Add base docker configs

.env

@@ -0,0 +1,6 @@
+MARIADB_ROOT_PASSWORD=example
+MARIADB_DATABASE=yetiforce
+MARIADB_USER=yeti
+MARIADB_PASSWORD=yeti
+HOSTNAME=yeti
+TLS_EMAIL=internal

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "YetiForceCRM"]
+	path = YetiForceCRM
+	url = [email protected]:YetiForceCompany/YetiForceCRM.git

README.md

@@ -1,2 +1,49 @@
-# docker
+# YetiForceCRM Docker
+
 Official YetiForce Docker image
+
+## Instructions
+
+### Production
+
+To start YetiForce in a production configuration:
+1. In the `.env` file set the `HOSTNAME` to the where you will be running YetiForce and set `TLS_EMAIL` to your email address. Those settings will make sure that your website has a proper TLS certificate.
+2. Download the YetiForce code: `git submodule update --init`.
+3. Run `docker compose up -d`.
+4. Go to `https://HOSTNAME` and go through the installation process. For your database settings, enter:
+   - Address: db
+   - Port: 3306
+   - Username: yeti
+   - Password: yeti
+   - Database name: yetiforce
+
+### Development
+
+This image can also work in development mode. This mode is designed for actively making changes in YF itself. As such, it includes the following changes:
+- YetiForce is run from the `./YetiForceCRM` directory
+- MariaDB is available on `localhost:3306`
+- PHP has a development configuration
+
+This means that you will be able to make changes in `./YetiForceCRM`, see them reflected in your browser, and commit them normally.
+
+To run in this mode:
+1. Add a line with `127.0.0.1 yeti` to `/etc/hosts` on Unix or `C:\Windows\System32\drivers\etc\hosts` on Windows.
+2. Download the YetiForce code: `git submodule update --init`.
+3. Install YetiForce dependencies:
+   ```shell
+   cd ./YetiForceCRM
+   install -m755 -d YetiForceCRM/config/Modules
+   yarn install --modules-folder "./public_html/libraries" --ignore-optional --production=true
+   cd public_html/src
+   yarn install --ignore-optional --production=true
+   cd ../..
+   composer --no-interaction install --no-dev
+   cd ..
+   ```
+4. Start the server with `docker compose -f docker-compose.yaml -f docker-compose.dev.yaml up -d`
+4. Go to `https://HOSTNAME` and go through the installation process. For your database settings, enter:
+   - Address: db
+   - Port: 3306
+   - Username: yeti
+   - Password: yeti
+   - Database name: yetiforce

caddy/Caddyfile

@@ -0,0 +1,12 @@
+{
+  auto_https disable_redirects
+}
+
+{$HOSTNAME}:443 {
+	tls {$TLS_EMAIL}
+	reverse_proxy nginx:80
+}
+
+{$HOSTNAME}:80 {
+	reverse_proxy nginx:80
+}

cron/Dockerfile

@@ -0,0 +1,6 @@
+FROM alpine:3.17
+COPY ./cron-runner.sh /usr/local/bin/cron-runner.sh
+RUN apk add --no-cache bash \
+  && chmod +x /usr/local/bin/cron-runner.sh
+
+CMD ["/usr/local/bin/cron-runner.sh"]

cron/cron-runner.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+set -euxo pipefail
+
+while true
+do
+	if test -f "/var/www/html/config/Main.php"; then
+		unique_key=$(grep application_unique_key /var/www/html/config/Main.php | awk -F"'" '{print $2}')
+		wget --timeout=900 -qO- http://nginx/cron.php?app_key="${unique_key}"
+	fi
+
+	sleep 60
+done
+

docker-compose.dev.yaml

@@ -0,0 +1,16 @@
+name: yetiforce-dev
+version: '3'
+services:
+  db:
+    ports:
+      - 3306:3306
+  php:
+    build:
+      target: php-dev
+    volumes:
+      - type: bind
+        source: ./YetiForceCRM
+        target: /var/www/html
+
+volumes:
+  crm_data: null

