From 5bd3d92b9f1abad9f27cbe7fc138a328f8dbaa6f Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 3 Feb 2019 12:30:34 +0100 Subject: Alpine 3.9 PHP 7.2.14, Apache 2.4.38 https://alpinelinux.org/posts/Alpine-3.9.0-released.html --- Docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Docker') diff --git a/Docker/Dockerfile b/Docker/Dockerfile index a4be9fd84..cd0f521a0 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.8 +FROM alpine:3.9 ENV TZ UTC -- cgit v1.2.3 From fc8fb0a7ee0d98f8c31be3bd6e76719ebb0e68ee Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 2 Mar 2019 21:49:20 +0100 Subject: Docker image alternative using Ubuntu (#2205) * Docker image alternative using Ubuntu Ubuntu seems to be faster, cf. e.g. PHPBench. It is quite usual for Docker images to offer both a Debian/Ubuntu and an Alpine version, so we could also do the same if there is any need. Follow-up of https://github.com/FreshRSS/FreshRSS/pull/2202 * Only explicit use of Apache confs Fix double-logging issue * Explicit ServerTokens OS Default Apache configuration in Ubuntu, which was removed when disabling all confs. It is also the default Apache configuration in Alpine. * Take advantage of syslog for actualization Same than for Alpine https://github.com/FreshRSS/FreshRSS/pull/2208/commits/43ab629e27799cb28ec28ad409a512e128d11e97 * COPY_SYSLOG_TO_STDERR Same as https://github.com/FreshRSS/FreshRSS/pull/2213 * Update to libapache2-mod-php instead of php-fpm * Default to Ubuntu Ubuntu mod-php wins, being ~14% faster than Ubuntu php-fpm (which was ~300% faster than Alpine mod-php) --- Docker/Dockerfile | 44 ++++++++++++++++++++++++-------------------- Docker/Dockerfile-Alpine | 34 ++++++++++++++++++++++++++++++++++ Docker/FreshRSS.Apache.conf | 1 + 3 files changed, 59 insertions(+), 20 deletions(-) create mode 100644 Docker/Dockerfile-Alpine (limited to 'Docker') diff --git a/Docker/Dockerfile b/Docker/Dockerfile index cd0f521a0..53feb31d4 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -1,28 +1,31 @@ -FROM alpine:3.9 +FROM ubuntu:18.10 ENV TZ UTC +RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone -RUN apk add --no-cache \ - apache2 php7-apache2 \ - php7 php7-curl php7-gmp php7-intl php7-mbstring php7-xml php7-zip \ - php7-ctype php7-dom php7-fileinfo php7-iconv php7-json php7-session php7-simplexml php7-xmlreader php7-zlib \ - php7-pdo_sqlite php7-pdo_mysql php7-pdo_pgsql +RUN apt update && \ + apt install --no-install-recommends -y \ + cron \ + apache2 libapache2-mod-php \ + php-curl php-intl php-mbstring php-xml php-zip \ + php-sqlite3 php-mysql php-pgsql && \ + rm -rf /var/lib/apt/lists/ -RUN mkdir -p /var/www/FreshRSS /run/apache2/ +RUN mkdir -p /var/www/FreshRSS /run/apache2/ /run/php/ WORKDIR /var/www/FreshRSS COPY . /var/www/FreshRSS -COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/ - -RUN rm -f /etc/apache2/conf.d/languages.conf /etc/apache2/conf.d/info.conf \ - /etc/apache2/conf.d/status.conf /etc/apache2/conf.d/userdir.conf && \ - sed -r -i "/^\s*LoadModule .*mod_(alias|autoindex|negotiation|status).so$/s/^/#/" \ - /etc/apache2/httpd.conf && \ - sed -r -i "/^\s*#\s*LoadModule .