6 files changed, 84 insertions, 64 deletions
diff --git a/Docker/Dockerfile b/Docker/Dockerfile
index 8693bb0f7..6dbebccb0 100644
--- a/Docker/Dockerfile
+++ b/Docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:19.04
+FROM ubuntu:19.10
 
 ENV TZ UTC
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
@@ -43,12 +43,15 @@ RUN a2dismod -f alias autoindex negotiation status && \
 RUN sed -r -i "/^\s*(CustomLog|ErrorLog|Listen) /s/^/#/" /etc/apache2/apache2.conf && \
 	sed -r -i "/^\s*Listen /s/^/#/" /etc/apache2/ports.conf && \
 	touch /var/www/FreshRSS/Docker/env.txt && \
-	echo "17,47 * * * * . /var/www/FreshRSS/Docker/env.txt; \
+	echo "7,37 * * * * . /var/www/FreshRSS/Docker/env.txt; \
 		su www-data -s /bin/sh -c 'php /var/www/FreshRSS/app/actualize_script.php' \
 		2>> /proc/1/fd/2 > /tmp/FreshRSS.log" | crontab -
 
+ENV COPY_LOG_TO_SYSLOG On
 ENV COPY_SYSLOG_TO_STDERR On
 ENV CRON_MIN ''
+ENV FRESHRSS_ENV ''
+
 ENTRYPOINT ["./Docker/entrypoint.sh"]
 
 EXPOSE 80
diff --git a/Docker/Dockerfile-Alpine b/Docker/Dockerfile-Alpine
index ac5d74a43..4afad0949 100644
--- a/Docker/Dockerfile-Alpine
+++ b/Docker/Dockerfile-Alpine
@@ -5,7 +5,7 @@ SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
 RUN apk add --no-cache \
 	apache2 php7-apache2 \
 	php7 php7-curl php7-gmp php7-intl php7-mbstring php7-xml php7-zip \
-	php7-ctype php7-dom php7-fileinfo php7-iconv php7-json php7-session php7-simplexml php7-xmlreader php7-zlib \
+	php7-ctype php7-dom php7-fileinfo php7-iconv php7-json php7-opcache php7-session php7-simplexml php7-xmlreader php7-zlib \
 	php7-pdo_sqlite php7-pdo_mysql php7-pdo_pgsql
 
 RUN mkdir -p /var/www/FreshRSS /run/apache2/
@@ -43,8 +43,11 @@ RUN rm -f /etc/apache2/conf.d/languages.conf /etc/apache2/conf.d/info.conf \
 		su apache -s /bin/sh -c 'php /var/www/FreshRSS/app/actualize_script.php' \
 		2>> /proc/1/fd/2 > /tmp/FreshRSS.log" | crontab -
 
+ENV COPY_LOG_TO_SYSLOG On
 ENV COPY_SYSLOG_TO_STDERR On
 ENV CRON_MIN ''
+ENV FRESHRSS_ENV ''
+
 ENTRYPOINT ["./Docker/entrypoint.sh"]
 
 EXPOSE 80
diff --git a/Docker/Dockerfile-QEMU-ARM b/Docker/Dockerfile-QEMU-ARM
index 4d81a23f0..30b1e205b 100644
--- a/Docker/Dockerfile-QEMU-ARM
+++ b/Docker/Dockerfile-QEMU-ARM
@@ -1,7 +1,7 @@
 # Only relevant for Docker Hub or QEMU multi-architecture builds.
 # Prefer the normal `Dockerfile` if you are building manually on the targeted architecture.
 
-FROM arm32v7/ubuntu:19.04
+FROM arm32v7/ubuntu:19.10
 
 # Requires ./hooks/*
 COPY ./Docker/qemu-arm-* /usr/bin/
@@ -59,8 +59,11 @@ RUN update-ca-certificates -f
 # Useful with the `--squash` build option
 RUN rm /usr/bin/qemu-* /var/www/FreshRSS/Docker/qemu-*
 
+ENV COPY_LOG_TO_SYSLOG On
 ENV COPY_SYSLOG_TO_STDERR On
 ENV CRON_MIN ''
+ENV FRESHRSS_ENV ''
+
 ENTRYPOINT ["./Docker/entrypoint.sh"]
 
