Merge branch 'refs/heads/master' into uvicorn

# Conflicts:
#	dockerfiles/workspace/.shell-aliases

.env.example

@@ -2,6 +2,13 @@
 DOCKER_HOST_IP=172.20.0.1
 PROJECTS_DIR=/home/youruser/PhpstormProjects
 
+# All options below dramastically need defined in docker-compose.*.yml
+
+### PHP COMMON #############################################
+INSTALL_REDIS=true
+INSTALL_PEAR_MAIL=true
+INSTALL_LIBREOFFICE=true
+
 ### WORKSPACE #############################################
 WORKSPACE_PUID=1000
 WORKSPACE_PGID=1000
@@ -15,9 +22,10 @@ WORKSPACE_NODE_VERSION=lts/hydrogen
 WORKSPACE_PHP_OPT_MAX_EXECUTION_TIME=0
 WORKSPACE_PHP_OPT_MEMORY_LIMIT=-1
 
+WORKSPACE_INSTALL_SUPERVISOR=false
+WORKSPACE_INSTALL_PYTHON=false
+
 ### PHP-FPM #############################################
-INSTALL_REDIS=true
-INSTALL_PEAR_MAIL=true
 PHP_OPT_SHORT_OPEN_TAG=Off
 PHP_OPT_MAX_EXECUTION_TIME=600
 PHP_OPT_MEMORY_LIMIT=256M

bash/nginx-ssl-gen.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+DIR="$(realpath $(dirname "$(readlink -f "$0")")/..)"
+
+cd ${DIR}/config/nginx/ssl.d && \
+  openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj \
+  "/C=XX/ST=RU/L=RU/O=WPS/OU=Dev/CN=test"

config/dnsmasq/.gitignore

@@ -0,0 +1,3 @@
+*
+!.gitignore
+!.example

config/dnsmasq/dnsmasq.conf.example

@@ -6,4 +6,4 @@ no-resolv
 server=8.8.4.4
 server=8.8.8.8
 #explicitly define host-ip mappings
-address=/homerealestate.cz/144.76.56.24
+address=/domain/ip

config/mariadb/90-mysqld.cnf.example

@@ -0,0 +1,3 @@
+[mysqld]
+explicit_defaults_for_timestamp = ON
+default_time_zone = '+03:00'

config/mariadb/root-account.cnf.example

@@ -0,0 +1,3 @@
+[client]
+user  = root
+password = 123456

config/nginx/conf.d/vhosts.conf.example

@@ -35,6 +35,7 @@ server {
     include includes.d/octobercms.conf;
     include includes.d/staticfiles.conf;
     client_max_body_size 300M;
+    large_client_header_buffers 4 32k;
     location ~ ^/index.php {
         fastcgi_pass php81;
         include fastcgi_params;

config/nginx/conf.d/z-directus.conf.example

@@ -0,0 +1,18 @@
+map $http_host $directus {
+    directus-mi.local.wpstudio.ru directus-mi;
+}
+
+server {
+    listen 80;
+    server_name
+        directus-mi.local.wpstudio.ru
+    ;
+    location / {
+        resolver 127.0.0.11;
+        proxy_pass http://$directus:8055;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+    }
+}

config/nginx/conf.d/z-nodejs.conf.example

@@ -16,5 +16,8 @@ server {
         proxy_set_header Connection 'upgrade';
         proxy_set_header Host $host;
         proxy_cache_bypass $http_upgrade;
+        proxy_buffer_size 16k;
+        proxy_buffers 8 16k;
+        proxy_busy_buffers_size 32k;
     }
 }

config/nginx/conf.d/z-python.conf.example

@@ -0,0 +1,32 @@
+map $http_host $python_upstream {
+    someproject.local.wpstudio.ru http://workspace74:8000;
+}
+
+map $http_host $python_root {
+    someproject.local.wpstudio.ru /usr/share/nginx/python/someproject;
+}
+
+server {
+    listen 80;
+    server_name
+        someproject.local.wpstudio.ru
+    ;
+
+    location / {
+        resolver 127.0.0.11;
+        proxy_pass $python_upstream;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+    }
+
+    root $python_root;
+
+    location ~ /media {
+        expires max;
+    }
+
+    location ~ /static {
+        expires max;
+    }
+}

