From b06d6e153f80835b81fd64d2b31d720e350a1ac0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Guillot?= <fred@miniflux.net>
Date: Fri, 1 Dec 2017 18:10:55 -0800
Subject: [PATCH] Use Alpine/Nginx/PHP7 for the Docker image

---
 .gitattributes                          |  2 +
 Dockerfile                              | 50 +++++++++---------
 README.markdown                         | 36 +++++--------
 docker-compose.yml                      |  2 +-
 docker/etc/nginx/nginx.conf             | 69 +++++++++++++++++++++++++
 docker/etc/php7/conf.d/local.ini        | 15 ++++++
 docker/etc/php7/php-fpm.conf            | 19 +++++++
 docker/etc/php7/php-fpm.d/env.conf      |  2 +
 docker/etc/services.d/.s6-svscan/finish |  2 +
 docker/etc/services.d/cron/run          |  2 +
 docker/etc/services.d/nginx/run         |  3 ++
 docker/etc/services.d/php/run           |  2 +
 docker/usr/local/bin/entrypoint.sh      |  6 +++
 docker/var/spool/crontabs/nginx         |  1 +
 docs/docker.markdown                    | 14 +----
 hooks/build                             | 15 ++++++
 16 files changed, 179 insertions(+), 61 deletions(-)
 create mode 100644 docker/etc/nginx/nginx.conf
 create mode 100644 docker/etc/php7/conf.d/local.ini
 create mode 100644 docker/etc/php7/php-fpm.conf
 create mode 100644 docker/etc/php7/php-fpm.d/env.conf
 create mode 100755 docker/etc/services.d/.s6-svscan/finish
 create mode 100755 docker/etc/services.d/cron/run
 create mode 100755 docker/etc/services.d/nginx/run
 create mode 100755 docker/etc/services.d/php/run
 create mode 100755 docker/usr/local/bin/entrypoint.sh
 create mode 100644 docker/var/spool/crontabs/nginx
 create mode 100755 hooks/build

diff --git a/.gitattributes b/.gitattributes
index 8609edb..05f84c0 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -15,6 +15,8 @@ data/*.sqlite export-ignore
 scripts export-ignore
 Dockerfile export-ignore
 .travis.yml export-ignore
+hooks export-ignore
+docker export-ignore
 
 # documentation
 **/docs/ export-ignore
diff --git a/Dockerfile b/Dockerfile
index 08c7596..ee62c0f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,28 +1,30 @@
-FROM ubuntu:16.04
+FROM alpine:3.7
 
-RUN apt-get update && \
-    DEBIAN_FRONTEND=noninteractive apt-get install -y \
-    apache2 libapache2-mod-php7.0 php7.0-pgsql php7.0-mysql php7.0-sqlite3 php7.0-xml php7.0-mcrypt \
-    php7.0-opcache php7.0-mcrypt php7.0-mbstring php7.0-json php7.0-curl && \
-    apt-get clean
-
-RUN echo \
-    "ServerName localhost\n" \
-    "<Directory /var/www/html/data/>\n" \
-    "    Deny from all\n" \
-    "</Directory>\n" \
-    "<Directory /var/www/html/data/favicons/>\n" \
-    "    Allow from all\n" \
-    "</Directory>\n" >> /etc/apache2/apache2.conf
-
-COPY . /var/www/html
-
-RUN rm -rf /var/www/html/index.html /var/www/html/data/* && \
-    mkdir /var/www/html/data/favicons && \
-    chown -R www-data:www-data /var/www/html/data
-
-VOLUME /var/www/html/data
+VOLUME /var/www/app/data
 
