diff --git a/.gitignore b/.gitignore index 0e93954..4d4ce91 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -config.php -opensearch.xml +/config.php +/opensearch.xml diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..e0d5004 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,46 @@ +# syntax = edrevo/dockerfile-plus +ARG VERSION="3.17" +FROM alpine:${VERSION} AS runner +WORKDIR "/var/www/html" + +# Docker metadata contains information about the maintainer, such as the name, repository, and support email +# Please add any necessary information or correct any incorrect information +# See more: https://docs.docker.com/config/labels-custom-metadata/ +LABEL name="LibreX" \ + description="Framework and javascript free privacy respecting meta search engine" \ + version="1.0" \ + vendor="Hnhx Femboy" \ + maintainer="Hnhx Femboy, Junior L. Botelho" \ + url="https://github.com/hnhx/librex" \ + usage="https://github.com/hnhx/librex/wiki" \ + authors="https://github.com/hnhx/librex/contributors" + +# Include arguments as temporary environment variables to be handled by Docker during the image build process +# Change or add new arguments to customize the image generated by 'docker build' command +ARG DOCKER_SCRIPTS="docker" +ARG NGINX_PORT=8080 + +# Customize the environment during both execution and build time by modifying the environment variables added to the container's shell +# When building your image, make sure to set the 'TZ' environment variable to your desired time zone location, for example 'America/Sao_Paulo' +# See more: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List +ENV TZ="America/New_York" + +# Include docker scripts, docker images, and the 'GNU License' in the Librex container +ADD "." "/var/www/html" + +# Set permissions for script files as executable scripts inside 'docker/scripts' directory +RUN chmod u+x "${DOCKER_SCRIPTS}/php/prepare.sh" &&\ + chmod u+x "${DOCKER_SCRIPTS}/server/prepare.sh" &&\ + chmod u+x "${DOCKER_SCRIPTS}/entrypoint.sh" &&\ + chmod u+x "${DOCKER_SCRIPTS}/attributes.sh" + +RUN apk add gettext --no-cache + +# The following lines import all Dockerfiles from other folders so that they can be built together in the final build +INCLUDE+ docker/php/php.dockerfile +INCLUDE+ docker/server/nginx.dockerfile + +EXPOSE ${NGINX_PORT} + +# Configures the container to be run as an executable. +ENTRYPOINT ["/bin/sh", "-c", "docker/entrypoint.sh"] diff --git a/README.md b/README.md index 2393b22..38d5192 100644 --- a/README.md +++ b/README.md @@ -42,6 +42,45 @@ Huge thanks to Richard Stallman for using LibreX and featuring it on his [websit
+### Running a Docker container through the Docker hub + +To run librex in a docker container, you can simply use the command: + +```sh +docker run -d --name librex \ + -e TZ="America/New_York" \ + -e CONFIG_GOOGLE_DOMAIN="com" \ + -e CONFIG_GOOGLE_LANGUAGUE="en" \ + -p 8080:8080 \ + librex/librex:latest +``` + +### Running a Docker container with composer + +```yml +version: "2.1" +services: + librex: + image: librex/librex:latest + container_name: librex + network_mode: bridge + ports: + - 8080:8080 + environment: + - PUID=1000 + - PGID=1000 + - VERSION=docker + - TZ="America/New_York" + - CONFIG_GOOGLE_DOMAIN="com" + - CONFIG_GOOGLE_LANGUAGUE="en" + volumes: + - ./nginx_logs:/var/log/nginx + - ./php_logs:/var/log/php7 + restart: unless-stopped +``` + +
