From f75b41d36e48852f34aeb556905bd57ca27f08a3 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 19 Oct 2016 00:21:51 +0000 Subject: [PATCH] Implementação do container sei com docker php:5.6-apache --- Vagrantfile | 52 ++++++++++++++++++++++++++-------------------------- memcached/Dockerfile | 9 --------- sei/ConfiguracaoSEI.php | 2 +- sei/Dockerfile | 48 ++++++++++++++++++++++++++---------------------- sei/entrypoint.sh | 40 ++++++++++++---------------------------- sei/install.sh | 31 +++++++++++++++++++++++++++++++ sei/sei.conf | 19 ------------------- sei/supervisord.conf | 51 --------------------------------------------------- 8 files changed, 96 insertions(+), 156 deletions(-) create mode 100644 sei/install.sh diff --git a/Vagrantfile b/Vagrantfile index 2725c5b..e1ee6d5 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -21,55 +21,55 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # Diretórios compartilhados com a durante a execução config.vm.synced_folder ".", "/mnt/sei/ops" - config.vm.synced_folder "../sei", "/opt", mount_options: ["dmode=777", "fmode=777"] + config.vm.synced_folder "../sei", "/mnt/sei/src", mount_options: ["dmode=777", "fmode=777"] config.vm.provider "virtualbox" do |vb| vb.customize ["modifyvm", :id, "--memory", "2048", "--usb", "off", "--audio", "none"] end # Provisionamento da Máquina Virtual responsável por manter os containers do Docker - #config.vm.provision "docker" do |docker| + config.vm.provision "docker" do |docker| # Constrói imagens dos containers utilizados no provicionamento -# docker.build_image "/mnt/sei/ops/solr", args: "-t 'processoeletronico/solr'" -# docker.build_image "/mnt/sei/ops/mysql", args: "-t 'processoeletronico/mysql'" -# docker.build_image "/mnt/sei/ops/sei", args: "-t 'processoeletronico/sei'" -# docker.build_image "/mnt/sei/ops/memcached", args: "-t 'processoeletronico/memcached'" -# docker.pull_images "schickling/mailcatcher" -# docker.build_image "/mnt/sei/ops/jod", args: "-t 'processoeletronico/jod'" + docker.build_image "/mnt/sei/ops/solr", args: "-t 'processoeletronico/solr'" + docker.build_image "/mnt/sei/ops/mysql", args: "-t 'processoeletronico/mysql'" + docker.build_image "/mnt/sei/ops/sei", args: "-t 'processoeletronico/sei'" + docker.build_image "/mnt/sei/ops/memcached", args: "-t 'processoeletronico/memcached'" + docker.pull_images "schickling/mailcatcher" + #docker.build_image "/mnt/sei/ops/jod", args: "-t 'processoeletronico/jod'" # docker run -d --name smtp -p 1080:1080 schickling/mailcatcher:latest - # docker.run "smtp", image: "schickling/mailcatcher", - # daemonize: true, - # args: "-p 1080:1080" + docker.run "smtp", image: "schickling/mailcatcher", + daemonize: true, + args: "-p 1080:1080" # docker run -d --name memcached -p 11211:11211 processoeletronico/memcached:latest - # docker.run "memcached", image: "processoeletronico/memcached", - # daemonize: true, - # args: "-p 11211:11211" + docker.run "memcached", image: "processoeletronico/memcached", + daemonize: true, + args: "-p 11211:11211" # docker run -d --name db -p 3306:3306 processoeletronico/mysql:latest - # docker.run "db", image: "processoeletronico/mysql:latest", - # daemonize: true, - # args: "-p 3306:3306" + docker.run "db", image: "processoeletronico/mysql:latest", + daemonize: true, + args: "-p 3306:3306" # docker run -d --name solr -p 8983:8983 -v /mnt/sei/src/sei/solr:/mnt/sei/index processoeletronico/solr:latest - # docker.run "solr", image: "processoeletronico/solr:latest", - # daemonize: true, - # args: "-p 8983:8983" + docker.run "solr", image: "processoeletronico/solr:latest", + daemonize: true, + args: "-p 8983:8983" # docker run -d --name jod -p 8080:8080 processoeletronico/jod:latest #docker.run "jod", image: "processoeletronico/jod:latest", # daemonize: true, # args: "-p 8080:8080" - # docker run -d --name sei -p 80:80 --link solr:solr --link db:db --link jod:jod -v /opt:/opt processoeletronico/sei:latest - # docker.run "sei", image: "processoeletronico/sei:latest", - # daemonize: true, - # args: "-p 80:80 --link db:db --link solr:solr --link mencached:memncached--link smtp:smtp -v /opt:/opt" - #end + # docker run -d --name sei -p 80:80 --link solr:solr --link db:db --link memcached:memcached -v /mnt/sei/src:/opt processoeletronico/sei:latest + docker.run "sei", image: "processoeletronico/sei:latest", + daemonize: true, + args: "-p 80:80 --link db:db --link solr:solr --link memcached:memcached --link smtp:smtp -v /mnt/sei/src:/opt" + end # Inicialização dos containers em caso de reinicialização da máquina host # A inicialização é realizada de forma sequencial para evitar conflito no mapeamento de volumes no Docker - # config.vm.provision "shell", run: "always", inline: "docker restart solr && docker restart memcached && docker restart smtp && docker restart db && docker restart sei" + config.vm.provision "shell", run: "always", inline: "docker restart solr && docker restart memcached && docker restart smtp && docker restart db && docker restart sei" end diff --git a/memcached/Dockerfile b/memcached/Dockerfile index aa4a8ae..ffc6657 100644 --- a/memcached/Dockerfile +++ b/memcached/Dockerfile @@ -8,16 +8,7 @@ FROM memcached # Autor e mantenedor do container MAINTAINER PEN - Processo Eletrônico Nacional -# Definição do terminal a ser utilizado -ENV TERM xterm - - - - - # Exposição da porta de conexão ao Apache EXPOSE 11211 -# Inicialização dos serviços Apache e Memcache -CMD ["/entrypoint.sh"] diff --git a/sei/ConfiguracaoSEI.php b/sei/ConfiguracaoSEI.php index 8f1d7ba..ef626a0 100644 --- a/sei/ConfiguracaoSEI.php +++ b/sei/ConfiguracaoSEI.php @@ -43,7 +43,7 @@ class ConfiguracaoSEI extends InfraConfiguracao { 'Servidor' => getenv("MEMCACHED_PORT_11211_TCP_ADDR"), 'Porta' => getenv("MEMCACHED_PORT_11211_TCP_PORT")), - 'JODConverter' => array('Servidor' => 'http://'.getenv("JOD_PORT_8080_TCP_ADDR").':'.getenv("JOD_PORT_8080_TCP_PORT").'/converter/service') + 'JODConverter' => array('Servidor' => 'http://'.getenv("JOD_PORT_8080_TCP_ADDR").':'.getenv("JOD_PORT_8080_TCP_PORT").'/converter/service'), 'Edoc' => array('Servidor' => 'http://[Servidor .NET]'), diff --git a/sei/Dockerfile b/sei/Dockerfile index 0149a2f..2a8fa36 100644 --- a/sei/Dockerfile +++ b/sei/Dockerfile @@ -1,6 +1,9 @@ -############################################################################## -# Dockerfile de construção do container WebApp utilizado pelo SEI e pelo SIP # -############################################################################## +########################################################### +# Dockerfile de construção do container WebApp +# utilizado pelo SEI e pelo SIP +# +# Baseado no CentOS 6.X +############################################################ # Definição da imagem de base para o CentOS 6.X FROM centos:centos6 @@ -8,34 +11,35 @@ FROM centos:centos6 # Autor e mantenedor do container MAINTAINER PEN - Processo Eletrônico Nacional -ENV TERM xterm - ################## INICIO DA INSTALACAO ###################### # Instalação do SEI seguindo as recomendações descritas na documentação do SEI +# Ref: https://processoeletronico.gov.br/projects/sei/wiki # Instalação do servidor web Apache 2.2, memcache e demais componentes - RUN yum install -y epel-release && \ - yum -y update && \ - yum -y install httpd-2.2.* mysql-5.1.* memcached openssl wget curl unzip gcc java-1.7.0-openjdk libxml2 dos2unix crontabs \ - php-5.3.