diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 7687049b..00431bdc 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -10,35 +10,35 @@ jobs: COMPOSE_DOMAIN: test.local.example.org COMPOSE_PROJECT_NAME: test_project COMPOSE_SERVER_DOMAIN: test.example.org + + TERM: xterm-256color + strategy: fail-fast: false matrix: version: &template_version - - drupal-7 + - drupal - drupal-8 - drupal-9 - drupal-10 - drupal-11 - - symfony-3 - - symfony-4 + - symfony - symfony-6 + - symfony-7 + - symfony-8 name: Validate compose (${{ matrix.version }}) steps: - uses: actions/checkout@v5 - name: Validate local docker compose files run: | - DC=$(docker compose --file templates/${{ matrix.version }}/docker-compose.yml config --quiet 2>&1) - [ -z "$DC" ] || { echo $DC; exit 1; } + docker compose --file templates/${{ matrix.version }}/docker-compose.yml config - name: Validate server docker compose files run: | - DC=$(docker compose --file templates/${{ matrix.version }}/docker-compose.server.yml config --quiet 2>&1) - [ -z "$DC" ] || { echo $DC; exit 1; } - DC=$(docker compose --file templates/${{ matrix.version }}/docker-compose.server.yml --file templates/${{ matrix.version }}/docker-compose.dev.yml config --quiet 2>&1) - [ -z "$DC" ] || { echo $DC; exit 1; } - DC=$(docker compose --file templates/${{ matrix.version }}/docker-compose.server.yml --file templates/${{ matrix.version }}/docker-compose.redirect.yml config --quiet 2>&1) - [ -z "$DC" ] || { echo $DC; exit 1; } + docker compose --file templates/${{ matrix.version }}/docker-compose.server.yml config + docker compose --file templates/${{ matrix.version }}/docker-compose.server.yml --file templates/${{ matrix.version }}/docker-compose.dev.yml config + docker compose --file templates/${{ matrix.version }}/docker-compose.server.yml --file templates/${{ matrix.version }}/docker-compose.redirect.yml config validate-nginx-conf: runs-on: ubuntu-latest @@ -62,3 +62,37 @@ jobs: - name: Validate nginx conf run: | docker compose --file templates/${{ matrix.version }}/${{ matrix.compose_file}} run --rm nginx nginx -t + + test-template-install: + runs-on: ubuntu-latest + env: *env + + strategy: + fail-fast: false + matrix: + version: *template_version + + name: Test template install (${{ matrix.version }}) + steps: + - uses: actions/checkout@v5 + + - name: Install and check template + run: | + script_dir="$PWD/scripts" + test_dir="tmp/${{ matrix.version }}" + + mkdir -p "$test_dir" + cd "$test_dir" + yes | "$script_dir/itkdev-docker-compose" template:install "${{ matrix.version }}" || true + # Remove .env file generated during template install + rm .env + cd - + pwd + + # Check that we have no symlinks in the project. + find "$test_dir" -type l | grep . && exit 1 + + # Check that project files are exact copies of the template files. + diff -qr templates/"${{ matrix.version }}" "$test_dir" + + rm -fr "$(dirname "$test_dir")" diff --git a/task/scripts/github-actions-link b/task/scripts/github-actions-link index e7ec2756..04214ed9 100755 --- a/task/scripts/github-actions-link +++ b/task/scripts/github-actions-link @@ -18,8 +18,6 @@ function strip-project-type() { echo "$name" } -find templates -type l -delete - for template_dir in templates/*; do template_name=$(basename "$template_dir") @@ -27,11 +25,11 @@ for template_dir in templates/*; do echo project_type="" - if [[ "$template_name" =~ ^drupal-module ]]; then + if [[ "$template_name" =~ ^drupal-module$ ]]; then project_type="drupal-module" - elif [[ "$template_name" =~ ^drupal- ]]; then + elif [[ "$template_name" =~ ^drupal(-|$) ]]; then project_type="drupal" - elif [[ "$template_name" =~ ^symfony- ]]; then + elif [[ "$template_name" =~ ^symfony(-|$) ]]; then project_type="symfony" else (>&2 echo "Unknown template type: $template_name") diff --git a/templates/drupal-10/.docker b/templates/drupal-10/.docker new file mode 120000 index 00000000..14ed9c94 --- /dev/null +++ b/templates/drupal-10/.docker @@ -0,0 +1 @@ +../drupal/.docker \ No newline at end of file diff --git a/templates/drupal-10/docker-compose.dev.yml b/templates/drupal-10/docker-compose.dev.yml deleted file mode 100644 index 71a88b42..00000000 --- a/templates/drupal-10/docker-compose.dev.yml +++ /dev/null @@ -1,27 +0,0 @@ -# itk-version: 3.2.4 -services: - phpfpm: - environment: - - PHP_SENDMAIL_PATH=/usr/sbin/sendmail -S mail:1025 - - nginx: - labels: - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=ITKBasicAuth@file" - - mail: - image: axllent/mailpit - restart: unless-stopped - networks: - - app - - frontend - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.services.mail_${COMPOSE_PROJECT_NAME:?}.loadbalancer.server.port=8025" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.middlewares=ITKMailhogAuth@file" diff --git a/templates/drupal-10/docker-compose.dev.yml b/templates/drupal-10/docker-compose.dev.yml new file mode 120000 index 00000000..f0ba66e5 --- /dev/null +++ b/templates/drupal-10/docker-compose.dev.yml @@ -0,0 +1 @@ +../drupal/docker-compose.dev.yml \ No newline at end of file diff --git a/templates/drupal-10/docker-compose.redirect.yml b/templates/drupal-10/docker-compose.redirect.yml deleted file mode 100644 index 2e7ac332..00000000 --- a/templates/drupal-10/docker-compose.redirect.yml +++ /dev/null @@ -1,15 +0,0 @@ -# itk-version: 3.2.4 -services: - nginx: - labels: - # Add www before domain and set redirect to non-www - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https,non_www" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.middlewares=non_www" - - - traefik.http.middlewares.non_www.redirectregex.regex=^(http|https)?://(?:www\.)?(.+) - - traefik.http.middlewares.non_www.redirectregex.replacement=https://$${2:?} - - traefik.http.middlewares.non_www.redirectregex.permanent=true diff --git a/templates/drupal-10/docker-compose.redirect.yml b/templates/drupal-10/docker-compose.redirect.yml new file mode 120000 index 00000000..99d47d5e --- /dev/null +++ b/templates/drupal-10/docker-compose.redirect.yml @@ -0,0 +1 @@ +../drupal/docker-compose.redirect.yml \ No newline at end of file diff --git a/templates/drupal-10/docker-compose.server.yml b/templates/drupal-10/docker-compose.server.yml deleted file mode 100644 index 4b034415..00000000 --- a/templates/drupal-10/docker-compose.server.yml +++ /dev/null @@ -1,64 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - phpfpm: - image: itkdev/php8.3-fpm:alpine - restart: unless-stopped - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=128M - # Let drush know the site uri (makes using --uri redundant) - - DRUSH_OPTIONS_URI=https://${COMPOSE_SERVER_DOMAIN:?} - depends_on: - - memcached - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - restart: unless-stopped - networks: - - app - - frontend - depends_on: - - phpfpm - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - ./.docker/nginx.conf:/etc/nginx/nginx.conf:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/web - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - # Cron-metrics protection. - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" - - memcached: - image: memcached:alpine - restart: unless-stopped - networks: - - app - environment: - - MEMCACHED_CACHE_SIZE=64 diff --git a/templates/drupal-10/docker-compose.server.yml b/templates/drupal-10/docker-compose.server.yml new file mode 120000 index 00000000..a57a3f37 --- /dev/null +++ b/templates/drupal-10/docker-compose.server.yml @@ -0,0 +1 @@ +../drupal/docker-compose.server.yml \ No newline at end of file diff --git a/templates/drupal-10/docker-compose.yml b/templates/drupal-10/docker-compose.yml deleted file mode 100644 index bf5ade5f..00000000 --- a/templates/drupal-10/docker-compose.yml +++ /dev/null @@ -1,130 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - mariadb: - image: itkdev/mariadb:latest - networks: - - app - ports: - - "3306" - healthcheck: - test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] - start_period: 10s - interval: 10s - timeout: 5s - retries: 3 - environment: - - MYSQL_ROOT_PASSWORD=password - - MYSQL_USER=db - - MYSQL_PASSWORD=db - - MYSQL_DATABASE=db - #- ENCRYPT=1 # Uncomment to enable database encryption. - # https://symfony.com/doc/current/setup/symfony_server.html#docker-integration - labels: - com.symfony.server.service-prefix: "DATABASE" - - phpfpm: - image: itkdev/php8.3-fpm:latest - user: ${COMPOSE_USER:-deploy} - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_XDEBUG_MODE=${PHP_XDEBUG_MODE:-off} - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=256M - # Depending on the setup, you may have to remove --read-envelope-from from msmtp (cf. https://marlam.de/msmtp/msmtp.html) or use SMTP to send mail - - PHP_SENDMAIL_PATH=/usr/bin/msmtp --host=mail --port=1025 --read-recipients --read-envelope-from - - DOCKER_HOST_DOMAIN=${COMPOSE_DOMAIN:?} - - PHP_IDE_CONFIG=serverName=localhost - # Let drush know the site uri (makes using --uri redundant) - - DRUSH_OPTIONS_URI=http://${COMPOSE_DOMAIN:?} - depends_on: - mariadb: - condition: service_healthy - memcached: - condition: service_healthy - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - networks: - - app - - frontend - depends_on: - - phpfpm - ports: - - "8080" - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/web - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_DOMAIN:?}`)" - # HTTPS config - uncomment to enable redirect from :80 to :443 - # - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" - # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - # Cron-metrics protection (metrics:metrics for local testing). - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" - - memcached: - image: memcached:alpine - networks: - - app - ports: - - "11211" - healthcheck: - test: echo "version" | nc -vn -w 1 127.0.0.1 11211 - interval: 10s - retries: 60 - environment: - - MEMCACHED_CACHE_SIZE=64 - - mail: - image: axllent/mailpit - networks: - - app - - frontend - ports: - - "1025" - - "8025" - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}mail.rule=Host(`mail-${COMPOSE_DOMAIN:?}`)" - - "traefik.http.services.${COMPOSE_PROJECT_NAME:?