From 339f41f0f275a3ee6d5bc0b6e146d051cabdbd8a Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Sat, 25 Mar 2023 18:20:30 +0300
Subject: add build workflow

---
 .docker/app/Dockerfile        | 57 ++++++++++++++++++++++++++++++++
 .docker/app/config.docker.php |  8 +++++
 .docker/app/index.php         |  3 ++
 .docker/app/startup.sh        | 77 +++++++++++++++++++++++++++++++++++++++++++
 .docker/dict/Dockerfile       |  9 +++++
 .docker/dict/dictd.conf       | 43 ++++++++++++++++++++++++
 .docker/web-nginx/Dockerfile  |  3 ++
 .docker/web-nginx/nginx.conf  | 60 +++++++++++++++++++++++++++++++++
 .gitea/workflows/build.yml    | 75 +++++++++++++++++++++++++++++++++++++++++
 .gitea/workflows/lint.yaml    |  4 +--
 10 files changed, 336 insertions(+), 3 deletions(-)
 create mode 100644 .docker/app/Dockerfile
 create mode 100644 .docker/app/config.docker.php
 create mode 100644 .docker/app/index.php
 create mode 100644 .docker/app/startup.sh
 create mode 100644 .docker/dict/Dockerfile
 create mode 100644 .docker/dict/dictd.conf
 create mode 100644 .docker/web-nginx/Dockerfile
 create mode 100644 .docker/web-nginx/nginx.conf
 create mode 100644 .gitea/workflows/build.yml

diff --git a/.docker/app/Dockerfile b/.docker/app/Dockerfile
new file mode 100644
index 0000000..9171aeb
--- /dev/null
+++ b/.docker/app/Dockerfile
@@ -0,0 +1,57 @@
+FROM alpine:3.13
+EXPOSE 9000/tcp
+
+ENV SCRIPT_ROOT=/opt/epube
+ENV SRC_DIR=/src/epube
+
+COPY --from=app-src . ${SRC_DIR}
+
+RUN apk add --no-cache php8 php8-fpm \
+	php8-pdo php8-gd php8-mbstring \
+	php8-intl php8-xml php8-session \
+	php8-dom php8-fileinfo php8-json \
+	php8-sqlite3 php8-pdo_sqlite sqlite \
+	php8-zip php8-curl php8-openssl git \
+	sudo php8-pecl-xdebug rsync && \
+	sed -i -e 's/post_max_size = 8M/post_max_size = 64M/' /etc/php8/php.ini && \
+	sed -i -e 's/^listen = 127.0.0.1:9000/listen = 9000/' \
+		-e 's/;\(clear_env\) = .*/\1 = no/i' \
+		-e 's/^\(user\|group\) = .*/\1 = app/i' \
+		-e 's/;\(php_admin_value\[error_log\]\) = .*/\1 = \/tmp\/error.log/' \
+		-e 's/;\(php_admin_flag\[log_errors\]\) = .*/\1 = on/' \
+			/etc/php8/php-fpm.d/www.conf && \
+	mkdir -p /var/www ${SCRIPT_ROOT}/config.d
+
+ADD startup.sh ${SCRIPT_ROOT}
+ADD index.php ${SCRIPT_ROOT}
+ADD config.docker.php ${SCRIPT_ROOT}
+
+RUN chmod +x /opt/epube/startup.sh
+
+ARG ORIGIN_REPO=https://git.tt-rss.org/fox/the-epube.git
+ARG ORIGIN_COMMIT=
+
+ENV ORIGIN_REPO_MAIN=${ORIGIN_REPO_MAIN}
+ENV ORIGIN_REPO_XACCEL=${ORIGIN_REPO_XACCEL}
+ENV ORIGIN_COMMIT=${ORIGIN_COMMIT}
+
+#RUN sh -c ${SCRIPT_ROOT}/build-prepare.sh
+
+ENV OWNER_UID=1000
+ENV OWNER_GID=1000
+
+ENV EPUBE_ADMIN_USER="admin"
+ENV EPUBE_ADMIN_PASS="password"
+
+# EPUBE_XDEBUG_HOST defaults to host IP if unset
+ENV EPUBE_XDEBUG_ENABLED=""
+ENV EPUBE_XDEBUG_HOST=""
+ENV EPUBE_XDEBUG_PORT="9000"
+
+ENV EPUBE_SCRATCH_DB="db/scratch.db"
+ENV EPUBE_BOOKS_DIR="/books"
+ENV EPUBE_CALIBRE_DB="/books/metadata.db"
+ENV EPUBE_DICT_SERVER="dict"
+
+
+CMD ${SCRIPT_ROOT}/startup.sh
diff --git a/.docker/app/config.docker.php b/.docker/app/config.docker.php
