intial commit

2023-11-26 17:20:07 +01:00 · 2023-11-26 17:20:07 +01:00 · a0b5ec1596
commit a0b5ec1596
parent 4315503c37
10 changed files with 477 additions and 1 deletions
--- a/.env.sample
+++ b/.env.sample
@ -0,0 +1,15 @@
+MYSQL_ROOT_PASSWORD=PASSWORD
+
+MYSQL_DATABASE=yourls
+MYSQL_USER=DATABASEUSER
+MYSQL_PASSWORD=DATABASEPASSWORD
+
+PROJECT_URL=yourls.localhost
+PROJECT_NAME=sample
+
+TRAEFIK_NETWORK=traefik_net
+
+PROJECT_DATA=./data
+
+ADMIN_PASSWORD=admin
+ADMIN_USERNAME=admin
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,5 @@
+.env
+
+data
+plugins
+html
--- a/9
+++ b/9
@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) 2023 docker
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/README.md
+++ b/README.md
@ -1,2 +1,34 @@
-# traefik_yourls
+# traefik yourls

+## get started
+
+you will need a .env file
+
+sample .env:
+
+    # .env
+
+	MYSQL_ROOT_PASSWORD=PASSWORD
+
+	MYSQL_DATABASE=yourls
+	MYSQL_USER=DATABASEUSER
+	MYSQL_PASSWORD=DATABASEPASSWORD
+
+	PROJECT_URL=yourls.localhost
+	PROJECT_NAME=sample
+
+	TRAEFIK_NETWORK=traefik_net
+
+	PROJECT_DATA=./data
+
+	ADMIN_PASSWORD=admin
+	ADMIN_USERNAME=admin
+
+
+then execute init with
+
+    ./init
+
+
+now the yourls backend is accessable: https://${PROJECT_URL}/admin
+if you use the sample .env: https://yourls.localhost/admin
--- a/9
+++ b/9
@ -0,0 +1,9 @@
+#! /bin/bash
+
+source ./.env
+
+while IFS='' read -r a; do
+   a="${a//'PROJECTURL'/$PROJECT_URL}"
+   a="${a//'PROJECTNAME'/$PROJECT_NAME}"
+   echo $a
+done < ./nginx-conf/nginx.conf.dummy > ./nginx-conf/nginx.conf
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,89 @@
+version: '1'
+
+networks:
+  default:
+    name: "${PROJECT_NAME}_yourls_db_net"
+    external: false
+  be:
+    name: "${PROJECT_NAME}_yourls_net"
+    external: false
+  traefik:
+    name: "${TRAEFIK_NETWORK}"
+    external: true
+
+services:
+  webserver:
+    image: "nginx:alpine"
+    depends_on:
+      - "yourls"
+    container_name: "${PROJECT_NAME}_yourls_web"
+    hostname: "${PROJECT_URL}"
+    restart: "unless-stopped"
+    volumes:
+      - "yourls:/var/www/html"
+      - "./plugins:/var/www/html/user/plugins"
+      - "./html/frontend:/var/www/html/frontend"
+      - "./html/index.php:/var/www/html/index.php"
+      - "./nginx-conf:/etc/nginx/conf.d"
+      - "./php-conf:/usr/local/etc/php"
+    networks:
+      - "traefik"
+      - "be"
+    labels:
+      # Watchtower add to auto update
+      - "com.centurylinklabs.watchtower.enable=true"
+      # traefik
+      - "traefik.enable=true"
+      - "traefik.docker.network=${TRAEFIK_NETWORK}"
+      - "traefik.http.routers.${PROJECT_NAME}_yourls.rule=Host(`${PROJECT_URL}`)"
+      - "traefik.http.routers.${PROJECT_NAME}_yourls.entrypoints=websecure"
+      - "traefik.http.routers.${PROJECT_NAME}_yourls.tls=true"
+      - "traefik.http.services.${PROJECT_NAME}_yourls.loadbalancer.server.port=80"
+
+  yourls:
+    image: "yourls:fpm-alpine"
+    container_name: "${PROJECT_NAME}_yourls_fpm"
+    restart: "unless-stopped"
+    networks:
+      - "be"
+      - "default"
+    volumes:
+      - "yourls:/var/www/html"
+      - "./plugins:/var/www/html/user/plugins"
+      - "./html/index.php:/var/www/html/index.php"
+      - "./html/frontend:/var/www/html/frontend"
+      - "./php-conf/php.ini:/usr/local/etc/php/php.ini:ro"
+    environment:
+      - "YOURLS_SITE=https://${PROJECT_URL}"
+      - "YOURLS_USER=${ADMIN_USERNAME}"
+      - "YOURLS_PASS=${ADMIN_PASSWORD}"
+      - "YOURLS_DB_HOST=${PROJECT_NAME}_yourls_db"
+      - "YOURLS_DB_USER=${MYSQL_USER}"
+      - "YOURLS_DB_PASS=${MYSQL_PASSWORD}"
+      - "YOURLS_DB_NAME=${MYSQL_DATABASE}"
+      - "YOURLS_PRIVATE=true"
+      - "YOURLS_COOKIEKEY=ae4bdjkDewdso7Ffio23893jUu"
+    labels:
+      # Watchtower add to auto update
+      - "com.centurylinklabs.watchtower.enable=true"
+      # traefik
+      - "traefik.enable=false"
+  db:
+    image: "mariadb:latest"
+    container_name: "${PROJECT_NAME}_yourls_db"
+    hostname: "${PROJECT_URL}"
+    restart: "unless-stopped"
