From f1da30c57894a2bd863c9ce58fb2ffeed2747d6d Mon Sep 17 00:00:00 2001 From: ne20002 Date: Tue, 16 Jul 2024 17:12:26 +0000 Subject: [PATCH] dev container network connectivity --- .devcontainer/{devcontainer.env => .env} | 3 +- .devcontainer/Dockerfile | 1 - .devcontainer/README.MD | 21 ++++---- .devcontainer/devcontainer.json | 3 -- .devcontainer/docker-compose.yml | 20 ++++--- .devcontainer/include/001-friendica.conf | 57 +++++++++++++++++--- .devcontainer/include/autoinstall.config.php | 30 ++++++----- .devcontainer/include/my.cnf | 4 +- .devcontainer/postCreate.sh | 4 +- .devcontainer/postCreateApacheSetup.sh | 17 +++++- .devcontainer/postCreateFriendicaSetup.sh | 11 ++-- 11 files changed, 121 insertions(+), 50 deletions(-) rename .devcontainer/{devcontainer.env => .env} (88%) diff --git a/.devcontainer/devcontainer.env b/.devcontainer/.env similarity index 88% rename from .devcontainer/devcontainer.env rename to .devcontainer/.env index f72d728d1c..fdfc59f864 100644 --- a/.devcontainer/devcontainer.env +++ b/.devcontainer/.env @@ -5,7 +5,8 @@ MYSQL_USER=friendica MYSQL_PASSWORD=friendica #Webserver setup -ServerName=192.168.56.10.xip.io +ServerName=localhost +ServerPort=8080 ServerAlias=friendica.local DocumentRoot=/var/www/html APACHE_LOG_DIR=/var/log/apache2 diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 3a0b398d8d..626f3bf18e 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -7,7 +7,6 @@ RUN apt-get update -y; # Install MariaDB client RUN apt-get install -y mariadb-client -COPY include/my.cnf /home/vscode/.my.cnf # Base packages RUN apt install -y vim software-properties-common sudo nano gnupg2 diff --git a/.devcontainer/README.MD b/.devcontainer/README.MD index 21694a2e00..56cf8d4ef6 100644 --- a/.devcontainer/README.MD +++ b/.devcontainer/README.MD @@ -3,7 +3,7 @@ This folder holds a devcontainer definition for Friendica. The main features are: -- The development container is based on the PHP dev container image in variant that includes an Apache2 +- The development container is based on the PHP dev container image in a variant that includes an Apache2 webserver. The variant defines the PHP version and the OS it is based on. The currently used variant is defined in the Dockerfile. @@ -22,32 +22,33 @@ The development setup is: port 8080 from your local development machine (http://localhost:8080/). This is also the url as configured in local.config.php. You should be able to log in with user 'admin@friendica.local' and password 'admin'. -- Important values are defined in the devcontainer.env file and applied during creation wherever possible. The +- Important values are defined in the .env file within the .devcontainer folder and applied during creation wherever possible. The environment is also available during run/debug time to the application. - XDebug can be started by the launch configuration 'Listen for Xdebug'. The launch configuration is in .vscode/launch.json (this file is added to git). +- The Apache server in the dev container is reachable with http on the ports 80 and 8080 and with https on port 443. The + url used for Friendica is defined in local.config.php (currently localhost:8080) and any subsequent request will be redirected + to this url. To change the url to one you like you need to modify the url in local.config.php which can be done by + setting the values in the .env file accordingly and rebuilding the container. + +- The hostname friendica.local is used for the ceritificate and added to the hosts file in the container. .local is a reserved TLD + for mDNS and if you can use this depends on your network configuration. For developing and debugging using forwarded ports + (localhost:8080) works fine. + Open points: - Cron jobs / worker are not available. For a dev environment those are disabled by default (but can be optionally enabled). -- The creation of the container runs the postCreate.sh script. This includes a few setup steps that do not need to - be runned on a container rebuild (but on creation of the container). I plan to seperate steps from creation and rebuild - but it is not really a problem at the moment (it just gives some output stating Error where no error is). - - Passing values from the local development machine (with $localEnv) does not seem to work. This would be handy to apply a few settings differently based on user