From ddcfc0c3f0c567712d871e22ed1cc664a1b31286 Mon Sep 17 00:00:00 2001 From: Jeroen Peelaerts Date: Sat, 13 Feb 2021 12:03:40 +0100 Subject: [PATCH 1/3] Use stable docker hub image in compose.yml --- docker-compose.yml | 55 +--------------------------------------------- 1 file changed, 1 insertion(+), 54 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 7e339fe88..dfe2a04de 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,10 +12,7 @@ networks: services: ospos: - build: - context: . - target: ospos - container_name: ospos + image: jekkos/opensourcepos:3.3.3 restart: always depends_on: - mysql @@ -53,53 +50,3 @@ services: - MYSQL_USER=${OSPOS_MYSQL_USERNAME} - MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD} - phpmyadmin: - image: phpmyadmin/phpmyadmin - container_name: phpmyadmin - restart: always - depends_on: - - mysql - expose: - - "80" - networks: - - app_net - - db_net - environment: - - MYSQL_USERNAME=${OSPOS_MYSQL_USERNAME} - - MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD} - - PMA_HOST=mysql - - nginx: - image: nginx:1.19-alpine - container_name: nginx - restart: always - depends_on: - - ospos - - phpmyadmin - - certbot - volumes: - - ./docker/data/nginx/nginx.tmpl:/etc/nginx/nginx.tmpl:ro - - ./docker/data/nginx/error_log.log:/etc/nginx/error_log.log - - ./docker/data/certbot/conf:/etc/letsencrypt:ro - - ./docker/data/certbot/www:/var/www/certbot:ro - ports: - - "80:80" - - "443:443" - - "8000:8000" - networks: - - app_net - environment: - - WEB_DOMAIN=${OSPOS_DOMAIN_NAME} - - ESC=$$ - command: "/bin/sh -c 'envsubst < /etc/nginx/nginx.tmpl > /etc/nginx/nginx.conf & while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'" - - certbot: - image: certbot/certbot - container_name: certbot - restart: always - volumes: - - ./docker/data/certbot/conf:/etc/letsencrypt - - ./docker/data/certbot/www:/var/www/certbot - networks: - - app_net - entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" From a6cc04f49f7c0edcb086010e522436a70b3f098a Mon Sep 17 00:00:00 2001 From: Jeroen Peelaerts Date: Sat, 13 Feb 2021 12:05:07 +0100 Subject: [PATCH 2/3] Move ssl setup to separate compose file --- INSTALL.md | 31 +----- docker-compose.nginx.yml | 102 ++++++++++++++++++ docker-compose.yml | 11 +- docker/install-local.sh | 17 --- .../{install-server.sh => install-nginx.sh} | 4 +- 5 files changed, 113 insertions(+), 52 deletions(-) create mode 100644 docker-compose.nginx.yml delete mode 100644 docker/install-local.sh rename docker/{install-server.sh => install-nginx.sh} (72%) diff --git a/INSTALL.md b/INSTALL.md index 7717f699c..3797d07fd 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -38,31 +38,16 @@ From now onwards OSPOS can be deployed using Docker on Linux and Mac, locally or This setup dramatically reduces the number of possible issues as all setup is now done in a Dockerfile. Docker runs natively on Mac and Linux. Please refer to the docker documentation for instructions on how to set it up on your platform. -Since OSPOS version 3.3.0 the docker installation offers a reverse proxy based on nginx with a (if local) Self signed certificate termination (aka HTTPS connection). -Behind the reverse proxy you can access OSPOS using https (port 443) and myPhpAdmin using port 8000. -Port 80 (standard http) is not available for OSPOS, it's only available for a cert manager service in case of server installation. +***Be aware that this setup is not suited for production usage. Change the default passwords in the compose file before exposing the containers publicly.*** -* To build and run the image, download the latest build from bintray. -* Install envsubst from https://github.com/a8m/envsubst on your machine -* Issue the following commands in a terminal with docker installed: +Start the containers using following command ``` - docker/install-local.sh -``` - -* When required to renew a certificate say (y)es. -* When the script has terminated to run, wait about a minute before connecting to https://127.0.0.1. -* The web browser will warn you of a self certificate exception, accept and continue -* If you do https://127.0.0.1:8000 (port 8000) instead, you would be able to access a phpMyAdmin service connected to OSPOS MariaDB - -* To stop the docker issue the following command: - -``` - docker/uninstall.sh + docker-compose up ``` -Host install using Docker +Nginx install using Docker ------------------------- Since OSPOS version 3.3.0 the docker installation offers a reverse proxy based on nginx with a Letsencrypt TLS certificate termination (aka HTTPS connection). @@ -76,13 +61,7 @@ The variable STAGING needs to be set to 0 when you are confident your configurat Follow local install steps, but instead of ``` - docker/install-local.sh -``` - -use - -``` - docker/install-server.sh + docker/install-nginx.sh ``` Do not use diff --git a/docker-compose.nginx.yml b/docker-compose.nginx.yml new file mode 100644 index 000000000..cac7660b9 --- /dev/null +++ b/docker-compose.nginx.yml @@ -0,0 +1,102 @@ +version: '3.4' + +volumes: + uploads: + driver: local + logs: + driver: local + +networks: + app_net: + db_net: + +services: + ospos: + image: jekkos/opensourcepos:3.3.3 + restart: always + depends_on: + - mysql + expose: + - "80" + networks: + - app_net + - db_net + volumes: + - uploads:/app/public/uploads + - logs:/app/application/logs + environment: + - CI_ENV=${OSPOS_CI_ENV} + - FORCE_HTTPS=true + - PHP_TIMEZONE=UTC + - MYSQL_USERNAME=${OSPOS_MYSQL_USERNAME} + - MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD} + - MYSQL_DB_NAME=ospos + - MYSQL_HOST_NAME=mysql + + mysql: + image: mariadb:10.5 + container_name: mysql + restart: always + expose: + - "3306" + networks: + - db_net + volumes: + - ./database/database.sql:/docker-entrypoint-initdb.d/database.sql + - ./database:/var/lib/mysql:rw + environment: + - MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD} + - MYSQL_DATABASE=ospos + - MYSQL_USER=${OSPOS_MYSQL_USERNAME} + - MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD} + + phpmyadmin: + image: phpmyadmin/phpmyadmin + container_name: phpmyadmin + restart: always + depends_on: + - mysql + expose: + - "80" + networks: + - app_net + - db_net + environment: + - MYSQL_USERNAME=${OSPOS_MYSQL_USERNAME} + - MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD} + - PMA_HOST=mysql + + nginx: + image: nginx:1.19-alpine + container_name: nginx + restart: always + depends_on: + - ospos + - phpmyadmin + - certbot + volumes: + - ./docker/data/nginx/nginx.tmpl:/etc/nginx/nginx.tmpl:ro + - ./docker/data/nginx/error_log.log:/etc/nginx/error_log.log + - ./docker/data/certbot/conf:/etc/letsencrypt:ro + - ./docker/data/certbot/www:/var/www/certbot:ro + ports: + - "80:80" + - "443:443" + - "8000:8000" + networks: + - app_net + environment: + - WEB_DOMAIN=${OSPOS_DOMAIN_NAME} + - ESC=$$ + command: "/bin/sh -c 'envsubst < /etc/nginx/nginx.tmpl > /etc/nginx/nginx.conf & while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'" + + certbot: + image: certbot/certbot + container_name: certbot + restart: always + volumes: + - ./docker/data/certbot/conf:/etc/letsencrypt + - ./docker/data/certbot/www:/var/www/certbot + networks: + - app_net + entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" diff --git a/docker-compose.yml b/docker-compose.yml index dfe2a04de..22a6f7d25 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -28,8 +28,8 @@ services: - CI_ENV=${OSPOS_CI_ENV} - FORCE_HTTPS=true - PHP_TIMEZONE=UTC - - MYSQL_USERNAME=${OSPOS_MYSQL_USERNAME} - - MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD} + - MYSQL_USERNAME=admin + - MYSQL_PASSWORD=pointofsale - MYSQL_DB_NAME=ospos - MYSQL_HOST_NAME=mysql @@ -43,10 +43,9 @@ services: - db_net volumes: - ./database/database.sql:/docker-entrypoint-initdb.d/database.sql - - database:/var/lib/mysql:rw environment: - - MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD} + - MYSQL_ROOT_PASSWORD=pointofsale - MYSQL_DATABASE=ospos - - MYSQL_USER=${OSPOS_MYSQL_USERNAME} - - MYSQL_PASSWORD=${OSPOS_MYSQL_PASSWORD} + - MYSQL_USER=admin + - MYSQL_PASSWORD=pointofsale diff --git a/docker/install-local.sh b/docker/install-local.sh deleted file mode 100644 index cd6d8fdeb..000000000 --- a/docker/install-local.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -cd docker - -# load local environment variables -if [ ! -e ".env" ]; then - echo "The .env (environment variables) file is missing" - exit 1 -fi - -. ./.env - -/bin/bash ./build_assets.sh - -docker-compose -f ../docker-compose.yml build - -/bin/bash ./init-selfcert.sh diff --git a/docker/install-server.sh b/docker/install-nginx.sh similarity index 72% rename from docker/install-server.sh rename to docker/install-nginx.sh index 03616c77b..3eaa4a291 100644 --- a/docker/install-server.sh +++ b/docker/install-nginx.sh @@ -10,8 +10,6 @@ fi . ./.env -/bin/bash ./build_assets.sh - -docker-compose -f ../docker-compose.yml build +docker-compose -f ../docker-compose.nginx.yml build /bin/bash ./init-letsencrypt.sh From 030ddea8144baf25ae291a30a3a5ec2c2d212d79 Mon Sep 17 00:00:00 2001 From: Jeroen Peelaerts Date: Sun, 14 Feb 2021 10:52:01 +0100 Subject: [PATCH 3/3] Make MySQL volume persistent in docker compose --- docker-compose.nginx.yml | 2 +- docker-compose.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docker-compose.nginx.yml b/docker-compose.nginx.yml index cac7660b9..5cfaa91bd 100644 --- a/docker-compose.nginx.yml +++ b/docker-compose.nginx.yml @@ -43,7 +43,7 @@ services: - db_net volumes: - ./database/database.sql:/docker-entrypoint-initdb.d/database.sql - - ./database:/var/lib/mysql:rw + - database:/var/lib/mysql:rw environment: - MYSQL_ROOT_PASSWORD=${OSPOS_MYSQL_ROOT_PASSWORD} - MYSQL_DATABASE=ospos diff --git a/docker-compose.yml b/docker-compose.yml index 22a6f7d25..b0394c89e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -43,6 +43,7 @@ services: - db_net volumes: - ./database/database.sql:/docker-entrypoint-initdb.d/database.sql + - database:/var/lib/mysql:rw environment: - MYSQL_ROOT_PASSWORD=pointofsale - MYSQL_DATABASE=ospos