+ ### About LibreX LibreX gives you results from Google, Qwant, Ahmia and popular torrent sites without spying on you. diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 0000000..8152d8b --- /dev/null +++ b/docker/README.md @@ -0,0 +1,179 @@ + +### Introduction + +- [Introduction](#introduction) + - [Running a docker container](#running-a-docker-container) + - [Running a Docker container through the Docker hub](#running-a-docker-container-through-the-docker-hub) + - [Running a Docker container with composer](#running-a-docker-container-with-composer) + - [Environment variables that can be set in the Docker container](#environment-variables-that-can-be-set-in-the-docker-container) + - [OpenSearch](#opensearch) + - [Search Config](#search-config) + - [Applications](#applications) + - [Curl](#curl) +- [Docker version issues](#docker-version-issues) +- [Building a docker image](#building-a-docker-image) +- [Support for different architectures](#support-for-different-architectures) + +### Running a docker container + +Dockerized Librex is a way to provide users with yet another way to self-host their own projects with a view to privacy. If you wish to help, please start by looking for bugs in used docker configurations. + +### Running a Docker container through the Docker hub + +To run librex in a docker container, you can simply use the command: + +```sh +docker run -d --name librex \ + -e TZ="America/New_York" \ + -e CONFIG_GOOGLE_DOMAIN="com" \ + -e CONFIG_GOOGLE_LANGUAGUE="en" \ + -p 8080:8080 \ + librex/librex:latest +``` + +
+ +### Running a Docker container with composer + +```yml +version: "2.1" +services: + librex: + image: librex/librex:latest + container_name: librex + network_mode: bridge + ports: + - 8080:8080 + environment: + - PUID=1000 + - PGID=1000 + - VERSION=docker + - TZ="America/New_York" + - CONFIG_GOOGLE_DOMAIN="com" + - CONFIG_GOOGLE_LANGUAGUE="en" + volumes: + - ./nginx_logs:/var/log/nginx + - ./php_logs:/var/log/php7 + restart: unless-stopped +``` + +
+ +### Environment variables that can be set in the Docker container + +This docker image was developed with high configurability in mind, so here is the list of environment variables that can be changed according to your use case, no matter how specific. + +
+ +### OpenSearch + +| Variables | Default | Examples | Description | +|:----------|:-------------|:---------|:------| +| OPEN_SEARCH_TITLE | "LibreX" | string | [OpenSearch XML](https://developer.mozilla.org/en-US/docs/Web/OpenSearch) | +| OPEN_SEARCH_DESCRIPTION | "Framework and javascript free privacy respecting meta search engine" | string | [OpenSearch XML](https://developer.mozilla.org/en-US/docs/Web/OpenSearch) | +| OPEN_SEARCH_ENCODING | "UTF-8" | "UTF-8" | [OpenSearch XML](https://developer.mozilla.org/en-US/docs/Web/OpenSearch) | +| OPEN_SEARCH_LONG_NAME | "Librex Search" | string | [OpenSearch XML](https://developer.mozilla.org/en-US/docs/Web/OpenSearch) | +| OPEN_SEARCH_HOST | "http://localhost:8080" | string | Host used to identify Librex on the network | + +
+ +### Search Config + +| Variables | Default | Examples | Description | +|:----------|:-------------|:---------|:------| +| CONFIG_GOOGLE_DOMAIN | "com" | "com", "com.br", "com.es" | Defines which Google domain the search will be done, change according to your country | +| CONFIG_GOOGLE_LANGUAGUE | "en" | "pt", "es", "ru" | Defines the language in which searches will be done, see the list of supported languages [here](https://developers.google.com/custom-search/docs/ref_languages). | +| CONFIG_INVIDIOUS_INSTANCE | "https://invidious.namazso.eu" | string | Defines the host that will be used to do video searches using invidious | +| CONFIG_HIDDEN_SERVICE_SEARCH | false | boolean | Defines whether safesearch will be enabled or disabled | +| CONFIG_DISABLE_BITTORRENT_SEARCH | false | boolean | Defines whether bittorrent support will be enabled or disabled | +| CONFIG_BITTORRENT_TRACKERS | "http://nyaa.tracker.wf:7777/announce" | string | Bittorrent trackers, see the complete example in the `config.php` file. | + +
