From 1508aa60c81f9bb1478b23024f9b7b220d98d3dc Mon Sep 17 00:00:00 2001 From: PeterChrz Date: Mon, 30 Mar 2026 22:54:47 -0400 Subject: [PATCH] Forgejo Actions Script --- .forgejo/workflows/docker-build.yml | 49 ++++++++++++++++++ Dockerfile | 80 +++++++++++++++++++++++++++++ docker/nginx.conf | 40 +++++++++++++++ docker/php.ini | 12 +++++ docker/supervisord.conf | 23 +++++++++ 5 files changed, 204 insertions(+) create mode 100644 .forgejo/workflows/docker-build.yml create mode 100644 Dockerfile create mode 100644 docker/nginx.conf create mode 100644 docker/php.ini create mode 100644 docker/supervisord.conf diff --git a/.forgejo/workflows/docker-build.yml b/.forgejo/workflows/docker-build.yml new file mode 100644 index 0000000..1b74a67 --- /dev/null +++ b/.forgejo/workflows/docker-build.yml @@ -0,0 +1,49 @@ +name: Build and Push Docker Image + +on: + push: + branches: + - main + workflow_dispatch: + +jobs: + build-and-push: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Derive registry from server URL + run: | + REGISTRY=$(echo "${{ github.server_url }}" | sed 's|https://||' | sed 's|http://||') + echo "REGISTRY=${REGISTRY}" >> $GITHUB_ENV + echo "IMAGE=${REGISTRY}/${{ github.repository }}" >> $GITHUB_ENV + + - name: Log in to Forgejo container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.IMAGE }} + tags: | + type=sha,prefix=,format=short + type=raw,value=latest,enable={{is_default_branch}} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache + cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..6666e29 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,80 @@ +# Stage 1: Build frontend assets +FROM node:20-alpine AS node-builder +WORKDIR /app +COPY package.json package-lock.json ./ +RUN npm ci +COPY . . +RUN npm run build + +# Stage 2: Install PHP dependencies +FROM composer:2 AS composer-builder +WORKDIR /app +COPY composer.json composer.lock ./ +# Install without dev dependencies and without running scripts that need .env +RUN composer install \ + --no-dev \ + --no-interaction \ + --no-plugins \ + --no-scripts \ + --prefer-dist \ + --optimize-autoloader +COPY . . +# Run post-install scripts now that source is present +RUN composer run-script post-autoload-dump 2>/dev/null || true + +# Stage 3: Production image +FROM php:8.2-fpm-alpine + +# Install system dependencies and PHP extensions +RUN apk add --no-cache \ + nginx \ + supervisor \ + curl \ + libpng-dev \ + libjpeg-turbo-dev \ + libwebp-dev \ + freetype-dev \ + libzip-dev \ + icu-dev \ + oniguruma-dev \ + && docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp \ + && docker-php-ext-install -j$(nproc) \ + pdo_mysql \ + pdo_sqlite \ + mbstring \ + exif \ + pcntl \ + bcmath \ + gd \ + zip \ + intl \ + opcache + +WORKDIR /var/www/html + +# Copy application files +COPY --from=composer-builder /app /var/www/html +COPY --from=node-builder /app/public/build /var/www/html/public/build + +# Copy Docker config files +COPY docker/nginx.conf /etc/nginx/nginx.conf +COPY docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf +COPY docker/php.ini /usr/local/etc/php/conf.d/app.ini + +# Set up storage and cache directories +RUN mkdir -p \ + storage/framework/sessions \ + storage/framework/views \ + storage/framework/cache/data \ + storage/logs \ + bootstrap/cache \ + && chown -R www-data:www-data /var/www/html \ + && chmod -R 755 /var/www/html \ + && chmod -R 775 storage bootstrap/cache + +# Remove any accidentally included .env files +RUN rm -f .env .env.* 2>/dev/null || true + +EXPOSE 80 + +CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"] diff --git a/docker/nginx.conf b/docker/nginx.conf new file mode 100644 index 0000000..d9e0c1f --- /dev/null +++ b/docker/nginx.conf @@ -0,0 +1,40 @@ +user www-data; +worker_processes auto; +pid /run/nginx.pid; +error_log /dev/stderr warn; + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + access_log /dev/stdout; + sendfile on; + keepalive_timeout 65; + client_max_body_size 100M; + + server { + listen 80; + server_name _; + root /var/www/html/public; + index index.php; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ \.php$ { + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_read_timeout 300; + } + + location ~ /\.(?!well-known).* { + deny all; + } + } +} diff --git a/docker/php.ini b/docker/php.ini new file mode 100644 index 0000000..8b7e7e1 --- /dev/null +++ b/docker/php.ini @@ -0,0 +1,12 @@ +opcache.enable=1 +opcache.memory_consumption=256 +opcache.interned_strings_buffer=16 +opcache.max_accelerated_files=20000 +opcache.validate_timestamps=0 +opcache.save_comments=1 +opcache.fast_shutdown=0 + +upload_max_filesize=100M +post_max_size=100M +memory_limit=256M +max_execution_time=300 diff --git a/docker/supervisord.conf b/docker/supervisord.conf new file mode 100644 index 0000000..f86e113 --- /dev/null +++ b/docker/supervisord.conf @@ -0,0 +1,23 @@ +[supervisord] +nodaemon=true +logfile=/dev/null +logfile_maxbytes=0 +pidfile=/run/supervisord.pid + +[program:php-fpm] +command=php-fpm --nodaemonize +autostart=true +autorestart=true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:nginx] +command=nginx -g "daemon off;" +autostart=true +autorestart=true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0