mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-11-21 04:26:39 +00:00
Kevin Veen-Birkenbach
493d5bbbda
- added new file roles/web-app-shopware/files/framework.yaml defining trusted_proxies and trusted_headers for Symfony - mounted framework.yaml into /var/www/html/config/packages/ in docker-compose - exposed new role vars SHOPWARE_FRAMEWORK_HOST/DOCKER for mounting path - rendered framework.yaml via Ansible copy task with proper permissions - adjusted env.j2 to set TRUSTED_PROXIES and TRUSTED_HOSTS dynamically from domains and networks - added SHOPWARE_DOMAIN var to vars/main.yml - removed inline framework.yaml creation from Dockerfile (now managed via mount) - updated proxy template (html.conf.j2) to include X-Forwarded-Ssl header - improved init.sh permission handling for shared volumes See ChatGPT conversation for implementation details and rationale: https://chatgpt.com/share/690d4fe7-2830-800f-8b6d-b868e7fe0e97
81 lines
3.0 KiB
Django/Jinja
81 lines
3.0 KiB
Django/Jinja
# ------------------------------------------------------------------------------
|
|
# Shopware Application Image (Alpine-compatible)
|
|
# ------------------------------------------------------------------------------
|
|
# - Stage 1 (builder): use Composer to fetch Shopware while ignoring build-time
|
|
# PHP extensions (we'll install them in the runtime image).
|
|
# - Stage 2 (runtime): install required PHP extensions and copy the app + init.sh
|
|
# ------------------------------------------------------------------------------
|
|
|
|
############################
|
|
# Stage 1: Builder
|
|
############################
|
|
FROM composer:2.7 AS builder
|
|
ENV COMPOSER_ALLOW_SUPERUSER=1 \
|
|
COMPOSER_NO_INTERACTION=1 \
|
|
COMPOSER_PROCESS_TIMEOUT=900
|
|
|
|
WORKDIR /app
|
|
ARG SHOPWARE_PROD_VERSION=shopware/production:6.7.3.1
|
|
|
|
# 1) Scaffold project without installing dependencies
|
|
RUN set -eux; \
|
|
composer create-project "${SHOPWARE_PROD_VERSION}" /app --no-install
|
|
|
|
# 2) Install dependencies (ignoring build-time extension checks) + add Redis transport
|
|
RUN set -eux; \
|
|
composer install \
|
|
--no-dev \
|
|
--optimize-autoloader \
|
|
--no-progress \
|
|
--no-scripts \
|
|
--ignore-platform-req=ext-gd \
|
|
--ignore-platform-req=ext-intl \
|
|
--ignore-platform-req=ext-pdo_mysql; \
|
|
composer require symfony/redis-messenger:^6.4 \
|
|
-W \
|
|
--no-scripts \
|
|
--no-progress \
|
|
--update-no-dev \
|
|
--ignore-platform-req=ext-gd \
|
|
--ignore-platform-req=ext-intl \
|
|
--ignore-platform-req=ext-pdo_mysql \
|
|
--ignore-platform-req=ext-redis
|
|
|
|
|
|
############################
|
|
# Stage 2: Runtime
|
|
############################
|
|
FROM ghcr.io/shopware/docker-base:8.3
|
|
WORKDIR /var/www/html
|
|
|
|
# Install required PHP extensions in the Alpine-based runtime
|
|
# (try php83-*, fall back to php82-*, then to generic)
|
|
USER root
|
|
RUN set -eux; \
|
|
apk add --no-cache php83-gd || apk add --no-cache php82-gd || apk add --no-cache php-gd || true; \
|
|
apk add --no-cache php83-intl || apk add --no-cache php82-intl || apk add --no-cache php-intl || true; \
|
|
apk add --no-cache php83-pdo_mysql || apk add --no-cache php82-pdo_mysql || apk add --no-cache php-pdo_mysql || true; \
|
|
apk add --no-cache php83-redis || apk add --no-cache php82-redis || apk add --no-cache php-redis || true
|
|
|
|
# Copy built application from the builder
|
|
COPY --chown=www-data:www-data --from=builder /app /var/www/html
|
|
|
|
# Optional: snapshot of pristine app to seed an empty volume (used by init container)
|
|
RUN mkdir -p /usr/src/shopware \
|
|
&& cp -a /var/www/html/. /usr/src/shopware/. \
|
|
&& chown -R www-data:www-data /var/www/html /usr/src/shopware
|
|
|
|
# Ensure writable directories exist with correct ownership
|
|
RUN set -eux; \
|
|
mkdir -p \
|
|
/var/www/html/files \
|
|
/var/www/html/var \
|
|
/var/www/html/public/media \
|
|
/var/www/html/public/thumbnail \
|
|
/var/www/html/public/sitemap \
|
|
/var/www/html/public/theme; \
|
|
chown -R www-data:www-data /var/www/html
|
|
|
|
# Drop back to the app user
|
|
USER www-data
|