 EXPOSE 80
 
-CMD /usr/sbin/apache2ctl -D FOREGROUND
+ARG VERSION
+
+RUN apk update && \
+    apk add unzip nginx bash ca-certificates s6 curl php7 php7-phar php7-curl \
+    php7-fpm php7-json php7-zlib php7-xml php7-dom php7-ctype php7-opcache php7-zip php7-iconv \
+    php7-pdo php7-pdo_mysql php7-pdo_sqlite php7-pdo_pgsql php7-mbstring php7-session \
+    php7-gd php7-mcrypt php7-openssl php7-sockets php7-posix php7-ldap php7-simplexml && \
+    rm -rf /var/cache/apk/* && \
+    rm -rf /var/www/localhost && \
+    rm -f /etc/php7/php-fpm.d/www.conf
+
+RUN cd /tmp \
+    && curl -sL -o miniflux.zip https://github.com/miniflux/miniflux/archive/$VERSION.zip \
+    && unzip -qq miniflux.zip \
+    && cd miniflux-* \
+    && cp -R . /var/www/app \
+    && cd /tmp \
+    && rm -rf /tmp/miniflux-* /tmp/*.zip
+
+ADD docker/ /
+
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+CMD []
+
diff --git a/README.markdown b/README.markdown
index 56914ce..2189d98 100644
--- a/README.markdown
+++ b/README.markdown
@@ -3,8 +3,6 @@ Miniflux - Minimalist News Reader
 
 [![Build Status](https://travis-ci.org/miniflux/miniflux.svg?branch=master)](https://travis-ci.org/miniflux/miniflux)
 
-[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/miniflux/miniflux/tree/master)
-
 Miniflux is a minimalist and web-based RSS reader.
 
 Features
@@ -36,17 +34,17 @@ Documentation
 -------------
 
 - [ChangeLog](https://github.com/miniflux/miniflux/blob/master/ChangeLog)
-- [Installation and Requirements](docs/installation.markdown)
-- [Upgrade to a new version](docs/upgrade.markdown)
-- [Cronjob](docs/cronjob.markdown)
-- [Advanced configuration](docs/config.markdown)
-- [Full article download](docs/full-article-download.markdown)
-- [Translations](docs/translations.markdown)
-- [Themes](docs/themes.markdown)
-- [Json-RPC API](docs/json-rpc-api.markdown)
-- [Fever API](docs/fever.markdown)
-- [Run Miniflux with Docker](docs/docker.markdown)
-- [FAQ](docs/faq.markdown)
+- [Installation and Requirements](https://github.com/miniflux/miniflux/blob/master/docs/installation.markdown)
+- [Upgrade to a new version](https://github.com/miniflux/miniflux/blob/master/docs/upgrade.markdown)
+- [Cronjob](https://github.com/miniflux/miniflux/blob/master/docs/cronjob.markdown)
+- [Advanced configuration](https://github.com/miniflux/miniflux/blob/master/docs/config.markdown)
+- [Full article download](https://github.com/miniflux/miniflux/blob/master/docs/full-article-download.markdown)
+- [Translations](https://github.com/miniflux/miniflux/blob/master/docs/translations.markdown)
+- [Themes](https://github.com/miniflux/miniflux/blob/master/docs/themes.markdown)
+- [Json-RPC API](https://github.com/miniflux/miniflux/blob/master/docs/json-rpc-api.markdown)
+- [Fever API](https://github.com/miniflux/miniflux/blob/master/docs/fever.markdown)
+- [Run Miniflux with Docker](https://github.com/miniflux/miniflux/blob/master/docs/docker.markdown)
+- [FAQ](https://github.com/miniflux/miniflux/blob/master/docs/faq.markdown)
 
 License
 -------
@@ -56,14 +54,6 @@ License
 Authors
 -------
 
-- Original author: [Frédéric Guillot](https://github.com/fguillot)
-- [List of contributors](CONTRIBUTORS.md)
+- Original author: Frédéric Guillot
+- [List of contributors](https://github.com/miniflux/miniflux/graphs/contributors)
 