 EXPOSE 80
diff --git a/Docker/README.md b/Docker/README.md
index c93178ff7..15510a220 100644
--- a/Docker/README.md
+++ b/Docker/README.md
@@ -17,7 +17,7 @@ sh get-docker.sh
 
 ## Create an isolated network
 ```sh
-sudo docker network create freshrss-network
+docker network create freshrss-network
 ```
 
 ## Recommended: use [Træfik](https://traefik.io/) reverse proxy
@@ -25,18 +25,18 @@ It is a good idea to use a reverse proxy on your host server, providing HTTPS.
 Here is the recommended configuration using automatic [Let’s Encrypt](https://letsencrypt.org/) HTTPS certificates and with a redirection from HTTP to HTTPS. See further below for alternatives.
 
 ```sh
-sudo docker volume create traefik-letsencrypt
-sudo docker volume create traefik-tmp
+docker volume create traefik-letsencrypt
+docker volume create traefik-tmp
 
 # Just change your e-mail address in the command below:
-sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
+docker run -d --restart unless-stopped --log-opt max-size=10m \
   -v traefik-letsencrypt:/etc/traefik/acme \
   -v traefik-tmp:/tmp \
   -v /var/run/docker.sock:/var/run/docker.sock:ro \
   --net freshrss-network \
   -p 80:80 \
   -p 443:443 \
-  --name traefik traefik --docker \
+  --name traefik traefik:1.7 --docker \
   --loglevel=info \
   --entryPoints='Name:http Address::80 Compress:true Redirect.EntryPoint:https' \
   --entryPoints='Name:https Address::443 Compress:true TLS TLS.MinVersion:VersionTLS12 TLS.SniStrict:true TLS.CipherSuites:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA' \
@@ -48,17 +48,17 @@ sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
 See [more information about Docker and Let’s Encrypt in Træfik](https://docs.traefik.io/user-guide/docker-and-lets-encrypt/).
 
 
-## Run FreshRSS 
+## Run FreshRSS
 Example using the built-in refresh cron job (see further below for alternatives).
 You must first chose a domain (DNS) or sub-domain, e.g. `freshrss.example.net`.
 
 > **N.B.:** Default images are for x64 (Intel, AMD) platforms. For ARM (e.g. Raspberry Pi), use the `*-arm` tags. For other platforms, see the section *Build Docker image* further below.
 
 ```sh
-sudo docker volume create freshrss-data
+docker volume create freshrss-data
 
 # Remember to replace freshrss.example.net by your server address in the command below:
-sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
+docker run -d --restart unless-stopped --log-opt max-size=10m \
   -v freshrss-data:/var/www/FreshRSS/data \
   -e 'CRON_MIN=4,34' \
   -e TZ=Europe/Paris \
@@ -79,16 +79,16 @@ sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
 
 This already works with a built-in **SQLite** database (easiest), but more powerful databases are supported:
 
-### [MySQL](https://hub.docker.com/_/mysql/)
+### [MySQL](https://hub.docker.com/_/mysql/) or [MariaDB](https://hub.docker.com/_/mariadb)
 ```sh
-# If you already have a MySQL instance running, just attach it to the FreshRSS network:
-sudo docker network connect freshrss-network mysql
+# If you already have a MySQL or MariaDB instance running, just attach it to the FreshRSS network:
+docker network connect freshrss-network mysql
 
 # Otherwise, start a new MySQL instance, remembering to change the passwords:
-sudo docker volume create mysql-data
-sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
+docker volume create mysql-data
+docker run -d --restart unless-stopped --log-opt max-size=10m \
   -v mysql-data:/var/lib/mysql \
-  -e MYSQL_ROOT_PASSWORD=rootpass
+  -e MYSQL_ROOT_PASSWORD=rootpass \
   -e MYSQL_DATABASE=freshrss \
   -e MYSQL_USER=freshrss \
   -e MYSQL_PASSWORD=pass \
@@ -99,11 +99,11 @@ sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
 ### [PostgreSQL](https://hub.docker.com/_/postgres/)
 ```sh
 # If you already have a PostgreSQL instance running, just attach it to the FreshRSS network:
-sudo docker network connect freshrss-network postgres
+docker network connect freshrss-network postgres
 