+    command: '--default-authentication-plugin=mysql_native_password'
+    env_file: ".env"
+    networks:
+      - "default"
+    volumes: 
+      - "${PROJECT_DATA}/${PROJECT_NAME}-yourls/db:/var/lib/mysql"
+    labels:
+      # Watchtower add to auto update
+      - "com.centurylinklabs.watchtower.enable=true"
+      # traefik
+      - "traefik.enable=false"
+volumes:
+  yourls:
+    name: "${PROJECT_NAME}_yourls"
--- a/11
+++ b/11
@ -0,0 +1,11 @@
+#!/bin/bash
+
+source ./.env
+source ./create_config
+
+mkdir -p ${PROJECT_DATA}/frontend
+mkdir -p ${PROJECT_DATA}/plugins
+
+docker network create $TRAEFIK_NETWORK
+
+docker compose up -d
--- a/nginx-conf/nginx.conf
+++ b/nginx-conf/nginx.conf
@ -0,0 +1,54 @@
+# nginx.conf
+
+server {
+listen 80;
+listen [::]:80;
+
+server_name yourls.localhost;
+
+index index.php index.html index.htm;
+
+allow all;
+root /var/www/html;
+
+add_header X-Frame-Options "SAMEORIGIN" always;
+add_header X-XSS-Protection "1; mode=block" always;
+add_header X-Content-Type-Options "nosniff" always;
+add_header Referrer-Policy "no-referrer-when-downgrade" always;
+add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+
+try_files $uri $uri/ @rewrite;
+location @rewrite {
+rewrite ^/([\w-]+\+?)/?$ /yourls-loader.php?id=$1 last;
+}
+
+location /. {
+return 404;
+}
+
+location ~ \.php$ {
+try_files $uri =404;
+fastcgi_split_path_info ^(.+\.php)(/.+)$;
+fastcgi_pass devaltogether_yourls_fpm:9000;
+fastcgi_index index.php;
+include fastcgi_params;
+fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+fastcgi_param PATH_INFO $fastcgi_path_info;
+}
+
+location ~ /\.ht {
+deny all;
+}
+
+location = /favicon.ico {
+log_not_found off; access_log off;
+}
+location = /robots.txt {
+log_not_found off; access_log off; allow all;
+}
+location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
+expires max;
+log_not_found off;
+}
+
+}
--- a/nginx-conf/nginx.conf.dummy
+++ b/nginx-conf/nginx.conf.dummy
@ -0,0 +1,54 @@
+# nginx.conf
+
+server {
+        listen 80;
+        listen [::]:80;
+
+        server_name PROJECTURL;
+
+        index index.php index.html index.htm;
+
+        allow all;
+        root /var/www/html;
+
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header Referrer-Policy "no-referrer-when-downgrade" always;
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+
+        try_files $uri $uri/ @rewrite;
+        location @rewrite {
+                rewrite ^/([\w-]+\+?)/?$ /yourls-loader.php?id=$1 last;
+        }
+
+        location /. {
+            return 404;
+        }
+
+        location ~ \.php$ {
+                try_files $uri =404;
+                fastcgi_split_path_info ^(.+\.php)(/.+)$;
+                fastcgi_pass PROJECTNAME_yourls_fpm:9000;
+                fastcgi_index index.php;
+                include fastcgi_params;
+                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+                fastcgi_param PATH_INFO $fastcgi_path_info;
+        }
+
+        location ~ /\.ht {
+                deny all;
+        }
+        
+        location = /favicon.ico { 
+                log_not_found off; access_log off; 
+        }
+        location = /robots.txt { 
+                log_not_found off; access_log off; allow all; 
+        }
+        location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
+                expires max;
+                log_not_found off;
+        }
+        
+}
--- a/php-conf/php.ini
+++ b/php-conf/php.ini
@ -0,0 +1,198 @@
+# php.ini
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; php.ini reference: https://git.php.net/?p=php-src.git;a=blob_plain;f=php.ini-production;hb=refs/heads/PHP-7.0  ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+[PHP]
+engine = On
+short_open_tag = Off
+precision = 14
+output_buffering = 4096
+zlib.output_compression = Off
+implicit_flush = Off
+unserialize_callback_func =
+serialize_precision = 17
+disable_functions =
+disable_classes =
+zend.enable_gc = On
+expose_php = Off
+; Resource Limits ;
+max_execution_time = 600
+request_terminate_timeout = 0