config/nginx/includes.d/https.conf

@@ -0,0 +1,14 @@
+error_page 419 = @https;
+set $is_https "0";
+if ( $scheme ~* "^https") {
+    set $is_https "${is_https}1";
+}
+if ( $request_uri ~* "api/v") {
+    set $is_https "${is_https}1";
+}
+if ( $is_https = "0" ) {
+    return 419;
+}
+location @https {
+    rewrite ^ https://$http_host$request_uri permanent;
+}

config/nginx/includes.d/octobercms.conf

@@ -1,4 +1,3 @@
-
 location / {
     rewrite ^/.*$ /index.php last;
 }
@@ -8,14 +7,24 @@
 }
 
 # Whitelist
+
 ## Let October handle if static file not exists
+
 location = /favicon.ico { try_files $uri /index.php; }
 location ~ ^/.*\.xml { try_files $uri /index.php; }
 location = /robots.txt { try_files $uri /index.php; }
 location = /humans.txt { try_files $uri /index.php; }
 
 ## Let nginx return 404 if static file not exists
-    location /storage/app/uploads/public { try_files $uri /404; }
+
+location /storage/app/uploads/public {
+    # add proxy cors headers
+    add_header Access-Control-Allow-Headers "*" always;
+    add_header Access-Control-Allow-Methods "*" always;
+    add_header Access-Control-Allow-Origin  "*" always;
+    try_files $uri /404;
+}
+
 location /storage/app/media { try_files $uri /404; }
 location /storage/app/yml { try_files $uri /404; }
 location /storage/app/docx { try_files $uri /404; }

config/nginx/ssl.d/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

config/supervisor/.gitignore

@@ -0,0 +1,3 @@
+*
+!*.example
+!.gitignore

config/supervisor/uvicorn.conf.example

@@ -0,0 +1,9 @@
+[fcgi-program:uvicorn]
+process_name=uvicorn-tourtennis-%(process_num)d
+socket=tcp://localhost:8000
+command=/var/python/tourtennis/.venv/bin/uvicorn --fd 0 main:App
+autostart=true
+autorestart=true
+numprocs=1
+user=laradock
+redirect_stderr=true

docker-compose.base.yml

@@ -6,15 +6,18 @@ services:
       - ${PROJECTS_DIR}:/usr/share/nginx/html
       - ./config/nginx/conf.d:/etc/nginx/conf.d
       - ./config/nginx/includes.d:/etc/nginx/includes.d
+      - ./config/nginx/ssl.d:/etc/nginx/ssl.d
       - ./log/nginx:/var/log/nginx
     ports:
       - "80:80"
+      - "443:443"
   php:
     build:
       context: ./dockerfiles/php-fpm
       args:
         - INSTALL_REDIS=${INSTALL_REDIS}
         - INSTALL_PEAR_MAIL=${INSTALL_PEAR_MAIL}
+        - INSTALL_LIBREOFFICE=${INSTALL_LIBREOFFICE}
         - PHP_OPT_SHORT_OPEN_TAG=${PHP_OPT_SHORT_OPEN_TAG}
         - PHP_OPT_MAX_EXECUTION_TIME=${PHP_OPT_MAX_EXECUTION_TIME}
         - PHP_OPT_MEMORY_LIMIT=${PHP_OPT_MEMORY_LIMIT}
@@ -28,15 +31,21 @@ services:
     build:
       context: ./dockerfiles/workspace
       args:
+        - INSTALL_REDIS=${INSTALL_REDIS}
+        - INSTALL_PEAR_MAIL=${INSTALL_PEAR_MAIL}
+        - INSTALL_LIBREOFFICE=${INSTALL_LIBREOFFICE}
         - CUSTOM_PUID=${WORKSPACE_PUID}
         - CUSTOM_PGID=${WORKSPACE_PGID}
         - CUSTOM_TZ=${WORKSPACE_TIMEZONE}
         - PHP_OPT_SHORT_OPEN_TAG=${PHP_OPT_SHORT_OPEN_TAG}
         - PHP_OPT_MAX_EXECUTION_TIME=${WORKSPACE_PHP_OPT_MAX_EXECUTION_TIME}
         - PHP_OPT_MEMORY_LIMIT=${WORKSPACE_PHP_OPT_MEMORY_LIMIT}
+        - INSTALL_SUPERVISOR=${WORKSPACE_INSTALL_SUPERVISOR}
+        - INSTALL_PYTHON=${WORKSPACE_INSTALL_PYTHON}
     restart: always
     volumes:
       - ${PROJECTS_DIR}:/var/www
+      - ./config/supervisor:/etc/supervisor/conf.d
     extra_hosts:
       - "dockerhost:${DOCKER_HOST_IP}"
     secrets:
@@ -53,6 +62,8 @@ services:
       - ./hostfiles:/hostfiles
       - ./log/mariadb:/var/log/mariadb
       - ./config/mariadb:/etc/mysql/conf.d
+    security_opt:
+      - seccomp=unconfined
   pma:
     image: phpmyadmin/phpmyadmin
     restart: always
@@ -63,6 +74,8 @@ services:
   inbucket:
     image: inbucket/inbucket
     restart: always
+    expose:
+      - 2500
   redis:
     image: redis
     restart: always

