bz2 calendar gd geoip imagick intl mcrypt memcached mysqli oauth opcache pdo_mysql redis soap sockets uuid yaml zip" -RUN docker-php-ext-enable ${PHP_EXT_ENABLE} - -# copy *.ini -COPY ${DOCKER_BUILD_DIR}/*.ini /usr/local/etc/php/conf.d/ -COPY ${DOCKER_BUILD_DIR}/php-fpm-*.conf /usr/local/etc/php-fpm.d/ - -# custom php config -ARG PHP_INI_CONFIG -RUN echo -e ${PHP_INI_CONFIG// /\\n} >> /usr/local/etc/php/conf.d/config.ini - -# custom php cli -ARG PHP_CLI_CONFIG="apc.enable_cli=0 max_execution_time=-1 memory_limit=-1 opcache.enable_cli=0 xdebug.default_enable=0" -RUN echo '#!/usr/bin/env sh' > /usr/local/bin/php-cli \ - && chmod +x /usr/local/bin/php-cli \ - && echo -e "\ -/usr/local/bin/php -d ${PHP_CLI_CONFIG// / -d } \"\$@\"\ -" >> /usr/local/bin/php-cli - -# install cronlock -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/bin/cronlock -RUN chmod +rx /usr/bin/cronlock - -# config ssmtp -RUN echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf - -# https://bugs.php.net/bug.php?id=71880 -ENV LOG_STREAM="/tmp/stdout" -RUN mkfifo $LOG_STREAM && chmod 777 $LOG_STREAM - -# default www-data homedir to /var/www for crontabs -RUN sed -i 's|/home/www-data|/var/www|' /etc/passwd -WORKDIR /var/www - -# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env -CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ] - -FROM dist as master -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -RUN chown -R $USER /usr/local/etc/php/conf.d/ - -USER $USER - -ARG SSH_REMOTE_HOSTS - -RUN mkdir -p ~/.ssh \ - && ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts diff --git a/docker/php/7.1-fpm-alpine/apc.ini b/docker/php/7.1-fpm-alpine/apc.ini deleted file mode 100644 index 448cee9..0000000 --- a/docker/php/7.1-fpm-alpine/apc.ini +++ /dev/null @@ -1,5 +0,0 @@ -apc.enable_cli = 0 -apc.enabled = 1 -apc.shm_segments = 1 -apc.shm_size = 32M - diff --git a/docker/php/7.1-fpm-alpine/blackfire.ini b/docker/php/7.1-fpm-alpine/blackfire.ini deleted file mode 100644 index 566668c..0000000 --- a/docker/php/7.1-fpm-alpine/blackfire.ini +++ /dev/null @@ -1 +0,0 @@ -blackfire.agent_socket=tcp://blackfire:8707 diff --git a/docker/php/7.1-fpm-alpine/memcached.ini b/docker/php/7.1-fpm-alpine/memcached.ini deleted file mode 100644 index 361f58b..0000000 --- a/docker/php/7.1-fpm-alpine/memcached.ini +++ /dev/null @@ -1 +0,0 @@ -memcached.sess_locking = Off \ No newline at end of file diff --git a/docker/php/7.1-fpm-alpine/newrelic.ini b/docker/php/7.1-fpm-alpine/newrelic.ini deleted file mode 100644 index d90b2dc..0000000 --- a/docker/php/7.1-fpm-alpine/newrelic.ini +++ /dev/null @@ -1,4 +0,0 @@ -[newrelic] -newrelic.logfile = /dev/self/fd/2 -newrelic.daemon.logfile = /dev/self/fd/2 - diff --git a/docker/php/7.1-fpm-alpine/opcache.ini b/docker/php/7.1-fpm-alpine/opcache.ini deleted file mode 100644 index b0244ec..0000000 --- a/docker/php/7.1-fpm-alpine/opcache.ini +++ /dev/null @@ -1,8 +0,0 @@ -opcache.enable = 1 -opcache.enable_cli = 0 -opcache.error_log = /proc/self/fd/2 -opcache.interned_strings_buffer = 16 -opcache.log_verbosity_level = 2 -opcache.max_accelerated_files = 20000 -opcache.memory_consumption = 256 -opcache.validate_timestamps = 1 diff --git a/docker/php/7.1-fpm-alpine/php-fpm-pool.conf b/docker/php/7.1-fpm-alpine/php-fpm-pool.conf deleted file mode 100644 index bfc8efa..0000000 --- a/docker/php/7.1-fpm-alpine/php-fpm-pool.conf +++ /dev/null @@ -1,412 +0,0 @@ -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = www-data -group = www-data - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -;listen = /var/run/php5-fpm.sock -listen = 0.0.0.0:9000 - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -listen.backlog = 1023 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 0.0.0.0 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 16 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php5/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -pm.status_path = /php-fpm-status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -ping.path = /php-fpm-ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 5m - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -chdir = / - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M diff --git a/docker/php/7.1-fpm-alpine/php.ini b/docker/php/7.1-fpm-alpine/php.ini deleted file mode 100644 index f631e55..0000000 --- a/docker/php/7.1-fpm-alpine/php.ini +++ /dev/null @@ -1,56 +0,0 @@ -[PHP] -expose_php = Off -disable_functions = exec,system,popen,passthru,apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_note,apache_setenv,virtual,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority -enable_dl = Off -allow_url_fopen = On -allow_url_include = Off -engine = On -short_open_tag = On -output_buffering = 4096 -realpath_cache_size = 4096k -realpath_cache_ttl = 600 -include_path = .:/usr/share/php -date.timezone = Europe/Paris -default_socket_timeout = 10 -max_execution_time = 30 -max_input_time = 60 -max_input_vars = 1000 -memory_limit = 512M -post_max_size = 32M -file_uploads = On -upload_tmp_dir = /tmp -upload_max_filesize = 32M -max_file_uploads = 20 -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT -display_errors = Off -display_startup_errors = Off -log_errors = On -html_errors = On -SMTP = mailcatcher -smtp_port = 1025 -sendmail_path = /usr/sbin/sendmail -t -i -mail_log = syslog -session.save_handler = memcached -session.save_path = memcached:11211 -session.use_cookies = 1 -session.cookie_secure = -session.use_only_cookies = 1 -session.name = PHPSESSID -session.auto_start = 0 -session.cookie_lifetime = 0 -session.cookie_path = / -session.cookie_domain = -session.cookie_httponly = -session.serialize_handler = php -session.gc_probability = 0 -session.gc_divisor = 1000 -session.gc_maxlifetime = 2592000 -session.bug_compat_42 = Off -session.bug_compat_warn = Off -session.referer_check = -session.entropy_length = 512 -session.entropy_file = /dev/urandom -session.cache_limiter = nocache -session.cache_expire = 180 -session.use_trans_sid = 0 -session.hash_function = 0 diff --git a/docker/php/7.1-fpm-alpine/xdebug.ini b/docker/php/7.1-fpm-alpine/xdebug.ini deleted file mode 100644 index efb017f..0000000 --- a/docker/php/7.1-fpm-alpine/xdebug.ini +++ /dev/null @@ -1,13 +0,0 @@ -xdebug.collect_params = 1 -xdebug.collect_return = 1 -xdebug.default_enable = 1 -xdebug.force_display_errors = 1 -xdebug.force_error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED -xdebug.halt_level = E_WARNING -xdebug.idekey = PHPSTORM -xdebug.max_nesting_level = 1024 -xdebug.remote_enable = 1 -xdebug.remote_connect_back = 1 -xdebug.scream = 0 -xdebug.show_error_trace = 1 -xdebug.show_exception_trace = 1 diff --git a/docker/php/7.2-fpm-alpine/Dockerfile b/docker/php/7.2-fpm-alpine/Dockerfile deleted file mode 100644 index a9bea93..0000000 --- a/docker/php/7.2-fpm-alpine/Dockerfile +++ /dev/null @@ -1,267 +0,0 @@ -FROM php:7.2-fpm-alpine as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG AMQP_VERSION=stable -ARG AST_VERSION=stable -ARG APCU_VERSION=stable -ARG BLACKFIRE_VERSION=1.34.3 -ARG CACHETOOL_VERSION=4.0.1 -ARG DS_VERSION=stable -ARG EVENT_VERSION=stable -ARG IGBINARY_VERSION=stable -ARG IMAGICK_VERSION=stable -ARG GEOIP_VERSION=beta -ARG GRPC_VERSION=stable -ARG MCRYPT_VERSION=stable -ARG MEMCACHE_VERSION=4.0.1-php73 -ARG MEMCACHED_VERSION=stable -ARG MONGODB_VERSION=stable -ARG NEWRELIC_VERSION=9.11.0.267 -ARG OAUTH_VERSION=stable -ARG RAR_VERSION=stable -ARG REDIS_VERSION=stable -ARG SNUFFLEUPAGUS_VERSION=0.5.1 -ARG UUID_VERSION=stable -ARG XDEBUG_VERSION=stable -ARG XHPROF_VERSION=2.2.0 -ARG YAML_VERSION=stable - -RUN apk --no-cache upgrade \ - && apk add --no-cache --virtual .build-deps \ - $PHPIZE_DEPS \ - aspell-dev \ - bison \ - bzip2-dev \ - curl-dev \ - enchant2-dev \ - flex \ - freetype-dev \ - gawk \ - geoip-dev \ - gettext-dev \ - gmp-dev \ - icu-dev \ - imagemagick-dev \ - imap-dev \ - libevent-dev \ - libjpeg-turbo-dev \ - libmcrypt-dev \ - libmemcached-dev \ - libpng-dev \ - libressl-dev \ - libxml2-dev \ - libxslt-dev \ - make \ - net-snmp-dev \ - openldap-dev \ - patch \ - postgresql-dev \ - pcre-dev \ - rabbitmq-c-dev \ - yaml-dev \ - zlib-dev \ - # blackfire \ - && wget https://packages.blackfire.io/binaries/blackfire-php/${BLACKFIRE_VERSION}/blackfire-php-alpine_amd64-php-$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;").so -O $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - # enchant \ - && docker-php-source extract \ - && wget "https://git.alpinelinux.org/aports/plain/community/php7/enchant-2.patch?id=3f8d7d2e5e558a975f79b6470423b32e01c0bfbc" -O /usr/src/php-enchant-2.patch \ - && cd /usr/src/php && patch -p1 < ../php-enchant-2.patch \ - # gd \ - && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/ \ - # memcache \ - && wget https://github.com/websupport-sk/pecl-memcache/archive/v${MEMCACHE_VERSION}.tar.gz -O /tmp/memcache-${MEMCACHE_VERSION}.tar.gz \ - && mkdir -p /tmp/memcache-${MEMCACHE_VERSION} \ - && tar xzf /tmp/memcache-${MEMCACHE_VERSION}.tar.gz -C /tmp/memcache-${MEMCACHE_VERSION} --strip-components=1 \ - # https://github.com/websupport-sk/pecl-memcache/pull/39 \ - && sed -i '399s/);/, char *);/' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.h \ - # https://github.com/websupport-sk/pecl-memcache/pull/40 \ - && sed -i '47i#if PHP_VERSION_ID < 70200\n register size_t newlen;\n#endif' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.c \ - # newrelic \ - && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz -O /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz \ - && mkdir -p /tmp/newrelic-${NEWRELIC_VERSION} \ - && tar xzf /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz -C /tmp/newrelic-${NEWRELIC_VERSION} --strip-components=1 \ - && mv /tmp/newrelic-${NEWRELIC_VERSION}/agent/x64/newrelic-20170718.so $(php -r "echo ini_get('extension_dir');")/newrelic.so \ - # snuffleupagus \ - && wget https://github.com/jvoisin/snuffleupagus/archive/v${SNUFFLEUPAGUS_VERSION}.tar.gz -O /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz \ - && mkdir -p /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} \ - && tar xzf /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz -C /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src --prefix=/usr --enable-snuffleupagus \ - # xhprof \ - && wget https://github.com/longxinH/xhprof/archive/v${XHPROF_VERSION}.tar.gz -O /tmp/xhprof-${XHPROF_VERSION}.tar.gz \ - && mkdir -p /tmp/xhprof-${XHPROF_VERSION} \ - && tar xzf /tmp/xhprof-${XHPROF_VERSION}.tar.gz -C /tmp/xhprof-${XHPROF_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/xhprof-${XHPROF_VERSION}/extension --with-php-config=/usr/local/bin/php-config \ - && docker-php-ext-install -j$(nproc) \ - bcmath \ - bz2 \ - calendar \ - dba \ - enchant \ - exif \ - gd \ - gettext \ - gmp \ - imap \ - intl \ - ldap \ - /tmp/memcache-${MEMCACHE_VERSION} \ - mysqli \ - opcache \ - pcntl \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - pspell \ - shmop \ - snmp \ - soap \ - sockets \ - sysvmsg \ - sysvsem \ - sysvshm \ - /tmp/xhprof-${XHPROF_VERSION}/extension \ - xmlrpc \ - xsl \ - zip \ - # docker-php-ext-install fails after snuffleupagus is enabled - /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src \ - && docker-php-source delete \ - && rm /usr/local/etc/php/conf.d/docker-php-ext-* \ - && rm -rf /tmp/memcache-* \ - && rm -rf /tmp/newrelic-* \ - && rm -rf /tmp/snuffleupagus-* \ - && rm -rf /tmp/xhprof-* \ - && pecl install amqp-${AMQP_VERSION} \ - && pecl install apcu-${APCU_VERSION} \ - && pecl install ast-${AST_VERSION} \ - && pecl install ds-${DS_VERSION} \ - && pecl install event-${EVENT_VERSION} \ - && pecl install geoip-${GEOIP_VERSION} \ - && pecl install grpc-${GRPC_VERSION} \ - && pecl install igbinary-${IGBINARY_VERSION} \ - && pecl install imagick-${IMAGICK_VERSION} \ - && pecl install memcached-${MEMCACHED_VERSION} \ - && pecl install mongodb-${MONGODB_VERSION} \ - && pecl install oauth-${OAUTH_VERSION} \ - && pecl install rar-${RAR_VERSION} \ - && pecl install redis-${REDIS_VERSION} \ - && echo |pecl install uuid-${UUID_VERSION} \ - && echo |pecl install mcrypt-${MCRYPT_VERSION} \ - && pecl install xdebug-${XDEBUG_VERSION} \ - && pecl install yaml-${YAML_VERSION} \ - && pecl clear-cache \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps - -RUN wget http://gordalina.github.io/cachetool/downloads/cachetool-${CACHETOOL_VERSION}.phar -O /usr/local/bin/cachetool \ - && chmod +x /usr/local/bin/cachetool \ - && echo -e "\ -adapter: fastcgi \n\ -fastcgi: 127.0.0.1:9000 \n\ -" > /etc/cachetool.yml - -RUN mkdir -p /etc/ssh && echo -e "\ -Host * \n\ - Compression yes \n\ -" >> /etc/ssh/ssh_config - -RUN apk add --no-cache \ - bash \ - bzip2 \ - coreutils \ - gettext \ - git \ - imagemagick \ - lftp \ - mailx \ - make \ - mysql-client \ - nano \ - openssh-client \ - ssmtp \ - vim - -# Iconv fix: https://github.com/docker-library/php/issues/240#issuecomment-305038173 -RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ gnu-libiconv -ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so - -# builtin modules : Core ctype curl date dom fileinfo filter ftp hash iconv json libxml mbstring mysqlnd openssl pcre PDO pdo_sqlite Phar posix readline Reflection session SimpleXML SPL sqlite3 standard tokenizer xml xmlreader xmlwriter zlib -# available modules : amqp apcu ast bcmath blackfire bz2 calendar dba ds enchant event exif gd geoip gmp grpc igbinary imap imagick intl ldap mcrypt memcache memcached mongodb mysqli newrelic oauth opcache pcntl pdo_mysql pdo_pgsql pgsql pspell rar redis shmop snmp snuffleupagus soap sockets sysvmsg sysvsem sysvshm xhprof uuid wddx xdebug xhprof xmlrpc xsl yaml zip -ARG PHP_EXT_ENABLE="amqp apcu bcmath bz2 calendar gd geoip imagick intl mcrypt memcached mysqli oauth opcache pdo_mysql redis soap sockets uuid yaml zip" -RUN docker-php-ext-enable ${PHP_EXT_ENABLE} - -# copy *.ini -COPY ${DOCKER_BUILD_DIR}/*.ini /usr/local/etc/php/conf.d/ -COPY ${DOCKER_BUILD_DIR}/php-fpm-*.conf /usr/local/etc/php-fpm.d/ - -# custom php config -ARG PHP_INI_CONFIG -RUN echo -e ${PHP_INI_CONFIG// /\\n} >> /usr/local/etc/php/conf.d/config.ini - -# custom php cli -ARG PHP_CLI_CONFIG="apc.enable_cli=0 max_execution_time=-1 memory_limit=-1 opcache.enable_cli=0 xdebug.default_enable=0" -RUN echo '#!/usr/bin/env sh' > /usr/local/bin/php-cli \ - && chmod +x /usr/local/bin/php-cli \ - && echo -e "\ -/usr/local/bin/php -d ${PHP_CLI_CONFIG// / -d } \"\$@\"\ -" >> /usr/local/bin/php-cli - -# install cronlock -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/bin/cronlock -RUN chmod +rx /usr/bin/cronlock - -# config ssmtp -RUN echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf - -# https://bugs.php.net/bug.php?id=71880 -ENV LOG_STREAM="/tmp/stdout" -RUN mkfifo $LOG_STREAM && chmod 777 $LOG_STREAM - -# default www-data homedir to /var/www for crontabs -RUN sed -i 's|/home/www-data|/var/www|' /etc/passwd -WORKDIR /var/www - -# redirect LOG_STREAM to stdout and start php-fpm with environment variables from .env -CMD [ "sh", "-c", "(exec 3<>$LOG_STREAM; cat <&3 >&1 & IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ] - -FROM dist as master -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -RUN chown -R $USER /usr/local/etc/php/conf.d/ - -USER $USER - -ARG SSH_REMOTE_HOSTS - -RUN mkdir -p ~/.ssh \ - && ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts diff --git a/docker/php/7.2-fpm-alpine/apc.ini b/docker/php/7.2-fpm-alpine/apc.ini deleted file mode 100644 index 448cee9..0000000 --- a/docker/php/7.2-fpm-alpine/apc.ini +++ /dev/null @@ -1,5 +0,0 @@ -apc.enable_cli = 0 -apc.enabled = 1 -apc.shm_segments = 1 -apc.shm_size = 32M - diff --git a/docker/php/7.2-fpm-alpine/blackfire.ini b/docker/php/7.2-fpm-alpine/blackfire.ini deleted file mode 100644 index 566668c..0000000 --- a/docker/php/7.2-fpm-alpine/blackfire.ini +++ /dev/null @@ -1 +0,0 @@ -blackfire.agent_socket=tcp://blackfire:8707 diff --git a/docker/php/7.2-fpm-alpine/memcached.ini b/docker/php/7.2-fpm-alpine/memcached.ini deleted file mode 100644 index 361f58b..0000000 --- a/docker/php/7.2-fpm-alpine/memcached.ini +++ /dev/null @@ -1 +0,0 @@ -memcached.sess_locking = Off \ No newline at end of file diff --git a/docker/php/7.2-fpm-alpine/newrelic.ini b/docker/php/7.2-fpm-alpine/newrelic.ini deleted file mode 100644 index d90b2dc..0000000 --- a/docker/php/7.2-fpm-alpine/newrelic.ini +++ /dev/null @@ -1,4 +0,0 @@ -[newrelic] -newrelic.logfile = /dev/self/fd/2 -newrelic.daemon.logfile = /dev/self/fd/2 - diff --git a/docker/php/7.2-fpm-alpine/opcache.ini b/docker/php/7.2-fpm-alpine/opcache.ini deleted file mode 100644 index b0244ec..0000000 --- a/docker/php/7.2-fpm-alpine/opcache.ini +++ /dev/null @@ -1,8 +0,0 @@ -opcache.enable = 1 -opcache.enable_cli = 0 -opcache.error_log = /proc/self/fd/2 -opcache.interned_strings_buffer = 16 -opcache.log_verbosity_level = 2 -opcache.max_accelerated_files = 20000 -opcache.memory_consumption = 256 -opcache.validate_timestamps = 1 diff --git a/docker/php/7.2-fpm-alpine/php-fpm-pool.conf b/docker/php/7.2-fpm-alpine/php-fpm-pool.conf deleted file mode 100644 index bfc8efa..0000000 --- a/docker/php/7.2-fpm-alpine/php-fpm-pool.conf +++ /dev/null @@ -1,412 +0,0 @@ -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = www-data -group = www-data - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -;listen = /var/run/php5-fpm.sock -listen = 0.0.0.0:9000 - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -listen.backlog = 1023 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 0.0.0.0 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 16 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php5/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -pm.status_path = /php-fpm-status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -ping.path = /php-fpm-ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 5m - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -chdir = / - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M diff --git a/docker/php/7.2-fpm-alpine/php.ini b/docker/php/7.2-fpm-alpine/php.ini deleted file mode 100644 index f631e55..0000000 --- a/docker/php/7.2-fpm-alpine/php.ini +++ /dev/null @@ -1,56 +0,0 @@ -[PHP] -expose_php = Off -disable_functions = exec,system,popen,passthru,apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_note,apache_setenv,virtual,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority -enable_dl = Off -allow_url_fopen = On -allow_url_include = Off -engine = On -short_open_tag = On -output_buffering = 4096 -realpath_cache_size = 4096k -realpath_cache_ttl = 600 -include_path = .:/usr/share/php -date.timezone = Europe/Paris -default_socket_timeout = 10 -max_execution_time = 30 -max_input_time = 60 -max_input_vars = 1000 -memory_limit = 512M -post_max_size = 32M -file_uploads = On -upload_tmp_dir = /tmp -upload_max_filesize = 32M -max_file_uploads = 20 -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT -display_errors = Off -display_startup_errors = Off -log_errors = On -html_errors = On -SMTP = mailcatcher -smtp_port = 1025 -sendmail_path = /usr/sbin/sendmail -t -i -mail_log = syslog -session.save_handler = memcached -session.save_path = memcached:11211 -session.use_cookies = 1 -session.cookie_secure = -session.use_only_cookies = 1 -session.name = PHPSESSID -session.auto_start = 0 -session.cookie_lifetime = 0 -session.cookie_path = / -session.cookie_domain = -session.cookie_httponly = -session.serialize_handler = php -session.gc_probability = 0 -session.gc_divisor = 1000 -session.gc_maxlifetime = 2592000 -session.bug_compat_42 = Off -session.bug_compat_warn = Off -session.referer_check = -session.entropy_length = 512 -session.entropy_file = /dev/urandom -session.cache_limiter = nocache -session.cache_expire = 180 -session.use_trans_sid = 0 -session.hash_function = 0 diff --git a/docker/php/7.2-fpm-alpine/xdebug.ini b/docker/php/7.2-fpm-alpine/xdebug.ini deleted file mode 100644 index efb017f..0000000 --- a/docker/php/7.2-fpm-alpine/xdebug.ini +++ /dev/null @@ -1,13 +0,0 @@ -xdebug.collect_params = 1 -xdebug.collect_return = 1 -xdebug.default_enable = 1 -xdebug.force_display_errors = 1 -xdebug.force_error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED -xdebug.halt_level = E_WARNING -xdebug.idekey = PHPSTORM -xdebug.max_nesting_level = 1024 -xdebug.remote_enable = 1 -xdebug.remote_connect_back = 1 -xdebug.scream = 0 -xdebug.show_error_trace = 1 -xdebug.show_exception_trace = 1 diff --git a/docker/php/7.3-fpm-alpine/Dockerfile b/docker/php/7.3-fpm-alpine/Dockerfile deleted file mode 100644 index 1f0b1c8..0000000 --- a/docker/php/7.3-fpm-alpine/Dockerfile +++ /dev/null @@ -1,264 +0,0 @@ -FROM php:7.3-fpm-alpine as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG AMQP_VERSION=stable -ARG AST_VERSION=stable -ARG APCU_VERSION=stable -ARG BLACKFIRE_VERSION=1.34.3 -ARG CACHETOOL_VERSION=4.0.1 -ARG DS_VERSION=stable -ARG EVENT_VERSION=stable -ARG IGBINARY_VERSION=stable -ARG IMAGICK_VERSION=stable -ARG GEOIP_VERSION=beta -ARG GRPC_VERSION=stable -ARG MCRYPT_VERSION=stable -ARG MEMCACHE_VERSION=4.0.1-php73 -ARG MEMCACHED_VERSION=stable -ARG MONGODB_VERSION=stable -ARG NEWRELIC_VERSION=9.11.0.267 -ARG OAUTH_VERSION=stable -ARG REDIS_VERSION=stable -ARG SNUFFLEUPAGUS_VERSION=0.5.1 -ARG UUID_VERSION=stable -ARG XDEBUG_VERSION=stable -ARG XHPROF_VERSION=2.2.0 -ARG YAML_VERSION=stable - -RUN apk --no-cache upgrade \ - && apk add --no-cache --virtual .build-deps \ - $PHPIZE_DEPS \ - aspell-dev \ - bison \ - bzip2-dev \ - curl-dev \ - enchant2-dev \ - flex \ - freetype-dev \ - gawk \ - geoip-dev \ - gettext-dev \ - gmp-dev \ - icu-dev \ - imagemagick-dev \ - imap-dev \ - libevent-dev \ - libjpeg-turbo-dev \ - libmcrypt-dev \ - libmemcached-dev \ - libpng-dev \ - libressl-dev \ - libxml2-dev \ - libxslt-dev \ - libzip-dev \ - make \ - net-snmp-dev \ - openldap-dev \ - patch \ - postgresql-dev \ - pcre-dev \ - rabbitmq-c-dev \ - yaml-dev \ - # blackfire \ - && wget https://packages.blackfire.io/binaries/blackfire-php/${BLACKFIRE_VERSION}/blackfire-php-alpine_amd64-php-$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;").so -O $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - # enchant \ - && docker-php-source extract \ - && wget "https://git.alpinelinux.org/aports/plain/community/php7/enchant-2.patch?id=3f8d7d2e5e558a975f79b6470423b32e01c0bfbc" -O /usr/src/php-enchant-2.patch \ - && cd /usr/src/php && patch -p1 < ../php-enchant-2.patch \ - # gd \ - && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/ \ - # memcache \ - && wget https://github.com/websupport-sk/pecl-memcache/archive/v${MEMCACHE_VERSION}.tar.gz -O /tmp/memcache-${MEMCACHE_VERSION}.tar.gz \ - && mkdir -p /tmp/memcache-${MEMCACHE_VERSION} \ - && tar xzf /tmp/memcache-${MEMCACHE_VERSION}.tar.gz -C /tmp/memcache-${MEMCACHE_VERSION} --strip-components=1 \ - # https://github.com/websupport-sk/pecl-memcache/pull/39 \ - && sed -i '399s/);/, char *);/' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.h \ - # https://github.com/websupport-sk/pecl-memcache/pull/40 \ - && sed -i '47i#if PHP_VERSION_ID < 70200\n register size_t newlen;\n#endif' /tmp/memcache-${MEMCACHE_VERSION}/php7/memcache_pool.c \ - # newrelic \ - && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz -O /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz \ - && mkdir -p /tmp/newrelic-${NEWRELIC_VERSION} \ - && tar xzf /tmp/newrelic-${NEWRELIC_VERSION}.tar.gz -C /tmp/newrelic-${NEWRELIC_VERSION} --strip-components=1 \ - && mv /tmp/newrelic-${NEWRELIC_VERSION}/agent/x64/newrelic-20180731.so $(php -r "echo ini_get('extension_dir');")/newrelic.so \ - # snuffleupagus \ - && wget https://github.com/jvoisin/snuffleupagus/archive/v${SNUFFLEUPAGUS_VERSION}.tar.gz -O /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz \ - && mkdir -p /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} \ - && tar xzf /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}.tar.gz -C /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src --prefix=/usr --enable-snuffleupagus \ - # xhprof \ - && wget https://github.com/longxinH/xhprof/archive/v${XHPROF_VERSION}.tar.gz -O /tmp/xhprof-${XHPROF_VERSION}.tar.gz \ - && mkdir -p /tmp/xhprof-${XHPROF_VERSION} \ - && tar xzf /tmp/xhprof-${XHPROF_VERSION}.tar.gz -C /tmp/xhprof-${XHPROF_VERSION} --strip-components=1 \ - && docker-php-ext-configure /tmp/xhprof-${XHPROF_VERSION}/extension --with-php-config=/usr/local/bin/php-config \ - && docker-php-ext-install -j$(nproc) \ - bcmath \ - bz2 \ - calendar \ - dba \ - enchant \ - exif \ - gd \ - gettext \ - gmp \ - imap \ - intl \ - ldap \ - /tmp/memcache-${MEMCACHE_VERSION} \ - mysqli \ - opcache \ - pcntl \ - pdo_mysql \ - pdo_pgsql \ - pgsql \ - pspell \ - shmop \ - snmp \ - soap \ - sockets \ - sysvmsg \ - sysvsem \ - sysvshm \ - /tmp/xhprof-${XHPROF_VERSION}/extension \ - xmlrpc \ - xsl \ - zip \ - # docker-php-ext-install fails after snuffleupagus is enabled - /tmp/snuffleupagus-${SNUFFLEUPAGUS_VERSION}/src \ - && docker-php-source delete \ - && rm /usr/local/etc/php/conf.d/docker-php-ext-* \ - && rm -rf /tmp/memcache-* \ - && rm -rf /tmp/newrelic-* \ - && rm -rf /tmp/snuffleupagus-* \ - && rm -rf /tmp/xhprof-* \ - && pecl install amqp-${AMQP_VERSION} \ - && pecl install apcu-${APCU_VERSION} \ - && pecl install ast-${AST_VERSION} \ - && pecl install ds-${DS_VERSION} \ - && pecl install event-${EVENT_VERSION} \ - && pecl install geoip-${GEOIP_VERSION} \ - && pecl install grpc-${GRPC_VERSION} \ - && pecl install igbinary-${IGBINARY_VERSION} \ - && pecl install imagick-${IMAGICK_VERSION} \ - && pecl install memcached-${MEMCACHED_VERSION} \ - && pecl install mongodb-${MONGODB_VERSION} \ - && pecl install oauth-${OAUTH_VERSION} \ - && pecl install redis-${REDIS_VERSION} \ - && echo |pecl install uuid-${UUID_VERSION} \ - && echo |pecl install mcrypt-${MCRYPT_VERSION} \ - && pecl install xdebug-${XDEBUG_VERSION} \ - && pecl install yaml-${YAML_VERSION} \ - && pecl clear-cache \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps - -RUN wget http://gordalina.github.io/cachetool/downloads/cachetool-${CACHETOOL_VERSION}.phar -O /usr/local/bin/cachetool \ - && chmod +x /usr/local/bin/cachetool \ - && echo -e "\ -adapter: fastcgi \n\ -fastcgi: 127.0.0.1:9000 \n\ -" > /etc/cachetool.yml - -RUN mkdir -p /etc/ssh && echo -e "\ -Host * \n\ - Compression yes \n\ -" >> /etc/ssh/ssh_config - -RUN apk add --no-cache \ - bash \ - bzip2 \ - coreutils \ - gettext \ - git \ - imagemagick \ - lftp \ - mailx \ - make \ - mysql-client \ - nano \ - openssh-client \ - ssmtp \ - vim - -# Iconv fix: https://github.com/docker-library/php/issues/240#issuecomment-305038173 -RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/community/ gnu-libiconv -ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so - -# builtin modules : Core ctype curl date dom fileinfo filter ftp hash iconv json libxml mbstring mysqlnd openssl pcre PDO pdo_sqlite Phar posix readline Reflection session SimpleXML SPL sqlite3 standard tokenizer xml xmlreader xmlwriter zlib -# available modules : amqp apcu ast bcmath blackfire bz2 calendar dba ds enchant event exif gd geoip gmp grpc igbinary imap imagick intl ldap mcrypt memcache memcached mongodb mysqli newrelic oauth opcache pcntl pdo_mysql pdo_pgsql pgsql pspell redis shmop snmp snuffleupagus soap sockets sysvmsg sysvsem sysvshm xhprof uuid wddx xdebug xhprof xmlrpc xsl yaml zip -ARG PHP_EXT_ENABLE="amqp apcu bcmath bz2 calendar gd geoip imagick intl mcrypt memcached mysqli oauth opcache pdo_mysql redis soap sockets uuid yaml zip" -RUN docker-php-ext-enable ${PHP_EXT_ENABLE} - -# copy *.ini -COPY ${DOCKER_BUILD_DIR}/*.ini /usr/local/etc/php/conf.d/ -COPY ${DOCKER_BUILD_DIR}/php-fpm-*.conf /usr/local/etc/php-fpm.d/ -RUN rm /usr/local/etc/php-fpm.d/www.conf - -# custom php config -ARG PHP_INI_CONFIG -RUN echo -e ${PHP_INI_CONFIG// /\\n} >> /usr/local/etc/php/conf.d/config.ini - -# custom php cli -ARG PHP_CLI_CONFIG="apc.enable_cli=0 max_execution_time=-1 memory_limit=-1 opcache.enable_cli=0 xdebug.default_enable=0" -RUN echo '#!/usr/bin/env sh' > /usr/local/bin/php-cli \ - && chmod +x /usr/local/bin/php-cli \ - && echo -e "\ -/usr/local/bin/php -d ${PHP_CLI_CONFIG// / -d } \"\$@\"\ -" >> /usr/local/bin/php-cli - -# install cronlock -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/bin/cronlock -RUN chmod +rx /usr/bin/cronlock - -# config ssmtp -RUN echo "FromLineOverride=YES" >> /etc/ssmtp/ssmtp.conf - -# default www-data homedir to /var/www for crontabs -RUN sed -i 's|/home/www-data|/var/www|' /etc/passwd - -# link shared folder -RUN ln -s /shared /var/www/shared - -WORKDIR /var/www -CMD [ "sh", "-c", "(IFS=$'\n'; exec env $(cat .env 2>/dev/null) php-fpm)" ] - -FROM dist as master -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -RUN chown -R $USER /usr/local/etc/php/conf.d/ - -USER $USER - -ARG SSH_REMOTE_HOSTS - -RUN mkdir -p ~/.ssh \ - && ssh-keyscan -t rsa -H $SSH_REMOTE_HOSTS >> ~/.ssh/known_hosts diff --git a/docker/php/7.3-fpm-alpine/apc.ini b/docker/php/7.3-fpm-alpine/apc.ini deleted file mode 100644 index 448cee9..0000000 --- a/docker/php/7.3-fpm-alpine/apc.ini +++ /dev/null @@ -1,5 +0,0 @@ -apc.enable_cli = 0 -apc.enabled = 1 -apc.shm_segments = 1 -apc.shm_size = 32M - diff --git a/docker/php/7.3-fpm-alpine/blackfire.ini b/docker/php/7.3-fpm-alpine/blackfire.ini deleted file mode 100644 index 566668c..0000000 --- a/docker/php/7.3-fpm-alpine/blackfire.ini +++ /dev/null @@ -1 +0,0 @@ -blackfire.agent_socket=tcp://blackfire:8707 diff --git a/docker/php/7.3-fpm-alpine/memcached.ini b/docker/php/7.3-fpm-alpine/memcached.ini deleted file mode 100644 index 361f58b..0000000 --- a/docker/php/7.3-fpm-alpine/memcached.ini +++ /dev/null @@ -1 +0,0 @@ -memcached.sess_locking = Off \ No newline at end of file diff --git a/docker/php/7.3-fpm-alpine/newrelic.ini b/docker/php/7.3-fpm-alpine/newrelic.ini deleted file mode 100644 index d90b2dc..0000000 --- a/docker/php/7.3-fpm-alpine/newrelic.ini +++ /dev/null @@ -1,4 +0,0 @@ -[newrelic] -newrelic.logfile = /dev/self/fd/2 -newrelic.daemon.logfile = /dev/self/fd/2 - diff --git a/docker/php/7.3-fpm-alpine/opcache.ini b/docker/php/7.3-fpm-alpine/opcache.ini deleted file mode 100644 index b0244ec..0000000 --- a/docker/php/7.3-fpm-alpine/opcache.ini +++ /dev/null @@ -1,8 +0,0 @@ -opcache.enable = 1 -opcache.enable_cli = 0 -opcache.error_log = /proc/self/fd/2 -opcache.interned_strings_buffer = 16 -opcache.log_verbosity_level = 2 -opcache.max_accelerated_files = 20000 -opcache.memory_consumption = 256 -opcache.validate_timestamps = 1 diff --git a/docker/php/7.3-fpm-alpine/php-fpm-pool.conf b/docker/php/7.3-fpm-alpine/php-fpm-pool.conf deleted file mode 100644 index 6204234..0000000 --- a/docker/php/7.3-fpm-alpine/php-fpm-pool.conf +++ /dev/null @@ -1,412 +0,0 @@ -; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the -; pool name ('www' here) -[www] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = www-data -group = www-data - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all IPv4 addresses on a -; specific port; -; '[::]:port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -;listen = /var/run/php5-fpm.sock -listen = 0.0.0.0:9000 - -; Set listen(2) backlog. -; Default Value: 65535 (-1 on FreeBSD and OpenBSD) -listen.backlog = 1023 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 0.0.0.0 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 32 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 4 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 4 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 8 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php5/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -pm.status_path = /php-fpm-status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -ping.path = /php-fpm-ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_terminate_timeout = 5m - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -chdir = / - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M diff --git a/docker/php/7.3-fpm-alpine/php.ini b/docker/php/7.3-fpm-alpine/php.ini deleted file mode 100644 index f631e55..0000000 --- a/docker/php/7.3-fpm-alpine/php.ini +++ /dev/null @@ -1,56 +0,0 @@ -[PHP] -expose_php = Off -disable_functions = exec,system,popen,passthru,apache_child_terminate,apache_get_modules,apache_get_version,apache_getenv,apache_note,apache_setenv,virtual,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority -enable_dl = Off -allow_url_fopen = On -allow_url_include = Off -engine = On -short_open_tag = On -output_buffering = 4096 -realpath_cache_size = 4096k -realpath_cache_ttl = 600 -include_path = .:/usr/share/php -date.timezone = Europe/Paris -default_socket_timeout = 10 -max_execution_time = 30 -max_input_time = 60 -max_input_vars = 1000 -memory_limit = 512M -post_max_size = 32M -file_uploads = On -upload_tmp_dir = /tmp -upload_max_filesize = 32M -max_file_uploads = 20 -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT -display_errors = Off -display_startup_errors = Off -log_errors = On -html_errors = On -SMTP = mailcatcher -smtp_port = 1025 -sendmail_path = /usr/sbin/sendmail -t -i -mail_log = syslog -session.save_handler = memcached -session.save_path = memcached:11211 -session.use_cookies = 1 -session.cookie_secure = -session.use_only_cookies = 1 -session.name = PHPSESSID -session.auto_start = 0 -session.cookie_lifetime = 0 -session.cookie_path = / -session.cookie_domain = -session.cookie_httponly = -session.serialize_handler = php -session.gc_probability = 0 -session.gc_divisor = 1000 -session.gc_maxlifetime = 2592000 -session.bug_compat_42 = Off -session.bug_compat_warn = Off -session.referer_check = -session.entropy_length = 512 -session.entropy_file = /dev/urandom -session.cache_limiter = nocache -session.cache_expire = 180 -session.use_trans_sid = 0 -session.hash_function = 0 diff --git a/docker/php/7.3-fpm-alpine/xdebug.ini b/docker/php/7.3-fpm-alpine/xdebug.ini deleted file mode 100644 index efb017f..0000000 --- a/docker/php/7.3-fpm-alpine/xdebug.ini +++ /dev/null @@ -1,13 +0,0 @@ -xdebug.collect_params = 1 -xdebug.collect_return = 1 -xdebug.default_enable = 1 -xdebug.force_display_errors = 1 -xdebug.force_error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED -xdebug.halt_level = E_WARNING -xdebug.idekey = PHPSTORM -xdebug.max_nesting_level = 1024 -xdebug.remote_enable = 1 -xdebug.remote_connect_back = 1 -xdebug.scream = 0 -xdebug.show_error_trace = 1 -xdebug.show_exception_trace = 1 diff --git a/docker/prometheus/alertmanager/Dockerfile b/docker/prometheus/alertmanager/Dockerfile deleted file mode 100644 index 09fde77..0000000 --- a/docker/prometheus/alertmanager/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM quay.io/prometheus/alertmanager:latest as dist -LABEL maintainer aynic.os - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG SLACK_WEBHOOK_ID - -COPY ${DOCKER_BUILD_DIR}/config.tmpl /etc/alertmanager/config.tmpl -RUN sed 's@SLACK_WEBHOOK_ID@'"${SLACK_WEBHOOK_ID:-UNDEFINED}"'@g' /etc/alertmanager/config.tmpl > /etc/alertmanager/alertmanager.yml diff --git a/docker/prometheus/alertmanager/config.tmpl b/docker/prometheus/alertmanager/config.tmpl deleted file mode 100644 index e9f9655..0000000 --- a/docker/prometheus/alertmanager/config.tmpl +++ /dev/null @@ -1,224 +0,0 @@ -# Documentation : https://prometheus.io/docs/alerting/configuration/ - -global: - resolve_timeout: 5m - slack_api_url: SLACK_WEBHOOK_ID - # The smarthost and SMTP sender used for mail notifications. - # smtp_smarthost: 'localhost:25' - # smtp_from: 'alertmanager@domain.com' - -# The root route on which each incoming alert enters. -route: - # The root route must not have any matchers as it is the entry point for - # all alerts. It needs to have a receiver configured so alerts that do not - # match any of the sub-routes are sent to someone. - receiver: 'slack-default' - - # The labels by which incoming alerts are grouped together. For example, - # multiple alerts coming in for cluster=A and alertname=LatencyHigh would - # be batched into a single group. - # group_by: ['alertname', 'cluster'] - group_by: ['instance'] - - # When a new group of alerts is created by an incoming alert, wait at - # least 'group_wait' to send the initial notification. - # This way ensures that you get multiple alerts for the same group that start - # firing shortly after another are batched together on the first - # notification. - group_wait: 1m - - # When the first notification was sent, wait 'group_interval' to send a batch - # of new alerts that started firing for that group. - group_interval: 1m - - # If an alert has successfully been sent, wait 'repeat_interval' to - # resend them. - repeat_interval: 1h - - - # All the above attributes are inherited by all child routes and can - # overwritten on each. - - # The child route trees. -# routes: - # This routes performs a regular expression match on alert labels to - # catch alerts that are related to a list of services. -# - match_re: -# service: ^(foo1|foo2|baz)$ -# receiver: team-X-mails - - routes: - - match: - severity: "low" - instance: "Hourly GMV" - type: "lower than static threshold" - receiver: slack-gmv-static-low - - - match: - severity: "high" - instance: "Hourly GMV" - type: "lower than static threshold" - receiver: slack-gmv-static-high - - - match: - severity: "low" - instance: "Hourly GMV" - receiver: slack-gmv-low - - - match: - severity: "high" - instance: "Hourly GMV" - receiver: slack-gmv-high - - - match: - instance: "Hourly GMV test" - receiver: slack-gmv-low - - - match: - severity: "low" - receiver: slack-generic-low - - - match: - severity: "medium" - receiver: slack-generic-medium - - - match: - severity: "high" - receiver: slack-generic-high - - - match: - severity: "critical" - receiver: slack-generic-critical - - - # The service has a sub-route for critical alerts, any alerts - # that do not match, i.e. severity != critical, fall-back to the - # parent node and are sent to 'team-X-mails' -# routes: -# - match: -# severity: critical -# receiver: team-X-pager - - -# Inhibition rules allow to mute a set of alerts given that another alert is -# firing. -# We use this to mute any warning-level notifications if the same alert is -# already critical. -inhibit_rules: - -- source_match: - severity: 'medium' - target_match: - severity: 'low' - # Apply inhibition if the alertname is the same. - equal: ['instance'] - -- source_match: - severity: 'high' - target_match: - severity: 'medium' - # Apply inhibition if the alertname is the same. - equal: ['instance'] - -- source_match: - severity: 'high' - target_match: - severity: 'low' - # Addition for GMV, which has no "medium" severity - equal: ['instance'] - -- source_match: - severity: 'critical' - target_match: - severity: 'high' - # Apply inhibition if the alertname is the same. - equal: ['instance'] - - - - - - -receivers: -- name: 'slack-gmv-static-low' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - low]' - icon_emoji: ':owl:' - title: ':mostly_sunny: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]' - text: "{{ .CommonAnnotations.description }}" - -- name: 