+max_input_time = -1
+;max_input_nesting_level = 64
+max_input_vars = 5000
+memory_limit = 1024M
+; Error handling and logging ;
+error_reporting = E_ALL
+display_errors = On
+display_startup_errors = On
+log_errors = On
+log_errors_max_len = 1024
+ignore_repeated_errors = Off
+ignore_repeated_source = Off
+report_memleaks = On
+;xmlrpc_errors = 0
+;xmlrpc_error_number = 0
+html_errors = On
+; Data Handling ;
+variables_order = "EGPCS"
+request_order = "GP"
+register_argc_argv = Off
+auto_globals_jit = On
+post_max_size = 12M
+auto_prepend_file =
+auto_append_file =
+default_mimetype = "text/html"
+default_charset = "UTF-8"
+; Paths and Directories ;
+doc_root =
+user_dir =
+enable_dl = Off
+cgi.fix_pathinfo=1
+; File Uploads ;
+file_uploads = On
+upload_max_filesize = 12M
+max_file_uploads = 20
+; Fopen wrappers ;
+allow_url_fopen = On
+allow_url_include = Off
+default_socket_timeout = 60
+;auto_detect_line_endings = Off
+; Dynamic Extensions ;
+
+[CLI Server]
+cli_server.color = On
+
+[Date]
+date.timezone = UTC
+
+[Pdo_mysql]
+pdo_mysql.cache_size = 2000
+pdo_mysql.default_socket=
+
+[mail function]
+SMTP = localhost
+smtp_port = 25
+mail.add_x_header = On
+sendmail_path="/usr/local/bin/mailhog sendmail test@example.org --smtp-addr 127.0.0.1:1025"
+
+[SQL]
+sql.safe_mode = Off
+
+[ODBC]
+odbc.allow_persistent = On
+odbc.check_persistent = On
+odbc.max_persistent = -1
+odbc.max_links = -1
+odbc.defaultlrl = 4096
+odbc.defaultbinmode = 1
+
+[Interbase]
+ibase.allow_persistent = 1
+ibase.max_persistent = -1
+ibase.max_links = -1
+ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
+ibase.dateformat = "%Y-%m-%d"
+ibase.timeformat = "%H:%M:%S"
+
+[MySQLi]
+mysqli.max_persistent = -1
+mysqli.allow_persistent = On
+mysqli.max_links = -1
+mysqli.cache_size = 2000
+mysqli.default_port = 3306
+mysqli.default_socket =
+mysqli.default_host =
+mysqli.default_user =
+mysqli.default_pw =
+mysqli.reconnect = Off
+
+[mysqlnd]
+mysqlnd.collect_statistics = On
+mysqlnd.collect_memory_statistics = Off
+
+[PostgreSQL]
+pgsql.allow_persistent = On
+pgsql.auto_reset_persistent = Off
+pgsql.max_persistent = -1
+pgsql.max_links = -1
+pgsql.ignore_notice = 0
+pgsql.log_notice = 0
+
+[bcmath]
+bcmath.scale = 0
+
+[Session]
+session.save_handler = files
+session.use_strict_mode = 0
+session.use_cookies = 1
+session.use_only_cookies = 1
+session.name = PHPSESSID
+session.auto_start = 0
+session.cookie_lifetime = 0
+session.cookie_path = /
+session.cookie_domain =
+session.cookie_httponly =
+session.serialize_handler = php
+session.gc_probability = 0
+session.gc_divisor = 1000
+session.gc_maxlifetime = 1440
+session.referer_check =
+session.cache_limiter = nocache
+session.cache_expire = 180
+session.use_trans_sid = 0
+session.hash_function = 0
+session.hash_bits_per_character = 5
+url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+[Assertion]
+zend.assertions = -1
+
+[Tidy]
+tidy.clean_output = Off
+
+[soap]
+soap.wsdl_cache_enabled=1
+soap.wsdl_cache_dir="/tmp"
+soap.wsdl_cache_ttl=86400
+soap.wsdl_cache_limit = 5
+
+
+[ldap]
+ldap.max_links = -1
+
+[opcache]
+opcache.enable=1
+opcache.enable_cli=1
+opcache.memory_consumption=500
+opcache.interned_strings_buffer=16
+opcache.max_accelerated_files=1000000
+;opcache.max_wasted_percentage=5
+;opcache.use_cwd=1
+opcache.validate_timestamps=1
+opcache.revalidate_freq=0
+;opcache.revalidate_path=0
+;opcache.save_comments=1
+opcache.fast_shutdown=1
+;opcache.enable_file_override=0
+;opcache.optimization_level=0xffffffff
+;opcache.inherited_hack=1
+;opcache.dups_fix=0
+;opcache.blacklist_filename=
+;opcache.max_file_size=0
+;opcache.consistency_checks=0
+;opcache.force_restart_timeout=180
+;opcache.error_log=
+;opcache.log_verbosity_level=1
+;opcache.preferred_memory_model=
+;opcache.protect_memory=0
+;opcache.restrict_api=
+;opcache.mmap_base=
+;opcache.file_cache=
+;opcache.file_cache_only=0
+;opcache.file_cache_consistency_checks=1
+;opcache.file_cache_fallback=1
+;opcache.huge_code_pages=1
+;opcache.validate_permission=0
+;opcache.validate_root=0