Public | Automated Build

Last pushed: 6 months ago
Short Description
Ubuntu Docker container for Laravel web applications
Full Description

Ubuntu Docker container for Laravel web applications

Docker-laravel is a LEMP base image for running Laravel web applications. It
is loosely inspired by phusion/baseimage-docker.

Required and optional packages are bundled into a single container, based on Ubuntu 14.04 server.

These services run with process supervision, using Supervisor:

  • nginx
  • php5-fpm (with php5-mcrypt, php5-mysqlnd, and php5-curl)
  • openssh-server
  • cron
  • beanstalkd
  • memcached

Additionally, these services can optionally be enabled for process supervision (see below):

  • artisan queue:listen
  • selenium server (for testing, not production)

These packages are preinstalled:

  • nodejs with npm
  • nano
  • bower
  • gulp
  • git
  • php5-cli
  • composer
  • curl
  • phantomjs
  • wkhtmltopdf
  • php5-xdebug (installed, but disabled by default, see below)
  • python (*dependency for supervisord)
  • default-jre (*dependency for Selenium server)

I've modified this container image in 2 key places for mirroring a production run. First, I've removed all trace of a DB instance running locally on the container - either MySQL or PostgreSQL. Ideally, you'd want either of them running on a separate container or via a dynamically hosted instance (even for Dev environments). Second, self-signed SSL cert/key pair have been introduced during provisioning, though for production you will need to replace them with a CA signed cert/key. No matter what the project or content request/response, use SSL as a means for securing any HTTP traffic. Nginx is configured to handle the automatic redirect, as well.

Running a container

1. Download the public Docker image from Dockerhub:

docker pull syardumi/docker-laravel

2. Run the Docker image as a new Docker container:

docker run -d \
-p 80:80 -p 443:443 \
-v /home/app:/share \
--restart=always \
--name=appname \
syardumi/docker-laravel

Replace '/home/app' with the local path to the Laravel application's root directory in the host. This directory is a shared volume and so can be used to access the application files in either the host or the container. '/share' represents the path in the container.

Connecting to a container with SSH

Development use (insecure)

Docker-laravel ships with SSH server for accessing a terminal inside the container. For convenience, it is preconfigured
with an insecure key that should be replaced for production use. To connect with the insecure key:

1. Fetch the insecure SSH key:

cd /home/
curl -o insecure_key -fSL https://raw.githubusercontent.com/syardumi/docker-laravel/master/provision/keys/insecure_key
chown `whoami` insecure_key
chmod 600 insecure_key

2. Find the I.P. address of the container:

docker inspect container_name | grep IPA

3. Connect with SSH:

ssh -i /home/insecure_key root@<IP address>

Production use

For production, replace the insecure private key with a true private key:

1. In the host, generate a new public-private key pair (enter 'production.key') when prompted:

cd /home
sudo ssh-keygen -t rsa
sudo chmod 644 production.key

There should then be two new files in the /home directory: i) production.key ii) production.key.pub

2. Copy production.key.pub to /root/.ssh/authorized_keys in the container. Note this is an overwrite, not an append
(so all previously valid keys, including insecure_key will be removed).

cat /home/production.key.pub | ssh -i /home/insecure_key root@<IP address> "cat > /root/.ssh/authorized_keys"

3. Connect with SSH:

ssh -i /home/production.key root@<IP address>

Process status

supervisorctl can be used to control the processes that are managed by supervisor.

In the container:

supervisorctl

Installing Laravel

Laravel (the skeleton framework for an app) is not bundled in the Docker image. Laravel skeleton, or your own application, need to be installed manually:

In the container:

cd /share
git clone https://github.com/laravel/laravel .
composer install

Queue:listen

The queue listener (php artisan queue:listen) can be added as supervised process by uncommenting the lines in
/etc/supervisord/queue.conf (in the container).

XDEBUG

The XDEBUG PHP extension is installed but not enabled by default. To enable it, uncomment the lines in
/etc/php5/mods-available/xdebug.ini.

Selenium server

Selenium server is no longer installed by default (due to large size - it requires the JRE as a dependency).
It can be installed manually in a container by running:

./selenium-setup.sh

Uncomment the lines in /etc/supervisord/selenium.conf to add selenium as a supervised process.

Docker Pull Command
Owner
syardumi
Source Repository

Comments (0)