new file mode 100644
index 0000000..eb8fd38
--- /dev/null
+++ b/.docker/app/config.docker.php
@@ -0,0 +1,8 @@
+<?php
+	$snippets = glob(getenv("SCRIPT_ROOT")."/config.d/*.php");
+
+	foreach ($snippets as $snippet) {
+		require_once $snippet;
+	}
+
+
diff --git a/.docker/app/index.php b/.docker/app/index.php
new file mode 100644
index 0000000..c3b098d
--- /dev/null
+++ b/.docker/app/index.php
@@ -0,0 +1,3 @@
+<?php
+   header("Location: /books/");
+   return;
diff --git a/.docker/app/startup.sh b/.docker/app/startup.sh
new file mode 100644
index 0000000..5c57db6
--- /dev/null
+++ b/.docker/app/startup.sh
@@ -0,0 +1,77 @@
+#!/bin/sh -e
+
+if ! id app >/dev/null 2>&1; then
+	# what if i actually need a duplicate GID/UID group?
+
+	addgroup -g $OWNER_GID app || echo app:x:$OWNER_GID:app | \
+		tee -a /etc/group
+
+	adduser -D -h /var/www/html -G app -u $OWNER_UID app || \
+		echo app:x:$OWNER_UID:$OWNER_GID:Linux User,,,:/var/www/html:/bin/ash | tee -a /etc/passwd
+fi
+
+DST_DIR=/var/www/html/books
+
+[ -e $DST_DIR ] && rm -f $DST_DIR/.app_is_ready
+
+export PGPASSWORD=$DB_PASS
+
+[ ! -e /var/www/html/index.php ] && cp ${SCRIPT_ROOT}/index.php /var/www/html
+
+if [ ! -d $DST_DIR ]; then
+	rsync -a \
+		$SRC_DIR/ $DST_DIR/
+else
+	rsync -a --delete \
+		--exclude sessions \
+		--exclude lib/fonts \
+		--exclude db \
+		$SRC_DIR/ $DST_DIR/
+fi
+
+if [ ! -e $DST_DIR/index.php ]; then
+	echo "error: epube index.php missing (git clone failed?), unable to continue."
+	exit 1
+fi
+
+if [ -r ${SCRIPT_ROOT}/restore.db ]; then
+	cp ${SCRIPT_ROOT}/restore.db ${DST_DIR}/${EPUBE_SCRATCH_DB}
+fi
+
+chown -R $OWNER_UID:$OWNER_GID $DST_DIR \
+	/var/log/php8
+
+for d in db sessions; do
+	chmod -R 777 $DST_DIR/$d
+done
+
+cp ${SCRIPT_ROOT}/config.docker.php $DST_DIR/config.php
+
+if [ ! -z "${EPUBE_XDEBUG_ENABLED}" ]; then
+	if [ -z "${EPUBE_XDEBUG_HOST}" ]; then
+		export EPUBE_XDEBUG_HOST=$(ip ro sh 0/0 | cut -d " " -f 3)
+	fi
+	echo enabling xdebug with the following parameters:
+	env | grep EPUBE_XDEBUG
+	cat > /etc/php8/conf.d/50_xdebug.ini <<EOF
+zend_extension=xdebug.so
+xdebug.mode=develop,trace,debug
+xdebug.start_with_request = yes
+xdebug.client_port = ${EPUBE_XDEBUG_PORT}
+xdebug.client_host = ${EPUBE_XDEBUG_HOST}
+EOF
+fi
+
+sudo -Eu app php8 $DST_DIR/update.php --update-schema=force-yes
+
+rm -f /tmp/error.log && mkfifo /tmp/error.log && chown app:app /tmp/error.log
+
+(tail -q -f /tmp/error.log >> /proc/1/fd/2) &
+
+if ! sudo -Eu app php8 $DST_DIR/update.php --user-list | grep -q "$EPUBE_ADMIN_USER"; then
+	sudo -Eu app php8 $DST_DIR/update.php --user-add "$EPUBE_ADMIN_USER:$EPUBE_ADMIN_PASS"
+fi
+
+touch $DST_DIR/.app_is_ready
+
+exec /usr/sbin/php-fpm8 --nodaemonize --force-stderr -R
diff --git a/.docker/dict/Dockerfile b/.docker/dict/Dockerfile
new file mode 100644
index 0000000..c4d4fd0
--- /dev/null
+++ b/.docker/dict/Dockerfile
@@ -0,0 +1,9 @@
+FROM debian:buster-slim
+
+RUN apt-get update && apt-get install -y dictd mueller7-dict
+
+COPY dictd.conf /etc/dictd/dictd.conf
+
+EXPOSE 2628
