diff --git a/CHANGELOG.md b/CHANGELOG.md index a0e0c56..aa14615 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,12 +7,15 @@ This project adheres to [Semantic Versioning](http://semver.org/). ## [2.2.0](https://github.com/passbolt/passbolt_docker/compare/v2.1.0...v2.2.0) - 2018-08-13 ### Added -- hide nginx and php version [#107](https://github.com/passbolt/passbolt_docker/pull/107) -- Restrict MySQL port access [#109](https://github.com/passbolt/passbolt_docker/pull/109) + +- Added [wait-for-it](https://github.com/vishnubob/wait-for-it) instead of wait for to eliminate netcat dependency ### Changed -- Added [wait-for-it](https://github.com/vishnubob/wait-for-it) instead of wait for to eliminate netcat dependency +- Merged: hide nginx and php version [#107](https://github.com/passbolt/passbolt_docker/pull/107) +- Merged: restrict MySQL port access [#109](https://github.com/passbolt/passbolt_docker/pull/109) +- Supervisor config files split into conf.d/{php.conf,nginx.conf,cron.conf} +- Default stdout logging is more verbose now allowing users to see more details on the requests ## [2.1.0](https://github.com/passbolt/passbolt_docker/compare/v2.0.7...v2.1.0) - 2018-06-14 diff --git a/Dockerfile b/Dockerfile index 7a52f78..5d0e4a7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -79,7 +79,7 @@ RUN apt-get update \ && sed -i 's/# server_tokens/server_tokens/' /etc/nginx/nginx.conf COPY conf/passbolt.conf /etc/nginx/conf.d/default.conf -COPY conf/supervisord.conf /etc/supervisor/supervisord.conf +COPY conf/supervisor/*.conf /etc/supervisor/conf.d/ COPY bin/docker-entrypoint.sh /docker-entrypoint.sh EXPOSE 80 443 diff --git a/conf/passbolt.conf b/conf/passbolt.conf index e20c7a6..7b3f453 100644 --- a/conf/passbolt.conf +++ b/conf/passbolt.conf @@ -12,6 +12,8 @@ server { root /var/www/passbolt/webroot; index index.php; + error_log /dev/stdout info; + access_log /dev/stdout; location / { try_files $uri $uri/ /index.php?$args; @@ -53,6 +55,8 @@ server { root /var/www/passbolt/webroot; index index.php; + error_log /dev/stdout info; + access_log /dev/stdout; location / { try_files $uri $uri/ /index.php?$args; diff --git a/conf/supervisor/cron.conf b/conf/supervisor/cron.conf new file mode 100644 index 0000000..5b6291f --- /dev/null +++ b/conf/supervisor/cron.conf @@ -0,0 +1,8 @@ +[program:cron] +command=cron -f -l +autostart=true +priority=20 +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/conf/supervisor/nginx.conf b/conf/supervisor/nginx.conf new file mode 100644 index 0000000..ea91d89 --- /dev/null +++ b/conf/supervisor/nginx.conf @@ -0,0 +1,8 @@ +[program:nginx] +command=/usr/sbin/nginx -g 'daemon off;' +autostart=true +priority=10 +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/conf/supervisor/php.conf b/conf/supervisor/php.conf new file mode 100644 index 0000000..c008c6b --- /dev/null +++ b/conf/supervisor/php.conf @@ -0,0 +1,8 @@ +[program:php-fpm] +command=php-fpm -F +autostart=true +priority=5 +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 diff --git a/conf/supervisord.conf b/conf/supervisord.conf deleted file mode 100644 index cb90377..0000000 --- a/conf/supervisord.conf +++ /dev/null @@ -1,52 +0,0 @@ -; supervisor config file - -[unix_http_server] -file=/var/run/supervisor.sock ; (the path to the socket file) -chmod=0700 ; sockef file mode (default 0700) - -[supervisord] -logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) -pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) -childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP) - -; the below section must remain in the config file for RPC -; (supervisorctl/web interface) to work, additional interfaces may be -; added by defining them in separate rpcinterface: sections -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[supervisorctl] -serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket - -; The [include] section can just contain the "files" setting. This -; setting can list multiple files (separated by whitespace or -; newlines). It can also contain wildcards. The filenames are -; interpreted as relative to this file. Included files *cannot* -; include files themselves. - -[program:php-fpm] -command=php-fpm -autostart=true -priority=5 -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 - -[program:nginx] -command=nginx -g "daemon off;" -autostart=true -priority=10 -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 - -[program:cron] -command=cron -f -l -autostart=true -priority=20 -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 diff --git a/spec/docker_image/image_spec.rb b/spec/docker_image/image_spec.rb index 59272c6..2152e53 100644 --- a/spec/docker_image/image_spec.rb +++ b/spec/docker_image/image_spec.rb @@ -19,6 +19,11 @@ describe 'Dockerfile' do let(:nginx_conf) { '/etc/nginx/nginx.conf' } let(:php_conf) { '/usr/local/etc/php-fpm.d/expose.conf' } let(:site_conf) { '/etc/nginx/conf.d/default.conf' } + let(:supervisor_conf) do + [ '/etc/supervisor/conf.d/nginx.conf', + '/etc/supervisor/conf.d/php.conf', + '/etc/supervisor/conf.d/cron.conf' ] + end let(:passbolt_home) { '/var/www/passbolt' } let(:passbolt_tmp) { '/var/www/passbolt/tmp' } let(:passbolt_image) { '/var/www/passbolt/webroot/img/public' } @@ -48,6 +53,12 @@ describe 'Dockerfile' do it 'is installed' do expect(package('supervisor')).to be_installed end + + it 'has config files' do + supervisor_conf.each do |config| + expect(file(config)).to exist + end + end end describe 'passbolt directory structure' do