switch to frankenphp

guillaume-sainthillier · Nov 21, 2024 · e2819b4 · e2819b4
1 parent 3e6e35e
commit e2819b4
Show file tree

Hide file tree

Showing 24 changed files with 214 additions and 1,489 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -5,7 +5,6 @@ node_modules
 tests
 var
 vendor
-docker/*/assets
 public/bundles
 public/build
 public/sitemap

diff --git a/Dockerfile b/Dockerfile
@@ -1,104 +1,104 @@
+#syntax=docker/dockerfile:1.4
+
+# Versions
+FROM dunglas/frankenphp:1.3.0-php8.2.25-alpine AS php_upstream
+FROM node:20-alpine as node_upstream
+
+# Base image
+FROM php_upstream as php_base
+WORKDIR /app
+
+RUN IPE_GD_WITHOUTAVIF=1 \
+    install-php-extensions \
+        @composer \
+        amqp \
+        apcu \
+        bcmath \
+        exif \
+        intl \
+        imagick \
+        opcache \
+        pcntl \
+        pdo_mysql \
+        redis \
+        soap \
+        sockets \
+        zip
+
+# Composer install stage
+FROM php_base as php_builder
+WORKDIR /app
+
+ENV COMPOSER_ALLOW_SUPERUSER=1
+ENV SERVER_NAME=:80
+
+COPY --link composer.json composer.lock symfony.lock ./
+RUN APP_ENV=prod composer install --no-interaction --no-dev --no-scripts --prefer-dist
+
 # Install dependencies only when needed
-FROM node:16-alpine as deps
+FROM node_upstream as node_builder
 WORKDIR /app
 
 COPY package.json yarn.lock ./
 RUN yarn install --frozen-lockfile --ignore-scripts
 
-# Rebuild the source code only when needed
-FROM node:16-alpine AS builder
-WORKDIR /app
-
-COPY --from=deps /app/node_modules ./node_modules
 COPY package.json webpack.config.js yarn.lock ./
 COPY assets ./assets
 COPY src ./src
 COPY templates ./templates
 
 RUN mkdir -p public && \
-    yarn build && \
-    yarn install --frozen-lockfile --ignore-scripts --production
+    yarn build
 
-FROM php:8.2-fpm-alpine
-
-ARG APP_VERSION=dev
-ENV COMPOSER_ALLOW_SUPERUSER=1 \
-    APP_VERSION="${APP_VERSION}" \
-    TZ="Europe/Paris"
+FROM php_base
 
 EXPOSE 80
 WORKDIR /app
 
+ARG APP_VERSION=dev
+ENV APP_VERSION="${APP_VERSION}"
+ENV APP_ENV=prod
+ENV COMPOSER_ALLOW_SUPERUSER=1
+ENV SERVER_NAME=:80
+ENV FRANKENPHP_CONFIG="import worker.Caddyfile"
+
 # Install dependencies
 RUN apk add --no-cache \
     bash \
     icu-data-full \
-    icu-libs \
-    imagemagick \
-    libgomp \
-    libjpeg \
-    libpng \
     linux-headers \
-    libxml2 \
-    libwebp \
-    libzip \
     git \
-    nginx \
-    rabbitmq-c \
     supervisor \
-    tzdata \
-    zlib && \
+    tzdata && \
     echo "Europe/Paris" > /etc/timezone && \
     #Composer
     curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer && \
     # Reduce layer size
     rm -rf /var/cache/apk/* /tmp/*
 
-# PHP Extensions
-ENV PHPIZE_DEPS \
-    autoconf \
-    freetype-dev \
-    g++ \
-    gcc \
-    icu-dev \
-    imagemagick-dev \
-    libc-dev \
-    libjpeg-turbo-dev \
-    libpng-dev \
-    libwebp-dev \
-    libxml2-dev \
-    libzip-dev \
-    make \
-    rabbitmq-c-dev \
-    zlib-dev
-
-RUN apk add --no-cache --virtual .build-deps \
-    $PHPIZE_DEPS && \
-    docker-php-ext-install -j$(nproc) bcmath exif intl opcache pcntl pdo_mysql soap sockets zip && \
-    pecl install amqp apcu redis imagick && \
-    docker-php-ext-enable amqp apcu redis imagick && \
-    apk del .build-deps && \
-    rm -rf /var/cache/apk/* /tmp/*
-
-# Config
-COPY docker/prod/nginx.conf /etc/nginx/
-COPY docker/prod/php.ini /usr/local/etc/php/php.ini
-COPY docker/prod/pool.conf /usr/local/etc/php-fpm.d/www.conf
-COPY docker/prod/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
-COPY docker/prod/supervisord-worker.conf /etc/supervisor/conf.d/supervisord-worker.conf
+# Composer install before sources
+COPY --from=php_builder --link /app/vendor ./vendor
+COPY --from=node_builder --link /app/public/build ./public/build
 
-COPY . /app
-COPY --from=builder /app/public/build /app/public/build
-COPY --from=builder /app/public/build /assets
-COPY docker/prod/entrypoint.sh /usr/local/bin/entrypoint.sh
+COPY --link . .
 