'slack-gmv-static-high' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - high]' - icon_emoji: ':fallen_leaf:' - title: ':tornado: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]' - text: "{{ .CommonAnnotations.description }}" - -- name: 'slack-gmv-low' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - low]' - icon_emoji: ':owl:' - title: ':mostly_sunny: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]' - text: "{{ .CommonAnnotations.description }} - \n - \n{{ .CommonAnnotations.query }}" - -- name: 'slack-gmv-high' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - high]' - icon_emoji: ':fallen_leaf:' - title: ':tornado: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]' - text: "{{ .CommonAnnotations.description }} - \n - \n{{ .CommonAnnotations.query }}" - -- name: 'slack-generic-low' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - low]' - icon_emoji: ':owl:' - title: ':mostly_sunny: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]' - text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for a few seconds." - -- name: 'slack-generic-medium' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - medium]' - icon_emoji: ':owl:' - title: ':sun_behind_rain_cloud: {{ .Status|toUpper }} issue on [ {{ .CommonLabels.instance }} ]' - text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for more than 5 minutes." - -- name: 'slack-generic-high' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - high]' - icon_emoji: ':fallen_leaf:' - title: ':tornado: {{ .Status|toUpper }} issue on {{ .CommonLabels.instance }}' - text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for an hour" - -- name: 'slack-generic-critical' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [severity - critical]' - icon_emoji: ':fire:' - title: ':boom: {{ .Status|toUpper }} issue on {{ .CommonLabels.instance }}' - text: "*{{ .CommonLabels.instance }}* had a *{{ .CommonLabels.type }}* issue for more than 12 hours" - -- name: 'slack-default' - slack_configs: - - api_url: SLACK_WEBHOOK_ID - send_resolved: true - username: 'Chouette Vigilante [default]' - icon_emoji: ':owl:' diff --git a/docker/prometheus/blackbox-exporter/Dockerfile b/docker/prometheus/blackbox-exporter/Dockerfile deleted file mode 100644 index 059f32a..0000000 --- a/docker/prometheus/blackbox-exporter/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM quay.io/prometheus/blackbox-exporter:latest as dist -LABEL maintainer aynic.os - -FROM dist as master -ARG DOCKER_BUILD_DIR - -COPY ${DOCKER_BUILD_DIR}/config.yml /etc/blackbox_exporter/config.yml diff --git a/docker/prometheus/blackbox-exporter/config.yml b/docker/prometheus/blackbox-exporter/config.yml deleted file mode 100644 index 6bfd1b1..0000000 --- a/docker/prometheus/blackbox-exporter/config.yml +++ /dev/null @@ -1,38 +0,0 @@ -modules: - http_2xx: - prober: http - http: - preferred_ip_protocol: "ip4" - http_post_2xx: - prober: http - http: - method: POST - preferred_ip_protocol: "ip4" - tcp_connect: - prober: tcp - pop3s_banner: - prober: tcp - tcp: - query_response: - - expect: "^+OK" - tls: true - tls_config: - insecure_skip_verify: false - ssh_banner: - prober: tcp - tcp: - query_response: - - expect: "^SSH-2.0-" - irc_banner: - prober: tcp - tcp: - query_response: - - send: "NICK prober" - - send: "USER prober prober prober :prober" - - expect: "PING :([^ ]+)" - send: "PONG ${1}" - - expect: "^:[^ ]+ 001" - icmp: - prober: icmp - icmp: - preferred_ip_protocol: "ip4" diff --git a/docker/prometheus/es-exporter/Dockerfile b/docker/prometheus/es-exporter/Dockerfile deleted file mode 100644 index c7a5c10..0000000 --- a/docker/prometheus/es-exporter/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM braedon/prometheus-es-exporter:0.5.2 AS dist -ARG DOCKER_BUILD_DIR - -COPY ${DOCKER_BUILD_DIR}/exporter.cfg /usr/src/app - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/prometheus/es-exporter/exporter.cfg b/docker/prometheus/es-exporter/exporter.cfg deleted file mode 100644 index 42f0caa..0000000 --- a/docker/prometheus/es-exporter/exporter.cfg +++ /dev/null @@ -1,112 +0,0 @@ -# This section defines default settings for how queries should be run. -# All settings can be overridden for any given query in its own section. -# The values shown in this example are also the fallback values used if -# a setting is not specified in the DEFAULT section or a query's section. -[DEFAULT] -# How often to run queries. -QueryIntervalSecs = 30 -# How long to wait for a query to return before timing out. -QueryTimeoutSecs = 10 -# The indices to run the query on. -# Any way of specifying indices supported by your Elasticsearch version can be used. -QueryIndices = stats - -# Queries are defined in sections beginning with 'query_'. -# Characters following this prefix will be used as a prefix for all metrics -# generated for this query -[query_all] -QueryIndices = stats -QueryJson = { - "size": 0, - "query": { - "match_all": {} - } - } - -[query_gmv_hourly] -QueryIndices = stats -QueryIntervalSecs = 300 -QueryJson = { - "size": 0, - "query": { - "constant_score": { - "filter": { - "range": { "date" : { "from" : "now-1h", "to" : "now" }} - } - } - }, - "aggs": { - "return": { "sum": { "field": "cartProductsPrice" } } - } - } - -[query_gmv_hourly_oneweekago] -QueryIndices = stats -QueryIntervalSecs = 300 -QueryJson = { - "size": 0, - "query": { - "constant_score": { - "filter": { - "range": { "date" : { "from" : "now-1w-1h", "to" : "now-1w" }} - } - } - }, - "aggs": { - "return": { "sum": { "field": "cartProductsPrice" } } - } - } - -[query_gmv_hourly_twoweeksago] -QueryIndices = stats -QueryIntervalSecs = 300 -QueryJson = { - "size": 0, - "query": { - "constant_score": { - "filter": { - "range": { "date" : { "from" : "now-2w-1h", "to" : "now-2w" }} - } - } - }, - "aggs": { - "return": { "sum": { "field": "cartProductsPrice" } } - } - } - -[query_gmv_hourly_threeweeksago] -QueryIndices = stats -QueryIntervalSecs = 300 -QueryJson = { - "size": 0, - "query": { - "constant_score": { - "filter": { - "range": { "date" : { "from" : "now-3w-1h", "to" : "now-3w" }} - } - } - }, - "aggs": { - "return": { "sum": { "field": "cartProductsPrice" } } - } - } - - -[query_gmv_hourly_fourweeksago] -QueryIndices = stats -QueryIntervalSecs = 300 -QueryJson = { - "size": 0, - "query": { - "constant_score": { - "filter": { - "range": { "date" : { "from" : "now-4w-1h", "to" : "now-4w" }} - } - } - }, - "aggs": { - "return": { "sum": { "field": "cartProductsPrice" } } - } - } - - diff --git a/docker/prometheus/prometheus/Dockerfile b/docker/prometheus/prometheus/Dockerfile deleted file mode 100644 index fcf4a31..0000000 --- a/docker/prometheus/prometheus/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM quay.io/prometheus/prometheus:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh / -ENTRYPOINT ["/docker-entrypoint.sh"] -CMD [] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG MONITORING_PRIMARY_TARGETS_BLACKBOX -ARG MONITORING_SECONDARY_TARGETS_BLACKBOX - -COPY ${DOCKER_BUILD_DIR}/prometheus.tmpl /etc/prometheus/prometheus.tmpl -COPY ${DOCKER_BUILD_DIR}/alert-rules.yml /etc/prometheus/alert-rules.yml - -# Creating the config file. -# The last -e instruction cleans the file from quotes in the lists -RUN sed \ - -e 's|MONITORING_PRIMARY_TARGETS_BLACKBOX|'" - ${MONITORING_PRIMARY_TARGETS_BLACKBOX// /\\n - }"'|; s|MONITORING_SECONDARY_TARGETS_BLACKBOX|'" - ${MONITORING_SECONDARY_TARGETS_BLACKBOX// /\\n - }"'|' \ - /etc/prometheus/prometheus.tmpl > /etc/prometheus/prometheus.yml diff --git a/docker/prometheus/prometheus/alert-rules.yml b/docker/prometheus/prometheus/alert-rules.yml deleted file mode 100644 index 5d7369b..0000000 --- a/docker/prometheus/prometheus/alert-rules.yml +++ /dev/null @@ -1,147 +0,0 @@ -groups: -- name: example - rules: - - # CET / CEST - - record: is_european_summer_time - expr: | - (vector(1) and (month() > 3 and month() < 10)) - or - (vector(1) and (month() == 3 and (day_of_month() - day_of_week()) >= 25) and absent((day_of_month() >= 25) and (day_of_week() == 0))) - or - (vector(1) and (month() == 10 and (day_of_month() - day_of_week()) < 25) and absent((day_of_month() >= 25) and (day_of_week() == 0))) - or - (vector(1) and ((month() == 10 and hour() < 1) or (month() == 3 and hour() > 0)) and ((day_of_month() >= 25) and (day_of_week() == 0))) - or - vector(0) - # French time (UTC+1) CET / CEST - - record: european_french_time - expr: time() + 3600 + 3600 * is_european_summer_time - - # Alert for any instance that is unreachable for a few seconds. - - alert: InstanceDown-01-low - expr: probe_success == 0 - for: 30s - labels: - severity: "low" - type: "timeout" - annotations: - summary: "Instance {{ $labels.instance }} down" - description: "Instance {{ $labels.instance }} of job {{ $labels.job }} has been down for a few seconds." - - # Alert for any instance that is unreachable for some time. - - alert: InstanceDown-02-medium - expr: probe_success == 0 - for: 5m - labels: - severity: "medium" - type: "timeout" - annotations: - summary: "Instance {{ $labels.instance }} down" - description: "Instance {{ $labels.instance }} of job {{ $labels.job }} has been down for 10 minutes" - - # Alert for any instance that is unreachable for a long time. - - alert: InstanceDown-03-high - expr: probe_success == 0 - for: 1h - labels: - severity: "high" - type: "timeout" - annotations: - summary: "Instance {{ $labels.instance }} down" - description: "Instance {{ $labels.instance }} of job {{ $labels.job }} has been down for 1 hour" - - # Alert for any instance that is unreachable for a very long time. - - alert: InstanceDown-04-critical - expr: probe_success == 0 - for: 12h - labels: - severity: "critical" - type: "timeout" - annotations: - summary: "Instance {{ $labels.instance }} down" - description: "Instance {{ $labels.instance }} of job {{ $labels.job }} has been down for more than 12 hours" - - # Alert for GMV < 250€ from 8AM to 10PM on weekdays - - alert: "GMV (daytime) below lower threshold" - # Prometheus time is GMT - expr: gmv_hourly_return_value < 250 and ON() hour(european_french_time) > 8 < 22 - for: 1h - labels: - severity: "high" - type: "lower than static threshold" - instance: "Hourly GMV" - annotations: - summary: "{{ $labels.instance }} GMV alert" - description: '`Hourly GMV` has been *Lower than 250€*, for more than 1 hour. - \n - \n> Current value is *{{ .Value | printf "%.2f" }}* (over the last hour)' - - # Alert for GMV too low (under static 50€) over night 10PM to 8AM - - alert: "GMV nightly below lower threshold" - # Prometheus time is GMT - expr: gmv_hourly_return_value < 50 and ON() hour(european_french_time) < 8 > 22 - for: 4h - labels: - severity: "low" - type: "lower than static threshold" - instance: "Hourly GMV" - annotations: - summary: "{{ $labels.instance }} GMV alert" - description: '`Hourly GMV` (night) has been *Lower than 50€*, for more than 4 hour. - \n - \n> Current value is *{{ .Value | printf "%.2f" }}* (over the last hour) - \n - \nGMV is usually very low between 23:30 and 05:00, but this still may require attention' - - # Alert for GMV significantly lower (<33%) than mean value over last 4 weeks from 8AM to 10PM on weekdays - - alert: "GMV less than 33% compared to last 4 weeks" - # Prometheus time is GMT - expr: gmv_hourly_return_value < .33 * ( gmv_hourly_oneweekago_return_value + gmv_hourly_twoweeksago_return_value + gmv_hourly_threeweeksago_return_value + gmv_hourly_fourweeksago_return_value ) * .25 and ON() hour(european_french_time) > 8 < 22 - for: 1h - labels: - severity: "low" - type: "lower than last 4 weeks" - instance: "Hourly GMV" - annotations: - summary: "{{ $labels.instance }} GMV alert" - description: '`Hourly GMV` has been *significantly lower than usual*, for more than 1 hour. - \n - \n> Current value is *{{ .Value | printf "%.2f" }}* (over the last hour)' - query: '>Mean value observed this month is {{ range query "((gmv_hourly_oneweekago_return_value + gmv_hourly_twoweeksago_return_value + gmv_hourly_threeweeksago_return_value + gmv_hourly_fourweeksago_return_value ) * .25)" }}*{{ .Value | printf "%.2f" }}*{{ end }} (same day of the week, same hour)' - - # Alert for GMV critically lower (<20%) than mean value over last 4 weeks from 8AM to 10PM on weekdays - - alert: "GMV less than 20% compared to last 4 weeks" - # Prometheus time is GMT - expr: gmv_hourly_return_value < .20 * ( gmv_hourly_oneweekago_return_value + gmv_hourly_twoweeksago_return_value + gmv_hourly_threeweeksago_return_value + gmv_hourly_fourweeksago_return_value ) * .25 and ON() hour(european_french_time) > 8 < 22 - for: 1h - labels: - severity: "high" - type: "low over last 4 weeks" - instance: "Hourly GMV" - annotations: - summary: "{{ $labels.instance }} GMV alert" - description: '`Hourly GMV` has been *critically lower than usual*, for more than 1 hour. - \n - \n> Current value is *{{ .Value | printf "%.2f" }}* (over the last hour)' - query: '>Mean value observed this month is {{ range query "((gmv_hourly_oneweekago_return_value + gmv_hourly_twoweeksago_return_value + gmv_hourly_threeweeksago_return_value + gmv_hourly_fourweeksago_return_value ) * .25)" }}*{{ .Value | printf "%.2f" }}*{{ end }} (same day of the week, same hour)' - - # Alert for GMV suspiciously higher (>500%) than mean value over last 4 weeks from 8AM to 10PM on weekdays - - alert: "GMV more than 500% compared to last 4 weeks" - # Prometheus time is GMT - expr: gmv_hourly_return_value > 5 * ( gmv_hourly_oneweekago_return_value + gmv_hourly_twoweeksago_return_value + gmv_hourly_threeweeksago_return_value + gmv_hourly_fourweeksago_return_value ) * .25 and ON() hour(european_french_time) > 8 < 22 - for: 1h - labels: - severity: "low" - type: "low over last 4 weeks" - instance: "Hourly GMV" - annotations: - summary: "{{ $labels.instance }} GMV alert" - description: '`Hourly GMV` has been *much higher than usual*, for more than 1 hour. - \n(If there is an ongoing sale, it is most probably ok) - \n - \n> Current value is *{{ .Value | printf "%.2f" }}* (over the last hour)' - query: '>Mean value observed this month is {{ range query "((gmv_hourly_oneweekago_return_value + gmv_hourly_twoweeksago_return_value + gmv_hourly_threeweeksago_return_value + gmv_hourly_fourweeksago_return_value ) * .25)" }}*{{ .Value | printf "%.2f" }}*{{ end }} (same day of the week, same hour)' - - - diff --git a/docker/prometheus/prometheus/docker-entrypoint.sh b/docker/prometheus/prometheus/docker-entrypoint.sh deleted file mode 100755 index c4ec2c8..0000000 --- a/docker/prometheus/prometheus/docker-entrypoint.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/ash -set -euo pipefail -set -o errexit -set -x - -trap 'kill -SIGQUIT $PID' INT - -# Launch alertmanager by default, or paramater -[ $# -eq 0 ] && /bin/prometheus --config.file=/etc/prometheus/prometheus.yml --storage.tsdb.path=/prometheus --storage.tsdb.no-lockfile || exec "$@" & -PID=$! && wait - diff --git a/docker/prometheus/prometheus/prometheus.tmpl b/docker/prometheus/prometheus/prometheus.tmpl deleted file mode 100644 index ec1da2b..0000000 --- a/docker/prometheus/prometheus/prometheus.tmpl +++ /dev/null @@ -1,107 +0,0 @@ -# my global config -global: - scrape_interval: 15s # Set the default scrape interval to every 15 seconds. Default is every 1 minute. - evaluation_interval: 1m # Evaluate rules every 15 seconds. The default is every 1 minute. - - # scrape_timeout global default is 10s. - -# Alertmanager configuration -alerting: - alertmanagers: - - static_configs: - - targets: - - alertmanager:9093 - -# Load rules once and periodically evaluate them according to the global 'evaluation_interval'. -rule_files: - - "alert-rules.yml" - # - "alert.rules" - # - "first_rules.yml" - # - "second_rules.yml" - -scrape_configs: - - job_name: 'Containers' - metrics_path: /metrics - static_configs: - - targets: - - prometheus:9090 - - blackbox:9115 - - grafana:3000 - - - - job_name: 'es-exporter' - static_configs: - - targets: - - es-exporter:9206 - - - - job_name: 'node-exporter' - static_configs: - - targets: - - node-exporter:9100 - - - - job_name: 'cadvisor-exporter' - static_configs: - - targets: - - cadvisor-exporter:8080 - - - - job_name: 'blackbox_primary' - - scrape_interval: 15s - scrape_timeout: 5s - - metrics_path: /probe - params: - module: - - http_2xx - - static_configs: - - targets: -MONITORING_PRIMARY_TARGETS_BLACKBOX - - relabel_configs: - - source_labels: [__address__] - regex: (.*)(:80)? - target_label: __param_target - replacement: ${1} - - source_labels: [__param_target] - regex: (.*) - target_label: instance - replacement: ${1} - - source_labels: [] - regex: .* - target_label: __address__ - replacement: blackbox:9115 - - - - job_name: 'blackbox_secondary' - - scrape_interval: 60s - scrape_timeout: 15s - - metrics_path: /probe - - params: - module: - - http_2xx - - static_configs: - - targets: -MONITORING_SECONDARY_TARGETS_BLACKBOX - - relabel_configs: - - source_labels: [__address__] - regex: (.*)(:80)? - target_label: __param_target - replacement: ${1} - - source_labels: [__param_target] - regex: (.*) - target_label: instance - replacement: ${1} - - source_labels: [] - regex: .* - target_label: __address__ - replacement: blackbox:9115 - diff --git a/docker/registrator/Dockerfile b/docker/registrator/Dockerfile deleted file mode 100644 index e45e120..0000000 --- a/docker/registrator/Dockerfile +++ /dev/null @@ -1,42 +0,0 @@ -FROM golang:1-alpine AS build -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG GIT_AUTHOR_NAME -ARG GIT_AUTHOR_EMAIL - -ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} -ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} -ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME} -ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL} - -WORKDIR /go/src/github.com/gliderlabs/registrator/ -RUN \ - apk add --no-cache git \ - && git clone https://github.com/gliderlabs/registrator/ . \ - && git reset --hard 4322fe00304d6de661865721b073dc5c7e750bd2 \ - # -useIpFromNetwork \ - && git fetch origin pull/596/head \ - && git merge --no-edit 8d904c60949e310893a25c8af3636b0151334dd4 \ - # fix SERVICE_CHECK_SCRIPT - && git fetch origin pull/686/head \ - && git merge --no-edit 097305157a6a2c0c236fa430c17498c895536782 \ - && go mod init \ - && go mod tidy \ - && go mod vendor \ - && CGO_ENABLED=0 GOOS=linux go build \ - -a -installsuffix cgo \ - -ldflags "-X main.Version=$(cat VERSION)" \ - -o /go/bin/registrator \ - . - -FROM alpine:latest as dist -ARG DOCKER_BUILD_DIR - -RUN apk add --no-cache ca-certificates -COPY --from=build /go/bin/registrator /bin/registrator - -ENTRYPOINT ["/bin/registrator"] -HEALTHCHECK CMD kill -SIGUSR1 1 - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/riofs/Dockerfile b/docker/riofs/Dockerfile deleted file mode 100644 index 9fdd76d..0000000 --- a/docker/riofs/Dockerfile +++ /dev/null @@ -1,44 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -WORKDIR /usr/src - -# Install riofs -RUN apk upgrade --no-cache \ - && apk add --no-cache --virtual .build-deps \ - alpine-sdk \ - autoconf \ - automake \ - bsd-compat-headers \ - curl-dev \ - fuse-dev \ - glib-dev \ - libc-dev \ - libevent-dev \ - libexecinfo-dev \ - libressl-dev \ - libxml2-dev \ - musl-dev \ - shared-mime-info \ - && git clone https://github.com/skoobe/riofs \ - && cd riofs \ - && ./autogen.sh \ - && ./configure --prefix=/usr/local \ - && make \ - && make install \ - && cd .. \ - && rm -rf riofs \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps - -ENTRYPOINT /usr/local/bin/riofs - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/s3fs/Dockerfile b/docker/s3fs/Dockerfile deleted file mode 100644 index c1a2974..0000000 --- a/docker/s3fs/Dockerfile +++ /dev/null @@ -1,68 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG S3FS_VERSION=v1.85 - -# Install s3fs-fuse -RUN apk --no-cache upgrade \ - && apk --no-cache add --virtual .build-deps \ - alpine-sdk \ - automake \ - autoconf \ - curl-dev \ - fuse-dev \ - libressl-dev \ - libgcrypt-dev \ - libxml2-dev \ - && git clone https://github.com/s3fs-fuse/s3fs-fuse \ - && cd s3fs-fuse \ - && git checkout tags/${S3FS_VERSION} -b ${S3FS_VERSION} \ - && ./autogen.sh \ - && ./configure --prefix=/usr/local \ - && make install \ - && cd .. \ - && rm -rf s3fs-fuse \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps curl openssl - -ARG S3FS_DIR=/srv/s3 -ENV S3FS_DIR=${S3FS_DIR} -RUN mkdir -p ${S3FS_DIR} -VOLUME ${S3FS_DIR} - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh / -ENTRYPOINT /docker-entrypoint.sh - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID=0 -ARG USER=root -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true diff --git a/docker/s3fs/docker-entrypoint.sh b/docker/s3fs/docker-entrypoint.sh deleted file mode 100755 index 3dece9d..0000000 --- a/docker/s3fs/docker-entrypoint.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/env ash -set -euo pipefail -set -o errexit - -trap 'kill -SIGQUIT $PID' INT - -# For each user (default to $USER:$AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY:$AWS_S3_BUCKET) -echo "${USERS:-${USER}:${AWS_ACCESS_KEY_ID}:${AWS_SECRET_ACCESS_KEY}:${AWS_S3_BUCKETS:-${AWS_S3_BUCKET:-}}}" |sed 's/ /\n/g' | while read -r line; do - [ -n "${line}" ] && echo "${line//:/ }" | while read -r user aws_access_key_id aws_secret_access_key aws_s3_buckets; do - - # Skip user if no AWS credentials - [ -n "${aws_access_key_id:-$AWS_ACCESS_KEY_ID}" ] && [ -n "${aws_secret_access_key:-$AWS_SECRET_ACCESS_KEY}" ] || continue - - # Create user if not exists - id "${user:-root}" >/dev/null 2>&1 || adduser -h "/home/${user:-root}" -s /sbin/nologin -D "${user:-root}" - - # Configure s3fs - passwd_file="$(eval echo ~"${user:-root}")/.passwd-s3fs" - echo "${aws_access_key_id:-$AWS_ACCESS_KEY_ID}:${aws_secret_access_key:-$AWS_SECRET_ACCESS_KEY}" > "${passwd_file}" - chmod 0400 "${passwd_file}" - - # Find all buckets readable with our credentials - if [ -z "${aws_s3_buckets}" ]; then - date="$(date -R)" - string="GET\n\n\n${date}\n/" - authorization="AWS ${aws_access_key_id:-$AWS_ACCESS_KEY_ID}:$(echo -ne "${string}" | openssl sha1 -hmac "${aws_secret_access_key:-$AWS_SECRET_ACCESS_KEY}" -binary | openssl base64)" -# posix - aws_s3_buckets=$(curl -s -H "Date: $date" -H "Authorization: $authorization" https://s3.amazonaws.com/ | awk -F"<|>" 'BEGIN {RS="<"} /Name/ {print $2}') -# bash only -# aws_s3_buckets=$(curl -s -H "Date: $date" -H "Authorization: $authorization" https://s3.amazonaws.com/ \ -# | while IFS='>' read -rd '<' element value; do -# case "${element}" in -# 'Name') -# echo "${value}" -# ;; -# *) -# ;; -# esac -# done) - fi - - # For each bucket (default to all buckets readable by AWS_ACCESS_KEY_ID) - echo "${aws_s3_buckets}" |sed 's/,/\n/g' |while read -r aws_s3_bucket; do - - # Skip empty values - [ -n "${aws_s3_bucket}" ] || continue - - # Create s3fs mountpoint - s3fs_bucket_dir="${S3FS_DIR:-/srv/s3}/${aws_s3_bucket}" - mkdir -p "${s3fs_bucket_dir}" - - # Mount s3fs - /usr/local/bin/s3fs "${aws_s3_bucket}" "${s3fs_bucket_dir}" -o nosuid,nonempty,nodev,allow_other,complement_stat,mp_umask=027,uid=$(id -u "${user:-root}"),gid=$(id -g "${user:-root}"),passwd_file="${passwd_file}",default_acl="${AWS_S3_ACL:-private}",retries=5 - - # Exit docker if the s3 filesystem is not reachable anymore - ( crontab -l && echo "* * * * * timeout 3 touch '${s3fs_bucket_dir}/.s3fs_watchdog' >/dev/null 2>&1 || kill -KILL -1" ) | crontab - - - done - done -done - -# Keep container running -[ $# -eq 0 ] && tail -f /dev/null || exec "$@" & -PID=$! && wait diff --git a/docker/sematext/logagent/Dockerfile b/docker/sematext/logagent/Dockerfile deleted file mode 100644 index 56c1c0d..0000000 --- a/docker/sematext/logagent/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -FROM sematext/logagent:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG GIT_AUTHOR_NAME -ARG GIT_AUTHOR_EMAIL - -ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} -ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} -ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME} -ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL} - -RUN apk add --no-cache \ - git - -RUN cd / \ - && git stash \ - && git fetch -t origin pull/267/head \ - && git reset --hard refs/tags/3.0.59 \ - && git rebase d168bd0e8745a077e962248741f6be9fbeb7a8b5 \ - && git stash pop - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/ssh/AUTHORS.md b/docker/ssh/AUTHORS.md deleted file mode 100644 index f0559d0..0000000 --- a/docker/ssh/AUTHORS.md +++ /dev/null @@ -1,4 +0,0 @@ -# Authors - -* **Andreas Urbanski** - [@andreasur](https://github.com/andreasur/docker-ssh-agent) -* **Yann Autissier** - [@aya](https://github.com/aya/docker-ssh-agent) diff --git a/docker/ssh/CHANGELOG.md b/docker/ssh/CHANGELOG.md deleted file mode 100644 index 89cd6eb..0000000 --- a/docker/ssh/CHANGELOG.md +++ /dev/null @@ -1,10 +0,0 @@ -# Changelog - -## Initial Release (Oct 18, 2016) - -* Docker image for SSH agent container - -## v1.0.0 (May 16, 2017) - -* Use alpine latest version -* Remove unwanted outputs diff --git a/docker/ssh/Dockerfile b/docker/ssh/Dockerfile deleted file mode 100644 index 28f4604..0000000 --- a/docker/ssh/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -FROM alpine:latest as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -# Install dependencies -RUN apk add --no-cache \ - openssh \ - socat - -# Setup environment variables; export SSH_AUTH_SOCK from socket directory -ENV SOCKET_DIR /tmp/ssh-agent -ENV SSH_AUTH_SOCK ${SOCKET_DIR}/socket -ENV SSH_AUTH_PROXY_SOCK ${SOCKET_DIR}/proxy-socket - -# Copy entrypoint script to container -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh - -ENTRYPOINT ["/docker-entrypoint.sh"] - -CMD ["ssh-agent"] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID -ARG GID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a specific UID -RUN let $UID >/dev/null 2>&1 \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk 'BEGIN {FS=":"} {print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk 'BEGIN {FS=":"} {print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:/bin/false" >> /etc/passwd; \ - echo "$USER:!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -RUN mkdir -p $SOCKET_DIR && chown $USER $SOCKET_DIR - -VOLUME ${SOCKET_DIR} -USER $USER diff --git a/docker/ssh/LICENSE b/docker/ssh/LICENSE deleted file mode 100644 index 543a67e..0000000 --- a/docker/ssh/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (c) Andreas Urbanski, 2016 -# -# Permission is hereby granted, free of charge, to any person obtaining a -# copy of this software and associated documentation files (the "Software"), -# to deal in the Software without restriction, including without limitation -# the rights to use, copy, modify, merge, publish, distribute, sublicense, -# and/or sell copies of the Software, and to permit persons to whom the -# Software is furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included -# in all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS -# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL -# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. - diff --git a/docker/ssh/README.md b/docker/ssh/README.md deleted file mode 100644 index 1dcaaf6..0000000 --- a/docker/ssh/README.md +++ /dev/null @@ -1,72 +0,0 @@ -# Docker SSH Agent - -Lets you store your SSH authentication keys in a dockerized ssh-agent that can provide the SSH authentication socket for other containers. Works in OSX and Linux environments. - -## Why? - -On OSX you cannot simply forward your authentication socket to a docker container to be able to e.g clone private repositories that you have access to. You don't want to copy your private key to all containers either. The solution is to add your keys only once to a long-lived ssh-agent container that can be used by other containers and stopped when not needed anymore. - -## How to use - -### 0. Build -Navigate to the project directory and launch the following command to build the image: - -``` -docker build -t docker-ssh-agent:latest -f Dockerfile . -``` - -### 1. Run a long-lived container - -``` -docker run -d --name=ssh-agent docker-ssh-agent:latest -``` - -### 2. Add your ssh keys - -Run a temporary container with volume mounted from host that includes your SSH keys. SSH key id_rsa will be added to ssh-agent (you can replace id_rsa with your key name): - -``` -docker run --rm --volumes-from=ssh-agent -v ~/.ssh:/root/.ssh -it docker-ssh-agent:latest ssh-add /root/.ssh/id_rsa -``` - -The ssh-agent container is now ready to use. - -### 3. Add ssh-agent socket to other container: - -#### With docker-compose - -If you're using `docker-compose` this is how you forward the socket to a container: - -``` - volumes_from: - - ssh-agent - environment: - - SSH_AUTH_SOCK=/tmp/ssh-agent/socket -``` - -#### Without docker-compose - -Here's an example how to run a Ubuntu container that uses the ssh authentication socket: - -``` -docker run -it --volumes-from=ssh-agent -e SSH_AUTH_SOCK=/tmp/ssh-agent/socket ubuntu:latest /bin/bash -``` - -#### Disable host key verification in your containers - -You may wish to disable the ssh host key verification inside your containers to avoid using interactive mode at all. -You can do it adding the following configuration in the /etc/ssh/ssh_config file of your containers. - -``` -Host * - UserKnownHostsFile /dev/null - StrictHostKeyChecking no -``` - -### Deleting keys from the container - -Run a temporary container and delete all known keys from ssh-agent: - -``` -docker run --rm --volumes-from=ssh-agent -it docker-ssh-agent:latest ssh-add -D -``` diff --git a/docker/ssh/docker-entrypoint.sh b/docker/ssh/docker-entrypoint.sh deleted file mode 100755 index 762bebe..0000000 --- a/docker/ssh/docker-entrypoint.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env sh -set -euo pipefail -set -o errexit - -# Print a debug message if debug mode is on ($DEBUG is not empty) -# @param message -debug_msg () -{ - if [ -n "${DEBUG:-}" -a "${DEBUG:-}" != "false" ]; then - echo "$@" - fi -} - -case "$1" in - # Start ssh-agent - ssh-agent) - - # Create proxy-socket for ssh-agent (to give everyone access to the ssh-agent socket) - debug_msg "Create proxy socket..." - rm -f ${SSH_AUTH_SOCK} ${SSH_AUTH_PROXY_SOCK} > /dev/null 2>&1 - socat UNIX-LISTEN:${SSH_AUTH_PROXY_SOCK},perm=0666,fork UNIX-CONNECT:${SSH_AUTH_SOCK} & - - debug_msg "Launch ssh-agent..." - exec /usr/bin/ssh-agent -a ${SSH_AUTH_SOCK} -D >/dev/null - ;; - - *) - debug_msg "Exec: $@" - exec $@ - ;; -esac diff --git a/docker/terraform/Dockerfile b/docker/terraform/Dockerfile deleted file mode 100644 index 9652ec9..0000000 --- a/docker/terraform/Dockerfile +++ /dev/null @@ -1,35 +0,0 @@ -FROM hashicorp/terraform:light as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -RUN apk --no-cache upgrade - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a numeric UID -RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \ - echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -USER $USER diff --git a/docker/theia/.screenrc b/docker/theia/.screenrc deleted file mode 100644 index 344dec4..0000000 --- a/docker/theia/.screenrc +++ /dev/null @@ -1,3 +0,0 @@ -hardstatus alwayslastline "%{= kw}[%{G}%H%{-}] \# %?%-Lw%?[%{G}%n%f %t%{-}]%?%+Lw%?%?%=%-17< [%{B}%l%{-}]" -defscrollback 1048576 -shell -$SHELL diff --git a/docker/theia/.tmux.conf b/docker/theia/.tmux.conf deleted file mode 100644 index 5957741..0000000 --- a/docker/theia/.tmux.conf +++ /dev/null @@ -1,32 +0,0 @@ -# this is aya's tmux configuration ! -bind r source-file ~/.tmux.conf\; display-message "tmux.conf reloaded!" -bind R move-window -r -bind C-n switch-client -n\; refresh-client -S -bind C-p switch-client -p\; refresh-client -S -bind Escape copy-mode -bind Y run "tmux save-buffer - |xsel -i" -bind P run "xsel -o |tmux load-buffer -; tmux paste-buffer" -bind C-c run "tmux save-buffer - | xclip -i -sel clipboard >/dev/null" -bind C-v run "tmux set-buffer \"$(xclip -o -sel clipboard)\"; tmux paste-buffer" -bind -n S-down new-window -bind -n S-left prev -bind -n S-right next -bind -n C-left swap-window -t -1 -bind -n C-right swap-window -t +1 -set -g aggressive-resize on -set -g status-keys vi -setw -g mode-keys vi -setw -g window-status-current-bg blue -setw -g window-status-current-fg white -setw -g monitor-activity on -set -g visual-activity on -setw -g automatic-rename on -set -g default-terminal "screen" -set -g history-limit 4242 -set -g status-bg black -set -g status-fg white -set -g status-interval 60 -set -g status-left-length 30 -set -g status-left '<#[fg=green]#S#[default]> ' -set -g status-right '#[fg=yellow] %d/%m %H:%M#[default]' -set -g update-environment "SSH_ASKPASS SSH_AUTH_SOCK SSH_AGENT_PID SSH_CONNECTION" diff --git a/docker/theia/Dockerfile b/docker/theia/Dockerfile deleted file mode 100644 index 6beafc0..0000000 --- a/docker/theia/Dockerfile +++ /dev/null @@ -1,266 +0,0 @@ -FROM ubuntu:18.04 as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -# https://github.com/theia-ide/theia-apps/blob/master/theia-full-docker/Dockerfile - -ENV DEBIAN_FRONTEND noninteractive - -#Common deps -RUN apt-get update && apt-get -y dist-upgrade && apt-get -y install curl xz-utils wget gpg - -#Install node and yarn -#From: https://github.com/nodejs/docker-node/blob/6b8d86d6ad59e0d1e7a94cec2e909cad137a028f/8/Dockerfile - -# gpg keys listed at https://github.com/nodejs/node#release-keys -RUN set -ex \ - && for key in \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - B9AE9905FFD7803F25714661B63B535A4C206CA9 \ - 77984A986EBC2AA786BC0F66B01FBB92821C587A \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - FD3A5288F042B6850C66B31F09FE44734EB7990E \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - ; do \ - gpg --batch --keyserver ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver pgp.mit.edu --recv-keys "$key" || \ - gpg --batch --keyserver keyserver.pgp.com --recv-keys "$key" || \ - gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key" ; \ - done - -ENV NODE_VERSION 8.14.1 - -RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) ARCH='x64';; \ - ppc64el) ARCH='ppc64le';; \ - s390x) ARCH='s390x';; \ - arm64) ARCH='arm64';; \ - armhf) ARCH='armv7l';; \ - i386) ARCH='x86';; \ - *) echo "unsupported architecture"; exit 1 ;; \ - esac \ - && curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ - && curl -SLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ - && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ - && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ - && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ - && ln -s /usr/local/bin/node /usr/local/bin/nodejs - -ENV YARN_VERSION 1.13.0 - -RUN set -ex \ - && for key in \ - 6A010C5166006599AA17F08146C2130DFD2497F5 \ - ; do \ - gpg --batch --keyserver ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver pgp.mit.edu --recv-keys "$key" || \ - gpg --batch --keyserver keyserver.pgp.com --recv-keys "$key" || \ - gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key" ; \ - done \ - && curl -fSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \ - && curl -fSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \ - && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \ - && mkdir -p /opt/yarn \ - && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/yarn --strip-components=1 \ - && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \ - && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarnpkg \ - && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz - -#Developer tools - -## Git and sudo (sudo needed for user override) -RUN apt-get -y install git sudo - -##GO -ENV GO_VERSION 1.11.4 -ENV GOPATH=/usr/local/go-packages -ENV GO_ROOT=/usr/local/go -ENV PATH $PATH:/usr/local/go/bin -ENV PATH $PATH:${GOPATH}/bin - -RUN curl -sS https://storage.googleapis.com/golang/go$GO_VERSION.linux-amd64.tar.gz | tar -C /usr/local -xzf - && \ - go get -u -v github.com/nsf/gocode && \ - go get -u -v github.com/uudashr/gopkgs/cmd/gopkgs && \ - go get -u -v github.com/ramya-rao-a/go-outline && \ - go get -u -v github.com/acroca/go-symbols && \ - go get -u -v golang.org/x/tools/cmd/guru && \ - go get -u -v golang.org/x/tools/cmd/gorename && \ - go get -u -v github.com/fatih/gomodifytags && \ - go get -u -v github.com/haya14busa/goplay/cmd/goplay && \ - go get -u -v github.com/josharian/impl && \ - go get -u -v github.com/tylerb/gotype-live && \ - go get -u -v github.com/rogpeppe/godef && \ - go get -u -v golang.org/x/tools/cmd/godoc && \ - go get -u -v github.com/zmb3/gogetdoc && \ - go get -u -v golang.org/x/tools/cmd/goimports && \ - go get -u -v sourcegraph.com/sqs/goreturns && \ - go get -u -v github.com/golang/lint/golint && \ - go get -u -v github.com/cweill/gotests/... && \ - go get -u -v github.com/alecthomas/gometalinter && \ - go get -u -v honnef.co/go/tools/... && \ - go get -u -v github.com/sourcegraph/go-langserver && \ - go get -u -v github.com/derekparker/delve/cmd/dlv && \ - go get -u -v github.com/davidrjenni/reftools/cmd/fillstruct - -#Java -RUN echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections && \ - apt-get -y install openjdk-8-jdk - -#C/C++ -# public LLVM PPA, development version of LLVM -RUN wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - && \ - echo "deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic main" > /etc/apt/sources.list.d/llvm.list && \ - apt-get update && apt-get install -y clang-tools-9 && \ - ln -s /usr/bin/clangd-9 /usr/bin/clangd - -#Python 2 -RUN apt-get install -y python python-pip && \ - pip install python-language-server - -#PHP -RUN apt-get -y install php curl php-cli php-mbstring unzip - -# https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md -# https://linuxconfig.org/how-to-install-php-composer-on-debian-linux -RUN curl -s -o composer-setup.php https://getcomposer.org/installer \ - && php composer-setup.php --install-dir=/usr/local/bin --filename=composer \ - && rm composer-setup.php - -#Ruby -RUN apt-get -y install ruby ruby-dev zlib1g-dev && \ - gem install solargraph - -#Theia -##Needed for node-gyp, nsfw build -RUN apt-get install -y python build-essential - -#Docker -RUN apt-get install -y \ - apt-transport-https \ - ca-certificates \ - curl \ - gnupg-agent \ - software-properties-common \ - && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \ - && add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \ - && apt-get update \ - && apt-get -y install docker-ce docker-ce-cli containerd.io - -## Common tools -RUN apt-get -y install nano screen tig tmux vim-nox zsh - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG DOCKER_GID -ARG SHELL=/bin/bash -ARG UID -ARG GID -ARG SSH_BASTION_HOSTNAME -ARG SSH_BASTION_USERNAME -ARG SSH_PUBLIC_HOSTS -ARG SSH_PRIVATE_IP_RANGE -ARG USER -ENV UID=${UID} -ENV GID=${GID:-${UID}} -ENV USER=${USER:-root} - -# If we provide a numeric UID -RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \ - echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -# If we provide a numeric DOCKER_GID -RUN [ "$DOCKER_GID" -eq "$DOCKER_GID" ] 2>/dev/null \ - && if [ "$(getent group docker |awk -F: '{print $3}')" != "$DOCKER_GID" ]; then \ - sed -i 's/^docker:x:[0-9]\+:/docker:x:'$DOCKER_GID':/' /etc/group; \ - fi \ -|| true - -## User groups -RUN adduser $USER docker \ - && adduser $USER sudo \ - && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers - -#ARG version=latest -#ADD https://raw.githubusercontent.com/theia-ide/theia-apps/master/theia-full-docker/$version.package.json /home/$USER/package.json -COPY ${DOCKER_BUILD_DIR}/package.json /home/$USER/package.json -RUN chown $USER /home/$USER/package.json - -RUN echo -e "\n\ -Host *\n\ - LogLevel quiet\n\ - Compression yes\n\ -Host ${SSH_PRIVATE_IP_RANGE}\n\ - ProxyCommand ssh -q ssh-bastion nc -q0 %h 22\n\ - HostName %h\n\ - StrictHostKeyChecking no\n\ - UserKnownHostsFile /dev/null\n\ -Host ssh-bastion\n\ - HostName ${SSH_BASTION_HOSTNAME}\n\ - User ${SSH_BASTION_USERNAME}\n\ -" >> /etc/ssh/ssh_config - -# Custom rc functions -COPY ansible/roles/hosts/files/etc/profile.d/rc*.sh /etc/profile.d/ - -USER $USER -WORKDIR /home/$USER - -# using "NODE_OPTIONS=..." to avoid out-of-memory problem in CI -ARG GITHUB_TOKEN -RUN yarn --cache-folder ./ycache && rm -rf ./ycache \ - && NODE_OPTIONS="--max_old_space_size=4096" yarn theia build - -# git config -RUN mkdir -p ~/.ssh ~/.config/git \ - && ssh-keyscan -t rsa -H ${SSH_PUBLIC_HOSTS} >> ~/.ssh/known_hosts \ - && echo -e "\ -.DS_Store\n\ -.idea/\n\ -.nfs*\n\ -.theia/settings.json\n\ -*~\n\ -*.log\n\ -*.swp\n\ -Thumbs.db\n\ -" > ~/.config/git/ignore - -# dot files -COPY ${DOCKER_BUILD_DIR}/.