*mod_(deflate|expires|headers|mime|setenvif).so$/s/^\s*#//" \ - /etc/apache2/httpd.conf && \ - sed -r -i "/^\s*(CustomLog|ErrorLog|Listen) /s/^/#/" \ - /etc/apache2/httpd.conf && \ - echo "17,37 * * * * su apache -s /bin/sh -c 'php /var/www/FreshRSS/app/actualize_script.php' 2>> /proc/1/fd/2 > /tmp/FreshRSS.log" >> \ +COPY ./Docker/*.Apache.conf /etc/apache2/sites-available/ + +RUN a2dismod -f alias autoindex negotiation status && \ + a2enmod deflate expires headers mime proxy_fcgi setenvif && \ + a2disconf '*' && \ + a2dissite '*' && \ + a2ensite 'FreshRSS*' + +RUN sed -r -i "/^\s*(CustomLog|ErrorLog|Listen) /s/^/#/" /etc/apache2/apache2.conf && \ + sed -r -i "/^\s*Listen /s/^/#/" /etc/apache2/ports.conf && \ + echo "17,37 su apache -s /bin/sh -c 'php /var/www/FreshRSS/app/actualize_script.php' 2>> /proc/1/fd/2 > /tmp/FreshRSS.log" >> \ /var/spool/cron/crontabs/root ENV COPY_SYSLOG_TO_STDERR On @@ -30,5 +33,6 @@ ENV CRON_MIN '' ENTRYPOINT ["./Docker/entrypoint.sh"] EXPOSE 80 -CMD ([ -z "$CRON_MIN" ] || crond -d 6) && \ - exec httpd -D FOREGROUND +CMD ([ -z "$CRON_MIN" ] || cron) && \ + . /etc/apache2/envvars && \ + exec apache2 -D FOREGROUND diff --git a/Docker/Dockerfile-Alpine b/Docker/Dockerfile-Alpine new file mode 100644 index 000000000..cd0f521a0 --- /dev/null +++ b/Docker/Dockerfile-Alpine @@ -0,0 +1,34 @@ +FROM alpine:3.9 + +ENV TZ UTC + +RUN apk add --no-cache \ + apache2 php7-apache2 \ + php7 php7-curl php7-gmp php7-intl php7-mbstring php7-xml php7-zip \ + php7-ctype php7-dom php7-fileinfo php7-iconv php7-json php7-session php7-simplexml php7-xmlreader php7-zlib \ + php7-pdo_sqlite php7-pdo_mysql php7-pdo_pgsql + +RUN mkdir -p /var/www/FreshRSS /run/apache2/ +WORKDIR /var/www/FreshRSS + +COPY . /var/www/FreshRSS +COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/ + +RUN rm -f /etc/apache2/conf.d/languages.conf /etc/apache2/conf.d/info.conf \ + /etc/apache2/conf.d/status.conf /etc/apache2/conf.d/userdir.conf && \ + sed -r -i "/^\s*LoadModule .*mod_(alias|autoindex|negotiation|status).so$/s/^/#/" \ + /etc/apache2/httpd.conf && \ + sed -r -i "/^\s*#\s*LoadModule .*mod_(deflate|expires|headers|mime|setenvif).so$/s/^\s*#//" \ + /etc/apache2/httpd.conf && \ + sed -r -i "/^\s*(CustomLog|ErrorLog|Listen) /s/^/#/" \ + /etc/apache2/httpd.conf && \ + echo "17,37 * * * * su apache -s /bin/sh -c 'php /var/www/FreshRSS/app/actualize_script.php' 2>> /proc/1/fd/2 > /tmp/FreshRSS.log" >> \ + /var/spool/cron/crontabs/root + +ENV COPY_SYSLOG_TO_STDERR On +ENV CRON_MIN '' +ENTRYPOINT ["./Docker/entrypoint.sh"] + +EXPOSE 80 +CMD ([ -z "$CRON_MIN" ] || crond -d 6) && \ + exec httpd -D FOREGROUND diff --git a/Docker/FreshRSS.Apache.conf b/Docker/FreshRSS.Apache.conf index 80f6389d8..6621ff16f 100644 --- a/Docker/FreshRSS.Apache.conf +++ b/Docker/FreshRSS.Apache.conf @@ -4,6 +4,7 @@ DocumentRoot /var/www/FreshRSS/p/ CustomLog /dev/stdout combined ErrorLog /dev/stderr AllowEncodedSlashes On +ServerTokens OS AllowOverride None -- cgit v1.2.3 From 60b7f5e6d966bbfb9d3c24a3b51057abd9b6e718 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 2 Mar 2019 22:53:04 +0100 Subject: Docker Ubuntu notes (#2259) https://github.com/FreshRSS/FreshRSS/pull/2205 (And removed proxy_fcgi forgotten from php-fpm) --- CHANGELOG.md | 12 +++++++----- Docker/Dockerfile | 2 +- Docker/README.md | 14 +++++++++++++- 3 files changed, 21 insertions(+), 7 deletions(-) (limited to 'Docker') diff --git a/CHANGELOG.md b/CHANGELOG.md index