search

moodlehq / moodle-docker

A docker environment for moodle developers
GNU General Public License v3.0
406 stars 252 forks source link

Make docker-compose.yml compatible with podman-compose #172

Closed septatrix closed 3 years ago

septatrix commented 3 years ago

podman is a modern alternative to docker and runs without a daemon and without root. It is also the default on some distros like Fedora. podman-compose is a compatibility layer to use docker-compose files with podman.

The problem: It does not support two containers binding to the same port (even inside the container network). As the webserver and exttest container both bind to port 80 this is problematic.

Proposed solution: Mount a config file inside the exttest container to change the port to 9000 by default and adjust the config template correspondingly. I tested this and it work like a charm.

dahrens commented 3 years ago

I'm interested in this feature as well - may you share your working solution either as PR or just as a branch in a fork? :)

septatrix commented 3 years ago
Patch ```patch diff --git a/assets/web/000-default.conf b/assets/web/000-default.conf new file mode 100644 index 0000000..ab31697 --- /dev/null +++ b/assets/web/000-default.conf @@ -0,0 +1,31 @@ + + # The ServerName directive sets the request scheme, hostname and port that + # the server uses to identify itself. This is used when creating + # redirection URLs. In the context of virtual hosts, the ServerName + # specifies what hostname must appear in the request's Host: header to + # match this virtual host. For the default virtual host (this file) this + # value is not decisive as it is used as a last resort host regardless. + # However, you must set it for any further virtual host explicitly. + #ServerName www.example.com + + ServerAdmin webmaster@localhost + DocumentRoot /var/www/html + + # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, + # error, crit, alert, emerg. + # It is also possible to configure the loglevel for particular + # modules, e.g. + #LogLevel info ssl:warn + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # For most configuration files from conf-available/, which are + # enabled or disabled at a global level, it is possible to + # include a line for only one particular virtual host. For example the + # following line enables the CGI configuration for this host only + # after it has been globally disabled with "a2disconf". + #Include conf-available/serve-cgi-bin.conf + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/assets/web/apache2_adminer.conf b/assets/web/apache2_adminer.conf new file mode 100644 index 0000000..e33a8a2 --- /dev/null +++ b/assets/web/apache2_adminer.conf @@ -0,0 +1,12 @@ + + LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so + + + + LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so + + +Redirect "/_/adminer" "/_/adminer/" + +ProxyPass "/_/adminer/" "http://adminer:8080/" +ProxyPassReverse "/_/adminer/" "http://adminer:8080/" diff --git a/assets/web/ports.conf b/assets/web/ports.conf new file mode 100644 index 0000000..063e62b --- /dev/null +++ b/assets/web/ports.conf @@ -0,0 +1,15 @@ +# If you just change the port or add more ports here, you will likely also +# have to change the VirtualHost statement in +# /etc/apache2/sites-enabled/000-default.conf + +Listen 9000 + + + Listen 443 + + + + Listen 443 + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/base.yml b/base.yml index 2ede0f9..e39cefa 100644 --- a/base.yml +++ b/base.yml @@ -5,8 +5,8 @@ services: depends_on: - db volumes: - - "${MOODLE_DOCKER_WWWROOT}:/var/www/html" - - "${ASSETDIR}/web/apache2_faildumps.conf:/etc/apache2/conf-enabled/apache2_faildumps.conf" + - "${MOODLE_DOCKER_WWWROOT}:/var/www/html:z" + - "${ASSETDIR}/web/apache2_faildumps.conf:/etc/apache2/conf-enabled/apache2_faildumps.conf:z" environment: MOODLE_DOCKER_DBTYPE: pgsql MOODLE_DOCKER_DBNAME: moodle @@ -22,7 +22,10 @@ services: POSTGRES_DB: moodle exttests: image: moodlehq/moodle-exttests + volumes: + - "${ASSETDIR}/web/ports.conf:/etc/apache2/ports.conf:z" + - "${ASSETDIR}/web/000-default.conf:/etc/apache2/sites-enabled/000-default.conf:z" selenium: image: "selenium/standalone-firefox${MOODLE_DOCKER_SELENIUM_SUFFIX}:2.53.1" volumes: - - "${MOODLE_DOCKER_WWWROOT}:/var/www/html:ro" + - "${MOODLE_DOCKER_WWWROOT}:/var/www/html:ro,z" diff --git a/bin/moodle-docker-compose b/bin/moodle-docker-compose index 16415c4..1bc7e71 100755 --- a/bin/moodle-docker-compose +++ b/bin/moodle-docker-compose @@ -27,6 +27,7 @@ export ASSETDIR="${basedir}/assets" dockercompose="docker-compose -f ${basedir}/base.yml" dockercompose="${dockercompose} -f ${basedir}/service.mail.yml" +dockercompose="${dockercompose} -f ${basedir}/service.adminer.yml" # PHP Version. export MOODLE_DOCKER_PHP_VERSION=${MOODLE_DOCKER_PHP_VERSION:-7.3} diff --git a/config.docker-template.php b/config.docker-template.php index 684f541..333a4f9 100644 --- a/config.docker-template.php +++ b/config.docker-template.php @@ -46,7 +46,7 @@ $CFG->pathtophp = '/usr/local/bin/php'; $CFG->phpunit_dataroot = '/var/www/phpunitdata'; $CFG->phpunit_prefix = 't_'; -define('TEST_EXTERNAL_FILES_HTTP_URL', 'http://exttests'); +define('TEST_EXTERNAL_FILES_HTTP_URL', 'http://exttests:8080'); $CFG->behat_wwwroot = 'http://webserver'; $CFG->behat_dataroot = '/var/www/behatdata'; diff --git a/moodle-app-dev.yml b/moodle-app-dev.yml index 7fd566a..b1fb3bc 100644 --- a/moodle-app-dev.yml +++ b/moodle-app-dev.yml @@ -8,7 +8,7 @@ services: working_dir: /app command: npm run ionic:serve volumes: - - "${MOODLE_DOCKER_APP_PATH}:/app" + - "${MOODLE_DOCKER_APP_PATH}:/app:z" expose: - 8100 - 35729 diff --git a/service.adminer.yml b/service.adminer.yml new file mode 100644 index 0000000..87de68b --- /dev/null +++ b/service.adminer.yml @@ -0,0 +1,11 @@ +version: "2" +services: + webserver: + volumes: + - "${ASSETDIR}/web/apache2_adminer.conf:/etc/apache2/conf-enabled/apache2_adminer.conf:z" + depends_on: + - adminer + adminer: + image: adminer + depends_on: + - db diff --git a/service.mail.yml b/service.mail.yml index 812ab0e..556c104 100644 --- a/service.mail.yml +++ b/service.mail.yml @@ -2,7 +2,7 @@ version: "2" services: webserver: volumes: - - "${ASSETDIR}/web/apache2_mailhog.conf:/etc/apache2/conf-enabled/apache2_mailhog.conf" + - "${ASSETDIR}/web/apache2_mailhog.conf:/etc/apache2/conf-enabled/apache2_mailhog.conf:z" depends_on: - mailhog mailhog: diff --git a/volumes-cached.yml b/volumes-cached.yml index dedeb9e..a64b30b 100644 --- a/volumes-cached.yml +++ b/volumes-cached.yml @@ -4,4 +4,4 @@ version: "2" services: webserver: volumes: - - "${MOODLE_DOCKER_WWWROOT}:/var/www/html:cached" + - "${MOODLE_DOCKER_WWWROOT}:/var/www/html:z" ```
scara commented 3 years ago

