Added #9313: Add new fpm-alpine docker image and docker secrets support (#9331)

* Add docker secret support

* Add docker secret support to selected environment variables below:

- APP_KEY_FILE        -> APP_KEY;

- DB_HOST_FILE        -> DB_HOST;
- DB_PORT_FILE        -> DB_PORT;
- DB_DATABASE_FILE    -> DB_DATABASE;
- DB_USERNAME_FILE    -> DB_USERNAME;
- DB_PASSWORD_FILE    -> DB_PASSWORD;

- REDIS_HOST_FILE     -> REDIS_HOST;
- REDIS_PASSWORD_FILE -> REDIS_PASSWORD;
- REDIS_PORT_FILE     -> REDIS_PORT;

- MAIL_HOST_FILE      -> MAIL_HOST;
- MAIL_PORT_FILE      -> MAIL_PORT;
- MAIL_USERNAME_FILE  -> MAIL_USERNAME;
- MAIL_PASSWORD_FILE  -> MAIL_PASSWORD;

* Add env file for docker secrets

* Added #9313: add new fpm-image using docker secrets

* Fix broken symlinks

* Add docker secrets support using shell script

* Remove old docker config php files

docker/docker-entrypoint.sh

@@ -0,0 +1,119 @@
+#!/bin/sh
+
+set -eo pipefail;
+
+# Cribbed from nextcloud docker official repo
+# https://github.com/nextcloud/docker/blob/master/docker-entrypoint.sh
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+    local var="$1"
+    local fileVar="${var}_FILE"
+    local def="${2:-}"
+    local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
+    local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
+    if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
+        echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+        exit 1
+    fi
+    if [ -n "${varValue}" ]; then
+        export "$var"="${varValue}"
+    elif [ -n "${fileVarValue}" ]; then
+        export "$var"="$(cat "${fileVarValue}")"
+    elif [ -n "${def}" ]; then
+        export "$var"="$def"
+    fi
+    unset "$fileVar"
+}
+
+# Add docker secrets support for the variables below:
+file_env APP_KEY
+file_env DB_HOST
+file_env DB_PORT
+file_env DB_DATABASE
+file_env DB_USERNAME
+file_env DB_PASSWORD
+file_env REDIS_HOST
+file_env REDIS_PASSWORD
+file_env REDIS_PORT
+file_env MAIL_HOST
+file_env MAIL_PORT
+file_env MAIL_USERNAME
+file_env MAIL_PASSWORD
+
+echo [INFO docker entrypoint] Start script execution
+
+# Generate new app key if none is provided
+if [ -z "$APP_KEY" -a -z "$APP_KEY_FILE" ]
+then
+  echo "Please re-run this container with an environment variable \$APP_KEY"
+  echo "An example APP_KEY you could use is: "
+  php artisan key:generate --show
+  exit
+fi
+
+# Directory configuration
+rm -rf \
+  "/var/www/html/storage/private_uploads" \
+  "/var/www/html/public/uploads" \
+  "/var/www/html/storage/app/backups"
+
+# Create data directories
+for dir in \
+  'data/private_uploads' \
+  'data/uploads/accessories' \
+  'data/uploads/avatars' \
+  'data/uploads/barcodes' \
+  'data/uploads/categories' \
+  'data/uploads/companies' \
+  'data/uploads/components' \
+  'data/uploads/consumables' \
+  'data/uploads/departments' \
+  'data/uploads/locations' \
+  'data/uploads/manufacturers' \
+  'data/uploads/models' \
+  'data/uploads/suppliers' \
+  'dumps' \
+  'keys'
+do
+  [ ! -d "/var/lib/snipeit/$dir" ] && mkdir -p "/var/lib/snipeit/$dir"
+done
+
+# Sync /var/lib/snipeit (docker volume) with /var/www/html directory
+ln -fs \
+  "/var/lib/snipeit/data/private_uploads" "/var/www/html/storage/private_uploads"
+ln -fs \
+  "/var/lib/snipeit/data/uploads" "/var/www/html/public/uploads"
+ln -fs \
+  "/var/lib/snipeit/dumps" "/var/www/html/storage/app/backups"
+ln -fs \
+  "/var/lib/snipeit/keys/oauth-public.key" "/var/www/html/storage/oauth-public.key"
+ln -fs \
+  "/var/lib/snipeit/keys/oauth-private.key" "/var/www/html/storage/oauth-private.key"
+
+# If the Oauth DB files are not present copy the vendor files over to the db migrations
+if [ ! -f "/var/www/html/database/migrations/*create_oauth*" ]
+then
+  cp -a /var/www/html/vendor/laravel/passport/database/migrations/* /var/www/html/database/migrations/
+fi
+
+# Create laravel log file
+touch /var/www/html/storage/logs/laravel.log
+# Add correct permissions for files and directories
+chown www-data:www-data /var/www/html/storage/logs/laravel.log
+chown -R www-data:www-data \
+  /var/lib/snipeit/data \
+  /var/lib/snipeit/dumps \
+  /var/lib/snipeit/keys
+
+# Migrate/create database
+php artisan migrate --force
+# Clear cache files
+php artisan config:clear
+php artisan config:cache
+
+echo [INFO docker entrypoint] End script execution
+
+exec "$@" 

docker/docker-secrets.env

@@ -0,0 +1,54 @@
+# --------------------------------------------
+# REQUIRED: BASIC APP SETTINGS
+# --------------------------------------------
+#APP_ENV=develop
+#APP_DEBUG=false
+#APP_KEY=Change_this_key_or_snipe_will_get_ya
+#APP_URL=http://127.0.0.1:32782
+#APP_TIMEZONE=US/Pacific
+#APP_LOCALE=en
+
+
+# --------------------------------------------
+# REQUIRED: DATABASE SETTINGS
+# --------------------------------------------
+DB_CONNECTION=mysql
+DB_PREFIX=null
+DB_DUMP_PATH='/usr/bin'
+
+
+# --------------------------------------------
+# REQUIRED: OUTGOING MAIL SERVER SETTINGS
+# --------------------------------------------
+MAIL_DRIVER=smtp
+MAIL_ENCRYPTION=${MAIL_ENV_ENCRYPTION}
+MAIL_FROM_ADDR=${MAIL_ENV_FROM_ADDR}
+MAIL_FROM_NAME=${MAIL_ENV_FROM_NAME}
+MAIL_REPLYTO_ADDR=${MAIL_ENV_FROM_ADDR}
+MAIL_REPLYTO_NAME=${MAIL_ENV_FROM_NAME}
+
+
+# --------------------------------------------
+# REQUIRED: IMAGE LIBRARY
+# This should be gd or imagick
+# --------------------------------------------
+IMAGE_LIB=gd
+
+
+# --------------------------------------------
+# OPTIONAL: SESSION SETTINGS
+# --------------------------------------------
+SESSION_LIFETIME=12000
+EXPIRE_ON_CLOSE=false
+ENCRYPT=false
+COOKIE_NAME=snipeit_session
+COOKIE_DOMAIN=null
+SECURE_COOKIES=false
+
+
+# --------------------------------------------
+# OPTIONAL: CACHE SETTINGS
+# --------------------------------------------
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+QUEUE_DRIVER=sync