* /home/$USER/ - -ARG GIT_AUTHOR_NAME -ARG GIT_AUTHOR_EMAIL - -ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} -ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} -ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME} -ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL} - -ENV SHELL=${SHELL} -ENV WORKSPACE_DIR=/Sources - -ENTRYPOINT yarn theia start $WORKSPACE_DIR --hostname=0.0.0.0 -EXPOSE 3000 diff --git a/docker/theia/latest.package.json b/docker/theia/latest.package.json deleted file mode 100644 index 504a088..0000000 --- a/docker/theia/latest.package.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "private": true, - "dependencies": { - "typescript": "latest", - "@theia/callhierarchy": "latest", - "@theia/core": "latest", - "@theia/cpp": "latest", - "@theia/editor": "latest", - "@theia/editorconfig": "latest", - "@theia/extension-manager": "latest", - "@theia/file-search": "latest", - "@theia/filesystem": "latest", - "@theia/git": "latest", - "@theia/go": "latest", - "@theia/java": "latest", - "@theia/json": "latest", - "@theia/keymaps": "latest", - "@theia/languages": "latest", - "@theia/markers": "latest", - "@theia/merge-conflicts": "latest", - "@theia/messages": "latest", - "@theia/metrics": "latest", - "@theia/mini-browser": "latest", - "@theia/monaco": "latest", - "@theia/navigator": "latest", - "@theia/outline-view": "latest", - "@theia/output": "latest", - "@theia/plantuml": "latest", - "@theia/plugin": "latest", - "@theia/plugin-ext": "latest", - "@theia/plugin-ext-vscode": "latest", - "@theia/preferences": "latest", - "@theia/preview": "latest", - "@theia/process": "latest", - "@theia/python": "latest", - "@theia/rust": "latest", - "@theia/search-in-workspace": "latest", - "@theia/task": "latest", - "@theia/terminal": "latest", - "@theia/textmate-grammars": "latest", - "@theia/typescript": "latest", - "@theia/userstorage": "latest", - "@theia/variable-resolver": "latest", - "@theia/workspace": "latest", - "theia-yang-extension": "latest" - }, - "devDependencies": { - "@theia/cli": "latest" - } -} diff --git a/docker/theia/next.package.json b/docker/theia/next.package.json deleted file mode 100644 index dc01cac..0000000 --- a/docker/theia/next.package.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "private": true, - "dependencies": { - "typescript": "latest", - "@theia/callhierarchy": "next", - "@theia/core": "next", - "@theia/cpp": "next", - "@theia/docker": "next", - "@theia/editor": "next", - "@theia/editorconfig": "next", - "@theia/editor-preview": "next", - "@theia/extension-manager": "next", - "@theia/file-search": "next", - "@theia/filesystem": "next", - "@theia/git": "next", - "@theia/go": "next", - "@theia/getting-started": "next", - "@theia/java": "next", - "@theia/json": "next", - "@theia/keymaps": "next", - "@theia/languages": "next", - "@theia/markers": "next", - "@theia/merge-conflicts": "next", - "@theia/messages": "next", - "@theia/metrics": "next", - "@theia/mini-browser": "next", - "@theia/monaco": "next", - "@theia/navigator": "next", - "@theia/outline-view": "next", - "@theia/php": "next", - "@theia/output": "next", - "@theia/plantuml": "next", - "@theia/plugin": "next", - "@theia/plugin-ext": "next", - "@theia/plugin-ext-vscode": "next", - "@theia/preferences": "next", - "@theia/preview": "next", - "@theia/process": "next", - "@theia/python": "next", - "@theia/ruby": "next", - "@theia/rust": "next", - "@theia/search-in-workspace": "next", - "@theia/task": "next", - "@theia/terminal": "next", - "@theia/textmate-grammars": "next", - "@theia/tslint": "next", - "@theia/typescript": "next", - "@theia/userstorage": "next", - "@theia/variable-resolver": "next", - "@theia/workspace": "next", - "theia-yang-extension": "next" - }, - "devDependencies": { - "@theia/cli": "next" - } -} diff --git a/docker/theia/package.json b/docker/theia/package.json deleted file mode 100644 index 2bcc712..0000000 --- a/docker/theia/package.json +++ /dev/null @@ -1,57 +0,0 @@ -{ - "private": true, - "dependencies": { - "typescript": "latest", - "@theia/callhierarchy": "next", - "@theia/core": "next", - "@theia/cpp": "next", - "@theia/docker": "next", - "@theia/editor": "next", - "@theia/editorconfig": "next", - "@theia/editor-preview": "next", - "@theia/extension-manager": "next", - "@theia/file-search": "next", - "@theia/filesystem": "next", - "@theia/git": "next", - "@theia/go": "next", - "@theia/getting-started": "next", - "@theia/java": "next", - "@theia/json": "next", - "@theia/keymaps": "next", - "@theia/languages": "next", - "@theia/markers": "next", - "@theia/merge-conflicts": "next", - "@theia/messages": "next", - "@theia/metrics": "next", - "@theia/mini-browser": "next", - "@theia/monaco": "next", - "@theia/navigator": "next", - "@theia/outline-view": "next", - "@theia/php": "next", - "@theia/output": "next", - "@theia/plantuml": "next", - "@theia/plugin": "next", - "@theia/plugin-ext": "next", - "@theia/plugin-ext-vscode": "next", - "@theia/preferences": "next", - "@theia/preview": "next", - "@theia/process": "next", - "@theia/python": "next", - "@theia/ruby": "next", - "@theia/rust": "next", - "@theia/search-in-workspace": "next", - "@theia/task": "next", - "@theia/terminal": "next", - "@theia/textmate-grammars": "next", - "@theia/tslint": "next", - "@theia/typescript": "next", - "@theia/userstorage": "next", - "@theia/variable-resolver": "next", - "@theia/workspace": "next", - "@theia/yaml": "next", - "theia-yang-extension": "next" - }, - "devDependencies": { - "@theia/cli": "next" - } -} diff --git a/docker/toggle/ui/config.js b/docker/toggle/ui/config.js deleted file mode 100644 index 5f3dbef..0000000 --- a/docker/toggle/ui/config.js +++ /dev/null @@ -1 +0,0 @@ -toggleApp.constant('TOGGLE_API_BASE_URL', 'http://toggle-api.master.localhost'); diff --git a/docker/vsftpd-s3/.gitrepo b/docker/vsftpd-s3/.gitrepo deleted file mode 100644 index 3525777..0000000 --- a/docker/vsftpd-s3/.gitrepo +++ /dev/null @@ -1,12 +0,0 @@ -; DO NOT EDIT (unless you know what you are doing) -; -; This subdirectory is a git "subrepo", and this file is maintained by the -; git-subrepo command. See https://github.com/git-commands/git-subrepo#readme -; -[subrepo] - remote = ssh://git@github.com/aynicos/docker-vsftpd-s3 - branch = master - commit = 6d5b3310525d8cb1be32f0461a8633aba8641b24 - parent = 162fd1a1c05971c62996f6be53522c74559f567b - method = merge - cmdver = 0.4.0 diff --git a/docker/vsftpd-s3/CHANGELOG.md b/docker/vsftpd-s3/CHANGELOG.md deleted file mode 100644 index 9252024..0000000 --- a/docker/vsftpd-s3/CHANGELOG.md +++ /dev/null @@ -1,10 +0,0 @@ -# Changelog - -## v1.0.0 (April 21, 2017) - -Initial release. - -* Install vsftpd -* Install s3fs -* Create ftp user -* Mount s3 bucket in ftp user homedirectory diff --git a/docker/vsftpd-s3/Dockerfile b/docker/vsftpd-s3/Dockerfile deleted file mode 100644 index 3b37197..0000000 --- a/docker/vsftpd-s3/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -FROM alpine:3.11 as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG S3FS_VERSION=v1.85 - -# Install s3fs-fuse and sftpserver -RUN apk --no-cache upgrade \ - && apk --no-cache add --virtual .build-deps \ - alpine-sdk \ - automake \ - autoconf \ - curl-dev \ - fuse-dev \ - libressl-dev \ - libgcrypt-dev \ - libxml2-dev \ - && git clone https://github.com/s3fs-fuse/s3fs-fuse \ - && cd s3fs-fuse \ - && git checkout tags/${S3FS_VERSION} -b ${S3FS_VERSION} \ - && ./autogen.sh \ - && ./configure --prefix=/usr/local \ - && make install \ - && cd .. \ - && rm -rf s3fs-fuse \ - && runDeps="$( \ - scanelf --needed --nobanner --recursive /usr/local \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk del .build-deps \ - && apk add --no-cache --virtual .run-deps $runDeps \ - curl \ - lftp \ - logrotate \ - openssh \ - openssl \ - vsftpd - -RUN sed -i 's|/var/log/messages|/var/log/*.log|' /etc/logrotate.conf - -RUN ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' \ - && ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N '' - -COPY ${DOCKER_BUILD_DIR}/lftp-sync.sh /usr/local/bin/ -RUN chmod 755 /usr/local/bin/lftp-sync.sh - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh / -ENTRYPOINT ["/docker-entrypoint.sh"] -EXPOSE 21/tcp -EXPOSE 1022/tcp -EXPOSE 65000/tcp -VOLUME ["/var/log"] - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/vsftpd-s3/LICENSE b/docker/vsftpd-s3/LICENSE deleted file mode 100644 index b8f727e..0000000 --- a/docker/vsftpd-s3/LICENSE +++ /dev/null @@ -1,18 +0,0 @@ -MIT License - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/docker/vsftpd-s3/README.md b/docker/vsftpd-s3/README.md deleted file mode 100644 index 9a89055..0000000 --- a/docker/vsftpd-s3/README.md +++ /dev/null @@ -1,86 +0,0 @@ -# docker-vsftpd-s3 - -Alpine based Dockerfile running a vsftpd server providing secure FTP access to an Amazon S3 bucket. -This docker image can run in Amazon ECS. - -## Usage - -Following environment variables can be customized. - -```shell -AWS_ACCESS_KEY_ID= # acces key of the AWS user, required -AWS_SECRET_ACCESS_KEY= # secret key of the AWS user, required -S3_BUCKET= # the S3 bucket name, required -S3_ACL=private # default to private, optional -FTPD_USER=s3ftp # the ftp user, default to s3ftp, optional -FTPD_PASS=s3ftp # the ftp password, default to s3ftp, optional -FTPD_BANNER= # the ftp banner -CMDS_ALLOWED= # the ftp allowed commands, default to upload only, no delete or download, optional -PASV_ADDRESS= # the ftp server external IP address, default to the AWS instance public IP, optional -PASV_MIN_PORT=65000 # the ftp server pasv_min_port, default to 65000, optional -PASV_MAX_PORT=65000 # the ftp server pasv_max_port, default to 65000, optional -FTP_SYNC= # enable file synchronisation with a remote ftp server -FTP_HOST= # the remote ftp server to sync with -FTP_USER= # the ftp user to connect to remote ftp server -FTP_PASS= # the ftp password to connect to remote ftp server -REMOTE_DIR= # the directory to sync from on the remote ftp server, default to / -LOCAL_DIR= # the directory to sync to on the local server, default to /home/$FTPD_USER -``` - -When you need multiple FTPD_USERs to serve multiple S3_BUCKETs, you have to set all variables at once in a list of double twopoints separated values. - -FTPD_USERS="FTPD_USER_1::FTPD_PASS_1::S3_BUCKET_1::AWS_ACCESS_KEY_ID_1::AWS_SECRET_ACCESS_KEY_1 FTPD_USER_2::FTPD_PASS_2::S3_BUCKET_2::AWS_ACCESS_KEY_ID_2::AWS_SECRET_ACCESS_KEY_2 ..." - -You can specify values in FTPD_PASS, S3_BUCKET, AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY that will be use as default for FTPD_USERS. - -FTPD_USERS="FTPD_USER_1::FTPD_PASS_1::S3_BUCKET_1::AWS_ACCESS_KEY_ID_1::AWS_SECRET_ACCESS_KEY_1 FTPD_USER_2::FTPD_PASS_2::S3_BUCKET_2 FTPD_USER_3 FTPD_USER_4::FTPD_PASS_4" - -## AWS Notes - -### IAM User - -You should create an IAM User with a dedicated access/secret key pair to access your S3 bucket and create a specific strategy attached to this user. - -```json -{ - "Statement": [ - { - "Effect": "Allow", - "Action": "s3:*", - "Resource": [ - "arn:aws:s3:::my-bucket", - "arn:aws:s3:::my-bucket/*" - ] - } - ] -} -``` - -### ELB/ECS Compatibility - -You can set an ELB listening on port 21 and forwarding requests to sftpd-s3 dockers running in an ECS cluster. - -### Security groups - -You should allow access on port 21 and port 65000 at least on the instances running sftpd-s3 dockers and on the attached ELB. - -## Example - -Build a docker image named "vsftpd-s3". - -```shell -$ docker build -t vsftpd-s3 . -``` - -Start a docker from this image. - -```shell -$ docker run -it --device /dev/fuse --cap-add sys_admin --security-opt apparmor:unconfined -p 21:21 -p 65000:65000 -e AWS_ACCESS_KEY_ID=ABCDEFGHIJKLMNOPQRST -e AWS_SECRET_ACCESS_KEY=0123456789ABCDEF0123456789ABCDEF01234567 -e S3_BUCKET="my-s3-bucket" -e FTPD_USER="my_ftp_user" -e FTPD_PASS="my_ftp_password" vsftpd-s3 -``` - -## Security notes - -Current docker image is shipped with FTPS and SFTP support, although SFTP support should be (and will be !) shipped in a separate docker image. -SFTP is served by openssh listening on port 22. SFTP is not properly configured to chroot users in their homedir. -This allows an authenticated user to leak the list of your ftp users. - diff --git a/docker/vsftpd-s3/docker-entrypoint.sh b/docker/vsftpd-s3/docker-entrypoint.sh deleted file mode 100755 index 678d697..0000000 --- a/docker/vsftpd-s3/docker-entrypoint.sh +++ /dev/null @@ -1,137 +0,0 @@ -#!/bin/ash -set -euo errexit - -trap 'kill -SIGQUIT $PID' INT - -# VSFTPD PASV configuration -PASV_ADDRESS=${PASV_ADDRESS:-$(timeout 1 wget -qO- http://169.254.169.254/latest/meta-data/public-ipv4 2>/dev/null ||:)} -PASV_MIN_PORT=${PASV_MIN_PORT:-65000} -PASV_MAX_PORT=${PASV_MAX_PORT:-65535} - -# VSFTPD Banner -FTPD_BANNER=${FTPD_BANNER:-FTP Server} - -# FTP allowed commands -# full command list : https://blog.vigilcode.com/2011/08/configure-secure-ftp-with-vsftpd/ -CMDS_ALLOWED=${CMDS_ALLOWED:-ABOR,ALLO,APPE,CCC,CDUP,CWD,DELE,FEAT,HELP,LIST,LPSV,MKD,MLST,MODE,NLST,NOOP,OPTS,PASS,PASV,PBSZ,PORT,PWD,QUIT,REIN,REST,RETR,RMD,RNFR,RNTO,SITE,SIZE,STAT,STOR,STRU,SYST,TYPE,USER} - -# Configure vsftpd -echo "anonymous_enable=NO -seccomp_sandbox=NO -local_enable=YES -write_enable=YES -xferlog_enable=YES -log_ftp_protocol=YES -nopriv_user=vsftp -chroot_local_user=YES -allow_writeable_chroot=YES -delete_failed_uploads=YES -port_enable=YES -port_promiscuous=YES -cmds_allowed=$CMDS_ALLOWED -ftpd_banner=$FTPD_BANNER -pasv_enable=YES -pasv_promiscuous=YES -pasv_min_port=$PASV_MIN_PORT -pasv_max_port=$PASV_MAX_PORT" > /etc/vsftpd.conf -[ -n "$PASV_ADDRESS" ] && echo "pasv_address=$PASV_ADDRESS" >> /etc/vsftpd.conf - -# SSL certificate -SSL_CERT_C=${SSL_CERT_C:-FR} -SSL_CERT_ST=${SSL_CERT_ST:-LaGaule} -SSL_CERT_L=${SSL_CERT_L:-Mars} -SSL_CERT_O=${SSL_CERT_O:-1nation} -SSL_CERT_OU=${SSL_CERT_OU:-Hosting} -SSL_CERT_CN=${SSL_CERT_CN:-ftp} - -# Create SSL certificate -openssl req -x509 -nodes -days 365 -newkey rsa:2048 -addext extendedKeyUsage=serverAuth -addext subjectAltName=DNS:${SSL_CERT_CN} -subj "/C=${SSL_CERT_C}/ST=${SSL_CERT_ST}/L=${SSL_CERT_L}/O=${SSL_CERT_O}/OU=${SSL_CERT_OU}/CN=${SSL_CERT_CN}" -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem 2>/dev/null && echo " -rsa_cert_file=/etc/ssl/private/vsftpd.pem -rsa_private_key_file=/etc/ssl/private/vsftpd.pem -ssl_enable=YES -allow_anon_ssl=YES -force_anon_data_ssl=NO -force_anon_logins_ssl=NO -force_local_data_ssl=NO -force_local_logins_ssl=NO -ssl_tlsv1=YES -ssl_sslv2=YES -ssl_sslv3=YES -require_cert=NO -require_ssl_reuse=NO -ssl_ciphers=HIGH" >> /etc/vsftpd.conf - -# Amazon S3 bucket -S3_ACL=${S3_ACL:-private} -S3_BUCKET=${S3_BUCKET:-s3bucket} - -# Amazon credentials -AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-aws_access_key_id} -AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-aws_secret_access_key} - -# VSFTPD credentials -FTPD_USER=${FTPD_USER:-s3ftp} -FTPD_PASS=${FTPD_PASS:-s3ftp} - -# Multi users -FTPD_USERS=${FTPD_USERS:-${FTPD_USER}::${FTPD_PASS}::${S3_BUCKET}::${AWS_ACCESS_KEY_ID}::${AWS_SECRET_ACCESS_KEY}} - -# For each user -echo "${FTPD_USERS}" |sed 's/ /\n/g' |while read line; do - echo ${line//::/ } |while read ftpd_user ftpd_pass s3_bucket aws_access_key_id aws_secret_access_key; do - - # Check if user already exist - id ${ftpd_user} >/dev/null 2>&1 && continue - - # Create FTP user - adduser -h /home/${ftpd_user} -s /sbin/nologin -D ${ftpd_user} - echo "${ftpd_user}:${ftpd_pass:-$FTPD_PASS}" | chpasswd 2> /dev/null - - # Configure s3fs - echo "${aws_access_key_id:-$AWS_ACCESS_KEY_ID}:${aws_secret_access_key:-$AWS_SECRET_ACCESS_KEY}" > /home/${ftpd_user}/.passwd-s3fs - chmod 0400 /home/${ftpd_user}/.passwd-s3fs - - # Mount s3fs - /usr/local/bin/s3fs ${s3_bucket:-$S3_BUCKET} /home/${ftpd_user} -o nosuid,nonempty,nodev,allow_other,complement_stat,mp_umask=027,uid=$(id -u ${ftpd_user}),gid=$(id -g ${ftpd_user}),passwd_file=/home/${ftpd_user}/.passwd-s3fs,default_acl=${S3_ACL},retries=5 - - # Exit docker if the s3 filesystem is not reachable anymore - ( crontab -l && echo "* * * * * timeout 3 touch /home/${ftpd_user}/.test >/dev/null || kill -KILL -1" ) | crontab - - - done -done - -# Enable SFTP -echo "Protocol 2 -HostKey /etc/ssh/ssh_host_ed25519_key -HostKey /etc/ssh/ssh_host_rsa_key -UseDNS no -PermitRootLogin no -X11Forwarding no -AllowTcpForwarding no -Subsystem sftp internal-sftp -ForceCommand internal-sftp -d %u -ChrootDirectory /home -Port 1022 -" > /etc/ssh/sshd_config - -# FTP sync client -FTP_SYNC=${FTP_SYNC:-0} -FTP_HOST=${FTP_HOST:-localhost} -DIR_REMOTE=${DIR_REMOTE:-/} -DIR_LOCAL=${DIR_LOCAL:-/home/$FTPD_USER} - -# Sync remote FTP every hour (at random time to allow multiple dockers to run) -[ "$FTP_SYNC" != "0" ] \ - && MIN=$(awk 'BEGIN { srand(); printf("%d\n",rand()*60) }') \ - && ( echo "$MIN * * * * /usr/local/bin/lftp-sync.sh $FTP_HOST $DIR_REMOTE $DIR_LOCAL/retour/\$(/bin/date +%Y/%m/%d) ^8.*$" ) | crontab -u ${FTPD_USER} - \ - && MIN=$(awk 'BEGIN { srand(); printf("%d\n",rand()*rand()*60) }') \ - && ( crontab -u ${FTPD_USER} -l && echo "$MIN * * * * /usr/local/bin/lftp-sync.sh $FTP_HOST $DIR_REMOTE $DIR_LOCAL/facture ^INV.*$" ) | crontab -u ${FTPD_USER} - \ - && touch /var/log/lftp-sync.log \ - && chown ${FTPD_USER} /var/log/lftp-sync.log - -# Launch crond -crond -L /var/log/crond.log - -# Launch sshd && vsftpd -[ $# -eq 0 ] && /usr/sbin/sshd -e && /usr/sbin/vsftpd || exec "$@" & -PID=$! && wait diff --git a/docker/vsftpd-s3/lftp-sync.sh b/docker/vsftpd-s3/lftp-sync.sh deleted file mode 100644 index 1ee7e9f..0000000 --- a/docker/vsftpd-s3/lftp-sync.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/sh - -[ -d "/home/$FTPD_USER/log" ] && LOGDIR="/home/$FTPD_USER/log" || LOGDIR="/var/log" -LOG=$LOGDIR/lftp-sync.log - -# lock to prevent multiple sync running together -LOCK="${TMP}/.lock-${0##*/}" -set -o noclobber -(echo "$$" > $LOCK) 2>/dev/null && trap "rm ${LOCK}; exit" HUP INT TERM || exit=255 -set +o noclobber -[ ${error:-0} -ne 0 ] && echo "ERROR : $(basename $0) is LOCKED on ${HOSTNAME}. Please remove ${LOCK}" |tee -a $LOG && exit ${exit} - -# check binaries -which lftp >/dev/null 2>&1 || exit 1 - -[ -n "$1" ] && FTP_HOST="$1" -[ -n "$2" ] && DIR_REMOTE="$2" -[ -n "$3" ] && DIR_LOCAL="$3" -[ -n "$4" ] && FILES="$4" - -# check variables -[ -n "$FTP_HOST" ] && [ -n "$FTP_USER" ] && [ -n "$FTP_PASS" ] || exit 2 - -# check local path -[ -d ${DIR_LOCAL:-~/} ] || mkdir -p ${DIR_LOCAL:-~/} || exit 3 - -# Get files from the remote FTP server and remove them -lftp ftp://$FTP_USER:$FTP_PASS@$FTP_HOST << EOC - set ftp:ssl-allow yes - set xfer:log-file $LOG - mirror \ - --Remove-source-files \ - -i "${FILES:-.*}" \ - ${DIR_REMOTE:-/} \ - ${DIR_LOCAL:-~/} - quit -EOC - -# unlock -rm -f "${LOCK}" 2>/dev/null && trap - HUP INT TERM - -# exit -exit ${exit:-0} diff --git a/docker/x2go/xfce-debian/Dockerfile b/docker/x2go/xfce-debian/Dockerfile deleted file mode 100644 index 7aae745..0000000 --- a/docker/x2go/xfce-debian/Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -FROM danger89/xfcevdi_x2go as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR - -RUN apt-get update \ - && apt-get -fy upgrade \ - && apt-get -fy install \ - ecryptfs-utils \ - fail2ban \ - iptables \ - less \ - libpam-script \ - neovim \ - python3-pip \ - && pip install ssh-crypt \ - && apt-get clean \ - && rm -rf /var/cache/apt/archives/* /var/lib/apt/lists/* - -RUN cp /usr/share/doc/libpam-script/examples/logscript /usr/share/libpam-script \ - && sed -i 's/LOGFILE=\/tmp/LOGFILE=\/var\/log/' /usr/share/libpam-script/logscript \ - && for script in auth acct passwd ses_open ses_close; do \ - ln -s /usr/share/libpam-script/logscript "/usr/share/libpam-script/pam_script_${script}"; \ - done \ - && ln -s /usr/share/libpam-script /etc/pam-script - -WORKDIR /app -COPY ${DOCKER_BUILD_DIR}/*.sh /app/ - -CMD [] -ENTRYPOINT ["/app/run.sh"] -HEALTHCHECK CMD timeout 1 bash -c "/dev/null - -FROM dist as master -ARG DOCKER_BUILD_DIR diff --git a/docker/x2go/xfce-debian/run.sh b/docker/x2go/xfce-debian/run.sh deleted file mode 100755 index c2cd08e..0000000 --- a/docker/x2go/xfce-debian/run.sh +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/sh -[ -n "${DEBUG}" ] && set -x -### every exit != 0 fails the script -set -eu - -if [ ! -f /app/.setup_done ]; then - /app/setup.sh - /app/setup_locales.sh - /app/setup_sshd.sh - /app/setup_timezone.sh -fi - -/app/setup_ecryptfs.sh /dev/shm -# /shared encryption will not survive on restart -/app/setup_ecryptfs.sh /shared -/app/setup_users.sh - -## Start-up our services manually (since Docker container will not invoke all init scripts). -## However, some service do start automatically, when placed and NOT-hidden in: /etc/xdg/autostart folder. - -# Start SSH daemon -service ssh start -# Start dbus system daemon -service dbus start -# Start syslog (for debugging reasons) -service rsyslog start -# prevent fail2ban to fail starting -touch /var/log/auth.log -# prevent tail -f to fail starting -touch /var/log/pam-script.log -# prevent fail2ban to fail restarting -rm -f /var/run/fail2ban/fail2ban.sock -# Start fail2ban (for security reasons) -service fail2ban start - -cleanup() { - /bin/umount -fl /home ||: - service dbus stop - service fail2ban stop - service rsyslog stop - service ssh stop - kill "$PID" 2>/dev/null - exit -} - -trap "cleanup" INT TERM - -if [ $# -eq 0 ]; then - exec tail -f /var/log/fail2ban.log /var/log/syslog /var/log/auth.log /var/log/pam-script.log & - PID=$! && wait -else - # WARNING: cleanup is not called - exec /bin/bash -c "set -e && $*" -fi -cleanup diff --git a/docker/x2go/xfce-debian/setup_ecryptfs.sh b/docker/x2go/xfce-debian/setup_ecryptfs.sh deleted file mode 100755 index a3d7148..0000000 --- a/docker/x2go/xfce-debian/setup_ecryptfs.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh -[ -n "${DEBUG}" ] && set -x -set -eu - -CIPHER="${ECRYPTFS_CIPHER:-aes}" -KEY_BYTES="${ECRYPTFS_KEY_BYTES:-16}" -LOWER_DIR="${1:-${ECRYPTFS_LOWER_DIR:-/home}}" -UPPER_DIR="${ECRYPTFS_UPPER_DIR:-${LOWER_DIR}}" -PASSPHRASE="${ECRYPTFS_PASSPHRASE:-$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)}" -KEY="${ECRYPTFS_KEY:-passphrase:passphrase_passwd=${PASSPHRASE}}" -FNEK_SIG="${ECRYPTFS_FNEK_SIG:-$(printf "%s" "${PASSPHRASE}" |/usr/bin/ecryptfs-add-passphrase --fnek - |/usr/bin/awk '$5 == "sig" && NR == 2 {print substr($6,2,16)}')}" - -# if not already mounted -if ! grep -q "${LOWER_DIR} ${UPPER_DIR} ecryptfs " /proc/mounts 2>/dev/null; then - - # create mount point - mkdir -p "${LOWER_DIR}" "${UPPER_DIR}" - - # mount ecryptfs - /bin/mount -t ecryptfs -o \ -key="${KEY}",\ -no_sig_cache,\ -ecryptfs_cipher="${CIPHER}",\ -ecryptfs_fnek_sig="${FNEK_SIG}",\ -ecryptfs_key_bytes="${KEY_BYTES}",\ -ecryptfs_unlink_sigs\ - "${LOWER_DIR}" "${UPPER_DIR}" >/dev/null - - # Overwrite sensible variables with random data - KEY="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)" - PASSPHRASE="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)" -fi diff --git a/docker/x2go/xfce-debian/setup_ecryptfs_sshagent.sh b/docker/x2go/xfce-debian/setup_ecryptfs_sshagent.sh deleted file mode 100755 index c2d443e..0000000 --- a/docker/x2go/xfce-debian/setup_ecryptfs_sshagent.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/sh -[ -n "${DEBUG}" ] && set -x - -LOWER_DIR="${1:-${ECRYPTFS_LOWER_DIR:-${HOME}/Secure}}" -UPPER_DIR="${ECRYPTFS_UPPER_DIR:-${LOWER_DIR}}" -ALIAS="${ECRYPTFS_ALIAS:-${LOWER_DIR##*/}}" - -# if not already mounted -if ! grep -q "${LOWER_DIR} ${UPPER_DIR} ecryptfs " /proc/mounts 2>/dev/null; then - - # create mount point - mkdir -p "${LOWER_DIR}" "${UPPER_DIR}" - - # we should always use the same key when multiple keys are loaded in ssh-agent - if [ -f "${HOME}/.ecryptfs/${ALIAS}.key" ]; then - ssh_key_fingerprint=$(cat "${HOME}/.ecryptfs/${ALIAS}.key") - # first time, select the first key and write fingerprint to file - else - ssh_key_fingerprint=$(/usr/bin/ssh-add -l 2>/dev/null |awk '{print $2; exit;}') - [ -n "${ssh_key_fingerprint}" ] && printf "%s\n" "${ssh_key_fingerprint}" > "${HOME}/.ecryptfs/${ALIAS}.key" - fi - - # select ssh key name matching fingerprint - ssh_key=$(/usr/bin/ssh-add -l 2>/dev/null |awk '$2 == "'"${ssh_key_fingerprint:-undef}"'" {print $3}') - # if ssh key - if [ -n "${ssh_key}" ]; then - # decrypt encrypted passphrase - if [ -f "${HOME}/.ecryptfs/${ALIAS}.ssh" ]; then - PASSPHRASE=$(/usr/local/bin/ssh-crypt -b -d -k "${ssh_key}" -i "${HOME}/.ecryptfs/${ALIAS}.ssh") - # first time, generate random passphrase and write encrypted passphrase to file - else - PASSPHRASE="${ECRYPTFS_PASSPHRASE:-$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)}" - printf "%s" "${PASSPHRASE}" |/usr/local/bin/ssh-crypt -b -e -k "${ssh_key}" -o "${HOME}/.ecryptfs/${ALIAS}.ssh" - fi - # load authentication token signature (fekek) - SIG="${ECRYPTFS_SIG:-$(printf "%s" "${PASSPHRASE}" |/usr/bin/ecryptfs-add-passphrase - |/usr/bin/awk '$5 == "sig" {print substr($6,2,16); exit;}')}" - # load filename authentication token signature (fnek) - FNEK_SIG="${ECRYPTFS_FNEK_SIG:-$(printf "%s" "${PASSPHRASE}" |/usr/bin/ecryptfs-add-passphrase --fnek - |/usr/bin/awk '$5 == "sig" && NR == 2 {print substr($6,2,16)}')}" - - # Overwrite sensible variables with random data - ECRYPTFS_PASSPHRASE="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)" - PASSPHRASE="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)" - - # first time, write ecryptfs_private config to file - if [ ! -f "${HOME}/.ecryptfs/${ALIAS}.conf" ]; then - printf "%s %s ecryptfs\n" "${LOWER_DIR}" "${UPPER_DIR}" > "${HOME}/.ecryptfs/${ALIAS}.conf" - fi - - # first time, write authentication token signatures to file - if [ ! -f "${HOME}/.ecryptfs/${ALIAS}.sig" ]; then - printf "%s\n" "${SIG}" > "${HOME}/.ecryptfs/${ALIAS}.sig" - printf "%s\n" "${FNEK_SIG}" >> "${HOME}/.ecryptfs/${ALIAS}.sig" - fi - - # check authentication tokens to prevent mounting with bad ones - if grep "${SIG}" "${HOME}/.ecryptfs/${ALIAS}.sig" >/dev/null \ - && grep "${FNEK_SIG}" "${HOME}/.ecryptfs/${ALIAS}.sig" >/dev/null; then - # mount ecryptfs - /sbin/mount.ecryptfs_private "${ALIAS}" - else - echo "WARNING: Bad authentication token ${SIG} for ecryptfs mount ${ALIAS}" - fi - - else - echo "WARNING: Unable to find ssh key ${ssh_key} in ssh agent ${SSH_AUTH_SOCK}" - # if ssh key - fi -# if not already mounted -fi diff --git a/docker/x2go/xfce-debian/setup_locales.sh b/docker/x2go/xfce-debian/setup_locales.sh deleted file mode 100755 index f06866b..0000000 --- a/docker/x2go/xfce-debian/setup_locales.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh -[ -n "${DEBUG}" ] && set -x -set -eu - -LANG=${LANG:-C.UTF-8} -LOCALES=${LOCALES:-${LANG} ${LANG##*.}} -printf "LANG=%s\n" "${LANG}" > /etc/default/locale -rm /etc/locale.gen && printf "%s\n" "${LOCALES}" |while read -r locale; do - printf "%s\n" "${locale}" >> /etc/locale.gen -done && locale-gen diff --git a/docker/x2go/xfce-debian/setup_sshd.sh b/docker/x2go/xfce-debian/setup_sshd.sh deleted file mode 100755 index f3b8e98..0000000 --- a/docker/x2go/xfce-debian/setup_sshd.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -[ -n "${DEBUG}" ] && set -x -set -eu - -sed -i "s/^#\?PasswordAuthentication.*/PasswordAuthentication no/g" /etc/ssh/sshd_config -sed -i "s/^#\?PermitRootLogin.*/PermitRootLogin no/g" /etc/ssh/sshd_config -sed -i "s/^#\?PermitEmptyPasswords.*/PermitEmptyPasswords no/g" /etc/ssh/sshd_config -sed -i "s/^#\?PermitTTY.*/PermitTTY no/g" /etc/ssh/sshd_config -sed -i "s/^#\?PermitTunnel.*/PermitTunnel no/g" /etc/ssh/sshd_config -sed -i "s/^#\?PermitUserEnvironment.*/PermitUserEnvironment no/g" /etc/ssh/sshd_config -sed -i "s/^#\?PrintLastLog.*/PrintLastLog yes/g" /etc/ssh/sshd_config -sed -i "s/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/g" /etc/ssh/sshd_config -sed -i "s/^#\?X11Forwarding.*/X11Forwarding no/g" /etc/ssh/sshd_config - -cat >> /etc/ssh/sshd_config < /etc/timezone -unlink /etc/localtime && ln -s "/usr/share/zoneinfo/${TZ}" /etc/localtime diff --git a/docker/x2go/xfce-debian/setup_users.sh b/docker/x2go/xfce-debian/setup_users.sh deleted file mode 100755 index 67cc24d..0000000 --- a/docker/x2go/xfce-debian/setup_users.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh -[ -n "${DEBUG}" ] && set -x -set -eu - -for user in ${USERS:-${USERNAME}}; do - id "${user}" > /dev/null 2>&1 || useradd -s /bin/bash "${user}" - [ ! -d "/home/${user}" ] \ - && mkdir -p "/home/${user}" \ - && chown "${user}" "/home/${user}" \ - && chmod 0750 "/home/${user}" - for file in .bash_logout .bashrc .profile; do - [ ! -f "/home/${user}/${file}" ] \ - && cp "/etc/skel/${file}" "/home/${user}" \ - && chown "${user}" "/home/${user}/${file}" - done - usermod -a -G x2gouser "${user}" - mkdir -p "/home/${user}/.ssh" - wget -qO "/home/${user}/.ssh/authorized_keys" "https://gitlab.com/${user}.keys" 2>/dev/null \ - || wget -qO "/home/${user}/.ssh/authorized_keys" "https://github.com/${user}.keys" 2>/dev/null \ - || echo "WARNING: Unable to fetch ssh public keys for user ${user}." - chown "${user}" "/home/${user}/.ssh" "/home/${user}/.ssh/authorized_keys" -done -for sudoer in ${SUDOERS:-}; do - usermod -a -G sudo "${sudoer}" -done -for ecrypter in ${ECRYPTERS:-}; do - mkdir -p "/home/${ecrypter}/.ecryptfs" - touch "/home/${ecrypter}/.ecryptfs/auto-mount" - touch "/home/${ecrypter}/.ecryptfs/auto-umount" - chown -R "${ecrypter}" "/home/${ecrypter}/.ecryptfs" -done -ln -s /app/setup_ecryptfs_sshagent.sh /etc/profile.d/ -mkdir -p /shared && chmod 1777 /shared diff --git a/docker/zen/Dockerfile b/docker/zen/Dockerfile deleted file mode 100644 index 0707163..0000000 --- a/docker/zen/Dockerfile +++ /dev/null @@ -1,121 +0,0 @@ -FROM debian:bullseye as dist -LABEL maintainer aynic.os -ARG DOCKER_BUILD_DIR -ARG GIT_AUTHOR_NAME -ARG GIT_AUTHOR_EMAIL -ARG SYSTEM=Linux -ARG MACHINE=x86_64 - -ENV GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} -ENV GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} -ENV GIT_COMMITTER_NAME=${GIT_AUTHOR_NAME} -ENV GIT_COMMITTER_EMAIL=${GIT_AUTHOR_EMAIL} - -RUN apt-get update \ - && apt-get -fy install \ - bash \ - cron \ - curl \ - gettext \ - git \ - gpg \ - gpg-agent \ - make \ - nano \ - netcat-openbsd \ - openssh-client \ - python3 \ - screen \ - socat \ - sudo \ - tmux \ - vim-nox \ - wget \ - xz-utils - -ADD https://git.p2p.legal/axiom-team/astrXbian/raw/branch/master/include.sh / -ADD https://git.p2p.legal/axiom-team/astrXbian/raw/branch/master/install.sh / -RUN chmod +r /include.sh \ - && chmod +rx /install.sh \ - && bash -c '. /include.sh && install_requirements' - -ARG IPFS_VERSION=0.14.0 - -RUN { OS="$(echo ${SYSTEM} |awk '{print tolower($0)}')"; \ - ARCH="$(echo ${MACHINE})"; \ - wget -qO - https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.${OS}.${ARCH}.tar.xz \ - |tar --strip-components 1 -C /usr/local/bin -xJf - shellcheck-stable/shellcheck; } \ - && { OS="$(echo ${SYSTEM} |awk '{print tolower($0)}')"; \ - ARCH="$(echo ${MACHINE} |awk '/x86_64/ {print "amd64"}; /aarch64/ {print "arm64"}')"; \ - wget -qO - https://github.com/ipfs/kubo/releases/download/v${IPFS_VERSION}/kubo_v${IPFS_VERSION}_${OS}-${ARCH}.tar.gz \ - |tar --strip-components 1 -C /usr/local/bin -xzf - kubo/ipfs; } \ - && mkdir -p /usr/local/lib/shellspec \ - && wget -qO - https://github.com/shellspec/shellspec/archive/refs/heads/master.tar.gz \ - |tar --strip-components 1 -C /usr/local/lib/shellspec -xzf - \ - && ln -s /usr/local/lib/shellspec/shellspec /usr/local/bin/shellspec - -ADD https://raw.github.com/kvz/cronlock/master/cronlock /usr/local/bin/cronlock -RUN chmod +rx /usr/local/bin/cronlock - -COPY ${DOCKER_BUILD_DIR}/docker-entrypoint.sh /docker-entrypoint.sh -ENTRYPOINT ["/docker-entrypoint.sh"] -CMD ["start"] - -FROM dist as master -ARG DOCKER_BUILD_DIR -ARG DOCKER_GID -ARG SHELL=/bin/bash -ARG UID -ARG USER -ENV UID=${UID} -ENV GID=${UID} -ENV USER=${USER} - -# If we provide a numeric UID -RUN [ "$UID" -eq "$UID" ] 2>/dev/null \ -# Remove user with $UID if it is not our $USER - && if [ "$(getent passwd $UID |awk -F: '{print $1}')" != "$USER" ]; then \ - sed -i '/^'$(getent passwd $UID |awk -F: '{print $1}')':x:'$UID':/d' /etc/passwd; \ - sed -i '/^'$(getent group $GID |awk -F: '{print $1}')':x:'$GID':/d' /etc/group; \ - fi \ -# Force $UID if our $USER already exists - && sed -i 's/^'$USER':x:[0-9]\+:[0-9]\+:/'$USER':x:'$UID':'$GID':/' /etc/passwd \ - && sed -i 's/^'$USER':x:[0-9]\+:/'$USER':x:'$GID':/' /etc/group \ -# Create $USER if it does not exist - && if [ "$(getent passwd $UID)" = "" ]; then \ - echo "$USER:x:$UID:$GID::/home/$USER:$SHELL" >> /etc/passwd; \ - echo "$USER:\!:$(($(date +%s) / 60 / 60 / 24)):0:99999:7:::" >> /etc/shadow; \ - echo "$USER:x:$GID:" >> /etc/group; \ - fi \ - && mkdir -p /home/$USER \ - && chown $UID:$GID /home/$USER \ - || true - -# If we provide a numeric DOCKER_GID -RUN [ "$DOCKER_GID" -eq "$DOCKER_GID" ] 2>/dev/null \ - && if [ "$(getent group docker |awk -F: '{print $3}')" != "$DOCKER_GID" ]; then \ - sed -i 's/^docker:x:[0-9]\+:/docker:x:'$DOCKER_GID':/' /etc/group; \ - fi \ -|| true - -## group sudo -RUN adduser $USER sudo \ - && echo '%sudo ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers - -USER $USER -ENV SHELL=${SHELL} -WORKDIR /home/$USER - -# git config -RUN mkdir -p ~/.config/git \ - && echo -e "\ -.DS_Store\n\ -.idea/\n\ -.nfs*\n\ -*~\n\ -*.log\n\ -*.swp\n\ -Thumbs.db\n\ -" > ~/.config/git/ignore - -RUN mkdir ~/.zen ~/astroport diff --git a/docker/zen/docker-entrypoint.sh b/docker/zen/docker-entrypoint.sh deleted file mode 100755 index 67e0b85..0000000 --- a/docker/zen/docker-entrypoint.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/env sh -set -euo errexit - -# Print a debug message if debug mode is on ($DEBUG is not empty) -# @param message -debug_msg () -{ - if [ -n "${DEBUG:-}" -a "${DEBUG:-}" != "false" ]; then - echo "$@" - fi -} - -# Install astrXbian/Astroport.ONE -/install.sh - -case "${1:-start}" in - - start) - debug_msg "Starting..." - exec sudo /usr/sbin/cron -f -L/dev/stdout - ;; - - install) - debug_msg "Installing..." - exec /install.sh - ;; - - *) - debug_msg "Exec: $@" - exec "$@" - ;; - -esac diff --git a/make/apps/build.mk b/make/apps/build.mk deleted file mode 100644 index d4a28ba..0000000 --- a/make/apps/build.mk +++ /dev/null @@ -1,37 +0,0 @@ -## -# BUILD - -# target build-env: Build .env file in docker SERVICE -# on local host -.PHONY: build-env -build-env: SERVICE ?= $(DOCKER_SERVICE) -build-env: bootstrap - $(call docker-compose-exec-sh,$(SERVICE), \ - rm -f .env \ - && make .env ENV=$(ENV) \ - && printf 'BUILD=true\n' >> .env \ - && $(foreach var,$(BUILD_ENV_VARS), \ - $(if $($(var)),sed -i '/^$(var)=/d' .env && printf "$(var)='$($(var))'\n" >> .env &&) \ - ) true \ - ) - -# target build-init: Empty build directory -# on local host -.PHONY: build-init -build-init: - $(RUN) rm -rf build && $(RUN) mkdir -p build - -# target build-shared: Create SHARED folder in docker SERVICE -# on local host -.PHONY: build-shared -build-shared: SERVICE ?= $(DOCKER_SERVICE) -build-shared: bootstrap - $(call docker-compose-exec-sh,$(SERVICE), \ - mkdir -p /$(notdir $(SHARED)) \ - && $(foreach folder,$(SHARED_FOLDERS), \ - rm -rf $(folder) \ - && mkdir -p $(dir $(folder)) \ - && ln -s /$(notdir $(SHARED))/$(notdir $(folder)) $(folder) \ - && \ - ) true \ - ) diff --git a/make/apps/common.mk b/make/apps/common.mk deleted file mode 100644 index 6e6da23..0000000 --- a/make/apps/common.mk +++ /dev/null @@ -1,223 +0,0 @@ -## -# COMMON - -# target bootstrap: Update application files and start dockers -# on local host -.PHONY: bootstrap app-bootstrap -bootstrap: bootstrap-app app-bootstrap ## Update application files and start dockers - -# target bootstrap-app: Fire install-bin-git -.PHONY: bootstrap-app -bootstrap-app: install-bin-git - -# target build: Build application docker images to run -# on local host -.PHONY: build -build: docker-compose-build ## Build application docker images - -# target build@%: Build application docker images of % ENV -# on local host -.PHONY: build@% app-build -build@%: myos-user - $(eval docker_images += $(foreach service,$(SERVICES),$(if $(shell docker images -q $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) 2>/dev/null),$(service)))) - $(eval build_app := $(or $(filter $(DOCKER_BUILD_CACHE),false),$(filter-out $(docker_images),$(SERVICES)))) - $(if $(build_app), \ - $(call make,build-init app-build), \ - $(foreach service,$(SERVICES), \ - $(or $(call INFO,docker image $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) has id $(shell docker images -q $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG) 2>/dev/null)), true) && \ - ) true \ - ) - -# target clean: Clean application and docker images -# on local host -.PHONY: clean app-clean -clean: app-clean docker-rm docker-images-rm docker-volume-rm .env-clean ## Clean application and docker stuffs - -# target clean@%: Clean deployed application and docker images of % ENV -# on local host -.PHONY: clean@% -clean@%: docker-rm docker-image-rm docker-volume-rm; - -# target config: View application docker compose file -# on local host -.PHONY: config -config: docker-compose-config ## View application docker compose file - -# target connect: Connect to docker SERVICE -# on local host -.PHONY: connect -connect: docker-compose-connect ## Connect to docker SERVICE - -# target connect@%: Connect to docker SERVICE of % ENV -# on first remote host -.PHONY: connect@% -connect@%: SERVICE ?