docker-compose.yaml

@@ -0,0 +1,67 @@
+name: yetiforce
+version: '3'
+services:
+  caddy:
+    hostname: ${HOSTNAME}
+    image: caddy:2.6
+    depends_on:
+      - nginx
+    env_file:
+      - .env
+    restart: on-failure
+    ports:
+      - "80:80"
+      - "443:443"
+      - "443:443/udp"
+    volumes:
+      - ./caddy/Caddyfile:/etc/caddy/Caddyfile
+      - caddy_data:/data
+      - caddy_config:/config
+  db:
+    build:
+      context: .
+      dockerfile: ./mariadb/Dockerfile
+    env_file:
+      - .env
+    restart: on-failure
+    volumes:
+      - type: volume
+        source: db_data
+        target: /var/lib/mysql
+  php:
+    build:
+      context: .
+      dockerfile: ./php/Dockerfile
+      target: php-prod
+    restart: on-failure
+    volumes:
+      - type: volume
+        source: crm_data
+        target: /var/www/html
+  nginx:
+    build:
+      context: .
+      dockerfile: ./nginx/Dockerfile
+      target: nginx
+    depends_on:
+      - php
+    restart: on-failure
+    volumes_from:
+      - php:rw
+  cron:
+    build:
+      context: ./cron
+    deploy:
+      restart_policy:
+        condition: on-failure
+        delay: 60s
+    volumes_from:
+      - php:ro
+    depends_on:
+      - nginx
+
+volumes:
+  crm_data:
+  db_data:
+  caddy_data:
+  caddy_config:

mariadb/99-docker-overlay.cnf

@@ -0,0 +1,3 @@
+[mariadb]
+innodb_lock_wait_timeout = 600
+table_definition_cache = 2400

mariadb/Dockerfile

@@ -0,0 +1,3 @@
+FROM mariadb:lts
+COPY ./mariadb/99-docker-overlay.cnf /etc/mysql/conf.d
+RUN chmod 444 /etc/mysql/conf.d/99-docker-overlay.cnf

nginx/Dockerfile

@@ -0,0 +1,12 @@
+FROM nginx:stable AS nginx
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+RUN apt-get update && \
+  apt-get install --no-install-recommends -y \
+  nginx-extras \
+  && apt-get clean \
+  && rm -rf /etc/nginx/conf.d/* /etc/nginx/sites-enabled/* /var/lib/apt/lists/*
+
+COPY ./YetiForceCRM/tests/setup/nginx/yetiforce.conf /etc/nginx/yetiforce.conf
+COPY ./nginx/docker.conf /etc/nginx/conf.d/default.conf

nginx/docker.conf

@@ -0,0 +1,60 @@
+##############################################
+#  Best configuration for YetiForceCRM       #
+#  Created by [email protected]   #
+#  Modified to work with Docker              #
+##############################################
+# HTTP
+server {
+	listen 80 default_server;
+	server_name localhost;
+	root /var/www/html/public_html;
+	index index.php index.html;
+    #return 301 https://$server_name$request_uri;
+
+	## Configuration for YetiForceCRM
+    include /etc/nginx/yetiforce.conf;
+
+	## Logs
+	error_log /var/log/nginx/localhost_error.log warn;
+	access_log /var/log/nginx/localhost_access.log;
+
+	##########################
+	##       SabreDAV       ##
+	##########################
+	rewrite ^/.well-known/caldav /dav.php redirect;
+	rewrite ^/.well-known/carddav /dav.php redirect;
+
+	location ~ ^(.+\.php)(.*)$ {
+		try_files $fastcgi_script_name = 404;
+		include /etc/nginx/fastcgi_params;
+		fastcgi_split_path_info ^(.+\.php)(.*)$;
+		fastcgi_pass php:9000;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		fastcgi_param PATH_INFO        $fastcgi_path_info;
+		fastcgi_send_timeout 600;
+		fastcgi_read_timeout 600;
+		keepalive_timeout 600;
+		proxy_connect_timeout 600;
+		proxy_send_timeout 600;
+		proxy_read_timeout 600;
+	}
+
+	##########################
+	##          PHP         ##
+	##########################
+	location ~ \.php$ {
+		try_files $uri =404;
+		include /etc/nginx/fastcgi_params;
+		fastcgi_split_path_info ^(.+\.php)(/.+)$;
+		fastcgi_pass php:9000;
+		fastcgi_index index.php;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		fastcgi_param PATH_INFO $fastcgi_path_info;
+		fastcgi_send_timeout 600;
+		fastcgi_read_timeout 600;
+		keepalive_timeout 600;
+		proxy_connect_timeout 600;
+		proxy_send_timeout 600;
+		proxy_read_timeout 600;
+	}
+}