+ +### Applications + +| Variables | Default | Examples | Description | +|:----------|:-------------|:---------|:------| +| APP_INVIDIOUS | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_BIBLIOGRAM | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_RIMGO | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_SCRIBE | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_LIBRARIAN | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_GOTHUB | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_NITTER | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_LIBREREDDIT | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_PROXITOK | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_WIKILESS | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_QUETRE | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_LIBREMDB | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_BREEZEWIKI | "" | string | Integration with external self-hosted apps, configure the desired host. | +| APP_ANONYMOUS_OVERFLOW | "" | string | Integration with external self-hosted apps, configure the desired host. | + +
+ +### Curl + +| Variables | Default | Examples | Description | +|:----------|:-------------|:---------|:------| +| CURLOPT_PROXY_ENABLED | false | boolean | If you want to use a proxy, you need to set this variable to true. | +| CURLOPT_PROXY | "" | "127.0.0.1:8080" | Set the proxy using the ip and port to be used | +| CURLOPT_RETURNTRANSFER | true | boolean | **TODO** | +| CURLOPT_ENCODING | "" | string | Defines the encode that curl should use to display the texts correctly | +| CURLOPT_USERAGENT | "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" | string | This variable defines the 'User-Agent' that curl will use to attempt to avoid being blocked | +| CURLOPT_CUSTOMREQUEST | "GET" | "HEAD", "OPTIONS" | Defines the HTTP method that curl will use to make the request | +| CURLOPT_MAXREDIRS | 5 | number | **TODO** | +| CURLOPT_TIMEOUT | 18 | number | Sets the maximum time curl will wait for a response before timing out | +| CURLOPT_VERBOSE | false | boolean | Specifies whether curl should display detailed information on stdout about the request and response when making requests. Setting to 'true' enables verbose mode | + +
+ +### Docker version issues + +If you are going to build your own docker image based on this repository, pay attention to your Docker version, because depending on how recent the installed version is, maybe you should use the `buildx` command instead of `build`. + +Docker <= 20.10: `docker build` + +Docker > 20.10: `docker buildx build` + +
+ +### Building a docker image + +If you don't want to use the image that is already available on `docker hub`, then you can simply build the Dockerfile directly from the github repository using the command: + +```sh +docker build https://github.com/hnhx/librex.git -t librex:latest +``` + +```sh +docker run -d --name librex \ + -e CONFIG_GOOGLE_DOMAIN="com" \ + -e CONFIG_GOOGLE_LANGUAGUE="en" \ + -p 8080:8080 \ + librex:latest +``` + +Or, instead of doing the build remotely, you still have the opportunity to `git clone` the repository, and build it locally with the command: + +```sh +git clone https://github.com/hnhx/librex.git +cd librex/ +docker build -t librex:latest . +``` + +