f9d1bc1d6..fc71fabe6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,16 +2,18 @@ ## 2019-0X-XX FreshRSS 1.13.2-dev -* Bug fixing - * Fix API HTTP Authorization case-sensitivity issue introduced in FreshRSS 1.13.1 [#2233](https://github.com/FreshRSS/FreshRSS/issues/2233) - * Fix breaking warning in Fever API [#2239](https://github.com/FreshRSS/FreshRSS/issues/2239) - * Fix encoding problem in Fever API [#2241](https://github.com/FreshRSS/FreshRSS/issues/2241) * UI * New themes *Ansum* and *Mapco* [#2245](https://github.com/FreshRSS/FreshRSS/pull/2245) * Rewrite jQuery and keyboard shortcut code as native JavaScript ES6 (except for graphs on the statistics pages) [#2234](https://github.com/FreshRSS/FreshRSS/pull/2234) * Batch scroll-as-read for better client-side and server-side performance [#2199](https://github.com/FreshRSS/FreshRSS/pull/2199) * Deployment - * Docker image updated to Alpine 3.9 with PHP 7.2.14 and Apache 2.4.38 [#2238](https://github.com/FreshRSS/FreshRSS/pull/2238) + * New default Docker image based on Ubuntu (~3 times faster, but ~2.5 times larger) [#2205](https://github.com/FreshRSS/FreshRSS/pull/2205) + * Using Ubuntu 18.10 with PHP 7.2.15 and Apache 2.4.34 + * Alpine version updated to Alpine 3.9 with PHP 7.2.14 and Apache 2.4.38 [#2238](https://github.com/FreshRSS/FreshRSS/pull/2238) +* Bug fixing + * Fix API HTTP Authorization case-sensitivity issue introduced in FreshRSS 1.13.1 [#2233](https://github.com/FreshRSS/FreshRSS/issues/2233) + * Fix breaking warning in Fever API [#2239](https://github.com/FreshRSS/FreshRSS/issues/2239) + * Fix encoding problem in Fever API [#2241](https://github.com/FreshRSS/FreshRSS/issues/2241) * I18n * Improved Korean [#2242](https://github.com/FreshRSS/FreshRSS/pull/2242) * Misc. diff --git a/Docker/Dockerfile b/Docker/Dockerfile index 53feb31d4..8f15bec96 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -18,7 +18,7 @@ COPY . /var/www/FreshRSS COPY ./Docker/*.Apache.conf /etc/apache2/sites-available/ RUN a2dismod -f alias autoindex negotiation status && \ - a2enmod deflate expires headers mime proxy_fcgi setenvif && \ + a2enmod deflate expires headers mime setenvif && \ a2disconf '*' && \ a2dissite '*' && \ a2ensite 'FreshRSS*' diff --git a/Docker/README.md b/Docker/README.md index ac745c49d..ba6169ea3 100644 --- a/Docker/README.md +++ b/Docker/README.md @@ -10,6 +10,18 @@ sh get-docker.sh ``` +## [Docker tags](https://hub.docker.com/r/freshrss/freshrss/tags) +The tags correspond to FreshRSS branches and versions: +* `:latest` (default) is the `master` branch, more stable +* `:dev` is the `dev` branch, rolling release +* `:x.y.z` are specific FreshRSS releases + +### Linux: Ubuntu vs. Alpine +Our default image is based on [Ubuntu](https://www.ubuntu.com/server). We offer an alternative based on [Alpine](https://alpinelinux.org/) (with the `-alpine` tag suffix). +In [our tests](https://github.com/FreshRSS/FreshRSS/pull/2205), Ubuntu is ~3 times faster, +while Alpine is ~2.5 times [smaller on disk](https://hub.docker.com/r/freshrss/freshrss/tags) (and much faster to build). + + ## Optional: Build Docker image of FreshRSS Optional, as a *less recent* online image can be automatically fetched during the next step (run), but online images are not available for as many platforms (e.g. Raspberry Pi / ARM) as if you build yourself. @@ -20,7 +32,7 @@ git clone https://github.com/FreshRSS/FreshRSS.git cd ./FreshRSS/ git pull -sudo docker pull alpine:3.8 +sudo docker pull ubuntu:18.10 sudo docker build --tag freshrss/freshrss -f Docker/Dockerfile . ``` -- cgit v1.2.3 From 6323fe5ea011e7f8821b93071c8f40f271a697f0 Mon Sep 17 00:00:00 2001 From: Benjamin Bouvier Date: Tue, 19 Mar 2019 19:52:53 +0100 Subject: Add Authorization header forwarding to the Nginx configuration for Docker (#2282) * Add Authorization header forwarding to the Nginx configuration for Docker * Comment --- Docker/README.md | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'Docker') diff --git a/Docker/README.md b/Docker/README.md index ba6169ea3..bed5e1cce 100644 --- a/Docker/README.md +++ b/Docker/README.md @@ -301,6 +301,10 @@ server { proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; proxy_read_timeout 90; + + # Forward the Authorization header for the Google Reader API. + proxy_set_header Authorization $http_authorization; + proxy_pass_header Authorization; } } ``` -- cgit v1.2.3 From 4be8a5fed521270c2e9deba7dc9f603224b51b87 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 19 Mar 2019 21:48:41 +0100 Subject: Minor docker doc changes (#2284) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Minor docker doc changes Fix Træfik temp volume minor issue * Warning for non x86-64 * Formatting * Minor * Wording --- Docker/README.md | 78 +++++++++++++++++++++++++++++--------------------------- 1 file changed, 41 insertions(+), 37 deletions(-) (limited to 'Docker') diff --git a/Docker/README.md b/Docker/README.md index bed5e1cce..3cfb05c69 100644 --- a/Docker/README.md +++ b/Docker/README.md @@ -10,33 +10,6 @@ sh get-docker.sh ``` -## [Docker tags](https://hub.docker.com/r/freshrss/freshrss/tags) -The tags correspond to FreshRSS branches and versions: -* `:latest` (default) is the `master` branch, more stable -* `:dev` is the `dev` branch, rolling release -* `:x.y.z` are specific FreshRSS releases - -### Linux: Ubuntu vs. Alpine -Our default image is based on [Ubuntu](https://www.ubuntu.com/server). We offer an alternative based on [Alpine](https://alpinelinux.org/) (with the `-alpine` tag suffix). -In [our tests](https://github.com/FreshRSS/FreshRSS/pull/2205), Ubuntu is ~3 times faster, -while Alpine is ~2.5 times [smaller on disk](https://hub.docker.com/r/freshrss/freshrss/tags) (and much faster to build). - - -## Optional: Build Docker image of FreshRSS -Optional, as a *less recent* online image can be automatically fetched during the next step (run), -but online images are not available for as many platforms (e.g. Raspberry Pi / ARM) as if you build yourself. - -```sh -# First time only -git clone https://github.com/FreshRSS/FreshRSS.git - -cd ./FreshRSS/ -git pull -sudo docker pull ubuntu:18.10 -sudo docker build --tag freshrss/freshrss -f Docker/Dockerfile . -``` - - ## Create an isolated network ```sh sudo docker network create freshrss-network @@ -48,10 +21,12 @@ Here is the recommended configuration using automatic [Let’s Encrypt](https:// ```sh sudo docker volume create traefik-letsencrypt +sudo docker volume create traefik-tmp # Just change your e-mail address in the command below: sudo docker run -d --restart unless-stopped --log-opt