Alpinize + Dockerize KanBoard

This commit is contained in:
Disassembler 2018-01-02 11:19:00 +01:00
parent 0e74e6541f
commit 70243a7ddc
17 changed files with 191 additions and 73 deletions

View File

@ -1,64 +1,38 @@
#!/bin/bash
#!/bin/sh
SOURCE_DIR=$(realpath $(dirname "${0}"))/kanboard
# Install dependencies for Kanboard
apt-get -y --no-install-recommends install php7.0-gd php7.0-fpm php7.0-mbstring php7.0-pgsql php7.0-zip
# Install Kanboard
wget https://github.com/kanboard/kanboard/releases/download/v1.0.47/kanboard-1.0.47.zip -O /srv/kanboard.zip
unzip /srv/kanboard.zip -d /srv
rm -f /srv/kanboard.zip
# Install plugins
git clone --depth=1 https://github.com/BlueTeck/kanboard_plugin_overwrite_translation /srv/kanboard/plugins/Overwrite_translation
git clone --depth=1 https://github.com/BlueTeck/kanboard_plugin_coverimage /srv/kanboard/plugins/Coverimage
git clone --depth=1 https://github.com/BlueTeck/kanboard_plugin_metadata /srv/kanboard/plugins/Metadata
git clone --depth=1 https://github.com/eSkiSo/Subtaskdate /srv/kanboard/plugins/Subtaskdate
git clone --depth=1 https://github.com/kanboard/plugin-budget /srv/kanboard/plugins/Budget
git clone --depth=1 https://github.com/kanboard/plugin-calendar /srv/kanboard/plugins/Calendar
git clone --depth=1 https://github.com/kanboard/plugin-chat /srv/kanboard/plugins/Chat
git clone --depth=1 https://github.com/kanboard/plugin-gantt /srv/kanboard/plugins/Gantt
git clone --depth=1 https://github.com/kanboard/plugin-gravatar /srv/kanboard/plugins/Gravatar
git clone --depth=1 https://github.com/kanboard/plugin-registration /srv/kanboard/plugins/Registration
git clone --depth=1 https://github.com/kanboard/plugin-sms-2fa /srv/kanboard/plugins/SmsTwoFactor
git clone --depth=1 https://github.com/kanboard/plugin-task-board-date /srv/kanboard/plugins/TaskBoardDate
git clone --depth=1 https://github.com/oliviermaridat/kanboard-milestone-plugin /srv/kanboard/plugins/Milestone
git clone --depth=1 https://github.com/xavividal/kanboard-plugin-relationgraph /srv/kanboard/plugins/Relationgraph
# Build Docker container
docker build -t kanboard ${SOURCE_DIR}
# Populate database
export KANBOARD_PWD=$(head -c 18 /dev/urandom | base64)
envsubst <${SOURCE_DIR}/tmp/kanboard-createdb.sql >/tmp/kanboard-createdb.sql
sudo -u postgres psql -f /tmp/kanboard-createdb.sql
rm -f /tmp/kanboard-createdb.sql
export PGPASSWORD=${KANBOARD_PWD}
psql -f /srv/kanboard/app/Schema/Sql/postgres.sql kanboard kanboard
unset PGPASSWORD
envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i postgres psql
docker run --rm kanboard cat /srv/kanboard/app/Schema/Sql/postgres.sql | docker exec -i -e PGPASSWORD=${KANBOARD_PWD} postgres psql kanboard kanboard
# Configure Kanboard
envsubst <${SOURCE_DIR}/srv/kanboard/config.php >/srv/kanboard/config.php
mkdir -p /srv/kanboard/conf
mkdir /srv/kanboard/data
envsubst <${SOURCE_DIR}/srv/kanboard/conf/config.php >/srv/kanboard/conf/config.php
export KANBOARD_ADMIN_USER=admin
export KANBOARD_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
export KANBOARD_ADMIN_HASH=$(php -r "echo password_hash('${KANBOARD_ADMIN_PWD}', PASSWORD_BCRYPT);")
envsubst <${SOURCE_DIR}/tmp/kanboard-adminpwd.sql >/tmp/kanboard-adminpwd.sql
sudo -u postgres psql -f /tmp/kanboard-adminpwd.sql kanboard
export KANBOARD_ADMIN_HASH=$(docker run --rm kanboard php -r "echo password_hash('${KANBOARD_ADMIN_PWD}', PASSWORD_BCRYPT);")
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql kanboard
chown 8009:8009 /srv/kanboard/data
# Create OS user
adduser --system --group --home /srv/kanboard --shell /bin/false kanboard
chown -R kanboard:www-data /srv/kanboard/
# Create KanBoard service
cp ${SOURCE_DIR}/etc/init.d/kanboard /etc/init.d/kanboard
rc-update add kanboard boot
service kanboard start
# Create PHP and nginx app definition
cp ${SOURCE_DIR}/etc/php/7.0/fpm/pool.d/kanboard.conf /etc/php/7.0/fpm/pool.d/kanboard.conf
cp ${SOURCE_DIR}/etc/nginx/apps-available/kanboard /etc/nginx/apps-available/kanboard
ln -s /etc/nginx/apps-available/kanboard /etc/nginx/apps-enabled/kanboard
# Restart services
systemctl restart php7.0-fpm
systemctl restart nginx
# Create nginx app definition
cp ${SOURCE_DIR}/etc/nginx/apps/kanboard /etc/nginx/apps/kanboard
cp ${SOURCE_DIR}/etc/nginx/conf.d/kanboard.conf /etc/nginx/conf.d/kanboard.conf
service nginx reload
# Install cron job
cp ${SOURCE_DIR}/etc/cron.d/kanboard /etc/cron.d/kanboard
cp ${SOURCE_DIR}/etc/periodic/daily/kanboard /etc/periodic/daily/kanboard
# Add portal application definition
portal-app-manager kanboard "/kanboard/" "${KANBOARD_ADMIN_USER}" "${KANBOARD_ADMIN_PWD}"
portal-app-manager kanboard "https://{host}:8409/" "${KANBOARD_ADMIN_USER}" "${KANBOARD_ADMIN_PWD}"
portal-app-manager kanboard-mobile