-Related projects
-----------------
-
-External projects build around Miniflux:
-
-- [Miniflux embedded](https://github.com/repat/miniflux-embedded-android) is an Android app for Miniflux. It's basically an embedded WebView that saves your Miniflux URL and cookies. [Download on the Play Store](https://play.google.com/store/apps/details?id=de.repat.embeddedminiflux).
-- [munin-miniflux](https://github.com/dewey/munin-plugins/tree/master/munin-miniflux) is a munin wildcard plugin to draw graphs of your miniflux read and unread count.
-- [List of themes](docs/themes.markdown)
diff --git a/docker-compose.yml b/docker-compose.yml
index ebe70d5..41b2793 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,7 +5,7 @@ services:
     ports:
      - "80:80"
     volumes:
-     - miniflux_data:/var/www/html/data
+     - miniflux_data:/var/www/app/data
 volumes:
   miniflux_data:
     driver: local
diff --git a/docker/etc/nginx/nginx.conf b/docker/etc/nginx/nginx.conf
new file mode 100644
index 0000000..6ba545f
--- /dev/null
+++ b/docker/etc/nginx/nginx.conf
@@ -0,0 +1,69 @@
+user nginx;
+worker_processes 1;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+
+    sendfile           on;
+    tcp_nopush         on;
+    tcp_nodelay        on;
+    keepalive_timeout  65;
+    server_tokens      off;
+    access_log         off;
+    error_log          /dev/stderr;
+
+    server {
+        listen       80;
+        server_name  localhost;
+        index        index.php;
+        root         /var/www/app;
+        client_max_body_size 32M;
+
+        location / {
+            try_files $uri $uri/ /index.php$is_args$args;
+        }
+
+        location ~ \.php$ {
+            try_files $uri =404;
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            fastcgi_pass unix:/var/run/php-fpm.sock;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_index index.php;
+            include fastcgi_params;
+        }
+
+        location ~* ^.+\.(log|sqlite)$ {
+            return 404;
+        }
+
+        location ~ /\.ht {
+            return 404;
+        }
+
+        location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
+            log_not_found off;
+            expires 7d;
+            etag on;
+        }
+
+        gzip on;
+        gzip_comp_level 3;
+        gzip_disable "msie6";
+        gzip_vary on;
+        gzip_types
+            text/javascript
+            application/javascript
+            application/json
+            text/xml
+            application/xml
+            application/rss+xml
+            text/css
+            text/plain;
+    }
+}
diff --git a/docker/etc/php7/conf.d/local.ini b/docker/etc/php7/conf.d/local.ini
new file mode 100644
index 0000000..0c1795f
--- /dev/null
+++ b/docker/etc/php7/conf.d/local.ini
@@ -0,0 +1,15 @@
+expose_php = Off
+error_reporting = E_ALL
+display_errors = Off
+log_errors = On
+error_log = /dev/stderr
+date.timezone = UTC
+allow_url_fopen = On
+post_max_size = 32M
+upload_max_filesize = 32M
+opcache.max_accelerated_files = 7963
+opcache.validate_timestamps = Off
+opcache.save_comments = 0
+opcache.load_comments = 0
+opcache.fast_shutdown = 1
+opcache.enable_file_override = On
diff --git a/docker/etc/php7/php-fpm.conf b/docker/etc/php7/php-fpm.conf
new file mode 100644
index 0000000..86747bb
--- /dev/null
+++ b/docker/etc/php7/php-fpm.conf
@@ -0,0 +1,19 @@
+[global]
+error_log = /proc/self/fd/2
+log_level = error
+daemonize = no
+
+[www]
+catch_workers_output = yes
+user = nginx
+group = nginx
