dockerfile changes

Author: parkervcp

.dev/docker/default_ssl.conf

@@ -0,0 +1,70 @@
+# If using Ubuntu this file should be placed in:
+# 			/etc/nginx/sites-available/
+#
+server {
+    listen 80;
+    server_name <domain>;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name <domain>;
+
+    root /var/www/pterodactyl/public;
+    index index.php;
+
+    access_log /var/log/nginx/pterodactyl.app-access.log;
+    error_log  /var/log/nginx/pterodactyl.app-error.log error;
+
+    # allow larger file uploads and longer script runtimes
+    client_max_body_size 100m;
+    client_body_timeout 120s;
+    
+    sendfile off;
+
+    # strengthen ssl security
+    ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+    
+    # See the link below for more SSL information:
+    #     https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+    #
+    # ssl_dhparam /etc/ssl/certs/dhparam.pem;
+
+    # Add headers to serve security related headers
+    add_header Strict-Transport-Security "max-age=15768000; preload;";
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Robots-Tag none;
+    add_header Content-Security-Policy "frame-ancestors 'self'";
+
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location ~ \.php$ {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass unix:/run/php/pterodactyl.sock;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param HTTP_PROXY "";
+        fastcgi_intercept_errors off;
+        fastcgi_buffer_size 16k;
+        fastcgi_buffers 4 16k;
+        fastcgi_connect_timeout 300;
+        fastcgi_send_timeout 300;
+        fastcgi_read_timeout 300;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+}

.dev/docker/entrypoint.sh

@@ -1,24 +1,39 @@
 #!/bin/ash
+## Ensure we are in /app
+
 cd /app
 
-tini -- php-fpm
+## check for .env file and generate app keys if missing
+if [ -f /app/var/.env ]; then
+  echo "external vars exist"
+  rm /app/.env
+  ln -s /app/var/.env /app/
+else
+  echo "external vars don't exist"
+  php artisan key:generate --force
+  cp /app/.env /app/var/
+fi
 
+## check for DB up before starting the panel
+echo "Checking database status."
 until nc -z -v -w30 $DB_HOST 3306
+
 do
   echo "Waiting for database connection..."
   # wait for 5 seconds before check again
   sleep 5
 done
 
-if [ "$(cat .env)" == "" ]; then
-  cat /app/.env.example > /app/.env
-fi
+## make sure the db is set up
+php artisan migrate --seed --force
 
-if [ "$(cat .env | grep APP_KEY)" == "APP_KEY=" ]; then
-  echo "Generating New Key"
-  php artisan key:generate --force
-fi
+echo -e "Done\n"
 
-php artisan migrate --seed --force
-echo "Done"
-nginx -g 'pid /tmp/nginx.pid; daemon off;'
+## start php-fpm in the background
+echo -e "Starting php-fpm in the background. \n"
+php-fpm7 -D
+echo -e "php-fpm starte.d \n"
+
+## start webserver
+echo -e "Starting nginx in the foreground. \n"
+nginx -g 'pid /tmp/nginx.pid; daemon off;'

.gitignore

@@ -20,8 +20,7 @@ sami.phar
 # For local development with docker
 # Remove if we ever put the Dockerfile in the repo
 .dockerignore
-#Dockerfile
-docker-compose.yml
+
 # for image related files
 misc
 .phpstorm.meta.php

Dockerfile

@@ -9,11 +9,13 @@ COPY . ./
 
 RUN cp .dev/docker/default.conf /etc/nginx/conf.d/default.conf \
  && cp .dev/docker/www.conf /etc/php7/php-fpm.d/www.conf \
- && cp .env.example .env \
+ && echo "APP_ENVIRONMENT_ONLY=false" > /app/.env \
+ && echo "APP_KEY=" >> /app/.env \
+ && mkdir /var/run/php \
  && composer install --no-dev
 
 EXPOSE 80 443
 
 RUN chown -R nginx:nginx . && chmod -R 777 storage/* bootstrap/cache
 
-ENTRYPOINT ["ash", ".dev/app/entrypoint.sh"]
+ENTRYPOINT ["ash", ".dev/docker/entrypoint.sh"]

docker-compose.yml

@@ -0,0 +1,62 @@
+version: '2'
+services:
+  database:
+    image: mariadb
+    volumes:
+      - "/srv/pterodactyl/database:/var/lib/mysql"
+    environment:
+      - "MYSQL_ROOT_PASSWORD=apassword"
+      - "MYSQL_DATABASE=pterodb"
+      - "MYSQL_USER=ptero"
+      - "MYSQL_PASSWORD=pterodbpass"
+
+  cache:
+    image: redis:alpine
+
+  panel:
+    image: quay.io/pterodactyl/panel:latest
+    ports:
+      - "80:80"
+      - "443:443"
+    links:
+      - database
+      - cache
+    volumes:
+      - "/srv/pterodactyl/var/:/app/var/"
+    environment:
+      ## These are defaults and should be left alone
+      - "APP_ENV=production"
+      - "APP_DEBUG=false"
+      - "APP_THEME=pterodactyl"
+      - "APP_CLEAR_TASKLOG=720"
+      - "APP_DELETE_MINUTES=10"
+      - "APP_ENVIRONMENT_ONLY=false"
+      - "QUEUE_HIGH=high"
+      - "QUEUE_STANDARD=standard"
+      - "QUEUE_LOW=low"
+      - "CACHE_DRIVER=redis"
+      - "SESSION_DRIVER=redis"
+      - "QUEUE_DRIVER=redis"
+      - "REDIS_HOST=cache_1"
+      - "REDIS_PASSWORD=null"
+      - "REDIS_PORT=6379"
+      ## Domain settings
+      - "APP_URL=https://your.domain.here"
+      ## Timezone settings
+      - "APP_TIMEZONE=America/New_York"
+      ## Service egg settings
+      - "APP_SERVICE_AUTHOR=noreply@your.domain.here"
+      ## Database settings
+      - "DB_HOST=database"
+      - "DB_PORT=3306"
+      - "DB_DATABASE=pterodb"
+      - "DB_USERNAME=ptero"
+      - "DB_PASSWORD=pterodbpass"
+      ## Email settings
+      - "MAIL_FROM=noreply@your.domain.here"
+      - "MAIL_DRIVER=smtp"
+      - "MAIL_HOST=mail"
+      - "MAIL_PORT=1025"
+      - "MAIL_USERNAME=''"
+      - "MAIL_PASSWORD=''"
+      - "MAIL_ENCRYPTION=true"