= $(DOCKER_SERVICE) -connect@%: - $(call make,ssh-connect,$(MYOS),APP SERVICE) - -# target deploy: Fire deploy@% for ENV -.PHONY: deploy -deploy: $(if $(filter $(ENV),$(ENV_DEPLOY)),deploy-localhost,deploy@$(ENV)) ## Deploy application dockers - -# target down: Remove application dockers -# on local host -.PHONY: down -down: docker-compose-down ## Remove application dockers - -# target exec: Exec ARGS in docker SERVICE -# on local host -.PHONY: exec -exec: ## Exec command in docker SERVICE -ifneq (,$(filter $(ENV),$(ENV_DEPLOY))) - $(RUN) $(call exec,$(ARGS)) -else - $(call make,docker-compose-exec,,ARGS) -endif - -# target exec@%: Exec ARGS in docker SERVICE of % ENV -# on all remote hosts -.PHONY: exec@% -exec@%: SERVICE ?= $(DOCKER_SERVICE) -exec@%: - $(call make,ssh-exec,$(MYOS),APP ARGS SERVICE) - -# target force-%: Fire targets %, stack-user-% and stack-node-% -# on local host -.PHONY: force-% -force-%: % stack-user-% stack-node-%; - -# target install app-install: Install application -# on local host -.PHONY: install app-install -install: bootstrap app-install ## Install application - -# target logs: Display application dockers logs -# on local host -.PHONY: logs -logs: docker-compose-logs ## Display application dockers logs - -# target ps: List application dockers -# on local host -.PHONY: ps -ps: docker-compose-ps ## List application dockers - -# target rebuild: Rebuild application docker images -# on local host -.PHONY: rebuild -rebuild: docker-compose-rebuild ## Rebuild application dockers images - -# target rebuild@%: Rebuild application docker images -# on local host -.PHONY: rebuild@% -rebuild@%: - $(call make,build@$* DOCKER_BUILD_CACHE=false) - -# target recreate: Recreate application dockers -# on local host -.PHONY: recreate -recreate: docker-compose-recreate app-start ## Recreate application dockers - -# target reinstall: Fire clean, Call .env target, Call install target -# on local host -.PHONY: reinstall -reinstall: clean ## Reinstall application - $(call make,.env) - $(call make,install) - -# target release: Fire release-create -.PHONY: release -release: release-create ## Create release VERSION - -# target restart: Restart application dockers -# on local host -.PHONY: restart -restart: docker-compose-restart app-start ## Restart application - -# target run: Run command ARGS in a new docker SERVICE -# on local host -.PHONY: run -run: ## Run a command in a new docker -ifneq (,$(filter $(ENV),$(ENV_DEPLOY))) - $(call run,$(ARGS)) -else - $(call make,docker-compose-run,,ARGS) -endif - -# target run@%: Run command ARGS in a new docker SERVICE of % ENV -# on all remote hosts -.PHONY: run@% -run@%: SERVICE ?= $(DOCKER_SERVICE) -run@%: - $(call make,ssh-run,$(MYOS),APP ARGS) - -# target scale: Scale SERVICE application to NUM dockers -# on local host -.PHONY: scale -scale: docker-compose-scale ## Scale SERVICE application to NUM dockers - -# target shutdown: remove application, node and user dockers -# on local host -.PHONY: shutdown -shutdown: force-down ## Shutdown all dockers - -# target ssh@%: Connect to % ENV -# on first remote host -.PHONY: ssh@% -ssh@%: - $(call make,ssh,$(MYOS),APP) - -# target stack: Call docker-stack for each STACK -## it updates COMPOSE_FILE with all .yml files of the current stack -.PHONY: stack -stack: - $(foreach stackz,$(STACK),$(call docker-stack,$(stackz))) - -# target stack-%: Call docker-compose-% target on STACK -## it splits % on dashes and extracts stack from the beginning and command from -## the last part of % -## ex: stack-node-up will fire the docker-compose-up target in the node stack -.PHONY: stack-% -stack-%: - $(eval stack := $(subst -$(lastword $(subst -, ,$*)),,$*)) - $(eval command := $(lastword $(subst -, ,$*))) - $(if $(findstring -,$*), \ - $(if $(filter $(command),$(filter-out %-%,$(patsubst docker-compose-%,%,$(filter docker-compose-%,$(MAKE_TARGETS))))), \ - $(call make,$(command) STACK="$(stack)",,ARGS COMPOSE_IGNORE_ORPHANS SERVICE User node))) - -# target start app-start: Start application dockers -# on local host -.PHONY: start app-start -start: docker-compose-start ## Start application dockers - -# target stop: Stop application dockers -# on local host -.PHONY: stop -stop: docker-compose-stop ## Stop application dockers - -# target tests app-tests: Test application -# on local host -.PHONY: tests app-tests -tests: app-tests ## Test application - -# target up: Create and start application dockers -# on local host -.PHONY: up -up: docker-compose-up app-start ## Create application dockers - -# target update app-update: Update application files -# on local host -.PHONY: update app-update -update: update-app app-update ## Update application files - -# target upgrade app-upgrade: Upgrade application -# on local host -.PHONY: upgrade app-upgrade -upgrade: update app-upgrade release-upgrade ## Upgrade application - -# target %: Always fired target -## it fires the stack and %-rule-exists targets everytime -%: FORCE stack %-rule-exists ; - -# target %-rule-exists: Print a warning message if % target does not exists -%-rule-exists: - $(if $(filter $*,$(MAKECMDGOALS)),$(if $(filter-out $*,$(MAKE_TARGETS)),$(call WARNING,target,$*,unavailable in app,$(APP)))) diff --git a/make/apps/def.build.mk b/make/apps/def.build.mk deleted file mode 100644 index 8d3091a..0000000 --- a/make/apps/def.build.mk +++ /dev/null @@ -1,50 +0,0 @@ -BUILD_AUTHOR ?= $(DOCKER_AUTHOR) -BUILD_DATE ?= $(shell TZ=UTC date "+%Y%m%dT%H%M%SZ" 2>/dev/null) -BUILD_DESCRIPTION ?= Lot of Love -BUILD_DOCUMENTATION ?= $(if $(wildcard README.md),$(APP_REPOSITORY_URL)/blob/$(COMMIT)/README.md) -BUILD_ENV_VARS ?= APP BRANCH BUILD_DATE BUILD_STATUS COMMIT DEPLOY_HOOK_URL ENV UID USER VERSION -BUILD_LABEL_VARS ?= org.label-schema.% org.opencontainers.% os.my.% -BUILD_LABEL_ARGS ?= $(foreach var,$(filter $(BUILD_LABEL_VARS),$(MAKE_FILE_VARS)),$(if $($(var)),$(var)='$($(var))')) -BUILD_LICENSE ?= GPL-3.0 -BUILD_NAME ?= $(COMPOSE_SERVICE_NAME)-$(BUILD_SERVICE) -BUILD_SERVICE ?= $(or $(service),undefined) -BUILD_STATUS ?= $(shell git status -uno --porcelain 2>/dev/null) - -org.label-schema.build-date ?= $(BUILD_DATE) -org.label-schema.description ?= $(BUILD_DESCRIPTION) -org.label-schema.docker.cmd ?= docker run -d $(DOCKER_REGISTRY)/$(DOCKER_REPOSITORY)/$(BUILD_SERVICE):$(DOCKER_IMAGE_TAG) -org.label-schema.license ?= GPLv3 -org.label-schema.name ?= $(BUILD_NAME) -org.label-schema.schema-version ?= 1.0 -org.label-schema.url ?= $(APP_URL) -org.label-schema.usage ?= $(BUILD_DOCUMENTATION) -org.label-schema.vcs-ref ?= $(COMMIT) -org.label-schema.vcs-url ?= $(APP_REPOSITORY_URL) -org.label-schema.vendor ?= $(BUILD_AUTHOR) -org.label-schema.version ?= $(VERSION) -org.opencontainers.image.created ?= $(BUILD_DATE) -org.opencontainers.image.revision ?= $(COMMIT) -org.opencontainers.image.source ?= $(APP_REPOSITORY_URL) -org.opencontainers.image.url ?= $(APP_URL) -org.opencontainers.image.vendor ?= $(BUILD_AUTHOR) -org.opencontainers.image.version ?= $(VERSION) -org.opencontainers.image.url ?= $(APP_URL) -org.opencontainers.image.source ?= $(APP_REPOSITORY_URL) -org.opencontainers.image.version ?= $(VERSION) -org.opencontainers.image.revision ?= $(COMMIT) -org.opencontainers.image.vendor ?= $(BUILD_AUTHOR) -org.opencontainers.image.title ?= $(BUILD_NAME) -org.opencontainers.image.description ?= $(BUILD_DESCRIPTION) -org.opencontainers.image.documentation ?= $(BUILD_DOCUMENTATION) -org.opencontainers.build_tool.revision ?= $(MYOS_COMMIT) -org.opencontainers.build_tool.source ?= $(MYOS_REPOSITORY) -org.opencontainers.image.authors ?= $(BUILD_AUTHOR) -org.opencontainers.image.licenses ?= $(BUILD_LICENSE) -os.my.author ?= $(BUILD_AUTHOR) -os.my.date ?= $(BUILD_DATE) -os.my.license ?= $(BUILD_LICENSE) -os.my.name ?= $(BUILD_NAME) -os.my.status ?= $(BUILD_STATUS) -os.my.user ?= $(USER) -os.my.uid ?= $(UID) -os.my.version ?= $(VERSION) diff --git a/make/apps/def.deploy.mk b/make/apps/def.deploy.mk deleted file mode 100644 index 6a211e3..0000000 --- a/make/apps/def.deploy.mk +++ /dev/null @@ -1,11 +0,0 @@ -CODEDEPLOY_APP_NAME ?= $(APP) -CODEDEPLOY_DEPLOYMENT_GROUP ?= $(CODEDEPLOY_APP_NAME)_$(ENV) -CODEDEPLOY_DEPLOYMENT_CONFIG ?= CodeDeployDefault.AllAtOnce -CODEDEPLOY_DESCRIPTION ?= app: *$(APP)* branch: *$(BRANCH)* env: *$(ENV)* version: *$(VERSION)* -CODEDEPLOY_GITHUB_REPO ?= $(patsubst $(call pop,$(call pop,$(GIT_REPOSITORY)))/%,%,$(GIT_REPOSITORY)) -CODEDEPLOY_GITHUB_COMMIT_ID ?= $(COMMIT) -DEPLOY ?= false -DEPLOY_HASH ?= $(shell date +%s) -DEPLOY_HOOK_TEXT ?= app: *$(APP)* branch: *$(BRANCH)* env: *$(ENV)* version: *$(VERSION)* container: *$(CONTAINER)* host: *$(HOST)* -DEPLOY_HOOK_URL ?= https://hooks.slack.com/services/123456789/123456789/ABCDEFGHIJKLMNOPQRSTUVWX -SERVER_NAME ?= $(DOCKER_REGISTRY_USERNAME).$(ENV).$(APP) diff --git a/make/apps/def.docker.mk b/make/apps/def.docker.mk deleted file mode 100644 index cf958fb..0000000 --- a/make/apps/def.docker.mk +++ /dev/null @@ -1,141 +0,0 @@ -CMDS += docker-run docker-run-% -COMPOSE_ARGS ?= --ansi auto -COMPOSE_FILE ?= $(wildcard docker-compose.yml docker/docker-compose.yml $(foreach file,$(patsubst docker/docker-compose.%,%,$(basename $(wildcard docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),docker/docker-compose.$(file).yml))) -COMPOSE_FILE_$(ENV) ?= true -COMPOSE_FILE_DEBUG ?= $(if $(DEBUG),true) -COMPOSE_FILE_MYOS ?= true -COMPOSE_FILE_NFS ?= $(MOUNT_NFS) -COMPOSE_FILE_SSH ?= true -ifneq ($(SUBREPO),) -COMPOSE_FILE_SUBREPO ?= true -else -COMPOSE_FILE_APP ?= true -endif -COMPOSE_IGNORE_ORPHANS ?= false -COMPOSE_PROJECT_NAME ?= $(subst .,,$(call LOWERCASE,$(USER)-$(APP_NAME)-$(ENV)$(addprefix -,$(subst /,,$(subst -,,$(APP_PATH)))))) -COMPOSE_SERVICE_NAME ?= $(subst _,-,$(COMPOSE_PROJECT_NAME)) -COMPOSE_VERSION ?= 2.5.0 -CONTEXT += COMPOSE_FILE DOCKER_REPOSITORY -CONTEXT_DEBUG += DOCKER_BUILD_TARGET DOCKER_IMAGE_TAG DOCKER_REGISTRY DOCKER_SERVICE DOCKER_SERVICES -DOCKER_AUTHOR ?= $(DOCKER_AUTHOR_NAME) <$(DOCKER_AUTHOR_EMAIL)> -DOCKER_AUTHOR_EMAIL ?= $(subst +git,+docker,$(GIT_AUTHOR_EMAIL)) -DOCKER_AUTHOR_NAME ?= $(GIT_AUTHOR_NAME) -DOCKER_BUILD_ARGS ?= $(if $(filter true,$(DOCKER_BUILD_NO_CACHE)),--pull --no-cache) $(foreach var,$(DOCKER_BUILD_VARS),$(if $($(var)),--build-arg $(var)='$($(var))')) -DOCKER_BUILD_CACHE ?= true -DOCKER_BUILD_LABEL ?= $(foreach var,$(filter $(BUILD_LABEL_VARS),$(MAKE_FILE_VARS)),$(if $($(var)),--label $(var)='$($(var))')) -DOCKER_BUILD_NO_CACHE ?= false -DOCKER_BUILD_TARGET ?= $(if $(filter $(ENV),$(DOCKER_BUILD_TARGETS)),$(ENV),$(DOCKER_BUILD_TARGET_DEFAULT)) -DOCKER_BUILD_TARGET_DEFAULT ?= master -DOCKER_BUILD_TARGETS ?= $(ENV_DEPLOY) -DOCKER_BUILD_VARS ?= APP BRANCH COMPOSE_VERSION DOCKER_GID DOCKER_REPOSITORY GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME SYSTEM MACHINE SSH_BASTION_HOSTNAME SSH_BASTION_USERNAME SSH_PRIVATE_IP_RANGE SSH_PUBLIC_HOST_KEYS SSH_REMOTE_HOSTS UID USER VERSION -DOCKER_COMPOSE ?= $(if $(DOCKER_RUN),docker/compose:$(COMPOSE_VERSION),$(or $(shell docker compose >/dev/null 2>&1 && printf 'docker compose\n'),docker-compose)) $(COMPOSE_ARGS) -DOCKER_COMPOSE_DOWN_OPTIONS ?= -DOCKER_COMPOSE_RUN_OPTIONS ?= --rm -DOCKER_COMPOSE_UP_OPTIONS ?= -d -DOCKER_IMAGE_TAG ?= $(if $(filter $(ENV),$(ENV_DEPLOY)),$(VERSION),$(if $(DRONE_BUILD_NUMBER),$(DRONE_BUILD_NUMBER),latest)) -DOCKER_IMAGES ?= $(patsubst %/,%,$(patsubst docker/%,%,$(dir $(wildcard docker/*/Dockerfile)))) -DOCKER_PLUGIN ?= rexray/s3fs:latest -DOCKER_PLUGIN_ARGS ?= $(foreach var,$(DOCKER_PLUGIN_VARS),$(if $(DOCKER_PLUGIN_$(var)),$(var)='$(DOCKER_PLUGIN_$(var))')) -DOCKER_PLUGIN_OPTIONS ?= --grant-all-permissions -DOCKER_PLUGIN_S3FS_ACCESSKEY ?= $(AWS_ACCESS_KEY_ID) -DOCKER_PLUGIN_S3FS_OPTIONS ?= allow_other,nonempty,use_path_request_style,url=https://s3-eu-west-1.amazonaws.com -DOCKER_PLUGIN_S3FS_SECRETKEY ?= $(AWS_SECRET_ACCESS_KEY) -DOCKER_PLUGIN_S3FS_REGION ?= eu-west-1 -DOCKER_PLUGIN_VARS ?= S3FS_ACCESSKEY S3FS_OPTIONS S3FS_SECRETKEY S3FS_REGION -DOCKER_REGISTRY ?= my.os -DOCKER_REGISTRY_USERNAME ?= $(USER) -DOCKER_REGISTRY_REPOSITORY ?= $(addsuffix /,$(DOCKER_REGISTRY))$(subst $(USER),$(DOCKER_REGISTRY_USERNAME),$(DOCKER_REPOSITORY)) -DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(COMPOSE_PROJECT_NAME))) -DOCKER_SERVICE ?= $(lastword $(DOCKER_SERVICES)) -DOCKER_SERVICES ?= $(eval IGNORE_DRYRUN := true)$(eval IGNORE_VERBOSE := true)$(shell $(call docker-compose,config --services) 2>/dev/null)$(eval IGNORE_DRYRUN := false)$(eval IGNORE_VERBOSE := false) -DOCKER_SHELL ?= /bin/sh -ENV_VARS += COMPOSE_PROJECT_NAME COMPOSE_SERVICE_NAME DOCKER_BUILD_TARGET DOCKER_IMAGE_TAG DOCKER_REGISTRY DOCKER_REPOSITORY DOCKER_SHELL - -ifeq ($(DRONE), true) -APP_PATH_PREFIX := $(DRONE_BUILD_NUMBER) -DOCKER_BUILD_CACHE := false -DOCKER_COMPOSE_DOWN_OPTIONS := --rmi all -v -DOCKER_COMPOSE_UP_OPTIONS := -d --build -endif - -# function docker-build: Build docker image -define docker-build - $(call INFO,docker-build,$(1)$(comma) $(2)$(comma) $(3)) - $(eval path := $(patsubst %/,%,$(1))) - $(eval service := $(subst .,,$(call LOWERCASE,$(lastword $(subst /, ,$(path)))))) - $(eval tag := $(or $(2),$(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG))) - $(eval target := $(subst ",,$(subst ',,$(or $(3),$(DOCKER_BUILD_TARGET))))) - $(eval image_id := $(shell docker images -q $(tag) 2>/dev/null)) - $(eval build_image := $(or $(filter false,$(DOCKER_BUILD_CACHE)),$(if $(image_id),,true))) - $(if $(build_image),$(RUN) docker build $(DOCKER_BUILD_ARGS) --build-arg DOCKER_BUILD_DIR="$(path)" $(DOCKER_BUILD_LABEL) --tag $(tag) $(if $(target),--target $(target)) -f $(path)/Dockerfile $(or $(DOCKER_BUILD_DIR),.),$(call INFO,docker image $(tag) has id $(image_id))) -endef -# function docker-commit: Commit docker image -define docker-commit - $(call INFO,docker-commit,$(1)$(comma) $(2)$(comma) $(3)$(comma) $(4)) - $(eval service := $(or $(1),$(DOCKER_SERVICE))) - $(eval container := $(or $(2),$(firstword $(shell $(call docker-compose,ps -q $(service) 2>/dev/null))))) - $(eval repository := $(or $(3),$(DOCKER_REPOSITORY)/$(service))) - $(eval tag := $(or $(4),$(DOCKER_IMAGE_TAG))) - $(RUN) docker commit $(container) $(repository):$(tag) -endef -# function docker-compose: Run docker-compose with arg 1 -define docker-compose - $(call INFO,docker-compose,$(1)) - $(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION))) - $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME),$(COMPOSE_PROJECT_NAME))) $(1))) -endef -# function docker-compose-exec-sh: Run docker-compose-exec sh -c 'arg 2' in service 1 -define docker-compose-exec-sh - $(call INFO,docker-compose-exec-sh,$(1)$(comma) $(2)) - $(if $(DOCKER_RUN),$(call docker-build,$(MYOS)/docker/compose,docker/compose:$(COMPOSE_VERSION))) - $(if $(COMPOSE_FILE),$(call run,$(DOCKER_COMPOSE) $(patsubst %,-f %,$(COMPOSE_FILE)) -p $(if $(filter node,$(firstword $(subst /, ,$(STACK)))),$(NODE_COMPOSE_PROJECT_NAME),$(if $(filter User,$(firstword $(subst /, ,$(STACK)))),$(USER_COMPOSE_PROJECT_NAME),$(COMPOSE_PROJECT_NAME))) exec -T $(1) sh -c '$(2)')) -endef -# function docker-push: Push docker image -define docker-push - $(call INFO,docker-push,$(1)$(comma) $(2)$(comma) $(3)) - $(eval service := $(or $(1),$(DOCKER_SERVICE))) - $(eval name := $(or $(2),$(DOCKER_REGISTRY_REPOSITORY)/$(service))) - $(eval tag := $(or $(3),$(DOCKER_IMAGE_TAG))) - $(RUN) docker push $(name):$(tag) -endef -# function docker-stack: Call itself recursively for each stack to expand stacks -# docker-stack: if 1st arg is a variable and can be expand to values, it calls -# itself again, once whith each value, else calls docker-stack-update function - # 1st arg: stacks, extract it from stack_names:stack_versions - # 2nd arg: versions, extract it from stack_names:stack_versions or 2nd arg -define docker-stack - $(call INFO,docker-stack,$(1)$(comma) $(2)) - $(eval stacks := $(firstword $(subst :, ,$(1)))) - $(eval versions := $(or $(if $(findstring :,$(1)),$(lastword $(subst :, ,$(1)))),$(2))) - $(if $($(stacks)),$(foreach substack,$($(stacks)),$(call docker-stack,$(substack),$(if $(findstring :,$(1)),$(versions)))),$(call docker-stack-update,$(stacks),$(versions))) -endef -# function docker-stack-update: Update COMPOSE_FILE with .yml files of the stack -# docker-stack-update: adds all .yml files of the stack to COMPOSE_FILE variable -# and update the .env file with the .env.dist files of the stack - # 1st arg: stack_path/stack_name:stack_version - # stack: get stack_name:stack_version from 1st arg - # name: get stack name from $(stack) - # 2nd arg: stack version, or extract it from $(stack), default to latest - # 3rd arg: stack path, or extract it from $(stack), default to stack/$(name) - # add $(path)/$(name).yml, $(path)/$(name).$(ENV).yml and $(path)/$(name).$(version).yml to COMPOSE_FILE variable - # if $(path)/.env.dist file exists, update .env file -define docker-stack-update - $(call INFO,docker-stack-update,$(1)$(comma) $(2)$(comma) $(3)) - $(eval stack := $(patsubst %.yml,%,$(notdir $(1)))) - $(eval name := $(firstword $(subst :, ,$(stack)))) - $(eval version := $(or $(2),$(if $(findstring :,$(stack)),$(lastword $(subst :, ,$(stack))),latest))) - $(eval path := $(patsubst %/,%,$(or $(3),$(if $(findstring /,$(1)),$(if $(wildcard stack/$(1) stack/$(1).yml),stack/$(if $(findstring .yml,$(1)),$(dir $(1)),$(if $(wildcard stack/$(1).yml),$(dir $(1)),$(1))),$(dir $(1)))),stack/$(name)))) - $(eval COMPOSE_FILE += $(wildcard $(path)/$(name).yml $(path)/$(name).$(ENV).yml $(path)/$(name).$(ENV).$(version).yml $(path)/$(name).$(version).yml)) - $(eval COMPOSE_FILE := $(strip $(COMPOSE_FILE))) - $(if $(wildcard $(path)/.env.dist),$(call .env,,$(path)/.env.dist,$(wildcard $(CONFIG)/$(ENV)/$(APP)/.env $(path)/.env.$(ENV) .env))) -endef -# function docker-tag: Tag docker image -define docker-tag - $(call INFO,docker-tag,$(1)$(comma) $(2)$(comma) $(3)$(comma) $(4)$(comma) $(5)) - $(eval service := $(or $(1),$(DOCKER_SERVICE))) - $(eval source := $(or $(2),$(DOCKER_REPOSITORY)/$(service))) - $(eval source_tag := $(or $(3),$(DOCKER_IMAGE_TAG))) - $(eval target := $(or $(4),$(DOCKER_REGISTRY_REPOSITORY)/$(service))) - $(eval target_tag := $(or $(5),$(source_tag))) - $(RUN) docker tag $(source):$(source_tag) $(target):$(target_tag) -endef diff --git a/make/apps/def.install.mk b/make/apps/def.install.mk deleted file mode 100644 index f3dbf5f..0000000 --- a/make/apps/def.install.mk +++ /dev/null @@ -1,9 +0,0 @@ -# function install-config: copy CONFIG files to application config folder -define install-config - $(call INFO,install-config,$(1)$(comma) $(2)$(comma) $(3)$(comma) $(4)) - $(eval path:=$(or $(1),$(APP))) - $(eval file:=$(or $(2),$(DOCKER_SERVICE))) - $(eval dest:=$(or $(3),config)) - $(eval env:=$(or $(4),$(ENV))) - $(if $(wildcard $(dest)/$(file)),,$(if $(wildcard $(CONFIG)/$(env)/$(path)/$(file)),$(RUN) cp -a $(CONFIG)/$(env)/$(path)/$(file) $(dest))) -endef diff --git a/make/apps/def.mk b/make/apps/def.mk deleted file mode 100644 index c2720ef..0000000 --- a/make/apps/def.mk +++ /dev/null @@ -1,26 +0,0 @@ -APP_DIR ?= $(CURDIR) -APP_DOMAIN ?= $(addsuffix .,$(filter-out master,$(ENV)))$(USER).$(DOMAIN) -APP_HOST ?= $(addsuffix .,$(APP_NAME))$(APP_DOMAIN) -APP_INSTALLED ?= $(APPS) -APP_PARENT ?= $(MONOREPO) -APP_PARENT_DIR ?= $(MONOREPO_DIR) -APP_PATH += $(APP_PATH_PREFIX) -APP_REPOSITORY ?= $(APP_REPOSITORY_URL) -APP_REPOSITORY_HOST ?= $(shell printf '$(APP_REPOSITORY_URI)\n' |sed 's|/.*||;s|.*@||') -APP_REPOSITORY_PATH ?= $(shell printf '$(APP_REPOSITORY_URI)\n' |sed 's|[^/]*/||;') -APP_REPOSITORY_SCHEME ?= $(shell printf '$(APP_REPOSITORY_URL)\n' |sed 's|://.*||;') -APP_REPOSITORY_URI ?= $(shell printf '$(APP_REPOSITORY_URL)\n' |sed 's|.*://||;') -APP_REPOSITORY_URL ?= $(GIT_REPOSITORY) -APP_REQUIRED ?= $(APP_REPOSITORY) -APP_SCHEME ?= https -APP_UPSTREAM_REPOSITORY ?= $(or $(shell git config --get remote.upstream.url 2>/dev/null),$(GIT_UPSTREAM_REPOSITORY)) -APP_URI ?= $(APP_HOST)/$(APP_PATH) -APP_URL ?= $(APP_SCHEME)://$(APP_URI) -CONTEXT += APP APPS BRANCH DOMAIN VERSION RELEASE -CONTEXT_DEBUG += APP_DIR APP_URL APP_REPOSITORY APP_UPSTREAM_REPOSITORY ENV_DEPLOY -ENV_DEPLOY ?= $(shell ls .git/refs/remotes/origin/ 2>/dev/null) -ENV_VARS += APP_DIR APP_DOMAIN APP_HOST APP_PATH APP_URL CONSUL_HTTP_TOKEN $(if $(filter true,$(MOUNT_NFS)),NFS_CONFIG) -MOUNT_NFS ?= false -NFS_CONFIG ?= addr=$(NFS_HOST),actimeo=3,intr,noacl,noatime,nocto,nodiratime,nolock,soft,rsize=32768,wsize=32768,tcp,rw,vers=3 -NFS_HOST ?= host.docker.internal -SERVICES ?= $(DOCKER_SERVICES) diff --git a/make/apps/deploy.mk b/make/apps/deploy.mk deleted file mode 100644 index e4a7a72..0000000 --- a/make/apps/deploy.mk +++ /dev/null @@ -1,40 +0,0 @@ -## -# DEPLOY - -# target deploy@%: Deploy application docker images -## it tags and pushes docker images to docker registry -## it runs ansible-pull on hosts to pull docker images from the registry -## it tags and pushes docker images as latest to docker registry -.PHONY: deploy@% -deploy@%: myos-user build@% ## Deploy application docker images - $(call make,docker-login docker-tag docker-push) - $(call make,myos-ansible-pull@$(ENV) ANSIBLE_DOCKER_IMAGE_TAG=$(VERSION) ANSIBLE_TAGS=deploy AWS_ACCESS_KEY_ID=$(AWS_ACCESS_KEY_ID) AWS_SECRET_ACCESS_KEY=$(AWS_SECRET_ACCESS_KEY),,APP) - $(call make,docker-tag-latest docker-push-latest) - -# target deploy-hook: Fire app-deploy deploy-hook-ping -## it is called by ansible in the application dockers launched on remote hosts -.PHONY: deploy-hook app-deploy -deploy-hook: app-deploy deploy-hook-ping - -# target deploy-hook-ping: Fire deploy-hook-ping-curl -.PHONY: deploy-hook-ping -deploy-hook-ping: deploy-hook-ping-curl - -# target deploy-hook-ping-curl: Post install hook to curl DEPLOY_HOOK_URL -.PHONY: deploy-hook-ping-curl -deploy-hook-ping-curl: - $(if $(DEPLOY_HOOK_URL),$(RUN) curl -X POST --data-urlencode \ - 'payload={"text": "$(DEPLOY_HOOK_TEXT)"}' \ - $(DEPLOY_HOOK_URL) \ - ||: ) - -# target deploy-localhost@%: Deploy application docker images -## it tags and pushes docker images to docker registry -## it runs ansible-pull on localhost to pull docker images from the registry -## it tags and pushes docker images as latest to docker registry -.PHONY: deploy-localhost -deploy-localhost: myos-user build@$(ENV) ## Deploy application docker images - $(call make,docker-login docker-tag docker-push) - $(call make,myos-ansible-pull ANSIBLE_DOCKER_IMAGE_TAG=$(VERSION) ANSIBLE_TAGS=deploy,,APP MYOS_TAGS_JSON) - $(call make,docker-tag-latest docker-push-latest) -deploy-localhost: app-deploy deploy-hook-ping diff --git a/make/apps/docker.mk b/make/apps/docker.mk deleted file mode 100644 index 6a21878..0000000 --- a/make/apps/docker.mk +++ /dev/null @@ -1,252 +0,0 @@ -## -# DOCKER - -# target docker-build: Fire docker-images-myos, Call docker-build-% target for each DOCKER_IMAGES -.PHONY: docker-build -docker-build: docker-images-myos - $(foreach image,$(or $(SERVICE),$(DOCKER_IMAGES)),$(call make,docker-build-$(image))) - -# target docker-build-%: Call docker-build for each Dockerfile in docker/% folder -.PHONY: docker-build-% -docker-build-%: - if grep -q DOCKER_REPOSITORY docker/$*/Dockerfile 2>/dev/null; then $(eval DOCKER_BUILD_ARGS:=$(subst $(DOCKER_REPOSITORY),$(USER_DOCKER_REPOSITORY),$(DOCKER_BUILD_ARGS))) true; fi - $(if $(wildcard docker/$*/Dockerfile),$(call docker-build,docker/$*)) - $(if $(findstring :,$*),$(eval DOCKER_FILE := $(wildcard docker/$(subst :,/,$*)/Dockerfile)),$(eval DOCKER_FILE := $(wildcard docker/$*/*/Dockerfile))) - $(foreach dockerfile,$(DOCKER_FILE),$(call docker-build,$(dir $(dockerfile)),$(DOCKER_REPOSITORY)/$(word 2,$(subst /, ,$(dir $(dockerfile)))):$(lastword $(subst /, ,$(dir $(dockerfile)))),"") && true) - -# target docker-commit: Call docker-commit for each SERVICES -.PHONY: docker-commit -docker-commit: - $(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-commit,$(service))) - -# target docker-commit-%: Call docker-commit with tag % for each SERVICES -.PHONY: docker-commit-% -docker-commit-%: - $(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-commit,$(service),,,$*)) - -# target docker-compose-build: Fire docker-images-myos, Call docker-compose build SERVICE -.PHONY: docker-compose-build -docker-compose-build: DOCKER_RUN_OPTIONS += -it -docker-compose-build: docker-images-myos - $(call docker-compose,build $(DOCKER_BUILD_ARGS) $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) - -# target docker-compose-config: Call docker-compose config -.PHONY: docker-compose-config -docker-compose-config: - $(call docker-compose,config) - -# target docker-compose-connect: Call docker-compose exec SERVICE DOCKER_SHELL -.PHONY: docker-compose-connect -docker-compose-connect: SERVICE ?= $(DOCKER_SERVICE) -docker-compose-connect: DOCKER_RUN_OPTIONS += -it -docker-compose-connect: - $(call docker-compose,exec $(SERVICE) $(DOCKER_SHELL)) || true - -# target docker-compose-down: Call docker-compose rm SERVICE or docker-compose down -.PHONY: docker-compose-down -docker-compose-down: DOCKER_RUN_OPTIONS += -it -docker-compose-down: - $(if $(filter $(SERVICE),$(SERVICES)),$(call docker-compose,rm -fs $(SERVICE)),$(call docker-compose,down $(DOCKER_COMPOSE_DOWN_OPTIONS) ||:)) - -# target docker-compose-exec: Call docker-compose-exec SERVICE ARGS -.PHONY: docker-compose-exec -docker-compose-exec: SERVICE ?= $(DOCKER_SERVICE) -docker-compose-exec: - $(call docker-compose-exec-sh,$(SERVICE),$(ARGS)) || true - -# target docker-compose-logs: Call docker-compose logs SERVICE -.PHONY: docker-compose-logs -docker-compose-logs: - $(call docker-compose,logs -f --tail=100 $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) || true - -# target docker-compose-ps: Call docker-compose ps -.PHONY: docker-compose-ps -docker-compose-ps: - $(call docker-compose,ps) - -# target docker-compose-rebuild: Call docker-compose-build target with DOCKER_BUILD_NO_CACHE=true -.PHONY: docker-compose-rebuild -docker-compose-rebuild: - $(call make,docker-compose-build DOCKER_BUILD_NO_CACHE=true) - -# target docker-compose-recreate: Fire docker-compose-rm docker-compose-up -.PHONY: docker-compose-recreate -docker-compose-recreate: docker-compose-rm docker-compose-up - -# target docker-compose-restart: Call docker-compose restart SERVICE -.PHONY: docker-compose-restart -docker-compose-restart: - $(call docker-compose,restart $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) - -# target docker-compose-rm: Call docker-compose rm SERVICE -.PHONY: docker-compose-rm -docker-compose-rm: DOCKER_RUN_OPTIONS += -it -docker-compose-rm: - $(call docker-compose,rm -fs $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) - -# target docker-compose-run: Call docker-compose run SERVICE ARGS -.PHONY: docker-compose-run -docker-compose-run: SERVICE ?= $(DOCKER_SERVICE) -docker-compose-run: DOCKER_RUN_OPTIONS += -it -docker-compose-run: - $(call docker-compose,run $(DOCKER_COMPOSE_RUN_OPTIONS) $(SERVICE) $(ARGS)) - -# target docker-compose-scale: Call docker-compose up --scale SERVICE=NUM -.PHONY: docker-compose-scale -docker-compose-scale: SERVICE ?= $(DOCKER_SERVICE) -docker-compose-scale: - $(call docker-compose,up $(DOCKER_COMPOSE_UP_OPTIONS) --scale $(SERVICE)=$(NUM)) - -# target docker-compose-start: Call docker-compose start SERVICE -.PHONY: docker-compose-start -docker-compose-start: - $(call docker-compose,start $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) - -# target docker-compose-stop: Call docker-compose stop SERVICE -.PHONY: docker-compose-stop -docker-compose-stop: - $(call docker-compose,stop $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) - -# target docker-compose-up: Fire docker-image-myos, Call docker-compose up SERVICE -.PHONY: docker-compose-up -docker-compose-up: DOCKER_RUN_OPTIONS += -it -docker-compose-up: docker-images-myos bootstrap-stack - $(call docker-compose,up $(DOCKER_COMPOSE_UP_OPTIONS) $(if $(filter $(SERVICE),$(SERVICES)),$(SERVICE))) - -# target docker-images-myos: Call myos-docker-build-% target for each DOCKER_IMAGES_MYOS -.PHONY: docker-images-myos -docker-images-myos: - $(foreach image,$(subst $(quote),,$(DOCKER_IMAGES_MYOS)),$(call make,myos-docker-build-$(image))) - -# target docker-images-rm: Call docker-image-rm-% target for DOCKER_REPOSITORY -.PHONY: docker-images-rm -docker-images-rm: - $(call make,docker-images-rm-$(DOCKER_REPOSITORY)/) - -# target docker-images-rm-%: Remove docker images matching % -.PHONY: docker-images-rm-% -docker-images-rm-%: - docker images |awk '$$1 ~ /^$(subst /,\/,$*)/ {print $$3}' |sort -u |while read image; do $(RUN) docker rmi -f $$image; done - -# target docker-login: Run 'docker login' -.PHONY: docker-login -docker-login: myos-user - $(RUN) docker login - -# target docker-network-create: Fire docker-network-create-% for DOCKER_NETWORK -.PHONY: docker-network-create -docker-network-create: docker-network-create-$(DOCKER_NETWORK) - -# target docker-network-create-%: Run 'docker network create %' -.PHONY: docker-network-create-% -docker-network-create-%: - if [ -z "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \ - $(RUN) sh -c 'docker network create $* >/dev/null 2>&1' \ - && $(or $(call INFO,docker network $* created), true) \ - ||: ; \ - fi - -# target docker-network-rm: Fire docker-network-rm-% for DOCKER_NETWORK -.PHONY: docker-network-rm -docker-network-rm: docker-network-rm-$(DOCKER_NETWORK) - -# target docker-network-rm-%: Run 'docker network rm %' -.PHONY: docker-network-rm-% -docker-network-rm-%: - if [ -n "$(shell docker network ls -q --filter name='^$*$$' 2>/dev/null)" ]; then \ - $(RUN) sh -c 'docker network rm $* >/dev/null 2>&1' \ - && $(or $(call INFO,docker network $* removed), true) \ - ||: ; \ - fi - -# target docker-plugin-install: Run 'docker plugin install DOCKER_PLUGIN_OPTIONS DOCKER_PLUGIN' -.PHONY: docker-plugin-install -docker-plugin-install: - $(eval docker_plugin_state := $(shell docker plugin ls | awk '$$2 == "$(DOCKER_PLUGIN)" {print $$NF}') ) - $(if $(docker_plugin_state),\ - $(if $(filter $(docker_plugin_state),false),\ - $(RUN) docker plugin enable $(DOCKER_PLUGIN) >/dev/null 2>&1 \ - && $(or $(call INFO,docker plugin $(DOCKER_PLUGIN) enabled), true) \ - ), \ - $(RUN) docker plugin install $(DOCKER_PLUGIN_OPTIONS) $(DOCKER_PLUGIN) $(DOCKER_PLUGIN_ARGS) >/dev/null 2>&1 \ - && $(or $(call INFO,docker plugin $(DOCKER_PLUGIN) installed), true) \ - ) - -# target docker-push: Call docker-push for each SERVICES -.PHONY: docker-push -docker-push: -ifneq ($(filter $(DEPLOY),true),) - $(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-push,$(service))) -else - $(call WARNING,target,$@,disabled in app,$(APP)) -endif - -# target docker-push-%: Call docker-push with tag % for each SERVICES -.PHONY: docker-push-% -docker-push-%: -ifneq ($(filter $(DEPLOY),true),) - $(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-push,$(service),,$*)) -else - $(call WARNING,target,$@,disabled in app,$(APP)) -endif - -# target docker-rebuild: Call docker-build target with DOCKER_BUILD_CAHE=false -.PHONY: docker-rebuild -docker-rebuild: - $(call make,docker-build DOCKER_BUILD_CACHE=false) - -# target docker-rebuild-%: Call docker-build-% target with DOCKER_BUILD_CAHE=false -.PHONY: docker-rebuild-% -docker-rebuild-%: - $(call make,docker-build-$* DOCKER_BUILD_CACHE=false) - -# target docker-rm: Fire docker-rm-% for COMPOSE_PROJECT_NAME -.PHONY: docker-rm -docker-rm: docker-rm-$(COMPOSE_PROJECT_NAME) - -# target docker-rm-%: Remove dockers matching % -.PHONY: docker-rm-% -docker-rm-%: - docker ps -a |awk '$$NF ~ /^$*/ {print $$NF}' |while read docker; do $(RUN) docker rm -f $$docker; done - -# target docker-run: Call docker-run-% target with ARGS for SERVICE -.PHONY: docker-run -docker-run: SERVICE ?= $(DOCKER_SERVICE) -docker-run: - $(call make,docker-run-$(SERVICE),,ARGS) - -# target docker-run-%: Call docker-run with image % and command ARGS -.PHONY: docker-run-% -docker-run-%: docker-build-% - $(eval command := $(ARGS)) - $(eval path := $(patsubst %/,%,$*)) - $(eval image := $(DOCKER_REPOSITORY)/$(lastword $(subst /, ,$(path)))$(if $(findstring :,$*),,:$(DOCKER_IMAGE_TAG))) - $(eval image_id := $(shell docker images -q $(image) 2>/dev/null)) - $(call docker-run,$(RUN) $(command),$(if $(image_id),$(image),$(path))) - -# target docker-tag: Call docker-tag for each SERVICES -.PHONY: docker-tag -docker-tag: -ifneq ($(filter $(DEPLOY),true),) - $(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-tag,$(service))) -else - $(call WARNING,target,$@,disabled in app,$(APP)) -endif - -# target docker-tag-%: Call docker-tag with target tag % for each SERVICES -.PHONY: docker-tag-% -docker-tag-%: -ifneq ($(filter $(DEPLOY),true),) - $(foreach service,$(or $(SERVICE),$(SERVICES)),$(call docker-tag,$(service),,,,$*)) -else - $(call WARNING,target,$@,disabled in app,$(APP)) -endif - -# target docker-volume-rm: Fire docker-volume-rm-% for COMPOSE_PROJECT_NAME -.PHONY: docker-volume-rm -docker-volume-rm: docker-volume-rm-$(COMPOSE_PROJECT_NAME) - -# target docker-volume-rm-%: Remove docker volumes matching % -.PHONY: docker-volume-rm-% -docker-volume-rm-%: - docker volume ls |awk '$$2 ~ /^$*/ {print $$2}' |sort -u |while read volume; do $(RUN) docker volume rm $$volume; done diff --git a/make/apps/git.mk b/make/apps/git.mk deleted file mode 100644 index 62267b6..0000000 --- a/make/apps/git.mk +++ /dev/null @@ -1,74 +0,0 @@ -## -# GIT - -# target git-branch-create-upstream-%: Create git BRANCH from upstream/% branch -.PHONY: git-branch-create-upstream-% -git-branch-create-upstream-%: myos-user update-upstream - $(RUN) git fetch --prune upstream - git rev-parse --verify $(BRANCH) >/dev/null 2>&1 \ - && $(or $(call WARNING,present branch,$(BRANCH)), true) \ - || $(RUN) git branch $(BRANCH) upstream/$* - [ $$(git ls-remote --heads upstream $(BRANCH) |wc -l) -eq 0 ] \ - && $(RUN) git push upstream $(BRANCH) \ - || $(or $(call WARNING,present branch,$(BRANCH),upstream), true) - $(RUN) git checkout $(BRANCH) - -# target git-branch-delete: Delete git BRANCH -.PHONY: git-branch-delete -git-branch-delete: myos-user update-upstream - git rev-parse --verify $(BRANCH) >/dev/null 2>&1 \ - && $(RUN) git branch -d $(BRANCH) \ - || $(or $(call WARNING,no branch,$(BRANCH)), true) - $(foreach remote,upstream,[ $$(git ls-remote --heads $(remote) $(BRANCH) |wc -l) -eq 1 ] \ - && $(RUN) git push $(remote) :$(BRANCH) \ - || $(or $(call WARNING,no branch,$(BRANCH),$(remote)), true) \ - &&) true - -# target git-branch-merge-upstream-%: Merge git BRANCH into upstream/% branch -.PHONY: git-branch-merge-upstream-% -git-branch-merge-upstream-%: myos-user update-upstream - git rev-parse --verify $(BRANCH) >/dev/null 2>&1 - $(RUN) git checkout $(BRANCH) - $(RUN) git pull --ff-only upstream $(BRANCH) - $(RUN) git push upstream $(BRANCH) - $(RUN) git checkout $* - $(RUN) git pull --ff-only upstream $* - $(RUN) git merge --no-ff --no-edit $(BRANCH) - $(RUN) git push upstream $* - -# target git-stash: git stash -.PHONY: git-stash -git-stash: myos-user - $(if $(filter-out 0,$(STATUS)),$(RUN) git stash) - -# target git-tag-create-upstream-%: Create git TAG to reference upstream/% branch -.PHONY: git-tag-create-upstream-% -git-tag-create-upstream-%: myos-user update-upstream -ifneq ($(words $(TAG)),0) - $(RUN) git checkout $* - $(RUN) git pull --tags --prune upstream $* - $(call sed,s/^##\? $(TAG).*/## $(TAG) - $(shell date +%Y-%m-%d)/,CHANGELOG.md) - [ $$(git diff CHANGELOG.md 2>/dev/null |wc -l) -eq 0 ] \ - || $(RUN) git commit -m "$$(cat CHANGELOG.md |sed -n '/$(TAG)/,/^$$/{s/##\(.*\)/release\1\n/;p;}')" CHANGELOG.md - [ $$(git tag -l $(TAG) |wc -l) -eq 0 ] \ - || $(RUN) git tag -d $(TAG) - $(RUN) git tag $(TAG) - [ $$(git ls-remote --tags upstream $(TAG) |wc -l) -eq 0 ] \ - || $(RUN) git push upstream :refs/tags/$(TAG) - $(RUN) git push --tags upstream $* -endif - -# target git-tag-merge-upstream-%: Merge git TAG into upstream/% branch -.PHONY: git-tag-merge-upstream-% -git-tag-merge-upstream-%: myos-user update-upstream -ifneq ($(words $(TAG)),0) - $(RUN) git fetch --tags -u --prune upstream $*:$* - $(RUN) git checkout $* - $(RUN) git merge --ff --no-edit $(TAG) - $(RUN) git push upstream $* -endif - -# target git-unstash: git stash pop -.PHONY: git-unstash -git-unstash: myos-user - $(if $(filter-out 0,$(STATUS)),$(RUN) git stash pop) diff --git a/make/apps/install.mk b/make/apps/install.mk deleted file mode 100644 index 77c3c6d..0000000 --- a/make/apps/install.mk +++ /dev/null @@ -1,50 +0,0 @@ -## -# INSTALL - -# target install-build-config: Call install-config with file * and dest build -.PHONY: install-build-config -install-build-config: - $(call install-config,,*,build) - -# target install-config: Call install-config -.PHONY: install-config -install-config: - $(call install-config) - -# target install-config-%: Call install-config with app % -.PHONY: install-config-% -install-config-%: - $(call install-config,$*) - -# target install-mysql-database-%: Import %.mysql.gz to database % -# on local host -## it creates database % -## it creates user % with password % and all privileges on database % -## it imports %.mysql.gz file in database % -.PHONY: install-mysql-database-% -install-mysql-database-%: myos-user - $(call exec,mysql -h mysql -u root -proot $* -e "use $*" >/dev/null 2>&1) \ - || $(call exec,$(RUN) mysql -h mysql -u root -proot mysql -e "create database $* character set utf8 collate utf8_unicode_ci;") - $(call exec,mysql -h mysql -u $* -p$* $* -e "use $*" >/dev/null 2>&1) \ - || $(call exec,$(RUN) mysql -h mysql -u root -proot mysql -e "grant all privileges on $*.* to '$*'@'%' identified by '$*'; flush privileges;") - $(call exec,sh -c '[ $$(mysql -h mysql -u $* -p$* $* -e "show tables" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.mysql.gz" ]') \ - && $(call exec,$(RUN) sh -c 'gzip -cd "${APP_DIR}/$*.mysql.gz" |mysql -h mysql -u root -proot $*') \ - ||: - -# target install-pgsql-database-%: Import %.pgsql.gz to database % -# on local host -## it creates database % -## it creates user % with password % and all privileges on database % -## it imports %.pgsql.gz file in database % -.PHONY: install-pgsql-database-% -install-pgsql-database-%: myos-user - $(call exec,PGPASSWORD=$* psql -h postgres -U $* template1 -c "\q" >/dev/null 2>&1) \ - || $(call exec,$(RUN) PGPASSWORD=postgres psql -h postgres -U postgres -c "create user $* with createdb password '$*';") - $(call exec,PGPASSWORD=$* psql -h postgres -U $* -d $* -c "" >/dev/null 2>&1) \ - || $(call exec,$(RUN) PGPASSWORD=postgres psql -h postgres -U postgres -c "create database $* owner $* ;") - $(call exec,[ $$(PGPASSWORD=$* psql -h postgres -U $* -d $* -c "\d" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.pgsql.gz" ]) \ - && $(call exec,$(RUN) sh -c 'gzip -cd "${APP_DIR}/$*.pgsql.gz" |PGPASSWORD="postgres" psql -h postgres -U postgres -d $*') \ - ||: - $(call exec,[ $$(PGPASSWORD=$* psql -h postgres -U $* -d $* -c "\d" 2>/dev/null |wc -l) -eq 0 ] && [ -f "${APP_DIR}/$*.pgsql" ]) \ - && $(call exec,$(RUN) sh -c 'PGPASSWORD="postgres" psql -h postgres -U postgres -c "ALTER ROLE $* WITH SUPERUSER" && PGPASSWORD="postgres" pg_restore -h postgres --no-owner --role=$* -U postgres -d $* ${APP_DIR}/$*.pgsql && PGPASSWORD="postgres" psql -h postgres -U postgres -c "ALTER ROLE $* WITH NOSUPERUSER"') \ - ||: diff --git a/make/apps/myos/def.mk b/make/apps/myos/def.mk deleted file mode 100644 index 2840959..0000000 --- a/make/apps/myos/def.mk +++ /dev/null @@ -1,14 +0,0 @@ -CMDS += ssh-run -COMPOSE_IGNORE_ORPHANS := true -ENV_VARS += COMPOSE_IGNORE_ORPHANS MYOS_TAGS_JSON -HOME ?