+
+ENTRYPOINT /usr/sbin/dictd -d nodetach
diff --git a/.docker/dict/dictd.conf b/.docker/dict/dictd.conf
new file mode 100644
index 0000000..7113bec
--- /dev/null
+++ b/.docker/dict/dictd.conf
@@ -0,0 +1,43 @@
+# /etc/dictd/dictd.conf
+
+# This is the configuration file for /usr/sbin/dictd.  The access
+# specification included in this file allows access only from the
+# localhost.  If this machine is acting as a server for a network you
+# will probably want to add additional access specifications in this
+# file.  See the dictd manpage - man dictd.
+
+# A sample database section is generated automatically upon
+# installation or removal of the dictd package or any dictionary
+# database package.  Replace the ``include /var/lib/dictd/db.list''
+# line below if you wish to provide a custom database section.
+# Customization may also be achieved via the optional dictdconfig
+# order override file /etc/dictd/dictd.order.  See the dictdconfig
+# manpage - man dictdconfig.
+
+# Older dictionary database packages did not automatically
+# invoke /usr/sbin/dictdconfig upon installation and removal,
+# so you may need to do so manually.
+
+# Site section here:
+
+global {
+#listen_to 127.0.0.1
+# bind to local interfacea only
+}
+
+# Access section here:
+
+access {
+allow *
+allow localhost
+allow 127.0.0.1
+# this allows access only from local host
+allow inetd
+# this allows access from inetd server
+}
+
+# Database section here:
+
+include /var/lib/dictd/db.list
+
+# User section here:
diff --git a/.docker/web-nginx/Dockerfile b/.docker/web-nginx/Dockerfile
new file mode 100644
index 0000000..9e620af
--- /dev/null
+++ b/.docker/web-nginx/Dockerfile
@@ -0,0 +1,3 @@
+FROM nginx:alpine
+
+COPY nginx.conf /etc/nginx/nginx.conf
diff --git a/.docker/web-nginx/nginx.conf b/.docker/web-nginx/nginx.conf
new file mode 100644
index 0000000..12d526a
--- /dev/null
+++ b/.docker/web-nginx/nginx.conf
@@ -0,0 +1,60 @@
+worker_processes auto;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+	include /etc/nginx/mime.types;
+	default_type  application/octet-stream;
+
+	access_log /dev/stdout;
+	error_log /dev/stderr warn;
+
+	sendfile on;
+	client_max_body_size 64M;
+
+	index index.php;
+
+	upstream app {
+		server app:9000;
+	}
+
+	server {
+		listen 80;
+		listen [::]:80;
+		root /var/www/html;
+
+		location /books/db {
+			internal;
+		}
+
+		location /books/sessions {
+			internal;
+		}
+
+		location ~ \.php$ {
+			# regex to split $uri to $fastcgi_script_name and $fastcgi_path
+			fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+
+			# Check that the PHP script exists before passing it
+			try_files $fastcgi_script_name =404;
+
+			# Bypass the fact that try_files resets $fastcgi_path_info
+			# see: http://trac.nginx.org/nginx/ticket/321
+			set $path_info $fastcgi_path_info;
+			fastcgi_param PATH_INFO $path_info;
+
+			fastcgi_index index.php;
+			include fastcgi.conf;
+
+			fastcgi_pass app;
+		}
+
+		location / {
+			try_files $uri $uri/ =404;
+		}
+
+	}
+}
diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml
new file mode 100644
index 0000000..00e723a
--- /dev/null
+++ b/.gitea/workflows/build.yml
@@ -0,0 +1,75 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
+name: build
+
+on:
+  push:
+    branches:
+      - "master"
+  workflow_dispatch: {}
+
+defaults:
+  run:
+    shell: sh
+
+jobs:
+  build:
+    runs-on: alpine-3.16
+    steps:
+    - uses: https://gitea.com/actions/checkout@v3
+
+    - name: eslint
+      run: npx eslint js
+
+    - name: phpstan
+      run: php81 -d memory_limit=-1 ./vendor/bin/phpstan --memory-limit=2G
+
+    - run: echo REPO_TIMESTAMP=$(git --git-dir '.git' --no-pager log --pretty='%ct' -n1 HEAD) >> $GITHUB_ENV
+    - run: echo REPO_COMMIT=$(git --git-dir '.git' --no-pager log --pretty='%h' -n1 HEAD) >> $GITHUB_ENV
+    - run: echo REPO_COMMIT_FULL=$(git --git-dir '.git' --no-pager log --pretty='%H' -n1 HEAD) >> $GITHUB_ENV
+    - run: echo BUILD_TAG=$(date -d @${REPO_TIMESTAMP} +%y.%m)-${REPO_COMMIT} >> $GITHUB_ENV
+
+    - name: setup buildx
+      uses: https://github.com/docker/setup-buildx-action@v2
+
+    - name: login into registry
+      run: |
+        BASE64_AUTH=`echo -n "$REGISTRY_USER:$REGISTRY_PASSWORD" | base64`
+        mkdir -p ~/.docker
+        echo "{\"auths\": {\"registry-rw.fakecake.org\": {\"auth\": \"$BASE64_AUTH\"}}}" > ~/.docker/config.json
+      env:
+          REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
+          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
+      if: ${{ !!secrets.REGISTRY_PUSH_ENABLED }}
+
+    - name: build web-nginx image
+      uses: https://github.com/docker/build-push-action@v4
+      with:
+        push: ${{ !!secrets.REGISTRY_PUSH_ENABLED }}
+        context: .docker/web-nginx
+        tags: |
+          registry-rw.fakecake.org/cthulhoo/the-epube-web-nginx:latest
+          registry-rw.fakecake.org/cthulhoo/the-epube-web-nginx:${{ env.BUILD_TAG }}
+        provenance: false
+
+    - name: build dict image
+      uses: https://github.com/docker/build-push-action@v4
+      with:
+        push: ${{ !!secrets.REGISTRY_PUSH_ENABLED }}
+        context: .docker/dict
+        tags: |
+          registry-rw.fakecake.org/cthulhoo/the-epube-dict:latest
+          registry-rw.fakecake.org/cthulhoo/the-epube-dict:${{ env.BUILD_TAG }}
+        provenance: false
+
+    - name: build app image
+      uses: https://github.com/docker/build-push-action@v4
+      with:
+        push: ${{ !!secrets.REGISTRY_PUSH_ENABLED }}
+        context: .docker/app
+        build-contexts:
+          app-src=.
+        tags: |
+          registry-rw.fakecake.org/cthulhoo/the-epube-fpm-static:latest
+          registry-rw.fakecake.org/cthulhoo/the-epube-fpm-static:${{ env.BUILD_TAG }}
+        provenance: false
diff --git a/.gitea/workflows/lint.yaml b/.gitea/workflows/lint.yaml
index 6b7d487..5df3de2 100644
--- a/.gitea/workflows/lint.yaml
+++ b/.gitea/workflows/lint.yaml
@@ -3,9 +3,7 @@
 name: lint
 
 on:
-  - push
-  - workflow_dispatch
-  - pull_request
+  pull_request: {}
 
 defaults:
   run:
-- 
cgit v1.2.3