nginx-api:
container_name: epsyteam.nginx-api
restart: always
build:
context: docker/nginx/dev/nginx-api
dockerfile: Dockerfile
ports:
- 127.0.0.105:8900:80
depends_on:
- app
expose:
- 80
networks:
- api
environment:
TZ: "Europe/Moscow"
0 - cd /var/www/epsyteam/data/epsy-api
0 - /usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml kill
0 - /usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml up -d --build --force-recreate
Step 1/11 : FROM php:7.4-fpm
- ---> d7f856a7dcc7
- Step 2/11 : RUN mkdir -p /www && mkdir -p /www/var/log && mkdir -p /www/var/cache && mkdir -p /www/media
- ---> Using cache
- ---> 4ce24ac36f25
- Step 3/11 : WORKDIR /www
- ---> Using cache
- ---> 7c8511479131
- Step 4/11 : ADD https://raw.githubusercontent.com/mlocati/docker-php-extension-installer/master/install-php-extensions /usr/local/bin/
-
- ---> Using cache
- ---> a2960884a995
- Step 5/11 : RUN chmod uga+x /usr/local/bin/install-php-extensions && sync
- ---> Using cache
- ---> cfffd7959d2b
- Step 6/11 : RUN DEBIAN_FRONTEND=noninteractive apt-get update -q && DEBIAN_FRONTEND=noninteractive apt-get install -qq -y curl git zip unzip && install-php-extensions bcmath bz2 calendar exif gd intl ldap mysqli opcache pdo_mysql xsl zip sockets && docker-php-ext-enable sockets
- ---> Using cache
- ---> 4a4b3f29f752
- Step 7/11 : RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && ln -s $(composer config --global home) /root/composer
- ---> Using cache
- ---> 4cb6f6d6e409
- Step 8/11 : ENV PATH=$PATH:/root/composer/vendor/bin COMPOSER_ALLOW_SUPERUSER=1
- ---> Using cache
- ---> 47e06306dc5d
- Step 9/11 : RUN composer global require hirak/prestissimo
- ---> Using cache
- ---> 8d572e613a5b
- Step 10/11 : COPY . .
- ---> Using cache
- ---> 31295ba4456b
- Step 11/11 : RUN chmod -R 777 /www/var && rm -Rf /www/config/packages && rm -Rf /www/config/routes && rm -f /www/config/*.yaml && rm -f /www/config/bundles.php && chmod -R 777 /www/media
- ---> Using cache
- ---> cc8c0b600b47
-
- Successfully built cc8c0b600b47
- Successfully tagged epsy-api_app:latest
- Step 1/2 : FROM redis
- ---> 50541622f4f1
- Step 2/2 : CMD [ "redis-server"]
- ---> Using cache
- ---> 9cd447028d3e
-
- Successfully built 9cd447028d3e
- Successfully tagged epsy-api_redis:latest
- Step 1/6 : FROM nginx:latest
- ---> 8cf1bfb43ff5
- Step 2/6 : COPY nginx.conf /etc/nginx/nginx.conf
- ---> Using cache
- ---> c05f0be18b73
- Step 3/6 : COPY fastcgi.conf /etc/nginx/fastcgi.conf
- ---> Using cache
- ---> d9fead834675
- Step 4/6 : COPY vhost.conf /etc/nginx/sites-enabled/vhost.conf
- ---> Using cache
- ---> a4b302ea99bb
- Step 5/6 : EXPOSE 80
- ---> Using cache
- ---> 74723d58b6cb
- Step 6/6 : CMD ["nginx", "-g", "daemon off;"]
- ---> Using cache
- ---> 73d57730470e
-
- Successfully built 73d57730470e
- Successfully tagged epsy-api_nginx-api-admin:latest
- Step 1/6 : FROM nginx:latest
- ---> 8cf1bfb43ff5
- Step 2/6 : COPY nginx.conf /etc/nginx/nginx.conf
- ---> Using cache
- ---> a2cf5bde9c8a
- Step 3/6 : COPY fastcgi.conf /etc/nginx/fastcgi.conf
- ---> Using cache
- ---> 0a0ba4e8b2fa
- Step 4/6 : COPY vhost.conf /etc/nginx/sites-enabled/vhost.conf
- ---> Using cache
- ---> 7582b4e2710c
- Step 5/6 : EXPOSE 80
- ---> Using cache
- ---> 607907859a8c
- Step 6/6 : CMD ["nginx", "-g", "daemon off;"]
- ---> Using cache
- ---> 800f00d22d9e
-
- Successfully built 800f00d22d9e
- Successfully tagged epsy-api_nginx-security-server:latest
- Step 1/6 : FROM nginx:latest
- ---> 8cf1bfb43ff5
- Step 2/6 : COPY nginx.conf /etc/nginx/nginx.conf
- ---> Using cache
- ---> c05f0be18b73
- Step 3/6 : COPY fastcgi.conf /etc/nginx/fastcgi.conf
- ---> Using cache
- ---> d9fead834675
- Step 4/6 : COPY vhost.conf /etc/nginx/sites-enabled/vhost.conf
- ---> Using cache
- ---> babcce62cfbc
- Step 5/6 : EXPOSE 80
- ---> Using cache
- ---> 9eb239ddb5d6
- Step 6/6 : CMD ["nginx", "-g", "daemon off;"]
- ---> Using cache
- ---> 479706b28f09
-
- Successfully built 479706b28f09
