Forked from kamerk22/laravel-alpine
Laravel PHP framework running on PHP-FPM with alpine base Docker Image ๐ณ
You can either pull it from ghcr (Github Container Registry) or DockerHub Registry
- GHCR Image: ghcr.io/eightsystems/laravel-alpine
- DockerHub Image: 8sistemas/laravel-alpine
You can use any of the versions-tag bellow in the following form:
version-tag
as in: 8.1-alpine3.16-mysql-nginx
Version | Tags | Notes |
---|---|---|
7.4-alpine3.16 | mysql, mysql-nginx, pgsql, pgsql-nginx, mysql-xdebug, mysql-nginx-xdebug, pgsql-xdebug, pgsql-nginx-xdebug | Alpine 3.16 |
8.0-alpine3.16 | mysql, mysql-nginx, pgsql, pgsql-nginx, mysql-xdebug, mysql-nginx-xdebug, pgsql-xdebug, pgsql-nginx-xdebug | Alpine 3.16 |
8.1-alpine3.16 | mysql, mysql-nginx, pgsql, pgsql-nginx, mysql-xdebug, mysql-nginx-xdebug, pgsql-xdebug, pgsql-nginx-xdebug | Alpine 3.16 |
8.2-alpine3.16 | mysql, mysql-nginx, pgsql, pgsql-nginx, mysql-xdebug, mysql-nginx-xdebug, pgsql-xdebug, pgsql-nginx-xdebug | Alpine 3.16 |
To pull the docker image:
docker pull 8sistemas/laravel-alpine:8.2-alpine3.16-mysql
To run from current dir
docker run -v $(pwd):/var/www 8sistemas/laravel-alpine:8.2-alpine3.16-mysql "composer install --prefer-dist"
- Composer (v2 - from Docker official image)
- CRON (pre-installed and configured to work with Laravel Scheduler)
- Go port of Supervisor
- See details in Supervisord.md
- ARM64 version
- Nginx "modular" config. See NGINX-Files.md
- Prometheus exporter for both PHP and NGINX (if you enable it setting the env variable
ENABLE_PROMETHEUS_EXPORTER_RUNNER=1
). See Prometheus-Scrapper.md- We use a merge metrics exporter so you get both nginx and php-fpm metrics in a single query
- nginx-prometheus-exporter:0.10
- php-fpm_exporter:2.0.4
- exporter-merger:0.4.0
- We use a merge metrics exporter so you get both nginx and php-fpm metrics in a single query
- Secrets Manager Environment Expander
- Changing users/group UID and GID
- This helps when your containers need to connect with some shared NFS server and you need to match the UID/GID.
- See Change-User-Uid-And-Gid.md
- PHP Production ini values
- See php.ini
- Opcache Support
- See opcache.ini
- Able to run with drop all privileges running as
www-data
(linux uid 82, gid 82) user - Small memory footprint
- 8.1-alpine3.16-mysql-nginx with Prometheus Exporter enabled uses ~65MB of RAM when idle
- This allows you to run your container with as little of 128MB of RAM still giving some room for your application.
- 8.1-alpine3.16-mysql-nginx with Prometheus Exporter enabled uses ~65MB of RAM when idle
- Readonly filesystem support (with some paths needed being tmpfs)
- Alpine base image 3.16
- Uses DockerHub php base image
- Security Scan enabled on a biweekly basis (using Anchore)
- Supervisor has
supervisorctl
support enabled on all tags
These extensions are the basics (and some small additions) needed to run Laravel version 8.x and up
- pdo
- mysqli (mysql images)
- pdo_mysql (mysql images)
- pgsql (pgsql images)
- pdo_pgsql (pgsql images)
- sockets
- json (except for PHP 8.0+ as it's builtin)
- intl
- xml
- bz2
- pcntl
- bcmath
- exif
- zip
- redis
- event
- calendar
- imagick
- soap
- opcache
- gettext
- mbstring
- mcrypt
- gd (with jpeg, png, freetype, gif, and webp support)
- XDebug (with the
-xdebug
tags)
You can add additional PHP Extensions by running docker-ext-install
command. Don't forget to install necessary dependencies for required extension.
FROM 8sistemas/laravel-alpine:8.2-alpine3.16-mysql
USER root
RUN docker-php-ext-install memcached
USER www-data
FROM 8sistemas/laravel-alpine:8.2-alpine3.16-mysql
RUN echo '* * * * * /usr/local/bin/php /var/www/artisan another:command >> /dev/null 2>&1' >> /etc/crontabs/www-data
You can add your own Supervisor config inside /etc/supervisor.d/
for Laravel Queue or Laravel Horizon. File extension needs to be *.ini
. By default this image added php-fpm
and crond
process in supervisor.
E.g: For Laravel Horizon make file horizon.ini
[program:horizon]
process_name=%(program_name)s
command=php /var/www/artisan horizon
autostart=true
autorestart=true
user=www-data
redirect_stderr=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
On your Docker image
FROM 8sistemas/laravel-alpine:8.2-alpine3.16-mysql
USER root
ADD horizon.ini /etc/supervisor.d/
USER www-data
For more details on supervisor config http://supervisord.org/configuration.html
You can basically drop all the capabilities as you can see in the example docker-compose, and kube files, but we do need the setuid
and setgid
capabitilies to be able to run CRON
, if you remove these capabilities please also disable cron in supervisor with a simple rm -f /etc/supervisor.d/01_crond.ini
inside your Dockerfile
.
For CRON
to run we need to use sudo
to elevate our privileges to root even though the container run as www-data (82)
by default.
So we added a simple /etc/sudoers.d/crond-www-data
with the following content:
ALL ALL = (root) NOPASSWD: /usr/sbin/crond'
This allows any user to run the crond
command, even though sudo
is bad, this was we prevent wide open access.
Feel free to open an issue in this GitHub repository.