46
kanboard/Dockerfile Normal file
View File

@ -0,0 +1,46 @@
FROM alpine:3.7
MAINTAINER Disassembler <disassembler@dasm.cz>
RUN \
# Install PHP runtime
apk --no-cache add nginx php7-fpm s6
COPY docker/ /
RUN \
# Install runtime dependencies
apk --no-cache add php7 php7-ctype php7-dom php7-gd php7-iconv php7-json php7-mbstring php7-mcrypt php7-opcache php7-openssl php7-pdo_pgsql php7-posix php7-session php7-simplexml php7-sockets php7-xml php7-zip php7-zlib
RUN \
# Install build dependencies
apk --no-cache add --virtual .deps git unzip \
# Download KanBoard
&& wget https://github.com/kanboard/kanboard/archive/v1.2.0.zip -O /srv/kanboard.zip \
&& unzip /srv/kanboard.zip -d /srv \
&& mv /srv/kanboard-1.2.0 /srv/kanboard \
&& rm -f /srv/kanboard.zip \
# Install plugins
&& git clone --depth=1 https://github.com/BlueTeck/kanboard_plugin_overwrite_translation /srv/kanboard/plugins/Overwrite_translation \
&& git clone --depth=1 https://github.com/BlueTeck/kanboard_plugin_coverimage /srv/kanboard/plugins/Coverimage \
&& git clone --depth=1 https://github.com/BlueTeck/kanboard_plugin_metadata /srv/kanboard/plugins/Metadata \
&& git clone --depth=1 https://github.com/eSkiSo/Subtaskdate /srv/kanboard/plugins/Subtaskdate \
&& git clone --depth=1 https://github.com/kanboard/plugin-budget /srv/kanboard/plugins/Budget \
&& git clone --depth=1 https://github.com/kanboard/plugin-calendar /srv/kanboard/plugins/Calendar \
&& git clone --depth=1 https://github.com/kanboard/plugin-chat /srv/kanboard/plugins/Chat \
&& git clone --depth=1 https://github.com/kanboard/plugin-gantt /srv/kanboard/plugins/Gantt \
&& git clone --depth=1 https://github.com/kanboard/plugin-gravatar /srv/kanboard/plugins/Gravatar \
&& git clone --depth=1 https://github.com/kanboard/plugin-registration /srv/kanboard/plugins/Registration \
&& git clone --depth=1 https://github.com/kanboard/plugin-sms-2fa /srv/kanboard/plugins/SmsTwoFactor \
&& git clone --depth=1 https://github.com/kanboard/plugin-task-board-date /srv/kanboard/plugins/TaskBoardDate \
&& git clone --depth=1 https://github.com/oliviermaridat/kanboard-milestone-plugin /srv/kanboard/plugins/Milestone \
&& git clone --depth=1 https://github.com/xavividal/kanboard-plugin-relationgraph /srv/kanboard/plugins/Relationgraph \
# Cleanup
&& apk del .deps \
&& find /srv/kanboard -name '.git*' -exec rm -rf {} + \
&& rm -rf /root \
&& mkdir /root
VOLUME ["/srv/kanboard/app/data"]
EXPOSE 8009
CMD ["s6-svscan", "/etc/services.d"]