docker-compose.directus.yml.example

@@ -0,0 +1,42 @@
+services:
+    directus-mi:
+        image: directus/directus:11.1.0
+        ports:
+            - 8055:8055
+        volumes:
+            - ./data/directus/mi/uploads:/directus/uploads
+            - ./data/directus/mi/extensions:/directus/extensions
+        depends_on:
+            - db
+            - redis-mi
+        environment:
+            KEY: ""
+            SECRET: ""
+
+            DB_CLIENT: "mysql"
+            DB_HOST: "db"
+            DB_PORT: "3306"
+            DB_DATABASE: "directus"
+            DB_USER: "directus"
+            DB_PASSWORD: "directus"
+
+            CACHE_ENABLED: "true"
+            CACHE_AUTO_PURGE: "true"
+            CACHE_STORE: "redis"
+            REDIS: "redis://redis-mi:6379"
+
+            CACHE_TTL: 1d
+
+            ADMIN_EMAIL: "info@wpstudio.ru"
+            ADMIN_PASSWORD: ""
+
+            TELEMETRY: false
+            ACCESS_TOKEN_TTL: 15m
+            REFRESH_TOKEN_TTL: 7d
+            LOG_LEVEL: debug
+            FLOWS_EXEC_ALLOWED_MODULES: "array:@elastic/elasticsearch"
+            WEBSOCKETS_ENABLED: true
+
+            # Make sure to set this in production
+            # (see https://docs.directus.io/self-hosted/config-options#general)
+            # PUBLIC_URL: "https://directus.example.com"

docker-compose.yml.example

@@ -55,10 +55,22 @@ services:
     extends:
       file: docker-compose.base.yml
       service: pma
+    ports:
+      - "81:80"
   inbucket:
     extends:
       file: docker-compose.base.yml
       service: inbucket
+    ports:
+      - "82:9000"
+  dnsmasq:
+    restart: always
+    build:
+      context: ./dockerfiles/dnsmasq
+    volumes:
+      - ./config/dnsmasq/dnsmasq.conf:/etc/dnsmasq.conf
+    cap_add:
+      - NET_ADMIN # @see https://man7.org/linux/man-pages/man7/capabilities.7.html
 
 volumes:
   database:

dockerfiles/dnsmasq/Dockerfile

@@ -0,0 +1,9 @@
+FROM alpine:latest
+
+# @see https://github.com/mcmar/docker-dnsmasq
+
+RUN apk --no-cache add dnsmasq
+
+EXPOSE 53/tcp 53/udp 67/udp
+
+CMD ["dnsmasq", "-k"]

dockerfiles/php-fpm/php81.Dockerfile

@@ -33,6 +33,20 @@ RUN if [ ${INSTALL_PEAR_MAIL} = true ]; then \
 COPY ./xdebug3/xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini
 
 ###########################################################################
+# Libreoffice
+###########################################################################
+
+ARG INSTALL_LIBREOFFICE=false
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN if [ ${INSTALL_LIBREOFFICE} = true ]; then \
+    apt-get update \
+    && apt-get install -y libreoffice-nogui --no-install-recommends \
+    && apt-get clean \
+;fi
+
+###########################################################################
 # Tune opts:
 ###########################################################################
 

dockerfiles/php-fpm/php82.Dockerfile

@@ -50,3 +50,9 @@ RUN sed -i "s/^post_max_size = .*/post_max_size = $PHP_OPT_POST_MAX_SIZE/g" "$PH
 