choice. - The dev container does not have an email MTA. -- The devcontainer does currently not support TLS. - - There are still a bit too much warnings logged at startup but that doesn't seem to be a problem. - Only the first launch configuration ('Listen for Xdebug') is working. -- There is no port exposed on the container (only forwarded ports used). It would be handy to have the dev instance being able - to work as a normal instance in the fediverse. diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index c0eba0281b..4bf546aaba 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -14,9 +14,6 @@ // Features to add to the dev container. More info: https://containers.dev/features. // "features": {}, - // For use with PHP or Apache (e.g.php -S localhost:8080 or apache2ctl start) - "forwardPorts": [3306, 8080], - // Use 'postCreateCommand' to run commands after the container is created. "postCreateCommand": "bash -c '.devcontainer/postCreate.sh && .devcontainer/postCreateApacheSetup.sh && .devcontainer/postCreateFriendicaSetup.sh'", "postStartCommand": "service apache2 start", diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index d17e06cb64..74a16d6187 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -8,29 +8,35 @@ services: volumes: - ../..:/workspaces:cached - env_file: "devcontainer.env" + env_file: ".env" # Overrides default command so things don't shut down after the process ends. command: sleep infinity - # Runs app on the same network as the database container, allows "forwardPorts" in devcontainer.json function. - network_mode: service:db - + ports: + - 80:80 + - 443:443 + - 8080:8080 + - 3306:3306 + # Use "forwardPorts" in **devcontainer.json** to forward an app port locally. # (Adding the "ports" property to this file will not forward from a Codespace.) + extra_hosts: + - "${ServerAlias}:127.0.0.1" + db: image: mariadb:10.4 restart: unless-stopped volumes: - mariadb-data:/var/lib/mysql - env_file: "devcontainer.env" + env_file: ".env" environment: MYSQL_ROOT_PASSWORD: root command: ['mysqld', '--character-set-server=utf8mb4', '--collation-server=utf8mb4_unicode_ci'] - # Add "forwardPorts": ["3306"] to **devcontainer.json** to forward MariaDB locally. - # (Adding the "ports" property to this file will not forward from a Codespace.) + # Runs app on the same network as the app container, allows "forwardPorts" in devcontainer.json function. + network_mode: service:app volumes: mariadb-data: diff --git a/.devcontainer/include/001-friendica.conf b/.devcontainer/include/001-friendica.conf index da5a1eeb89..61eb40c7cc 100644 --- a/.devcontainer/include/001-friendica.conf +++ b/.devcontainer/include/001-friendica.conf @@ -1,22 +1,22 @@ - + ServerAdmin webmaster@localhost ServerName ${ServerName} ServerAlias ${ServerAlias} DocumentRoot ${DocumentRoot} + + SetHandler server-status + Order deny,allow + Allow from all + + Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all - - - SetHandler server-status - Order deny,allow - Allow from all - # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. @@ -26,3 +26,46 @@ CustomLog ${APACHE_LOG_DIR}/${ServerName}-access.log combined + + + ServerAdmin webmaster@localhost + ServerName ${ServerName} + ServerAlias ${ServerAlias} + + DocumentRoot ${DocumentRoot} + + + SetHandler server-status + Order deny,allow + Allow from all + + + + Options Indexes FollowSymLinks MultiViews + AllowOverride All + Order allow,deny + allow from all + + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + ErrorLog ${APACHE_LOG_DIR}/${ServerName}-error.log + CustomLog ${APACHE_LOG_DIR}/${ServerName}-access.log combined + + SSLEngine on + + SSLCertificateFile /etc/ssl/certs/friendica.crt + SSLCertificateKeyFile /etc/ssl/private/friendica.key + + + SSLOptions +StdEnvVars + + + BrowserMatch "MSIE [2-6]" \\ + nokeepalive ssl-unclean-shutdown \\ + downgrade-1.0 force-response-1.0 + # MSIE 7 and newer should be able to use keepalive + BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + \ No newline at end of file diff --git a/.devcontainer/include/autoinstall.config.php b/.devcontainer/include/autoinstall.config.php index e3f80b5c14..f69f010ea3 100644 --- a/.devcontainer/include/autoinstall.config.php +++ b/.devcontainer/include/autoinstall.config.php @@ -1,19 +1,22 @@ . * - * If you're unsure about what any of the config keys below do, please