+ +### Support for different architectures + +Supported architectures for the official Librex images include the same ones supported by Alpine itself, which are typically denoted as `linux/386`, `linux/amd64`, `linux/arm/v6`. If you need support for a different architecture, such as `linux/arm/v7`, you can modify the 'Dockerfile' to use a more comprehensive base image like `ubuntu:latest` instead. + +In this case, you must run the `build` process specifying the desired architecture as shown in the example below: + +```sh +docker buildx build \ + --no-cache \ + --platform linux/arm/v7 \ + --tag librex/librex:latest . +``` + +**OBS:** Keep in mind that this can cause some issues at build time, so you need to know a little about Dockerfiles to solve this problem for your specific case. diff --git a/docker/attributes.sh b/docker/attributes.sh new file mode 100755 index 0000000..db05452 --- /dev/null +++ b/docker/attributes.sh @@ -0,0 +1,59 @@ +#!/bin/sh + +# YOU DON'T NEED TO EDIT THIS FILE. IF YOU WANT TO SET CUSTOM ENVIRONMENT VARIABLES, +# USE THE 'DOCKERFILE IMAGE' FROM ROOT DIRECTORY AND PASS THE ENVIRONMENT PARAMETERS + +# These templates will be used to create configuration files that incorporate values from environment variables +# If these locations do not already exist within the Docker container, they will be created +export CONFIG_PHP_TEMPLATE="$(pwd)/config.php" +export CONFIG_OPEN_SEARCH_TEMPLATE="$(pwd)/opensearch.xml" +export CONFIG_NGINX_TEMPLATE="/etc/nginx/http.d/librex.conf" + +# Configure 'opensearch.xml' with Librex configuration metadata, such as the encoding and the host that stores the site +# These configurations will replace the 'opensearch.xml' inside '.dockers/templates' for the best setup for your instance +export OPEN_SEARCH_TITLE=${OPEN_SEARCH_TITLE:-"LibreX"} +export OPEN_SEARCH_DESCRIPTION=${OPEN_SEARCH_DESCRIPTION:-"Framework and javascript free privacy respecting meta search engine"} +export OPEN_SEARCH_ENCODING=${OPEN_SEARCH_ENCODING:-"UTF-8"} +export OPEN_SEARCH_LONG_NAME=${OPEN_SEARCH_LONG_NAME:-"LibreX Search"} +export OPEN_SEARCH_HOST=${OPEN_SEARCH_HOST:-"127.0.0.1"} + +# Replace the 'config.php' script, which contains the most common search engine configurations, with these environment setups +# These environment setups can be found in 'config.php', and the default configurations can be useful for most use cases +export CONFIG_GOOGLE_DOMAIN=${CONFIG_GOOGLE_DOMAIN:-".com"} +export CONFIG_GOOGLE_LANGUAGUE=${CONFIG_GOOGLE_LANGUAGUE:-"en"} +export CONFIG_INVIDIOUS_INSTANCE=${CONFIG_INVIDIOUS_INSTANCE:-"invidious.namazso.eu"} +export CONFIG_HIDDEN_SERVICE_SEARCH=${CONFIG_HIDDEN_SERVICE_SEARCH:-false} +export CONFIG_DISABLE_BITTORRENT_SEARCH=${CONFIG_DISABLE_BITTORRENT_SEARCH:-false} +export CONFIG_BITTORRENT_TRACKERS=${CONFIG_BITTORRENT_TRACKERS:-"&tr=http://nyaa.tracker.wf:7777/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://tracker.torrent.eu.org:451/announce"} + +# Supported apps integration configuration. These empty spaces can be set up using free hosts as pointers +# A particular example is using the "https://yewtu.be" or a self-hosted host to integrate the invidious app to librex +export APP_INVIDIOUS=${APP_INVIDIOUS:-""} +export APP_BIBLIOGRAM=${APP_BIBLIOGRAM:-""} +export APP_RIMGO=${APP_RIMGO:-""} +export APP_SCRIBE=${APP_SCRIBE:-""} +export APP_LIBRARIAN=${APP_LIBRARIAN:-""} +export APP_GOTHUB=${APP_GOTHUB:-""} +export APP_NITTER=${APP_NITTER:-""} +export APP_LIBREREDDIT=${APP_LIBREREDDIT:-""} +export APP_PROXITOK=${APP_PROXITOK:-""} +export APP_WIKILESS=${APP_WIKILESS:-""} +export APP_QUETRE=${APP_QUETRE:-""} +export APP_LIBREMDB=${APP_LIBREMDB:-""} +export APP_BREEZEWIKI=${APP_BREEZEWIKI:-""} +export APP_ANONYMOUS_OVERFLOW=${APP_ANONYMOUS_OVERFLOW:-""} + +# GNU/Curl configurations. Leave 'CURLOPT_PROXY' blank whether you don't need to use a proxy for requests +# Generally, a proxy is needed when