}mail.loadbalancer.server.port=8025" - - # Code checks tools - markdownlint: - image: itkdev/markdownlint - profiles: - - dev - volumes: - - ./:/md - - prettier: - # Prettier does not (yet, fcf. - # https://github.com/prettier/prettier/issues/15206) have an official - # docker image. - # https://hub.docker.com/r/jauderho/prettier is good candidate (cf. https://hub.docker.com/search?q=prettier&sort=updated_at&order=desc) - image: jauderho/prettier - profiles: - - dev - volumes: - - ./:/work diff --git a/templates/drupal-10/docker-compose.yml b/templates/drupal-10/docker-compose.yml new file mode 120000 index 00000000..0781a23f --- /dev/null +++ b/templates/drupal-10/docker-compose.yml @@ -0,0 +1 @@ +../drupal/docker-compose.yml \ No newline at end of file diff --git a/templates/drupal-11/.docker b/templates/drupal-11/.docker new file mode 120000 index 00000000..14ed9c94 --- /dev/null +++ b/templates/drupal-11/.docker @@ -0,0 +1 @@ +../drupal/.docker \ No newline at end of file diff --git a/templates/drupal-11/.docker/templates/default.conf.template b/templates/drupal-11/.docker/templates/default.conf.template deleted file mode 100644 index e77213bd..00000000 --- a/templates/drupal-11/.docker/templates/default.conf.template +++ /dev/null @@ -1,108 +0,0 @@ -server { - listen ${NGINX_PORT}; - server_name localhost; - - root ${NGINX_WEB_ROOT}; - - client_max_body_size ${NGINX_MAX_BODY_SIZE}; - - set_real_ip_from 172.16.0.0/16; - set_real_ip_from 192.168.39.0/24; - real_ip_recursive on; - real_ip_header X-Forwarded-For; - - location = /cron-metrics { - # Proxy to supercronic metrics - proxy_pass http://${NGINX_CRON_METRICS}/metrics; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - # Block access to scripts in site files directory - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - # Block access to "hidden" files and directories whose names begin with a - # period. - location ~ (^|/)\. { - return 403; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location @rewrite { - rewrite ^ /index.php; - } - - # Don't allow direct access to PHP files in the vendor directory. - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - - # Protect files and directories from prying eyes. - location ~* \.(engine|inc|install|make|module|profile|po|sh|.*sql|.tar|.gz|.bz2|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$ { - deny all; - return 404; - } - - location ~ '\.php$|^/update.php' { - include fastcgi_params; - - fastcgi_buffers 16 32k; - fastcgi_buffer_size 64k; - fastcgi_busy_buffers_size 64k; - - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - - # Ensure the php file exists. Mitigates CVE-2019-11043 - try_files $fastcgi_script_name =404; - - fastcgi_param HTTP_PROXY ""; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param QUERY_STRING $query_string; - - fastcgi_intercept_errors on; - fastcgi_pass ${NGINX_FPM_SERVICE}; - } - - # Enforce clean URLs - # - # Removes index.php from urls like www.example.com/index.php/my-page --> www.example.com/my-page - # Could be done with 301 for permanent or other redirect codes. - if ($request_uri ~* "^(.*/)index\.php/(.*)") { - return 307 $1$2; - } - - error_log /dev/stderr; - access_log /dev/stdout main; -} diff --git a/templates/drupal-11/docker-compose.dev.yml b/templates/drupal-11/docker-compose.dev.yml deleted file mode 100644 index 71a88b42..00000000 --- a/templates/drupal-11/docker-compose.dev.yml +++ /dev/null @@ -1,27 +0,0 @@ -# itk-version: 3.2.4 -services: - phpfpm: - environment: - - PHP_SENDMAIL_PATH=/usr/sbin/sendmail -S mail:1025 - - nginx: - labels: - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=ITKBasicAuth@file" - - mail: - image: axllent/mailpit - restart: unless-stopped - networks: - - app - - frontend - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.services.mail_${COMPOSE_PROJECT_NAME:?}.loadbalancer.server.port=8025" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.middlewares=ITKMailhogAuth@file" diff --git a/templates/drupal-11/docker-compose.dev.yml b/templates/drupal-11/docker-compose.dev.yml new file mode 120000 index 00000000..f0ba66e5 --- /dev/null +++ b/templates/drupal-11/docker-compose.dev.yml @@ -0,0 +1 @@ +../drupal/docker-compose.dev.yml \ No newline at end of file diff --git a/templates/drupal-11/docker-compose.redirect.yml b/templates/drupal-11/docker-compose.redirect.yml deleted file mode 100644 index 2e7ac332..00000000 --- a/templates/drupal-11/docker-compose.redirect.yml +++ /dev/null @@ -1,15 +0,0 @@ -# itk-version: 3.2.4 -services: - nginx: - labels: - # Add www before domain and set redirect to non-www - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https,non_www" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.middlewares=non_www" - - - traefik.http.middlewares.non_www.redirectregex.regex=^(http|https)?://(?:www\.)?(.+) - - traefik.http.middlewares.non_www.redirectregex.replacement=https://$${2:?} - - traefik.http.middlewares.non_www.redirectregex.permanent=true diff --git a/templates/drupal-11/docker-compose.redirect.yml b/templates/drupal-11/docker-compose.redirect.yml new file mode 120000 index 00000000..99d47d5e --- /dev/null +++ b/templates/drupal-11/docker-compose.redirect.yml @@ -0,0 +1 @@ +../drupal/docker-compose.redirect.yml \ No newline at end of file diff --git a/templates/drupal-11/docker-compose.server.yml b/templates/drupal-11/docker-compose.server.yml deleted file mode 100644 index c9e464c3..00000000 --- a/templates/drupal-11/docker-compose.server.yml +++ /dev/null @@ -1,64 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - phpfpm: - image: itkdev/php8.4-fpm:alpine - restart: unless-stopped - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=128M - # Let drush know the site uri (makes using --uri redundant) - - DRUSH_OPTIONS_URI=https://${COMPOSE_SERVER_DOMAIN:?} - depends_on: - - memcached - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - restart: unless-stopped - networks: - - app - - frontend - depends_on: - - phpfpm - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - ./.docker/nginx.conf:/etc/nginx/nginx.conf:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/web - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - # Cron-metrics protection. - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" - - memcached: - image: memcached:alpine - restart: unless-stopped - networks: - - app - environment: - - MEMCACHED_CACHE_SIZE=64 diff --git a/templates/drupal-11/docker-compose.server.yml b/templates/drupal-11/docker-compose.server.yml new file mode 120000 index 00000000..a57a3f37 --- /dev/null +++ b/templates/drupal-11/docker-compose.server.yml @@ -0,0 +1 @@ +../drupal/docker-compose.server.yml \ No newline at end of file diff --git a/templates/drupal-11/docker-compose.yml b/templates/drupal-11/docker-compose.yml deleted file mode 100644 index 230ab5a4..00000000 --- a/templates/drupal-11/docker-compose.yml +++ /dev/null @@ -1,127 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - mariadb: - image: itkdev/mariadb:latest - networks: - - app - ports: - - "3306" - healthcheck: - test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] - start_period: 10s - interval: 10s - timeout: 5s - retries: 3 - environment: - - MYSQL_ROOT_PASSWORD=password - - MYSQL_USER=db - - MYSQL_PASSWORD=db - - MYSQL_DATABASE=db - #- ENCRYPT=1 # Uncomment to enable database encryption. - - phpfpm: - image: itkdev/php8.4-fpm:latest - user: ${COMPOSE_USER:-deploy} - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_XDEBUG_MODE=${PHP_XDEBUG_MODE:-off} - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=256M - # Depending on the setup, you may have to remove --read-envelope-from from msmtp (cf. https://marlam.de/msmtp/msmtp.html) or use SMTP to send mail - - PHP_SENDMAIL_PATH=/usr/bin/msmtp --host=mail --port=1025 --read-recipients --read-envelope-from - - DOCKER_HOST_DOMAIN=${COMPOSE_DOMAIN:?} - - PHP_IDE_CONFIG=serverName=localhost - # Let drush know the site uri (makes using --uri redundant) - - DRUSH_OPTIONS_URI=http://${COMPOSE_DOMAIN:?} - depends_on: - mariadb: - condition: service_healthy - memcached: - condition: service_healthy - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - networks: - - app - - frontend - depends_on: - - phpfpm - ports: - - "8080" - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/web - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_DOMAIN:?}`)" - # HTTPS config - enable redirect from :80 to :443 - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - # Cron-metrics protection. - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" - - memcached: - image: memcached:alpine - networks: - - app - ports: - - "11211" - healthcheck: - test: echo "version" | nc -vn -w 1 127.0.0.1 11211 - interval: 10s - retries: 60 - environment: - - MEMCACHED_CACHE_SIZE=64 - - mail: - image: axllent/mailpit - networks: - - app - - frontend - ports: - - "1025" - - "8025" - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}mail.rule=Host(`mail-${COMPOSE_DOMAIN:?}`)" - - "traefik.http.services.${COMPOSE_PROJECT_NAME:?}mail.loadbalancer.server.port=8025" - - # Code checks tools - markdownlint: - image: itkdev/markdownlint - profiles: - - dev - volumes: - - ./:/md - - prettier: - # Prettier does not (yet, fcf. - # https://github.com/prettier/prettier/issues/15206) have an official - # docker image. - # https://hub.docker.com/r/jauderho/prettier is good candidate (cf. https://hub.docker.com/search?q=prettier&sort=updated_at&order=desc) - image: jauderho/prettier - profiles: - - dev - volumes: - - ./:/work diff --git a/templates/drupal-11/docker-compose.yml b/templates/drupal-11/docker-compose.yml new file mode 120000 index 00000000..0781a23f --- /dev/null +++ b/templates/drupal-11/docker-compose.yml @@ -0,0 +1 @@ +../drupal/docker-compose.yml \ No newline at end of file diff --git a/templates/drupal-7/.docker/data/.gitignore b/templates/drupal-7/.docker/data/.gitignore deleted file mode 100644 index 80a9dc93..00000000 --- a/templates/drupal-7/.docker/data/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -# Ignore everything in this directory -* -# Except this file -!.gitignore -!Readme.md diff --git a/templates/drupal-7/.docker/nginx.conf b/templates/drupal-7/.docker/nginx.conf deleted file mode 100644 index ec278a5d..00000000 --- a/templates/drupal-7/.docker/nginx.conf +++ /dev/null @@ -1,34 +0,0 @@ -worker_processes auto; - -error_log /dev/stderr notice; -pid /tmp/nginx.pid; - -events { - worker_connections 1024; -} - -http { - proxy_temp_path /tmp/proxy_temp; - client_body_temp_path /tmp/client_temp; - fastcgi_temp_path /tmp/fastcgi_temp; - uwsgi_temp_path /tmp/uwsgi_temp; - scgi_temp_path /tmp/scgi_temp; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Note: set_real_ip_from is set in the server block - - log_format main '$http_x_real_ip - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /dev/stdout main; - - sendfile on; - keepalive_timeout 65; - - gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/templates/drupal-7/.docker/templates/default.conf.template b/templates/drupal-7/.docker/templates/default.conf.template deleted file mode 100644 index 57d7de34..00000000 --- a/templates/drupal-7/.docker/templates/default.conf.template +++ /dev/null @@ -1,115 +0,0 @@ -server { - listen ${NGINX_PORT}; - server_name localhost; - - root ${NGINX_WEB_ROOT}; - - client_max_body_size ${NGINX_MAX_BODY_SIZE}; - - set_real_ip_from 172.16.0.0/16; - set_real_ip_from 192.168.39.0/24; - real_ip_recursive on; - real_ip_header X-Forwarded-For; - - location = /cron-metrics { - # Proxy to supercronic metrics - proxy_pass http://${NGINX_CRON_METRICS}/metrics; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location ~ (^|/)\. { - return 403; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location @rewrite { - rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - - # Protect files and directories from prying eyes. - location ~* \.