Merge pull request #694 from benbrummer/debian

Fix for reap logging

debian/Dockerfile

@@ -1,5 +1,25 @@
-FROM php:8.3-fpm AS base
+ARG PHP=8.3
 
+FROM php:${PHP}-fpm AS prepare-app
+
+USER www-data
+
+RUN curl -s "https://api.github.com/repos/invoiceninja/invoiceninja/releases/latest" | \
+    grep -o '"browser_download_url": "[^"]*invoiceninja.tar.gz"' | \
+    cut -d '"' -f 4 | \
+    xargs curl -sL | \
+    tar -xz --strip-components=1 -C /var/www/html \
+    && ln -s /var/www/html/resources/views/react/index.blade.php /var/www/html/public/index.html \
+    && php -d opcache.preload='' artisan storage:link \
+    # Workaround for application updates
+    && mv /var/www/html/public /tmp/public
+
+# ==================
+# InvoiceNinja image
+# ==================
+FROM php:${PHP}-fpm
+
+# PHP modules
 ARG php_require="bcmath gd pdo_mysql zip"
 ARG php_suggest="exif imagick intl pcntl soap saxon-12.5.0"
 ARG php_extra="opcache"
@@ -16,15 +36,15 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     xfonts-wqy \
     # Install google-chrome-stable(amd64)/chromium(arm64)
     && if [ "$(dpkg --print-architecture)" = "amd64" ]; then \
-        mkdir -p /etc/apt/keyrings \
-        && curl -fsSL https://dl.google.com/linux/linux_signing_key.pub | \
-            gpg --dearmor -o /etc/apt/keyrings/google.gpg \
-        && echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/google.gpg] https://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \
-        && apt-get update \
-        && apt-get install -y --no-install-recommends google-chrome-stable; \
+    mkdir -p /etc/apt/keyrings \
+    && curl -fsSL https://dl.google.com/linux/linux_signing_key.pub | \
+    gpg --dearmor -o /etc/apt/keyrings/google.gpg \
+    && echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/google.gpg] https://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends google-chrome-stable; \
     elif [ "$(dpkg --print-architecture)" = "arm64" ]; then \
-        apt-get install -y --no-install-recommends \
-        chromium; \        
+    apt-get install -y --no-install-recommends \
+    chromium; \        
     fi \
     # Create config directory for chromium/google-chrome-stable
     && mkdir /var/www/.config \
@@ -37,51 +57,30 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
 
 # Install PHP extensions
 RUN ( curl -sSLf https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions -o - || echo 'return 1' ) | sh -s \
-        ${php_require} \
-        ${php_suggest} \
-        ${php_extra} \
-        @composer
+    ${php_require} \
+    ${php_suggest} \
+    ${php_extra}
 
 # Configure PHP
-RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
+RUN ln -s "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
 
-# Copy scripts
-COPY rootfs /
+COPY php/php.ini /usr/local/etc/php/conf.d/invoiceninja.ini
 
-USER www-data
-
-WORKDIR /var/www/html
-
-# Setup InvoiceNinja
-RUN curl -s "https://api.github.com/repos/invoiceninja/invoiceninja/releases/latest" | \
-        grep -o '"browser_download_url": "[^"]*invoiceninja.tar"' | \
-        cut -d '"' -f 4 | \
-        xargs curl -sL | \
-        tar -oxz -C /var/www/html \
-    && cp /var/www/html/resources/views/react/index.blade.php /var/www/html/public/index.html \
-    # File permissions
-    && find /var/www/html/ -type f -exec chmod 644 {} \; \
-    # Directory permissions
-    && find /var/www/html/ -type d -exec chmod 755 {} \; \
-    # Install dependencies
-    && composer install --no-dev --no-scripts --no-autoloader \
-    && composer dump-autoload --optimize \
-    && php artisan optimize \
-    && php artisan storage:link \
-    # Workaround for application updates
-    && mv /var/www/html/public /tmp/public
-
-USER root
+COPY php/php-fpm.conf /usr/local/etc/php-fpm.d/invoiceninja.conf
 
 # Setup supervisor
 COPY supervisor/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
 
+# Setup InvoiceNinja
+COPY --from=prepare-app /var/www/html /var/www/html
+COPY --from=prepare-app /tmp/public /tmp/public
+
 # Add initialization script
 COPY --chmod=0755 scripts/init.sh /usr/local/bin/init.sh
 
 # Health check
 HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 \
-    CMD php -v || exit 1
+    CMD pgrep -f "php-fpm: master process"
 
 ENTRYPOINT ["/usr/local/bin/init.sh"]
 CMD ["supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]

debian/docker-compose.yml

@@ -14,9 +14,9 @@ services:
       - ./.env
     volumes:
       - ./.env:/var/www/html/.env
-      - ./php/php.ini:/usr/local/etc/php/conf.d/zzz-php.ini:ro
-      - ./php/php-fpm.conf:/usr/local/etc/php-fpm.d/zzz-php-fpm.conf:ro
-      - ./supervisor/supervisord.conf:/etc/supervisor/conf.d/supervisord.conf:ro
+      # - ./php/php.ini:/usr/local/etc/php/conf.d/invoiceninja.ini:ro
+      # - ./php/php-fpm.conf:/usr/local/etc/php-fpm.d/invoiceninja.conf:ro
+      # - ./supervisor/supervisord.conf:/etc/supervisor/conf.d/supervisord.conf:ro
       - app_cache:/var/www/html/bootstrap/cache
       - app_public:/var/www/html/public
       - app_storage:/var/www/html/storage

debian/php/php.ini

@@ -1,15 +1,23 @@
 [core]
-# https://www.php.net/manual/en/ini.core.php
-post_max_size = 10M
-upload_max_filesize = 10M
+; https://www.php.net/manual/en/ini.core.php
+post_max_size=10M
+upload_max_filesize=10M
 