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+# Config
+COPY --link docker/Caddyfile /etc/caddy/Caddyfile
+COPY --link docker/worker.Caddyfile /etc/caddy/worker.Caddyfile
+COPY --link docker/php.ini $PHP_INI_DIR/conf.d/app.ini
+COPY --link docker/supervisord-worker.conf /etc/supervisor/conf.d/supervisord-worker.conf
+COPY --link docker/entrypoint.sh /usr/local/bin/docker-entrypoint
 
 RUN mkdir -p /run/php var/cache var/sessions var/storage/temp var/datas public/build && \
-    APP_ENV=prod composer install --prefer-dist --optimize-autoloader --classmap-authoritative --no-interaction --no-ansi --no-dev && \
+    APP_ENV=prod composer dump-autoload --optimize --classmap-authoritative --no-dev --no-interaction && \
+    APP_ENV=prod composer run-script post-install-cmd && \
     APP_ENV=prod bin/console cache:clear --no-warmup && \
     APP_ENV=prod bin/console cache:warmup && \
     echo "<?php return [];" > .env.local.php && \
-    chown -R www-data:www-data var public/build public/bundles /assets && \
-    # Reduce container size
-    rm -rf .git docker assets /root/.composer /root/.npm /tmp/*
+    chown -R www-data:www-data var public/build public/bundles && \
+    rm -rf .git docker assets /root/.composer /root/.cache /tmp/*
+
+
+HEALTHCHECK --start-period=60s CMD curl -f http://localhost:2019/metrics || exit 1
+ENTRYPOINT ["docker-entrypoint"]
+CMD [ "frankenphp", "run", "--config", "/etc/caddy/Caddyfile" ]
diff --git a/composer.json b/composer.json
@@ -24,7 +24,7 @@
         }
     },
     "require": {
-        "php": "^8.2",
+        "php": "~8.2.0",
         "ext-ctype": "*",
         "ext-curl": "*",
         "ext-dom": "*",
@@ -59,6 +59,7 @@
         "pagerfanta/twig": "^4",
         "php-amqplib/rabbitmq-bundle": "^2.2",
         "presta/sitemap-bundle": "^4",
+        "runtime/frankenphp-symfony": "^0.2.0",
         "sentry/sentry-symfony": "^5",
         "social-links/social-links": "^1.13",
         "stof/doctrine-extensions-bundle": "^1.3",

diff --git a/composer.lock b/composer.lock
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -1,27 +1,15 @@
 services:
     app:
-        build: ./docker/dev
         volumes:
             - .:/app
             - /app/node_modules
             - /app/vendor
+        env_file:
+            - .env
+            - .env.local
 
     worker:
-        build: ./docker/dev
         volumes:
             - .:/app
             - /app/node_modules
             - /app/vendor
-
-    varnish:
-        volumes:
-            - ./docker/dev/varnish/default.vcl:/etc/varnish/default.vcl:ro
-            - ./docker/dev/varnish/fos:/etc/varnish/fos:ro
-
-volumes:
-    nfsmount:
-        driver: local
-        driver_opts:
-            type: nfs
-            o: addr=host.docker.internal,rw,nolock,hard,nointr,nfsvers=3
-            device: ':/System/Volumes/Data/${PWD}'
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,4 +1,18 @@
 services:
+    app:
+        build: .
+        env_file:
+            - .env
+            - .env.local
+        ports:
+            - 8080:80
+    worker:
+        command: 'worker'
+        build: .
+        env_file:
+            - .env
+            - .env.local
+
     redis:
         image: redis:alpine
         ports:

diff --git a/docker/Caddyfile b/docker/Caddyfile
@@ -0,0 +1,47 @@
+{
+	{$CADDY_GLOBAL_OPTIONS}
+
+	frankenphp {
+		{$FRANKENPHP_CONFIG}
+	}
+}
+
+{$CADDY_EXTRA_CONFIG} 
+
+{$SERVER_NAME:localhost} {
+	log {
+		{$CADDY_SERVER_LOG_OPTIONS}
+		# Redact the authorization query parameter that can be set by Mercure
+		format filter {
+			request>uri query {
+				replace authorization REDACTED
+			}
+		}
+	}
+
+	root * /app/public
+	encode zstd br gzip
+
+#	mercure {
+#		# Transport to use (default to Bolt)
+#		transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
+#		# Publisher JWT key
+#		publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
+#		# Subscriber JWT key
+#		subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
+#		# Allow anonymous subscribers (double-check that it's what you want)
+#		anonymous
+#		# Enable the subscription API (double-check that it's what you want)
+#		subscriptions
+#		# Extra directives
+#		{$MERCURE_EXTRA_DIRECTIVES}
+#	}
+
+	{$CADDY_SERVER_EXTRA_DIRECTIVES}
+
+	# Disable Topics tracking if not enabled explicitly: https://github.com/jkarlin/topics
+	header ?Permissions-Policy "browsing-topics=()"
+	header /build/* Cache-Control "public, max-age=31536000, immutable"
+
+	php_server
+}