+listen.owner = nginx
+listen.group = nginx
+listen = /var/run/php-fpm.sock
+pm = dynamic
+pm.max_children = 20
+pm.start_servers = 5
+pm.min_spare_servers = 5
+pm.max_spare_servers = 16
+pm.max_requests = 2048
+include = /etc/php7/php-fpm.d/env.conf
diff --git a/docker/etc/php7/php-fpm.d/env.conf b/docker/etc/php7/php-fpm.d/env.conf
new file mode 100644
index 0000000..bcf2e37
--- /dev/null
+++ b/docker/etc/php7/php-fpm.d/env.conf
@@ -0,0 +1,2 @@
+env[DATABASE_URL] = $DATABASE_URL
+env[DEBUG] = $DEBUG
diff --git a/docker/etc/services.d/.s6-svscan/finish b/docker/etc/services.d/.s6-svscan/finish
new file mode 100755
index 0000000..fc3b1e9
--- /dev/null
+++ b/docker/etc/services.d/.s6-svscan/finish
@@ -0,0 +1,2 @@
+#!/bin/sh
+/bin/true
\ No newline at end of file
diff --git a/docker/etc/services.d/cron/run b/docker/etc/services.d/cron/run
new file mode 100755
index 0000000..da37809
--- /dev/null
+++ b/docker/etc/services.d/cron/run
@@ -0,0 +1,2 @@
+#!/bin/execlineb -P
+crond -f
\ No newline at end of file
diff --git a/docker/etc/services.d/nginx/run b/docker/etc/services.d/nginx/run
new file mode 100755
index 0000000..7478cd7
--- /dev/null
+++ b/docker/etc/services.d/nginx/run
@@ -0,0 +1,3 @@
+#!/bin/execlineb -P
+
+nginx -g "daemon off;"
\ No newline at end of file
diff --git a/docker/etc/services.d/php/run b/docker/etc/services.d/php/run
new file mode 100755
index 0000000..6b09323
--- /dev/null
+++ b/docker/etc/services.d/php/run
@@ -0,0 +1,2 @@
+#!/bin/execlineb -P
+php-fpm7 -F
\ No newline at end of file
diff --git a/docker/usr/local/bin/entrypoint.sh b/docker/usr/local/bin/entrypoint.sh
new file mode 100755
index 0000000..1b3dd13
--- /dev/null
+++ b/docker/usr/local/bin/entrypoint.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+mkdir -p /var/www/app/data/favicons
+chown -R nginx:nginx /var/www/app/data
+exec /bin/s6-svscan /etc/services.d
+
diff --git a/docker/var/spool/crontabs/nginx b/docker/var/spool/crontabs/nginx
new file mode 100644
index 0000000..5ea2114
--- /dev/null
+++ b/docker/var/spool/crontabs/nginx
@@ -0,0 +1 @@
+0 * * * * cd /var/www/app && php cronjob.php
diff --git a/docs/docker.markdown b/docs/docker.markdown
index 9a6b930..8ce8761 100644
--- a/docs/docker.markdown
+++ b/docs/docker.markdown
@@ -7,7 +7,7 @@ There is a `Dockerfile` in the repository to build your own container.
 Use the automated build
 -----------------------
 
-Every new commit on the repository trigger a new build on [Docker Hub](https://registry.hub.docker.com/u/miniflux/miniflux/).
+Every new commit on the repository trigger a new build on [Docker Hub](https://hub.docker.com/r/miniflux/miniflux/).
 
 ```bash
 docker run -d --name miniflux -p 80:80 -t miniflux/miniflux:latest
@@ -27,15 +27,3 @@ docker-compose up -d
 - By default, the service listen on port 80
 - A named volume is created to store your data on the host machine
 
-Build your own image
---------------------
-
-```bash
-docker build -t <yourname/imagename> .
-```
-
-Run container from the image:
-
-```bash
-docker run -p 80:80 --name miniflux <yourname/imagename>
-```
diff --git a/hooks/build b/hooks/build
new file mode 100755
index 0000000..043be1f
--- /dev/null
+++ b/hooks/build
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+VERSION=master
+
+if [ "$SOURCE_BRANCH" != "" ]; then
+    VERSION=$SOURCE_BRANCH
+
+    if [ "$SOURCE_BRANCH" == "latest" ]; then
+        VERSION=master
+    fi
+fi
+
+echo "Building $VERSION"
+
+docker build --build-arg VERSION=$VERSION -t $IMAGE_NAME .