docker mise au point

README

@@ -1,10 +1,20 @@
+=========== Installtion pour Linux ================
+Docker Engine : https://docs.docker.com/install/linux/docker-ce/ubuntu/
+Docker Compose : https://docs.docker.com/compose/install/
+
+Faire : docker ps
+Si Docker ne marche pas sans "sudo" appliquer : https://techoverflow.net/2017/03/01/solving-docker-permission-denied-while-trying-to-connect-to-the-docker-daemon-socket/
+
 =========== Générer les contrats SSL   ============
 rendre éxécutable le fichier de génération de clé : chmod +x docker/nginx/certs/ssl_keys.sh
-lancé (au même niveau que le README) la commande : docker/nginx/certs/ssl_keys.sh
+lancé (au même niveau que le README) la commande : ./docker/nginx/certs/ssl_keys.sh
 
 docker-compose build
 docker-compose up
 
+Si docker up bloque à cause du port 80 : vérifier que aucun programme écoute le port 80 (Apache est souvent coupable...)
+Faire ensuite un docker stop $(docker ps -a -q)
+
 =========== A faire en plus.....  ===========
 
 Mettre le fichier .env et /etc/hosts à jour selon les nom de domaines
@@ -53,7 +63,10 @@ composer install
 //Se connecter a opentalent-platform
 docker exec -it admin bash
 
-NODE_ENV=docker gulp serve
+//Lancer Bower install
+bower install
+
+gulp serve
 =========== Container FRONT ===================
 
 

docker-compose.yaml

@@ -196,6 +196,5 @@ services:
 volumes:
   mysqldata: ~
   elasticsearchdata: ~
-  certs: ~
   # On rajoute un volume (de données non accessibles en dehors)
   appdata: ~

docker/adminassos/Dockerfile

@@ -4,7 +4,7 @@ FROM php:7.0.33-apache
 RUN sed 's/main$/main universe/' -i /etc/apt/sources.list; \
     apt-get update;   \
     ### WKHTMLTOPDF
-    #&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends build-essential xorg libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev \
+    #DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends build-essential xorg libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev \
     apt-get install -y --no-install-recommends build-essential xorg libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev; \
     wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u11_amd64.deb; \
     dpkg -i libssl1.0.0_1.0.1t-1+deb8u11_amd64.deb; \
@@ -17,10 +17,12 @@ RUN sed 's/main$/main universe/' -i /etc/apt/sources.list; \
     #IMAGICK, TIDY, PDO
     apt-get install -y libmagickwand-dev imagemagick libtidy-dev; \
     pecl install imagick-3.4.3RC2; \
-    docker-php-ext-enable imagick; \
-    docker-php-ext-install tidy; \
+    docker-php-ext-configure zip --with-libzip; \
+    docker-php-ext-configure intl; \
+    docker-php-ext-install tidy pdo_mysql zip gd; \
     docker-php-ext-enable tidy; \
-    docker-php-ext-install pdo_mysql;
+    docker-php-ext-enable imagick; \
+    docker-php-ext-install ;
 
 COPY /docker/adminassos/conf/session_save_path.ini /usr/local/etc/php/conf.d
 COPY /docker/adminassos/conf/bases.xml /home/config_oa/

docker/h2-proxy/Dockerfile

@@ -1,16 +0,0 @@
-FROM alpine:latest
-
-RUN apk add --no-cache openssl
-
-# Use this self-generated certificate only in dev, IT IS NOT SECURE!
-RUN openssl genrsa -des3 -passout pass:NotSecure -out cert.pass.key 2048
-RUN openssl rsa -passin pass:NotSecure -in cert.pass.key -out cert.key
-RUN rm cert.pass.key
-RUN openssl req -new -passout pass:NotSecure -key cert.key -out cert.csr  -subj '/C=SS/ST=SS/L=Gotham City/O=API Platform Dev/CN=localhost'
-RUN openssl x509 -req -sha256 -days 365 -in cert.csr -signkey cert.key -out cert.crt
-
-FROM nginx:1.17-alpine
-
-RUN mkdir -p /etc/nginx/ssl/
-COPY --from=0 cert.key cert.crt /etc/nginx/ssl/
-COPY conf.d /etc/nginx/conf.d/

docker/h2-proxy/conf.d/default.conf

@@ -1,22 +0,0 @@
-
-# admin
-server {
-    server_name local.phpmyadmin.opentalent.fr;
-
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-
-    ssl_certificate /etc/nginx/ssl/cert.crt;
-    ssl_certificate_key /etc/nginx/ssl/cert.key;
-
-    location / {
-        fastcgi_pass phpmyadmin:9000;
-
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
-        fastcgi_param DOCUMENT_ROOT $realpath_root;
-    }
-}

docker/mariaDb/Dockerfile

@@ -5,7 +5,6 @@ RUN apt-get update; \
     apt-get install -y --no-install-recommends nano openssh-server;
 