= /home/$(USER) -MYOS_TAGS_VARS ?= env user -MYOS_TAGS_ARGS ?= $(foreach var,$(filter $(MYOS_TAGS_VARS),$(MAKE_FILE_VARS)),$(if $($(var)),$(var)='$($(var))')) -MYOS_TAGS_JSON ?= "{$(foreach var,$(filter $(MYOS_TAGS_VARS),$(MAKE_FILE_VARS)),$(if $($(var)), '$(var)': '$($(var))'$(comma))) }" -NFS_DISK ?= $(NFS_HOST):/$(notdir $(SHARED)) -NFS_OPTIONS ?= rw,rsize=8192,wsize=8192,bg,hard,intr,nfsvers=3,noatime,nodiratime,actimeo=3 -NFS_PATH ?= /dns/$(subst $(space),/,$(strip $(call reverse,$(subst ., ,$(NFS_HOST)))))$(subst ..,,$(SHARED)) -SHELL ?= /bin/sh - -env ?= $(ENV) -user ?= $(USER) diff --git a/make/apps/myos/def.setup.mk b/make/apps/myos/def.setup.mk deleted file mode 100644 index 81c39bc..0000000 --- a/make/apps/myos/def.setup.mk +++ /dev/null @@ -1,18 +0,0 @@ -ENV_VARS += SETUP_SYSCTL_CONFIG -SETUP_BINFMT ?= false -SETUP_BINFMT_ARCH ?= all -SETUP_NFSD ?= false -SETUP_NFSD_OSX_CONFIG ?= nfs.server.bonjour=0 nfs.server.mount.regular_files=1 nfs.server.mount.require_resv_port=0 nfs.server.nfsd_threads=16 nfs.server.async=1 -SETUP_SYSCTL ?= false -SETUP_SYSCTL_CONFIG ?= vm.max_map_count=262144 vm.overcommit_memory=1 fs.file-max=8388608 net.core.rmem_max=2500000 - -define setup-nfsd-osx - $(call INFO,setup-nfsd-osx,$(1)$(comma) $(2)$(comma) $(3)) - $(eval dir:=$(or $(1),$(MONOREPO_DIR))) - $(eval uid:=$(or $(2),$(UID))) - $(eval gid:=$(or $(3),$(GID))) - grep "$(dir)" /etc/exports >/dev/null 2>&1 || printf "$(dir) -alldirs -mapall=$(uid):$(gid) localhost\n" |sudo tee -a /etc/exports >/dev/null - $(foreach config,$(SETUP_NFSD_OSX_CONFIG),grep "$(config)" /etc/nfs.conf >/dev/null 2>&1 || printf "$(config)\n" |sudo tee -a /etc/nfs.conf >/dev/null &&) true - nfsd status >/dev/null || sudo nfsd enable - showmount -e localhost |grep "$(dir)" >/dev/null 2>&1 || sudo nfsd restart -endef diff --git a/make/apps/myos/def.ssh.mk b/make/apps/myos/def.ssh.mk deleted file mode 100644 index b733f8a..0000000 --- a/make/apps/myos/def.ssh.mk +++ /dev/null @@ -1,31 +0,0 @@ -DOCKER_BUILD_VARS += $(SSH_ENV_VARS) -ENV_VARS += $(SSH_ENV_VARS) -SSH_AUTHORIZED_KEYS ?= $(SSH_GITHUB_AUTHORIZED_KEYS) -SSH_BASTION_HOSTNAME ?= -SSH_BASTION_USERNAME ?= $(SSH_USER) -SSH_ENV_VARS ?= SSH_BASTION_HOSTNAME SSH_BASTION_USERNAME SSH_PUBLIC_HOSTS SSH_PRIVATE_IP_RANGE SSH_USER -SSH_GITHUB_AUTHORIZED_KEYS ?= $(patsubst %,https://github.com/%,$(patsubst %,%.keys,$(SSH_USER))) -SSH_PUBLIC_HOSTS ?= $(if $(filter ssh,$(CONFIG_REPOSITORY_SCHEME)),$(CONFIG_REPOSITORY_HOST)) $(SSH_BASTION_HOSTNAME) $(SSH_REMOTE_HOSTS) -SSH_PRIVATE_IP_RANGE ?= -SSH_PRIVATE_KEYS ?= $(wildcard $(SSH_DIR)/id_ed25519 $(SSH_DIR)/id_rsa) -SSH_REMOTE_HOSTS ?= github.com gitlab.com -SSH_USER ?= $(call slugify,$(GIT_USER)) - -# function ssh-connect: Exec command 2 on remote hosts 1 with tty -define ssh-connect - $(call INFO,ssh-connect,$(1)$(comma) $(2)$(comma) $(3)) - $(eval hosts := $(1)) - $(eval command := $(2)) - $(eval user := $(or $(3),root)) - $(eval DOCKER_EXEC_OPTIONS := -it) - $(foreach host,$(hosts),$(RUN) $(call exec,ssh -t -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $(user)@$(host) "$(command)") ||) true -endef - -# function ssh-exec: Exec command 2 on remote hosts 1 without tty -define ssh-exec - $(call INFO,ssh-exec,$(1)$(comma) $(2)$(comma) $(3)) - $(eval hosts := $(1)) - $(eval command := $(2)) - $(eval user := $(or $(3),root)) - $(foreach host,$(hosts),$(RUN) $(call exec,ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $(user)@$(host) "$(command)") &&) true -endef diff --git a/make/apps/myos/setup.mk b/make/apps/myos/setup.mk deleted file mode 100644 index 6e51732..0000000 --- a/make/apps/myos/setup.mk +++ /dev/null @@ -1,38 +0,0 @@ -## -# SETUP - -# target setup-docker-group: Call ansible to add user in docker group if needed -.PHONY: setup-docker-group -setup-docker-group: -ifneq ($(DOCKER),) -ifeq ($(or $(filter $(USER),$(subst $(comma), ,$(shell awk -F':' '$$1 == "docker" {print $$4}' /etc/group))),$(filter 0,$(UID))),) - $(call ansible-user-add-groups,$(USER),docker) - $(call WARNING,user,$(USER),added in group,docker) -endif -ifeq ($(filter 0 $(DOCKER_GID),$(GIDS)),) - $(call ERROR,YOU MUST LOGOUT NOW AND LOGIN BACK TO GET DOCKER GROUP MEMBERSHIP) -endif -endif - -# target setup-nfsd: Call setup-nfsd-osx if SETUP_NFSD=true and SYSTEM=Darwin -.PHONY: setup-nfsd -setup-nfsd: -ifeq ($(SETUP_NFSD),true) -ifeq ($(SYSTEM),Darwin) - $(call setup-nfsd-osx) -endif -endif - -# target setup-sysctl: Add sysctl config for each SETUP_SYSCTL_CONFIG -.PHONY: setup-sysctl -setup-sysctl: -ifeq ($(SETUP_SYSCTL),true) - $(RUN) $(SUDO) sysctl -q -w $(SETUP_SYSCTL_CONFIG) -endif - -# target setup-binfmt: Install binfmt abstraction layer -.PHONY: setup-binfmt -setup-binfmt: -ifeq ($(SETUP_BINFMT),true) - $(call docker-run,--install $(SETUP_BINFMT_ARCH),--privileged tonistiigi/binfmt) -endif diff --git a/make/apps/myos/ssh.mk b/make/apps/myos/ssh.mk deleted file mode 100644 index db9ab3c..0000000 --- a/make/apps/myos/ssh.mk +++ /dev/null @@ -1,47 +0,0 @@ -## -# SSH - -# target ssh: Call ssh-connect ARGS or SHELL -.PHONY: ssh -ssh: ssh-get-PrivateIpAddress-$(SERVER_NAME) ## Connect to first remote host - $(call ssh-connect,$(AWS_INSTANCE_IP),$(if $(ARGS),$(ARGS),$(SHELL))) - -# target ssh-add: Fire ssh-key and ssh-add file SSH_PRIVATE_KEYS in folder SSH_DIR -.PHONY: ssh-add -ssh-add: DOCKER_RUN_OPTIONS += -it -ssh-add: ssh-key - $(eval SSH_PRIVATE_KEYS := $(foreach file,$(SSH_DIR)/id_ed25519 $(SSH_DIR)/id_rsa $(filter-out $(wildcard $(SSH_DIR)/id_ed25519 $(SSH_DIR)/id_rsa),$(wildcard $(SSH_DIR)/*)),$(if $(shell grep "PRIVATE KEY" $(file) 2>/dev/null),$(notdir $(file))))) - $(call run,sh -c '$(foreach file,$(patsubst %,$(SSH_DIR)/%,$(SSH_PRIVATE_KEYS)),ssh-add -l |grep -qw $$(ssh-keygen -lf $(file) 2>/dev/null |awk '\''{print $$2}'\'') 2>/dev/null || $(RUN) ssh-add $(file) ||: &&) true',-v $(SSH_DIR):$(SSH_DIR) $(USER_DOCKER_IMAGE) ) - -# target ssh-connect: Call ssh-connect make connect SERVICE -.PHONY: ssh-connect -ssh-connect: ssh-get-PrivateIpAddress-$(SERVER_NAME) - $(call ssh-connect,$(AWS_INSTANCE_IP),make connect COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME) ENV=$(ENV) $(if $(SERVICE),SERVICE=$(SERVICE))) - -# target ssh-del: ssh-add -d file SSH_PRIVATE_KEYS in folder SSH_DIR -.PHONY: ssh-del -ssh-del: - $(eval SSH_PRIVATE_KEYS := $(foreach file,$(SSH_DIR)/id_ed25519 $(SSH_DIR)/id_rsa $(filter-out $(wildcard $(SSH_DIR)/id_ed25519 $(SSH_DIR)/id_rsa),$(wildcard $(SSH_DIR)/*)),$(if $(shell grep "PRIVATE KEY" $(file) 2>/dev/null),$(notdir $(file))))) - $(call run,sh -c '$(foreach file,$(patsubst %,$(SSH_DIR)/%,$(SSH_PRIVATE_KEYS)),ssh-add -l |grep -qw $$(ssh-keygen -lf $(file) 2>/dev/null |awk '\''{print $$2}'\'') 2>/dev/null && $(RUN) ssh-add -d $(file) ||: &&) true',-v $(SSH_DIR):$(SSH_DIR) $(USER_DOCKER_IMAGE) ) - -# target ssh-exec: Call ssh-exec make exec SERVICE ARGS -.PHONY: ssh-exec -ssh-exec: ssh-get-PrivateIpAddress-$(SERVER_NAME) - $(call ssh-exec,$(AWS_INSTANCE_IP),make exec COMPOSE_PROJECT_NAME=$(COMPOSE_PROJECT_NAME) ENV=$(ENV) $(if $(SERVICE),SERVICE=$(SERVICE)) $(if $(ARGS),ARGS='\''"$(ARGS)"'\'')) - -# target ssh-get-PrivateIpAddress-%: Fire aws-ec2-get-instances-PrivateIpAddress-% -.PHONY: ssh-get-PrivateIpAddress-% -ssh-get-PrivateIpAddress-%: aws-ec2-get-instances-PrivateIpAddress-%; - -# target ssh-key: Add ssh private key SSH_KEY to SSH_DIR -.PHONY: ssh-key -ssh-key: -ifneq (,$(filter true,$(DRONE))) - $(call exec,sh -c '[ ! -d $(SSH_DIR) ] && mkdir -p $(SSH_DIR) && chown $(UID) $(SSH_DIR) && chmod 0700 $(SSH_DIR) ||:') -endif - $(if $(SSH_KEY),$(eval export SSH_KEY ?= $(SSH_KEY)) $(call env-run,sh -c 'printf "$$SSH_KEY\n" > $(SSH_DIR)/$(COMPOSE_PROJECT_NAME)_id_rsa && chmod 0600 $(SSH_DIR)/$(COMPOSE_PROJECT_NAME)_id_rsa && chown $(UID) $(SSH_DIR)/$(COMPOSE_PROJECT_NAME)_id_rsa ||:')) - -# target ssh-run: Call ssh-run make run SERVICE ARGS -.PHONY: ssh-run -ssh-run: ssh-get-PrivateIpAddress-$(SERVER_NAME) - $(call ssh-exec,$(AWS_INSTANCE_IP),make run $(if $(SERVICE),SERVICE=$(SERVICE)) $(if $(ARGS),ARGS='\''"$(ARGS)"'\'')) diff --git a/make/apps/release.mk b/make/apps/release.mk deleted file mode 100644 index e4a9f4d..0000000 --- a/make/apps/release.mk +++ /dev/null @@ -1,47 +0,0 @@ -## -# RELEASE - -RELEASE_BRANCH ?= $(BRANCH) -RELEASE_VERSION ?= $(VERSION) - -# target release-check: Define RELEASE_BRANCH and RELEASE_VERSION -.PHONY: release-check -release-check: -ifneq ($(words $(ARGS)),0) - $(eval RELEASE_VERSION := $(word 1, $(ARGS))) - $(eval RELEASE_BRANCH := release/$(RELEASE_VERSION)) -else -ifneq ($(findstring $(firstword $(subst /, ,$(BRANCH))),release),) - $(eval RELEASE_BRANCH := $(BRANCH)) - $(eval RELEASE_VERSION := $(word 2, $(subst /, ,$(BRANCH)))) -endif -endif - -# target release-create: Create release VERSION from upstream/wip branch -.PHONY: release-create -release-create: release-check git-stash - $(call make,git-branch-create-upstream-wip BRANCH=$(RELEASE_BRANCH)) - $(call make,git-unstash,,STATUS) - -# target release-finish: Merge release VERSION in master branch -.PHONY: release-finish -release-finish: release-check git-stash - $(call make,git-branch-merge-upstream-master BRANCH=$(RELEASE_BRANCH)) - $(call make,git-tag-create-upstream-master TAG=$(RELEASE_VERSION)) - $(call make,git-tag-merge-upstream-wip TAG=$(RELEASE_VERSION)) - $(call make,git-branch-delete BRANCH=$(RELEASE_BRANCH)) - $(call make,git-unstash,,STATUS) - -# target release-update: Update RELEASE with RELEASE_VERSION in .env -.PHONY: release-update -release-update: - $(RUN) awk -v s=RELEASE=$(RELEASE_VERSION) '/^RELEASE=/{$$0=s;f=1} {a[++n]=$$0} END{if(!f)a[++n]=s;for(i=1;i<=n;i++)print a[i]>ARGV[1]}' .env - -# target release-upgrade: Run migration targets to upgrade specific releases -.PHONY: release-upgrade -release-upgrade: $(patsubst %,release-upgrade-from-%,$(RELEASE_UPGRADE)) release-update ## Upgrade release - -# target release-upgrade-from-%: Sample of catch-all release migration target -.PHONY: release-upgrade-from-% -release-upgrade-from-%: - printf "Upgrading from release: $*\n" diff --git a/make/apps/subrepo/def.mk b/make/apps/subrepo/def.mk deleted file mode 100644 index 1c6654a..0000000 --- a/make/apps/subrepo/def.mk +++ /dev/null @@ -1,2 +0,0 @@ -SUBREPO_DIR ?= $(CURDIR) -SUBREPO_COMMIT ?= $(shell git rev-parse subrepo/$(SUBREPO)/$(BRANCH) 2>/dev/null) diff --git a/make/apps/subrepo/subrepo.mk b/make/apps/subrepo/subrepo.mk deleted file mode 100644 index 6274872..0000000 --- a/make/apps/subrepo/subrepo.mk +++ /dev/null @@ -1,21 +0,0 @@ -## -# SUBREPO - -# target subrepo-branch-delete subrepo-branch-deletes: Call subrepo-branch-delete target in folder .. -.PHONY: subrepo-branch-delete subrepos-branch-delete -subrepo-branch-delete subrepos-branch-delete: - $(call make,subrepo-branch-delete,..,SUBREPO BRANCH) - -# target subrepo-push subrepos-push: Call subrepo-push target in folder .. -.PHONY: subrepo-push subrepos-push -subrepo-push subrepos-push: - $(call make,subrepo-push,..,SUBREPO BRANCH) - -# target subrepo-tag-create-% subrepos-tag-create-%: Call subrepo-tag-create-% target in folder .. -.PHONY: subrepo-tag-create-% subrepos-tag-create-% -subrepo-tag-create-% subrepos-tag-create-%: - $(call make,subrepo-tag-create-$*,..,SUBREPO TAG) - -# target subrepo-update subrepos-update: Fire bootstrap-app git-stash subrepo-push git-unstash -.PHONY: subrepo-update subrepos-update -subrepo-update subrepos-update: bootstrap-app git-stash subrepo-push git-unstash diff --git a/make/common.mk b/make/common.mk deleted file mode 100644 index ff38144..0000000 --- a/make/common.mk +++ /dev/null @@ -1,114 +0,0 @@ -## -# COMMON - -# target $(APP): Call app-update -.PHONY: $(APP) -$(APP): APP_DIR := $(RELATIVE)$(APP) -$(APP): myos-user - $(call app-update) - -# target app-%: Call app-$(command) for APP in APP_DIR -## it splits % on dashes and extracts app from the beginning and command from the last part of % -## ex: app-foo-build will call app-build for app foo in ../foo -.PHONY: app-% -app-%: - $(eval app := $(subst -$(lastword $(subst -, ,$*)),,$*)) - $(eval command := $(lastword $(subst -, ,$*))) - $(if $(filter app-$(command),$(.VARIABLES)), \ - $(call app-bootstrap,$(app)) \ - $(call app-$(command)) \ - , \ - $(call app-bootstrap,$*) \ - ) - -# target app-required-install: Call app-install for each APP_REQUIRED -.PHONY: app-required-install -app-required-install: - $(foreach url,$(APP_REQUIRED),$(call app-install,$(url))) - -# target apps-build: Call app-build for each APPS -.PHONY: apps-build -apps-build: - $(foreach app,$(APPS),$(call app-build,$(RELATIVE)$(app))) - -# target apps-install install-app: Call app-install for each ARGS -.PHONY: apps-install install-app -apps-install install-app: app-required-install - $(foreach url,$(ARGS),$(call app-install,$(url))) - -# target apps-update: Call app-update target for each APPS -.PHONY: apps-update -apps-update: - $(foreach app,$(APPS),$(call make,update-app APP_NAME=$(app))) - -# target debug: Print more informations -.PHONY: debug -debug: - $(MAKE) help profile DEBUG=true - -# target debug-%: Print value of % -.PHONY: debug-% -debug-%: $(if $(DEBUG),context-%) ; - -# target install-bin-%; Call ansible-run-localhost when bin % is not available -.PHONY: install-bin-% -install-bin-%:; - $(if $(shell type $* 2>/dev/null),,$(call make,ansible-run-localhost)) - -# target profile: Print timing informations -.PHONY: profile -profile: context-ELAPSED_TIME - -# target update-app: Fire update-app-% for APP_NAME -.PHONY: update-app -update-app: update-app-$(APP_NAME) ; - -# target update-app-%: Fire % -.PHONY: update-app-% -update-app-%: % ; - -# target update-config: Update config files -.PHONY: update-config -update-config: - $(call app-update,$(CONFIG_REPOSITORY),$(CONFIG)) - -# target update-hosts: Update /etc/hosts -# on local host -## it reads .env files to extract applications hostnames and add it to /etc/hosts -.PHONY: update-hosts -update-hosts: -ifneq (,$(filter $(ENV),local)) - cat .env */.env 2>/dev/null |grep -Eo 'urlprefix-[^/]+' |sed 's/urlprefix-//' |while read host; do \ - grep $$host /etc/hosts >/dev/null 2>&1 || { \ - printf "Adding $$host to /etc/hosts\n"; \ - printf "127.0.0.1 $$host\n" |$(RUN) sudo tee -a /etc/hosts >/dev/null; \ - }; \ - done -endif - -# target update-remote-%: fetch git remote % -.PHONY: update-remote-% -update-remote-%: myos-user - $(RUN) git fetch --prune --tags $* - -# target update-remotes: fetch all git remotes -.PHONY: update-remotes -update-remotes: myos-user - $(RUN) git fetch --all --prune --tags - -# target update-upstream: fetch git remote upstream -.PHONY: update-upstream -update-upstream: myos-user .git/refs/remotes/upstream/master - $(RUN) git fetch --prune --tags upstream - -# target .git/refs/remotes/upstream/master: add git upstream APP_UPSTREAM_REPOSITORY -.git/refs/remotes/upstream/master: - $(RUN) git remote add upstream $(APP_UPSTREAM_REPOSITORY) - -# target shared: Fire SHARED -.PHONY: update-shared -update-shared: $(SHARED) - -# target $(SHARED): Create SHARED folder -$(SHARED): - $(RUN) mkdir -p $(SHARED) diff --git a/make/def.app.mk b/make/def.app.mk deleted file mode 100644 index 2efdfe1..0000000 --- a/make/def.app.mk +++ /dev/null @@ -1,138 +0,0 @@ -# function app-bootstrap: Define custom variables for app 1 in dir 2 with name 3 and type 4 -define app-bootstrap - $(call INFO,app-bootstrap,$(1)$(comma) $(2$(comma) $(3))$(comma) $(4)) - $(eval APP := $(or $(1), $(APP))) - $(eval APP_DIR := $(or $(2), $(RELATIVE)$(APP))) - $(eval APP_NAME := $(or $(3),$(subst -,,$(subst .,,$(call LOWERCASE,$(APP)))))) - $(eval APP_TYPE := $(or $(4), git)) - $(eval DOCKER_BUILD_DIR := $(APP_DIR)) - $(eval DOCKER_FILE := $(wildcard $(APP_DIR)/docker/*/Dockerfile $(APP_DIR)/*/Dockerfile $(APP_DIR)/Dockerfile)) - $(eval COMPOSE_FILE := $(wildcard $(APP_DIR)/docker-compose.yml $(APP_DIR)/docker-compose.$(ENV).yml $(APP_DIR)/docker/docker-compose.yml $(foreach file,$(patsubst $(APP_DIR)/docker/docker-compose.%,%,$(basename $(wildcard $(APP_DIR)/docker/docker-compose.*.yml))),$(if $(filter true,$(COMPOSE_FILE_$(file)) $(COMPOSE_FILE_$(call UPPERCASE,$(file)))),$(APP_DIR)/docker/docker-compose.$(file).yml)))) - $(if $(wildcard $(APP_DIR)/.env.sample), - $(call .env,$(APP_DIR)/.env,$(APP_DIR)/.env.sample) - , - $(call .env,$(APP_DIR)/.env) - ) - -endef - -# function app-build: Call docker-build for each Dockerfile in dir 1 -define app-build - $(call INFO,app-build,$(1)) - $(if $(filter-out $(APP_DIR),$(1)), - $(eval DOCKER_FILE := $(wildcard $(1)/docker/*/Dockerfile $(1)/*/Dockerfile $(1)/Dockerfile)) - ) - $(if $(DOCKER_FILE), \ - $(foreach dockerfile,$(DOCKER_FILE), - $(call app-docker,$(dockerfile)) - $(call docker-build, $(dir $(dockerfile)), $(DOCKER_IMAGE), "" ) - ), - $(call ERROR,Unable to find any Dockerfile in dir: $(or $(1),$(APP_DIR))) - ) -endef - -# function app-docker: Define custom variables for Dockerfile 1 -define app-docker - $(call INFO,app-docker,$(1)) - $(eval dir := $(or $(APP_DIR))) - $(eval dockerfile := $(or $(1))) - $(if $(wildcard $(dockerfile)), - $(eval service := $(or $(SERVICE),$(subst .,,$(call LOWERCASE,$(lastword $(subst /, ,$(patsubst %/Dockerfile,%,$(dockerfile)))))),undefined)) - $(eval docker := ${COMPOSE_SERVICE_NAME}-$(service)) - $(eval DOCKER_IMAGE := $(DOCKER_REPOSITORY)/$(service):$(DOCKER_IMAGE_TAG)) - $(eval DOCKER_LABELS := SERVICE_NAME=$(docker) SERVICE_TAGS=urlprefix-$(service).$(APP_DOMAIN)/$(APP_PATH)) - $(eval DOCKER_NAME := $(docker)) - $(eval DOCKER_RUN_NAME := --name $(DOCKER_NAME)) - , - $(call ERROR,Unable to find Dockerfile: $(dockerfile)) - ) -endef - -# function app-down: Call docker rm for each Dockerfile in dir 1 -define app-down - $(call INFO,app-down,$(1)) - $(if $(filter-out $(APP_DIR),$(1)), - $(eval DOCKER_FILE := $(wildcard $(1)/docker/*/Dockerfile $(1)/*/Dockerfile $(1)/Dockerfile)) - ) - $(if $(DOCKER_FILE), \ - $(foreach dockerfile,$(DOCKER_FILE), - $(call app-docker,$(dockerfile)) - $(if $(shell docker ps -q -f name=$(DOCKER_NAME) 2>/dev/null), - $(shell docker rm -f $(DOCKER_NAME)) - , - $(call ERROR,Unable to find docker $(DOCKER_NAME)) - ) - ), - $(call ERROR,Unable to find any Dockerfile in dir: $(or $(1),$(APP_DIR))) - ) -endef - -# function app-install: Run 'git clone url 1 dir 2' -define app-install - $(call INFO,app-install,$(1)$(comma) $(2)) - $(eval url := $(or $(1), $(APP_REPOSITORY_URL))) - $(eval dir := $(or $(2), $(RELATIVE)$(lastword $(subst /, ,$(url))))) - $(if $(wildcard $(dir)/.git), - $(call INFO,app: $(url) already installed in dir: $(dir)), - $(RUN) git clone $(QUIET) $(url) $(dir) - ) -endef - -# function app-rebuild: Call app-build with DOCKER_BUILD_CACHE=false -define app-rebuild - $(call INFO,app-rebuild,$(1)) - $(eval DOCKER_BUILD_CACHE := false) - $(call app-build,$(1)) -endef - -# function app-run: Call docker-run for each Dockerfile in dir 1 with args 2 -define app-run - $(call INFO,app-run,$(1)$(comma) $(2)) - $(if $(filter-out $(APP_DIR),$(1)), - $(eval DOCKER_FILE := $(wildcard $(1)/docker/*/Dockerfile $(1)/*/Dockerfile $(1)/Dockerfile)) - ) - $(eval args := $(or $(2), $(ARGS))) - $(eval DOCKER_RUN_OPTIONS += -it) - $(if $(DOCKER_FILE), \ - $(foreach dockerfile,$(DOCKER_FILE), - $(call app-docker,$(dockerfile)) - $(if $(shell docker images -q $(DOCKER_IMAGE) 2>/dev/null), - $(call docker-run,$(args)) - , - $(call ERROR,Unable to find docker image $(DOCKER_IMAGE)) - ) - ), - $(call ERROR,Unable to find any Dockerfile in dir: $(or $(1),$(APP_DIR))) - ) -endef - -# function app-up: Call docker-run (-d) for each Dockerfile in dir 1 -define app-up - $(call INFO,app-up,$(1)) - $(if $(filter-out $(APP_DIR),$(1)), - $(eval DOCKER_FILE := $(wildcard $(1)/docker/*/Dockerfile $(1)/*/Dockerfile $(1)/Dockerfile)) - ) - $(eval DOCKER_RUN_OPTIONS += -d) - $(if $(DOCKER_FILE), \ - $(foreach dockerfile,$(DOCKER_FILE), - $(call app-docker,$(dockerfile)) - $(if $(shell docker images -q $(DOCKER_IMAGE) 2>/dev/null), - $(call docker-run,$(args)) - , - $(call ERROR,Unable to find docker image $(DOCKER_IMAGE)) - ) - ), - $(call ERROR,Unable to find any Dockerfile in dir: $(or $(1),$(APP_DIR))) - ) -endef - -# function app-update: Run 'cd dir 1 && git pull' or Call app-install -define app-update - $(call INFO,app-update,$(1)$(comma) $(2)) - $(eval url := $(or $(1), $(APP_REPOSITORY_URL))) - $(eval dir := $(or $(2), $(APP_DIR))) - $(if $(wildcard $(dir)/.git), - $(RUN) sh -c 'cd $(dir) && git pull $(QUIET)', - $(call app-install,$(url),$(dir)) - ) -endef diff --git a/make/def.docker.mk b/make/def.docker.mk deleted file mode 100644 index 7a83aa2..0000000 --- a/make/def.docker.mk +++ /dev/null @@ -1,109 +0,0 @@ -DOCKER_ENV_ARGS ?= $(docker_env_args) -DOCKER_EXEC_OPTIONS ?= -DOCKER_GID ?= $(call gid,docker) -DOCKER_IMAGE ?= $(USER_DOCKER_IMAGE) -DOCKER_NAME ?= $(USER_DOCKER_NAME) -DOCKER_NETWORK ?= $(DOCKER_NETWORK_PRIVATE) -DOCKER_NETWORK_PRIVATE ?= $(USER_COMPOSE_PROJECT_NAME) -DOCKER_NETWORK_PUBLIC ?= $(NODE_COMPOSE_PROJECT_NAME) -# DOCKER_RUN: if empty, run system command, else run it in a docker -DOCKER_RUN ?= $(if $(filter-out false False FALSE,$(DOCKER)),$(DOCKER)) -DOCKER_RUN_LABELS ?= $(patsubst %,-l %,$(DOCKER_LABELS)) -# DOCKER_RUN_OPTIONS: default options of `docker run` command -DOCKER_RUN_OPTIONS += --rm --network $(DOCKER_NETWORK) -# DOCKER_RUN_VOLUME: options -v of `docker run` command to mount additionnal volumes -DOCKER_RUN_VOLUME += -v /var/run/docker.sock:/var/run/docker.sock -DOCKER_RUN_WORKDIR ?= -w $(PWD) -ENV_VARS += DOCKER_NETWORK_PRIVATE DOCKER_NETWORK_PUBLIC NODE_COMPOSE_PROJECT_NAME NODE_COMPOSE_SERVICE_NAME NODE_DOCKER_REPOSITORY NODE_DOCKER_VOLUME USER_COMPOSE_PROJECT_NAME USER_COMPOSE_SERVICE_NAME USER_DOCKER_IMAGE USER_DOCKER_NAME USER_DOCKER_REPOSITORY USER_DOCKER_VOLUME -NODE_COMPOSE_PROJECT_NAME ?= node -NODE_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(NODE_COMPOSE_PROJECT_NAME)) -NODE_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(NODE_COMPOSE_PROJECT_NAME))) -NODE_DOCKER_VOLUME ?= $(NODE_COMPOSE_PROJECT_NAME)_myos -USER_COMPOSE_PROJECT_NAME ?= $(USER)-$(ENV) -USER_COMPOSE_SERVICE_NAME ?= $(subst _,-,$(USER_COMPOSE_PROJECT_NAME)) -USER_DOCKER_IMAGE ?= $(USER_DOCKER_REPOSITORY)/myos:${DOCKER_IMAGE_TAG} -USER_DOCKER_NAME ?= $(USER_COMPOSE_PROJECT_NAME)-myos -USER_DOCKER_REPOSITORY ?= $(subst -,/,$(subst _,/,$(USER_COMPOSE_PROJECT_NAME))) -USER_DOCKER_VOLUME ?= $(USER_COMPOSE_PROJECT_NAME)_myos - -# https://github.com/docker/libnetwork/pull/2348 -ifeq ($(SYSTEM),Darwin) -DOCKER_HOST_IFACE ?= $(shell docker run --rm -it --net=host alpine /sbin/ip -4 route list match 0/0 2>/dev/null |awk '{print $$5}' |awk '!seen[$$0]++' |head -1) -DOCKER_HOST_INET4 ?= $(shell docker run --rm -it --net=host alpine /sbin/ip -4 addr show $(DOCKER_HOST_IFACE) 2>/dev/null |awk '$$1 == "inet" {sub(/\/.*/,"",$$2); print $$2}' |head -1) -DOCKER_INTERNAL_DOCKER_GATEWAY ?= $(shell docker run --rm -it alpine getent hosts gateway.docker.internal 2>/dev/null |awk '{print $$1}' |head -1) -DOCKER_INTERNAL_DOCKER_HOST ?= $(shell docker run --rm -it alpine getent hosts host.docker.internal 2>/dev/null |awk '{print $$1}' |head -1) -else -DOCKER_HOST_IFACE ?= $(shell /sbin/ip -4 route list match 0/0 2>/dev/null |awk '{print $$5}' |awk '!seen[$$0]++' |head -1) -DOCKER_HOST_INET4 ?= $(shell /sbin/ip -4 addr show $(DOCKER_HOST_IFACE) 2>/dev/null |awk '$$1 == "inet" {sub(/\/.*/,"",$$2); print $$2}' |head -1) -DOCKER_INTERNAL_DOCKER_GATEWAY ?= $(shell /sbin/ip -4 route list match 0/0 2>/dev/null |awk '{print $$3}' |awk '!seen[$$0]++' |head -1) -DOCKER_INTERNAL_DOCKER_HOST ?= $(shell /sbin/ip addr show docker0 2>/dev/null |awk '$$1 == "inet" {sub(/\/.*/,"",$$2); print $$2}' |head -1) -endif - -ifeq ($(DRONE), true) -# When running docker command in drone, we are already in a docker (dind). -# Whe need to find the volume mounted in the current docker (runned by drone) to mount it in our docker command. -# If we do not mount the volume in our docker, we wont be able to access the files in this volume as the /drone/src directory would be empty. -DOCKER_RUN_VOLUME += -v $$(docker inspect $$(basename $$(cat /proc/1/cpuset)) 2>/dev/null |awk 'BEGIN {FS=":"} $$0 ~ /"drone-[a-zA-Z0-9]*:\/drone"$$/ {gsub(/^[ \t\r\n]*"/,"",$$1); print $$1; exit}'):/drone $(if $(wildcard /root/.netrc),-v /root/.netrc:/root/.netrc) -else -DOCKER_RUN_VOLUME += -v $(or $(APP_PARENT_DIR),$(APP_DIR),$(PWD)):$(or $(WORKSPACE_DIR),$(APP_PARENT_DIR),$(APP_DIR),$(PWD)) -endif - -ifneq ($(DOCKER_RUN),) - -DOCKER_SSH_AUTH := -e SSH_AUTH_SOCK=/tmp/ssh-agent/socket -v $(USER_DOCKER_VOLUME):/tmp/ssh-agent - -# function docker-run: Run docker image 2 with arg 1 -define docker-run - $(call INFO,docker-run,$(1)$(comma) $(2)) - $(call run,$(or $(2),$(DOCKER_IMAGE)) $(1)) -endef -ifeq ($(DRONE), true) -# function exec DRONE=true: Run DOCKER_IMAGE with arg 1 -define exec - $(call INFO,exec,$(1)) - $(call run,$(DOCKER_IMAGE) $(or $(1),$(SHELL))) -endef -else -# function exec: Exec arg 1 in docker DOCKER_NAME -define exec - $(call INFO,exec,$(1)) - $(RUN) docker exec $(DOCKER_ENV_ARGS) $(DOCKER_EXEC_OPTIONS) $(DOCKER_RUN_WORKDIR) $(DOCKER_NAME) $(or $(1),$(SHELL)) -endef -endif -# function run: Run docker run with arg 1 and docker repository 2 -## attention: arg 2 should end with slash or space -define run - $(call INFO,run,$(1)$(comma) $(2)) - $(RUN) docker run $(DOCKER_ENV_ARGS) $(DOCKER_RUN_LABELS) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(DOCKER_SSH_AUTH) $(DOCKER_RUN_NAME) $(2)$(1) -endef - -else - -SHELL := /bin/bash -# function docker-run DOCKER=false: Run docker image 2 with arg 1 -define docker-run - $(call INFO,docker-run,$(1)$(comma) $(2)) - $(RUN) docker run $(DOCKER_ENV_ARGS) $(DOCKER_RUN_LABELS) $(DOCKER_RUN_OPTIONS) $(DOCKER_RUN_VOLUME) $(DOCKER_RUN_WORKDIR) $(DOCKER_RUN_NAME) $(or $(2),$(DOCKER_IMAGE)) $(1) -endef -# function exec DOCKER=false: Call env-exec with arg 1 or SHELL -define exec - $(call INFO,exec,$(1)) - $(call env-exec,$(or $(1),$(SHELL))) -endef -# function run DOCKER=false: Call env-run with arg 1 -define run - $(call INFO,run,$(1)) - $(call env-run,$(1)) -endef - -endif - -# function docker-volume-copy: Copy files from a docker volume to another -define docker-volume-copy - $(call INFO,docker-volume-copy,$(1)$(comma) $(2)) - $(eval from := $(1)) - $(eval to := $(2)) - $(RUN) docker volume inspect $(from) >/dev/null - $(RUN) docker volume inspect $(to) >/dev/null 2>&1 || $(RUN) docker volume create $(to) >/dev/null - $(RUN) docker run --rm -v $(from):/from -v $(to):/to alpine ash -c "cd /from; cp -a . /to" -endef diff --git a/make/def.mk b/make/def.mk deleted file mode 100644 index ed78619..0000000 --- a/make/def.mk +++ /dev/null @@ -1,297 +0,0 @@ -.DEFAULT_GOAL := help -.PHONY: FORCE -comma ?= , -dollar ?= $ -dquote ?= " -quote ?= ' -lbracket ?= ( -rbracket ?= ) -APP ?= $(if $(wildcard .git),$(notdir $(CURDIR))) -APP_NAME ?= $(subst _,,$(subst -,,$(subst .,,$(call LOWERCASE,$(APP))))) -APP_TYPE ?= $(if $(SUBREPO),subrepo) $(if $(filter .,$(MYOS)),myos) -APPS ?= $(if $(MONOREPO),$(sort $(patsubst $(MONOREPO_DIR)/%/.git,%,$(wildcard $(MONOREPO_DIR)/*/.git)))) -APPS_NAME ?= $(foreach app,$(APPS),$(or $(shell awk -F '=' '$$1 == "APP" {print $$2}' $(or $(wildcard $(MONOREPO_DIR)/$(app)/.env),$(wildcard $(MONOREPO_DIR)/$(app)/.env.$(ENV)),$(MONOREPO_DIR)/$(app)/.env.dist) 2>/dev/null),$(app))) -BRANCH ?= $(GIT_BRANCH) -CMD_APK_INSTALL ?= $(if $(shell type -p apk),apk --no-cache --update add) -CMD_APK_REMOVE ?= $(if $(shell type -p apk),apk --no-cache del) -CMD_APT_INSTALL ?= $(if $(shell type -p apt-get),apt-get update && apt-get -fy install) -CMD_APT_REMOVE ?= $(if $(shell type -p apt-get),apt-get -fy remove) -CMDS ?= app-%-run apps-install exec exec:% exec@% install-app run run:% run@% -COLOR_BLUE ?= \033[01;34m -COLOR_BROWN ?= \033[33m -COLOR_CYAN ?= \033[36m -COLOR_DGRAY ?= \033[30m -COLOR_ERROR ?= $(COLOR_RED) -COLOR_GRAY ?= \033[37m -COLOR_GREEN ?= \033[32m -COLOR_HIGHLIGHT ?= $(COLOR_GREEN) -COLOR_INFO ?= $(COLOR_BROWN) -COLOR_RED ?= \033[31m -COLOR_RESET ?= \033[0m -COLOR_VALUE ?= $(COLOR_CYAN) -COLOR_WARNING ?= $(COLOR_YELLOW) -COLOR_YELLOW ?= \033[01;33m -COMMIT ?= $(or $(SUBREPO_COMMIT),$(GIT_COMMIT)) -CONFIG ?= $(RELATIVE)config -CONFIG_REPOSITORY ?= $(CONFIG_REPOSITORY_URL) -CONFIG_REPOSITORY_HOST ?= $(shell printf '$(CONFIG_REPOSITORY_URI)\n' |sed 's|/.*||;s|.*@||') -CONFIG_REPOSITORY_PATH ?= $(shell printf '$(CONFIG_REPOSITORY_URI)\n' |sed 's|[^/]*/||;') -CONFIG_REPOSITORY_SCHEME ?= $(shell printf '$(CONFIG_REPOSITORY_URL)\n' |sed 's|://.*||;') -CONFIG_REPOSITORY_URI ?= $(shell printf '$(CONFIG_REPOSITORY_URL)\n' |sed 's|.*://||;') -CONFIG_REPOSITORY_URL ?= $(call pop,$(APP_UPSTREAM_REPOSITORY))/$(notdir $(CONFIG)) -CONTEXT ?= ENV $(shell awk 'BEGIN {FS="="}; $$1 !~ /^(\#|$$)/ {print $$1}' .env.dist 2>/dev/null) -CONTEXT_DEBUG ?= MAKEFILE_LIST DOCKER_ENV_ARGS ENV_ARGS APPS GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME MAKE_DIR MAKE_SUBDIRS MAKE_CMD_ARGS MAKE_ENV_ARGS UID USER -DEBUG ?= -DOCKER ?= $(shell type -p docker) -DOMAIN ?= localhost -DRONE ?= false -DRYRUN ?= false -DRYRUN_RECURSIVE ?= false -ELAPSED_TIME = $(shell $(call TIME)) -ENV ?= local -ENV_ARGS ?= $(env_args) -ENV_FILE ?= $(wildcard $(CONFIG)/$(ENV)/$(APP)/.env .env) -ENV_LIST ?= $(shell ls .git/refs/heads/ 2>/dev/null) -ENV_RESET ?= false -ENV_VARS ?= APP BRANCH DOMAIN ENV HOME HOSTNAME GID GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME GROUP MACHINE MONOREPO MONOREPO_DIR SYSTEM TAG UID USER VERSION -GID ?= $(shell id -g 2>/dev/null) -GIDS ?= $(shell id -G 2>/dev/null) -GIT_AUTHOR_EMAIL ?= $(or $(shell git config user.email 2>/dev/null),$(USER)@my.os) -GIT_AUTHOR_NAME ?= $(or $(shell git config user.name 2>/dev/null),$(USER)) -GIT_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null) -GIT_COMMIT ?= $(shell git rev-parse $(BRANCH) 2>/dev/null) -GIT_REPOSITORY ?= $(if $(SUBREPO),$(shell awk -F ' = ' '$$1 ~ /^[[\s\t]]*remote$$/ {print $$2}' .gitrepo 2>/dev/null),$(shell git config --get remote.origin.url 2>/dev/null)) -GIT_STATUS ?= $(shell git status -uno --porcelain 2>/dev/null |wc -l) -GIT_TAG ?= $(shell git tag -l --points-at $(BRANCH) 2>/dev/null) -GIT_UPSTREAM_REPOSITORY ?= $(if $(GIT_REPOSITORY),$(if $(findstring ://,$(GIT_REPOSITORY)),$(call pop,$(call pop,$(GIT_REPOSITORY)))/,$(call pop,$(GIT_REPOSITORY),:):)$(or $(GIT_UPSTREAM_USER),$(GIT_USER))/$(lastword $(subst /, ,$(GIT_REPOSITORY)))) -GIT_UPSTREAM_USER ?= $(lastword $(subst /, ,$(call pop,$(MYOS_REPOSITORY)))) -GIT_USER ?= $(USER) -GIT_VERSION ?= $(shell git describe --tags $(BRANCH) 2>/dev/null || git rev-parse $(BRANCH) 2>/dev/null) -GROUP ?= $(shell id -ng 2>/dev/null) -HOSTNAME ?= $(shell hostname 2>/dev/null |sed 's/\..*//') -IGNORE_DRYRUN ?= false -IGNORE_VERBOSE ?= false -INSTALL ?= $(RUN) $(SUDO) $(subst &&,&& $(RUN) $(SUDO),$(INSTALL_CMD)) -INSTALL_CMDS ?= APK_INSTALL APT_INSTALL -$(foreach cmd,$(INSTALL_CMDS),$(if $(CMD_$(cmd)),$(eval INSTALL_CMD ?= $(CMD_$(cmd))))) -LOG_LEVEL ?= $(if $(DEBUG),debug,$(if $(VERBOSE),info,error)) -MAKE_ARGS ?= $(foreach var,$(MAKE_VARS),$(if $($(var)),$(var)='$($(var))')) -MAKE_SUBDIRS ?= $(if $(filter myos,$(MYOS)),monorepo,$(if $(APP),apps $(foreach type,$(APP_TYPE),$(if $(wildcard $(MAKE_DIR)/apps/$(type)),apps/$(type))))) -MAKE_CMD_ARGS ?= $(foreach var,$(MAKE_CMD_VARS),$(var)='$($(var))') -MAKE_CMD_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLES,$(.VARIABLES)), $(if $(filter command\ line,$(origin $(var))),$(var)))) -MAKE_ENV_ARGS ?= $(foreach var,$(filter $(ENV_VARS),$(MAKE_ENV_VARS)),$(var)='$($(var))') -MAKE_ENV_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLES,$(.VARIABLES)), $(if $(filter environment,$(origin $(var))),$(var)))) -MAKE_FILE_ARGS ?= $(foreach var,$(filter $(ENV_VARS),$(MAKE_FILE_VARS)),$(var)='$($(var))') -MAKE_FILE_VARS ?= $(strip $(foreach var, $(filter-out .VARIABLES,$(.VARIABLES)), $(if $(filter file,$(origin $(var))),$(var)))) -MAKE_OLDFILE ?= $@ -MAKE_TARGETS ?= $(filter-out $(.VARIABLES),$(shell $(MAKE) -qp 2>/dev/null |awk -F':' '/^[a-zA-Z0-9][^$$\#\/\t=]*:([^=]|$$)/ {print $$1}' 2>/dev/null |sort -u)) -MAKE_UNIXTIME_START := $(shell date -u +'%s' 2>/dev/null) -MAKE_UNIXTIME_CURRENT = $(shell date -u "+%s" 2>/dev/null) -MAKE_VARS ?= ENV -MONOREPO ?= $(if $(filter myos,$(MYOS)),$(notdir $(CURDIR)),$(if $(APP),$(notdir $(realpath $(CURDIR)/..)))) -MONOREPO_DIR ?= $(if $(MONOREPO),$(if $(filter myos,$(MYOS)),$(realpath $(CURDIR)),$(if $(APP),$(realpath $(CURDIR)/..)))) -MYOS ?= $(if $(filter $(MAKE_DIR),$(call pop,$(MAKE_DIR))),.,$(call pop,$(MAKE_DIR))) -MYOS_COMMIT ?= $(shell GIT_DIR=$(MYOS)/.git git rev-parse head 2>/dev/null) -MYOS_REPOSITORY ?= $(shell GIT_DIR=$(MYOS)/.git git config --get remote.origin.url 2>/dev/null) -QUIET ?= $(if $(VERBOSE),,--quiet) -RECURSIVE ?= true -RELATIVE ?= $(if $(filter myos,$(MYOS)),./,../) -SHARED ?= $(RELATIVE)shared -SSH_DIR ?= ${HOME}/.ssh -STATUS ?= $(GIT_STATUS) -SUBREPO ?= $(if $(wildcard .gitrepo),$(notdir $(CURDIR))) -SUDO ?= $(if $(filter-out 0,$(UID)),$(shell type -p sudo)) -TAG ?= $(GIT_TAG) -UID ?= $(shell id -u 2>/dev/null) -USER ?= $(shell id -nu 2>/dev/null) -VERBOSE ?= $(if $(DEBUG),true) -VERSION ?= $(GIT_VERSION) - -ifneq ($(DEBUG),) -CONTEXT += $(CONTEXT_DEBUG) -else -.SILENT: -endif - -# Guess RUN -ifeq ($(DRYRUN),true) -RUN = $(if $(filter-out true,$(IGNORE_DRYRUN)),echo) -ifeq ($(RECURSIVE), true) -DRYRUN_RECURSIVE := true -endif -endif - -# Guess OS -ifeq ($(OSTYPE),cygwin) -SYSTEM := cygwin -else ifeq ($(OS),Windows_NT) -SYSTEM := Windows_NT -else -SYSTEM := $(shell uname -s 2>/dev/null) -endif -MACHINE := $(shell uname -m 2>/dev/null) - -ifeq ($(SYSTEM),Darwin) -SED_SUFFIX := '' -endif - -# include .env files -include $(wildcard $(ENV_FILE)) - -ERROR_FD := 2 -# macro ERROR: print colorized warning -ERROR = \ -printf '${COLOR_ERROR}ERROR:${COLOR_RESET} ${COLOR_INFO}$(APP)${COLOR_RESET}[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}]$(if $@, ${COLOR_VALUE}$@${COLOR_RESET}):${COLOR_RESET} ' >&$(ERROR_FD) \ - $(if $(2), \ - && printf '$(1) ${COLOR_HIGHLIGHT}$(2)${COLOR_RESET}' >&$(ERROR_FD) \ - $(if $(3),&& printf ' $(3)$(if $(4), ${COLOR_VALUE}$(4)${COLOR_RESET})' >&$(ERROR_FD)) \ - , \ - && $(strip $(call PRINTF,$(1)) >&$(ERROR_FD)) \ - ) \ - && printf '\n' >&$(ERROR_FD) \ - && exit 2 - -# macro force: Run command 1 sine die -## it starts command 1 if it is not already running -## it returns never -force = $$(while true; do \ - [ $$(ps x |awk '\ - BEGIN {nargs=split("'"$$*"'",args)} \ - $$field == args[1] { \ - matched=1; \ - for (i=1;i<=NF-field;i++) { \ - if ($$(i+field) == args[i+1]) {matched++} \ - } \ - if (matched == nargs) {found++} \ - } \ - END {print found+0}' field=4) -eq 0 \ - ] \ - && $(RUN) $(1) || sleep 1; done \ -) - -# macro gid: Return GID of group 1 -gid = $(shell awk -F':' '$$1 == "$(1)" {print $$3}' /etc/group 2>/dev/null) - -INFO_FD := 2 -# macro INFO: print colorized info -INFO = $(if $(VERBOSE),$(if $(filter-out true,$(IGNORE_VERBOSE)), \ - printf '${COLOR_INFO}$(APP)${COLOR_RESET}[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}]$(if $@, ${COLOR_VALUE}$@${COLOR_RESET}):${COLOR_RESET} ' >&$(INFO_FD) \ - $(if $(2), \ - && printf 'Call ${COLOR_HIGHLIGHT}$(1)${COLOR_RESET}$(lbracket)' >&$(INFO_FD) \ - && $(or $(strip $(call PRINTF,$(2))),printf '$(2)') >&$(INFO_FD) \ - && printf '$(rbracket)' >&$(INFO_FD) \ - $(if $(3),&& printf ' ${COLOR_VALUE}in${COLOR_RESET} $(3)' >&$(INFO_FD)) \ - , \ - && $(strip $(call PRINTF,$(1)) >&$(INFO_FD)) \ - ) \ - && printf '\n' >&$(INFO_FD) \ -)) - -# macro pop: Return last word of string 1 according to separator 2 -pop = $(patsubst %$(or $(2),/)$(lastword $(subst $(or $(2),/), ,$(1))),%,$(1)) - -# macro sed: Run sed script 1 on file 2 -sed = $(RUN) sed -i $(SED_SUFFIX) '$(1)' $(2) - -# macro TIME: Print time elapsed since unixtime 1 -TIME = awk '{printf "%02d:%02d:%02d\n",int($$1/3600),int(($$1%3600)/60),int($$1%60)}' \ - <<< $(shell awk 'BEGIN {current=$(or $(2),$(MAKE_UNIXTIME_CURRENT)); start=$(or $(1),$(MAKE_UNIXTIME_START)); print (current - start)}' 2>/dev/null) - -WARNING_FD := 2 -# macro WARNING: print colorized warning -WARNING = \ -printf '${COLOR_WARNING}WARNING:${COLOR_RESET} ${COLOR_INFO}$(APP)${COLOR_RESET}[${COLOR_VALUE}$(MAKELEVEL)${COLOR_RESET}]$(if $@, ${COLOR_VALUE}$@${COLOR_RESET}):${COLOR_RESET} ' >&$(WARNING_FD) \ - $(if $(2), \ - && printf '$(1) ${COLOR_HIGHLIGHT}$(2)${COLOR_RESET}' >&$(WARNING_FD) \ - $(if $(3),&& printf ' $(3)$(if $(4), ${COLOR_VALUE}$(4)${COLOR_RESET})' >&$(WARNING_FD)) \ - , \ - && $(strip $(call PRINTF,$(1)) >&$(WARNING_FD)) \ - ) \ - && printf '\n' >&$(WARNING_FD) - -# function conf: Extract variable=value line from configuration files -## it prints the line with variable 3 definition from block 2 in file 1 -define conf - $(call INFO,conf,$(1)$(comma) $(2)$(comma) $(3)) - $(eval file := $(1)) - $(eval block := $(2)) - $(eval variable := $(3)) - [ -r "$(file)" ] && while IFS='=' read -r key value; do \ - case $${key} in \ - \#*) \ - continue; \ - ;; \ - \[*\]) \ - current_bloc="$${key##\[}"; \ - current_bloc="$${current_bloc%%\]}"; \ - [ -z "$(block)" ] && [ -z "$(variable)" ] && printf '%s\n' "$${current_bloc}" ||:; \ - ;; \ - *) \ - key=$${key%$${key##*[![:space:]]}}; \ - value=$${value#$${value%%[![:space:]]*}}; \ - if [ "$(block)" = "$${current_bloc}" ] && [ "$${key}" ]; then \ - [ -z "$(variable)" ] && printf '%s=%s\n' "$${key}" "$${value}" ||:; \ - [ "$(variable)" = "$${key}" ] && printf '%s\n' "$${value}" ||:; \ - fi \ - ;; \ - esac \ - done < "$(file)" -endef - -# function env-exec: Exec arg 1 with custom env -define env-exec - $(call INFO,env-exec,$(1)) - IFS=$$'\n'; env $(env_reset) $(env_args) $(1) -endef - -# function env-run: Call env-exec with arg 1 -define env-run - $(call INFO,env-run,$(1)) - $(call env-exec,$(or $(1),$(SHELL))) -endef - -# function make: Call make with predefined options and variables - # 1st arg: make command line (targets and arguments) - # 2nd arg: directory to call make from - # 3rd arg: list of variables to pass to make (ENV by default) - # 4th arg: path to .env file with additional arguments to call make with (file must exist when calling make) - # add list of VARIABLE=VALUE from vars to MAKE_ARGS - # add list of arguments from file to MAKE_ARGS - # eval MAKE_DIR option to -C $(2) if $(2) given - # add current target to MAKE_OLDFILE (list of already fired targets) - # print command that will be run if VERBOSE mode - # actually run make command - # if DRYRUN_RECURSIVE mode, run make command in DRYRUN mode -define make - $(eval cmd := $(1)) - $(eval dir := $(2)) - $(eval vars := $(3)) - $(eval file := $(4)) - $(if $(vars),$(eval MAKE_ARGS += $(foreach var,$(vars),$(if $($(var)),$(var)='$($(var))')))) - $(if $(wildcard $(file)),$(eval MAKE_ARGS += $(shell cat $(file) |sed '/^$$/d; /^#/d; /=/!d; s/^[[\s\t]]*//; s/[[\s\t]]*=[[\s\t]]*/=/;' |awk -F '=' '{print $$1"='\''"$$2"'\''"}'))) - $(eval MAKE_DIR := $(if $(dir),-C $(dir))) - $(eval MAKE_OLDFILE += $(filter-out $(MAKE_OLDFILE), $^)) - $(call INFO,make,$(MAKE_ARGS) $(cmd),$(dir)) - $(RUN) $(MAKE) $(MAKE_DIR) $(patsubst %,-o %,$(MAKE_OLDFILE)) MAKE_OLDFILE="$(MAKE_OLDFILE)" $(MAKE_ARGS) $(cmd) - $(if $(filter true,$(DRYRUN_RECURSIVE)),$(MAKE) $(MAKE_DIR) $(patsubst %,-o %,$(MAKE_OLDFILE)) MAKE_OLDFILE="$(MAKE_OLDFILE)" DRYRUN=$(DRYRUN) RECURSIVE=$(RECURSIVE) $(MAKE_ARGS) $(cmd)) -endef - -# function TARGET:ENV: Create a new target ending with :env -## it sets ENV, ENV_FILE and calls original target -define TARGET:ENV -.PHONY: $(TARGET) -$(TARGET): $(ASSIGN_ENV) -$(TARGET): $(ASSIGN_ENV_FILE) -$(TARGET): - $$(call make,$$*,,ENV_FILE) -endef - -# set ENV=env for targets ending with :env -## for each env in ENV_LIST -## it overrides value of ENV with env -## it adds $(CONFIG)/$(env)/$(APP)/.env file to ENV_FILE -## it evals TARGET:ENV -$(foreach env,$(ENV_LIST),$(eval TARGET := %\:$(env)) $(eval ASSIGN_ENV := ENV:=$(env)) $(eval ASSIGN_ENV_FILE := ENV_FILE+=$(wildcard $(CONFIG)/$(env)/$(APP)/.env)) $(eval $(TARGET:ENV))) - -# set ENV=env for targets ending with @env -$(foreach env,$(ENV_LIST),$(eval %@$(env): ENV:=$(env))) diff --git a/make/end.mk b/make/end.mk deleted file mode 100644 index 885b89f..0000000 --- a/make/end.mk +++ /dev/null @@ -1,7 +0,0 @@ -# Accept arguments for CMDS targets and turn them into do-nothing targets -ifneq ($(filter $(CMDS),$(firstword $(MAKECMDGOALS))),) -ARGS := $(wordlist 2,$(words $(MAKECMDGOALS)),$(MAKECMDGOALS)) -ARGS := $(subst :,\:,$(ARGS)) -ARGS := $(subst &,\&,$(ARGS)) -$(eval $(ARGS):;@:) -endif diff --git a/make/env.mk b/make/env.mk deleted file mode 100644 index f7de907..0000000 --- a/make/env.mk +++ /dev/null @@ -1,102 +0,0 @@ -## -# ENV - -# target .env: Update file .env -## it updates file .env when file .env.dist is newer -.env: .env.dist - $(call .env,,,$(wildcard $(CONFIG)/$(ENV)/$(APP)/.env .env.