max-size=10m \ -v traefik-letsencrypt:/etc/traefik/acme \ + -v traefik-tmp:/tmp \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ --net freshrss-network \ -p 80:80 \ @@ -71,6 +46,8 @@ See [more information about Docker and Let’s Encrypt in Træfik](https://docs. Example using the built-in refresh cron job (see further below for alternatives). You must first chose a domain (DNS) or sub-domain, e.g. `freshrss.example.net`. +> **N.B.:** For platforms other than x64 (Intel, AMD), such as ARM (e.g. Raspberry Pi), see the section *Build Docker image* further below. + ```sh sudo docker volume create freshrss-data @@ -133,15 +110,6 @@ Browse to your server https://freshrss.example.net/ to complete the installation or use the command line described below. -## Command line - -```sh -sudo docker exec --user apache -it freshrss php ./cli/list-users.php -``` - -See the [CLI documentation](../cli/) for all the other commands. - - ## How to update ```sh @@ -157,6 +125,42 @@ sudo docker rm freshrss_old ``` +## [Docker tags](https://hub.docker.com/r/freshrss/freshrss/tags) +The tags correspond to FreshRSS branches and versions: +* `:latest` (default) is the `master` branch, more stable +* `:dev` is the `dev` branch, rolling release +* `:x.y.z` are specific FreshRSS releases + +### Linux: Ubuntu vs. Alpine +Our default image is based on [Ubuntu](https://www.ubuntu.com/server). We offer an alternative based on [Alpine](https://alpinelinux.org/) (with the `-alpine` tag suffix). +In [our tests](https://github.com/FreshRSS/FreshRSS/pull/2205), Ubuntu is ~3 times faster, +while Alpine is ~2.5 times [smaller on disk](https://hub.docker.com/r/freshrss/freshrss/tags) (and much faster to build). + + +## Optional: Build Docker image of FreshRSS +Building your own Docker image is optional because online images can be fetched automatically. +Note that prebuilt images are less recent and only available for x64 (Intel, AMD) platforms. + +```sh +# First time only +git clone https://github.com/FreshRSS/FreshRSS.git + +cd ./FreshRSS/ +git pull +sudo docker pull ubuntu:18.10 +sudo docker build --tag freshrss/freshrss -f Docker/Dockerfile . +``` + + +## Command line + +```sh +sudo docker exec --user apache -it freshrss php ./cli/list-users.php +``` + +See the [CLI documentation](../cli/) for all the other commands. + + ## Debugging ```sh @@ -301,7 +305,7 @@ server { proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; proxy_read_timeout 90; - + # Forward the Authorization header for the Google Reader API. proxy_set_header Authorization $http_authorization; proxy_pass_header Authorization; -- cgit v1.2.3 From 707388c09334364d085c598f6b483175a51d7d19 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 19 Mar 2019 21:51:16 +0100 Subject: Docker ca-certificates missing (#2285) --- Docker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Docker') diff --git a/Docker/Dockerfile b/Docker/Dockerfile index 8f15bec96..56623b001 100644 --- a/Docker/Dockerfile +++ b/Docker/Dockerfile @@ -5,7 +5,7 @@ RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone RUN apt update && \ apt install --no-install-recommends -y \ - cron \ + ca-certificates cron \ apache2 libapache2-mod-php \ php-curl php-intl php-mbstring php-xml php-zip \ php-sqlite3 php-mysql php-pgsql && \ -- cgit v1.2.3