Glebaster/forum
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add Caddy healthcheck and various cleanup (#462)

Browse Source 
* feat: add Caddy healthcheck and various cleanup

* fix healtcheck
This commit is contained in:
Kévin Dunglas 2023-09-14 14:11:07 +02:00 committed by GitHub
parent 8b40991b05
commit 81c2a77ed5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 40 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/ci.yml vendored
View File

@ -68,7 +68,5 @@ jobs:
name: Checkout name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
- -
name: Lint Dockerfiles name: Lint Dockerfile
uses: hadolint/hadolint-action@v3.1.0 uses: hadolint/hadolint-action@v3.1.0
with:
recursive: true

5
Dockerfile
View File

@ -47,11 +47,9 @@ COPY --link docker/php/php-fpm.d/zz-docker.conf /usr/local/etc/php-fpm.d/zz-dock
RUN mkdir -p /var/run/php RUN mkdir -p /var/run/php
COPY --link --chmod=755 docker/php/docker-healthcheck.sh /usr/local/bin/docker-healthcheck COPY --link --chmod=755 docker/php/docker-healthcheck.sh /usr/local/bin/docker-healthcheck
HEALTHCHECK --start-period=1m CMD docker-healthcheck
HEALTHCHECK --interval=10s --timeout=3s --retries=3 --start-period=40s CMD ["docker-healthcheck"]
COPY --link --chmod=755 docker/php/docker-entrypoint.sh /usr/local/bin/docker-entrypoint COPY --link --chmod=755 docker/php/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
ENTRYPOINT ["docker-entrypoint"] ENTRYPOINT ["docker-entrypoint"]
CMD ["php-fpm"] CMD ["php-fpm"]
@ -113,6 +111,7 @@ WORKDIR /srv/app
ADD --chmod=500 https://caddyserver.com/api/download?os=linux&arch=$TARGETARCH&p=github.com/dunglas/mercure/caddy&p=github.com/dunglas/vulcain/caddy /usr/bin/caddy ADD --chmod=500 https://caddyserver.com/api/download?os=linux&arch=$TARGETARCH&p=github.com/dunglas/mercure/caddy&p=github.com/dunglas/vulcain/caddy /usr/bin/caddy
COPY --link docker/caddy/Caddyfile /etc/caddy/Caddyfile COPY --link docker/caddy/Caddyfile /etc/caddy/Caddyfile
HEALTHCHECK CMD wget --no-verbose --tries=1 --spider https://localhost/healthz || exit 1
# Prod Caddy image # Prod Caddy image
FROM caddy_base AS caddy_prod FROM caddy_base AS caddy_prod

60
docker/caddy/Caddyfile
View File

@ -1,32 +1,46 @@
{ {
# Debug {$CADDY_GLOBAL_OPTIONS}
{$CADDY_DEBUG}
} }
{$SERVER_NAME} {$SERVER_NAME:localhost}
{$CADDY_EXTRA_CONFIG} {$CADDY_EXTRA_CONFIG}
log log {
# Redact the authorization query parameter that can be set by Mercure
format filter {
wrap console
fields {
uri query {
replace authorization REDACTED
}
}
}
}
route { route {
root * /srv/app/public # Healthcheck URL
mercure { respond /healthz 200
# Transport to use (default to Bolt) skip_log /healthz
transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
# Publisher JWT key root * /srv/app/public
publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG} mercure {
# Subscriber JWT key # Transport to use (default to Bolt)
subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG} transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
# Allow anonymous subscribers (double-check that it's what you want) # Publisher JWT key
anonymous publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
# Enable the subscription API (double-check that it's what you want) # Subscriber JWT key
subscriptions subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
# Extra directives # Allow anonymous subscribers (double-check that it's what you want)
{$MERCURE_EXTRA_DIRECTIVES} anonymous
} # Enable the subscription API (double-check that it's what you want)
vulcain subscriptions
php_fastcgi unix//var/run/php/php-fpm.sock # Extra directives
encode zstd gzip {$MERCURE_EXTRA_DIRECTIVES}
file_server }
vulcain
php_fastcgi unix//var/run/php/php-fpm.sock
encode zstd gzip
file_server
} }