(engine|inc|install|make|module|profile|po|sh|.*sql|.tar|.gz|.bz2|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$ { - deny all; - return 404; - } - - location ~ '\.php$|^/update.php' { - fastcgi_buffers 16 32k; - fastcgi_buffer_size 64k; - fastcgi_busy_buffers_size 64k; - - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - include fastcgi_params; - - fastcgi_param HTTP_PROXY ""; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param QUERY_STRING $query_string; - fastcgi_intercept_errors on; - fastcgi_pass ${NGINX_FPM_SERVICE}; - } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - # Enforce clean URLs - # Removes index.php from urls like: - # www.example.com/index.php/my-page --> www.example.com/my-page - # - # Could be done with 301 for permanent or other redirect codes. - absolute_redirect off; - if ($request_uri ~* "^(.*/)index\.php/(.*)") { - return 301 /$2; - } - - error_log /dev/stderr; - access_log /dev/stdout main; -} diff --git a/templates/drupal-7/sites/default/settings.local.docker.php b/templates/drupal-7/sites/default/settings.local.docker.php deleted file mode 100644 index e0bb6689..00000000 --- a/templates/drupal-7/sites/default/settings.local.docker.php +++ /dev/null @@ -1,11 +0,0 @@ - 'db', - 'username' => 'db', - 'password' => 'db', - 'host' => 'mariadb', - 'port' => '', - 'driver' => 'mysql', - 'prefix' => '', -); diff --git a/templates/drupal-8/.docker/data/README.md b/templates/drupal-8/.docker/data/README.md index 8895d7b1..8e3cad94 100644 --- a/templates/drupal-8/.docker/data/README.md +++ b/templates/drupal-8/.docker/data/README.md @@ -2,10 +2,13 @@ Please map persistent volumes to this directory on the servers. -If a container needs to persist data between restarts you can map the relevant files in the container to ``docker/data/`. +If a container needs to persist data between restarts you can map the relevant files in the container to +`.docker/data/`. ## RabbitMQ example -If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for RabbitMQs data directory to avoid losing message on container restarts. + +If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for +RabbitMQs data directory to avoid losing message on container restarts. ```yaml # docker-compose.server.override.yml diff --git a/templates/drupal-8/.docker/templates/default.conf.template b/templates/drupal-8/.docker/templates/default.conf.template index 24e8450c..8ff4314c 100644 --- a/templates/drupal-8/.docker/templates/default.conf.template +++ b/templates/drupal-8/.docker/templates/default.conf.template @@ -49,8 +49,7 @@ server { } # Block access to "hidden" files and directories whose names begin with a - # period. This includes directories used by version control systems such - # as Subversion or Git to store control files. + # period. location ~ (^|/)\. { return 403; } @@ -76,12 +75,13 @@ server { } location ~ '\.php$|^/update.php' { + include fastcgi_params; + fastcgi_buffers 16 32k; fastcgi_buffer_size 64k; fastcgi_busy_buffers_size 64k; fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - include fastcgi_params; fastcgi_param HTTP_PROXY ""; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; diff --git a/templates/drupal-8/docker-compose.server.yml b/templates/drupal-8/docker-compose.server.yml index 9e86d31f..c9e464c3 100644 --- a/templates/drupal-8/docker-compose.server.yml +++ b/templates/drupal-8/docker-compose.server.yml @@ -8,7 +8,7 @@ networks: services: phpfpm: - image: itkdev/php8.0-fpm:alpine + image: itkdev/php8.4-fpm:alpine restart: unless-stopped networks: - app @@ -17,6 +17,8 @@ services: environment: - PHP_MAX_EXECUTION_TIME=30 - PHP_MEMORY_LIMIT=128M + # Let drush know the site uri (makes using --uri redundant) + - DRUSH_OPTIONS_URI=https://${COMPOSE_SERVER_DOMAIN:?} depends_on: - memcached volumes: diff --git a/templates/drupal-8/docker-compose.yml b/templates/drupal-8/docker-compose.yml index 3ee9c3d1..230ab5a4 100644 --- a/templates/drupal-8/docker-compose.yml +++ b/templates/drupal-8/docker-compose.yml @@ -25,12 +25,9 @@ services: - MYSQL_PASSWORD=db - MYSQL_DATABASE=db #- ENCRYPT=1 # Uncomment to enable database encryption. - # https://symfony.com/doc/current/setup/symfony_server.html#docker-integration - labels: - com.symfony.server.service-prefix: "DATABASE" phpfpm: - image: itkdev/php8.0-fpm:latest + image: itkdev/php8.4-fpm:latest user: ${COMPOSE_USER:-deploy} networks: - app @@ -44,6 +41,8 @@ services: - PHP_SENDMAIL_PATH=/usr/bin/msmtp --host=mail --port=1025 --read-recipients --read-envelope-from - DOCKER_HOST_DOMAIN=${COMPOSE_DOMAIN:?} - PHP_IDE_CONFIG=serverName=localhost + # Let drush know the site uri (makes using --uri redundant) + - DRUSH_OPTIONS_URI=http://${COMPOSE_DOMAIN:?} depends_on: mariadb: condition: service_healthy @@ -74,9 +73,9 @@ services: - "traefik.enable=true" - "traefik.docker.network=frontend" - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_DOMAIN:?}`)" - # HTTPS config - uncomment to enable redirect from :80 to :443 - # - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" - # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + # HTTPS config - enable redirect from :80 to :443 + - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" # Cron-metrics protection. - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" diff --git a/templates/drupal-8/web/sites/default/settings.local.docker.php b/templates/drupal-8/web/sites/default/settings.local.docker.php deleted file mode 100644 index e0bb6689..00000000 --- a/templates/drupal-8/web/sites/default/settings.local.docker.php +++ /dev/null @@ -1,11 +0,0 @@ - 'db', - 'username' => 'db', - 'password' => 'db', - 'host' => 'mariadb', - 'port' => '', - 'driver' => 'mysql', - 'prefix' => '', -); diff --git a/templates/drupal-9/.docker/data/README.md b/templates/drupal-9/.docker/data/README.md index 8895d7b1..8e3cad94 100644 --- a/templates/drupal-9/.docker/data/README.md +++ b/templates/drupal-9/.docker/data/README.md @@ -2,10 +2,13 @@ Please map persistent volumes to this directory on the servers. -If a container needs to persist data between restarts you can map the relevant files in the container to ``docker/data/`. +If a container needs to persist data between restarts you can map the relevant files in the container to +`.docker/data/`. ## RabbitMQ example -If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for RabbitMQs data directory to avoid losing message on container restarts. + +If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for +RabbitMQs data directory to avoid losing message on container restarts. ```yaml # docker-compose.server.override.yml diff --git a/templates/drupal-9/.docker/templates/default.conf.template b/templates/drupal-9/.docker/templates/default.conf.template index 24e8450c..8ff4314c 100644 --- a/templates/drupal-9/.docker/templates/default.conf.template +++ b/templates/drupal-9/.docker/templates/default.conf.template @@ -49,8 +49,7 @@ server { } # Block access to "hidden" files and directories whose names begin with a - # period. This includes directories used by version control systems such - # as Subversion or Git to store control files. + # period. location ~ (^|/)\. { return 403; } @@ -76,12 +75,13 @@ server { } location ~ '\.php$|^/update.php' { + include fastcgi_params; + fastcgi_buffers 16 32k; fastcgi_buffer_size 64k; fastcgi_busy_buffers_size 64k; fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - include fastcgi_params; fastcgi_param HTTP_PROXY ""; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; diff --git a/templates/drupal-9/.gitignore b/templates/drupal-9/.gitignore deleted file mode 100644 index 3d05992c..00000000 --- a/templates/drupal-9/.gitignore +++ /dev/null @@ -1,196 +0,0 @@ -# @see https://www.drupal.org/project/drupal/issues/3082958#comment-13433619 -# This file contains .gitignore rules that are often used with Drupal projects. -# Because .gitignore is specific to your site and its deployment processes, you -# may need to uncomment, add, or remove rules. -# -# To ignore all paths that composer manages when using this project template, -# remove all double-hashed (##) lines. - - -# Ignore configuration files that may contain sensitive information. -# -# Typically, settings.php and related files are not committed to the -# repository because they contain information such as the database -# credentials that could be used to compromise a site. Sometimes, -# a settings.php might be committed to the repository if it reads -# sensitive information from environment variables or other sources. -# ------------------------------------------------------------------ -/web/sites/*/settings*.php -/web/sites/*/services*.yml - -# Ignore paths that contain user-generated content. -/web/sites/*/files -/web/sites/*/private - -# Ignore SimpleTest multi-site environment. -/web/sites/simpletest - - -# Ignore custom modules managed by Composer. -# -# When a development team creates one or more custom modules that -# are intended for use on more than one site, the typical strategy -# is to register them in Packagist and give them the type -# `drupal-custom-module` instead of `drupal-module`. This will cause -# Composer to install them to the directory `modules/custom`. -# -# An alternate strategy for custom modules is to commit them -# directly to the repository of the site where they are used. This -# is commonly done with modules that are specific to just one site. -# -# Sites that have both Composer-managed custom modules and custom -# modules that are committed directly to the repository may ignore -# the `modules/custom` directory with the first rule shown below, -# and then allow the locations to be committed on a case-by-case -# basis by re-adding paths using `!` rules. A path that begins with -# a `!` will allow a previously-ignored path to be added to the -# repository. Note, however, that a path cannot be re-added if any -# of its parent directories are excluded. This is why we use the -# rule `/modules/custom/*` instead of `/modules/custom`. -# -# Sites that do not have any Composer-managed custom modules may -# delete all of the `modules/custom` lines below. -# ------------------------------------------------------------------ -/web/modules/custom/* -#!