check the static/defaults.config.php file for - * detailed documentation of their data type and behavior. */ return [ @@ -32,15 +35,16 @@ return [ // **************************************************************** 'config' => [ - 'admin_email' => 'admin@friendica.local', + 'admin_email' => 'admin@${ServerAlias}', 'sitename' => 'Friendica Social Network', 'register_policy' => \Friendica\Module\Register::OPEN, 'register_text' => '', + 'php' => '${FRIENDICA_PHP_PATH}', ], 'system' => [ 'default_timezone' => 'UTC', 'language' => 'en', 'basepath' => '${workspaceFolder}', - 'url' => 'http://localhost:8080', + 'url' => 'http://${ServerName}:${ServerPort}', ], ]; diff --git a/.devcontainer/include/my.cnf b/.devcontainer/include/my.cnf index aae84a5709..c6d320846e 100644 --- a/.devcontainer/include/my.cnf +++ b/.devcontainer/include/my.cnf @@ -1,4 +1,4 @@ [client] protocol = tcp -user = friendica -password = friendica +user = ${MYSQL_USER} +password = ${MYSQL_PASSWORD} diff --git a/.devcontainer/postCreate.sh b/.devcontainer/postCreate.sh index df12b72ad5..e5b338d93d 100755 --- a/.devcontainer/postCreate.sh +++ b/.devcontainer/postCreate.sh @@ -3,11 +3,13 @@ # Prepare the workspace files with the values from the devcontainer.env file set -a -source $workspaceFolder/.devcontainer/devcontainer.env +source $workspaceFolder/.devcontainer/.env echo ">>> Development Setup" sudo apt-get update +envsubst < $workspaceFolder/.devcontainer/include/my.cnf > /home/vscode/.my.cnf + #Make the workspace directory the docroot echo ">>> Symlink $DocumentRoot to $workspaceFolder" sudo rm -rf $DocumentRoot diff --git a/.devcontainer/postCreateApacheSetup.sh b/.devcontainer/postCreateApacheSetup.sh index 441f9d184b..ca4f87aa2b 100755 --- a/.devcontainer/postCreateApacheSetup.sh +++ b/.devcontainer/postCreateApacheSetup.sh @@ -1,13 +1,26 @@ #!/bin/bash # -source $workspaceFolder/.devcontainer/devcontainer.env +source $workspaceFolder/.devcontainer/.env echo ">>> Apache2 Configuration" envsubst < $workspaceFolder/.devcontainer/include/001-friendica.conf > /tmp/001-friendica.conf +# Create a self-signed SSL certificate +sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ + -keyout /etc/ssl/private/friendica.key \ + -out /etc/ssl/certs/friendica.crt \ + -subj "/C=US/ST=State/L=City/O=Organization/CN=$ServerAlias" \ + -addext "subjectAltName = DNS:$ServerAlias, DNS:$ServerName" + +sudo chmod +rx /etc/ssl/private +sudo chmod 644 /etc/ssl/private/friendica.key +sudo chmod 644 /etc/ssl/certs/friendica.crt + sudo cp /tmp/001-friendica.conf /etc/apache2/sites-available/001-friendica.conf -sudo a2enmod rewrite actions +sudo a2enmod rewrite actions ssl sudo a2ensite 001-friendica sudo a2dissite 000-default +echo 'ServerName 127.0.0.1' | sudo tee -a /etc/apache2/apache2.conf + exit 0 diff --git a/.devcontainer/postCreateFriendicaSetup.sh b/.devcontainer/postCreateFriendicaSetup.sh index 5e3707e2e7..f575988a82 100755 --- a/.devcontainer/postCreateFriendicaSetup.sh +++ b/.devcontainer/postCreateFriendicaSetup.sh @@ -1,11 +1,16 @@ #!/bin/bash # -source $workspaceFolder/.devcontainer/devcontainer.env +source $workspaceFolder/.devcontainer/.env # Setup Friendica echo ">>> Friendica Setup" + +FRIENDICA_PHP_PATH=$(which php) +export FRIENDICA_PHP_PATH + envsubst < $workspaceFolder/.devcontainer/include/autoinstall.config.php > /tmp/autoinstall.config.php + cd $DocumentRoot # copy the .htaccess-dist file to .htaccess so that rewrite rules work @@ -20,9 +25,9 @@ bin/console autoinstall -f /tmp/autoinstall.config.php # (disable a bunch of validation because this is a dev install, deh, it needs invalid emails and stupid passwords) bin/console config system disable_email_validation 1 bin/console config system disable_password_exposed 1 -bin/console user add "$ADMIN_NICK" "$ADMIN_NICK" "$ADMIN_NICK@friendica.local" en http://friendica.local/profile/$ADMIN_NICK +bin/console user add "$ADMIN_NICK" "$ADMIN_NICK" "$ADMIN_NICK@$ServerAlias" en http://friendica.local/profile/$ADMIN_NICK bin/console user password "$ADMIN_NICK" "$ADMIN_PASSW" -bin/console user add "$USER_NICK" "$USER_NICK" "$USER_NICK@friendica.local" en http://friendica.local/profile/$USER_NICK +bin/console user add "$USER_NICK" "$USER_NICK" "$USER_NICK@$ServerAlias" en http://friendica.local/profile/$USER_NICK bin/console user password "$USER_NICK" "$USER_PASSW" exit 0