Hi @septatrix, that's a nice proposal! Loving the :z which I would like to propose since ages too, regardless this issue.

Would you mind to create a PR for your patch proposal? Just a couple of quick notes:

HTH, Matteo

dahrens commented 3 years ago

First of all, thanks for the patch @septatrix :) I'll cobble the parts together that are relevant to me.

Regarding the :z option: I'm not sure whether this should be included by default, since it fiddles with filesystem labels and does not restore them afterwards.

After reading https://github.com/containers/podman/issues/8786 and https://github.com/moby/moby/issues/30934 I'd come to the conclusion that it is only an issue if someone sets MOODLE_DOCKER_WWWROOT=/home/username or something similar. Which does not make much sense.

Do you use the :z option, because you have SELinux enabled on your workstation?

And another question: How do you launch it finally using podman-compose?

Do you invoke podman-compose without the wrapper script in bin/moodle-docker-compose? Since bash aliases are not expanded in scripts by default, they are not really an option. I've worked around it by using this approach (with .local/bin included in my PATH):

cat ~/.local/bin/docker-compose
#!/bin/bash

podman-compose "$@"

Do you think it is worth it to introduce an environment variable that allows you change the base command from docker-compose to podman-compose?

septatrix commented 3 years ago

Would you mind to create a PR for your patch proposal?

It seems like @dahrens already did that :D

Regarding the :z option: I'm not sure whether this should be included by default, since it fiddles with filesystem labels and does not restore them afterwards.

After reading containers/podman#8786 and moby/moby#30934 I'd come to the conclusion that it is only an issue if someone sets MOODLE_DOCKER_WWWROOT=/home/username or something similar. Which does not make much sense.

Do you use the :z option, because you have SELinux enabled on your workstation?

Yes. I use Fedora which has SELinux enabled. Without :z the container would not start.

And another question: How do you launch it finally using podman-compose?

[...]

Do you think it is worth it to introduce an environment variable that allows you change the base command from docker-compose to podman-compose?

I have symlinked ~/.local/bin/docker-compose to /usr/bin/podman-compose. Environment variables seem a bit overkill. They would be justified if this was something one would change between runs but that is probably not the case.

dahrens commented 3 years ago

Would you mind to create a PR for your patch proposal?

It seems like @dahrens already did that :D

It was a good opportunity to get a better understanding on how the whole thing here works internally. I'm quite new to moodle and needed to learn what this exttest is at all ;)

Regarding the :z option: I'm not sure whether this should be included by default, since it fiddles with filesystem labels and does not restore them afterwards. After reading containers/podman#8786 and moby/moby#30934 I'd come to the conclusion that it is only an issue if someone sets MOODLE_DOCKER_WWWROOT=/home/username or something similar. Which does not make much sense. Do you use the :z option, because you have SELinux enabled on your workstation?

Yes. I use Fedora which has SELinux enabled. Without :z the container would not start.

I left out the :z option in the PR. IMO this should be a separate commit anyways. Since it might cause troubles in some cases I'd prefer one or two additional evaluations - e.g. from windows folks, I did not take windows into account as I don't know about it.

And another question: How do you launch it finally using podman-compose? [...] Do you think it is worth it to introduce an environment variable that allows you change the base command from docker-compose to podman-compose?

I have symlinked ~/.local/bin/docker-compose to /usr/bin/podman-compose. Environment variables seem a bit overkill. They would be justified if this was something one would change between runs but that is probably not the case.

symlinks :facepalm: yes - this is straight forward :D

stronk7 commented 3 years ago

Closed by #175 , thanks!