/web/modules/custom/module_in_repo - - -# Ignore directories generated by Composer -# -# See the "installer-paths" section in the top-level composer.json -# file. -# ------------------------------------------------------------------ -/drush/Commands/contrib/ -/web/core/ -/web/modules/contrib/ -/web/themes/contrib/ -/web/profiles/contrib/ -/web/libraries/ - -# Generally you should only ignore the root vendor directory. It's important -# that core/assets/vendor and any other vendor directories within contrib or -# custom module, theme, etc., are not ignored unless you purposely do so. -/vendor/ - -# Ignore scaffold files -# -# Note that the scaffold plugin may be used to automatically manage -# a site's .gitignore files. If the `vendor` directory is ignored, -# then one or more .gitignore files will be written to also ignore -# any file placed by scaffolding. To avoid the creation of -# additional .gitignore files, add all of the scaffold file -# locations to the top-level .gitignore file, as shown below. -# ------------------------------------------------------------------ -/web/.csslintrc -/web/.editorconfig -/web/.eslintignore -/web/.eslintrc.json -/web/.gitattributes -/web/.ht.router.php -/web/.htaccess -/web/INSTALL.txt -/web/README.txt -/web/autoload.php -/web/example.gitignore -/web/index.php -/web/robots.txt -/web/update.php -/web/web.config -/web/modules/README.txt -/web/profiles/README.txt -/web/sites/README.txt -/web/sites/default/default.services.yml -/web/sites/default/default.settings.php -/web/sites/development.services.yml -/web/sites/example.settings.local.php -/web/sites/example.sites.php -/web/themes/README.txt - - -# Other common rules -# ------------------ -# Ignore files generated by PhpStorm -/.idea/ - -# Ignore .env files as they are personal -#/.env - -# ------------------------------------------------------------------------------ - -# @see https://github.com/github/gitignore/blob/e448b41613502a56c8124916874cf3b6b098d1ce/Drupal.gitignore -# gitignore template for Drupal 8 projects -# -# earlier versions of Drupal are tracked in `community/PHP/` -# -# follows official upstream conventions: -# https://www.drupal.org/docs/develop/using-composer - -# Ignore configuration files that may contain sensitive information -/web/sites/*/*settings*.php -/web/sites/*/*services*.yml - -# Ignore paths that may contain user-generated content -/web/sites/*/files -/web/sites/*/public -/web/sites/*/private -/web/sites/*/files-public -/web/sites/*/files-private - -# Ignore paths that may contain temporary files -/web/sites/*/translations -/web/sites/*/tmp -/web/sites/*/cache - -# Ignore drupal core (if not versioning drupal sources) -/web/vendor -/web/core -/web/modules/README.txt -/web/profiles/README.txt -/web/sites/development.services.yml -/web/sites/example.settings.local.php -/web/sites/example.sites.php -/web/sites/README.txt -/web/themes/README.txt -/web/.csslintrc -/web/.editorconfig -/web/.eslintignore -/web/.eslintrc.json -/web/.gitattributes -/web/.htaccess -/web/.ht.router.php -/web/autoload.php -/web/composer.json -/web/composer.lock -/web/example.gitignore -/web/index.php -/web/INSTALL.txt -/web/LICENSE.txt -/web/README.txt -/web/robots.txt -/web/update.php -/web/web.config - -# Ignore vendor dependencies and scripts -/vendor -/composer.phar -/composer -/robo.phar -/robo -/drush.phar -/drush -/drupal.phar -/drupal - -# ------------------------------------------------------------------------------ - -# We want all custom site settings in settings.local.php -!/web/sites/*/settings*.php - -# Ignore PhpStorm -.idea - -# Ignore private files -private-files/ - -# Ignore VS-code -.vscode diff --git a/templates/drupal-9/docker-compose.server.yml b/templates/drupal-9/docker-compose.server.yml index 4b034415..c9e464c3 100644 --- a/templates/drupal-9/docker-compose.server.yml +++ b/templates/drupal-9/docker-compose.server.yml @@ -8,7 +8,7 @@ networks: services: phpfpm: - image: itkdev/php8.3-fpm:alpine + image: itkdev/php8.4-fpm:alpine restart: unless-stopped networks: - app diff --git a/templates/drupal-9/docker-compose.yml b/templates/drupal-9/docker-compose.yml index fa7dcd68..230ab5a4 100644 --- a/templates/drupal-9/docker-compose.yml +++ b/templates/drupal-9/docker-compose.yml @@ -25,12 +25,9 @@ services: - MYSQL_PASSWORD=db - MYSQL_DATABASE=db #- ENCRYPT=1 # Uncomment to enable database encryption. - # https://symfony.com/doc/current/setup/symfony_server.html#docker-integration - labels: - com.symfony.server.service-prefix: "DATABASE" phpfpm: - image: itkdev/php8.3-fpm:latest + image: itkdev/php8.4-fpm:latest user: ${COMPOSE_USER:-deploy} networks: - app @@ -76,9 +73,9 @@ services: - "traefik.enable=true" - "traefik.docker.network=frontend" - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_DOMAIN:?}`)" - # HTTPS config - uncomment to enable redirect from :80 to :443 - # - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" - # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + # HTTPS config - enable redirect from :80 to :443 + - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" # Cron-metrics protection. - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" diff --git a/templates/drupal-9/web/sites/default/settings.local.docker.php b/templates/drupal-9/web/sites/default/settings.local.docker.php deleted file mode 100644 index e0bb6689..00000000 --- a/templates/drupal-9/web/sites/default/settings.local.docker.php +++ /dev/null @@ -1,11 +0,0 @@ - 'db', - 'username' => 'db', - 'password' => 'db', - 'host' => 'mariadb', - 'port' => '', - 'driver' => 'mysql', - 'prefix' => '', -); diff --git a/templates/drupal-10/.docker/data/.gitignore b/templates/drupal/.docker/data/.gitignore similarity index 63% rename from templates/drupal-10/.docker/data/.gitignore rename to templates/drupal/.docker/data/.gitignore index 80a9dc93..4ce10200 100644 --- a/templates/drupal-10/.docker/data/.gitignore +++ b/templates/drupal/.docker/data/.gitignore @@ -1,5 +1,5 @@ # Ignore everything in this directory * -# Except this file +# Except !.gitignore -!Readme.md +!README.md diff --git a/templates/drupal-7/.docker/data/README.md b/templates/drupal/.docker/data/README.md similarity index 77% rename from templates/drupal-7/.docker/data/README.md rename to templates/drupal/.docker/data/README.md index 8895d7b1..fddfcf86 100644 --- a/templates/drupal-7/.docker/data/README.md +++ b/templates/drupal/.docker/data/README.md @@ -2,11 +2,14 @@ Please map persistent volumes to this directory on the servers. -If a container needs to persist data between restarts you can map the relevant files in the container to ``docker/data/`. +If a container needs to persist data between restarts you can map the relevant files in the container to +`.docker/data/`. ## RabbitMQ example -If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for RabbitMQs data directory to avoid losing message on container restarts. +If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for +RabbitMQs data directory to avoid losing message on container restarts. +x ```yaml # docker-compose.server.override.yml diff --git a/templates/drupal-10/.docker/nginx.conf b/templates/drupal/.docker/nginx.conf similarity index 100% rename from templates/drupal-10/.docker/nginx.conf rename to templates/drupal/.docker/nginx.conf diff --git a/templates/drupal-10/.docker/templates/default.conf.template b/templates/drupal/.docker/templates/default.conf.template similarity index 100% rename from templates/drupal-10/.docker/templates/default.conf.template rename to templates/drupal/.docker/templates/default.conf.template diff --git a/templates/drupal-7/.github/workflows/changelog.yaml b/templates/drupal/.github/workflows/changelog.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/changelog.yaml rename to templates/drupal/.github/workflows/changelog.yaml diff --git a/templates/drupal-7/.github/workflows/composer.yaml b/templates/drupal/.github/workflows/composer.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/composer.yaml rename to templates/drupal/.github/workflows/composer.yaml diff --git a/templates/drupal-7/.github/workflows/javascript.yaml b/templates/drupal/.github/workflows/javascript.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/javascript.yaml rename to templates/drupal/.github/workflows/javascript.yaml diff --git a/templates/drupal-7/.github/workflows/markdown.yaml b/templates/drupal/.github/workflows/markdown.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/markdown.yaml rename to templates/drupal/.github/workflows/markdown.yaml diff --git a/templates/drupal-7/.github/workflows/php.yaml b/templates/drupal/.github/workflows/php.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/php.yaml rename to templates/drupal/.github/workflows/php.yaml diff --git a/templates/drupal-7/.github/workflows/site.yaml b/templates/drupal/.github/workflows/site.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/site.yaml rename to templates/drupal/.github/workflows/site.yaml diff --git a/templates/drupal-7/.github/workflows/styles.yaml b/templates/drupal/.github/workflows/styles.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/styles.yaml rename to templates/drupal/.github/workflows/styles.yaml diff --git a/templates/drupal-7/.github/workflows/twig.yaml b/templates/drupal/.github/workflows/twig.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/twig.yaml rename to templates/drupal/.github/workflows/twig.yaml diff --git a/templates/drupal-7/.github/workflows/yaml.yaml b/templates/drupal/.github/workflows/yaml.yaml similarity index 100% rename from templates/drupal-7/.github/workflows/yaml.yaml rename to templates/drupal/.github/workflows/yaml.yaml diff --git a/templates/drupal-7/.markdownlint.jsonc b/templates/drupal/.markdownlint.jsonc similarity index 100% rename from templates/drupal-7/.markdownlint.jsonc rename to templates/drupal/.markdownlint.jsonc diff --git a/templates/drupal-7/.markdownlintignore b/templates/drupal/.markdownlintignore similarity index 100% rename from templates/drupal-7/.markdownlintignore rename to templates/drupal/.markdownlintignore diff --git a/templates/drupal-7/.phpcs.xml.dist b/templates/drupal/.phpcs.xml.dist similarity index 100% rename from templates/drupal-7/.phpcs.xml.dist rename to templates/drupal/.phpcs.xml.dist diff --git a/templates/drupal-7/.twig-cs-fixer.dist.php b/templates/drupal/.twig-cs-fixer.dist.php similarity index 100% rename from templates/drupal-7/.twig-cs-fixer.dist.php rename to templates/drupal/.twig-cs-fixer.dist.php diff --git a/templates/drupal/README.md b/templates/drupal/README.md new file mode 100644 index 00000000..628caa90 --- /dev/null +++ b/templates/drupal/README.md @@ -0,0 +1,18 @@ +# Drupal project template + +This is the current generic template for Drupal projects. + +Specific version templates are created by symlinking to this folder, e.g. + +``` text +templates/drupal-11 +├── .docker -> ../drupal/.docker +├── .twig-cs-fixer.dist.php -> ../../config/drupal/twig/.twig-cs-fixer.dist.php +├── docker-compose.dev.yml -> ../drupal/docker-compose.dev.yml +├── docker-compose.redirect.yml -> ../drupal/docker-compose.redirect.yml +├── docker-compose.server.yml -> ../drupal/docker-compose.server.yml +└── docker-compose.yml -> ../drupal/docker-compose.yml +``` + +> [!NOTE] +> GitHub workflow files and code check config files are handled in another symlink show. diff --git a/templates/drupal-7/docker-compose.dev.yml b/templates/drupal/docker-compose.dev.yml similarity index 100% rename from templates/drupal-7/docker-compose.dev.yml rename to templates/drupal/docker-compose.dev.yml diff --git a/templates/drupal-7/docker-compose.redirect.yml b/templates/drupal/docker-compose.redirect.yml similarity index 100% rename from templates/drupal-7/docker-compose.redirect.yml rename to templates/drupal/docker-compose.redirect.yml diff --git a/templates/drupal-7/docker-compose.server.yml b/templates/drupal/docker-compose.server.yml similarity index 85% rename from templates/drupal-7/docker-compose.server.yml rename to templates/drupal/docker-compose.server.yml index e6a48259..c9e464c3 100644 --- a/templates/drupal-7/docker-compose.server.yml +++ b/templates/drupal/docker-compose.server.yml @@ -8,7 +8,7 @@ networks: services: phpfpm: - image: itkdev/php7.4-fpm:alpine + image: itkdev/php8.4-fpm:alpine restart: unless-stopped networks: - app @@ -17,11 +17,12 @@ services: environment: - PHP_MAX_EXECUTION_TIME=30 - PHP_MEMORY_LIMIT=128M + # Let drush know the site uri (makes using --uri redundant) + - DRUSH_OPTIONS_URI=https://${COMPOSE_SERVER_DOMAIN:?