* php-common php-cli php-pear php-bcmath php-gd php-gmp php-imap php-intl php-ldap php-mbstring php-mysql \ - php-odbc php-pdo php-pecl-apc php-pspell php-zlib php-snmp php-soap php-xml php-xmlrpc php-zts php-devel \ - php-pecl-apc-devel php-pecl-memcache php-calendar php-shmop php-intl php-mcrypt php-pecl-xdebug \ - supervisor gearmand libgearman libgearman-devel php-pecl-gearman && \ - yum -y clean all +RUN yum install -y epel-release && \ + yum -y update && \ + yum -y install httpd-2.2.* mysql-5.1.* memcached openssl wget curl unzip gcc java-1.7.0-openjdk libxml2 dos2unix crontabs \ + php-5.3.* php-common php-cli php-pear php-bcmath php-gd php-gmp php-imap php-intl php-ldap php-mbstring php-mysql \ + php-odbc php-pdo php-pecl-apc php-pspell php-zlib php-snmp php-soap php-xml php-xmlrpc php-zts php-devel \ + php-pecl-apc-devel php-pecl-memcache php-calendar php-shmop php-intl \ + php-mcrypt php-pecl-xdebug \ + supervisor gearmand libgearman libgearman-devel php-pecl-gearman && \ + yum -y clean all + # Configuração do charset do Apache -#RUN echo "AddDefaultCharset iso-8859-1" >> /etc/httpd/conf/httpd.conf +RUN echo "AddDefaultCharset iso-8859-1" | tee -a /etc/httpd/conf/httpd.conf # Correção do bug do VirtualBox relacionado ao Sendfile. http://docs.vagrantup.com/v2/synced-folders/virtualbox.html -#RUN echo "EnableSendfile Off" >> /etc/httpd/conf/httpd.conf +RUN echo "EnableSendfile Off" | tee -a /etc/httpd/conf/httpd.conf # Instalação do componentes UploadProgress RUN pecl install uploadprogress && \ echo "extension=uploadprogress.so" >> /etc/php.d/uploadprogress.ini # Configuração dos parâmetros do SEI e SIP -ADD ConfiguracaoSEI.php /opt/ConfiguracaoSEI.php -ADD ConfiguracaoSip.php /opt/ConfiguracaoSip.php +ADD ConfiguracaoSEI.php /opt/sei/ConfiguracaoSEI.php +ADD ConfiguracaoSip.php /opt/sip/ConfiguracaoSip.php # Copia arquivos necessários para a instalação ADD sei.ini /etc/php.d/sei.ini @@ -51,10 +55,8 @@ RUN mkdir -p /var/sei/arquivos && \ # Configuração dos serviços de background do Cron RUN mkdir /var/log/sei RUN sed -i '/session required pam_loginuid.so/c\#session required pam_loginuid.so' /etc/pam.d/crond -RUN echo "0 * * * * root /usr/bin/php -c /etc/php.ini /opt/sei/scripts/AgendamentoTarefaSEI.php 2>&1 >> /var/log/sei/agendamento_sei.log" >> /etc/cron.d/sei -RUN echo "0 * * * * root /usr/bin/php -c /etc/php.ini /opt/sip/scripts/AgendamentoTarefaSip.php 2>&1 >> /var/log/sip/agendamento_sip.log" >> /etc/cron.d/sip -RUN echo "00 01 * * * root rm -rf /opt/sei/temp/*" >> /etc/cron.d/sei -RUN echo "00 01 * * * root rm -rf /opt/sip/temp/*" >> /etc/cron.d/sip +RUN echo "0 * * * * root /usr/bin/php -c /etc/php.ini /var/www/html/sei/AgendamentoTarefaSEI.php 2>&1 >> /var/log/sei/agendamento_sei.log" >> /etc/cron.d/sei +RUN echo "0 * * * * root /usr/bin/php -c /etc/php.ini /var/www/html/sip/AgendamentoTarefaSip.php 2>&1 >> /var/log/sei/agendamento_sip.log" >> /etc/cron.d/sei # Script de inicialização do container entry-point ADD entrypoint.sh /entrypoint.sh @@ -62,9 +64,11 @@ RUN dos2unix /entrypoint.sh && chmod +x /entrypoint.sh ##################### FIM DA INSTALACAO ##################### +# Definição do terminal a ser utilizado +ENV TERM xterm + # Exposição da porta de conexão ao Apache EXPOSE 80 # Inicialização dos serviços Apache e Memcache CMD ["/entrypoint.sh"] - diff --git a/sei/entrypoint.sh b/sei/entrypoint.sh index 09df54c..e5e2fe8 100644 --- a/sei/entrypoint.sh +++ b/sei/entrypoint.sh @@ -2,10 +2,6 @@ echo "127.0.0.1 sip_www" >> /etc/hosts -# Configura localização das aplicações SEI e SIP -ln -s /mnt/sei/src/sei /opt/ -ln -s /mnt/sei/src/sip /opt/ - # Configura localização correta da infra_php #if [ -d /mnt/sei/src/infra/infra_php ]; then dir_infra_php="/mnt/sei/src/infra/infra_php"; else dir_infra_php="/mnt/sei/src/infra_php"; fi #ln -sf $dir_infra_php /var/www/html/ @@ -24,7 +20,7 @@ if [ -f /opt/sei/config/ConfiguracaoSEI.php ] && [ ! -f /opt/sei/config/Configur fi if [ ! -f /opt/sei/config/ConfiguracaoSEI.php ]; then - cp /opt/ConfiguracaoSEI.php /opt/sei/config/ConfiguracaoSEI.php + cp /ConfiguracaoSEI.php /opt/sei/config/ConfiguracaoSEI.php fi # Atribuição dos parâmetros de configuração do SIP @@ -33,40 +29,28 @@ if [ -f /opt/sip/config/ConfiguracaoSip.php ] && [ ! -f /opt/sip/config/Configur fi if [ ! -f /opt/sip/config/ConfiguracaoSip.php ]; then - cp /opt/sip/config/ConfiguracaoSip.php /opt/sip/config/ConfiguracaoSip.php + cp /ConfiguracaoSip.php /opt/sip/config/ConfiguracaoSip.php fi # Criação do diretório padrão de upload de arquivos #SEI -chown -R root.apache /opt/sei -find /opt/sei -type d -exec chmod 2750 {} \; -find /opt/sei -type f -exec chmod 0640 {} \; -find /opt/sei/temp -type d -exec chmod 2570 {} \; -chmod 0750 /opt/sei/bin/wkhtmltopdf-amd64 - -#SIP -chown -R root.apache /opt/sip -find /opt/sip -type d -exec chmod 2750 {} \; -find /opt/sip -type f -exec chmod 0640 {} \; -find /opt/sip/temp -type d -exec chmod 2570 {} \; - -#Infra PHP -chown -R root.apache /opt/infra -find /opt/infra -type d -exec chmod 2750 {} \; -find /opt/infra -type f -exec chmod 0640 {} \; - +chown -R www-data.www-data /opt/sei +chown -R www-data.www-data /opt/infra +chown -R www-data.www-data /opt/sip +chmod +x /opt/sei/bin/wkhtmltopdf-amd64 +chmod -R 777 /opt/sei/temp +chmod -R 777 /opt/sip/temp chmod -R 777 /var/sei/arquivos # Inicialização do serviço de cache #/etc/init.d/memcached start # Inicialização das rotinas de agendamento -/etc/init.d/rsyslog start -/etc/init.d/crond start +service cron start # Inicialização do Gearman e Supervisor, componentes para integração com Processo Eletrônico Nacional -/etc/init.d/gearmand start -/etc/init.d/supervisord start +gearmand & +service supervisor start # Inicialização do servidor web -/usr/sbin/httpd -DFOREGROUND +apache2-foreground diff --git a/sei/install.sh b/sei/install.sh new file mode 100644 index 0000000..d278c55 --- /dev/null +++ b/sei/install.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash + +set -e + +apt-get -y update + +apt-get -y install mysql-client wget unzip openjdk-7-jre bzip2 cron \ + php5-common php-pear php5-gd php5-intl php5-ldap php5-mysql php5-memcached php5-curl php5-json php5-dev php5-xdebug php5-mcrypt \ + php-calendar php-soap php-gettext php-pclzip php-file \ + libapache2-mod-php5filter + +# Instalação do componentes UploadProgress +pecl install uploadprogress +echo "extension=uploadprogress.so" > /etc/php5/mods-available/uploadprogress.ini + +# Instalação do Supervisor e Gearman para suporte à integração com o PEN +apt-get -y install supervisor +apt-get -y install gearman libgearman7 php5-gearman + +# Configuração de permissão do diretório de arquivos +mkdir -p /var/sei/arquivos && \ +chmod -R 777 /var/sei/arquivos + +# Configuração dos serviços de background do Cron +mkdir /var/log/sei +echo "0 * * * * root /usr/bin/php -c /etc/php.ini /opt/sei/scripts/AgendamentoTarefaSEI.php 2>&1 >> /var/log/sei/agendamento_sei.log" >> /etc/cron.d/sei +echo "0 * * * * root /usr/bin/php -c /etc/php.ini /opt/sip/scripts/AgendamentoTarefaSip.php 2>&1 >> /var/log/sip/agendamento_sip.log" >> /etc/cron.d/sip +echo "00 01 * * * root rm -rf /opt/sei/temp/*" >> /etc/cron.d/sei +echo "00 01 * * * root rm -rf /opt/sip/temp/*" >> /etc/cron.d/sip + +exit 0 diff --git a/sei/sei.conf b/sei/sei.conf index d951f36..7a03732 100644 --- a/sei/sei.conf +++ b/sei/sei.conf @@ -1,20 +1,12 @@ KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 15 -AddDefaultCharset iso-8859-1 -EnableSendfile Off Alias "/sei" "/opt/sei/web" Alias "/sip" "/opt/sip/web" Alias "/infra_css" "/opt/infra/infra_css" Alias "/infra_js" "/opt/infra/infra_js" - - AllowOverride None - Options None - Require all granted - - DocumentRoot /var/www/html @@ -62,14 +54,3 @@ Alias "/infra_js" "/opt/infra/infra_js" MaxRequestsPerChild 10000 -# Para evitar erros nos log do SIP (menu Infra/Log) identificados por -# “Microsoft Data Access Internet Publishing Provider Protocol Discovery” -SetEnvIfNoCase user-agent "Microsoft Data Access Internet -Publishing Provider Protocol Discovery" bad_bot=1 - - - Order Allow,Deny - Allow from all - Deny from env=bad_bot - - diff --git a/sei/supervisord.conf b/sei/supervisord.conf index a062430..d390d9f 100644 --- a/sei/supervisord.conf +++ b/sei/supervisord.conf @@ -1,55 +1,4 @@ -[supervisord] -http_port=/var/tmp/supervisor.sock ; (default is to run a UNIX domain socket server) -;http_port=127.0.0.1:9001 ; (alternately, ip_address:port specifies AF_INET) -;sockchmod=0700 ; AF_UNIX socketmode (AF_INET ignore, default 0700) -;sockchown=nobody.nogroup ; AF_UNIX socket uid.gid owner (AF_INET ignores) -;umask=022 ; (process file creation umask;default 022) -logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) -logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) -logfile_backups=10 ; (num of main logfile rotation backups;default 10) -loglevel=info ; (logging level;default info; others: debug,warn) -pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) -nodaemon=false ; (start in foreground if true;default false) -minfds=1024 ; (min. avail startup file descriptors;default 1024) -minprocs=200 ; (min. avail process descriptors;default 200) - -;nocleanup=true ; (don't clean up tempfiles at start;default false) -;http_username=user ; (default is no username (open system)) -;http_password=123 ; (default is no password (open system)) -;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP) -;user=chrism ; (default is current user, required if root) -;directory=/tmp ; (default is not to cd during start) -;environment=KEY=value ; (key value pairs to add to environment) - -[supervisorctl] -serverurl=unix:///var/tmp/supervisor.sock ; use a unix:// URL for a unix socket -;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket -;username=chris ; should be same as http_username if set -;password=123 ; should be same as http_password if set -;prompt=mysupervisor ; cmd line prompt (default "supervisor") - -; The below sample program section shows all possible program subsection values, -; create one or more 'real' program: sections to be able to control them under -; supervisor. - -;[program:theprogramname] -;command=/bin/cat ; the program (relative uses PATH, can take args) -;priority=999 ; the relative start priority (default 999) -;autostart=true ; start at supervisord start (default: true) -;autorestart=true ; retstart at unexpected quit (default: true) -;startsecs=10 ; number of secs prog must stay running (def. 10) -;startretries=3 ; max # of serial start failures (default 3) -;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2) -;stopsignal=QUIT ; signal used to kill process (default TERM) -;stopwaitsecs=10 ; max num secs to wait before SIGKILL (default 10) -;user=chrism ; setuid to this UNIX account to run the program -;log_stdout=true ; if true, log program stdout (default true) -;log_stderr=true ; if true, log program stderr (def false) -;logfile=/var/log/cat.log ; child log path, use NONE for none; default AUTO -;logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB) -;logfile_backups=10 ; # of logfile backups (default 10) - [program:sei_processar_pendencias] command=/usr/bin/php -c /etc/php.ini /var/www/html/sei/modulos/pen/rn/ProcessarPendenciasRN.php numprocs=1 -- libgit2 0.21.2