 COPY /apps/opentalent-platform/migration /usr/src
-COPY /apps/env /env/
 COPY /.ssh /root/.ssh
 COPY /docker/mariaDb/conf/my.cnf /etc/mysql/conf.d/
 

docker/node/Dockerfile

@@ -19,8 +19,7 @@ RUN npm install npm@3.5.2; \
     apt-get -yqq clean;  \
     rm -rf /var/lib/apt/lists/* /var/cache/* /tmp/* /var/tmp/*; \
     # Allow root for bower
-    echo '{ "allow_root": true }' > /root/.bowerrc; \
-    bower install;
+    echo '{ "allow_root": true }' > /root/.bowerrc;
 
 CMD cd modules/ruler && jison -t rule.jison && babel --presets=es2015 model/**/*.js model/*.js -d lib && npm link && cd ../.. && npm link @opentalent/ruler \
     && node

docker/php/Dockerfile

@@ -6,7 +6,7 @@ ARG COMPOSER_HASH
 RUN sed 's/main$/main universe/' -i /etc/apt/sources.list; \
     apt-get update; \
     ### WKHTMLTOPDF
-    #&& DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y build-essential xorg iputils-ping libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev; \
+    #DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y build-essential xorg iputils-ping libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev libicu-dev g++; \
     apt-get install -y --no-install-recommends build-essential xorg iputils-ping libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev libicu-dev g++; \
     wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb; \
     dpkg -i libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb; \

docker/ssl-generator/Dockerfile

@@ -1,12 +0,0 @@
-FROM alpine:latest
-
-RUN apk add --no-cache openssl
-
-RUN mkdir -p /ssl
-
-# Use this self-generated certificate only in dev, IT IS NOT SECURE!
-RUN openssl genrsa -des3 -passout pass:NotSecure -out cert.pass.key 2048
-RUN openssl rsa -passin pass:NotSecure -in cert.pass.key -out /ssl/cert.key
-RUN rm cert.pass.key
-RUN openssl req -new -passout pass:NotSecure -key /ssl/cert.key -out /ssl/cert.csr  -subj '/C=SS/ST=SS/L=Gotham City/O=API Platform Dev/CN=localhost'
-RUN openssl x509 -req -sha256 -days 365 -in /ssl/cert.csr -signkey /ssl/cert.key -out /ssl/cert.crt

docker/typo3/conf/LocalConfiguration.php

@@ -44,7 +44,7 @@ return [
             'mediace' => 'a:0:{}',
             'news' => 'a:17:{s:13:"prependAtCopy";s:1:"1";s:6:"tagPid";s:1:"1";s:12:"rteForTeaser";s:1:"0";s:22:"contentElementRelation";s:1:"1";s:21:"contentElementPreview";s:1:"1";s:13:"manualSorting";s:1:"0";s:19:"categoryRestriction";s:0:"";s:34:"categoryBeGroupTceFormsRestriction";s:1:"0";s:19:"dateTimeNotRequired";s:1:"0";s:11:"archiveDate";s:4:"date";s:12:"mediaPreview";s:5:"false";s:20:"advancedMediaPreview";s:4:"true";s:24:"showAdministrationModule";s:1:"1";s:35:"hidePageTreeForAdministrationModule";s:1:"0";s:12:"showImporter";s:1:"0";s:18:"storageUidImporter";s:1:"1";s:22:"resourceFolderImporter";s:12:"/news_import";}',
             'opendocs' => 'a:0:{}',
-            'ot_cms' => 'a:2:{s:6:"admin.";a:4:{s:3:"url";s:35:"https://local.admin.opentalent.fr/#";s:4:"home";s:10:"/dashboard";s:6:"logout";s:7:"/logout";s:6:"switch";s:10:"/switch/%d";}s:4:"api.";a:7:{s:3:"url";s:14:"http://api/api";s:5:"login";s:12:"/login_check";s:6:"logout";s:7:"/logout";s:15:"isauthenticated";s:21:"/user/isauthenticated";s:6:"public";s:7:"/public";s:10:"parameters";s:16:"/user/parameters";s:6:"people";s:12:"/api/people/";}}',
+            'ot_cms' => 'a:2:{s:6:"admin.";a:4:{s:3:"url";s:34:"http://local.admin.opentalent.fr/#";s:4:"home";s:10:"/dashboard";s:6:"logout";s:7:"/logout";s:6:"switch";s:10:"/switch/%d";}s:4:"api.";a:7:{s:3:"url";s:14:"http://api/api";s:5:"login";s:12:"/login_check";s:6:"logout";s:7:"/logout";s:15:"isauthenticated";s:21:"/user/isauthenticated";s:6:"public";s:7:"/public";s:10:"parameters";s:16:"/user/parameters";s:6:"people";s:12:"/api/people/";}}',
             'ot_migration_typo8' => 'a:0:{}',
             'ot_portail' => 'a:0:{}',
             'ot_webservice' => 'a:0:{}',