} depends_on: - memcached volumes: - .:/app - - drush-cache:/root/.drush nginx: image: nginxinc/nginx-unprivileged:alpine @@ -38,7 +39,7 @@ services: environment: NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app + NGINX_WEB_ROOT: /app/web NGINX_PORT: 8080 NGINX_MAX_BODY_SIZE: 5M labels: @@ -61,17 +62,3 @@ services: - app environment: - MEMCACHED_CACHE_SIZE=64 - - drush: - image: itkdev/drush6:latest - networks: - - app - entrypoint: - - drush - volumes: - - drush-cache:/root/.drush - - ./:/app - -# Drush cache volume to persist cache between runs. -volumes: - drush-cache: diff --git a/templates/drupal-7/docker-compose.yml b/templates/drupal/docker-compose.yml similarity index 81% rename from templates/drupal-7/docker-compose.yml rename to templates/drupal/docker-compose.yml index ade137f6..230ab5a4 100644 --- a/templates/drupal-7/docker-compose.yml +++ b/templates/drupal/docker-compose.yml @@ -25,12 +25,9 @@ services: - MYSQL_PASSWORD=db - MYSQL_DATABASE=db #- ENCRYPT=1 # Uncomment to enable database encryption. - # https://symfony.com/doc/current/setup/symfony_server.html#docker-integration - labels: - com.symfony.server.service-prefix: "DATABASE" phpfpm: - image: itkdev/php7.4-fpm:latest + image: itkdev/php8.4-fpm:latest user: ${COMPOSE_USER:-deploy} networks: - app @@ -44,6 +41,8 @@ services: - PHP_SENDMAIL_PATH=/usr/bin/msmtp --host=mail --port=1025 --read-recipients --read-envelope-from - DOCKER_HOST_DOMAIN=${COMPOSE_DOMAIN:?} - PHP_IDE_CONFIG=serverName=localhost + # Let drush know the site uri (makes using --uri redundant) + - DRUSH_OPTIONS_URI=http://${COMPOSE_DOMAIN:?} depends_on: mariadb: condition: service_healthy @@ -51,7 +50,6 @@ services: condition: service_healthy volumes: - .:/app - - drush-cache:/root/.drush nginx: image: nginxinc/nginx-unprivileged:alpine @@ -68,16 +66,16 @@ services: environment: NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app + NGINX_WEB_ROOT: /app/web NGINX_PORT: 8080 NGINX_MAX_BODY_SIZE: 5M labels: - "traefik.enable=true" - "traefik.docker.network=frontend" - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_DOMAIN:?}`)" - # HTTPS config - uncomment to enable redirect from :80 to :443 - # - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" - # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + # HTTPS config - enable redirect from :80 to :443 + - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" # Cron-metrics protection. - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" @@ -109,18 +107,6 @@ services: - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}mail.rule=Host(`mail-${COMPOSE_DOMAIN:?}`)" - "traefik.http.services.${COMPOSE_PROJECT_NAME:?}mail.loadbalancer.server.port=8025" - drush: - image: itkdev/drush6:latest - networks: - - app - depends_on: - - mariadb - entrypoint: - - drush - volumes: - - drush-cache:/root/.drush - - .:/app - # Code checks tools markdownlint: image: itkdev/markdownlint @@ -139,7 +125,3 @@ services: - dev volumes: - ./:/work - -volumes: - # Drush cache volume to persist cache between runs. - drush-cache: diff --git a/templates/symfony-3/.docker/data/.gitignore b/templates/symfony-3/.docker/data/.gitignore deleted file mode 100644 index 80a9dc93..00000000 --- a/templates/symfony-3/.docker/data/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -# Ignore everything in this directory -* -# Except this file -!.gitignore -!Readme.md diff --git a/templates/symfony-3/.docker/data/README.md b/templates/symfony-3/.docker/data/README.md deleted file mode 100644 index 8895d7b1..00000000 --- a/templates/symfony-3/.docker/data/README.md +++ /dev/null @@ -1,26 +0,0 @@ -# .docker/data - -Please map persistent volumes to this directory on the servers. - -If a container needs to persist data between restarts you can map the relevant files in the container to ``docker/data/`. - -## RabbitMQ example -If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for RabbitMQs data directory to avoid losing message on container restarts. - -```yaml -# docker-compose.server.override.yml - -services: - rabbit: - image: rabbitmq:3.9-management-alpine - hostname: "${COMPOSE_PROJECT_NAME}" - networks: - - app - - frontend - environment: - - "RABBITMQ_DEFAULT_USER=${RABBITMQ_USER}" - - "RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD}" - - "RABBITMQ_ERLANG_COOKIE=${RABBITMQ_ERLANG_COOKIE}" - volumes: - - ".docker/data/rabbitmq:/var/lib/rabbitmq/mnesia/" -``` diff --git a/templates/symfony-3/.docker/nginx.conf b/templates/symfony-3/.docker/nginx.conf deleted file mode 100644 index ec278a5d..00000000 --- a/templates/symfony-3/.docker/nginx.conf +++ /dev/null @@ -1,34 +0,0 @@ -worker_processes auto; - -error_log /dev/stderr notice; -pid /tmp/nginx.pid; - -events { - worker_connections 1024; -} - -http { - proxy_temp_path /tmp/proxy_temp; - client_body_temp_path /tmp/client_temp; - fastcgi_temp_path /tmp/fastcgi_temp; - uwsgi_temp_path /tmp/uwsgi_temp; - scgi_temp_path /tmp/scgi_temp; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Note: set_real_ip_from is set in the server block - - log_format main '$http_x_real_ip - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /dev/stdout main; - - sendfile on; - keepalive_timeout 65; - - gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/templates/symfony-3/.docker/templates/default.conf.template b/templates/symfony-3/.docker/templates/default.conf.template deleted file mode 100644 index 00c28bdc..00000000 --- a/templates/symfony-3/.docker/templates/default.conf.template +++ /dev/null @@ -1,69 +0,0 @@ -server { - listen ${NGINX_PORT}; - server_name localhost; - - root ${NGINX_WEB_ROOT}; - - client_max_body_size ${NGINX_MAX_BODY_SIZE}; - - set_real_ip_from 172.16.0.0/16; - set_real_ip_from 192.168.39.0/24; - real_ip_recursive on; - real_ip_header X-Forwarded-For; - - location = /cron-metrics { - # Proxy to supercronic metrics - proxy_pass http://${NGINX_CRON_METRICS}/metrics; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location / { - # try to serve file directly, fallback to app.php - #try_files $uri /app.php$is_args$args; - try_files $uri /app_dev.php$is_args$args; - } - - # Protect files and directories from prying eyes. - location ~* \.(engine|inc|install|make|module|profile|po|sh|.*sql|.tar|.gz|.bz2|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$ { - deny all; - return 404; - } - - # Development - location ~ ^/(app_dev|config)\.php(/|$) { - fastcgi_buffers 16 32k; - fastcgi_buffer_size 64k; - fastcgi_busy_buffers_size 64k; - - fastcgi_pass ${NGINX_FPM_SERVICE}; - fastcgi_split_path_info ^(.+\.php)(/.*)$; - include fastcgi_params; - - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - fastcgi_param DOCUMENT_ROOT $realpath_root; - } - - # Production - location ~ ^/app\.php(/|$) { - fastcgi_pass ${NGINX_FPM_SERVICE}; - fastcgi_split_path_info ^(.+\.php)(/.*)$; - include fastcgi_params; - - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - fastcgi_param DOCUMENT_ROOT $realpath_root; - - internal; - } - - - location ~ \.php$ { - return 404; - } - - # Send log message to files symlinked to stdout/stderr. - error_log /dev/stderr; - access_log /dev/stdout main; -} diff --git a/templates/symfony-3/docker-compose.server.yml b/templates/symfony-3/docker-compose.server.yml deleted file mode 100644 index de62bcab..00000000 --- a/templates/symfony-3/docker-compose.server.yml +++ /dev/null @@ -1,52 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - phpfpm: - image: itkdev/php7.2-fpm:alpine - restart: unless-stopped - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=128M - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - restart: unless-stopped - networks: - - app - - frontend - depends_on: - - phpfpm - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - ./.docker/nginx.conf:/etc/nginx/nginx.conf:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/web - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - # Cron-metrics protection. - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" diff --git a/templates/symfony-3/docker-compose.yml b/templates/symfony-3/docker-compose.yml deleted file mode 100644 index 58dde333..00000000 --- a/templates/symfony-3/docker-compose.yml +++ /dev/null @@ -1,113 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - mariadb: - image: itkdev/mariadb:latest - networks: - - app - ports: - - "3306" - healthcheck: - test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] - start_period: 10s - interval: 10s - timeout: 5s - retries: 3 - environment: - - MYSQL_ROOT_PASSWORD=password - - MYSQL_USER=db - - MYSQL_PASSWORD=db - - MYSQL_DATABASE=db - #- ENCRYPT=1 # Uncomment to enable database encryption. - # https://symfony.com/doc/current/setup/symfony_server.html#docker-integration - labels: - com.symfony.server.service-prefix: "DATABASE" - - phpfpm: - image: itkdev/php7.2-fpm:latest - user: ${COMPOSE_USER:-deploy} - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_XDEBUG_REMOTE_ENABLE=${PHP_XDEBUG_REMOTE_ENABLE:-0} - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=256M - # Depending on the setup, you may have to remove --read-envelope-from from msmtp (cf. https://marlam.de/msmtp/msmtp.html) or use SMTP to send mail - - PHP_SENDMAIL_PATH=/usr/bin/msmtp --host=mail --port=1025 --read-recipients --read-envelope-from - - DOCKER_HOST_DOMAIN=${COMPOSE_DOMAIN:?