-
-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathDockerfile.cdn
More file actions
158 lines (121 loc) · 6.1 KB
/
Dockerfile.cdn
File metadata and controls
158 lines (121 loc) · 6.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
# syntax=ghcr.io/khs1994-docker/docker.io/docker/dockerfile-upstream:master-labs
# 此 Dockerfile 使用了多阶段构建,同时构建了 PHP 及 NGINX 两个镜像
#
# @link https://docs.docker.com/engine/reference/builder/
# @link https://docs.docker.com/develop/develop-images/multistage-build/
# @link https://laravel-news.com/multi-stage-docker-builds-for-laravel
#
# 只有 git 打了 tag 才能将对应的镜像部署到生产环境
#
# 为了方便读者阅读没有引入过多的变量,实际使用时可以将公共的部分用变量代替
#
# !! 搜索 /app/laravel-docker 替换为自己的项目目录 !!
# 此 Dockerfile 专为 CI 环境设计(国外),请通过 --build-arg ARG=value 设置国内镜像
#
# $ docker buildx build --target=laravel --load -t khs1994/laravel:10 -f Dockerfile.cdn --build-arg NODE_REGISTRY=https://registry.npmmirror.com --build-arg CI=false .
ARG PHP_VERSION=8.4.11
ARG NGINX_VERSION=1.29.1-alpine
ARG DOCKER_HUB_USERNAME=ghcr.io/khs1994
# 2.安装 composer 依赖
FROM ${DOCKER_HUB_USERNAME}/php:8.4.11-composer-alpine as composer
# COPY composer.json composer.lock /app/
COPY composer.json /app/
COPY database/ /app/database/
ARG CI=true
RUN --mount=type=cache,target=/tmp,id=laravel_caches \
set -x && cd /app \
# && composer config -g repos.packagist composer https://mirrors.aliyun.com/composer/ \
&& composer config -g repos.packagist composer https://mirrors.cloud.tencent.com/composer/ \
&& if [ $CI = 'true' ];then composer config -g --unset repos.packagist; fi \
&& composer install --no-dev \
--ignore-platform-reqs \
--prefer-dist \
--no-interaction \
--no-scripts \
--no-plugins \
--optimize-autoloader
# 1.前端构建,并上传到 CDN
FROM ghcr.io/khs1994-docker/docker.io/library/node:${NODE_VERSION:-20.5.1}-alpine as frontend
ARG NODE_REGISTRY=https://registry.npmjs.org
# COPY package.json vite.config.js yarn.lock /app/
# COPY package.json vite.config.js package-lock.json /app/
COPY package.json /app/
RUN --mount=type=cache,target=/app/node_modules,id=laravel-docker_node_modules \
--mount=type=cache,target=/root/.npm,id=npm_caches \
set -x ; cd /app \
# && yarn install \
&& npm install --registry=${NODE_REGISTRY}
COPY resources/ /app/resources/
COPY vite.config.js tailwind.config.js postcss.config.js /app/
RUN --mount=type=cache,target=/app/node_modules,id=laravel-docker_node_modules \
--mount=type=bind,from=composer,source=/app/vendor,target=/app/vendor \
set -x ; cd /app \
&& mkdir -p public \
# && yarn production \
&& npm run build
FROM minio/mc as frontend-assets-uploader
COPY --from=frontend /app/public/build/ /app/laravel-docker/public/build/
# 上传密钥等变量设置
# 这里为了方便直接给出默认值,实际使用时请通过 --build-arg 传递
ARG ACCESS_KEY_ID=minioadmin
ARG SECRET_ACCESS_KEY=minioadmin
ARG CDN_HOST=https://minio.local
ARG CDN_BUCKET=laravel-docker
RUN set -x \
# 如果域名能通过 DNS 解析则 mc 不会使用 /etc/hosts
&& mc --insecure config host add minio ${CDN_HOST} $ACCESS_KEY_ID $SECRET_ACCESS_KEY \
&& mc config host list minio \
&& mc --insecure mb --ignore-existing minio/${CDN_BUCKET} \
&& mc --insecure mirror --overwrite /app/laravel-docker/public/build \
minio/${CDN_BUCKET}/frontend-assets/build/ \
# && mc --insecure ls -r minio/${CDN_BUCKET}/frontend-assets \
&& mc --insecure policy set public minio/${CDN_BUCKET}
# 3.将项目打入 PHP 镜像
# $ docker build -t khs1994/laravel:TAG --target=laravel .
FROM ${DOCKER_HUB_USERNAME}/php:${PHP_VERSION}-s6-alpine as laravel
COPY . /app/laravel-docker/
COPY --from=composer /app/vendor/ /app/laravel-docker/vendor/
# 不从 frontend 复制是为了触发 frontend-assets-uploader
COPY --from=frontend-assets-uploader /app/laravel-docker/public/build/manifest.json /app/laravel-docker/public/build/manifest.json
VOLUME /app/laravel-docker/storage/framework/views
VOLUME /app/laravel-docker/bootstrap/cache
ENTRYPOINT [ "sh", "/app/laravel-docker/.docker/docker-entrypoint.sh" ]
CMD ["php-fpm", "-R", "-F"]
# rootless 镜像
FROM ${DOCKER_HUB_USERNAME}/php:${PHP_VERSION}-s6-alpine as laravel-rootless
ARG CI=true
# https://github.com/gliderlabs/docker-alpine/issues/381
RUN set -x; \
if ! [ "$CI" = 'true' ];then \
sed -i "s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g" /etc/apk/repositories; \
fi \
&& apk add --no-cache dcron libcap \
&& chown www-data:www-data /usr/sbin/crond \
&& setcap cap_setgid=ep /usr/sbin/crond
RUN --mount=type=bind,target=/tmp/build-context,ro \
--mount=type=cache,from=laravel,source=/app/laravel-docker,target=/tmp/laravel-docker,ro \
set -x \
&& cp -a /tmp/build-context/. /app/laravel-docker/ \
&& cp -a /tmp/laravel-docker/. /app/laravel-docker/ \
\
&& chmod -R +x /app/laravel-docker/.docker-rootless/s6 \
&& mkdir -p /app/laravel-docker/storage/app \
/app/laravel-docker/storage/framework/views \
&& chown -R www-data:www-data /app/laravel-docker/public \
/app/laravel-docker/.docker-rootless/s6 \
&& chown www-data:www-data \
/app/laravel-docker/bootstrap/cache \
/app/laravel-docker/storage/app \
/app/laravel-docker/storage/framework/views \
\
&& echo 'rootless' > /app/laravel-docker/storage/app/rootless.txt
USER www-data
ENTRYPOINT [ "sh", "/app/laravel-docker/.docker-rootless/docker-entrypoint.sh" ]
# 4.将 PHP 项目打入 NGINX 镜像
# Nginx 配置文件统一通过 configs 管理,严禁将配置文件打入镜像
# $ docker build -t khs1994/laravel:TAG-nginx .
FROM ghcr.io/khs1994-docker/docker.io/library/nginx:${NGINX_VERSION} as nginx
COPY --from=laravel /app/laravel-docker/public /app/laravel-docker/public
ADD https://raw.githubusercontent.com/khs1994-docker/lnmp-nginx-conf-demo/master/wait-for-php.sh /wait-for-php.sh
RUN set -x ; rm -rf /etc/nginx/conf.d
ENTRYPOINT ["sh", "/wait-for-php.sh"]