 ARG PHP_OPT_UPLOAD_MAX_FILESIZE=16M
 RUN sed -i "s/^upload_max_filesize = .*/upload_max_filesize = $PHP_OPT_UPLOAD_MAX_FILESIZE/g" "$PHP_INI_DIR/php.ini"
+
+###########################################################################
+# Libreoffice:
+###########################################################################
+
+RUN apt-get update && apt-get install -y libreoffice-nogui --no-install-recommends && apt-get clean

dockerfiles/workspace/.bash_aliases.example

@@ -0,0 +1,6 @@
+alias gst='git status'
+alias ga='git add'
+alias gc='git commit -m'
+alias gush='git push'
+alias gull='git pull'
+alias gb='git branch'

dockerfiles/workspace/.gitignore

@@ -1,2 +1,3 @@
-/aliases.sh
+/.bash_*
+!/.bash_.example
 /crontab

dockerfiles/workspace/aliases.sh.example

@@ -1,30 +0,0 @@
-#! /bin/bash
-
-# Colors used for status updates
-ESC_SEQ="\x1b["
-COL_RESET=$ESC_SEQ"39;49;00m"
-COL_RED=$ESC_SEQ"31;01m"
-COL_GREEN=$ESC_SEQ"32;01m"
-COL_YELLOW=$ESC_SEQ"33;01m"
-COL_BLUE=$ESC_SEQ"34;01m"
-COL_MAGENTA=$ESC_SEQ"35;01m"
-COL_CYAN=$ESC_SEQ"36;01m"
-
-# Detect which `ls` flavor is in use
-if ls --color > /dev/null 2>&1; then # GNU `ls`
-	colorflag="--color"
-	export LS_COLORS='no=00:fi=00:di=01;31:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.ogg=01;35:*.mp3=01;35:*.wav=01;35:'
-else # macOS `ls`
-	colorflag="-G"
-	export LSCOLORS='BxBxhxDxfxhxhxhxhxcxcx'
-fi
-
-# Always use color output for `ls`
-alias ls="command ls ${colorflag}"
-
-alias gst='git status'
-alias ga='git add'
-alias gc='git commit -m'
-alias gush='git push'
-alias gull='git pull'
-alias gb='git branch'

dockerfiles/workspace/workspace74.Dockerfile

@@ -71,17 +71,72 @@ RUN composer self-update # Need for correctly update to actual old branch
 RUN composer self-update --${COMPOSER_VERSION}
 
 ###########################################################################
-# Laradock Aliases
+# YADM
 ###########################################################################
 
+USER root
+
+SHELL ["/bin/bash", "-c"]
+
+# once please
+RUN apt update
+
+RUN apt install -y direnv yadm
+RUN curl -sS https://starship.rs/install.sh | sh -s -- -f
+
 USER laradock
 
-COPY ./aliases.sh /home/laradock/aliases.sh
+RUN yadm clone --bootstrap https://vcs.wpstudio.ru/gitea/dotfiles.git
 