} - - PHP_IDE_CONFIG=serverName=localhost - depends_on: - mariadb: - condition: service_healthy - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - networks: - - app - - frontend - depends_on: - - phpfpm - ports: - - "8080" - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/web - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_DOMAIN:?}`)" - # HTTPS config - uncomment to enable redirect from :80 to :443 - # - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" - # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - # Cron-metrics protection. - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" - - mail: - image: axllent/mailpit - networks: - - app - - frontend - ports: - - "1025" - - "8025" - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}mail.rule=Host(`mail-${COMPOSE_DOMAIN:?}`)" - - "traefik.http.services.${COMPOSE_PROJECT_NAME:?}mail.loadbalancer.server.port=8025" - - # Code checks tools - markdownlint: - image: itkdev/markdownlint - profiles: - - dev - volumes: - - ./:/md - - prettier: - # Prettier does not (yet, fcf. - # https://github.com/prettier/prettier/issues/15206) have an official - # docker image. - # https://hub.docker.com/r/jauderho/prettier is good candidate (cf. https://hub.docker.com/search?q=prettier&sort=updated_at&order=desc) - image: jauderho/prettier - profiles: - - dev - volumes: - - ./:/work diff --git a/templates/symfony-4/.docker/data/.gitignore b/templates/symfony-4/.docker/data/.gitignore deleted file mode 100644 index 80a9dc93..00000000 --- a/templates/symfony-4/.docker/data/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -# Ignore everything in this directory -* -# Except this file -!.gitignore -!Readme.md diff --git a/templates/symfony-4/.docker/data/README.md b/templates/symfony-4/.docker/data/README.md deleted file mode 100644 index 8895d7b1..00000000 --- a/templates/symfony-4/.docker/data/README.md +++ /dev/null @@ -1,26 +0,0 @@ -# .docker/data - -Please map persistent volumes to this directory on the servers. - -If a container needs to persist data between restarts you can map the relevant files in the container to ``docker/data/`. - -## RabbitMQ example -If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for RabbitMQs data directory to avoid losing message on container restarts. - -```yaml -# docker-compose.server.override.yml - -services: - rabbit: - image: rabbitmq:3.9-management-alpine - hostname: "${COMPOSE_PROJECT_NAME}" - networks: - - app - - frontend - environment: - - "RABBITMQ_DEFAULT_USER=${RABBITMQ_USER}" - - "RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD}" - - "RABBITMQ_ERLANG_COOKIE=${RABBITMQ_ERLANG_COOKIE}" - volumes: - - ".docker/data/rabbitmq:/var/lib/rabbitmq/mnesia/" -``` diff --git a/templates/symfony-4/.docker/nginx.conf b/templates/symfony-4/.docker/nginx.conf deleted file mode 100644 index ec278a5d..00000000 --- a/templates/symfony-4/.docker/nginx.conf +++ /dev/null @@ -1,34 +0,0 @@ -worker_processes auto; - -error_log /dev/stderr notice; -pid /tmp/nginx.pid; - -events { - worker_connections 1024; -} - -http { - proxy_temp_path /tmp/proxy_temp; - client_body_temp_path /tmp/client_temp; - fastcgi_temp_path /tmp/fastcgi_temp; - uwsgi_temp_path /tmp/uwsgi_temp; - scgi_temp_path /tmp/scgi_temp; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Note: set_real_ip_from is set in the server block - - log_format main '$http_x_real_ip - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /dev/stdout main; - - sendfile on; - keepalive_timeout 65; - - gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/templates/symfony-4/docker-compose.dev.yml b/templates/symfony-4/docker-compose.dev.yml deleted file mode 100644 index 71a88b42..00000000 --- a/templates/symfony-4/docker-compose.dev.yml +++ /dev/null @@ -1,27 +0,0 @@ -# itk-version: 3.2.4 -services: - phpfpm: - environment: - - PHP_SENDMAIL_PATH=/usr/sbin/sendmail -S mail:1025 - - nginx: - labels: - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=ITKBasicAuth@file" - - mail: - image: axllent/mailpit - restart: unless-stopped - networks: - - app - - frontend - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.services.mail_${COMPOSE_PROJECT_NAME:?}.loadbalancer.server.port=8025" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.middlewares=ITKMailhogAuth@file" diff --git a/templates/symfony-4/docker-compose.redirect.yml b/templates/symfony-4/docker-compose.redirect.yml deleted file mode 100644 index 2e7ac332..00000000 --- a/templates/symfony-4/docker-compose.redirect.yml +++ /dev/null @@ -1,15 +0,0 @@ -# itk-version: 3.2.4 -services: - nginx: - labels: - # Add www before domain and set redirect to non-www - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https,non_www" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.middlewares=non_www" - - - traefik.http.middlewares.non_www.redirectregex.regex=^(http|https)?://(?:www\.)?(.+) - - traefik.http.middlewares.non_www.redirectregex.replacement=https://$${2:?} - - traefik.http.middlewares.non_www.redirectregex.permanent=true diff --git a/templates/symfony-6/.docker b/templates/symfony-6/.docker new file mode 120000 index 00000000..27827225 --- /dev/null +++ b/templates/symfony-6/.docker @@ -0,0 +1 @@ +../symfony/.docker \ No newline at end of file diff --git a/templates/symfony-6/.docker/data/.gitignore b/templates/symfony-6/.docker/data/.gitignore deleted file mode 100644 index 80a9dc93..00000000 --- a/templates/symfony-6/.docker/data/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -# Ignore everything in this directory -* -# Except this file -!.gitignore -!Readme.md diff --git a/templates/symfony-6/.docker/data/README.md b/templates/symfony-6/.docker/data/README.md deleted file mode 100644 index 8895d7b1..00000000 --- a/templates/symfony-6/.docker/data/README.md +++ /dev/null @@ -1,26 +0,0 @@ -# .docker/data - -Please map persistent volumes to this directory on the servers. - -If a container needs to persist data between restarts you can map the relevant files in the container to ``docker/data/`. - -## RabbitMQ example -If you are using RabbitMQ running in a container as a message broker you need to configure a persistent volume for RabbitMQs data directory to avoid losing message on container restarts. - -```yaml -# docker-compose.server.override.yml - -services: - rabbit: - image: rabbitmq:3.9-management-alpine - hostname: "${COMPOSE_PROJECT_NAME}" - networks: - - app - - frontend - environment: - - "RABBITMQ_DEFAULT_USER=${RABBITMQ_USER}" - - "RABBITMQ_DEFAULT_PASS=${RABBITMQ_PASSWORD}" - - "RABBITMQ_ERLANG_COOKIE=${RABBITMQ_ERLANG_COOKIE}" - volumes: - - ".docker/data/rabbitmq:/var/lib/rabbitmq/mnesia/" -``` diff --git a/templates/symfony-6/.docker/nginx.conf b/templates/symfony-6/.docker/nginx.conf deleted file mode 100644 index ec278a5d..00000000 --- a/templates/symfony-6/.docker/nginx.conf +++ /dev/null @@ -1,34 +0,0 @@ -worker_processes auto; - -error_log /dev/stderr notice; -pid /tmp/nginx.pid; - -events { - worker_connections 1024; -} - -http { - proxy_temp_path /tmp/proxy_temp; - client_body_temp_path /tmp/client_temp; - fastcgi_temp_path /tmp/fastcgi_temp; - uwsgi_temp_path /tmp/uwsgi_temp; - scgi_temp_path /tmp/scgi_temp; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Note: set_real_ip_from is set in the server block - - log_format main '$http_x_real_ip - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /dev/stdout main; - - sendfile on; - keepalive_timeout 65; - - gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/templates/symfony-6/.docker/templates/default.conf.template b/templates/symfony-6/.docker/templates/default.conf.template deleted file mode 100644 index 36ddf049..00000000 --- a/templates/symfony-6/.docker/templates/default.conf.template +++ /dev/null @@ -1,56 +0,0 @@ -server { - listen ${NGINX_PORT}; - server_name localhost; - - root ${NGINX_WEB_ROOT}; - - client_max_body_size ${NGINX_MAX_BODY_SIZE}; - - set_real_ip_from 172.16.0.0/16; - set_real_ip_from 192.168.39.0/24; - real_ip_recursive on; - real_ip_header X-Forwarded-For; - - location = /cron-metrics { - # Proxy to supercronic metrics - proxy_pass http://${NGINX_CRON_METRICS}/metrics; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location / { - # try to serve file directly, fallback to index.php - try_files $uri /index.php$is_args$args; - } - - # Protect files and directories from prying eyes. - location ~* \.(engine|inc|install|make|module|profile|po|sh|.*sql|.tar|.gz|.bz2|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$ { - deny all; - return 404; - } - - location ~ ^/index\.php(/|$) { - fastcgi_buffers 16 32k; - fastcgi_buffer_size 64k; - fastcgi_busy_buffers_size 64k; - - fastcgi_pass ${NGINX_FPM_SERVICE}; - fastcgi_split_path_info ^(.+\.php)(/.*)$; - include fastcgi_params; - - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - fastcgi_param DOCUMENT_ROOT $realpath_root; - - internal; - } - - location ~ \.php$ { - return 404; - } - - # Send log message to files symlinked to stdout/stderr. - error_log /dev/stderr; - access_log /dev/stdout main; -} diff --git a/templates/symfony-6/docker-compose.dev.yml b/templates/symfony-6/docker-compose.dev.yml deleted file mode 100644 index 71a88b42..00000000 --- a/templates/symfony-6/docker-compose.dev.yml +++ /dev/null @@ -1,27 +0,0 @@ -# itk-version: 3.2.4 -services: - phpfpm: - environment: - - PHP_SENDMAIL_PATH=/usr/sbin/sendmail -S mail:1025 - - nginx: - labels: - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=ITKBasicAuth@file" - - mail: - image: axllent/mailpit - restart: unless-stopped - networks: - - app - - frontend - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.rule=Host(`mail.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.services.mail_${COMPOSE_PROJECT_NAME:?}.loadbalancer.server.port=8025" - - "traefik.http.routers.mail_${COMPOSE_PROJECT_NAME:?}.middlewares=ITKMailhogAuth@file" diff --git a/templates/symfony-6/docker-compose.dev.yml b/templates/symfony-6/docker-compose.dev.yml new file mode 120000 index 00000000..b9f22024 --- /dev/null +++ b/templates/symfony-6/docker-compose.dev.yml @@ -0,0 +1 @@ +../symfony/docker-compose.dev.yml \ No newline at end of file diff --git a/templates/symfony-6/docker-compose.redirect.yml b/templates/symfony-6/docker-compose.redirect.yml deleted file mode 100644 index 2e7ac332..00000000 --- a/templates/symfony-6/docker-compose.redirect.yml +++ /dev/null @@ -1,15 +0,0 @@ -# itk-version: 3.2.4 -services: - nginx: - labels: - # Add www before domain and set redirect to non-www - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https,non_www" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.rule=Host(`www.${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - - "traefik.http.routers.www_${COMPOSE_PROJECT_NAME:?}.middlewares=non_www" - - - traefik.http.middlewares.non_www.redirectregex.regex=^(http|https)?://(?:www\.)?(.+) - - traefik.http.middlewares.non_www.redirectregex.replacement=https://$${2:?