 [opcache]
-# https://www.php.net/manual/en/opcache.installation.php#opcache.installation.recommended
+; https://www.php.net/manual/en/opcache.installation.php#opcache.installation.recommended
 opcache.enable_cli=1
-opcache.max_accelerated_files=4000
-opcache.revalidate_freq=60
 
 [jit]
-# https://wiki.php.net/rfc/jit_config_defaults
+; https://wiki.php.net/rfc/jit_config_defaults
 opcache.jit=tracing
 opcache.jit_buffer_size=64M
+
+[extra]
+; http://symfony.com/doc/current/performance.html
+opcache.memory_consumption=256
+opcache.max_accelerated_files=20000
+opcache.preload=/var/www/html/preload.php
+opcache.preload_user=www-data
+opcache.validate_timestamps=0
+realpath_cache_size = 4096K
+realpath_cache_ttl = 600

debian/rootfs/docker-entrypoint-init.d/10-init-in.sh

@@ -1,14 +0,0 @@
-#!/bin/sh
-
-php artisan db:seed --force
-
-# Build up array of arguments...
-if [ ! -z "${IN_USER_EMAIL}" ]; then
-    email="--email ${IN_USER_EMAIL}"
-fi
-
-if [ ! -z "${IN_PASSWORD}" ]; then
-    password="--password ${IN_PASSWORD}"
-fi
-
-php artisan ninja:create-account $email $password

debian/scripts/init.sh

@@ -1,33 +1,4 @@
-#!/bin/sh
-set -e
-
-in_log() {
-    local type="$1"
-    shift
-    printf '%s [%s] [Entrypoint]: %s\n' "$(date -u '+%Y-%m-%dT%H:%M:%SZ')" "$type" "$*"
-}
-
-docker_process_init_files() {
-    echo
-    local f
-    for f; do
-        case "$f" in
-        *.sh)
-            # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
-            # https://github.com/docker-library/postgres/pull/452
-            if [ -x "$f" ]; then
-                in_log INFO "$0: running $f"
-                "$f"
-            else
-                in_log INFO "$0: sourcing $f"
-                . "$f"
-            fi
-            ;;
-        *) in_log INFO "$0: ignoring $f" ;;
-        esac
-        echo
-    done
-}
+#!/bin/sh -eu
 
 if [ "$*" = 'supervisord -c /etc/supervisor/conf.d/supervisord.conf' ]; then
     # Workaround for application updates
@@ -61,18 +32,20 @@ if [ "$*" = 'supervisord -c /etc/supervisor/conf.d/supervisord.conf' ]; then
         runuser -u www-data -- php artisan migrate --force
 
         # If first IN run, it needs to be initialized
-        echo "Checking initialization status..."
-        IN_INIT=$(php artisan tinker --execute='echo Schema::hasTable("accounts") && !App\Models\Account::all()->first();')
-        echo "IN_INIT value: $IN_INIT"
+        if [ "$(php -d opcache.preload='' artisan tinker --execute='echo Schema::hasTable("accounts") && !App\Models\Account::all()->first();')" = "1" ]; then
+            echo "Running initialization..."
 
-        if [ "$IN_INIT" = "1" ]; then
-            echo "Running initialization scripts..."
-            docker_process_init_files /docker-entrypoint-init.d/*
+            php artisan db:seed --force
+
+            if [ -n "${IN_USER_EMAIL}" ] && [ -n "${IN_PASSWORD}" ]; then
+                php artisan ninja:create-account --email "${IN_USER_EMAIL}" --password "${IN_PASSWORD}"
+            else
+                echo "Initialization failed - Set IN_USER_EMAIL and IN_PASSWORD in .env"
+                exit 1
+            fi
         fi
 
         echo "Production setup completed"
-        echo "IN_INIT value: $IN_INIT"
-
     fi
 
     echo "Starting supervisord..."

debian/supervisor/supervisord.conf

@@ -1,32 +1,25 @@
-[unix_http_server]
-file=/var/run/supervisor.sock
-chmod=0700
-
 [supervisord]
 nodaemon=true
 user=root
-logfile=/var/log/supervisor/supervisord.log
+logfile=/dev/null
+logfile_maxbytes=0
 pidfile=/var/run/supervisord.pid
 
 [rpcinterface:supervisor]
 supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
 
-[supervisorctl]
-serverurl=unix:///var/run/supervisor.sock
-
 [program:php-fpm]
 command=/usr/local/sbin/php-fpm -F
 autostart=true
 autorestart=true
 priority=5
-stdout_logfile=/dev/stdout
+stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
+redirect_stderr=true
 
 [program:queue-worker]
 process_name=%(program_name)s_%(process_num)02d
-command=php /var/www/html/artisan queue:work --sleep=3 --tries=3 --max-time=3600
+command=php /var/www/html/artisan queue:work --sleep=3 --tries=3 --max-time=3600 --verbose
 autostart=true
 autorestart=true
 stopasgroup=true
@@ -34,16 +27,16 @@ killasgroup=true
 user=www-data
 numprocs=2
 environment=HOME="/var/www"
-stdout_logfile=/var/log/php-worker.log
-stderr_logfile=/var/log/php-worker.err.log
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
 stopwaitsecs=3600
 
 [program:scheduler]
-command=/bin/sh -c "while [ true ]; do (php /var/www/html/artisan schedule:run --verbose --no-interaction &); sleep 60; done"
+command=php /var/www/html/artisan schedule:work --verbose
 autostart=true
 autorestart=true
 user=www-data
-stdout_logfile=/dev/stdout
+stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0
+redirect_stderr=true