$(ENV))) - -# target .env-clean: Remove file .env -## it removes file .env -.PHONY: .env-clean -.env-clean: - rm -i .env || true - -# target .env-update: Update file ENV_FILE -## it updates file ENV_FILE with missing values from file ENV_DIST -## it can override ENV_DIST with values from file ENV_OVER -.PHONY: .env-update -.env-update: - $(call INFO,.env-update,$(ENV_FILE)$(comma) $(ENV_DIST)$(comma) $(ENV_OVER)) - $(foreach env_file,$(ENV_FILE),$(call .env,$(env_file),$(or $(ENV_DIST),$(env_file).dist),$(ENV_OVER))) - -# include .env file --include .env - -ifneq (,$(filter true,$(ENV_RESET))) -env_reset := -i -endif - -docker.env.args = $(foreach var,$(ENV_VARS),$(if $($(var)),-e $(var)='$($(var))')) -docker.env.dist ?= $(shell printenv |awk -F '=' 'NR == FNR { if($$1 !~ /^(\#|$$)/) { A[$$1]; next } } ($$1 in A) {print "-e "$$0}' .env.dist - 2>/dev/null) -docker.env.file ?= $(patsubst %,--env-file %,$(wildcard $(ENV_FILE))) -docker_env_args = $(docker.env.args) $(docker.env.dist) $(docker.env.file) -env.args = $(foreach var,$(ENV_VARS),$(if $($(var)),$(var)='$($(var))')) -env.dist ?= $(shell printenv |awk -F '=' 'NR == FNR { if($$1 !~ /^(\#|$$)/) { A[$$1]; next } } ($$1 in A)' .env.dist - 2>/dev/null) -env.file ?= $(shell cat $(or $(ENV_FILE),/dev/null) 2>/dev/null |sed '/^[ \t]*$$/d;/^[ \t]*\#/d;s/='\''/=/;s/'\''$$//;s/='\"'/=/;s/'\"'$$//;' |awk -F '=' '{print $$1"='\''"$$2"'\''"}') -env_args = $(env.args) $(env.dist) $(env.file) - -SHELL:=/bin/bash - -# function .env: Call .env_update function -## it sets .env, .env.dist and .env.ENV files paths -## it calls .env_update function if .env.dist file exists - # 1st arg: path to .env file to update, default to .env - # 2nd arg: path to .env.dist file, default to .env.dist - # 3rd arg: path to .env override files, default to .env.$(ENV) -define .env - $(call INFO,.env,$(1)$(comma) $(2)$(comma) $(3)) - $(eval env_file:=$(or $(1),.env)) - $(eval env_dist:=$(or $(2),$(env_file).dist)) - $(eval env_over:=$(or $(wildcard $(3)),$(wildcard $(env_file).$(ENV)))) - $(if $(wildcard $(env_dist)), $(call .env_update)) -endef - -# function .env_update: Update .env file with values from .env.dist -## this function adds variables from the .env.dist to the .env file -## and does substitution to replace variables with their value when -## adding it to the .env. It reads variables first from environment, -## make command line, .env override files and finish with .env.dist -## to do the substitution. It does not write to .env file variables -## that already exist in .env file or comes from system environment. - # create the .env file - # read environment variables - # keep variables from .env.dist that does not exist in environment - # add variables definition from .env override files at the beginning - # add variables definition from make command line at the beginning - # remove duplicate variables - # keep variables that exists in .env.dist - # keep variables that does not exist in .env - # read variables definition in a subshell with multiline support - # create a new (empty if ENV_RESET is true) environment with env.args - # read environment variables and keep only those existing in .env.dist - # add .env overrides variables definition - # add .env.dist variables definition - # remove empty lines or comments - # remove duplicate variables - # replace variables in stdin with their value from the new environment - # remove residual empty lines or comments - # sort alphabetically - # add variables definition to the .env file -define .env_update - $(call INFO,.env_update,$(env_file)$(comma) $(env_dist)$(comma) $(env_over)) - touch $(env_file) $(if $(VERBOSE)$(DEBUG),,2> /dev/null) - printenv \ - |awk -F '=' 'NR == FNR { if($$1 !~ /^(#|$$)/) { A[$$1]; next } } !($$1 in A)' - $(env_dist) \ - |cat $(env_over) - \ - |awk 'BEGIN {split("$(MAKE_CMD_VARS)",vars," "); for (var in vars) {print vars[var]"="ENVIRON[vars[var]]};} {print}' \ - |awk -F '=' '!seen[$$1]++' \ - |awk -F '=' 'ARGV[1] == FILENAME { A[$$1]; next } ($$1 in A)' $(env_dist) - 2>/dev/null \ - |awk -F '=' 'ARGV[1] == FILENAME { A[$$1]; next } !($$1 in A)' $(env_file) - 2>/dev/null \ - |(IFS=$$'\n'; \ - env $(env_reset) $(env.args) \ - $$(env |awk -F '=' 'NR == FNR { if($$1 !~ /^(#|$$)/) { A[$$1]; next } } ($$1 in A)' $(env_dist) - \ - |cat - $(env_over) \ - |cat - $(env_dist) \ - |sed -e /^$$/d -e /^#/d \ - |awk -F '=' '!seen[$$1]++') \ - awk '{while(match($$0,"[$$]{[^}]*}")) {var=substr($$0,RSTART+2,RLENGTH-3);gsub("[$$]{"var"}",ENVIRON[var])} print}') \ - |sed -e /^$$/d -e /^#/d \ - |sort \ - >> $(env_file); -endef diff --git a/make/help.mk b/make/help.mk deleted file mode 100644 index ddb41d2..0000000 --- a/make/help.mk +++ /dev/null @@ -1,83 +0,0 @@ -## -# HELP - -# target blank1 blank2: Print new line -.PHONY: blank1 blank2 -blank1 blank2: - printf "\n" - -# target context: Print Context and Call contexts target -.PHONY: context -context: - @printf "${COLOR_INFO}Context:${COLOR_RESET}\n" - $(MAKE) contexts - -# target context: Fire context-% target for each CONTEXT -.PHONY: contexts -contexts: $(foreach var,$(CONTEXT),context-$(var)) - -# target context-% print-%: Print % value -.PHONY: context-% print-% -context-% print-%: - @printf "${COLOR_HIGHLIGHT}%-37s${COLOR_RESET}" $* - @printf "${COLOR_VALUE}" - @$(call PRINTF,$($*)) - @printf "${COLOR_RESET}\n" - -# target doc: Fire functions macros target variables -doc: functions macros targets variables ; - -# target doc-%: Fire functions-% macros-% target-% variables-% -doc-%: functions-% macros-% targets-% variables-%; - -# target help: Fire usage blank1 target blank2 context -.PHONY: help -help: usage blank1 target blank2 context ## This help - -# target functions: Fire functions-. -.PHONY: functions -functions: functions-. - -# target functions-%: Print documented functions starting with % -.PHONY: functions-% -functions-%: - awk 'BEGIN {FS = ": "}; $$0 ~ /^# function $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST) - -# target macros: Fire macros-. -.PHONY: macros -macros: macros-. - -# target macros-%: Print documented macros starting with % -.PHONY: macros-% -macros-%: - awk 'BEGIN {FS = ": "}; $$0 ~ /^# macro $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST) - -# target target: Show common targets -.PHONY: target -target: - printf "${COLOR_INFO}Targets:${COLOR_RESET}\n" - awk 'BEGIN {FS = ":.*?## "}; $$0 ~ /^[a-zA-Z_-]+:.*?## .*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST) - -# target targets: Fire targets-. -.PHONY: targets -targets: targets-. - -# target targets-%: Print documented targets -.PHONY: targets-% -targets-%: - awk 'BEGIN {FS = ": "}; $$0 ~ /^# target $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST) - -# target usage: Print Usage -.PHONY: usage -usage: - printf "${COLOR_INFO}Usage:${COLOR_RESET}\n" - printf "make [target]\n" - -# target variables: Fire variables-. -.PHONY: variables -variables: variables-. - -# target variables-%: Show documented variables -.PHONY: variables-% -variables-%: - awk 'BEGIN {FS = ": "}; $$0 ~ /^# variable $*.*:.*$$/ {printf "${COLOR_VALUE}%-39s${COLOR_RESET} %s\n", $$1, $$2}' $(MAKEFILE_LIST) diff --git a/make/include.mk b/make/include.mk deleted file mode 100644 index db9c31f..0000000 --- a/make/include.mk +++ /dev/null @@ -1,25 +0,0 @@ -## -# INCLUDE - -# variable MAKE_DIR: Path of this file -MAKE_DIR := $(patsubst %/,%,$(dir $(lastword $(MAKEFILE_LIST)))) -# variable MAKE_FILE: Name of this file -MAKE_FILE := $(notdir $(lastword $(MAKEFILE_LIST))) -# variable MAKE_FIRST: List of first files to load -MAKE_FIRST := env.mk def.mk $(wildcard def.*.mk) -# variable MAKE_LATEST: List of latest files to load -MAKE_LATEST := end.mk -## it includes $(MAKE_DIR)/$(MAKE_FIRST) -include $(wildcard $(patsubst %,$(MAKE_DIR)/%,$(MAKE_FIRST))) -## it includes $(MAKE_DIR)/*/def.mk $(MAKE_DIR)/*/def.*.mk -include $(foreach subdir,$(MAKE_SUBDIRS),$(wildcard $(MAKE_DIR)/$(subdir)/def.mk $(MAKE_DIR)/$(subdir)/def.*.mk)) -## it includes def.mk def.*.mk */def.mk */def.*.mk -include $(wildcard def.mk def.*.mk) $(filter-out $(wildcard $(MAKE_DIR)/*.mk),$(wildcard */def.mk */def.*.mk)) -## it includes $(MAKE_DIR)/*.mk -include $(filter-out $(wildcard $(patsubst %,$(MAKE_DIR)/%,$(MAKE_FILE) $(MAKE_FIRST) $(MAKE_LATEST))),$(wildcard $(MAKE_DIR)/*.mk)) -## it includes $(MAKE_DIR)/*/*.mk -include $(foreach subdir,$(MAKE_SUBDIRS),$(filter-out $(wildcard $(MAKE_DIR)/$(subdir)/def.mk $(MAKE_DIR)/$(subdir)/def.*.mk),$(wildcard $(MAKE_DIR)/$(subdir)/*.mk))) -## it includes *.mk */*.mk -include $(filter-out $(wildcard def.mk def.*.mk),$(wildcard *.mk)) $(filter-out $(wildcard $(MAKE_DIR)/*.mk */def.mk */def.*.mk),$(wildcard */*.mk)) -## it includes $(MAKE_DIR)/$(MAKE_LATEST) -include $(wildcard $(patsubst %,$(MAKE_DIR)/%,$(MAKE_LATEST))) diff --git a/make/monorepo/common.mk b/make/monorepo/common.mk deleted file mode 100644 index 6e0677a..0000000 --- a/make/monorepo/common.mk +++ /dev/null @@ -1,103 +0,0 @@ -## -# COMMON - -# target build: Fire APPS target -.PHONY: build -build: $(APPS) ## Build applications - -# target build@%: Fire APPS target -.PHONY: build@% -build@%: $(APPS); - -# target clean: Fire APPS target -.PHONY: clean -clean: $(APPS) ## Clean applications - -# target clean@%: Fire APPS target -.PHONY: clean@% -clean@%: $(APPS); - -# target config: Fire APPS target -.PHONY: config -config: $(APPS) - -# target copy: Copy files and folders to all APPS -.PHONY: copy -copy: - $(foreach app,$(APPS),$(foreach file,$(ARGS),$(if $(wildcard $(file)),$(RUN) $(if $(filter Linux,$(SYSTEM)),cp -a --parents $(file) $(app)/,rsync -a $(file) $(app)/$(file)) &&)) true &&) true - -# target deploy: Fire APPS target -.PHONY: deploy -deploy: $(APPS) ## Deploy applications - -# target deploy@%: Fire APPS target -.PHONY: deploy@% -deploy@%: $(APPS); - -# target down: Fire APPS target -.PHONY: down -down: $(APPS) ## Remove applications dockers - -# target install: Fire APPS target -.PHONY: install -install: $(APPS) ## Install applications - -# target ps: Fire APPS target -.PHONY: ps -ps: $(APPS) - -# target rebuild: Fire APPS target -.PHONY: rebuild -rebuild: $(APPS) ## Rebuild applications - -# target recreate: Fire APPS target -.PHONY: recreate -recreate: $(APPS) ## Recreate applications - -# target reinstall: Fire APPS target -.PHONY: reinstall -reinstall: $(APPS) ## Reinstall applications - -# target release: Fire release-create target -.PHONY: release -release: release-create ## Create release VERSION - -# target restart: Fire APPS target -.PHONY: restart -restart: $(APPS) ## Restart applications - -# target start: Fire APPS target -.PHONY: start -start: $(APPS) ## Start applications - -# target stop: Fire APPS target -.PHONY: stop -stop: $(APPS) ## Stop applications - -# target tests: Fire APPS target -.PHONY: tests -tests: $(APPS) ## Test applications - -# target up: Fire APPS target -.PHONY: up -up: $(APPS) ## Create applications dockers - -# target update: Fire update-apps target -.PHONY: update -update: update-apps ## Update applications files - -# target upgrade: Fire upgrade-apps and release-upgrade targets -.PHONY: upgrade -upgrade: upgrade-apps release-upgrade ## Upgrade applications - -# target $(APPS): Call targets MAKECMDGOALS in folder $@ -.PHONY: $(APPS) -$(APPS): - $(if $(wildcard $@/Makefile), \ - $(call make,$(patsubst apps-%,%,$(MAKECMDGOALS)) STATUS=0,$(patsubst %/,%,$@),APP_PATH_PREFIX), \ - $(call WARNING,no,Makefile,available in app,$@) \ - ) - -# target apps-%: Fire $(APPS) target to call target % in $(APPS) -.PHONY: apps-% -apps-%: $(APPS) ; diff --git a/make/monorepo/def.drone.mk b/make/monorepo/def.drone.mk deleted file mode 100644 index 9a770f0..0000000 --- a/make/monorepo/def.drone.mk +++ /dev/null @@ -1,14 +0,0 @@ -ifneq (,$(filter true,$(DRONE))) -# limit to APPS impacted by the commit -ifneq (,$(filter $(DRONE_BUILD_EVENT),pull_request push)) -COMMIT_AFTER := $(DRONE_COMMIT_AFTER) -COMMIT_BEFORE := $(if $(filter 0000000000000000000000000000000000000000,$(DRONE_COMMIT_BEFORE)),upstream/master,$(DRONE_COMMIT_BEFORE)) -endif -ifneq (,$(filter $(DRONE_BUILD_EVENT),tag)) -COMMIT_AFTER := $(DRONE_TAG) -COMMIT_BEFORE := $(shell git describe --abbrev=0 --tags $(DRONE_TAG)^ 2>/dev/null) -endif -APPS_IMPACTED := $(shell git diff --name-only $(COMMIT_BEFORE) $(COMMIT_AFTER) 2>/dev/null |awk -F '/' 'NF>1 && !seen[$$1]++ {print $$1}') -APPS := $(or $(APPS_IMPACTED),$(APPS)) -CONTEXT += DRONE_BRANCH DRONE_BUILD_EVENT DRONE_BUILD_NUMBER DRONE_COMMIT_AFTER DRONE_COMMIT_AUTHOR DRONE_COMMIT_AUTHOR_EMAIL DRONE_COMMIT_BEFORE DRONE_COMMIT_REF GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME -endif diff --git a/make/monorepo/def.mk b/make/monorepo/def.mk deleted file mode 100644 index 36635de..0000000 --- a/make/monorepo/def.mk +++ /dev/null @@ -1,6 +0,0 @@ -CMDS += copy master-tag release release-check release-create release-finish subrepo-push subrepo-update -CONTEXT += APPS DOMAIN RELEASE -DIRS ?= $(CONFIG) $(MAKE_DIR) $(SHARED) -RELEASE_UPGRADE ?= $(filter v%, $(shell git tag -l 2>/dev/null |sort -V |awk '/$(RELEASE)/,0')) -RELEASE_VERSION ?= $(firstword $(subst -, ,$(VERSION))) -SUBREPOS ?= $(filter subrepo/%, $(shell git remote 2>/dev/null)) diff --git a/make/monorepo/release.mk b/make/monorepo/release.mk deleted file mode 100644 index e118f15..0000000 --- a/make/monorepo/release.mk +++ /dev/null @@ -1,49 +0,0 @@ -## -# RELEASE - -# target release-check: Define RELEASE_BRANCH and RELEASE_VERSION -.PHONY: release-check -release-check: -ifneq ($(words $(ARGS)),0) - $(eval RELEASE_VERSION := $(word 1, $(ARGS))) - $(eval RELEASE_BRANCH := release/$(RELEASE_VERSION)) -else -ifneq ($(findstring $(firstword $(subst /, ,$(BRANCH))),release),) - $(eval RELEASE_BRANCH := $(BRANCH)) - $(eval RELEASE_VERSION := $(word 2, $(subst /, ,$(BRANCH)))) -endif -endif - $(if $(filter VERSION=%,$(MAKEFLAGS)), $(eval RELEASE_VERSION:=$(VERSION)) $(eval RELEASE_BRANCH := release/$(RELEASE_VERSION))) - $(if $(findstring $(firstword $(subst /, ,$(RELEASE_BRANCH))),release),,$(error Please provide a VERSION or a release BRANCH)) - -# target release-create: Create release VERSION from upstream/develop branch -.PHONY: release-create -release-create: release-check git-stash - $(call make,git-branch-create-upstream-develop BRANCH=$(RELEASE_BRANCH)) - $(call make,git-unstash,,STATUS) - -# target release-finish: Merge release VERSION in master branch -.PHONY: release-finish -release-finish: release-check git-stash - $(call make,git-branch-merge-upstream-master BRANCH=$(RELEASE_BRANCH)) - $(call make,subrepos-update) - $(call make,git-tag-create-upstream-master TAG=$(RELEASE_VERSION)) - $(call make,subrepos-tag-create-master TAG=$(RELEASE_VERSION)) - $(call make,git-tag-merge-upstream-develop TAG=$(RELEASE_VERSION)) - $(call make,git-branch-delete BRANCH=$(RELEASE_BRANCH)) - $(call make,subrepos-branch-delete BRANCH=$(RELEASE_BRANCH)) - $(call make,git-unstash,,STATUS) - -# target release-update: Update RELEASE with RELEASE_VERSION in .env -.PHONY: release-update -release-update: - $(RUN) awk -v s=RELEASE=$(RELEASE_VERSION) '/^RELEASE=/{$$0=s;f=1} {a[++n]=$$0} END{if(!f)a[++n]=s;for(i=1;i<=n;i++)print a[i]>ARGV[1]}' .env - -# target release-upgrade: Run migration targets to upgrade specific releases -.PHONY: release-upgrade -release-upgrade: $(patsubst %,release-upgrade-from-%,$(RELEASE_UPGRADE)) release-update ## Upgrade release - -# target release-upgrade-from-%: Sample of catch-all release migration target -.PHONY: release-upgrade-from-% -release-upgrade-from-%: - printf 'Upgrading from release: $*\n' diff --git a/make/monorepo/subrepo.mk b/make/monorepo/subrepo.mk deleted file mode 100644 index 55aa259..0000000 --- a/make/monorepo/subrepo.mk +++ /dev/null @@ -1,91 +0,0 @@ -## -# SUBREPO - -# target subrepo-branch-delete: Delete branch $(BRANCH) on remote $(SUBREPO) -.PHONY: subrepo-branch-delete -subrepo-branch-delete: myos-user subrepo-check -ifneq ($(words $(BRANCH)),0) - [ $$(git ls-remote --heads $(REMOTE) $(BRANCH) 2>/dev/null |wc -l) -eq 1 ] \ - && $(RUN) git push $(REMOTE) :$(BRANCH) -endif - -# target subrepo-check: Define SUBREPO and REMOTE -.PHONY: subrepo-check -subrepo-check: -ifeq ($(words $(ARGS)), 0) -ifeq ($(words $(SUBREPO)), 0) - $(error Please provide a SUBREPO) -endif -endif - $(eval SUBREPO ?= $(word 1, $(ARGS))) - $(eval REMOTE := subrepo/$(SUBREPO)) - -# target subrepo-git-diff: Check if monorepo is up to date with subrepo -# subrepo-push saves the parent commit in file subrepo/.gitrepo -## it gets parent commit in .gitrepo : awk '$1 == "parent" {print $3}' subrepo/.gitrepo -## it gets child of parent commit : git rev-list --ancestry-path parent..HEAD |tail -n 1 -## it compares child commit with our tree : git diff --quiet child -- subrepo -.PHONY: subrepo-git-diff -subrepo-git-diff: myos-user subrepo-check - $(eval IGNORE_DRYRUN := true) - $(eval DIFF = $(shell git diff --quiet $(shell git rev-list --ancestry-path $(shell awk '$$1 == "parent" {print $$3}' $(SUBREPO)/.gitrepo)..HEAD |tail -n 1) -- $(SUBREPO); printf '$$?\n') ) - $(eval IGNORE_DRYRUN := false) - -# target subrepo-git-fetch: Fetch git remote -.PHONY: subrepo-git-fetch -subrepo-git-fetch: myos-user subrepo-check - $(RUN) git fetch --prune $(REMOTE) - -# target subrepo-tag-create-%: Create tag TAG to reference branch REMOTE/% -.PHONY: subrepo-tag-create-% -subrepo-tag-create-%: myos-user subrepo-check subrepo-git-fetch -ifneq ($(words $(TAG)),0) - [ $$(git ls-remote --tags $(REMOTE) $(TAG) |wc -l) -eq 0 ] \ - || $(call exec,$(RUN) git push $(REMOTE) :refs/tags/$(TAG)) - $(RUN) git push $(REMOTE) refs/remotes/subrepo/$(SUBREPO)/$*:refs/tags/$(TAG) -endif - -# target subrepo-push: Push to subrepo -.PHONY: subrepo-push -subrepo-push: myos-user subrepo-check subrepo-git-fetch subrepo-git-diff -# update .gitrepo only on master branch -ifeq ($(BRANCH),master) - $(eval UPDATE_SUBREPO_OPTIONS += -u) -endif -# if specific branch name, delete remote branch before push and recreate it from master -ifneq ($(findstring $(firstword $(subst /, ,$(BRANCH))),feature hotfix release story),) - $(eval IGNORE_DRYRUN := true) - $(eval DELETE = $(shell sh -c 'git ls-remote --heads $(REMOTE) $(BRANCH) |wc -l') ) - $(eval IGNORE_DRYRUN := false) -else - $(eval DELETE = 0) -endif - if [ $(DIFF) -eq 0 ]; then \ - $(call INFO,subrepo $(SUBREPO) already up to date); \ - else \ - if [ $(DELETE) -eq 1 ]; then \ - $(RUN) git push $(REMOTE) :$(BRANCH); \ - $(RUN) git push $(REMOTE) refs/remotes/$(REMOTE)/master:refs/heads/$(BRANCH); \ - fi; \ - $(RUN) git subrepo fetch $(SUBREPO) -b $(BRANCH); \ - $(RUN) git subrepo push $(SUBREPO) -b $(BRANCH) $(UPDATE_SUBREPO_OPTIONS); \ - $(RUN) git subrepo clean $(SUBREPO); \ - fi - -# target subrepos-branch-delete: Fire APPS target -.PHONY: subrepos-branch-delete -subrepos-branch-delete: $(APPS) ; - -# target subrepos-tag-create-%: Fire APPS target -.PHONY: subrepos-tag-create-% -subrepos-tag-create-%: $(APPS) ; - -# target subrepos-update: Fire APPS target and push updates to upstream -.PHONY: subrepos-update -subrepos-update: myos-user git-stash $(APPS) git-unstash ## Update subrepos - $(RUN) git push upstream $(BRANCH) - -# target subrepo-update-%: Call subrepo-update target in folder % -.PHONY: subrepo-update-% -subrepo-update-%: - $(if $(wildcard $*/Makefile),$(call make,subrepo-update,$*)) diff --git a/make/myos.mk b/make/myos.mk deleted file mode 100644 index 96eb74c..0000000 --- a/make/myos.mk +++ /dev/null @@ -1,7 +0,0 @@ -## -# MYOS - -# target myos-%: Call % target in MYOS folder -.PHONY: myos-% -myos-%: ; - $(call make,$*,$(MYOS)) diff --git a/make/utils.mk b/make/utils.mk deleted file mode 100644 index 0f88b9e..0000000 --- a/make/utils.mk +++ /dev/null @@ -1,136 +0,0 @@ -################################################################################ -# -# This file contains various utility macros and variables used about -# everywhere in make constructs. -# -################################################################################ -# source : https://raw.githubusercontent.com/buildroot/buildroot/master/support/misc/utils.mk - -# Strip quotes and then whitespaces -qstrip = $(strip $(subst ",,$(1))) -#")) - -# Variables for use in Make constructs -comma := , -empty := -space := $(empty) $(empty) - -# make 4.3: -# https://lwn.net/Articles/810071/ -# Number signs (#) appearing inside a macro reference or function invocation -# no longer introduce comments and should not be escaped with backslashes: -# thus a call such as: -# foo := $(shell echo '#') -# is legal. Previously the number sign needed to be escaped, for example: -# foo := $(shell echo '\#') -# Now this latter will resolve to "\#". If you want to write makefiles -# portable to both versions, assign the number sign to a variable: -# H := \# -# foo := $(shell echo '$H') -SHARP_SIGN := \# - -# Case conversion macros. This is inspired by the 'up' macro from gmsl -# (http://gmsl.sf.net). It is optimised very heavily because these macros -# are used a lot. It is about 5 times faster than forking a shell and tr. -# -# The caseconvert-helper creates a definition of the case conversion macro. -# After expansion by the outer $(eval ), the UPPERCASE macro is defined as: -# $(strip $(eval __tmp := $(1)) $(eval __tmp := $(subst a,A,$(__tmp))) ... ) -# In other words, every letter is substituted one by one. -# -# The caseconvert-helper allows us to create this definition out of the -# [FROM] and [TO] lists, so we don't need to write down every substition -# manually. The uses of $ and $$ quoting are chosen in order to do as -# much expansion as possible up-front. -# -# Note that it would be possible to conceive a slightly more optimal -# implementation that avoids the use of __tmp, but that would be even -# more unreadable and is not worth the effort. - -[FROM] := a b c d e f g h i j k l m n o p q r s t u v w x y z - . -[TO] := A B C D E F G H I J K L M N O P Q R S T U V W X Y Z _ _ - -define caseconvert-helper -$(1) = $$(strip \ - $$(eval __tmp := $$(1))\ - $(foreach c, $(2),\ - $$(eval __tmp := $$(subst $(word 1,$(subst :, ,$c)),$(word 2,$(subst :, ,$c)),$$(__tmp))))\ - $$(__tmp)) -endef - -$(eval $(call caseconvert-helper,UPPERCASE,$(join $(addsuffix :,$([FROM])),$([TO])))) -$(eval $(call caseconvert-helper,LOWERCASE,$(join $(addsuffix :,$([TO])),$([FROM])))) - -# Reverse the orders of words in a list. Again, inspired by the gmsl -# 'reverse' macro. -reverse = $(if $(1),$(call reverse,$(wordlist 2,$(words $(1)),$(1))) $(firstword $(1))) - -# Sanitize macro cleans up generic strings so it can be used as a filename -# and in rules. Particularly useful for VCS version strings, that can contain -# slashes, colons (OK in filenames but not in rules), and spaces. -sanitize = $(subst $(space),_,$(subst :,_,$(subst /,_,$(strip $(1))))) -slugify = $(subst $(space),,$(subst :,,$(subst /,,$(subst .,,$(1))))) - -# MESSAGE Macro -- display a message in bold type -MESSAGE = echo "$(TERM_BOLD)>>> $($(PKG)_NAME) $($(PKG)_VERSION) $(call qstrip,$(1))$(TERM_RESET)" -TERM_BOLD := $(shell tput smso 2>/dev/null) -TERM_RESET := $(shell tput rmso 2>/dev/null) - -# Utility functions for 'find' -# findfileclauses(filelist) => -name 'X' -o -name 'Y' -findfileclauses = $(call notfirstword,$(patsubst %,-o -name '%',$(1))) -# finddirclauses(base, dirlist) => -path 'base/dirX' -o -path 'base/dirY' -finddirclauses = $(call notfirstword,$(patsubst %,-o -path '$(1)/%',$(2))) - -# Miscellaneous utility functions -# notfirstword(wordlist): returns all but the first word in wordlist -notfirstword = $(wordlist 2,$(words $(1)),$(1)) - -# build a comma-separated list of quoted items, from a space-separated -# list of unquoted items: a b c d --> "a", "b", "c", "d" -make-comma-list = $(subst $(space),$(comma)$(space),$(patsubst %,"%",$(strip $(1)))) - -# Needed for the foreach loops to loop over the list of hooks, so that -# each hook call is properly separated by a newline. -define sep - - -endef - -PERCENT = % -QUOTE = ' -# ' # Meh... syntax-highlighting - -# This macro properly escapes a command string, then prints it with printf: -# -# - first, backslash '\' are self-escaped, so that they do not escape -# the following char and so that printf properly outputs a backslash; -# -# - next, single quotes are escaped by closing an existing one, adding -# an escaped one, and re-openning a new one (see below for the reason); -# -# - then '%' signs are self-escaped so that the printf does not interpret -# them as a format specifier, in case the variable contains an actual -# printf with a format; -# -# - finally, $(sep) is replaced with the literal '\n' so that make does -# not break on the so-expanded variable, but so that the printf does -# correctly output an LF. -# -# Note: this must be escaped in this order to avoid over-escaping the -# previously escaped elements. -# -# Once everything has been escaped, it is passed between single quotes -# (that's why the single-quotes are escaped they way they are, above, -# and why the dollar sign is not escaped) to printf(1). A trailing -# newline is apended, too. -# Note: Removing the apended trailing newline for custom needs -# -# Note: leading or trailing spaces are *not* stripped. -# -define PRINTF - printf '$(subst $(sep),\n,\ - $(subst $(PERCENT),$(PERCENT)$(PERCENT),\ - $(subst $(QUOTE),$(QUOTE)\$(QUOTE)$(QUOTE),\ - $(subst \,\\,$(1)))))' -endef diff --git a/openstack/.env.dist b/openstack/.env.dist deleted file mode 100644 index 878103c..0000000 --- a/openstack/.env.dist +++ /dev/null @@ -1,6 +0,0 @@ -OS_AUTH_URL= -OS_TENANT_ID= -OS_TENANT_NAME= -OS_USERNAME= -OS_PASSWORD= -OS_REGION_NAME= diff --git a/openstack/def.openstack.mk b/openstack/def.openstack.mk deleted file mode 100644 index 7ffb437..0000000 --- a/openstack/def.openstack.mk +++ /dev/null @@ -1,14 +0,0 @@ -CMDS += openstack -ENV_VARS += OS_AUTH_URL OS_TENANT_ID OS_TENANT_NAME OS_USERNAME OS_PASSWORD OS_REGION_NAME OS_USER_DOMAIN_NAME OS_PROJECT_DOMAIN_NAME -ifneq ($(DEBUG),) -OPENSTACK_ARGS += --debug -endif -ifneq ($(VERBOSE),) -OPENSTACK_ARGS += -v -endif - -# function openstack: Call run openstack with arg 1 -define openstack - $(call INFO,openstack,$(1)) - $(RUN) $(call run,openstack $(1),$(DOCKER_REPOSITORY)/) -endef diff --git a/openstack/openstack.mk b/openstack/openstack.mk deleted file mode 100644 index fd18fd2..0000000 --- a/openstack/openstack.mk +++ /dev/null @@ -1,9 +0,0 @@ -# target openstack: Call openstack ARGS -.PHONY: openstack -openstack: docker-build-openstack - $(call openstack,$(ARGS)) - -# target openstack-image-create: Call openstack image create PACKER_ISO_NAME with file PACKER_ISO_FILE -.PHONY: openstack-image-create -openstack-image-create: $(PACKER_ISO_FILE) docker-build-openstack - $(call openstack,$(OPENSTACK_ARGS) image create --disk-format raw --container-format bare --file $(PACKER_ISO_FILE) "$(PACKER_ISO_NAME)") diff --git a/packer/def.packer.alpine.mk b/packer/def.packer.alpine.mk deleted file mode 100644 index 16e212a..0000000 --- a/packer/def.packer.alpine.mk +++ /dev/null @@ -1,6 +0,0 @@ -PACKER_ALPINE_ARCH ?= x86_64 -PACKER_ALPINE_RELEASE ?= 3.16.2 -PACKER_BUILD_VARS += alpine_arch alpine_release alpine_version -alpine_arch ?= $(PACKER_ALPINE_ARCH) -alpine_release ?= $(PACKER_ALPINE_RELEASE) -alpine_version ?= $(subst $(eval) ,.,$(wordlist 1, 2, $(subst ., ,$(alpine_release)))) diff --git a/packer/def.packer.mk b/packer/def.packer.mk deleted file mode 100644 index 6366bda..0000000 --- a/packer/def.packer.mk +++ /dev/null @@ -1,125 +0,0 @@ -CMDS += packer -DOCKER_RUN_OPTIONS_PACKER ?= -it -p $(PACKER_SSH_PORT):$(PACKER_SSH_PORT) -p $(PACKER_VNC_PORT):$(PACKER_VNC_PORT) -v $(SSH_DIR):$(SSH_DIR) -ENV_VARS += PACKER_CACHE_DIR PACKER_KEY_INTERVAL PACKER_LOG -KVM_GID ?= $(call gid,kvm) -PACKER_ARCH ?= $(PACKER_ALPINE_ARCH) -PACKER_BOOT_WAIT ?= 24s -PACKER_BUILD_ARGS ?= -on-error=cleanup $(foreach var,$(PACKER_BUILD_VARS),$(if $($(var)),-var $(var)='$($(var))')) -PACKER_BUILD_VARS += accelerator boot_wait hostname iso_name iso_size nameserver output password pause_before qemuargs ssh_timeout template username -PACKER_BUILD_VARS += ansible_extra_vars ansible_user ansible_verbose -PACKER_CACHE_DIR ?= build/cache -PACKER_HOSTNAME ?= $(PACKER_TEMPLATE) -PACKER_ISO_DATE ?= $(shell stat -c %y $(PACKER_ISO_FILE) 2>/dev/null) -PACKER_ISO_FILES ?= $(wildcard build/iso/*/*/*.iso) -PACKER_ISO_FILE = $(PACKER_OUTPUT)/$(PACKER_ISO_NAME).iso -PACKER_ISO_INFO = $(PACKER_OUTPUT)/$(PACKER_ISO_NAME).nfo -PACKER_ISO_NAME = $(PACKER_TEMPLATE)-$(PACKER_RELEASE)-$(PACKER_ARCH) -PACKER_ISO_SIZE ?= 1024 -PACKER_KEY_INTERVAL ?= 11ms -PACKER_LOG ?= 1 -PACKER_NAMESERVER ?= 1.1.1.1 -PACKER_OUTPUT ?= build/iso/$(ENV)/$(PACKER_TEMPLATE)/$(PACKER_RELEASE)-$(PACKER_ARCH) -PACKER_PASSWORD ?= $(PACKER_TEMPLATE) -PACKER_PAUSE_BEFORE ?= 24s -PACKER_QEMU_ACCELERATOR ?= kvm -PACKER_QEMU_ARCH ?= $(PACKER_ARCH) -PACKER_QEMU_ARGS ?= -machine type=pc,accel=$(PACKER_QEMU_ACCELERATOR) -device virtio-rng-pci,rng=rng0,bus=pci.0,addr=0x7 -object rng-random,filename=/dev/urandom,id=rng0 -PACKER_RELEASE ?= $(PACKER_ALPINE_RELEASE) -PACKER_SSH_ADDRESS ?= $(if $(ssh_bind_address),$(ssh_bind_address),0.0.0.0) -PACKER_SSH_PORT ?= $(if $(ssh_port_max),$(ssh_port_max),2222) -PACKER_SSH_TIMEOUT ?= 42s -PACKER_TEMPLATES ?= $(wildcard packer/*/*.json packer/*/*.pkr.hcl) -PACKER_TEMPLATE ?= alpine -PACKER_USERNAME ?= root -PACKER_VNC_PORT ?= $(if $(vnc_port_max),$(vnc_port_max),5900) -PACKER_VNC_ADDRESS ?= $(if $(vnc_bind_address),$(vnc_bind_address),0.0.0.0) -ifneq ($(DEBUG),) -PACKER_BUILD_ARGS += -debug -endif -ifeq ($(FORCE), true) -PACKER_BUILD_ARGS += -force -endif -ifeq ($(ENV), local) -PACKER_BUILD_ARGS += -var ssh_port_max=$(PACKER_SSH_PORT) -var vnc_port_max=$(PACKER_VNC_PORT) -var vnc_bind_address=$(PACKER_VNC_ADDRESS) -endif - -accelerator ?= $(PACKER_QEMU_ACCELERATOR) -ansible_extra_vars ?= $(patsubst target=%,target=default,$(ANSIBLE_EXTRA_VARS)) -ansible_user ?= $(PACKER_USERNAME) -ansible_verbose ?= $(ANSIBLE_VERBOSE) -boot_wait ?= $(PACKER_BOOT_WAIT) -hostname ?= $(PACKER_HOSTNAME) -iso_name ?= $(PACKER_ISO_NAME) -iso_size ?= $(PACKER_ISO_SIZE) -nameserver ?= $(PACKER_NAMESERVER) -output ?= $(PACKER_OUTPUT) -password ?= $(PACKER_PASSWORD) -pause_before ?= $(PACKER_PAUSE_BEFORE) -qemuargs ?= $(call arrays_of_dquoted_args, $(PACKER_QEMU_ARGS)) -ssh_timeout ?= $(PACKER_SSH_TIMEOUT) -template ?= $(PACKER_TEMPLATE) -username ?= $(PACKER_USERNAME) - -ifneq ($(filter $(ENV),$(ENV_DEPLOY)),) -ifeq ($(password), $(template)) -password := $(or $(shell pwgen -csy -r\' 64 1 2>/dev/null),$(shell date +%s | shasum -a 256 2>/dev/null | base64 | head -c 64)) -endif -endif - -ifeq ($(SYSTEM),Darwin) -ifneq ($(DOCKER), true) -PACKER_QEMU_ACCELERATOR := hvf -# PACKER_QEMU_ARGS += -cpu Penryn,vendor=GenuineIntel -PACKER_QEMU_ARGS += -cpu host -else -PACKER_QEMU_ACCELERATOR := tcg -PACKER_QEMU_ARGS += -cpu max,vendor=GenuineIntel,vmware-cpuid-freq=on,+invtsc,+aes,+vmx -endif -else ifeq ($(SYSTEM),Linux) -DOCKER_RUN_OPTIONS_PACKER += $(if $(KVM_GID),--group-add $(KVM_GID)) --device /dev/kvm -else ifeq ($(SYSTEM),Windows_NT) -PACKER_QEMU_ACCELERATOR := hax -endif - -# function packer: Call run packer with arg 1 -## it needs an empty local ssh agent (ssh-add -D) -## it needs SSH_PRIVATE_KEYS to get access without password to GIT_REPOSITORY -## it needs AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY when deploying to AWS -define packer - $(RUN) $(call run,packer $(1),$(DOCKER_RUN_OPTIONS_PACKER) $(DOCKER_REPOSITORY)/) -endef -# function packer-qemu: Call run qemu-system-% for PACKER_QEMU_ARCH -define packer-qemu - echo Running $(1) - $(RUN) $(call run,$(if $(DOCKER_RUN),packer,qemu-system-$(PACKER_QEMU_ARCH)) $(PACKER_QEMU_ARGS) -m 512m -drive file=$(1)$(comma)format=raw -net nic$(comma)model=virtio -net user$(comma)hostfwd=tcp:$(PACKER_SSH_ADDRESS):$(PACKER_SSH_PORT)-:22 -vnc $(PACKER_VNC_ADDRESS):$(subst 590,,$(PACKER_VNC_PORT)),$(DOCKER_RUN_OPTIONS_PACKER) --entrypoint=qemu-system-$(PACKER_QEMU_ARCH) $(DOCKER_REPOSITORY)/) -endef - -# function packer-build: Call packer build with arg 1, Add build infos to file PACKER_ISO_INFO -define packer-build - $(eval ANSIBLE_USERNAME := $(PACKER_USERNAME)) - $(eval PACKER_TEMPLATE := $(notdir $(basename $(basename $(1))))) - echo Building $(PACKER_ISO_FILE) - $(call packer,build $(PACKER_BUILD_ARGS) $(1)) - echo 'aws_id: $(ANSIBLE_AWS_ACCESS_KEY_ID)' > $(PACKER_ISO_INFO) - echo 'aws_key: $(ANSIBLE_AWS_SECRET_ACCESS_KEY)' >> $(PACKER_ISO_INFO) - echo 'aws_region: $(ANSIBLE_AWS_DEFAULT_REGION)' >> $(PACKER_ISO_INFO) - echo 'dns: $(nameserver)' >> $(PACKER_ISO_INFO) - echo 'docker_image_tag: $(ANSIBLE_DOCKER_IMAGE_TAG)' >> $(PACKER_ISO_INFO) - echo 'docker_registry: $(ANSIBLE_DOCKER_REGISTRY)' >> $(PACKER_ISO_INFO) - echo 'env: $(ENV)' >> $(PACKER_ISO_INFO) - echo 'file: $(PACKER_ISO_FILE)' >> $(PACKER_ISO_INFO) - echo 'git_branch: $(ANSIBLE_GIT_VERSION)' >> $(PACKER_ISO_INFO) - echo 'git_repository: $(ANSIBLE_GIT_REPOSITORY)' >> $(PACKER_ISO_INFO) - echo 'git_version: $(VERSION)' >> $(PACKER_ISO_INFO) - echo 'host: $(hostname)' >> $(PACKER_ISO_INFO) - echo 'link: s3://$(AWS_S3_BUCKET)/$(AWS_S3_KEY)' >> $(PACKER_ISO_INFO) - echo 'name: $(iso_name)' >> $(PACKER_ISO_INFO) - echo 'nfs_disk: $(ANSIBLE_DISKS_NFS_DISK)' >> $(PACKER_ISO_INFO) - echo 'nfs_path: $(ANSIBLE_DISKS_NFS_PATH)' >> $(PACKER_ISO_INFO) - echo 'pass: $(password)' >> $(PACKER_ISO_INFO) - echo 'size: $(iso_size)' >> $(PACKER_ISO_INFO) - echo 'ssh_key: $(ANSIBLE_SSH_PRIVATE_KEYS)' >> $(PACKER_ISO_INFO) - echo 'user: $(username)' >> $(PACKER_ISO_INFO) -endef - -arrays_of_dquoted_args = [ $(subst $(dquote) $(dquote),$(dquote)$(comma) $(dquote),$(subst $(dquote) $(dquote)-,$(dquote) ]$(comma) [ $(dquote)-,$(patsubst %,$(dquote)%$(dquote),$1))) ] diff --git a/packer/packer.mk b/packer/packer.mk deleted file mode 100644 index cebe446..0000000 --- a/packer/packer.mk +++ /dev/null @@ -1,44 +0,0 @@ -# target packer: Call packer ARGS -.PHONY: packer -packer: - $(call packer,$(ARGS)) - -# target $(PACKER_ISO_FILE): Call packer-build target -$(PACKER_ISO_FILE): - $(eval FORCE := true) - $(call make,packer-build,,FORCE) - -# target packer-build: Fire packer-build-% for PACKER_TEMPLATE -.PHONY: packer-build -packer-build: packer-build-$(PACKER_TEMPLATE) ## Build default packer template - -# target packer-build-templates: Fire PACKER_TEMPLATES -.PHONY: packer-build-templates -packer-build-templates: $(PACKER_TEMPLATES) ## Build all packer templates - -# target $(PACKER_TEMPLATES): Call packer-build $@ -.PHONY: $(PACKER_TEMPLATES) -ifeq ($(SYSTEM),Darwin) -$(PACKER_TEMPLATES): DOCKER ?= false -endif -$(PACKER_TEMPLATES): - $(call packer-build,$@) - -# target packer-build-%: Call packer-build with file packer/*/%.json -.PHONY: packer-build-% -packer-build-%: docker-build-packer - $(if $(wildcard packer/*/$*.json packer/*/$*.pkr.hcl),\ - $(call packer-build,$(firstword $(wildcard packer/*/$*.json packer/*/$*.pkr.hcl)))) - -# target packer-qemu: Fire packer-quemu-% for PACKER_ISO_NAME -.PHONY: packer-qemu -packer-qemu: packer-qemu-$(PACKER_ISO_NAME) ## Launch iso image in qemu - -# target packer-qemu-%: Call packer-qemu PACKER_OUTPUT/%.iso -.PHONY: packer-qemu-% -ifeq ($(SYSTEM),Darwin) -packer-qemu-%: DOCKER ?= false -endif -packer-qemu-%: docker-build-packer ## Run iso image in qemu - $(if $(wildcard $(PACKER_OUTPUT)/$*.iso),\ - $(call packer-qemu,$(wildcard $(PACKER_OUTPUT)/$*.iso))) diff --git a/stack/User.mk b/stack/User.mk deleted file mode 100644 index f6e47db..0000000 --- a/stack/User.mk +++ /dev/null @@ -1,18 +0,0 @@ -CMDS += user-exec user-exec:% user-exec@% user-run user-run:% user-run@% -User ?= User/User - -# target bootstrap-stack-User: Fire docker-network-create -.PHONY: bootstrap-stack-User -bootstrap-stack-User: docker-network-create-$(DOCKER_NETWORK_PRIVATE) - -# target start-stack-User: Fire ssh-add -.PHONY: start-stack-User -start-stack-User: ssh-add - -# target user: Fire start-stack-User if DOCKER_RUN or fire start-stack-User -.PHONY: User user -User user: $(if $(DOCKER_RUN),stack-User-up,start-stack-User) - -# target User-% user-%; Fire target stack-User-% -.PHONY: User-% user-% -User-% user-%: stack-User-%; diff --git a/stack/User/.env.dist b/stack/User/.env.dist deleted file mode 100644 index a1a5832..0000000 --- a/stack/User/.env.dist +++ /dev/null @@ -1,6 +0,0 @@ -USER_MYOS_RC_PROMPT_SET=true -USER_MYOS_RC_PS1_SET=true -USER_MYOS_RC_SCREEN_ATTACH=true -USER_MYOS_RC_SOURCE=/etc/profile.d/rc_functions.sh -USER_MYOS_RC_SSH_ADD=true -USER_MYOS_RC_TMUX_ATTACH=false diff --git a/stack/User/User.yml b/stack/User/User.yml deleted file mode 100644 index 296dcc8..0000000 --- a/stack/User/User.yml +++ /dev/null @@ -1,57 +0,0 @@ -version: '3.6' - -services: - myos: - build: - args: - - DOCKER_BUILD_DIR=docker/myos - - GID=${GID} - - GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} - - GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} - - IPFS_VERSION=${IPFS_VERSION} - - UID=${UID} - - USER=${USER} - - SSH_BASTION_HOSTNAME=${SSH_BASTION_HOSTNAME:-} - - SSH_BASTION_USERNAME=${SSH_BASTION_USERNAME:-} - - SSH_PUBLIC_HOSTS=${SSH_PUBLIC_HOSTS:-} - - SSH_PRIVATE_IP_RANGE=${SSH_PRIVATE_IP_RANGE:-} - context: ../.. - dockerfile: docker/myos/Dockerfile - container_name: ${USER_DOCKER_NAME} - environment: - - ENV=${ENV} - - RC_00_SOURCE=${USER_MYOS_RC_SOURCE} - - RC_01_PS1_SET=${USER_MYOS_RC_PS1_SET} - - RC_02_PROMPT_SET=${USER_MYOS_RC_PROMPT_SET} - - RC_03_SSH_ADD=${USER_MYOS_RC_SSH_ADD} - - RC_04_TMUX_ATTACH=${USER_MYOS_RC_TMUX_ATTACH} - - RC_05_SCREEN_ATTACH=${USER_MYOS_RC_SCREEN_ATTACH} - - SHELL=${DOCKER_SHELL} - image: ${USER_DOCKER_IMAGE} - networks: - - private - restart: always - user: ${UID}:${GID} - volumes: -# - ${HOME}:${HOME}:cached - - monorepo:${MONOREPO_DIR}:cached - - myos:/tmp/ssh-agent -# - /var/run/docker.sock:/var/run/docker.sock - working_dir: ${MONOREPO_DIR} - -volumes: - monorepo: - driver: local - driver_opts: - type: none - device: ${MONOREPO_DIR} - o: bind - name: ${USER_COMPOSE_PROJECT_NAME} - myos: - external: true - name: ${USER_DOCKER_VOLUME} - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/cloud/.env.dist b/stack/cloud/.env.dist deleted file mode 100644 index ad1e320..0000000 --- a/stack/cloud/.env.dist +++ /dev/null @@ -1,5 +0,0 @@ -NEXTCLOUD_MYSQL_DATABASE=${USER}-nextcloud-${ENV} -NEXTCLOUD_MYSQL_HOST=mysql -NEXTCLOUD_MYSQL_PASSWORD=nextcloud -NEXTCLOUD_MYSQL_USER=${USER}-nextcloud-${ENV} -NEXTCLOUD_SERVICE_80_TAGS=urlprefix-nextcloud.