} - - traefik.http.middlewares.non_www.redirectregex.permanent=true diff --git a/templates/symfony-6/docker-compose.redirect.yml b/templates/symfony-6/docker-compose.redirect.yml new file mode 120000 index 00000000..7a5f2293 --- /dev/null +++ b/templates/symfony-6/docker-compose.redirect.yml @@ -0,0 +1 @@ +../symfony/docker-compose.redirect.yml \ No newline at end of file diff --git a/templates/symfony-6/docker-compose.server.yml b/templates/symfony-6/docker-compose.server.yml deleted file mode 100644 index fffc693b..00000000 --- a/templates/symfony-6/docker-compose.server.yml +++ /dev/null @@ -1,52 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - phpfpm: - image: itkdev/php8.4-fpm:alpine - restart: unless-stopped - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=128M - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - restart: unless-stopped - networks: - - app - - frontend - depends_on: - - phpfpm - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - ./.docker/nginx.conf:/etc/nginx/nginx.conf:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/public - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.entrypoints=web" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-http.middlewares=redirect-to-https" - - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`)" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.entrypoints=websecure" - # Cron-metrics protection. - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_SERVER_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" diff --git a/templates/symfony-6/docker-compose.server.yml b/templates/symfony-6/docker-compose.server.yml new file mode 120000 index 00000000..75fde9b5 --- /dev/null +++ b/templates/symfony-6/docker-compose.server.yml @@ -0,0 +1 @@ +../symfony/docker-compose.server.yml \ No newline at end of file diff --git a/templates/symfony-6/docker-compose.yml b/templates/symfony-6/docker-compose.yml deleted file mode 100644 index 4dff2455..00000000 --- a/templates/symfony-6/docker-compose.yml +++ /dev/null @@ -1,110 +0,0 @@ -# itk-version: 3.2.4 -networks: - frontend: - external: true - app: - driver: bridge - internal: false - -services: - mariadb: - image: itkdev/mariadb:latest - networks: - - app - ports: - - "3306" - healthcheck: - test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"] - start_period: 10s - interval: 10s - timeout: 5s - retries: 3 - environment: - - MYSQL_ROOT_PASSWORD=password - - MYSQL_USER=db - - MYSQL_PASSWORD=db - - MYSQL_DATABASE=db - #- ENCRYPT=1 # Uncomment to enable database encryption. - - phpfpm: - image: itkdev/php8.4-fpm:latest - user: ${COMPOSE_USER:-deploy} - networks: - - app - extra_hosts: - - "host.docker.internal:host-gateway" - environment: - - PHP_XDEBUG_MODE=${PHP_XDEBUG_MODE:-off} - - PHP_MAX_EXECUTION_TIME=30 - - PHP_MEMORY_LIMIT=256M - # Depending on the setup, you may have to remove --read-envelope-from from msmtp (cf. https://marlam.de/msmtp/msmtp.html) or use SMTP to send mail - - PHP_SENDMAIL_PATH=/usr/bin/msmtp --host=mail --port=1025 --read-recipients --read-envelope-from - - DOCKER_HOST_DOMAIN=${COMPOSE_DOMAIN:?} - - PHP_IDE_CONFIG=serverName=localhost - depends_on: - mariadb: - condition: service_healthy - volumes: - - .:/app - - nginx: - image: nginxinc/nginx-unprivileged:alpine - networks: - - app - - frontend - depends_on: - - phpfpm - ports: - - "8080" - volumes: - - ./.docker/templates:/etc/nginx/templates:ro - - .:/app - environment: - NGINX_FPM_SERVICE: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9000 - NGINX_CRON_METRICS: ${COMPOSE_PROJECT_NAME:?}-phpfpm-1:9746 - NGINX_WEB_ROOT: /app/public - NGINX_PORT: 8080 - NGINX_MAX_BODY_SIZE: 5M - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.rule=Host(`${COMPOSE_DOMAIN:?}`)" - # HTTPS config - uncomment to enable redirect from :80 to :443 - # - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}.middlewares=redirect-to-https" - # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" - # Cron-metrics protection. - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.rule=Host(`${COMPOSE_DOMAIN:?}`) && PathPrefix(`/cron-metrics`) " - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}-metrics.middlewares=ITKMetricsAuth@file" - - mail: - image: axllent/mailpit - networks: - - app - - frontend - ports: - - "1025" - - "8025" - labels: - - "traefik.enable=true" - - "traefik.docker.network=frontend" - - "traefik.http.routers.${COMPOSE_PROJECT_NAME:?}mail.rule=Host(`mail-${COMPOSE_DOMAIN:?}`)" - - "traefik.http.services.${COMPOSE_PROJECT_NAME:?}mail.loadbalancer.server.port=8025" - - # Code checks tools - markdownlint: - image: itkdev/markdownlint - profiles: - - dev - volumes: - - ./:/md - - prettier: - # Prettier does not (yet, fcf. - # https://github.com/prettier/prettier/issues/15206) have an official - # docker image. - # https://hub.docker.com/r/jauderho/prettier is good candidate (cf. https://hub.docker.com/search?q=prettier&sort=updated_at&order=desc) - image: jauderho/prettier - profiles: - - dev - volumes: - - ./:/work diff --git a/templates/symfony-6/docker-compose.yml b/templates/symfony-6/docker-compose.yml new file mode 120000 index 00000000..94d8e5b7 --- /dev/null +++ b/templates/symfony-6/docker-compose.yml @@ -0,0 +1 @@ +../symfony/docker-compose.yml \ No newline at end of file diff --git a/templates/symfony-7/.docker b/templates/symfony-7/.docker new file mode 120000 index 00000000..27827225 --- /dev/null +++ b/templates/symfony-7/.docker @@ -0,0 +1 @@ +../symfony/.docker \ No newline at end of file diff --git a/templates/symfony-3/.github/workflows/changelog.yaml b/templates/symfony-7/.github/workflows/changelog.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/changelog.yaml rename to templates/symfony-7/.github/workflows/changelog.yaml diff --git a/templates/symfony-3/.github/workflows/composer.yaml b/templates/symfony-7/.github/workflows/composer.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/composer.yaml rename to templates/symfony-7/.github/workflows/composer.yaml diff --git a/templates/symfony-3/.github/workflows/javascript.yaml b/templates/symfony-7/.github/workflows/javascript.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/javascript.yaml rename to templates/symfony-7/.github/workflows/javascript.yaml diff --git a/templates/symfony-3/.github/workflows/markdown.yaml b/templates/symfony-7/.github/workflows/markdown.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/markdown.yaml rename to templates/symfony-7/.github/workflows/markdown.yaml diff --git a/templates/symfony-3/.github/workflows/php.yaml b/templates/symfony-7/.github/workflows/php.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/php.yaml rename to templates/symfony-7/.github/workflows/php.yaml diff --git a/templates/symfony-3/.github/workflows/styles.yaml b/templates/symfony-7/.github/workflows/styles.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/styles.yaml rename to templates/symfony-7/.github/workflows/styles.yaml diff --git a/templates/symfony-3/.github/workflows/twig.yaml b/templates/symfony-7/.github/workflows/twig.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/twig.yaml rename to templates/symfony-7/.github/workflows/twig.yaml diff --git a/templates/symfony-3/.github/workflows/yaml.yaml b/templates/symfony-7/.github/workflows/yaml.yaml similarity index 100% rename from templates/symfony-3/.github/workflows/yaml.yaml rename to templates/symfony-7/.github/workflows/yaml.yaml diff --git a/templates/symfony-3/.markdownlint.jsonc b/templates/symfony-7/.markdownlint.jsonc similarity index 100% rename from templates/symfony-3/.markdownlint.jsonc rename to templates/symfony-7/.markdownlint.jsonc diff --git a/templates/symfony-3/.markdownlintignore b/templates/symfony-7/.markdownlintignore similarity index 100% rename from templates/symfony-3/.markdownlintignore rename to templates/symfony-7/.markdownlintignore diff --git a/templates/symfony-3/.php-cs-fixer.dist.php b/templates/symfony-7/.php-cs-fixer.dist.php similarity index 100% rename from templates/symfony-3/.php-cs-fixer.dist.php rename to templates/symfony-7/.php-cs-fixer.dist.php diff --git a/templates/symfony-3/.prettierrc.yaml b/templates/symfony-7/.prettierrc.yaml similarity index 100% rename from templates/symfony-3/.prettierrc.yaml rename to templates/symfony-7/.prettierrc.yaml diff --git a/templates/symfony-3/.twig-cs-fixer.dist.php b/templates/symfony-7/.twig-cs-fixer.dist.php similarity index 100% rename from templates/symfony-3/.twig-cs-fixer.dist.php rename to templates/symfony-7/.twig-cs-fixer.dist.php diff --git a/templates/symfony-7/docker-compose.dev.yml b/templates/symfony-7/docker-compose.dev.yml new file mode 120000 index 00000000..b9f22024 --- /dev/null +++ b/templates/symfony-7/docker-compose.dev.yml @@ -0,0 +1 @@ +../symfony/docker-compose.dev.yml \ No newline at end of file diff --git a/templates/symfony-7/docker-compose.redirect.yml b/templates/symfony-7/docker-compose.redirect.yml new file mode 120000 index 00000000..7a5f2293 --- /dev/null +++ b/templates/symfony-7/docker-compose.redirect.yml @@ -0,0 +1 @@ +../symfony/docker-compose.redirect.yml \ No newline at end of file diff --git a/templates/symfony-7/docker-compose.server.yml b/templates/symfony-7/docker-compose.server.yml new file mode 120000 index 00000000..75fde9b5 --- /dev/null +++ b/templates/symfony-7/docker-compose.server.yml @@ -0,0 +1 @@ +../symfony/docker-compose.server.yml \ No newline at end of file diff --git a/templates/symfony-7/docker-compose.yml b/templates/symfony-7/docker-compose.yml new file mode 120000 index 00000000..94d8e5b7 --- /dev/null +++ b/templates/symfony-7/docker-compose.yml @@ -0,0 +1 @@ +../symfony/docker-compose.yml \ No newline at end of file diff --git a/templates/symfony-8/.docker b/templates/symfony-8/.docker new file mode 120000 index 00000000..27827225 --- /dev/null +++ b/templates/symfony-8/.docker @@ -0,0 +1 @@ +../symfony/.docker \ No newline at end of file diff --git a/templates/symfony-4/.github/workflows/changelog.yaml b/templates/symfony-8/.github/workflows/changelog.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/changelog.yaml rename to templates/symfony-8/.github/workflows/changelog.yaml diff --git a/templates/symfony-4/.github/workflows/composer.yaml b/templates/symfony-8/.github/workflows/composer.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/composer.yaml rename to templates/symfony-8/.github/workflows/composer.yaml diff --git a/templates/symfony-4/.github/workflows/javascript.yaml b/templates/symfony-8/.github/workflows/javascript.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/javascript.yaml rename to templates/symfony-8/.github/workflows/javascript.yaml diff --git a/templates/symfony-4/.github/workflows/markdown.yaml b/templates/symfony-8/.github/workflows/markdown.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/markdown.yaml rename to templates/symfony-8/.github/workflows/markdown.yaml diff --git a/templates/symfony-4/.github/workflows/php.yaml b/templates/symfony-8/.github/workflows/php.