View File

@ -0,0 +1,61 @@
user nginx;
pid /run/nginx.pid;
worker_processes 1;
error_log /dev/stderr warn;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
access_log off;
server_tokens off;
client_max_body_size 100m;
keepalive_timeout 65;
sendfile on;
tcp_nodelay on;
server {
listen 8009;
server_name localhost;
root /srv/kanboard;
index index.php;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/kanboard.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
location ~* ^.+\.(log|sqlite)$ {
return 404;
}
location ~ /\.ht {
return 404;
}
location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
log_not_found off;
expires 7d;
etag on;
}
gzip on;
gzip_comp_level 3;
gzip_disable "msie6";
gzip_vary on;
gzip_types text/javascript application/javascript application/json text/xml application/xml application/rss+xml text/css text/plain;
}
}

View File

@ -0,0 +1,13 @@
[global]
error_log = /proc/self/fd/2
daemonize = no
[kanboard]
catch_workers_output = yes
user = nginx
group = nginx
listen.owner = nginx
listen.group = nginx
listen = /var/run/kanboard.sock
pm = ondemand
pm.max_children = 8

View File

@ -0,0 +1,3 @@
#!/bin/sh
/bin/true

View File

@ -0,0 +1,3 @@
#!/bin/execlineb -P
nginx -g "daemon off;"

View File

@ -0,0 +1,3 @@
#!/bin/execlineb -P
php-fpm7 -F

View File

@ -1 +0,0 @@
0 8 * * * kanboard /srv/kanboard/cli cronjob >/dev/null

17
kanboard/etc/init.d/kanboard Executable file
View File

@ -0,0 +1,17 @@
#!/sbin/openrc-run
description="KanBoard docker container"
depend() {
need docker net
use dns logger netmount
after postgres
}
start() {
/usr/bin/docker run -d --rm --name kanboard --link=postgres -p 127.0.0.1:9009:8009 -v /srv/kanboard/data:/srv/kanboard/app/data -v /srv/kanboard/conf/config.php:/srv/kanboard/config.php kanboard
}
stop() {
/usr/bin/docker stop kanboard
}

View File

@ -1,12 +0,0 @@
location /kanboard {
alias /srv/kanboard;
index index.php;
try_files = $uri $uri/ /kanboard/index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SERVER_NAME $http_host;
fastcgi_pass unix:/run/php/kanboard.sock;
}
}

View File

@ -0,0 +1,9 @@
access_log /var/log/nginx/kanboard.access.log;
error_log /var/log/nginx/kanboard.error.log;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:9009;
}

View File

@ -0,0 +1,11 @@
server {
listen 8009;
listen [::]:8009;
include apps/kanboard;
}
server {
listen 8409 ssl http2;
listen [::]:8409 ssl http2;
include apps/kanboard;
}

View File

@ -0,0 +1,3 @@
#!/bin/sh
docker exec kanboard /srv/kanboard/cli cronjob >/dev/null

View File

@ -1,12 +0,0 @@
[kanboard]
user = kanboard
group = kanboard
listen = /run/php/kanboard.sock
listen.owner = www-data
listen.group = www-data
pm = ondemand
pm.max_children = 8
php_admin_value[open_basedir] = /srv/kanboard:/tmp

View File

@ -68,7 +68,7 @@ define('DB_USERNAME', 'kanboard');
define('DB_PASSWORD', '${KANBOARD_PWD}');
// Mysql/Postgres hostname
define('DB_HOSTNAME', 'localhost');
define('DB_HOSTNAME', 'postgres');
// Mysql/Postgres database name
define('DB_NAME', 'kanboard');