${APP_DOMAIN}/ diff --git a/stack/cloud/nextcloud.yml b/stack/cloud/nextcloud.yml deleted file mode 100644 index f4d790e..0000000 --- a/stack/cloud/nextcloud.yml +++ /dev/null @@ -1,33 +0,0 @@ -version: '3.6' - -services: - nextcloud: - image: nextcloud:production-apache - environment: - - MYSQL_DATABASE=${NEXTCLOUD_MYSQL_DATABASE} - - MYSQL_HOST=${NEXTCLOUD_MYSQL_HOST} - - MYSQL_PASSWORD=${NEXTCLOUD_MYSQL_PASSWORD} - - MYSQL_USER=${NEXTCLOUD_MYSQL_USER} - labels: - - SERVICE_80_CHECK_TCP=true - - SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-nextcloud-80 - - SERVICE_80_TAGS=${NEXTCLOUD_SERVICE_80_TAGS} - networks: - - private - - public - ports: - - 80 - volumes: - - nextcloud:/var/www/html - restart: always - -volumes: - nextcloud: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/default.mk b/stack/default.mk deleted file mode 100644 index e7c6d38..0000000 --- a/stack/default.mk +++ /dev/null @@ -1,4 +0,0 @@ -default ?= memcached mysql rabbitmq redis - -# target default: Fire stack-default-up -default: stack-default-up; diff --git a/stack/develop.mk b/stack/develop.mk deleted file mode 100644 index dd2236d..0000000 --- a/stack/develop.mk +++ /dev/null @@ -1 +0,0 @@ -develop ?= redmine diff --git a/stack/drone.mk b/stack/drone.mk deleted file mode 100644 index 36229e1..0000000 --- a/stack/drone.mk +++ /dev/null @@ -1 +0,0 @@ -drone ?= drone/drone drone/drone-runner-docker drone/gc diff --git a/stack/drone/.env.dist b/stack/drone/.env.dist deleted file mode 100644 index e1e740f..0000000 --- a/stack/drone/.env.dist +++ /dev/null @@ -1,9 +0,0 @@ -DRONE_GITHUB_CLIENT_ID=github_client_id -DRONE_GITHUB_CLIENT_SECRET=github_client_secret -DRONE_RPC_SECRET=drone_rpc_secret -DRONE_RUNNER_CAPACITY=1 -DRONE_SERVER_HOST=drone.${APP_DOMAIN} -DRONE_SERVER_PROTO=http -DRONE_SERVER_SERVICE_80_TAGS=urlprefix-${DRONE_SERVER_HOST}/ -DRONE_USER_CREATE=username:gitaccount,admin:true -DRONE_USER_FILTER=gitaccount diff --git a/stack/drone/drone-runner-docker.1.1.yml b/stack/drone/drone-runner-docker.1.1.yml deleted file mode 100644 index 6755427..0000000 --- a/stack/drone/drone-runner-docker.1.1.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone-runner-docker: - image: drone/drone-runner-docker:1.1 diff --git a/stack/drone/drone-runner-docker.1.2.yml b/stack/drone/drone-runner-docker.1.2.yml deleted file mode 100644 index b4e86a0..0000000 --- a/stack/drone/drone-runner-docker.1.2.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone-runner-docker: - image: drone/drone-runner-docker:1.2 diff --git a/stack/drone/drone-runner-docker.1.3.yml b/stack/drone/drone-runner-docker.1.3.yml deleted file mode 100644 index 042812a..0000000 --- a/stack/drone/drone-runner-docker.1.3.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone-runner-docker: - image: drone/drone-runner-docker:1.3 diff --git a/stack/drone/drone-runner-docker.debug.yml b/stack/drone/drone-runner-docker.debug.yml deleted file mode 100644 index a68043e..0000000 --- a/stack/drone/drone-runner-docker.debug.yml +++ /dev/null @@ -1,7 +0,0 @@ -version: '3.6' - -services: - drone-runner-docker: - environment: - - DRONE_DEBUG=true - - DRONE_TRACE=true diff --git a/stack/drone/drone-runner-docker.latest.yml b/stack/drone/drone-runner-docker.latest.yml deleted file mode 100644 index 0a129a9..0000000 --- a/stack/drone/drone-runner-docker.latest.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone-runner-docker: - image: drone/drone-runner-docker:latest diff --git a/stack/drone/drone-runner-docker.yml b/stack/drone/drone-runner-docker.yml deleted file mode 100644 index a1f8c91..0000000 --- a/stack/drone/drone-runner-docker.yml +++ /dev/null @@ -1,24 +0,0 @@ -version: '3.6' - -services: - drone-runner-docker: - depends_on: - - drone - environment: - - DRONE_RPC_SECRET=${DRONE_RPC_SECRET} - - DRONE_RPC_HOST=drone - - DRONE_RPC_PROTO=http - - DRONE_RUNNER_CAPACITY=${DRONE_RUNNER_CAPACITY} - - DRONE_RUNNER_NAME=${HOSTNAME} - labels: - - SERVICE_3000_IGNORE=true - networks: - - private - restart: always - volumes: - - /var/run/docker.sock:/var/run/docker.sock - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/drone/drone.1.6.yml b/stack/drone/drone.1.6.yml deleted file mode 100644 index 6a53c0e..0000000 --- a/stack/drone/drone.1.6.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone: - image: drone/drone:1.6 diff --git a/stack/drone/drone.1.7.yml b/stack/drone/drone.1.7.yml deleted file mode 100644 index 002f260..0000000 --- a/stack/drone/drone.1.7.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone: - image: drone/drone:1.7 diff --git a/stack/drone/drone.debug b/stack/drone/drone.debug deleted file mode 100644 index b9b7616..0000000 --- a/stack/drone/drone.debug +++ /dev/null @@ -1,7 +0,0 @@ -version: '3.6' - -services: - drone: - environment: - - DRONE_LOGS_DEBUG=true - - DRONE_LOGS_TRACE=true diff --git a/stack/drone/drone.latest.yml b/stack/drone/drone.latest.yml deleted file mode 100644 index 95c9dc4..0000000 --- a/stack/drone/drone.latest.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone: - image: drone/drone:latest diff --git a/stack/drone/drone.yml b/stack/drone/drone.yml deleted file mode 100644 index e596318..0000000 --- a/stack/drone/drone.yml +++ /dev/null @@ -1,43 +0,0 @@ -version: '3.6' - -services: - drone: - environment: - - DRONE_GIT_ALWAYS_AUTH=false - - DRONE_GITHUB_SERVER=https://github.com - - DRONE_GITHUB_CLIENT_ID=${DRONE_GITHUB_CLIENT_ID} - - DRONE_GITHUB_CLIENT_SECRET=${DRONE_GITHUB_CLIENT_SECRET} - - DRONE_LOGS_COLOR=true - - DRONE_LOGS_PRETTY=true - - DRONE_PROMETHEUS_ANONYMOUS_ACCESS=true - - DRONE_RPC_SECRET=${DRONE_RPC_SECRET} - - DRONE_SERVER_HOST=${DRONE_SERVER_HOST} - - DRONE_SERVER_PROTO=${DRONE_SERVER_PROTO} - - DRONE_TLS_AUTOCERT=true - - DRONE_USER_CREATE=${DRONE_USER_CREATE} - - DRONE_USER_FILTER=${DRONE_USER_FILTER} - labels: - - SERVICE_80_CHECK_TCP=true - - SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-drone-80 - - SERVICE_80_TAGS=${DRONE_SERVER_SERVICE_80_TAGS} - - SERVICE_443_IGNORE=true - networks: - - private - - public - ports: - - 80 - - 443 - restart: always - volumes: - - drone:/data - -volumes: - drone: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/drone/gc.1.0.yml b/stack/drone/gc.1.0.yml deleted file mode 100644 index b9749c9..0000000 --- a/stack/drone/gc.1.0.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone-gc: - image: drone/gc:1.0 diff --git a/stack/drone/gc.debug.yml b/stack/drone/gc.debug.yml deleted file mode 100644 index e156096..0000000 --- a/stack/drone/gc.debug.yml +++ /dev/null @@ -1,8 +0,0 @@ -version: '3.6' - -services: - drone-gc: - environment: - - GC_DEBUG=true - - GC_DEBUG_COLOR=true - - GC_DEBUG_PRETTY=true diff --git a/stack/drone/gc.latest.yml b/stack/drone/gc.latest.yml deleted file mode 100644 index b9b6c67..0000000 --- a/stack/drone/gc.latest.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - drone-gc: - image: drone/gc:latest diff --git a/stack/drone/gc.yml b/stack/drone/gc.yml deleted file mode 100644 index 2d13411..0000000 --- a/stack/drone/gc.yml +++ /dev/null @@ -1,18 +0,0 @@ -version: '3.6' - -services: - drone-gc: - image: drone/gc:latest - environment: - - GC_CACHE=20gb - - GC_INTERVAL=5m - networks: - - private - restart: always - volumes: - - /var/run/docker.sock:/var/run/docker.sock - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/elastic.mk b/stack/elastic.mk deleted file mode 100644 index 1b4a0b0..0000000 --- a/stack/elastic.mk +++ /dev/null @@ -1,11 +0,0 @@ -ELASTICSEARCH_HOST ?= elasticsearch -ELASTICSEARCH_PORT ?= 9200 -ELASTICSEARCH_PROTOCOL ?= http -ENV_VARS += ELASTICSEARCH_HOST ELASTICSEARCH_PASSWORD ELASTICSEARCH_PORT ELASTICSEARCH_PROTOCOL ELASTICSEARCH_USERNAME - -elastic ?= elastic/curator elastic/elasticsearch elastic/kibana - -# target elasticsearch-delete-%: delete elasticsearch index % -.PHONY: elasticsearch-delete-% -elasticsearch-delete-%: - docker ps |awk '$$NF ~ /myos_$(ENV)_elasticsearch/' |sed 's/^.*:\([0-9]*\)->9200\/tcp.*$$/\1/' |while read port; do echo -e "DELETE /$* HTTP/1.0\n\n" |nc localhost $$port; done diff --git a/stack/elastic/.env.dist b/stack/elastic/.env.dist deleted file mode 100644 index 389fb72..0000000 --- a/stack/elastic/.env.dist +++ /dev/null @@ -1,11 +0,0 @@ -APM_SERVER_SERVICE_8200_TAGS=urlprefix-apm.${APP_DOMAIN}/ -CURATOR_LOGFORMAT=default -CURATOR_LOGLEVEL=INFO -CURATOR_MASTER_ONLY=False -CURATOR_TIMEOUT=30 -CURATOR_USE_SSL=False -ELASTICSEARCH_HOST=elasticsearch -ELASTICSEARCH_PORT=9200 -ELASTICSEARCH_PROTOCOL=http -ELASTICSEARCH_SERVICE_9200_TAGS=urlprefix-elasticsearch.${APP_DOMAIN}/ -KIBANA_SERVICE_5601_TAGS=urlprefix-kibana.${APP_DOMAIN}/ diff --git a/stack/elastic/apm-server-oss.yml b/stack/elastic/apm-server-oss.yml deleted file mode 100644 index 9f83b18..0000000 --- a/stack/elastic/apm-server-oss.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: '3.6' - -services: - apm-server-oss: - build: - args: - - DOCKER_BUILD_DIR=docker/elastic/apm-server-oss - context: ../.. - dockerfile: docker/elastic/apm-server-oss/Dockerfile - image: ${DOCKER_REPOSITORY}/apm-server-oss:${DOCKER_IMAGE_TAG} - command: -c apm-server.yml --strict.perms=false -e -E output.elasticsearch.hosts=["${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}"] -E output.elasticsearch.protocol=${ELASTICSEARCH_PROTOCOL} -E output.elasticsearch.username=${ELASTICSEARCH_USERNAME} -E output.elasticsearch.password=${ELASTICSEARCH_PASSWORD} -E apm-server.register.ingest.pipeline.enabled=false - labels: - - SERVICE_8200_CHECK_HTTP=/ - - SERVICE_8200_NAME=${COMPOSE_SERVICE_NAME}-apm-server-oss-8200 - - SERVICE_8200_TAGS=${APM_SERVER_SERVICE_8200_TAGS} - networks: - - private - - public - ports: - - 8200 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/elastic/apm-server.yml b/stack/elastic/apm-server.yml deleted file mode 100644 index 0e374ac..0000000 --- a/stack/elastic/apm-server.yml +++ /dev/null @@ -1,27 +0,0 @@ -version: '3.6' - -services: - apm-server: - image: docker.elastic.co/apm/apm-server:7.4.2 - command: -c apm-server.yml --strict.perms=false -e -E output.elasticsearch.hosts=["${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}"] -E output.elasticsearch.protocol=${ELASTICSEARCH_PROTOCOL} -E output.elasticsearch.username=${ELASTICSEARCH_USERNAME} -E output.elasticsearch.password=${ELASTICSEARCH_PASSWORD} - labels: - - SERVICE_8200_CHECK_HTTP=/ - - SERVICE_8200_NAME=${COMPOSE_SERVICE_NAME}-apm-server-8200 - - SERVICE_8200_TAGS=${APM_SERVER_SERVICE_8200_TAGS} - networks: - private: - aliases: - - apm.${DOCKER_NETWORK_PRIVATE} - - apm.elastic.${DOCKER_NETWORK_PRIVATE} - public: - ports: - - 8200 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/elastic/curator.local.yml b/stack/elastic/curator.local.yml deleted file mode 100644 index 26eac5c..0000000 --- a/stack/elastic/curator.local.yml +++ /dev/null @@ -1,6 +0,0 @@ -version: '3.6' - -services: - curator: - depends_on: - - elasticsearch diff --git a/stack/elastic/curator.yml b/stack/elastic/curator.yml deleted file mode 100644 index 645639f..0000000 --- a/stack/elastic/curator.yml +++ /dev/null @@ -1,26 +0,0 @@ -version: '3.6' - -services: - curator: - build: - args: - - DOCKER_BUILD_DIR=docker/elastic/curator - context: ../.. - dockerfile: docker/elastic/curator/Dockerfile - environment: - - DEPLOY=${DEPLOY} - - HOSTS=${ELASTICSEARCH_PROTOCOL}://${ELASTICSEARCH_HOST} - - LOGFORMAT=${CURATOR_LOGFORMAT} - - LOGLEVEL=${CURATOR_LOGLEVEL} - - MASTER_ONLY=${CURATOR_MASTER_ONLY} - - PORT=${ELASTICSEARCH_PORT} - - TIMEOUT=${CURATOR_TIMEOUT} - - USE_SSL=${CURATOR_USE_SSL} - networks: - - private - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/elastic/elasticsearch.5.3.yml b/stack/elastic/elasticsearch.5.3.yml deleted file mode 100644 index c549f78..0000000 --- a/stack/elastic/elasticsearch.5.3.yml +++ /dev/null @@ -1,7 +0,0 @@ -version: '3.6' - -services: - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:5.3.3 - environment: - - discovery.zen.minimum_master_nodes=1 diff --git a/stack/elastic/elasticsearch.7.4.yml b/stack/elastic/elasticsearch.7.4.yml deleted file mode 100644 index d5a6455..0000000 --- a/stack/elastic/elasticsearch.7.4.yml +++ /dev/null @@ -1,7 +0,0 @@ -version: '3.6' - -services: - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:7.4.2 - environment: - - node.data=true diff --git a/stack/elastic/elasticsearch.latest.yml b/stack/elastic/elasticsearch.latest.yml deleted file mode 100644 index a934d65..0000000 --- a/stack/elastic/elasticsearch.latest.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:7.6.2 diff --git a/stack/elastic/elasticsearch.local.7.4.yml b/stack/elastic/elasticsearch.local.7.4.yml deleted file mode 100644 index 77f3c6b..0000000 --- a/stack/elastic/elasticsearch.local.7.4.yml +++ /dev/null @@ -1,7 +0,0 @@ -version: '3.6' - -services: - elasticsearch: - environment: - - discovery.type=single-node - diff --git a/stack/elastic/elasticsearch.yml b/stack/elastic/elasticsearch.yml deleted file mode 100644 index 679b149..0000000 --- a/stack/elastic/elasticsearch.yml +++ /dev/null @@ -1,47 +0,0 @@ -version: '3.6' - -services: - elasticsearch: - environment: - - ES_JAVA_OPTS=-Xmx1024m -Xms1024m - - xpack.security.enabled=false - - xpack.monitoring.enabled=false - - xpack.graph.enabled=false - - xpack.watcher.enabled=false - - cluster.name=elasticsearch-${ENV} - - network.host=0.0.0.0 - - http.cors.enabled=true - - http.cors.allow-credentials=true - - http.cors.allow-methods=OPTIONS,HEAD,GET,POST,PUT,DELETE - - http.cors.max-age=0 - - http.cors.allow-origin=* - - http.cors.allow-headers=X-Requested-With,X-Auth-Token,Content-Type,Content-Length - labels: - - SERVICE_9200_CHECK_HTTP=/ - - SERVICE_9200_NAME=${COMPOSE_SERVICE_NAME}-elasticsearch-9200 - - SERVICE_9200_TAGS=${ELASTICSEARCH_SERVICE_9200_TAGS} - - SERVICE_9300_CHECK_TCP=true - - SERVICE_9300_NAME=${COMPOSE_SERVICE_NAME}-elasticsearch-9300 - networks: - - private - - public - ports: - - 9200 - - 9300 - ulimits: - nofile: - soft: 65536 - hard: 65536 - volumes: - - elasticsearch:/usr/share/elasticsearch/data - restart: always -volumes: - elasticsearch: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/elastic/kibana-oss.7.4.yml b/stack/elastic/kibana-oss.7.4.yml deleted file mode 100644 index 5c64b56..0000000 --- a/stack/elastic/kibana-oss.7.4.yml +++ /dev/null @@ -1,9 +0,0 @@ -version: '3.6' - -services: - kibana-oss: - image: docker.elastic.co/kibana/kibana-oss:7.4.2 - environment: - - ELASTICSEARCH_HOSTS="${ELASTICSEARCH_PROTOCOL}://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}" - - KIBANA_INDEX=.kibana-oss.${ENV} - - SERVER_NAME=kibana.${APP_DOMAIN} diff --git a/stack/elastic/kibana-oss.latest.yml b/stack/elastic/kibana-oss.latest.yml deleted file mode 100644 index 6e82429..0000000 --- a/stack/elastic/kibana-oss.latest.yml +++ /dev/null @@ -1,9 +0,0 @@ -version: '3.6' - -services: - kibana-oss: - image: docker.elastic.co/kibana/kibana-oss:7.7.1 - environment: - - ELASTICSEARCH_HOSTS="${ELASTICSEARCH_PROTOCOL}://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}" - - KIBANA_INDEX=.kibana-oss.${ENV} - - SERVER_NAME=kibana.${APP_DOMAIN} diff --git a/stack/elastic/kibana-oss.local.yml b/stack/elastic/kibana-oss.local.yml deleted file mode 100644 index 050cb29..0000000 --- a/stack/elastic/kibana-oss.local.yml +++ /dev/null @@ -1,6 +0,0 @@ -version: '3.6' - -services: - kibana-oss: - depends_on: - - elasticsearch diff --git a/stack/elastic/kibana-oss.yml b/stack/elastic/kibana-oss.yml deleted file mode 100644 index f29f32e..0000000 --- a/stack/elastic/kibana-oss.yml +++ /dev/null @@ -1,22 +0,0 @@ -version: '3.6' - -services: - kibana-oss: - labels: - - SERVICE_5601_CHECK_HTTP=/app/kibana - - SERVICE_5601_NAME=${COMPOSE_SERVICE_NAME}-kibana-oss-5601 - - SERVICE_5601_TAGS=${KIBANA_SERVICE_5601_TAGS} - networks: - - private - - public - ports: - - 5601 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/elastic/kibana.5.3.yml b/stack/elastic/kibana.5.3.yml deleted file mode 100644 index b502e6b..0000000 --- a/stack/elastic/kibana.5.3.yml +++ /dev/null @@ -1,7 +0,0 @@ -version: '3.6' - -services: - kibana: - image: docker.elastic.co/kibana/kibana:5.3.3 - environment: - - ELASTICSEARCH_URL="${ELASTICSEARCH_PROTOCOL}://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}" diff --git a/stack/elastic/kibana.7.4.yml b/stack/elastic/kibana.7.4.yml deleted file mode 100644 index 7bfc310..0000000 --- a/stack/elastic/kibana.7.4.yml +++ /dev/null @@ -1,9 +0,0 @@ -version: '3.6' - -services: - kibana: - image: docker.elastic.co/kibana/kibana:7.4.2 - environment: - - ELASTICSEARCH_HOSTS="${ELASTICSEARCH_PROTOCOL}://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}" - - KIBANA_INDEX=.kibana.${ENV} - - SERVER_NAME=kibana.${APP_DOMAIN} diff --git a/stack/elastic/kibana.latest.yml b/stack/elastic/kibana.latest.yml deleted file mode 100644 index a3c4a34..0000000 --- a/stack/elastic/kibana.latest.yml +++ /dev/null @@ -1,9 +0,0 @@ -version: '3.6' - -services: - kibana: - image: docker.elastic.co/kibana/kibana:7.7.1 - environment: - - ELASTICSEARCH_HOSTS="${ELASTICSEARCH_PROTOCOL}://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT}" - - KIBANA_INDEX=.kibana.${ENV} - - SERVER_NAME=kibana.${APP_DOMAIN} diff --git a/stack/elastic/kibana.local.yml b/stack/elastic/kibana.local.yml deleted file mode 100644 index 4580959..0000000 --- a/stack/elastic/kibana.local.yml +++ /dev/null @@ -1,6 +0,0 @@ -version: '3.6' - -services: - kibana: - depends_on: - - elasticsearch diff --git a/stack/elastic/kibana.yml b/stack/elastic/kibana.yml deleted file mode 100644 index a2ec2f9..0000000 --- a/stack/elastic/kibana.yml +++ /dev/null @@ -1,22 +0,0 @@ -version: '3.6' - -services: - kibana: - labels: - - SERVICE_5601_CHECK_HTTP=/app/kibana - - SERVICE_5601_NAME=${COMPOSE_SERVICE_NAME}-kibana-5601 - - SERVICE_5601_TAGS=${KIBANA_SERVICE_5601_TAGS} - networks: - - private - - public - ports: - - 5601 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/grafana/.env.dist b/stack/grafana/.env.dist deleted file mode 100644 index 34d9f24..0000000 --- a/stack/grafana/.env.dist +++ /dev/null @@ -1,6 +0,0 @@ -GRAFANA_AWS_ACCESS_KEY=${AWS_ACCESS_KEY_ID} -GRAFANA_AWS_SECRET_KEY=${AWS_SECRET_ACCESS_KEY} -GRAFANA_MYSQL_DB=grafana -GRAFANA_MYSQL_PASSWORD=grafana -GRAFANA_MYSQL_USER=grafana -GRAFANA_SERVICE_3000_TAGS=urlprefix-grafana.${APP_DOMAIN}/ diff --git a/stack/grafana/grafana.yml b/stack/grafana/grafana.yml deleted file mode 100644 index c791a79..0000000 --- a/stack/grafana/grafana.yml +++ /dev/null @@ -1,40 +0,0 @@ -version: '3.6' - -services: - grafana: - build: - args: - - AWS_ACCESS_KEY=${GRAFANA_AWS_ACCESS_KEY} - - AWS_SECRET_KEY=${GRAFANA_AWS_SECRET_KEY} - - DOCKER_BUILD_DIR=docker/grafana - - MYSQL_GRAFANA_DB=${GRAFANA_MYSQL_DB} - - MYSQL_GRAFANA_PASSWORD=${GRAFANA_MYSQL_PASSWORD} - - MYSQL_GRAFANA_USER=${GRAFANA_MYSQL_USER} - context: ../.. - dockerfile: docker/grafana/Dockerfile - environment: - - GF_INSTALL_PLUGINS=grafana-clock-panel,grafana-simple-json-datasource - image: ${DOCKER_REPOSITORY}/grafana:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_3000_CHECK_TCP=true - - SERVICE_3000_NAME=${COMPOSE_SERVICE_NAME}-grafana-3000 - - SERVICE_3000_TAGS=${GRAFANA_SERVICE_3000_TAGS} - networks: - - private - - public - ports: - - 3000 - restart: always - volumes: - - grafana:/var/lib/grafana - -volumes: - grafana: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/ipfs.mk b/stack/ipfs.mk deleted file mode 100644 index ad25b78..0000000 --- a/stack/ipfs.mk +++ /dev/null @@ -1,9 +0,0 @@ -ENV_VARS += IPFS_DAEMON_ARGS IPFS_PROFILE IPFS_VERSION -IPFS_PROFILE ?= $(if $(filter-out amd64 x86_64,$(MACHINE)),lowpower,server) -IPFS_VERSION ?= 0.16.0 - -.PHONY: bootstrap-stack-ipfs -bootstrap-stack-ipfs: ~/.ipfs setup-sysctl - -~/.ipfs: - mkdir -p ~/.ipfs diff --git a/stack/ipfs/.env.dist b/stack/ipfs/.env.dist deleted file mode 100644 index ad4d9ca..0000000 --- a/stack/ipfs/.env.dist +++ /dev/null @@ -1,10 +0,0 @@ -IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PRIVATE} -IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0 -IPFS_DAEMON_ARGS=--enable-gc --migrate -IPFS_IPNS_USEPUBSUB=true -IPFS_LOGGING=error -IPFS_PUBSUB_ENABLE=true -IPFS_PUBSUB_ROUTER=gossipsub -IPFS_ROUTING_TYPE=dht -IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme -IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${APP_DOMAIN}/ diff --git a/stack/ipfs/ipfs.yml b/stack/ipfs/ipfs.yml deleted file mode 100644 index 3e8807d..0000000 --- a/stack/ipfs/ipfs.yml +++ /dev/null @@ -1,96 +0,0 @@ -version: '3.6' - -services: - ipfs: - build: - args: - - DOCKER_BUILD_DIR=docker/ipfs - - IPFS_VERSION=${IPFS_VERSION} - - UID=${UID} - context: ../.. - dockerfile: docker/ipfs/Dockerfile - command: daemon --agent-version-suffix=${COMPOSE_PROJECT_NAME} ${IPFS_DAEMON_ARGS} - cpus: 0.5 - environment: - - IPFS_ADDRESSES_API=${IPFS_ADDRESSES_API:-} - - IPFS_ADDRESSES_API_DOMAIN=${IPFS_ADDRESSES_API_DOMAIN:-} - - IPFS_ADDRESSES_API_INET4=${IPFS_ADDRESSES_API_INET4:-} - - IPFS_ADDRESSES_API_PORT=${IPFS_ADDRESSES_API_PORT:-} - - IPFS_ADDRESSES_GATEWAY=${IPFS_ADDRESSES_GATEWAY:-} - - IPFS_ADDRESSES_GATEWAY_DOMAIN=${IPFS_ADDRESSES_GATEWAY_DOMAIN:-} - - IPFS_ADDRESSES_GATEWAY_INET4=${IPFS_ADDRESSES_GATEWAY_INET4:-} - - IPFS_ADDRESSES_GATEWAY_PORT=${IPFS_ADDRESSES_GATEWAY_PORT:-} - - IPFS_ADDRESSES_NOANNOUNCE=${IPFS_ADDRESSES_NOANNOUNCE:-} - - IPFS_API_HTTPHEADERS=${IPFS_API_HTTPHEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-} - - IPFS_API_HTTPHEADERS_ACA_HEADERS=${IPFS_API_HTTPHEADERS_ACA_HEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_METHODS=${IPFS_API_HTTPHEADERS_ACA_METHODS:-} - - IPFS_API_HTTPHEADERS_ACA_ORIGIN=${IPFS_API_HTTPHEADERS_ACA_ORIGIN:-} - - IPFS_BOOTSTRAP=${IPFS_BOOTSTRAP:-} - - IPFS_DATASTORE_GCPERIOD=${IPFS_DATASTORE_GCPERIOD:-} - - IPFS_DISK_USAGE_PERCENT=${IPFS_DISK_USAGE_PERCENT:-} - - IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT:-} - - IPFS_EXPERIMENTAL_FILESTOREENABLED=${IPFS_EXPERIMENTAL_FILESTOREENABLED:-} - - IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${IPFS_EXPERIMENTAL_GRAPHSYNCENABLED:-} - - IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING:-} - - IPFS_EXPERIMENTAL_P2PHTTPPROXY=${IPFS_EXPERIMENTAL_P2PHTTPPROXY:-} - - IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${IPFS_EXPERIMENTAL_STRATEGICPROVIDING:-} - - IPFS_EXPERIMENTAL_URLSTOREENABLED=${IPFS_EXPERIMENTAL_URLSTOREENABLED:-} - - IPFS_IPNS_REPUBLISHPERIOD=${IPFS_IPNS_REPUBLISHPERIOD:-} - - IPFS_IPNS_RECORDLIFETIME=${IPFS_IPNS_RECORDLIFETIME:-} - - IPFS_IPNS_USEPUBSUB=${IPFS_IPNS_USEPUBSUB:-} - - IPFS_LOGGING=${IPFS_LOGGING:-} - - IPFS_PROFILE=${IPFS_PROFILE:-} - - IPFS_PUBSUB_ENABLE=${IPFS_PUBSUB_ENABLE:-} - - IPFS_PUBSUB_ROUTER=${IPFS_PUBSUB_ROUTER:-} - - IPFS_ROUTING_TYPE=${IPFS_ROUTING_TYPE:-} - - IPFS_REPROVIDER_INTERVAL=${IPFS_REPROVIDER_INTERVAL:-} - - IPFS_REPROVIDER_STRATEGY=${IPFS_REPROVIDER_STRATEGY:-} - - IPFS_SWARM_CONNMGR_HIGHWATER=${IPFS_SWARM_CONNMGR_HIGHWATER:-} - - IPFS_SWARM_CONNMGR_LOWWATER=${IPFS_SWARM_CONNMGR_LOWWATER:-} - - IPFS_SWARM_CONNMGR_TYPE=${IPFS_SWARM_CONNMGR_TYPE:-} - - IPFS_SWARM_DISABLENATPORTMAP=${IPFS_SWARM_DISABLENATPORTMAP:-} - - IPFS_SWARM_ENABLEHOLEPUNCHING=${IPFS_SWARM_ENABLEHOLEPUNCHING:-} - - IPFS_SWARM_RELAYCLIENT_ENABLED=${IPFS_SWARM_RELAYCLIENT_ENABLED:-} - - IPFS_SWARM_RELAYSERVICE_ENABLED=${IPFS_SWARM_RELAYSERVICE_ENABLED:-} - - IPFS_SWARM_TRANSPORTS_NETWORK_RELAY=${IPFS_SWARM_TRANSPORTS_NETWORK_RELAY:-} - image: ${DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_4001_CHECK_TCP=true - - SERVICE_4001_NAME=${COMPOSE_SERVICE_NAME}-ipfs-4001 - - SERVICE_5001_NAME=${COMPOSE_SERVICE_NAME}-ipfs-5001 - - SERVICE_8080_CHECK_HTTP=${IPFS_SERVICE_8080_CHECK_TCP} - - SERVICE_8080_NAME=${COMPOSE_SERVICE_NAME}-ipfs-8080 - - SERVICE_8080_TAGS=${IPFS_SERVICE_8080_TAGS} - - SERVICE_8081_IGNORE=true - networks: - - private - - public - ports: - - 4001/tcp - - 4001/udp - - 5001/tcp - - 8080/tcp - restart: always - ulimits: - nofile: - soft: 65536 - hard: 65536 - volumes: - - ipfs:/data/ipfs:delegated - -volumes: - ipfs: - driver: local - driver_opts: - type: none - device: ${HOME}/.ipfs - o: bind - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/logs.mk b/stack/logs.mk deleted file mode 100644 index 0140657..0000000 --- a/stack/logs.mk +++ /dev/null @@ -1,6 +0,0 @@ -logs ?= sematext/logagent - -# target app-build-logagent: Exec 'rm -Rf /root/.npm /log-buffer/*' in docker SERVICE -.PHONY: app-build-logagent -app-build-logagent: - $(call docker-compose-exec-sh,logagent,rm -Rf /root/.npm /log-buffer/*) diff --git a/stack/memcached/memcached.yml b/stack/memcached/memcached.yml deleted file mode 100644 index 850e4dc..0000000 --- a/stack/memcached/memcached.yml +++ /dev/null @@ -1,18 +0,0 @@ -version: '3.6' - -services: - memcached: - image: memcached:alpine - labels: - - SERVICE_11211_CHECK_TCP=true - - SERVICE_11211_NAME=${COMPOSE_SERVICE_NAME}-memcached-11211 - networks: - - private - ports: - - 11211 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/monitoring.mk b/stack/monitoring.mk deleted file mode 100644 index ddc3892..0000000 --- a/stack/monitoring.mk +++ /dev/null @@ -1 +0,0 @@ -monitoring ?= grafana prometheus/alertmanager prometheus/blackbox-exporter prometheus/es-exporter prometheus/prometheus diff --git a/stack/mysql/.env.dist b/stack/mysql/.env.dist deleted file mode 100644 index 4b04ea2..0000000 --- a/stack/mysql/.env.dist +++ /dev/null @@ -1 +0,0 @@ -MYSQL_ROOT_PASSWORD=root diff --git a/stack/mysql/mysql.5.6.yml b/stack/mysql/mysql.5.6.yml deleted file mode 100644 index fe6bba9..0000000 --- a/stack/mysql/mysql.5.6.yml +++ /dev/null @@ -1,10 +0,0 @@ -version: '3.6' - -services: - mysql: - build: - args: - - DOCKER_BUILD_DIR=docker/mysql/5.6 - context: ../.. - dockerfile: docker/mysql/5.6/Dockerfile - image: ${DOCKER_REPOSITORY}/mysql:${DOCKER_IMAGE_TAG} diff --git a/stack/mysql/mysql.dev.yml b/stack/mysql/mysql.dev.yml deleted file mode 100644 index 3ec43b6..0000000 --- a/stack/mysql/mysql.dev.yml +++ /dev/null @@ -1,6 +0,0 @@ -version: '3.6' - -services: - mysql: - ports: - - 3303:3306 diff --git a/stack/mysql/mysql.latest.yml b/stack/mysql/mysql.latest.yml deleted file mode 100644 index 94f6a2b..0000000 --- a/stack/mysql/mysql.latest.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - mysql: - image: mysql:latest diff --git a/stack/mysql/mysql.local.yml b/stack/mysql/mysql.local.yml deleted file mode 100644 index 288e361..0000000 --- a/stack/mysql/mysql.local.yml +++ /dev/null @@ -1,6 +0,0 @@ -version: '3.6' - -services: - mysql: - ports: - - 3306:3306 diff --git a/stack/mysql/mysql.yml b/stack/mysql/mysql.yml deleted file mode 100644 index c902a4f..0000000 --- a/stack/mysql/mysql.yml +++ /dev/null @@ -1,24 +0,0 @@ -version: '3.6' - -services: - mysql: - environment: - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - labels: - - SERVICE_3306_NAME=${COMPOSE_SERVICE_NAME}-mysql-3306 - - SERVICE_CHECK_SCRIPT=docker-healthcheck $$SERVICE_IP - networks: - - private - ports: - - 3306 - volumes: - - mysql:/var/lib/mysql - restart: always - -volumes: - mysql: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/newrelic.mk b/stack/newrelic.mk deleted file mode 100644 index 033ed4d..0000000 --- a/stack/newrelic.mk +++ /dev/null @@ -1 +0,0 @@ -newrelic ?= newrelic/php-daemon diff --git a/stack/newrelic/php-daemon.yml b/stack/newrelic/php-daemon.yml deleted file mode 100644 index e1ffef3..0000000 --- a/stack/newrelic/php-daemon.yml +++ /dev/null @@ -1,19 +0,0 @@ -version: '3.6' - -services: - php-daemon: - image: newrelic/php-daemon:latest - # command: "/usr/bin/newrelic-daemon --loglevel debug" - labels: - - SERVICE_31339_CHECK_TCP=true - - SERVICE_31339_NAME=${COMPOSE_SERVICE_NAME}-php-daemon-31339 - networks: - - private - ports: - - 31339 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/nginx/.env.dist b/stack/nginx/.env.dist deleted file mode 100644 index 5c74d96..0000000 --- a/stack/nginx/.env.dist +++ /dev/null @@ -1 +0,0 @@ -STATIC_SERVICE_80_TAGS=urlprefix-static.${APP_DOMAIN}/ diff --git a/stack/nginx/static.yml b/stack/nginx/static.yml deleted file mode 100644 index 888d920..0000000 --- a/stack/nginx/static.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: '3.6' - -services: - static: - image: nginx:alpine - command: /bin/sh -c "grep autoindex /etc/nginx/conf.d/default.conf >/dev/null 2>&1 || sed -i 's|index index.html index.htm;|index index.html index.htm;\n autoindex on;|' /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'" - labels: - - SERVICE_80_CHECK_TCP=true - - SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-nginx-80 - - SERVICE_80_TAGS=${STATIC_SERVICE_80_TAGS} - networks: - - private - - public - ports: - - 80 - restart: always - volumes: - - static:/usr/share/nginx/html:ro - -volumes: - static: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/node.mk b/stack/node.mk deleted file mode 100644 index 7769663..0000000 --- a/stack/node.mk +++ /dev/null @@ -1,95 +0,0 @@ -CMDS += node-exec stack-node-exec node-exec:% node-exec@% node-run node-run:% node-run@% -node ?= node/node -ENV_VARS += DOCKER_HOST_IFACE DOCKER_HOST_INET4 DOCKER_INTERNAL_DOCKER_HOST -SETUP_LETSENCRYPT ?= - -# target bootstrap-stack-node: Fire node-certbot node-ssl-certs -.PHONY: bootstrap-stack-node -bootstrap-stack-node: docker-network-create-$(DOCKER_NETWORK_PUBLIC) $(if $(SETUP_LETSENCRYPT),node-certbot$(if $(DEBUG),-staging)) node-ssl-certs - -# target node: Fire stack-node-up -.PHONY: node -node: stack-node-up - -# target node-%; Fire target stack-node-% -.PHONY: node-% -node-%: stack-node-%; - -# target node-ssl-certs: Create invalid ${DOMAIN} certificate files with openssl -.PHONY: node-ssl-certs -node-ssl-certs: - docker run --rm --mount source=$(NODE_DOCKER_VOLUME),target=/certs alpine \ - [ -f /certs/live/$(DOMAIN)/fullchain.pem -a -f /certs/live/$(DOMAIN)/privkey.pem ] \ - || $(RUN) docker run --rm \ - -e DOMAIN=$(DOMAIN) \ - --mount source=$(NODE_DOCKER_VOLUME),target=/certs \ - alpine sh -c "\ - apk --no-cache add openssl \ - && mkdir -p /certs/live/${DOMAIN} \ - && { [ -f /certs/live/${DOMAIN}/privkey.pem ] || openssl genrsa -out /certs/live/${DOMAIN}/privkey.pem 2048; } \ - && openssl req -key /certs/live/${DOMAIN}/privkey.pem -out /certs/live/${DOMAIN}/cert.pem \ - -addext extendedKeyUsage=serverAuth \ - -addext subjectAltName=DNS:${DOMAIN},DNS:*.${DOMAIN} \ - -subj \"/C=/ST=/L=/O=/CN=${DOMAIN}\" \ - -x509 -days 365 \ - && rm -f /certs/live/${DOMAIN}/fullchain.pem \ - && ln -s cert.pem /certs/live/${DOMAIN}/fullchain.pem \ - " - -# target node-certbot: Create ${DOMAIN} certificate files with letsencrypt -.PHONY: node-certbot -node-certbot: node-docker-build-certbot - docker run --rm --mount source=$(NODE_DOCKER_VOLUME),target=/certs alpine \ - [ -f /certs/live/$(DOMAIN)/cert.pem -a -f /certs/live/$(DOMAIN)/privkey.pem ] \ - || $(RUN) docker run --rm \ - --mount source=$(NODE_DOCKER_VOLUME),target=/etc/letsencrypt/ \ - --mount source=$(NODE_DOCKER_VOLUME),target=/var/log/letsencrypt/ \ - -e DOMAIN=$(DOMAIN) \ - --network host \ - node/certbot \ - --non-interactive --agree-tos --email hostmaster@${DOMAIN} certonly \ - --preferred-challenges dns --authenticator dns-standalone \ - --dns-standalone-address=0.0.0.0 \ - --dns-standalone-port=53 \ - -d ${DOMAIN} \ - -d *.${DOMAIN} - -# target node-certbot-certificates: List letsencrypt certificates -.PHONY: node-certbot-certificates -node-certbot-certificates: node-docker-build-certbot - docker run --rm --mount source=$(NODE_DOCKER_VOLUME),target=/etc/letsencrypt/ node/certbot certificates - -# target node-certbot-renew: Renew letsencrypt certificates -.PHONY: node-certbot-renew -node-certbot-renew: node-docker-build-certbot - docker run --rm --mount source=$(NODE_DOCKER_VOLUME),target=/etc/letsencrypt/ --network host node/certbot renew - -# target node-certbot-staging: Create staging ${DOMAIN} certificate files with letsencrypt -.PHONY: node-certbot-staging -node-certbot-staging: node-docker-build-certbot - docker run --rm --mount source=$(NODE_DOCKER_VOLUME),target=/certs alpine \ - [ -f /certs/live/$(DOMAIN)/cert.pem -a -f /certs/live/$(DOMAIN)/privkey.pem ] \ - || $(RUN) docker run --rm \ - --mount source=$(NODE_DOCKER_VOLUME),target=/etc/letsencrypt/ \ - --mount source=$(NODE_DOCKER_VOLUME),target=/var/log/letsencrypt/ \ - -e DOMAIN=$(DOMAIN) \ - --network host \ - node/certbot \ - --non-interactive --agree-tos --email hostmaster@${DOMAIN} certonly \ - --preferred-challenges dns --authenticator dns-standalone \ - --dns-standalone-address=0.0.0.0 \ - --dns-standalone-port=53 \ - --staging \ - -d ${DOMAIN} \ - -d *.${DOMAIN} - -# target node-docker-build-%: Build % docker -.PHONY: node-docker-build-% -node-docker-build-%: - $(call docker-build,docker/$*,node/$*:$(DOCKER_IMAGE_TAG)) - -# target node-docker-rebuild-%: Rebuild % docker -.PHONY: node-docker-rebuild-% -node-docker-rebuild-%: - $(call make,node-docker-build-$* DOCKER_BUILD_CACHE=false) - diff --git a/stack/node/.env.dist b/stack/node/.env.dist deleted file mode 100644 index 67b2adc..0000000 --- a/stack/node/.env.dist +++ /dev/null @@ -1,4 +0,0 @@ -NODE_CONSUL_ACL_TOKENS_MASTER=01234567-89AB-CDEF-0123-456789ABCDEF -NODE_CONSUL_HTTP_TOKEN=01234567-89AB-CDEF-0123-456789ABCDEF -NODE_CONSUL_SERVICE_8500_TAGS=urlprefix-consul.${DOMAIN}/ -NODE_FABIO_SERVICE_9998_TAGS=urlprefix-fabio.${DOMAIN}/ diff --git a/stack/node/backup/.env.dist b/stack/node/backup/.env.dist deleted file mode 100644 index 5575c8e..0000000 --- a/stack/node/backup/.env.dist +++ /dev/null @@ -1,2 +0,0 @@ -NODE_RESTIC_REPOSITORY= -NODE_RESTIC_PASSWORD= diff --git a/stack/node/backup/restic.yml b/stack/node/backup/restic.yml deleted file mode 100644 index 6243944..0000000 --- a/stack/node/backup/restic.yml +++ /dev/null @@ -1,27 +0,0 @@ -version: "3.6" - -services: - restic: - image: mazzolino/restic:1.1.1 - hostname: ${HOSTNAME} - environment: - BACKUP_CRON: "30 3 * * *" - RESTIC_REPOSITORY: ${NODE_RESTIC_REPOSITORY} - RESTIC_PASSWORD: ${NODE_RESTIC_PASSWORD} - RESTIC_BACKUP_SOURCES: /var/lib/docker/volumes - RESTIC_BACKUP_TAGS: docker-volumes - RESTIC_FORGET_ARGS: --prune --keep-last 14 --keep-daily 1 - TZ: Europe/Paris - networks: - - private - volumes: - - restic:/root/.config - - /var/lib/docker/volumes:/var/lib/docker/volumes:ro - -volumes: - restic: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/node/exporter/.env.dist b/stack/node/exporter/.env.dist deleted file mode 100644 index 0ecd232..0000000 --- a/stack/node/exporter/.env.dist +++ /dev/null @@ -1,2 +0,0 @@ -NODE_CADVISOR_EXPORTER_SERVICE_8080_TAGS=urlprefix-cadvisor-exporter.${DOMAIN}/ -NODE_EXPORTER_SERVICE_9100_TAGS=urlprefix-node-exporter.${DOMAIN}/ diff --git a/stack/node/exporter/exporter.yml b/stack/node/exporter/exporter.yml deleted file mode 100644 index 7163d01..0000000 --- a/stack/node/exporter/exporter.yml +++ /dev/null @@ -1,49 +0,0 @@ -version: '3.6' - -services: - cadvisor-exporter: - container_name: ${NODE_COMPOSE_PROJECT_NAME}-cadvisor-exporter - hostname: ${HOSTNAME} - image: google/cadvisor:latest - labels: - - SERVICE_8080_CHECK_TCP=true - - SERVICE_8080_NAME=${NODE_COMPOSE_SERVICE_NAME}-cadvisor-exporter-8080 - - SERVICE_8080_TAGS=${NODE_CADVISOR_EXPORTER_SERVICE_8080_TAGS} - - SERVICE_9200_IGNORE=true - networks: - - public - ports: - - 8080 - restart: always - volumes: - - /:/rootfs:ro - - /sys:/sys:ro - - /var/lib/docker/:/var/lib/docker:ro - - /var/run:/var/run:rw - node-exporter: - command: - - --collector.filesystem.ignored-mount-points - - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)" - - '--path.procfs=/host/proc' - - '--path.sysfs=/host/sys' - container_name: ${NODE_COMPOSE_PROJECT_NAME}-node-exporter - hostname: ${HOSTNAME} - image: prom/node-exporter:latest - labels: - - SERVICE_9100_CHECK_TCP=true - - SERVICE_9100_NAME=${NODE_COMPOSE_SERVICE_NAME}-node-exporter-9100 - - SERVICE_9100_TAGS=${NODE_EXPORTER_SERVICE_9100_TAGS} - networks: - - public - ports: - - 9100 - restart: always - volumes: - - /:/rootfs:ro - - /proc:/host/proc:ro - - /sys:/host/sys:ro - -networks: - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/node/ipfs/.env.dist b/stack/node/ipfs/.env.dist deleted file mode 100644 index b0f62bb..0000000 --- a/stack/node/ipfs/.env.dist +++ /dev/null @@ -1,9 +0,0 @@ -NODE_IPFS_ADDRESSES_API_DOMAIN=${DOCKER_NETWORK_PUBLIC} -NODE_IPFS_ADDRESSES_GATEWAY_INET4=0.0.0.0 -NODE_IPFS_IPNS_USEPUBSUB=true -NODE_IPFS_LOGGING=error -NODE_IPFS_PUBSUB_ENABLE=true -NODE_IPFS_PUBSUB_ROUTER=gossipsub -NODE_IPFS_ROUTING_TYPE=dht -NODE_IPFS_SERVICE_8080_CHECK_TCP=/ipfs/QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme -NODE_IPFS_SERVICE_8080_TAGS=urlprefix-ipfs.