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/php.yaml rename to templates/symfony-8/.github/workflows/php.yaml diff --git a/templates/symfony-4/.github/workflows/styles.yaml b/templates/symfony-8/.github/workflows/styles.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/styles.yaml rename to templates/symfony-8/.github/workflows/styles.yaml diff --git a/templates/symfony-4/.github/workflows/twig.yaml b/templates/symfony-8/.github/workflows/twig.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/twig.yaml rename to templates/symfony-8/.github/workflows/twig.yaml diff --git a/templates/symfony-4/.github/workflows/yaml.yaml b/templates/symfony-8/.github/workflows/yaml.yaml similarity index 100% rename from templates/symfony-4/.github/workflows/yaml.yaml rename to templates/symfony-8/.github/workflows/yaml.yaml diff --git a/templates/symfony-4/.markdownlint.jsonc b/templates/symfony-8/.markdownlint.jsonc similarity index 100% rename from templates/symfony-4/.markdownlint.jsonc rename to templates/symfony-8/.markdownlint.jsonc diff --git a/templates/symfony-4/.markdownlintignore b/templates/symfony-8/.markdownlintignore similarity index 100% rename from templates/symfony-4/.markdownlintignore rename to templates/symfony-8/.markdownlintignore diff --git a/templates/symfony-4/.php-cs-fixer.dist.php b/templates/symfony-8/.php-cs-fixer.dist.php similarity index 100% rename from templates/symfony-4/.php-cs-fixer.dist.php rename to templates/symfony-8/.php-cs-fixer.dist.php diff --git a/templates/symfony-4/.prettierrc.yaml b/templates/symfony-8/.prettierrc.yaml similarity index 100% rename from templates/symfony-4/.prettierrc.yaml rename to templates/symfony-8/.prettierrc.yaml diff --git a/templates/symfony-4/.twig-cs-fixer.dist.php b/templates/symfony-8/.twig-cs-fixer.dist.php similarity index 100% rename from templates/symfony-4/.twig-cs-fixer.dist.php rename to templates/symfony-8/.twig-cs-fixer.dist.php diff --git a/templates/symfony-8/docker-compose.dev.yml b/templates/symfony-8/docker-compose.dev.yml new file mode 120000 index 00000000..b9f22024 --- /dev/null +++ b/templates/symfony-8/docker-compose.dev.yml @@ -0,0 +1 @@ +../symfony/docker-compose.dev.yml \ No newline at end of file diff --git a/templates/symfony-8/docker-compose.redirect.yml b/templates/symfony-8/docker-compose.redirect.yml new file mode 120000 index 00000000..7a5f2293 --- /dev/null +++ b/templates/symfony-8/docker-compose.redirect.yml @@ -0,0 +1 @@ +../symfony/docker-compose.redirect.yml \ No newline at end of file diff --git a/templates/symfony-8/docker-compose.server.yml b/templates/symfony-8/docker-compose.server.yml new file mode 120000 index 00000000..75fde9b5 --- /dev/null +++ b/templates/symfony-8/docker-compose.server.yml @@ -0,0 +1 @@ +../symfony/docker-compose.server.yml \ No newline at end of file diff --git a/templates/symfony-8/docker-compose.yml b/templates/symfony-8/docker-compose.yml new file mode 120000 index 00000000..94d8e5b7 --- /dev/null +++ b/templates/symfony-8/docker-compose.yml @@ -0,0 +1 @@ +../symfony/docker-compose.yml \ No newline at end of file diff --git a/templates/drupal-11/.docker/data/.gitignore b/templates/symfony/.docker/data/.gitignore similarity index 63% rename from templates/drupal-11/.docker/data/.gitignore rename to templates/symfony/.docker/data/.gitignore index 80a9dc93..4ce10200 100644 --- a/templates/drupal-11/.docker/data/.gitignore +++ b/templates/symfony/.docker/data/.gitignore @@ -1,5 +1,5 @@ # Ignore everything in this directory * -# Except this file +# Except !.gitignore -!Readme.md +!README.md diff --git a/templates/drupal-10/.docker/data/README.md b/templates/symfony/.docker/data/README.md similarity index 100% rename from templates/drupal-10/.docker/data/README.md rename to templates/symfony/.docker/data/README.md diff --git a/templates/drupal-11/.docker/nginx.conf b/templates/symfony/.docker/nginx.conf similarity index 100% rename from templates/drupal-11/.docker/nginx.conf rename to templates/symfony/.docker/nginx.conf diff --git a/templates/symfony-4/.docker/templates/default.conf.template b/templates/symfony/.docker/templates/default.conf.template similarity index 100% rename from templates/symfony-4/.docker/templates/default.conf.template rename to templates/symfony/.docker/templates/default.conf.template diff --git a/templates/symfony/.github/workflows/changelog.yaml b/templates/symfony/.github/workflows/changelog.yaml new file mode 120000 index 00000000..5ffe5c3c --- /dev/null +++ b/templates/symfony/.github/workflows/changelog.yaml @@ -0,0 +1 @@ +../../../../github/workflows/changelog.yaml \ No newline at end of file diff --git a/templates/symfony/.github/workflows/composer.yaml b/templates/symfony/.github/workflows/composer.yaml new file mode 120000 index 00000000..23955648 --- /dev/null +++ b/templates/symfony/.github/workflows/composer.yaml @@ -0,0 +1 @@ +../../../../github/workflows/composer.yaml \ No newline at end of file diff --git a/templates/symfony/.github/workflows/javascript.yaml b/templates/symfony/.github/workflows/javascript.yaml new file mode 120000 index 00000000..32f4e115 --- /dev/null +++ b/templates/symfony/.github/workflows/javascript.yaml @@ -0,0 +1 @@ +../../../../github/workflows/symfony/javascript.yaml \ No newline at end of file diff --git a/templates/symfony/.github/workflows/markdown.yaml b/templates/symfony/.github/workflows/markdown.yaml new file mode 120000 index 00000000..ab3eafad --- /dev/null +++ b/templates/symfony/.github/workflows/markdown.yaml @@ -0,0 +1 @@ +../../../../github/workflows/markdown.yaml \ No newline at end of file diff --git a/templates/symfony/.github/workflows/php.yaml b/templates/symfony/.github/workflows/php.yaml new file mode 120000 index 00000000..e5388fe1 --- /dev/null +++ b/templates/symfony/.github/workflows/php.yaml @@ -0,0 +1 @@ +../../../../github/workflows/symfony/php.yaml \ No newline at end of file diff --git a/templates/symfony/.github/workflows/styles.yaml b/templates/symfony/.github/workflows/styles.yaml new file mode 120000 index 00000000..af396b48 --- /dev/null +++ b/templates/symfony/.github/workflows/styles.yaml @@ -0,0 +1 @@ +../../../../github/workflows/symfony/styles.yaml \ No newline at end of file diff --git a/templates/symfony/.github/workflows/twig.yaml b/templates/symfony/.github/workflows/twig.yaml new file mode 120000 index 00000000..649f1cd6 --- /dev/null +++ b/templates/symfony/.github/workflows/twig.yaml @@ -0,0 +1 @@ +../../../../github/workflows/twig.yaml \ No newline at end of file diff --git a/templates/symfony/.github/workflows/yaml.yaml b/templates/symfony/.github/workflows/yaml.yaml new file mode 120000 index 00000000..725a7d68 --- /dev/null +++ b/templates/symfony/.github/workflows/yaml.yaml @@ -0,0 +1 @@ +../../../../github/workflows/yaml.yaml \ No newline at end of file diff --git a/templates/symfony/.markdownlint.jsonc b/templates/symfony/.markdownlint.jsonc new file mode 120000 index 00000000..1a3d9afe --- /dev/null +++ b/templates/symfony/.markdownlint.jsonc @@ -0,0 +1 @@ +../../config/markdown/.markdownlint.jsonc \ No newline at end of file diff --git a/templates/symfony/.markdownlintignore b/templates/symfony/.markdownlintignore new file mode 120000 index 00000000..0a61367e --- /dev/null +++ b/templates/symfony/.markdownlintignore @@ -0,0 +1 @@ +../../config/markdown/.markdownlintignore \ No newline at end of file diff --git a/templates/symfony/.php-cs-fixer.dist.php b/templates/symfony/.php-cs-fixer.dist.php new file mode 120000 index 00000000..4527ff86 --- /dev/null +++ b/templates/symfony/.php-cs-fixer.dist.php @@ -0,0 +1 @@ +../../config/symfony/php/.php-cs-fixer.dist.php \ No newline at end of file diff --git a/templates/symfony/.prettierrc.yaml b/templates/symfony/.prettierrc.yaml new file mode 120000 index 00000000..eeef7b84 --- /dev/null +++ b/templates/symfony/.prettierrc.yaml @@ -0,0 +1 @@ +../../config/symfony/yaml/.prettierrc.yaml \ No newline at end of file diff --git a/templates/symfony/.twig-cs-fixer.dist.php b/templates/symfony/.twig-cs-fixer.dist.php new file mode 120000 index 00000000..bc68997e --- /dev/null +++ b/templates/symfony/.twig-cs-fixer.dist.php @@ -0,0 +1 @@ +../../config/symfony/twig/.twig-cs-fixer.dist.php \ No newline at end of file diff --git a/templates/symfony/README.md b/templates/symfony/README.md new file mode 100644 index 00000000..bcaea03f --- /dev/null +++ b/templates/symfony/README.md @@ -0,0 +1,17 @@ +# Symfony project template + +This is the current generic template for Symfony projects. + +Specific version templates are created by symlinking to this folder, e.g. + +``` text +templates/symfony-8 +├── .docker -> ../symfony/.docker +├── docker-compose.dev.yml -> ../symfony/docker-compose.dev.yml +├── docker-compose.redirect.yml -> ../symfony/docker-compose.redirect.yml +├── docker-compose.server.yml -> ../symfony/docker-compose.server.yml +└── docker-compose.yml -> ../symfony/docker-compose.yml +``` + +> [!NOTE] +> GitHub workflow files and code check config files are handled in another symlink show. diff --git a/templates/symfony-3/docker-compose.dev.yml b/templates/symfony/docker-compose.dev.yml similarity index 100% rename from templates/symfony-3/docker-compose.dev.yml rename to templates/symfony/docker-compose.dev.yml diff --git a/templates/symfony-3/docker-compose.redirect.yml b/templates/symfony/docker-compose.redirect.yml similarity index 100% rename from templates/symfony-3/docker-compose.redirect.yml rename to templates/symfony/docker-compose.redirect.yml diff --git a/templates/symfony-4/docker-compose.server.yml b/templates/symfony/docker-compose.server.yml similarity index 97% rename from templates/symfony-4/docker-compose.server.yml rename to templates/symfony/docker-compose.server.yml index 1668ea49..fffc693b 100644 --- a/templates/symfony-4/docker-compose.server.yml +++ b/templates/symfony/docker-compose.server.yml @@ -8,7 +8,7 @@ networks: services: phpfpm: - image: itkdev/php7.4-fpm:alpine + image: itkdev/php8.4-fpm:alpine restart: unless-stopped networks: - app diff --git a/templates/symfony-4/docker-compose.yml b/templates/symfony/docker-compose.yml similarity index 94% rename from templates/symfony-4/docker-compose.yml rename to templates/symfony/docker-compose.yml index 3326e130..4dff2455 100644 --- a/templates/symfony-4/docker-compose.yml +++ b/templates/symfony/docker-compose.yml @@ -25,12 +25,9 @@ services: - MYSQL_PASSWORD=db - MYSQL_DATABASE=db #- ENCRYPT=1 # Uncomment to enable database encryption. - # https://symfony.com/doc/current/setup/symfony_server.html#docker-integration - labels: - com.symfony.server.service-prefix: "DATABASE" phpfpm: - image: itkdev/php7.4-fpm:latest + image: itkdev/php8.4-fpm:latest user: ${COMPOSE_USER:-deploy} networks: - app