blax-software
/
docker-laravel
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11 Commits 2 Branches 0 Tags 88 KiB
Commit Graph

11 Commits

Author SHA1 Message Date
Fabian @ Blax Software 9f63d8e98b fix(docker): restore ENTRYPOINT [start-container] — adding HEALTHCHECK had dropped it 
Adding the HEALTHCHECK replaced the ENTRYPOINT line instead of sitting alongside
it, so the image fell back to the base php:8.4-fpm entrypoint (php-fpm alone):
supervisord/start-container never ran, nginx was down (port 80 unserved -> /api
404 via Traefik) and supervisorctl was absent (-> always UNHEALTHY). Restore the
entrypoint; HEALTHCHECK stays.
 2026-06-12 16:59:58 +02:00
Fabian @ Blax Software 9cb3ae5bce fix(docker): queue/scheduler/horizon resilience + container HEALTHCHECK 
- start-container: generous startretries + startsecs and graceful SIGTERM
  stopwaitsecs for queue/scheduler/horizon, so a transient boot failure (e.g.
  DB not ready) no longer marks a worker FATAL forever and silently drops jobs,
  and an in-flight job finishes before SIGKILL on deploy/restart.
- container-health: new HEALTHCHECK that reports UNHEALTHY when php-fpm/nginx or
  any enabled queue/scheduler/horizon worker is not RUNNING, so a dead worker
  surfaces in docker ps / orchestration instead of letting jobs pile up.
 2026-06-12 15:57:59 +02:00
Fabian Wagner ➖ a6a2f5842 c4fb894699
fix(perms,mysql): auto-fix storage ownership + skip self-signed cert verify (#1) 
Two recurring foot-guns in production stacks rolled into one image-level fix:

1. storage/ + bootstrap/cache/ ownership drift. ENABLE_LARAVEL_PERMS was
   opt-in (default 0) and only chmod'd the top-level dir — so any subdir
   created later by a different UID (root, nobody, …) stayed un-writable
   for www-data. Symptom: workkit:db:backup pumping a multi-GB mysqldump
   into a doomed bash redirect that fails with "Permission denied" only
   after the pipeline starts. Now default-on (=1), recursive chown +
   chmod ug+rwX, SGID on dirs so future files inherit the group, and we
   pre-create the subdirs that ship empty (incl. storage/backups/) so
   artisan never creates one as the wrong user.

2. mysql client TLS verification against self-signed in-cluster certs.
   `php artisan db` failed with "TLS/SSL error: self-signed certificate
   in certificate chain" because modern mysql/mariadb clients auto-enable
   ssl-verify-server-cert when a password is on argv. Drops a
   /etc/mysql/conf.d/00-laravel-client.cnf with ssl-verify-server-cert=OFF
   so the connection still negotiates TLS but skips the chain check —
   the right tradeoff for a private docker network. Override per-host
   with MYSQL_CLIENT_VERIFY=ON or by mounting a stricter .cnf.

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-07 10:22:07 +02:00
Fabian @ Blax Software cc3e590d62 A Blax Software OSS banner to README 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-06 12:08:27 +02:00
Fabian @ Blax Software 8df9f13787 I star history in README 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-05 16:44:37 +02:00
Fabian @ Blax Software 8f8cba49db I publish script 2026-04-23 11:49:01 +02:00
Fabian @ Blax Software 4e9d7a629c I safe directory inside 2026-04-23 11:04:47 +02:00
Fabian @ Blax Software 6e1f43fcbc chore: use blaxsoftware/laravel as default image name, make REGISTRY optional, drop npm@latest install 2026-04-16 08:42:05 +02:00
Fabian @ Blax Software 99eec4efbb chore: clean up stale root files, minor doc edits 2026-04-15 10:12:08 +02:00
Fabian @ Blax Software 34a26f3641 polish README: better intro, full tag list 2026-04-15 10:00:23 +02:00
Fabian @ Blax Software 7ccb8b94fe Initial commit: multi-version PHP+Nginx Docker image for Laravel 2026-04-15 09:57:37 +02:00