php/Dockerfile

@@ -0,0 +1,68 @@
+FROM php:8.0-fpm AS php-base
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+RUN apt-get update && apt-get install --no-install-recommends -y \
+  imagemagick \
+  libc-client-dev \
+  libcurl4-openssl-dev \
+  libkrb5-dev \
+  libldap-dev \
+  libmagickwand-dev \
+  libpng-dev \
+  libxml2-dev \
+  libzip-dev  \
+  unixodbc-dev \
+  zlib1g-dev \
+  && docker-php-ext-configure imap --with-kerberos --with-imap-ssl \
+  && docker-php-ext-install -j8 imap pdo_mysql curl gd xml zip soap iconv intl bcmath sockets exif ldap opcache \
+  && apt-get clean \
+  && printf "\n" | pecl install imagick \
+  && docker-php-ext-enable imagick \
+  && printf "\n" | pecl install apcu \
+  && docker-php-ext-enable apcu \
+  && pecl install pdo_sqlsrv \
+  && docker-php-ext-enable pdo_sqlsrv \
+  && pecl cache-clear \
+  && rm -rf /tmp/pear
+
+FROM node:18-alpine AS build-yarn
+
+RUN apk add --no-cache git
+
+COPY ./YetiForceCRM /opt/YetiForceCRM
+WORKDIR /opt/YetiForceCRM
+RUN --mount=type=cache,target=/root/.yarn YARN_CACHE_FOLDER=/root/.yarn rm .git && yarn install --modules-folder "./public_html/libraries" --ignore-optional --production=true
+WORKDIR /opt/YetiForceCRM/public_html/src
+RUN --mount=type=cache,target=/root/.yarn YARN_CACHE_FOLDER=/root/.yarn yarn install --ignore-optional --production=true
+
+
+FROM php-base AS build-composer
+
+RUN php -r "copy('https://raw.githubusercontent.com/composer/getcomposer.org/70527179915d55b3811bebaec55926afd331091b/web/installer', 'composer-setup.php');" \
+  && php -r "if (hash_file('sha384', 'composer-setup.php') === 'e21205b207c3ff031906575712edab6f13eb0b361f2085f1f1237b7126d785e826a450292b6cfd1d64d92e6563bbde02') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" \
+  && php composer-setup.php \
+  && php -r "unlink('composer-setup.php');" \
+  && mv composer.phar /usr/local/bin/composer
+
+COPY --from=build-yarn /opt/YetiForceCRM /opt/YetiForceCRM
+WORKDIR /opt/YetiForceCRM
+RUN --mount=type=cache,target=/root/.composer/cache composer --no-interaction install --no-dev
+
+FROM php-base AS php-prod
+
+RUN cp "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
+COPY ./YetiForceCRM/tests/setup/php/prod.ini /usr/local/etc/php/conf.d
+COPY ./php/docker-config.ini /usr/local/etc/php/conf.d
+COPY ./php/fpm.conf /usr/local/etc/php-fpm.d/zzz-docker.conf
+
+WORKDIR /var/www/html
+COPY --from=build-composer --chown=www-data:www-data --chmod=644 /opt/YetiForceCRM/ /var/www/html
+RUN install -owww-data -gwww-data -m755 -d config/Modules && find . -type d -exec chown www-data:www-data -- {} \+ && find . -type d -exec chmod 755 -- {} \+
+
+FROM php-base AS php-dev
+
+RUN cp "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
+COPY ./YetiForceCRM/tests/setup/php/dev.ini /usr/local/etc/php/conf.d
+COPY ./php/docker-config.ini /usr/local/etc/php/conf.d
+COPY ./php/fpm.conf /usr/local/etc/php-fpm.d/zzz-docker.conf

php/docker-config.ini

@@ -0,0 +1 @@
+session.cookie_samesite="Strict"

php/fpm.conf

@@ -0,0 +1,10 @@
+[www]
+
+env[PROVIDER] = docker
+php_admin_value[error_log] = /var/log/php/fpm_yfprod_error.log
+php_admin_value[open_basedir] = /var/www/html/:/tmp/:/var/tmp/:/etc/nginx/ssl/:/etc/ssl/:/usr/bin/gpg:/usr/bin/gpg-agent:/usr/bin/gpgconf
+clear_env = no
+request_terminate_timeout = 600
+pm.process_idle_timeout = 600s;
+pm.max_requests = 5000
+catch_workers_output = yes