Merge branch 'master' of git@gitlab.2iopenservice.com:vincent/docker.git

.dockerignore

@@ -6,4 +6,5 @@ apps/*
 !apps/opentalent-platform/migration
 !apps/env
 .vagrant
-Vagrantfile
+Vagrantfile
+useruploaddata/*

.env.skeleton

@@ -2,7 +2,7 @@
 OS=MAC
 
 #Composer hash for instal (check validity here : https://getcomposer.org/download/)
-COMPOSER_HASH=baf1608c33254d00611ac1705c1d9958c817a1a33bce370c0595974b342601bd80b92a3f46067da89e3b06bff421f182
+COMPOSER_HASH=e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a
 
 #LetsEncrypt
 EMAIL=vincent.guffon@2iopenservice.com

.gitignore

@@ -1,15 +1,16 @@
 /.idea
 /.project
 /mysqldata/*
-!/mysqldata/.gitkeep
+/metabase-data/*
 /elasticsearchdata/*
-!/elasticsearchdata/.gitkeep
 /apps/*
 !/apps/.gitkeep
 /.vagrant
 /.ssh/*
+/useruploaddata/*
 /.env
 !/.ssh/.gitkeep
+!/useruploaddata/.gitkeep
 !/.ssh/id_rsa_exploitation
 /docker/.idea
 /docker/nginx/certs/*

README

@@ -35,11 +35,6 @@ Mettre le fichier .env et /etc/hosts à jour selon les nom de domaines
 127.0.0.1 local.blackfire.opentalent.fr
 127.0.0.1 local.metabase.opentalent.fr
 
-/!\ Pour que le certificat soit validé sur chrome
-allez sur l'adresse url, ouvrir la console de debugger entrer :
-console.log(window.atob('dGhpc2lzdW5zYWZl'));
-cliquer n'importe où sur la page et taper le mot qui s'est afficher dans la console précédemment.
-
 =========== Container DB ===================
 //Se connecter a db
 docker exec -it mariaDb bash
@@ -65,7 +60,7 @@ composer install
 
 
 =========== Container FRONT ===================
-//Se connecter a opentalent-platform
+//Se connecter a opentalent-admin
 docker exec -it admin bash
 
 //Lancer Bower install
@@ -106,4 +101,10 @@ désactiver realUrl
 Vérifier que toutes les extensions de la prod soient activées.
 Si on rencontre des erreurs "Oups an error occured" ==> regarder dans typo3temp/var/logs
 
-=========== Container TYPO3 ===================
+=========== Container TYPO3 ===================
+
+=========== Self signed certificat ================
+/!\ Pour que le certificat soit validé sur chrome
+allez sur l'adresse url, ouvrir la console de debugger entrer :
+console.log(window.atob('dGhpc2lzdW5zYWZl'));
+cliquer n'importe où sur la page et taper le mot qui s'est afficher dans la console précédemment.

docker-compose.yaml

@@ -20,6 +20,8 @@ services:
     build:
       context: .
       dockerfile: docker/mariaDb/Dockerfile
+      args:
+        - COMPOSER_HASH=${COMPOSER_HASH}
     restart: always
     ports:
       - 3306:3306
@@ -78,7 +80,7 @@ services:
         - OS=${OS}
     restart: always
     environment:
-      - PHP_IDE_CONFIG=servername=api
+      - PHP_IDE_CONFIG=serverName=api
     volumes:
       # Version Symfony 2
       - appdata:/var/www/html/app/cache/
@@ -159,6 +161,7 @@ services:
     restart: always
     volumes:
       - ./apps/opentalent:/var/source/opentalent:cached
+      - ./useruploaddata:/var/www/opentalent/fileadmin/user_upload:cached
       - ./apps/vendor:/var/source/vendor:delegated
       - ./apps/opentalent-config:/var/source/config:cached
     environment:
@@ -178,22 +181,25 @@ services:
     depends_on:
       - nginx-proxy
 
-  #blackfire:
-  #  container_name: blackfire
-  #  image: blackfire/blackfire
-  #  environment:
-  #    # Exposes the host BLACKFIRE_SERVER_ID and TOKEN environment variables.
-  #    - ${BLACK_FIRE_ID}
-  #    - ${BLACK_FIRE_TOKEN}
-  #    - VIRTUAL_HOST=${BLACK_FIRE_VIRTUAL_HOST}
-  #    - VIRTUAL_PORT=${BLACK_FIRE_PORT}
-  #  depends_on:
-  #    - php
+  blackfire:
+    container_name: blackfire
+    image: blackfire/blackfire
+    environment:
+      # Exposes the host BLACKFIRE_SERVER_ID and TOKEN environment variables.
+      - ${BLACK_FIRE_ID}
+      - ${BLACK_FIRE_TOKEN}
+      - VIRTUAL_HOST=${BLACK_FIRE_VIRTUAL_HOST}
+      - VIRTUAL_PORT=${BLACK_FIRE_PORT}
+    depends_on:
+      - php
 