 # Otherwise, start a new PostgreSQL instance, remembering to change the passwords:
-sudo docker volume create pgsql-data
-sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
+docker volume create pgsql-data
+docker run -d --restart unless-stopped --log-opt max-size=10m \
   -v pgsql-data:/var/lib/postgresql/data \
   -e POSTGRES_DB=freshrss \
   -e POSTGRES_USER=freshrss \
@@ -121,14 +121,14 @@ or use the command line described below.
 
 ```sh
 # Rebuild an image (see build section above) or get a new online version:
-sudo docker pull freshrss/freshrss
+docker pull freshrss/freshrss
 # And then
-sudo docker stop freshrss
-sudo docker rename freshrss freshrss_old
+docker stop freshrss
+docker rename freshrss freshrss_old
 # See the run section above for the full command
-sudo docker run ... --name freshrss freshrss/freshrss
+docker run ... --name freshrss freshrss/freshrss
 # If everything is working, delete the old container
-sudo docker rm freshrss_old
+docker rm freshrss_old
 ```
 
 
@@ -153,17 +153,16 @@ Note that prebuilt images are less recent and only available for x64 (Intel, AMD
 # First time only
 git clone https://github.com/FreshRSS/FreshRSS.git
 
-cd ./FreshRSS/
+cd FreshRSS/
 git pull
-sudo docker pull ubuntu:18.10
-sudo docker build --tag freshrss/freshrss -f Docker/Dockerfile .
+docker build --pull --tag freshrss/freshrss -f Docker/Dockerfile .
 ```
 
 
 ## Command line
 
 ```sh
-sudo docker exec --user apache -it freshrss php ./cli/list-users.php
+docker exec --user apache -it freshrss php ./cli/list-users.php
 ```
 
 See the [CLI documentation](../cli/) for all the other commands.
@@ -173,14 +172,14 @@ See the [CLI documentation](../cli/) for all the other commands.
 
 ```sh
 # See FreshRSS data if you use Docker volume
-sudo docker volume inspect freshrss-data
+docker volume inspect freshrss-data
 sudo ls /var/lib/docker/volumes/freshrss-data/_data/
 
 # See Web server logs
-sudo docker logs -f freshrss
+docker logs -f freshrss
 
 # Enter inside FreshRSS docker container
-sudo docker exec -it freshrss sh
+docker exec -it freshrss sh
 ## See FreshRSS root inside the container
 ls /var/www/FreshRSS/
 ```
@@ -198,7 +197,7 @@ containing a valid cron minute definition such as `'13,43'` (recommended) or `'*
 Not passing the `CRON_MIN` environment variable – or setting it to empty string – will disable the cron daemon.
 
 ```sh
-sudo docker run ... \
+docker run ... \
   -e 'CRON_MIN=13,43' \
   --name freshrss freshrss/freshrss
 ```
@@ -221,7 +220,7 @@ See cron option 1 for customising the cron schedule.
 
 #### For the Ubuntu image (default)
 ```sh
-sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
+docker run -d --restart unless-stopped --log-opt max-size=10m \
   -v freshrss-data:/var/www/FreshRSS/data \
   -e 'CRON_MIN=17,47' \
   --net freshrss-network \
@@ -231,7 +230,7 @@ sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
 
 #### For the Alpine image
 ```sh
-sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
+docker run -d --restart unless-stopped --log-opt max-size=10m \
   -v freshrss-data:/var/www/FreshRSS/data \
   -e 'CRON_MIN=27,57' \
   --net freshrss-network \
@@ -239,6 +238,22 @@ sudo docker run -d --restart unless-stopped --log-opt max-size=10m \
   crond -f -d 6
 ```
 
+## Development mode
+
+To contribute to FreshRSS development, you can use one of the Docker images to run and serve the PHP code,
+while reading the source code from your local (git) directory, like the following example:
+
+```sh
+cd /path-to-local/FreshRSS/
+docker run --rm -p 8080:80 -e TZ=Europe/Paris -e FRESHRSS_ENV=development \
+  -v $(pwd):/var/www/FreshRSS \
+  freshrss/freshrss:dev
+```
+
+This will start a server on port 8080, based on your local PHP code, which will show the logs directly in your terminal.
+Press <kbd>Control</kbd>+<kbd>c</kbd> to exit.
+
+The `FRESHRSS_ENV=development` environment variable increases the level of logging and ensures that errors are displayed.
 