your IP address is blocked by search engines in response to multiple requests within a short time frame. In these cases, it is recommended to use rotating proxies +export CURLOPT_PROXY_ENABLED=${CURLOPT_PROXY_ENABLED:-false} +export CURLOPT_PROXY=${CURLOPT_PROXY:-""} +export CURLOPT_RETURNTRANSFER=${CURLOPT_RETURNTRANSFER:-true} +export CURLOPT_ENCODING=${CURLOPT_ENCODING:-""} +export CURLOPT_USERAGENT=${CURLOPT_USERAGENT:-"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"} +export CURLOPT_CUSTOMREQUEST=${CURLOPT_CUSTOMREQUEST:-"GET"} +export CURLOPT_MAXREDIRS=${CURLOPT_MAXREDIRS:-5} +export CURLOPT_TIMEOUT=${CURLOPT_TIMEOUT:-18} +export CURLOPT_VERBOSE=${CURLOPT_VERBOSE:-false} + +# These shell functions will be available for use by any function calls +function AwkTrim() { awk '{$1=$1};1'; } diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh new file mode 100755 index 0000000..525dd18 --- /dev/null +++ b/docker/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +# Due to an issue with Docker's 'CMD' directive, the following scripts are not executing as expected. +# This workaround has been implemented to resolve the issue for now +sh "docker/php/prepare.sh" +sh "docker/server/prepare.sh" + +/bin/sh -c /usr/sbin/php-fpm7 + +exec nginx -g "daemon off;" diff --git a/docker/php/config.php b/docker/php/config.php new file mode 100644 index 0000000..a341396 --- /dev/null +++ b/docker/php/config.php @@ -0,0 +1,42 @@ + "${CONFIG_GOOGLE_DOMAIN}", + "google_language" => "${CONFIG_GOOGLE_LANGUAGUE}", + "invidious_instance_for_video_results" => "${CONFIG_INVIDIOUS_INSTANCE}", + + "disable_bittorent_search" => ${CONFIG_DISABLE_BITTORRENT_SEARCH}, + "bittorent_trackers" => "${CONFIG_BITTORRENT_TRACKERS}", + "disable_hidden_service_search" => ${CONFIG_HIDDEN_SERVICE_SEARCH}, + + "invidious" => "${APP_INVIDIOUS}", // youtube + "bibliogram" => "${APP_BIBLIOGRAM}", // instagram + "rimgo" => "${APP_RIMGO}", // imgur + "scribe" => "${APP_SCRIBE}", // medium + "librarian" => "${APP_LIBRARIAN}", // odysee + "gothub" => "${APP_GOTHUB}", // github + "nitter" => "${APP_NITTER}", // twitter + "libreddit" => "${APP_LIBREREDDIT}", // reddit + "proxitok" => "${APP_PROXITOK}", // tiktok + "wikiless" => "${APP_WIKILESS}", // wikipedia + "quetre" => "${APP_QUETRE}", // quora + "libremdb" => "${APP_LIBREMDB}", // imdb, + "breezewiki" => "${APP_BREEZEWIKI}", // fandom, + "anonymousoverflow" => "${APP_ANONYMOUS_OVERFLOW}", // stackoverflow + + "curl_settings" => array( + CURLOPT_PROXY => "", + CURLOPT_PROXYTYPE => CURLPROXY_HTTP, + CURLOPT_RETURNTRANSFER => ${CURLOPT_RETURNTRANSFER}, + CURLOPT_ENCODING => "${CURLOPT_ENCODING}", + CURLOPT_USERAGENT => "${CURLOPT_USERAGENT}", + CURLOPT_IPRESOLVE => CURL_IPRESOLVE_V4, + CURLOPT_CUSTOMREQUEST => "${CURLOPT_CUSTOMREQUEST}", + CURLOPT_PROTOCOLS => CURLPROTO_HTTPS | CURLPROTO_HTTP, + CURLOPT_REDIR_PROTOCOLS => CURLPROTO_HTTPS | CURLPROTO_HTTP, + CURLOPT_MAXREDIRS => ${CURLOPT_MAXREDIRS}, + CURLOPT_TIMEOUT => ${CURLOPT_TIMEOUT}, + CURLOPT_VERBOSE => ${CURLOPT_VERBOSE} + ) + + ); +?> diff --git a/docker/php/opensearch.xml b/docker/php/opensearch.xml new file mode 100644 index 0000000..7ce6c00 --- /dev/null +++ b/docker/php/opensearch.xml @@ -0,0 +1,9 @@ + + + ${OPEN_SEARCH_TITLE} + ${OPEN_SEARCH_DESCRIPTION} + ${OPEN_SEARCH_ENCODING} + ${OPEN_SEARCH_LONG_NAME} + + + diff --git a/docker/php/php.dockerfile b/docker/php/php.dockerfile new file mode 100644 index 0000000..bb1287a --- /dev/null +++ b/docker/php/php.dockerfile @@ -0,0 +1,58 @@ +# Set this argument during build time to indicate that the path is for php's www.conf +ARG WWW_CONFIG="/etc/php7/php-fpm.d/www.conf" + +# Configure 