-RUN echo "" >> ~/.bashrc && \
-    echo "# Load Custom Aliases" >> ~/.bashrc && \
-    echo "source ~/aliases.sh" >> ~/.bashrc && \
-	echo "" >> ~/.bashrc
+RUN sed -i 's/#/\\$/g' ${HOME}/.config/starship.toml
+
+###########################################################################
+# SUPERVISOR:
+###########################################################################
+
+USER root
+
+ARG INSTALL_SUPERVISOR=false
+
+RUN if [ ${INSTALL_SUPERVISOR} = true ]; then \
+    apt install -y supervisor \
+;fi
+
+RUN apt install -y liblzma-dev libbz2-dev libffi-dev libreadline-dev
+
+USER laradock
+
+RUN curl https://pyenv.run | bash
+
+RUN echo '' >> ~/.shell-env.local && \
+    echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.shell-env.local && \
+    echo '[[ -d $PYENV_ROOT/bin ]] && export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.shell-env.local && \
+    echo 'eval "$(pyenv init -)"' >> ~/.shell-env.local && \
+    echo '' >> ~/.shell-env.local && \
+    echo 'eval "$(pyenv virtualenv-init -)"' >> ~/.shell-env.local && \
+	echo '' >> ~/.shell-env.local
+
+RUN $HOME/.pyenv/bin/pyenv install 3.9
+
+ARG INSTALL_PYTHON=false
+
+RUN if [ ${INSTALL_PYTHON} = true ]; then \
+    export PYENV_VERSION=3.9 && \
+    python -m pip install uvicorn \
+;fi
+
+RUN if [ false = true ]; then \
+    export PYENV_VERSION=3.9 && \
+    python -m pip install uvicorn && \
+    python -m pip install --upgrade supervisor && \
+    echo_supervisord_conf > /etc/supervisord.conf && \
+    sed -i 's/\;\[include\]/\[include\]/g' /etc/supervisord.conf && \
+    sed -i 's/\;files\s.*/files = supervisord.d\/*.conf/g' /etc/supervisord.conf \
+;fi
+
+USER root
+
+RUN apt install -y htop
 
 ###########################################################################
 # Tune opts:
@@ -104,6 +159,13 @@ RUN sed -i "s/^memory_limit = .*/memory_limit = $PHP_OPT_MEMORY_LIMIT/g" /etc/ph
 
 USER root
 
+# Clean up
+RUN apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
 COPY ./crontab /etc/cron.d
 
 RUN chmod -R 644 /etc/cron.d
+
+
+#ENTRYPOINT ["/bin/bash","-c","service supervisor start"]

dockerfiles/workspace/workspace81.Dockerfile

@@ -28,10 +28,29 @@ RUN ln -snf /usr/share/zoneinfo/$CUSTOM_TZ /etc/localtime && echo $CUSTOM_TZ > /
 # Additional PHP-extensions:
 ###########################################################################
 
-#RUN pecl install igbinary && pecl install -a redis
-RUN pecl install -a redis
+ARG INSTALL_REDIS=false
 
-RUN echo "extension=redis.so" > /etc/php/${PHP_VERSION}/cli/conf.d/20-redis.ini
+#RUN pecl install igbinary
+
+RUN if [ ${INSTALL_REDIS} = true ]; then \
+    pecl install -a redis \
+    echo "extension=redis.so" > /etc/php/${PHP_VERSION}/cli/conf.d/20-redis.ini \
+;fi
+
+###########################################################################
+# Libreoffice
+###########################################################################
+
+ARG INSTALL_LIBREOFFICE=false
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN if [ ${INSTALL_LIBREOFFICE} = true ]; then \
+    add-apt-repository ppa:libreoffice/ppa \
+    && apt update \
+    && apt install libreoffice-nogui -y --no-install-recommends \
+    && apt clean \
+;fi
 
 ###########################################################################
 # S3 config

dockerfiles/workspace/workspace82.Dockerfile

@@ -106,3 +106,10 @@ USER root
 COPY ./crontab /etc/cron.d
 
 RUN chmod -R 644 /etc/cron.d
+
+###########################################################################
+# Libreoffice:
+###########################################################################
+
+ARG DEBIAN_FRONTEND=noninteractive
+RUN add-apt-repository ppa:libreoffice/ppa && apt update && apt install libreoffice-nogui -y --no-install-recommends && apt clean

src/dockerfiles/php-fpm/php81.Dockerfile

@@ -1,4 +1,5 @@
 # syntax = edrevo/dockerfile-plus
+# https://github.com/docker-library/php/blob/52062af5056d0cd91fa5ded64fad8f9c82847b49/8.1/bookworm/fpm/Dockerfile
 FROM php:8.1-fpm
 
 INCLUDE+ ./php.base.Dockerfile

src/dockerfiles/workspace/workspace.base.Dockerfile

@@ -74,7 +74,7 @@ RUN sed -i 's/\r//' /root/aliases.sh && \
     echo "" >> ~/.bashrc && \
     echo "# Load Custom Aliases" >> ~/.bashrc && \
     echo "source ~/aliases.sh" >> ~/.bashrc && \
-	echo "" >> ~/.bashrc \
+	echo "" >> ~/.bashrc
 
 ###########################################################################
 # ssh: