New Docker (#1813)

* Draft of new Docker Based on Alpine Linux. Size ~78MB. https://github.com/FreshRSS/docker-freshrss/issues/4 https://github.com/FreshRSS/FreshRSS/issues/520 https://github.com/FreshRSS/docker-freshrss https://github.com/FreshRSS/docker-freshrss-production * Docker readme * +x execution rights prepare * Docker readme links to hub.docker.com https://hub.docker.com/r/freshrss/freshrss/
author: Alexandre Alapetite <alexandre@alapetite.fr> 2018-03-04 01:02:02 +0100
committer: GitHub <noreply@github.com> 2018-03-04 01:02:02 +0100
commit: 71918dbc5a240dfa391491b27cdb482d55b8794a (patch)
tree: 8ef6f68f35134d93cba6495728983ae37c69e127
parent: 9dbed072b32f70db98c24e164ca6ee5487ceb97e (diff)
9 files changed, 189 insertions, 2 deletions
diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 000000000..ab223517d
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,3 @@
+*/.git
+*/data
+*/docs
diff --git a/Docker/Dockerfile b/Docker/Dockerfile
new file mode 100644
index 000000000..fc753e58d
--- /dev/null
+++ b/Docker/Dockerfile
@@ -0,0 +1,22 @@
+FROM alpine:3.7
+
+RUN apk add --no-cache \
+	apache2 php7-apache2 \
+	php7 php7-curl php7-gmp php7-intl php7-mbstring php7-xml php7-zip \
+	php7-ctype php7-dom php7-fileinfo php7-json php7-session \
+	php7-pdo_sqlite \
+	php7-pdo_mysql \
+	php7-pdo_pgsql
+
+ENV FRESHRSS_ROOT /var/www/FreshRSS
+RUN mkdir -p ${FRESHRSS_ROOT} /run/apache2/
+WORKDIR ${FRESHRSS_ROOT}
+
+COPY . ${FRESHRSS_ROOT}
+COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/
+
+EXPOSE 80
+CMD php -f ./cli/prepare.php > /dev/null && \
+	chown -R :apache ${FRESHRSS_ROOT} && \
+	chmod -R g+r ${FRESHRSS_ROOT} && chmod -R g+w ${FRESHRSS_ROOT}/data/ && \
+	exec httpd -D FOREGROUND
diff --git a/Docker/FreshRSS.Apache.conf b/Docker/FreshRSS.Apache.conf
new file mode 100644
index 000000000..59151d749
--- /dev/null
+++ b/Docker/FreshRSS.Apache.conf
@@ -0,0 +1,27 @@
+<IfModule !deflate_module>
+	LoadModule deflate_module modules/mod_deflate.so
+</IfModule>
+<IfModule !expires_module>
+	LoadModule expires_module modules/mod_expires.so
+</IfModule>
+<IfModule !headers_module>
+	LoadModule headers_module modules/mod_headers.so
+</IfModule>
+<IfModule !mime_module>
+	LoadModule mime_module modules/mod_mime.so
+</IfModule>
+<IfModule !rewrite_module>
+	LoadModule rewrite_module modules/mod_rewrite.so
+</IfModule>
+
+ServerName freshrss.localhost
+Listen 0.0.0.0:80
+DocumentRoot /var/www/FreshRSS/p/
+ErrorLog /dev/stderr
+TransferLog /dev/stdout
+AllowEncodedSlashes On
+
+<Directory /var/www/FreshRSS/p>
+	AllowOverride AuthConfig FileInfo Indexes Limit
+	Require all granted
+</Directory>
diff --git a/Docker/README.md b/Docker/README.md
new file mode 100644
index 000000000..d85b9a6f0
--- /dev/null
+++ b/Docker/README.md
@@ -0,0 +1,91 @@
+# Deploy FreshRSS with Docker
+* See also https://hub.docker.com/r/freshrss/freshrss/
+
+## Install Docker
+
+```sh
+curl -fsSL https://get.docker.com/ -o get-docker.sh
+sh get-docker.sh
+```
+
+## Optional: Build Docker image of FreshRSS
+Optional, as a *less recent* [online image](https://hub.docker.com/r/freshrss/freshrss/) can be automatically fetched during the next step (run),
+but online images are not available for as many platforms as if you build yourself.
+
+```sh
+# First time only
+git clone https://github.com/FreshRSS/FreshRSS.git
+
+cd ./FreshRSS/
+git pull
+sudo docker pull alpine:3.7
+sudo docker build --tag freshrss/freshrss -f Docker/Dockerfile .
+```
+
+## Run FreshRSS
+
+Example exposing FreshRSS on port 8080. You may have to adapt the network parameters to fit your needs.
+
+```sh
+# You can optionally run from the directory containing the FreshRSS source code:
+cd ./FreshRSS/
+
+# The data will be saved on the host in `./data/`
+mkdir -p ./data/
+
+sudo docker run -dit --restart unless-stopped --log-opt max-size=10m \
+	-v $(pwd)/data:/var/www/FreshRSS/data \
+	-p 8080:80 \
+	--name freshrss freshrss/freshrss
+```
+
+## Update
+
+```sh
+# Rebuild an image (see build section above) or get a new online version:
+sudo docker pull freshrss/freshrss
+# And then 
+sudo docker stop freshrss
+docker rename freshrss freshrss_old
+# See the run section above for the full command
+sudo docker run ...
+# If everything is working, delete the old container
+docker rm freshrss_old
+```
+
+## Command line
+
+```sh
+sudo docker exec -it freshrss php ./cli/list-users.php
+```
+
+See the [CLI documentation](../cli/) for all the other commands.
+
+### Cron job to refresh feeds
+Set a cron job up on your host machine, calling the `actualize_script.php` inside the FreshRSS Docker instance.
+
+#### Example on Debian / Ubuntu
+Create `/etc/cron.d/FreshRSS` with:
+
+```
+7,37 * * * * root docker exec -it freshrss php ./app/actualize_script.php > /tmp/FreshRSS.log 2>&1
+```
+
+## Debugging
+
+```sh
+# See FreshRSS data (it is on the host)
+cd ./data/
+# See Web server logs
+sudo docker logs -f freshrss
+
+# Enter inside FreshRSS docker container
+sudo docker exec -it freshrss sh
+## See FreshRSS root inside the container
+ls /var/www/FreshRSS/
+```
+
+## Deployment in production
+
+Use a reverse proxy on your host server, such as [Træfik](https://traefik.io/) or [nginx](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/),
+with HTTPS, for instance using [Let’s Encrypt](https://letsencrypt.org/).
diff --git a/README.fr.md b/README.fr.md
index fc99d0e4c..97ffafb56 100644
--- a/README.fr.md
+++ b/README.fr.md
@@ -55,6 +55,8 @@ Nous sommes une communauté amicale.
 7. Avec Apache, activer [`AllowEncodedSlashes`](https://httpd.apache.org/docs/trunk/mod/core.html#allowencodedslashes) pour une meilleure compatibilité avec les clients mobiles.
 
 ## Installation automatisée
+* [Docker](./Docker/)
+* [![Cloudron](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=org.freshrss.cloudronapp)
 * [![DP deploy](https://raw.githubusercontent.com/DFabric/DPlatform-ShellCore/gh-pages/img/deploy.png)](https://dfabric.github.io/DPlatform-ShellCore)
 * [YunoHost](https://github.com/YunoHost-Apps/freshrss_ynh)
 
diff --git a/README.md b/README.md
index 23358d98e..8858dd12d 100644
--- a/README.md
+++ b/README.md
@@ -59,7 +59,8 @@ We are a friendly community.
 More information about installation and server configuration can be found in [our documentation](https://freshrss.github.io/FreshRSS/en/admins/02_Installation.html). 
 
 ## Automated install
-* [![Install on Cloudron](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=org.freshrss.cloudronapp)
+* [Docker](./Docker/)
+* [![Cloudron](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=org.freshrss.cloudronapp)
 * [![DP deploy](https://raw.githubusercontent.com/DFabric/DPlatform-ShellCore/gh-pages/img/deploy.png)](https://dfabric.github.io/DPlatform-ShellCore)
 * [YunoHost](https://github.com/YunoHost-Apps/freshrss_ynh)
 
diff --git a/cli/README.md b/cli/README.md
index a496aab58..d531b8c3d 100644
--- a/cli/README.md
+++ b/cli/README.md
@@ -32,6 +32,9 @@ Options in parenthesis are optional.
 ```sh
 cd /usr/share/FreshRSS
 
+./cli/prepare.php
+# Ensure the needed directories in ./data/
+
 ./cli/do-install.php --default_user admin ( --auth_type form --environment production --base_url https://rss.example.net/ --language en --title FreshRSS --allow_anonymous --api_enabled --db-type mysql --db-host localhost:3306 --db-user freshrss --db-password dbPassword123 --db-base freshrss --db-prefix freshrss )
 # --auth_type can be: 'form' (default), 'http_auth' (using the Web server access control), 'none' (dangerous)
 # --db-type can be: 'sqlite' (default), 'mysql' (MySQL or MariaDB), 'pgsql' (PostgreSQL)
diff --git a/cli/prepare.php b/cli/prepare.php
new file mode 100755
index 000000000..2db2da555
--- /dev/null
+++ b/cli/prepare.php
@@ -0,0 +1,37 @@
+#!/usr/bin/php
+<?php
+require(__DIR__ . '/_cli.php');
+
+$dirs = array(
+	'/',
+	'/cache',
+	'/extensions-data',
+	'/favicons',
+	'/PubSubHubbub',
+	'/PubSubHubbub/feeds',
+	'/PubSubHubbub/keys',
+	'/tokens',
+	'/users',
+	'/users/_',
+);
+
+$ok = true;
+
+foreach ($dirs as $dir) {
+	@mkdir(DATA_PATH . $dir, 0770, true);
+	$ok &= touch(DATA_PATH . $dir . '/index.html');
+}
+
+if (!is_file(DATA_PATH . '/config.php')) {
+	$ok &= touch(DATA_PATH . '/do-install.txt');
+}
+
+file_put_contents(DATA_PATH . '/.htaccess',
+"Order	Allow,Deny\n" .
+"Deny	from all\n" .
+"Satisfy	all\n"
+);
+
+accessRights();
+
+done($ok);
diff --git a/lib/Minz/Request.php b/lib/Minz/Request.php
index f80b707d6..a43509ded 100644
--- a/lib/Minz/Request.php
+++ b/lib/Minz/Request.php
@@ -106,7 +106,8 @@ class Minz_Request {
 		$https = self::isHttps();
 
 		if (!empty($_SERVER['HTTP_HOST'])) {
-			$host = $_SERVER['HTTP_HOST'];
+			//Might contain a port number, and mind IPv6 addresses
+			$host = parse_url('http://' . $_SERVER['HTTP_HOST'], PHP_URL_HOST);
 		} elseif (!empty($_SERVER['SERVER_NAME'])) {
 			$host = $_SERVER['SERVER_NAME'];
 		} else {
author	Alexandre Alapetite <alexandre@alapetite.fr>	2018-03-04 01:02:02 +0100
committer	GitHub <noreply@github.com>	2018-03-04 01:02:02 +0100
commit	71918dbc5a240dfa391491b27cdb482d55b8794a (patch)
tree	8ef6f68f35134d93cba6495728983ae37c69e127
parent	9dbed072b32f70db98c24e164ca6ee5487ceb97e (diff)