'opensearch.xml' with Librex configuration metadata, such as the encoding and the host that stores the site +# These configurations will replace the 'opensearch.xml' inside '.dockers/templates' for the best setup for your instance +ENV OPEN_SEARCH_TITLE="LibreX" +ENV OPEN_SEARCH_DESCRIPTION="Framework and javascript free privacy respecting meta search engine" +ENV OPEN_SEARCH_ENCODING="UTF-8" +ENV OPEN_SEARCH_LONG_NAME="LibreX search" +ENV OPEN_SEARCH_HOST="http://127.0.0.1:${NGINX_PORT}" + +# Replace the 'config.php' script, which contains the most common search engine configurations, with these environment setups +# These environment setups can be found in 'config.php', and the default configurations can be useful for most use cases +ENV CONFIG_GOOGLE_DOMAIN="com" +ENV CONFIG_GOOGLE_LANGUAGUE="en" +ENV CONFIG_INVIDIOUS_INSTANCE="https://invidious.namazso.eu" +ENV CONFIG_HIDDEN_SERVICE_SEARCH=false +ENV CONFIG_DISABLE_BITTORRENT_SEARCH=false +ENV CONFIG_BITTORRENT_TRACKERS="&tr=http://nyaa.tracker.wf:7777/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://tracker.torrent.eu.org:451/announce" + +# Supported apps integration configuration. These empty spaces can be set up using free hosts as pointers +# A particular example is using the "https://yewtu.be" or a self-hosted host to integrate the invidious app to librex +ENV APP_INVIDIOUS="" +ENV APP_BIBLIOGRAM="" +ENV APP_RIMGO="" +ENV APP_SCRIBE="" +ENV APP_LIBRARIAN="" +ENV APP_GOTHUB="" +ENV APP_NITTER="" +ENV APP_LIBREREDDIT="" +ENV APP_PROXITOK="" +ENV APP_WIKILESS="" +ENV APP_QUETRE="" +ENV APP_LIBREMDB="" +ENV APP_BREEZEWIKI="" +ENV APP_ANONYMOUS_OVERFLOW="" + +# GNU/Curl configurations. Leave 'CURLOPT_PROXY' blank whether you don't need to use a proxy for requests +# Generally, a proxy is needed when your IP address is blocked by search engines in response to multiple requests within a short time frame. In these cases, it is recommended to use rotating proxies +ENV CURLOPT_PROXY_ENABLED=false +ENV CURLOPT_PROXY="" +ENV CURLOPT_RETURNTRANSFER=true +ENV CURLOPT_ENCODING="" +ENV CURLOPT_USERAGENT="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" +ENV CURLOPT_CUSTOMREQUEST="GET" +ENV CURLOPT_MAXREDIRS=5 +ENV CURLOPT_TIMEOUT=18 +ENV CURLOPT_VERBOSE=false + +# Install PHP-FPM using Alpine's package manager, apk +# Configure PHP-FPM to listen on a Unix socket instead of a TCP port, which is more secure and efficient +RUN apk add php7 php7-fpm php7-dom php7-curl php7-json --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing &&\ + sed -i 's/^\s*listen = 127.0.0.1:9000/listen = \/run\/php7\/php-fpm7.sock/' ${WWW_CONFIG} &&\ + sed -i 's/^\s*;\s*listen.owner = nobody/listen.owner = nginx/' ${WWW_CONFIG} &&\ + sed -i 's/^\s*;\s*listen.group = nobody/listen.group = nginx/' ${WWW_CONFIG} &&\ + sed -i 's/^\s*;\s*listen.mode = 0660/listen.mode = 0660/' ${WWW_CONFIG} + +CMD [ "/bin/sh", "-c", "docker/php/prepare.sh" ] diff --git a/docker/php/prepare.sh b/docker/php/prepare.sh new file mode 100755 index 0000000..bd4c77d --- /dev/null +++ b/docker/php/prepare.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +echo "[PREPARE] docker/server/prepare.sh'" + +# Load all environment variables from 'attributes.sh' using the command 'source /path/attributes.sh' +source "docker/attributes.sh" + +# This condition creates the Unix socket if 'php-fpm7.sock' does not already exist. +# This fixes an issue where Nginx starts but does not serve content +if [ ! -d "/run/php7" ] || [ ! -S "/run/php7/php-fpm7.sock" ]; then + mkdir "/run/php7" + touch "/run/php7/php-fpm7.sock" + chmod 0660 "/run/php7/php-fpm7.sock" + chown nginx:nginx "/run/php7/php-fpm7.sock" +fi + +# The