Merge pull request #30 from eramba/27-use-only-ssl-virtual-host-by-default-with-simple-installation

elsombrante · web-flow · commit e27ca729b98b · 2022-11-02T17:27:55.000+01:00
Replaced combined virtual host with SSL-only virtual host
diff --git a/.env b/.env
@@ -1,7 +1,12 @@
-HTTP_HOST="localhost:8080"
 DB_HOST="mysql"
 DB_DATABASE="docker"
 DB_USERNAME="docker"
 DB_PASSWORD="Your_DB_user_P@ssw0rd"
 CACHE_URL="Redis://?server=redis&port=6379&password=&timeout=3"
 MYSQL_ROOT_PASSWORD="Your_MysQl_ROOt_P@ssw0rd"
+USE_PROXY="0"
+PROXY_HOST=""
+PROXY_PORT=""
+USE_PROXY_AUTH="0"
+PROXY_AUTH_USER=""
+PROXY_AUTH_PASS=""
diff --git a/.github/workflows/Docker.yml b/.github/workflows/Docker.yml
@@ -4,128 +4,35 @@ on:
   pull_request:
     branches:
       - '*'
-  workflow_dispatch:
-    inputs:
-      version:
-        description: 'Eramba Version (you can put any branch name)'
-        required: true
-        default: '3.x'
 
 jobs:
-  build_push:
-    name: Build and Push Eramba Docker Image [${{ matrix.build-type }}]
+  simple_install:
+    name: Simple Installation [${{ matrix.build-type }}]
     runs-on: ubuntu-22.04
-#      - self-hosted
-#      - Linux
-#      - ARM64
     strategy:
       fail-fast: false
-      #      max-parallel: 1
       matrix:
         build-type:
-          - enterprise
+          # - enterprise
           - community
 
     steps:
-      - id: inputs
-        run: |
-          if ${{ github.event.inputs.version == '' }}; then
-            echo '::set-output name=version::3.x'
-          else
-            echo '::set-output name=version::${{ github.event.inputs.version }}'
-          fi
-
-      - uses: webfactory/ssh-agent@v0.5.4
-        with:
-          ssh-private-key: |
-            ${{ secrets.SSH_PRIVATE_KEY }}
-      #            ${{ secrets.SSH_RUNNERS_PRIVATE_KEY }}
-
-      - name: Check out the repo
-        uses: actions/checkout@v3
-        with:
-          repository: eramba/eramba
-          path: eramba
-          ref: ${{ steps.inputs.outputs.version }}
-          ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
-
-      - name: Actions for some reason delete all .gitkeep files with all remaining empty dirs, this reverts it.
-        working-directory: eramba
-        run: |
-          if git status | grep "app/upgrade/data/.gitkeep"; then
-            git checkout -f
-          fi
-          git status;
-
-      - name: Setup build distribution type vars based on the matrix
-        id: build-type
-        run: |
-          if ${{ matrix.build-type == 'enterprise' }}; then
-            echo '::set-output name=image::ghcr.io/eramba/docker-enterprise'
-            exit 0
-          fi
-
-          if ${{ matrix.build-type == 'community' }}; then
-            echo '::set-output name=image::ghcr.io/eramba/docker-community'
-            exit 0
-          fi
-
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v2
-
-
-      - name: Cache Docker layers
-        uses: actions/cache@v3
-        with:
-          path: ${{ runner.temp }}/.buildx-cache
-          key: ${{ runner.os }}-buildx-${{ matrix.build-type }}-${{ github.sha }}
-          restore-keys: |
-            ${{ runner.os }}-buildx-
-
-      - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.TOKEN_INCREASED_PERMISSIONS }}
-
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          images: ${{ steps.build-type.outputs.image }}
-
-      - name: Composer install
-        working-directory: eramba
-        run: |
-          sudo apt install -y composer
-          composer install --no-interaction --ignore-platform-reqs --prefer-dist
-          composer require eramba/${{ matrix.build-type }}-pack:^1.0 --no-interaction --ignore-platform-reqs --prefer-dist
-
       - name: Check out the repo
         uses: actions/checkout@v3
-        with:
-          path: docker
-
-      - name: Copy docker source files to app/upgrade/vendor/eramba/docker to test it out
+      #
+      #      - name: Log in to GitHub Container Registry
+      #        uses: docker/login-action@v2
+      #        with:
+      #          registry: ghcr.io
+      #          username: ${{ github.actor }}
+      #          password: ${{ secrets.TOKEN_INCREASED_PERMISSIONS }}
+
+      - name: Run Simple Install
         run: |
-          rm -rf eramba/app/upgrade/vendor/docker
-          cp -r docker eramba/app/upgrade/vendor/docker
-
-      - name: Run docker compose
-        working-directory: eramba
-        run: |
-          docker container rm -f -v cron eramba mysql redis 2> /dev/null
-          docker volume rm -f eramba_app eramba_data eramba_db-data 2> /dev/null
-          docker volume rm -f eramba_v2_app eramba_v2_data eramba_v2_db-data 2> /dev/null
-          docker volume rm -f eramba-enterprise_app eramba-enterprise_data eramba-enterprise_db-data 2> /dev/null
-          docker volume rm -f eramba-community_app eramba-community_data eramba-community_db-data 2> /dev/null
-          docker volume rm -f eramba_v3_app eramba_v3_data eramba_v3_db-data 2> /dev/null
-          docker volume rm -f docker_app docker_data docker_db-data 2> /dev/null
+          docker compose -f docker-compose.simple-install.yml down 2>&1
+          docker system prune --force --volumes --all
           
-          docker compose up -d
+          docker compose -f docker-compose.simple-install.yml up -d
 
       - name: Wait for apache to start
         timeout-minutes: 5
@@ -152,47 +59,13 @@ jobs:
           if docker exec -w /var/www/eramba/app/upgrade -u www-data eramba bin/cake system_health check; then
             exit 0
           fi
-
+          
           exit 1
-#
-#      - name: Cypress Tests Dependencies
-#        run: sudo apt-get install -y npm libgtk2.0-0 libgtk-3-0 libgbm-dev libnotify-dev libgconf-2-4 libnss3 libxss1 libasound2 libxtst6 xauth xvfb
-#
-#      - name: Prepare cypress environmental
-#        id: cypress-environmental
-#        run: |
-#          if ${{ matrix.build-type == 'enterprise' }}; then
-#            echo '::set-output name=env-value::on'
-#          else
-#            echo '::set-output name=env-value::off'
-#          fi
 
-#      - name: Cypress Tests
-#        uses: cypress-io/github-action@v4
-#        with:
-#          working-directory: eramba/app/upgrade
-#          browser: electron
-#          config: pageLoadTimeout=100000,baseUrl=http://localhost:8080
-#          record: true
-#          cache-key: type-${{ matrix.build-type }}-on-${{ runner.os }}
-#        env:
-#          CYPRESS_enterprise: ${{ steps.cypress-environmental.outputs.env-value }}
-#          # pass the Dashboard record key as an environment variable
-#          CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }}
-#          # pass GitHub token to allow accurately detecting a build vs a re-run build
-#          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Migrations Status Check On CRON Container (to determine if DB connection is working)
+        run: |
+          if docker exec -w /var/www/eramba/app/upgrade -u www-data cron bin/cake migrations status; then
+            exit 0
+          fi
 
-      - name: Build Docker image
-        id: docker_build
-        uses: docker/build-push-action@v3
-        with:
-          context: eramba
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          file: eramba/Dockerfile
-          builder: ${{ steps.buildx.outputs.name }}
-          target: eramba
-          labels: ${{ steps.meta.outputs.labels }}
-          tags: ${{ steps.meta.outputs.tags }}
-          push: true
-          cache-from: type=registry,ref=${{ steps.build-type.outputs.image }}:buildcache
-          cache-to: type=registry,ref=${{ steps.build-type.outputs.image }}:buildcache,mode=max
+          exit 1
diff --git a/apache/vhost-ssl.conf b/apache/vhost-ssl.conf
@@ -10,15 +10,3 @@
     SSLCertificateFile    /etc/ssl/certs/mycert.crt
     SSLCertificateKeyFile /etc/ssl/private/mycert.key
 </VirtualHost>
-
-<VirtualHost *:80>
-	DocumentRoot "/var/www/eramba"
-    <Directory "/var/www/eramba">
-        AllowOverride all
-        Require all granted
-    </Directory>
-    ErrorLog ${APACHE_LOG_DIR}/error.log
-    CustomLog ${APACHE_LOG_DIR}/access.log combined
-
-    Redirect  /  https://localhost:8443/
-</VirtualHost>
diff --git a/crontab/crontab b/crontab/crontab
@@ -1,5 +1,5 @@
-@hourly export $(cat /var/www/eramba/app/upgrade/vendor/eramba/docker/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake cron job hourly >> /var/log/cron.log 2>&1
-@daily export $(cat /var/www/eramba/app/upgrade/vendor/eramba/docker/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake cron job daily >> /var/log/cron.log 2>&1
-@yearly export $(cat /var/www/eramba/app/upgrade/vendor/eramba/docker/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake cron job yearly >> /var/log/cron.log 2>&1
-*/1 * * * * export $(cat /var/www/eramba/app/upgrade/vendor/eramba/docker/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake queue run -v >> /var/log/cron.log 2>&1
+@hourly export $(cat /var/www/eramba/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake cron job hourly >> /var/log/cron.log 2>&1
+@daily export $(cat /var/www/eramba/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake cron job daily >> /var/log/cron.log 2>&1
+@yearly export $(cat /var/www/eramba/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake cron job yearly >> /var/log/cron.log 2>&1
+* * * * * export $(cat /var/www/eramba/.env) && /bin/sh /var/www/eramba/app/upgrade/bin/cake queue run -v >> /var/log/cron.log 2>&1
 # remember to end this file with an empty new line
diff --git a/docker-compose.simple-install.yml b/docker-compose.simple-install.yml
@@ -20,22 +20,26 @@ services:
     container_name: eramba
     image: ghcr.io/eramba/eramba:latest
     ports:
-      - 8080:80
       - 8443:443
     volumes:
       - data:/var/www/eramba/app/upgrade/data
       - app:/var/www/eramba
       - ./apache/ssl/mycert.crt:/etc/ssl/certs/mycert.crt
       - ./apache/ssl/mycert.key:/etc/ssl/private/mycert.key
-      - ./apache/vhost-with-ssl.conf:/etc/apache2/sites-available/000-default.conf
+      - ./apache/vhost-ssl.conf:/etc/apache2/sites-available/000-default.conf
       - ./crontab/crontab:/etc/cron.d/eramba-crontab
     environment:
       DB_HOST: ${DB_HOST}
       DB_DATABASE: ${DB_DATABASE}
       DB_USERNAME: ${DB_USERNAME}
       DB_PASSWORD: ${DB_PASSWORD}
       CACHE_URL: ${CACHE_URL}
-      HTTP_HOST: ${HTTP_HOST}
+      USE_PROXY: ${USE_PROXY}
+      PROXY_HOST: ${PROXY_HOST}
+      PROXY_PORT: ${PROXY_PORT}
+      USE_PROXY_AUTH: ${USE_PROXY_AUTH}
+      PROXY_AUTH_USER: ${PROXY_AUTH_USER}
+      PROXY_AUTH_PASS: ${PROXY_AUTH_PASS}
     links:
       - mysql
       - redis
@@ -57,7 +61,12 @@ services:
       DB_USERNAME: ${DB_USERNAME}
       DB_PASSWORD: ${DB_PASSWORD}
       CACHE_URL: ${CACHE_URL}
-      HTTP_HOST: ${HTTP_HOST}
+      USE_PROXY: ${USE_PROXY}
+      PROXY_HOST: ${PROXY_HOST}
+      PROXY_PORT: ${PROXY_PORT}
+      USE_PROXY_AUTH: ${USE_PROXY_AUTH}
+      PROXY_AUTH_USER: ${PROXY_AUTH_USER}
+      PROXY_AUTH_PASS: ${PROXY_AUTH_PASS}
     links:
       - mysql
       - redis
diff --git a/docker-cron-entrypoint.sh b/docker-cron-entrypoint.sh
@@ -1,10 +1,9 @@
 #!/bin/sh
 
-cd /var/www/eramba/app/upgrade/vendor/eramba/docker || exit
-
-su -s /bin/bash -c "printenv | grep DB_ > .env" www-data
-su -s /bin/bash -c "printenv | grep CACHE_URL >> .env" www-data
-su -s /bin/bash -c "printenv | grep HTTP_HOST >> .env" www-data
+su -s /bin/bash -c "printenv | grep DB_ > /var/www/eramba/.env" www-data
+su -s /bin/bash -c "printenv | grep CACHE_URL >> /var/www/eramba/.env" www-data
+su -s /bin/bash -c "printenv | grep USE_PROXY >> /var/www/eramba/.env" www-data
+su -s /bin/bash -c "printenv | grep PROXY_ >> /var/www/eramba/.env" www-data
 
 su -s /bin/bash -c "crontab -u www-data /etc/cron.d/eramba-crontab" www-data
 