- Successfully tagged epsy-api_nginx-api:latest
1 - /usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml exec app composer install
1 - /usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml exec app composer dump-env prod
1 - /usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml exec app php bin/console doctrine:schema:update --dump-sql --force
но exec по-любому "ждет",
<?php
define('GITHUB_SECRET', '**************');
set_time_limit(3600);
header('Content-Type', 'text/plain');
// Ensure signature exists
if (!isset($_SERVER['HTTP_X_HUB_SIGNATURE'])) {
http_response_code(403);
die('Missing signature');
}
// Ensure that signature is formed as expected
$signature = explode('=', $_SERVER['HTTP_X_HUB_SIGNATURE']);
if (2 !== count($signature)) {
http_response_code(400);
die('Malformed signature');
}
// Parse signature
$algos = hash_algos();
list($algo, $hash) = $signature;
if (!in_array($algo, $algos)) {
http_response_code(400);
die("Unknown hashing algo: $algo");
}
// Load payload
$payload = file_get_contents('php://input');
// Check signature
$expectedHash = hash_hmac($algo, $payload, GITHUB_SECRET);
if ($expectedHash !== $hash) {
http_response_code(403);
die('Invalid signature');
}
// Parse data
$data = json_decode($payload, true);
// Configure commands
$commands = [
"epsy-me/epsy-api" => [
"cd /var/www/epsyteam/data/epsy-api",
"git reset --hard > /dev/null",
"git pull origin develop > /dev/null",
"/usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml kill > /dev/null",
"/usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml up -d --build --force-recreate > /dev/null",
"/usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml exec app composer install > /dev/null",
"/usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml exec app composer dump-env prod > /dev/null",
"/usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml exec app php bin/console doctrine:schema:update --dump-sql --force > /dev/null"
]
];
// Run
$repo = $data['repository']['full_name'];
if (isset($commands[$repo])) {
$command = implode('; ', $commands[$repo]);
$output = [];
exec($command, $output, $returnCode);
$message = $repo .
"\n================================================\n" .
implode("\n — ", $output) .
"\n------------------------------------------------\n" .
implode("\n — ", $commands[$repo]) .
"\n------------------------------------------------\n" .
$command;
mailTo("dev@epsy.me", $message, "EPSY DEPLOYMENT");
} else {
http_response_code(400);
$message = "Repository not configured: $repo\n";
mailTo("dev@epsy.me", $message, "EPSY DEPLOYMENT ERROR");
die($message);
}
function mailTo($to, $message, $subject)
{
$headers = "From: dev@epsyteam.ru" . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
}
/usr/local/bin/docker-compose -f /var/www/epsyteam/data/epsy-api/docker-compose-epsyteam.yml kill > /dev/null
// Run
$repo = $data['repository']['full_name'];
if (isset($commands[$repo])) {
$command = implode(' && ', $commands[$repo]);
$outs = [];
foreach($commands[$repo] as $command) {
$output = [];
exec($command, $output, $returnCode);
$outs[] = $command;
$outs[] = "==================================================";
$outs[] = implode("\n - ", $output);
$outs[] = "";
$outs[] = "";
$outs[] = "[ERROR $returnCode]";
$outs[] = "";
}
mailTo("dev@epsy.me", implode("\n", $outs), "EPSY DEPLOYMENT");
file_put_contents("outs.json", json_encode($outs));
} else {
http_response_code(400);
$message = "Repository not configured: $repo\n";
mailTo("dev@epsy.me", $message, "EPSY DEPLOYMENT ERROR");
die($message);
}
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
header('Access-Control-Allow-Origin: http://localhost:3000');
Как реализовать создание пользователей с не базовой ролью в приложении с RBAC?
Классная штука.
Планирую использовать в проектах.
Плюс в том, просто можно сделать не плохой реалтайм.
Ну например в базе что-то поменялось.
Клиенты в курсе и топают за новой порцией данных.