   metabase:
     image: metabase/metabase
     restart: always
+    volumes:
+      - ./metabase-data:/metabase-data
     environment:
+      - MB_DB_FILE=./metabase-data/metabase.db
       - VIRTUAL_HOST=${METABASE_VIRTUAL_HOST}
       - VIRTUAL_PORT=${METABASE_PORT}
     depends_on:
@@ -202,5 +208,6 @@ services:
 volumes:
   mysqldata: ~
   elasticsearchdata: ~
+  metabase-data: ~
   # On rajoute un volume (de données non accessibles en dehors)
   appdata: ~

docker/adminassos/Dockerfile

@@ -56,7 +56,6 @@ RUN ln -s /var/source/opentalent/opentalent; \
     mkdir -p fileadmin; \
     cd fileadmin; \
     ln -s /var/source/opentalent/templates; \
-    mkdir -p user_upload; \
     cd /var/www/opentalent; \
     chown www-data:www-data -R opentalent; \
     mkdir -p /var/log/opentalent; \

docker/mariaDb/Dockerfile

@@ -1,8 +1,24 @@
 # ./docker/php/Dockerfile
 FROM mariadb:10.4
 
+ARG COMPOSER_HASH
+
 RUN apt-get update; \
-    apt-get install -y --no-install-recommends nano openssh-server;
+    apt-get install -y --no-install-recommends nano openssh-server build-essential libssl-dev ca-certificates zlib1g-dev  php7.2-cli \
+                                                                       php7.2-json \
+                                                                       php7.2-fpm \
+                                                                       php7.2-mbstring \
+                                                                       php7.2-mysql \
+                                                                       php7.2-zip \
+                                                                       php7.2-xml;
+
+## COMPOSER
+RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"; \
+    php -r "if (hash_file('sha384', 'composer-setup.php') === '$COMPOSER_HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"; \
+    php composer-setup.php; \
+    php -r "unlink('composer-setup.php');"; \
+    mv composer.phar /usr/local/bin/composer;
+
 
 COPY /.ssh /root/.ssh
 COPY /docker/mariaDb/conf/my.cnf /etc/mysql/conf.d/

docker/node/Dockerfile

@@ -13,14 +13,15 @@ RUN npm install npm@3.5.2; \
     apt-get update; \
     # Install dependencies
     apt-get install -yqq --no-install-recommends git bzip2 curl unzip; \
-    npm install -g gulp bower jison babel-cli babel-preset-es2015 babel-preset-stage-2 typescript@next; \
+    npm install -g gulp bower jison babel-cli typescript@next; \
     npm cache clean; \
     apt-get -yqq autoremove; \
     apt-get -yqq clean;  \
     rm -rf /var/lib/apt/lists/* /var/cache/* /tmp/* /var/tmp/*; \
     # Allow root for bower
-    echo '{ "allow_root": true }' > /root/.bowerrc; \
-    npm install;
+    echo '{ "allow_root": true }' > /root/.bowerrc;
+
+RUN npm install;
 
 CMD cd modules/ruler && jison -t rule.jison && babel --presets=es2015 model/**/*.js model/*.js -d lib && npm link && cd ../.. && npm link @opentalent/ruler \
     && node

docker/php/Dockerfile

@@ -8,7 +8,7 @@ RUN sed 's/main$/main universe/' -i /etc/apt/sources.list; \
     apt-get update; \
     ### WKHTMLTOPDF
     if [ "x$OS" = "MAC" ] ; then apt-get install -y --no-install-recommends openssh-server build-essential xorg iputils-ping libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev libicu-dev g++; \
-    else DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y build-essential xorg iputils-ping libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev libicu-dev g++; \
+    else DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends openssh-server build-essential xorg iputils-ping libssl-dev libxrender-dev wget gdebi ca-certificates wget xz-utils libxrender1 libxt6 libxtst6 fontconfig zlib1g-dev libpng-dev libicu-dev g++; \
     fi; \
     wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb; \
     dpkg -i libssl1.0.0_1.0.1t-1+deb8u12_amd64.deb; \
@@ -18,7 +18,7 @@ RUN sed 's/main$/main universe/' -i /etc/apt/sources.list; \
     wget https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.5/wkhtmltox_0.12.5-1.jessie_amd64.deb; \
     dpkg -i wkhtmltox_0.12.5-1.jessie_amd64.deb; \
     ## ELASTICADUMP
-    curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash; - \
+    curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -; \
     apt-get install nodejs -y; \
     npm install elasticdump@3.3.7 -g; \
     ## COMPOSER
@@ -70,12 +70,8 @@ COPY /docker/php/conf/xdebug.ini /usr/local/etc/php/conf.d
 
 WORKDIR /var/www/html
 
-CMD if [ "x$OS" = "MAC" ] ; then HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1); \
+CMD HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1); \
     setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX app/cache app/logs && setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX app/cache app/logs; \
     chown -R www-data:www-data /var/www/html/web; \
-    php-fpm; \
-    else HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1); \
-    setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX app/cache app/logs && setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX app/cache app/logs;\
-    chown -R www-data:www-data /var/www/html/web; \
-    php-fpm; \
-    fi;
+    php-fpm
+