lines below will replace the environment variables in the templates with the corresponding variables listed above. To accomplish this, the GNU 'envsubst' package will be used +# Although not recommended (if you do not know what you are doing), you still have the option to add new substitution file templates using any required environment variables +[[ ! -s ${CONFIG_PHP_TEMPLATE} ]] && cat 'docker/php/config.php' | envsubst > ${CONFIG_PHP_TEMPLATE}; +[[ ! -s ${CONFIG_OPEN_SEARCH_TEMPLATE} ]] && cat 'docker/php/opensearch.xml' | envsubst > ${CONFIG_OPEN_SEARCH_TEMPLATE}; + +# If it is empty or proxy is not enabled, we are using sed to delete +# any line that contains the string 'CURLOPT_PROXY' or 'CURLOPT_PROXYTYPE' +# from the file 'config.php' defined on top of 'attributes.sh' +if [[ -z "${CURLOPT_PROXY}" || "${CURLOPT_PROXY_ENABLED}" = false ]]; then + sed -i "/CURLOPT_PROXY/d" ${CONFIG_PHP_TEMPLATE}; + sed -i "/CURLOPT_PROXYTYPE/d" ${CONFIG_PHP_TEMPLATE}; +fi diff --git a/docker/server/fastcgi.conf b/docker/server/fastcgi.conf new file mode 100644 index 0000000..b0703df --- /dev/null +++ b/docker/server/fastcgi.conf @@ -0,0 +1,26 @@ +# These settings should work well for serving as a front-end of many search engines +# on our PHP website. However, we may need to adjust them based on our specific requirements. +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param HTTPS $https if_not_empty; +fastcgi_param REDIRECT_STATUS 200; diff --git a/docker/server/nginx.conf b/docker/server/nginx.conf new file mode 100644 index 0000000..24cce30 --- /dev/null +++ b/docker/server/nginx.conf @@ -0,0 +1,17 @@ +server { + listen 8080; + server_name ${OPEN_SEARCH_HOST_FOR_NGINX} localhost; + + root /var/www/html; + index index.php; + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location ~ \.php$ { + fastcgi_pass unix:/run/php7/php-fpm7.sock; + fastcgi_index index.php; + include fastcgi.conf; + } +} diff --git a/docker/server/nginx.dockerfile b/docker/server/nginx.dockerfile new file mode 100644 index 0000000..59c7a9f --- /dev/null +++ b/docker/server/nginx.dockerfile @@ -0,0 +1,5 @@ +# Install Nginx with FastCGI enabled, optimizing its performance for serving content +RUN apk add nginx + +# After executing the 'docker run' command, run the 'prepare.sh' script +CMD [ "/bin/sh", "-c", "docker/server/prepare.sh" ] diff --git a/docker/server/prepare.sh b/docker/server/prepare.sh new file mode 100755 index 0000000..322beac --- /dev/null +++ b/docker/server/prepare.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +echo "[PREPARE] docker/server/prepare.sh'" + +# Load all environment variables from 'attributes.sh' using the command 'source /path/attributes.sh' +source "docker/attributes.sh" + +export OPEN_SEARCH_HOST_FOR_NGINX="$(echo "${OPEN_SEARCH_HOST}" | cut -d "/" -f 3 | cut -d ":" -f 1)" + +# The lines below will replace the environment variables in the templates with the corresponding variables listed above. To accomplish this, the GNU 'envsubst' package will be used +# Although not recommended (if you do not know what you are doing), you still have the option to add new substitution file templates using any required environment variables +if [[ ! -s ${CONFIG_NGINX_TEMPLATE} ]]; then + cp "docker/server/fastcgi.conf" /etc/nginx/fastcgi.conf + cp "docker/server/nginx.conf" /etc/nginx/http.d/librex.conf + + # To address issues with 'nginx.conf', the following lines will ensure that these configurations remain executable + chmod u+x "/etc/nginx/fastcgi.conf" + chmod u+x "/etc/nginx/http.d/librex.conf" + + cat 'docker/server/nginx.conf' | envsubst '${OPEN_SEARCH_HOST_FOR_NGINX}' > ${CONFIG_NGINX_TEMPLATE}; +fi