 ## More deployment options
 
@@ -248,7 +263,7 @@ Changes in Apache `.htaccess` files are applied when restarting the container.
 In particular, if you want FreshRSS to use HTTP-based login (instead of the easier Web form login), you can mount your own `./FreshRSS/p/i/.htaccess`:
 
 ```
-sudo docker run ...
+docker run ...
   -v /your/.htaccess:/var/www/FreshRSS/p/i/.htaccess \
   -v /your/.htpasswd:/var/www/FreshRSS/data/.htpasswd \
   ...
@@ -276,7 +291,7 @@ A [docker-compose.yml](docker-compose.yml) file is given as an example, using Po
 
 You can then launch the stack (FreshRSS + PostgreSQL) with:
 ```sh
-sudo docker-compose up -d
+docker-compose up -d
 ```
 
 ### Alternative reverse proxy using [nginx](https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/)
@@ -313,7 +328,7 @@ server {
 	}
 
 	location /freshrss/ {
-		proxy_pass http://freshrss/;
+		proxy_pass http://freshrss;
 		add_header X-Frame-Options SAMEORIGIN;
 		add_header X-XSS-Protection "1; mode=block";
 		proxy_redirect off;
diff --git a/Docker/docker-compose.yml b/Docker/docker-compose.yml
index 8a8ad270b..1c0a79ab8 100644
--- a/Docker/docker-compose.yml
+++ b/Docker/docker-compose.yml
@@ -1,38 +1,31 @@
-version: '2.3'
+version: "3"
 
 services:
-  postgresql:
-    image: postgres:latest
+  freshrss_postgresql:
+    image: postgres
     restart: unless-stopped
     volumes:
-    - '/path/to/pgsql-data:/var/lib/postgresql/data'
+      - pgsql_data:/var/lib/postgresql/data
     environment:
-    - POSTGRES_USER=freshrss
-    - POSTGRES_PASSWORD=password
-    - POSTGRES_DB=freshrss
+      - POSTGRES_USER=freshrss
+      - POSTGRES_PASSWORD=freshrss
+      - POSTGRES_DB=freshrss
 
   freshrss:
-    image: freshrss/freshrss:latest
+    image: freshrss/freshrss
     restart: unless-stopped
+    ports:
+      - "8080:80"
     depends_on:
-      - postgresql
-    networks:
-      - web
-      - default
+      - freshrss_postgresql
     volumes:
-      - '/your/local/directory/data:/var/www/FreshRSS/data'
-    labels:
-      - "traefik.backend=freshrss"
-      - "traefik.docker.network=web"
-      - "traefik.frontend.rule=Host:rss.example.com"
-      - "traefik.enable=true"
-      - "traefik.default.protocol=http"
-      - "traefik.frontend.entryPoints=http,https"
-      - "traefik.port=80"
+      - freshrss_data:/var/www/FreshRSS/data
     environment:
       - CRON_MIN=*/20
+      - TZ=Europe/Copenhagen
+    labels:
+      - "traefik.port=80"
 
-networks:
-  web:
-    external: true
-
+volumes:
+  pgsql_data:
+  freshrss_data:
diff --git a/Docker/entrypoint.sh b/Docker/entrypoint.sh
index bb0e1bde0..02338c35e 100755
--- a/Docker/entrypoint.sh
+++ b/Docker/entrypoint.sh
@@ -6,10 +6,13 @@ chown -R :www-data .
 chmod -R g+r . && chmod -R g+w ./data/
 
 find /etc/php*/ -name php.ini -exec sed -r -i "\\#^;?date.timezone#s#^.*#date.timezone = $TZ#" {} \;
+find /etc/php*/ -name php.ini -exec sed -r -i "\\#^;?post_max_size#s#^.*#post_max_size = 32M#" {} \;
+find /etc/php*/ -name php.ini -exec sed -r -i "\\#^;?upload_max_filesize#s#^.*#upload_max_filesize = 32M#" {} \;
 
 if [ -n "$CRON_MIN" ]; then
 	(
 		echo "export TZ=$TZ"
+		echo "export COPY_LOG_TO_SYSLOG=$COPY_LOG_TO_SYSLOG"
 		echo "export COPY_SYSLOG_TO_STDERR=$COPY_SYSLOG_TO_STDERR"
 	) >/var/www/FreshRSS/Docker/env.txt
 	crontab -l | sed -r "\\#FreshRSS#s#^[^ ]+ #$CRON_MIN #" | crontab -