${DOMAIN}/ diff --git a/stack/node/ipfs/ipfs.yml b/stack/node/ipfs/ipfs.yml deleted file mode 100644 index 8a2d771..0000000 --- a/stack/node/ipfs/ipfs.yml +++ /dev/null @@ -1,82 +0,0 @@ -version: '3.6' - -services: - ipfs: - build: - args: - - DOCKER_BUILD_DIR=docker/ipfs - - IPFS_VERSION=${IPFS_VERSION} - context: ../.. - dockerfile: docker/ipfs/Dockerfile - command: daemon --agent-version-suffix=${NODE_COMPOSE_PROJECT_NAME} ${IPFS_DAEMON_ARGS} - container_name: ${NODE_COMPOSE_PROJECT_NAME}-ipfs - cpus: 0.5 - environment: - - IPFS_ADDRESSES_API=${NODE_IPFS_ADDRESSES_API:-} - - IPFS_ADDRESSES_API_DOMAIN=${NODE_IPFS_ADDRESSES_API_DOMAIN:-} - - IPFS_ADDRESSES_API_INET4=${NODE_IPFS_ADDRESSES_API_INET4:-} - - IPFS_ADDRESSES_API_PORT=${NODE_IPFS_ADDRESSES_API_PORT:-} - - IPFS_ADDRESSES_GATEWAY=${NODE_IPFS_ADDRESSES_GATEWAY:-} - - IPFS_ADDRESSES_GATEWAY_DOMAIN=${NODE_IPFS_ADDRESSES_GATEWAY_DOMAIN:-} - - IPFS_ADDRESSES_GATEWAY_INET4=${NODE_IPFS_ADDRESSES_GATEWAY_INET4:-} - - IPFS_ADDRESSES_GATEWAY_PORT=${NODE_IPFS_ADDRESSES_GATEWAY_PORT:-} - - IPFS_ADDRESSES_NOANNOUNCE=${NODE_IPFS_ADDRESSES_NOANNOUNCE:-} - - IPFS_API_HTTPHEADERS=${NODE_IPFS_API_HTTPHEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=${NODE_IPFS_API_HTTPHEADERS_ACA_CREDENTIALS:-} - - IPFS_API_HTTPHEADERS_ACA_HEADERS=${NODE_IPFS_API_HTTPHEADERS_ACA_HEADERS:-} - - IPFS_API_HTTPHEADERS_ACA_METHODS=${NODE_IPFS_API_HTTPHEADERS_ACA_METHODS:-} - - IPFS_API_HTTPHEADERS_ACA_ORIGIN=${NODE_IPFS_API_HTTPHEADERS_ACA_ORIGIN:-} - - IPFS_BOOTSTRAP=${NODE_IPFS_BOOTSTRAP:-} - - IPFS_DATASTORE_GCPERIOD=${NODE_IPFS_DATASTORE_GCPERIOD:-} - - IPFS_DISK_USAGE_PERCENT=${NODE_IPFS_DISK_USAGE_PERCENT:-} - - IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT=${NODE_IPFS_EXPERIMENTAL_ACCELERATEDDHTCLIENT:-} - - IPFS_EXPERIMENTAL_FILESTOREENABLED=${NODE_IPFS_EXPERIMENTAL_FILESTOREENABLED:-} - - IPFS_EXPERIMENTAL_GRAPHSYNCENABLED=${NODE_IPFS_EXPERIMENTAL_GRAPHSYNCENABLED:-} - - IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=${NODE_IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING:-} - - IPFS_EXPERIMENTAL_P2PHTTPPROXY=${NODE_IPFS_EXPERIMENTAL_P2PHTTPPROXY:-} - - IPFS_EXPERIMENTAL_STRATEGICPROVIDING=${NODE_IPFS_EXPERIMENTAL_STRATEGICPROVIDING:-} - - IPFS_EXPERIMENTAL_URLSTOREENABLED=${NODE_IPFS_EXPERIMENTAL_URLSTOREENABLED:-} - - IPFS_IPNS_REPUBLISHPERIOD=${NODE_IPFS_IPNS_REPUBLISHPERIOD:-} - - IPFS_IPNS_RECORDLIFETIME=${NODE_IPFS_IPNS_RECORDLIFETIME:-} - - IPFS_IPNS_USEPUBSUB=${NODE_IPFS_IPNS_USEPUBSUB:-} - - IPFS_LOGGING=${NODE_IPFS_LOGGING:-} - - IPFS_PROFILE=${IPFS_PROFILE:-} - - IPFS_PUBSUB_ENABLE=${NODE_IPFS_PUBSUB_ENABLE:-} - - IPFS_PUBSUB_ROUTER=${NODE_IPFS_PUBSUB_ROUTER:-} - - IPFS_ROUTING_TYPE=${NODE_IPFS_ROUTING_TYPE:-} - - IPFS_REPROVIDER_INTERVAL=${NODE_IPFS_REPROVIDER_INTERVAL:-} - - IPFS_REPROVIDER_STRATEGY=${NODE_IPFS_REPROVIDER_STRATEGY:-} - - IPFS_SWARM_CONNMGR_HIGHWATER=${NODE_IPFS_SWARM_CONNMGR_HIGHWATER:-} - - IPFS_SWARM_CONNMGR_LOWWATER=${NODE_IPFS_SWARM_CONNMGR_LOWWATER:-} - - IPFS_SWARM_CONNMGR_TYPE=${NODE_IPFS_SWARM_CONNMGR_TYPE:-} - - IPFS_SWARM_DISABLENATPORTMAP=${NODE_IPFS_SWARM_DISABLENATPORTMAP:-} - - IPFS_SWARM_ENABLEHOLEPUNCHING=${NODE_IPFS_SWARM_ENABLEHOLEPUNCHING:-} - - IPFS_SWARM_RELAYCLIENT_ENABLED=${NODE_IPFS_SWARM_RELAYCLIENT_ENABLED:-} - - IPFS_SWARM_RELAYSERVICE_ENABLED=${NODE_IPFS_SWARM_RELAYSERVICE_ENABLED:-} - - IPFS_SWARM_TRANSPORTS_NETWORK_RELAY=${NODE_IPFS_SWARM_TRANSPORTS_NETWORK_RELAY:-} - image: ${NODE_DOCKER_REPOSITORY}/ipfs:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_4001_CHECK_TCP=true - - SERVICE_4001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs-4001 - - SERVICE_5001_CHECK_TCP=true - - SERVICE_5001_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs-5001 - - SERVICE_8080_CHECK_HTTP=${NODE_IPFS_SERVICE_8080_CHECK_TCP} - - SERVICE_8080_NAME=${NODE_COMPOSE_SERVICE_NAME}-ipfs-8080 - - SERVICE_8080_TAGS=${NODE_IPFS_SERVICE_8080_TAGS} - - SERVICE_8081_IGNORE=true - network_mode: host - restart: always - ulimits: - nofile: - soft: 65536 - hard: 65536 - volumes: - - ipfs:/data/ipfs:delegated - -volumes: - ipfs: - -networks: - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/node/mail/.env.dist b/stack/node/mail/.env.dist deleted file mode 100644 index 1c4ca23..0000000 --- a/stack/node/mail/.env.dist +++ /dev/null @@ -1,4 +0,0 @@ -NODE_MAILSERVER_ENABLE_MANAGESIEVE=1 -NODE_MAILSERVER_SPOOF_PROTECTION=1 -NODE_MAILSERVER_SSL_TYPE=letsencrypt -NODE_MAILSERVER_UPDATE_CHECK=0 diff --git a/stack/node/mail/mailserver.yml b/stack/node/mail/mailserver.yml deleted file mode 100644 index d5f10e8..0000000 --- a/stack/node/mail/mailserver.yml +++ /dev/null @@ -1,166 +0,0 @@ -version: '2' -services: - mailserver: - image: mailserver/docker-mailserver:11.2 - cap_add: - - NET_ADMIN - container_name: ${NODE_COMPOSE_PROJECT_NAME}-mailserver - cpus: 0.5 - domainname: ${DOMAIN} - environment: - - OVERRIDE_HOSTNAME=${NODE_MAILSERVER_OVERRIDE_HOSTNAME:-} - - DMS_DEBUG=${NODE_MAILSERVER_DMS_DEBUG:-0} - - LOG_LEVEL=${NODE_MAILSERVER_LOG_LEVEL:-info} - - SUPERVISOR_LOGLEVEL=${NODE_MAILSERVER_SUPERVISOR_LOGLEVEL:-} - - ONE_DIR=${NODE_MAILSERVER_ONE_DIR:-1} - - ACCOUNT_PROVISIONER=${NODE_MAILSERVER_ACCOUNT_PROVISIONER:-} - - POSTMASTER_ADDRESS=${NODE_MAILSERVER_POSTMASTER_ADDRESS:-} - - ENABLE_UPDATE_CHECK=${NODE_MAILSERVER_ENABLE_UPDATE_CHECK:-1} - - UPDATE_CHECK_INTERVAL=${NODE_MAILSERVER_UPDATE_CHECK_INTERVAL:-1d} - - PERMIT_DOCKER=${NODE_MAILSERVER_PERMIT_DOCKER:-none} - - TZ=${NODE_MAILSERVER_TZ:-} - - NETWORK_INTERFACE=${NODE_MAILSERVER_NETWORK_INTERFACE:-} - - TLS_LEVEL=${NODE_MAILSERVER_TLS_LEVEL:-} - - SPOOF_PROTECTION=${NODE_MAILSERVER_SPOOF_PROTECTION:-} - - ENABLE_SRS=${NODE_MAILSERVER_ENABLE_SRS:-0} - - ENABLE_POP3=${NODE_MAILSERVER_ENABLE_POP3:-} - - ENABLE_CLAMAV=${NODE_MAILSERVER_ENABLE_CLAMAV:-0} - - ENABLE_AMAVIS=${NODE_MAILSERVER_ENABLE_AMAVIS:-1} - - AMAVIS_LOGLEVEL=${NODE_MAILSERVER_AMAVIS_LOGLEVEL:-0} - - ENABLE_DNSBL=${NODE_MAILSERVER_ENABLE_DNSBL:-0} - - ENABLE_FAIL2BAN=${NODE_MAILSERVER_ENABLE_FAIL2BAN:-0} - - FAIL2BAN_BLOCKTYPE=${NODE_MAILSERVER_FAIL2BAN_BLOCKTYPE:-drop} - - ENABLE_MANAGESIEVE=${NODE_MAILSERVER_ENABLE_MANAGESIEVE:-} - - POSTSCREEN_ACTION=${NODE_MAILSERVER_POSTSCREEN_ACTION:-enforce} - - SMTP_ONLY=${NODE_MAILSERVER_SMTP_ONLY:-} - - SSL_TYPE=${NODE_MAILSERVER_SSL_TYPE:-} - - SSL_CERT_PATH=${NODE_MAILSERVER_SSL_CERT_PATH:-} - - SSL_KEY_PATH=${NODE_MAILSERVER_SSL_KEY_PATH:-} - - SSL_ALT_CERT_PATH=${NODE_MAILSERVER_SSL_ALT_CERT_PATH:-} - - SSL_ALT_KEY_PATH=${NODE_MAILSERVER_SSL_ALT_KEY_PATH:-} - - VIRUSMAILS_DELETE_DELAY=${NODE_MAILSERVER_VIRUSMAILS_DELETE_DELAY:-} - - ENABLE_POSTFIX_VIRTUAL_TRANSPORT=${NODE_MAILSERVER_ENABLE_POSTFIX_VIRTUAL_TRANSPORT:-} - - POSTFIX_DAGENT=${NODE_MAILSERVER_POSTFIX_DAGENT:-} - - POSTFIX_MAILBOX_SIZE_LIMIT=${NODE_MAILSERVER_POSTFIX_MAILBOX_SIZE_LIMIT:-} - - ENABLE_QUOTAS=${NODE_MAILSERVER_ENABLE_QUOTAS:-1} - - POSTFIX_MESSAGE_SIZE_LIMIT=${NODE_MAILSERVER_POSTFIX_MESSAGE_SIZE_LIMIT:-} - - CLAMAV_MESSAGE_SIZE_LIMIT=${NODE_MAILSERVER_CLAMAV_MESSAGE_SIZE_LIMIT:-} - - PFLOGSUMM_TRIGGER=${NODE_MAILSERVER_PFLOGSUMM_TRIGGER:-} - - PFLOGSUMM_RECIPIENT=${NODE_MAILSERVER_PFLOGSUMM_RECIPIENT:-} - - PFLOGSUMM_SENDER=${NODE_MAILSERVER_PFLOGSUMM_SENDER:-} - - LOGWATCH_INTERVAL=${NODE_MAILSERVER_LOGWATCH_INTERVAL:-} - - LOGWATCH_RECIPIENT=${NODE_MAILSERVER_LOGWATCH_RECIPIENT:-} - - LOGWATCH_SENDER=${NODE_MAILSERVER_LOGWATCH_SENDER:-} - - REPORT_RECIPIENT=${NODE_MAILSERVER_REPORT_RECIPIENT:-} - - REPORT_SENDER=${NODE_MAILSERVER_REPORT_SENDER:-} - - LOGROTATE_INTERVAL=${NODE_MAILSERVER_LOGROTATE_INTERVAL:-weekly} - - POSTFIX_INET_PROTOCOLS=${NODE_MAILSERVER_POSTFIX_INET_PROTOCOLS:-all} - - DOVECOT_INET_PROTOCOLS=${NODE_MAILSERVER_DOVECOT_INET_PROTOCOLS:-all} - - ENABLE_SPAMASSASSIN=${NODE_MAILSERVER_ENABLE_SPAMASSASSIN:-0} - - SPAMASSASSIN_SPAM_TO_INBOX=${NODE_MAILSERVER_SPAMASSASSIN_SPAM_TO_INBOX:-1} - - ENABLE_SPAMASSASSIN_KAM=${NODE_MAILSERVER_ENABLE_SPAMASSASSIN_KAM:-0} - - MOVE_SPAM_TO_JUNK=${NODE_MAILSERVER_MOVE_SPAM_TO_JUNK:-1} - - SA_TAG=${NODE_MAILSERVER_SA_TAG:-2.0} - - SA_TAG2=${NODE_MAILSERVER_SA_TAG2:-6.31} - - SA_KILL=${NODE_MAILSERVER_SA_KILL:-6.31} - - SA_SPAM_SUBJECT=${NODE_MAILSERVER_SA_SPAM_SUBJECT:-***SPAM*****} - - ENABLE_FETCHMAIL=${NODE_MAILSERVER_ENABLE_FETCHMAIL:-0} - - FETCHMAIL_POLL=${NODE_MAILSERVER_FETCHMAIL_POLL:-300} - - ENABLE_LDAP=${NODE_MAILSERVER_ENABLE_LDAP:-} - - LDAP_START_TLS=${NODE_MAILSERVER_LDAP_START_TLS:-} - - LDAP_SERVER_HOST=${NODE_MAILSERVER_LDAP_SERVER_HOST:-} - - LDAP_SEARCH_BASE=${NODE_MAILSERVER_LDAP_SEARCH_BASE:-} - - LDAP_BIND_DN=${NODE_MAILSERVER_LDAP_BIND_DN:-} - - LDAP_BIND_PW=${NODE_MAILSERVER_LDAP_BIND_PW:-} - - LDAP_QUERY_FILTER_USER=${NODE_MAILSERVER_LDAP_QUERY_FILTER_USER:-} - - LDAP_QUERY_FILTER_GROUP=${NODE_MAILSERVER_LDAP_QUERY_FILTER_GROUP:-} - - LDAP_QUERY_FILTER_ALIAS=${NODE_MAILSERVER_LDAP_QUERY_FILTER_ALIAS:-} - - LDAP_QUERY_FILTER_DOMAIN=${NODE_MAILSERVER_LDAP_QUERY_FILTER_DOMAIN:-} - - DOVECOT_TLS=${NODE_MAILSERVER_DOVECOT_TLS:-} - - DOVECOT_USER_FILTER=${NODE_MAILSERVER_DOVECOT_USER_FILTER:-} - - DOVECOT_PASS_FILTER=${NODE_MAILSERVER_DOVECOT_PASS_FILTER:-} - - DOVECOT_MAILBOX_FORMAT=${NODE_MAILSERVER_DOVECOT_MAILBOX_FORMAT:-maildir} - - DOVECOT_AUTH_BIND=${NODE_MAILSERVER_DOVECOT_AUTH_BIND:-} - - ENABLE_POSTGREY=${NODE_MAILSERVER_ENABLE_POSTGREY:-0} - - POSTGREY_DELAY=${NODE_MAILSERVER_POSTGREY_DELAY:-300} - - POSTGREY_MAX_AGE=${NODE_MAILSERVER_POSTGREY_MAX_AGE:-35} - - POSTGREY_TEXT=${NODE_MAILSERVER_POSTGREY_TEXT:-"Delayed by Postgrey"} - - POSTGREY_AUTO_WHITELIST_CLIENTS=${NODE_MAILSERVER_POSTGREY_AUTO_WHITELIST_CLIENTS:-5} - - ENABLE_SASLAUTHD=${NODE_MAILSERVER_ENABLE_SASLAUTHD:-0} - - SASLAUTHD_MECHANISMS=${NODE_MAILSERVER_SASLAUTHD_MECHANISMS:-} - - SASLAUTHD_MECH_OPTIONS=${NODE_MAILSERVER_SASLAUTHD_MECH_OPTIONS:-} - - SASLAUTHD_LDAP_SERVER=${NODE_MAILSERVER_SASLAUTHD_LDAP_SERVER:-} - - SASLAUTHD_LDAP_BIND_DN=${NODE_MAILSERVER_SASLAUTHD_LDAP_BIND_DN:-} - - SASLAUTHD_LDAP_PASSWORD=${NODE_MAILSERVER_SASLAUTHD_LDAP_PASSWORD:-} - - SASLAUTHD_LDAP_SEARCH_BASE=${NODE_MAILSERVER_SASLAUTHD_LDAP_SEARCH_BASE:-} - - SASLAUTHD_LDAP_FILTER=${NODE_MAILSERVER_SASLAUTHD_LDAP_FILTER:-} - - SASLAUTHD_LDAP_START_TLS=${NODE_MAILSERVER_SASLAUTHD_LDAP_START_TLS:-} - - SASLAUTHD_LDAP_TLS_CHECK_PEER=${NODE_MAILSERVER_SASLAUTHD_LDAP_TLS_CHECK_PEER:-} - - SASLAUTHD_LDAP_TLS_CACERT_FILE=${NODE_MAILSERVER_SASLAUTHD_LDAP_TLS_CACERT_FILE:-} - - SASLAUTHD_LDAP_TLS_CACERT_DIR=${NODE_MAILSERVER_SASLAUTHD_LDAP_TLS_CACERT_DIR:-} - - SASLAUTHD_LDAP_PASSWORD_ATTR=${NODE_MAILSERVER_SASLAUTHD_LDAP_PASSWORD_ATTR:-} - - SASL_PASSWD=${NODE_MAILSERVER_SASL_PASSWD:-} - - SASLAUTHD_LDAP_AUTH_METHOD=${NODE_MAILSERVER_SASLAUTHD_LDAP_AUTH_METHOD:-} - - SASLAUTHD_LDAP_MECH=${NODE_MAILSERVER_SASLAUTHD_LDAP_MECH:-} - - SRS_SENDER_CLASSES=${NODE_MAILSERVER_SRS_SENDER_CLASSES:-envelope_sender} - - SRS_EXCLUDE_DOMAINS=${NODE_MAILSERVER_SRS_EXCLUDE_DOMAINS:-} - - SRS_SECRET=${NODE_MAILSERVER_SRS_SECRET:-} - - DEFAULT_RELAY_HOST=${NODE_MAILSERVER_DEFAULT_RELAY_HOST:-} - - RELAY_HOST=${NODE_MAILSERVER_RELAY_HOST:-} - - RELAY_PORT=${NODE_MAILSERVER_RELAY_PORT:-25} - - RELAY_USER=${NODE_MAILSERVER_RELAY_USER:-} - - RELAY_PASSWORD=${NODE_MAILSERVER_RELAY_PASSWORD:-} - healthcheck: - test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1" - timeout: 3s - retries: 0 - hostname: ${HOSTNAME} - labels: - - SERVICE_25_CHECK_TCP=true - - SERVICE_25_NAME=${NODE_COMPOSE_SERVICE_NAME}-mailserver-25 - - SERVICE_110_IGNORE=true - - SERVICE_143_CHECK_TCP=true - - SERVICE_143_NAME=${NODE_COMPOSE_SERVICE_NAME}-mailserver-143 - - SERVICE_465_CHECK_TCP=true - - SERVICE_465_NAME=${NODE_COMPOSE_SERVICE_NAME}-mailserver-465 - - SERVICE_587_CHECK_TCP=true - - SERVICE_587_NAME=${NODE_COMPOSE_SERVICE_NAME}-mailserver-587 - - SERVICE_993_CHECK_TCP=true - - SERVICE_993_NAME=${NODE_COMPOSE_SERVICE_NAME}-mailserver-993 - - SERVICE_995_IGNORE=true - - SERVICE_4190_CHECK_TCP=true - - SERVICE_4190_NAME=${NODE_COMPOSE_SERVICE_NAME}-mailserver-4190 - networks: - - private - - public - ports: - - "25:25" - - "143:143" - - "465:465" - - "587:587" - - "993:993" - volumes: - - /etc/localtime:/etc/localtime:ro - - mailserver-config:/tmp/docker-mailserver/ - - mailserver-data:/var/mail - - mailserver-logs:/var/log/mail - - mailserver-state:/var/mail-state - - myos:/etc/letsencrypt:ro - restart: always - stop_grace_period: 1m -volumes: - mailserver-config: - mailserver-data: - mailserver-logs: - mailserver-state: - myos: - external: true - name: ${NODE_DOCKER_VOLUME} - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/node/node.yml b/stack/node/node.yml deleted file mode 100644 index 39d92f6..0000000 --- a/stack/node/node.yml +++ /dev/null @@ -1,125 +0,0 @@ -version: '3.6' - -services: - certbot: - build: - args: - - DOCKER_BUILD_DIR=docker/certbot - context: ../.. - dockerfile: docker/certbot/Dockerfile - command: start - container_name: ${NODE_COMPOSE_PROJECT_NAME}-certbot - image: ${NODE_DOCKER_REPOSITORY}/certbot:${DOCKER_IMAGE_TAG} - network_mode: host - restart: always - volumes: - - myos:/etc/letsencrypt - consul: - build: - args: - - CONSUL_VERSION=1.11.1 - - DOCKER_BUILD_DIR=docker/consul - context: ../.. - dockerfile: docker/consul/Dockerfile - container_name: ${NODE_COMPOSE_PROJECT_NAME}-consul - image: ${NODE_DOCKER_REPOSITORY}/consul:${DOCKER_IMAGE_TAG} - environment: - CONSUL_BIND_INTERFACE: '${DOCKER_HOST_IFACE}' - CONSUL_CLIENT_INTERFACE: '${DOCKER_HOST_IFACE}' - CONSUL_HTTP_TOKEN: '${NODE_CONSUL_HTTP_TOKEN}' - CONSUL_LOCAL_CONFIG: '{ "log_level": "warn" - , "enable_script_checks": true - , "acl": { "enabled": true - , "default_policy": "deny" - , "down_policy": "extend-cache" - , "enable_token_persistence": true - , "tokens": { "initial_management": "${NODE_CONSUL_ACL_TOKENS_MASTER}" - , "agent": "${NODE_CONSUL_HTTP_TOKEN}" - } - } - }' - hostname: ${HOSTNAME} - labels: - - SERVICE_8300_IGNORE=true - - SERVICE_8301_IGNORE=true - - SERVICE_8302_IGNORE=true - - SERVICE_8500_CHECK_HTTP=/v1/health/service/consul - - SERVICE_8500_NAME=${NODE_COMPOSE_SERVICE_NAME}-consul-8500 - - SERVICE_8500_TAGS=${NODE_CONSUL_SERVICE_8500_TAGS} - - SERVICE_8600_IGNORE=true - - SERVICE_ADDRESS=${DOCKER_HOST_INET4} - - SERVICE_CHECK_SCRIPT=docker-healthcheck ${DOCKER_HOST_INET4} - network_mode: host - restart: always - volumes: - - consul:/consul/data:delegated - - /var/run/docker.sock:/var/run/docker.sock - fabio: - build: - args: - - DOCKER_BUILD_DIR=docker/fabio - - FABIO_VERSION=1.6.2 - - SYSTEM=${SYSTEM} - - MACHINE=${MACHINE} - context: ../.. - dockerfile: docker/fabio/Dockerfile - container_name: ${NODE_COMPOSE_PROJECT_NAME}-fabio - image: ${NODE_DOCKER_REPOSITORY}/fabio:${DOCKER_IMAGE_TAG} - command: -registry.backend "consul" -registry.consul.addr "consul:8500" -registry.consul.token "${NODE_CONSUL_HTTP_TOKEN}" -proxy.addr ":80,:443;cs=local" -proxy.cs "cs=local;type=file;cert=/etc/letsencrypt/live/${DOMAIN}/fullchain.pem;key=/etc/letsencrypt/live/${DOMAIN}/privkey.pem" - depends_on: - - consul - extra_hosts: - - consul:${DOCKER_INTERNAL_DOCKER_HOST} - hostname: ${HOSTNAME} - labels: - - SERVICE_80_CHECK_TCP=true - - SERVICE_80_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio-80 - - SERVICE_443_CHECK_TCP=true - - SERVICE_443_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio-443 - - SERVICE_9998_CHECK_HTTP=/routes - - SERVICE_9998_NAME=${NODE_COMPOSE_SERVICE_NAME}-fabio-9998 - - SERVICE_9998_TAGS=${NODE_FABIO_SERVICE_9998_TAGS} - - SERVICE_9999_IGNORE=true - ports: - - 80:80/tcp - - 443:443/tcp - - 9998/tcp - networks: - - public - restart: always - volumes: - - myos:/etc/letsencrypt:ro - registrator: - build: - args: - - DOCKER_BUILD_DIR=docker/registrator - - GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} - - GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} - context: ../.. - dockerfile: docker/registrator/Dockerfile - container_name: ${NODE_COMPOSE_PROJECT_NAME}-registrator - image: ${NODE_DOCKER_REPOSITORY}/registrator:${DOCKER_IMAGE_TAG} - command: -internal -cleanup -deregister always -resync=30 -useIpFromNetwork "${DOCKER_NETWORK_PUBLIC}" -useIpFromLabel SERVICE_ADDRESS consul://consul:8500 - depends_on: - - consul - environment: - - CONSUL_HTTP_TOKEN=${NODE_CONSUL_HTTP_TOKEN} - - GL_DISABLE_VERSION_CHECK=true - extra_hosts: - - consul:${DOCKER_INTERNAL_DOCKER_HOST} - hostname: ${HOSTNAME} - network_mode: host - restart: always - volumes: - - /var/run/docker.sock:/tmp/docker.sock - -volumes: - consul: - myos: - external: true - name: ${NODE_DOCKER_VOLUME} - -networks: - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/node/pdns/pdns-recursor.yml b/stack/node/pdns/pdns-recursor.yml deleted file mode 100644 index 1e670a3..0000000 --- a/stack/node/pdns/pdns-recursor.yml +++ /dev/null @@ -1,15 +0,0 @@ -version: '3.6' - -services: - pdns-recursor: - build: - args: - - DOCKER_BUILD_DIR=docker/pdns-server - context: ../.. - dockerfile: docker/pdns-server/Dockerfile - command: /usr/local/sbin/pdns_recursor --local-address='192.168.0.1:53' --allow-from='127.0.0.0/8, 192.168.1.0/24, 172.16.0.0/12' - container_name: ${NODE_COMPOSE_PROJECT_NAME}-pdns-recursor - hostname: ${HOSTNAME} - image: ${NODE_DOCKER_REPOSITORY}/pdns-recursor:${DOCKER_IMAGE_TAG} - network_mode: host - restart: always diff --git a/stack/node/portainer/.env.dist b/stack/node/portainer/.env.dist deleted file mode 100644 index 6a3266c..0000000 --- a/stack/node/portainer/.env.dist +++ /dev/null @@ -1 +0,0 @@ -NODE_PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${DOMAIN}/ diff --git a/stack/node/portainer/portainer.yml b/stack/node/portainer/portainer.yml deleted file mode 100644 index 4c14492..0000000 --- a/stack/node/portainer/portainer.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: '3.6' - -services: - portainer: - container_name: ${NODE_COMPOSE_PROJECT_NAME}-portainer - image: portainer/portainer:latest - labels: - - SERVICE_8000_IGNORE=true - - SERVICE_9000_CHECK_HTTP=/ - - SERVICE_9000_NAME=${NODE_COMPOSE_SERVICE_NAME}-portainer-9000 - - SERVICE_9000_TAGS=${NODE_PORTAINER_SERVICE_9000_TAGS} - networks: - - public - ports: - - 8000 - - 9000 - restart: always - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - portainer:/data - -volumes: - portainer: - -networks: - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/node/vsftpd/.env.dist b/stack/node/vsftpd/.env.dist deleted file mode 100644 index 6f50dae..0000000 --- a/stack/node/vsftpd/.env.dist +++ /dev/null @@ -1,3 +0,0 @@ -NODE_VSFTPD_S3_AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} -NODE_VSFTPD_S3_AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} -NODE_VSFTPD_S3_FTPD_USERS=ftpuser::ftppass::ftpbucket diff --git a/stack/node/vsftpd/vsftpd-s3.yml b/stack/node/vsftpd/vsftpd-s3.yml deleted file mode 100644 index 7df5050..0000000 --- a/stack/node/vsftpd/vsftpd-s3.yml +++ /dev/null @@ -1,38 +0,0 @@ -version: '3.6' - -services: - vsftpd-s3: - build: - args: - - DOCKER_BUILD_DIR=docker/vsftpd-s3 - context: ../.. - dockerfile: docker/vsftpd-s3/Dockerfile - cap_add: - - sys_admin - container_name: ${NODE_COMPOSE_PROJECT_NAME}-vsftpd-s3 - devices: - - /dev/fuse - environment: - - AWS_ACCESS_KEY_ID=${NODE_VSFTPD_S3_AWS_ACCESS_KEY_ID} - - AWS_SECRET_ACCESS_KEY=${NODE_VSFTPD_S3_AWS_SECRET_ACCESS_KEY} - - DIR_REMOTE=${NODE_VSFTPD_S3_DIR_REMOTE} - - FTP_HOST=${NODE_VSFTPD_S3_FTP_HOST} - - FTP_PASS=${NODE_VSFTPD_S3_FTP_PASS} - - FTP_SYNC=${NODE_VSFTPD_S3_FTP_SYNC} - - FTP_USER=${NODE_VSFTPD_S3_FTP_USER} - - FTPD_USER=${NODE_VSFTPD_S3_FTPD_USER} - - FTPD_USERS=${NODE_VSFTPD_S3_FTPD_USERS} - - PASV_MAX_PORT=${NODE_VSFTPD_S3_PASV_MAX_PORT} - - PASV_MIN_PORT=${NODE_VSFTPD_S3_PASV_MIN_PORT} - hostname: ${HOSTNAME} - image: ${NODE_DOCKER_REPOSITORY}/vsftpd-s3:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_21_CHECK_TCP=true - - SERVICE_21_NAME=${NODE_COMPOSE_SERVICE_NAME}-vsftpd-s3-21 - - SERVICE_22_CHECK_TCP=true - - SERVICE_22_NAME=${NODE_COMPOSE_SERVICE_NAME}-vsftpd-s3-22 - - SERVICE_65000_IGNORE=true - security_opt: - - apparmor:unconfined - network_mode: host - restart: always diff --git a/stack/portainer/.env.dist b/stack/portainer/.env.dist deleted file mode 100644 index 2dc8279..0000000 --- a/stack/portainer/.env.dist +++ /dev/null @@ -1 +0,0 @@ -PORTAINER_SERVICE_9000_TAGS=urlprefix-portainer.${APP_DOMAIN}/ diff --git a/stack/portainer/portainer.yml b/stack/portainer/portainer.yml deleted file mode 100644 index 231ff74..0000000 --- a/stack/portainer/portainer.yml +++ /dev/null @@ -1,27 +0,0 @@ -version: '3.6' - -services: - portainer: - image: portainer/portainer:latest - labels: - - SERVICE_8000_IGNORE=true - - SERVICE_9000_CHECK_HTTP=/ - - SERVICE_9000_NAME=${COMPOSE_SERVICE_NAME}-portainer-9000 - - SERVICE_9000_TAGS=${PORTAINER_SERVICE_9000_TAGS} - networks: - - public - ports: - - 8000 - - 9000 - restart: always - volumes: - - /var/run/docker.sock:/var/run/docker.sock - - portainer:/data - -volumes: - portainer: - -networks: - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/postgres/.env.dist b/stack/postgres/.env.dist deleted file mode 100644 index 0636623..0000000 --- a/stack/postgres/.env.dist +++ /dev/null @@ -1,3 +0,0 @@ -POSTGRES_DB=postgres -POSTGRES_PASSWORD=postgres -POSTGRES_USER=postgres diff --git a/stack/postgres/postgres.9.6.yml b/stack/postgres/postgres.9.6.yml deleted file mode 100644 index 1e6c7e0..0000000 --- a/stack/postgres/postgres.9.6.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - postgres: - image: postgres:9.6-alpine diff --git a/stack/postgres/postgres.dev.yml b/stack/postgres/postgres.dev.yml deleted file mode 100644 index 26a04f1..0000000 --- a/stack/postgres/postgres.dev.yml +++ /dev/null @@ -1,6 +0,0 @@ -version: '3.6' - -services: - postgres: - ports: - - 5433:5432 diff --git a/stack/postgres/postgres.latest.yml b/stack/postgres/postgres.latest.yml deleted file mode 100644 index b0a4759..0000000 --- a/stack/postgres/postgres.latest.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - postgres: - image: postgres:latest diff --git a/stack/postgres/postgres.local.yml b/stack/postgres/postgres.local.yml deleted file mode 100644 index 0a964bb..0000000 --- a/stack/postgres/postgres.local.yml +++ /dev/null @@ -1,24 +0,0 @@ -version: '3.6' - -services: - postgres: - command: -c logging_collector=on -c log_destination='stderr' -c log_directory='/shared/logs/postgres' -c log_filename='postgresql.log' -c log_file_mode='0644' -c log_rotation_age=0 -c log_checkpoints=on -c log_hostname=on -c log_line_prefix='%t [%p] [%l-1] db=%d,user=%u ' - depends_on: - - shared-logs - ports: - - 5432:5432 - volumes: - - shared:/shared - shared-logs: - command: sh -c 'mkdir -p /shared/logs/postgres && chown 70:70 /shared/logs/postgres' - image: alpine:latest - volumes: - - shared:/shared - -volumes: - shared: - driver: local - driver_opts: - type: none - device: ${MONOREPO_DIR}/shared - o: bind diff --git a/stack/postgres/postgres.yml b/stack/postgres/postgres.yml deleted file mode 100644 index de6c98a..0000000 --- a/stack/postgres/postgres.yml +++ /dev/null @@ -1,26 +0,0 @@ -version: '3.6' - -services: - postgres: - environment: - - POSTGRES_DB=${POSTGRES_DB} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_USER=${POSTGRES_USER} - labels: - - SERVICE_5432_CHECK_TCP=true - - SERVICE_5432_NAME=${COMPOSE_SERVICE_NAME}-postgres-5432 - networks: - - private - ports: - - 5432 - volumes: - - postgres:/var/lib/postgresql/data - restart: always - -volumes: - postgres: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/prometheus/.env.dist b/stack/prometheus/.env.dist deleted file mode 100644 index d895593..0000000 --- a/stack/prometheus/.env.dist +++ /dev/null @@ -1,8 +0,0 @@ -ALERTMANAGER_SERVICE_9093_TAGS=urlprefix-alertmanager.${APP_DOMAIN}/ -ALERTMANAGER_SLACK_WEBHOOK_ID=https://hooks.slack.com/services/123456789/123456789/ABCDEFGHIJKLMNOPQRSTUVWX -BLACKBOX_SERVICE_9115_TAGS=urlprefix-blackbox.${APP_DOMAIN}/ -ES_EXPORTER_ELASTICSEARCH_URL=elasticsearch:9200 -ES_EXPORTER_SERVICE_9206_TAGS=urlprefix-es-exporter.${APP_DOMAIN}/ -PROMETHEUS_MONITORING_PRIMARY_TARGETS_BLACKBOX=https://www.google.com -PROMETHEUS_MONITORING_SECONDARY_TARGETS_BLACKBOX= -PROMETHEUS_SERVICE_9090_TAGS=urlprefix-prometheus.${APP_DOMAIN}/ diff --git a/stack/prometheus/alertmanager.yml b/stack/prometheus/alertmanager.yml deleted file mode 100644 index f4fe752..0000000 --- a/stack/prometheus/alertmanager.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: '3.6' - -services: - alertmanager: - build: - args: - - DOCKER_BUILD_DIR=docker/prometheus/alertmanager - - SLACK_WEBHOOK_ID=${ALERTMANAGER_SLACK_WEBHOOK_ID} - context: ../.. - dockerfile: docker/prometheus/alertmanager/Dockerfile - image: ${DOCKER_REPOSITORY}/alertmanager:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_9093_CHECK_TCP=true - - SERVICE_9093_NAME=${COMPOSE_SERVICE_NAME}-alertmanager-9093 - - SERVICE_9093_TAGS=${ALERTMANAGER_SERVICE_9093_TAGS} - networks: - - private - - public - ports: - - 9093 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/prometheus/blackbox-exporter.yml b/stack/prometheus/blackbox-exporter.yml deleted file mode 100644 index 80a8529..0000000 --- a/stack/prometheus/blackbox-exporter.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: '3.6' - -services: - blackbox: - build: - args: - - DOCKER_BUILD_DIR=docker/prometheus/blackbox-exporter - context: ../.. - dockerfile: docker/prometheus/blackbox-exporter/Dockerfile - image: ${DOCKER_REPOSITORY}/blackbox:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_9115_CHECK_TCP=true - - SERVICE_9115_NAME=${COMPOSE_SERVICE_NAME}-blackbox-9115 - - SERVICE_9115_TAGS=${BLACKBOX_SERVICE_9115_TAGS} - networks: - - private - - public - ports: - - 9115 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/prometheus/es-exporter.yml b/stack/prometheus/es-exporter.yml deleted file mode 100644 index 188257e..0000000 --- a/stack/prometheus/es-exporter.yml +++ /dev/null @@ -1,29 +0,0 @@ -version: '3.6' - -services: - es-exporter: - build: - args: - - DOCKER_BUILD_DIR=docker/prometheus/es-exporter - context: ../.. - dockerfile: docker/prometheus/es-exporter/Dockerfile - command: -e ${ES_EXPORTER_ELASTICSEARCH_URL} - image: ${DOCKER_REPOSITORY}/es-exporter:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_9206_CHECK_TCP=true - - SERVICE_9206_NAME=${COMPOSE_SERVICE_NAME}-es-exporter-9206 - - SERVICE_9206_TAGS=${ES_EXPORTER_SERVICE_9206_TAGS} - networks: - - private - - public - ports: - - 9206 - restart: always - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/prometheus/prometheus.yml b/stack/prometheus/prometheus.yml deleted file mode 100644 index 6ed6877..0000000 --- a/stack/prometheus/prometheus.yml +++ /dev/null @@ -1,35 +0,0 @@ -version: '3.6' - -services: - prometheus: - build: - args: - - DOCKER_BUILD_DIR=docker/prometheus/prometheus - - MONITORING_PRIMARY_TARGETS_BLACKBOX=${PROMETHEUS_MONITORING_PRIMARY_TARGETS_BLACKBOX} - - MONITORING_SECONDARY_TARGETS_BLACKBOX=${PROMETHEUS_MONITORING_SECONDARY_TARGETS_BLACKBOX} - context: ../.. - dockerfile: docker/prometheus/prometheus/Dockerfile - image: ${DOCKER_REPOSITORY}/prometheus:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_9090_CHECK_TCP=true - - SERVICE_9090_NAME=${COMPOSE_SERVICE_NAME}-prometheus-9090 - - SERVICE_9090_TAGS=${PROMETHEUS_SERVICE_9090_TAGS} - networks: - - private - - public - ports: - - 9090 - restart: always - volumes: - - prometheus:/prometheus - -volumes: - prometheus: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/rabbitmq/.env.dist b/stack/rabbitmq/.env.dist deleted file mode 100644 index 927e85a..0000000 --- a/stack/rabbitmq/.env.dist +++ /dev/null @@ -1 +0,0 @@ -RABBITMQ_SERVICE_15672_TAGS=urlprefix-rabbitmq.${APP_DOMAIN}/ diff --git a/stack/rabbitmq/rabbitmq.yml b/stack/rabbitmq/rabbitmq.yml deleted file mode 100644 index 4562a53..0000000 --- a/stack/rabbitmq/rabbitmq.yml +++ /dev/null @@ -1,35 +0,0 @@ -version: '3.6' - -services: - rabbitmq: - image: rabbitmq:management-alpine - labels: - - SERVICE_4369_IGNORE=true - - SERVICE_5671_IGNORE=true - - SERVICE_5672_CHECK_TCP=true - - SERVICE_5672_NAME=${COMPOSE_SERVICE_NAME}-rabbitmq-5672 - - SERVICE_15671_IGNORE=true - - SERVICE_15672_CHECK_HTTP=/ - - SERVICE_15672_NAME=${COMPOSE_SERVICE_NAME}-rabbitmq-15672 - - SERVICE_15672_TAGS=${RABBITMQ_SERVICE_15672_TAGS} - - SERVICE_25672_IGNORE=true - networks: - - private - - public - ports: - - 5672 - - 15672 - volumes: - - rabbitmq:/var/lib/rabbitmq - restart: always - -volumes: - rabbitmq: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/redis/redis.yml b/stack/redis/redis.yml deleted file mode 100644 index c84c567..0000000 --- a/stack/redis/redis.yml +++ /dev/null @@ -1,27 +0,0 @@ -version: '3.6' - -services: - redis: - image: redis:alpine - command: redis-server --appendonly yes - labels: - - SERVICE_6379_CHECK_TCP=true - - SERVICE_6379_NAME=${COMPOSE_SERVICE_NAME}-redis-6379 - networks: - - private - ports: - - 6379 - volumes: - - redis:/data - restart: always - -volumes: - redis: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/redmine/.env.dist b/stack/redmine/.env.dist deleted file mode 100644 index 9833da8..0000000 --- a/stack/redmine/.env.dist +++ /dev/null @@ -1,33 +0,0 @@ -REDMINE_DB_HOST=mysql -REDMINE_DB_NAME=redmine -REDMINE_DB_PASS=redmine -REDMINE_DB_USER=redmine -REDMINE_IMAP_ENABLED=false -REDMINE_IMAP_HOST=imap.gmail.com -REDMINE_IMAP_INTERVAL=30 -REDMINE_IMAP_USER=imap_user -REDMINE_IMAP_PASS=imap_pass -REDMINE_INCOMING_EMAIL_ALLOW_OVERRIDE=project,tracker,category,priority,status -REDMINE_INCOMING_EMAIL_PROJECT=incoming_email_project -REDMINE_FETCH_COMMITS=hourly -REDMINE_SECRET_TOKEN=redmine_secret_token -REDMINE_SERVICE_80_TAGS=urlprefix-redmine.${APP_DOMAIN}/ -REDMINE_SMTP_DOMAIN=redmine_smtp_domain -REDMINE_SMTP_USER=redmine_smtp_user -REDMINE_SMTP_PASS=redmine_smtp_pass -REDMINE3_DB_HOST=mysql -REDMINE3_DB_NAME=redmine3 -REDMINE3_DB_PASS=redmine -REDMINE3_DB_USER=redmine -REDMINE3_IMAP_ENABLED=false -REDMINE3_IMAP_HOST=imap.gmail.com -REDMINE3_IMAP_INTERVAL=30 -REDMINE3_IMAP_USER=imap_user -REDMINE3_IMAP_PASS=imap_pass -REDMINE3_INCOMING_EMAIL_ALLOW_OVERRIDE=project,tracker,category,priority,status -REDMINE3_INCOMING_EMAIL_PROJECT=incoming_email_project -REDMINE3_REDMINE_SECRET_TOKEN=redmine_secret_token -REDMINE3_SERVICE_80_TAGS=urlprefix-redmine3.${APP_DOMAIN}/ -REDMINE3_SMTP_DOMAIN=redmine_smtp_domain -REDMINE3_SMTP_USER=redmine_smtp_user -REDMINE3_SMTP_PASS=redmine_smtp_pass diff --git a/stack/redmine/redmine.3.4.yml b/stack/redmine/redmine.3.4.yml deleted file mode 100644 index d37e35f..0000000 --- a/stack/redmine/redmine.3.4.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - redmine3: - image: sameersbn/redmine:3.4.12 diff --git a/stack/redmine/redmine.4.0.yml b/stack/redmine/redmine.4.0.yml deleted file mode 100644 index 84d20e8..0000000 --- a/stack/redmine/redmine.4.0.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - redmine: - image: sameersbn/redmine:4.0.5 diff --git a/stack/redmine/redmine.latest.yml b/stack/redmine/redmine.latest.yml deleted file mode 100644 index 2c3d4d8..0000000 --- a/stack/redmine/redmine.latest.yml +++ /dev/null @@ -1,5 +0,0 @@ -version: '3.6' - -services: - redmine: - image: sameersbn/redmine:latest diff --git a/stack/redmine/redmine.yml b/stack/redmine/redmine.yml deleted file mode 100644 index 21b7f60..0000000 --- a/stack/redmine/redmine.yml +++ /dev/null @@ -1,47 +0,0 @@ -version: '3.6' - -services: - redmine: - environment: - - DB_ADAPTER=mysql2 - - DB_HOST=${REDMINE_DB_HOST} - - DB_NAME=${REDMINE_DB_NAME} - - DB_USER=${REDMINE_DB_USER} - - DB_PASS=${REDMINE_DB_PASS} - - IMAP_ENABLED=${REDMINE_IMAP_ENABLED} - - IMAP_HOST=${REDMINE_IMAP_HOST} - - IMAP_INTERVAL=${REDMINE_IMAP_INTERVAL} - - IMAP_USER=${REDMINE_IMAP_USER} - - IMAP_PASS=${REDMINE_IMAP_PASS} - - INCOMING_EMAIL_PROJECT=${REDMINE_INCOMING_EMAIL_PROJECT} - - INCOMING_EMAIL_ALLOW_OVERRIDE=${REDMINE_INCOMING_EMAIL_ALLOW_OVERRIDE} - - REDMINE_FETCH_COMMITS=${REDMINE_FETCH_COMMITS} - - REDMINE_SECRET_TOKEN=${REDMINE_SECRET_TOKEN} - - SMTP_DOMAIN=${REDMINE_SMTP_DOMAIN} - - SMTP_USER=${REDMINE_SMTP_USER} - - SMTP_PASS=${REDMINE_SMTP_PASS} - - TZ=Europe/Paris - labels: - - SERVICE_80_CHECK_TCP=true - - SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-redmine-80 - - SERVICE_80_TAGS=${REDMINE_SERVICE_80_TAGS} - - SERVICE_443_IGNORE=true - networks: - - private - - public - ports: - - 80 - restart: always - volumes: - - redmine:/home/redmine/data - -volumes: - redmine: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/redmine/redmine3.yml b/stack/redmine/redmine3.yml deleted file mode 100644 index 7a2a323..0000000 --- a/stack/redmine/redmine3.yml +++ /dev/null @@ -1,40 +0,0 @@ -version: '3.6' - -services: - redmine3: - image: sameersbn/redmine:3.4.12 - environment: - - DB_ADAPTER=mysql2 - - DB_HOST=${REDMINE3_DB_HOST} - - DB_NAME=${REDMINE3_DB_NAME} - - DB_USER=${REDMINE3_DB_USER} - - DB_PASS=${REDMINE3_DB_PASS} - - REDMINE_SECRET_TOKEN=${REDMINE3_REDMINE_SECRET_TOKEN} - - SMTP_DOMAIN=${REDMINE3_SMTP_DOMAIN} - - SMTP_USER=${REDMINE3_SMTP_USER} - - SMTP_PASS=${REDMINE3_SMTP_PASS} - - TZ=Europe/Paris - labels: - - SERVICE_80_CHECK_TCP=true - - SERVICE_80_NAME=${COMPOSE_SERVICE_NAME}-redmine3-80 - - SERVICE_80_TAGS=${REDMINE3_SERVICE_80_TAGS} - - SERVICE_443_IGNORE=true - networks: - - private - - public - ports: - - 80 - restart: always - volumes: - - redmine3:/home/redmine/data - -volumes: - redmine3: - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/sematext/logagent.yml b/stack/sematext/logagent.yml deleted file mode 100644 index 34fec26..0000000 --- a/stack/sematext/logagent.yml +++ /dev/null @@ -1,28 +0,0 @@ -version: '3.6' - -services: - logagent: - build: - args: - - DOCKER_BUILD_DIR=docker/sematext/logagent - - GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} - - GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} - context: ../.. - dockerfile: docker/sematext/logagent/Dockerfile - image: ${DOCKER_REPOSITORY}/logagent:${DOCKER_IMAGE_TAG} - environment: - - LOGAGENT_ARGS=-u 514 --docker /tmp/docker.sock --dockerEvents - - LOGS_RECEIVER_URL=${ELASTICSEARCH_PROTOCOL}://${ELASTICSEARCH_HOST}:${ELASTICSEARCH_PORT} - - LOGS_TOKEN=logs-YYYY.MM.DD - networks: - - private - ports: - - 514 - restart: always - volumes: - - /var/run/docker.sock:/tmp/docker.sock - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/stack/testing.mk b/stack/testing.mk deleted file mode 100644 index 4995e37..0000000 --- a/stack/testing.mk +++ /dev/null @@ -1 +0,0 @@ -testing ?= drone/drone drone/drone-runner-docker drone/gc diff --git a/stack/theia/.env.dist b/stack/theia/.env.dist deleted file mode 100644 index b2abfd5..0000000 --- a/stack/theia/.env.dist +++ /dev/null @@ -1,6 +0,0 @@ -RC_PROMPT_SET=false -RC_PS1_SET=true -RC_SCREEN_ATTACH=false -RC_SSH_ADD=false -RC_TMUX_ATTACH=false -THEIA_SERVICE_3000_TAGS=urlprefix-theia.${USER}.${APP_DOMAIN}/ diff --git a/stack/theia/theia.yml b/stack/theia/theia.yml deleted file mode 100644 index 209c332..0000000 --- a/stack/theia/theia.yml +++ /dev/null @@ -1,56 +0,0 @@ -version: '3.6' - -services: - theia: - build: - args: - - DOCKER_BUILD_DIR=docker/theia - - GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} - - GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} - - UID=${UID} - context: ../.. - dockerfile: docker/theia/Dockerfile - environment: - - ENV=${ENV} - - MONOREPO_DIR=${MONOREPO_DIR} - - RC_01_PS1_SET=${RC_PS1_SET} - - RC_02_PROMPT_SET=${RC_PROMPT_SET} - - RC_03_SSH_ADD=${RC_SSH_ADD} - - RC_04_TMUX_ATTACH=${RC_TMUX_ATTACH} - - RC_05_SCREEN_ATTACH=${RC_SCREEN_ATTACH} - - SHELL=${DOCKER_SHELL} - - SSH_AUTH_SOCK=/tmp/ssh-agent/socket - - WORKSPACE_DIR=/Sources - image: ${DOCKER_REPOSITORY}/theia:${DOCKER_IMAGE_TAG} - labels: - - SERVICE_3000_CHECK_TCP=true - - SERVICE_3000_NAME=${COMPOSE_SERVICE_NAME}-theia-3000 - - SERVICE_3000_TAGS=${THEIA_SERVICE_3000_TAGS} - networks: - - private - - public - restart: always - volumes: - - monorepo:/Sources:cached - - myos:/tmp/ssh-agent:ro - - /var/run/docker.sock:/var/run/docker.sock - -volumes: - monorepo: - driver: local - driver_opts: - type: none - device: ${MONOREPO_DIR} - o: bind - name: ${USER_COMPOSE_PROJECT_NAME} - myos: - external: true - name: ${USER_DOCKER_VOLUME} - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} - public: - external: true - name: ${DOCKER_NETWORK_PUBLIC} diff --git a/stack/x2go/.env.dist b/stack/x2go/.env.dist deleted file mode 100644 index eb4f999..0000000 --- a/stack/x2go/.env.dist +++ /dev/null @@ -1,5 +0,0 @@ -VDI_LANG=${LANG} -VDI_PORT=22 -VDI_TZ=UTC -VDI_USERS=${USER} -VDI_SUDOERS= diff --git a/stack/x2go/xfce_debian.yml b/stack/x2go/xfce_debian.yml deleted file mode 100644 index 3e1b90a..0000000 --- a/stack/x2go/xfce_debian.yml +++ /dev/null @@ -1,47 +0,0 @@ -version: '3.8' - -services: - vdi: - build: - args: - - DOCKER_BUILD_DIR=docker/x2go/xfce-debian - context: ../.. - dockerfile: docker/x2go/xfce-debian/Dockerfile - cap_add: - - IPC_LOCK # ecryptfs - - NET_ADMIN # iptables - - NET_RAW # iptables - - SYS_ADMIN # ecryptfs - environment: - - DEBUG=${VDI_DEBUG} - - ECRYPTERS=${VDI_ECRYPTERS} - - LANG=${VDI_LANG} - - SUDOERS=${VDI_SUDOERS} - - TZ=${VDI_TZ} - - USERS=${VDI_USERS} - ports: - - "${VDI_PORT}:22" - restart: unless-stopped - security_opt: - - apparmor=unconfined # ecryptfs - - seccomp=unconfined # ecryptfs - tty: true - volumes: - - vdi-home:/home:delegated - - vdi-shared:/shared:cached - - vdi-shm:/dev/shm:delegated - -volumes: - vdi-home: - vdi-shared: - driver: local - driver_opts: - type: none - device: /mnt/shared - o: bind - vdi-shm: - driver: local - driver_opts: - type: tmpfs - device: tmpfs - o: mode=1777,size=2147483648 # 2GB diff --git a/stack/zen.mk b/stack/zen.mk deleted file mode 100644 index e22d62f..0000000 --- a/stack/zen.mk +++ /dev/null @@ -1,14 +0,0 @@ -ifneq ($(filter zen,$(STACK)),) -ifeq ($(filter ipfs,$(STACK)),) -STACK += ipfs -endif -ifeq ($(filter node/ipfs,$(node)),) -node += node/ipfs -endif -endif - -.PHONY: bootstrap-stack-zen -bootstrap-stack-zen: ~/.zen - -~/.zen: - mkdir -p ~/.zen diff --git a/stack/zen/.env.dist b/stack/zen/.env.dist deleted file mode 100644 index 727520d..0000000 --- a/stack/zen/.env.dist +++ /dev/null @@ -1,7 +0,0 @@ -IPFS_API_HTTPHEADERS_ACA_CREDENTIALS=["true"] -IPFS_API_HTTPHEADERS_ACA_METHODS=["PUT", "GET", "POST"] -IPFS_API_HTTPHEADERS_ACA_ORIGIN=["http://astroport", "https://astroport.com", "https://qo-op.com", "https://tube.copylaradio.com" ] -IPFS_EXPERIMENTAL_LIBP2PSTREAMMOUNTING=true -IPFS_EXPERIMENTAL_P2PHTTPPROXY=true -IPFS_SWARM_CONNMGR_HIGHWATER=0 -IPFS_SWARM_CONNMGR_LOWWATER=0 diff --git a/stack/zen/zen.yml b/stack/zen/zen.yml deleted file mode 100644 index a08ebc0..0000000 --- a/stack/zen/zen.yml +++ /dev/null @@ -1,51 +0,0 @@ -version: '3.6' - -services: - zen: - build: - args: - - DOCKER_BUILD_DIR=docker/zen - - GID=${GID} - - GIT_AUTHOR_NAME=${GIT_AUTHOR_NAME} - - GIT_AUTHOR_EMAIL=${GIT_AUTHOR_EMAIL} - - IPFS_VERSION=${IPFS_VERSION} - - UID=${UID} - - USER=${USER} - context: ../.. - dockerfile: docker/zen/Dockerfile - depends_on: - - ipfs - environment: - - ENV=${ENV} - - SHELL=${DOCKER_SHELL} - - SSH_AUTH_SOCK=/tmp/ssh-agent/socket - image: ${DOCKER_REPOSITORY}/zen:${DOCKER_IMAGE_TAG} - networks: - - private - restart: always - user: ${UID}:${GID} - volumes: - - astroport:${HOME}/astroport:cached - - ipfs:${HOME}/.ipfs:cached,ro - - myos:/tmp/ssh-agent:ro - - zen:${HOME}/.zen:delegated - working_dir: ${HOME}/.zen - -volumes: - astroport: - ipfs: - external: true - myos: - external: true - name: ${USER_DOCKER_VOLUME} - zen: - driver: local - driver_opts: - type: none - device: ${HOME}/.zen - o: bind - -networks: - private: - external: true - name: ${DOCKER_NETWORK_PRIVATE} diff --git a/terraform/def.terraform.mk b/terraform/def.terraform.mk deleted file mode 100644 index 64fda60..0000000 --- a/terraform/def.terraform.mk +++ /dev/null @@ -1,5 +0,0 @@ -CMDS += terraform - -define terraform - $(RUN) $(call run,terraform $(1),hashicorp/) -endef diff --git a/terraform/terraform.mk b/terraform/terraform.mk deleted file mode 100644 index 54277e1..0000000 --- a/terraform/terraform.mk +++ /dev/null @@ -1,4 +0,0 @@ -.PHONY: terraform -terraform: - $(call terraform,$(ARGS)) -