init

.drone.yml

@@ -0,0 +1,110 @@
+################
+# docker build #
+################
+kind: pipeline
+type: docker
+name: docker-build-amd64
+
+platform:
+  os: linux
+  arch: amd64
+
+trigger:
+  event:
+  - tag
+
+# anchors
+cr_secrets: &cr_secrets
+  username:
+    from_secret: cr-dhub-username
+  password:
+    from_secret: cr-dhub-key
+
+docker_build: &docker_build
+  image: plugins/docker
+  pull: if-not-exists
+  group: build
+
+# build steps amd64
+steps:
+- name: 'build and publish docker image'
+  <<: *docker_build
+  settings:
+    repo: olofvndrhr/flox-dockerized
+    dockerfile: Dockerfile.amd64
+    auto_tag: true
+    auto_tag_suffix: linux-amd64
+    <<: *cr_secrets
+
+
+---
+kind: pipeline
+type: docker
+name: docker-build-arm64
+
+platform:
+  os: linux
+  arch: arm64
+
+trigger:
+  event:
+  - tag
+
+# anchors
+cr_secrets: &cr_secrets
+  username:
+    from_secret: cr-dhub-username
+  password:
+    from_secret: cr-dhub-key
+
+docker_build: &docker_build
+  image: plugins/docker
+  pull: if-not-exists
+  group: build
+
+# build steps arm64
+steps:
+- name: 'build and publish docker image'
+  <<: *docker_build
+  settings:
+    repo: olofvndrhr/flox-dockerized
+    dockerfile: Dockerfile.arm64
+    auto_tag: true
+    auto_tag_suffix: linux-arm64
+    <<: *cr_secrets
+
+
+---
+kind: pipeline
+type: docker
+name: docker-publish-manifest
+
+platform:
+  os: linux
+  arch: amd64
+
+trigger:
+  event:
+  - tag
+
+# anchors
+cr_secrets: &cr_secrets
+  username:
+    from_secret: cr-dhub-username
+  password:
+    from_secret: cr-dhub-key
+
+# build steps
+steps:
+- name: 'publish manifest'
+  image: plugins/manifest
+  settings:
+    spec: manifest.tmpl
+    auto_tag: true
+    ignore_missing: true
+    <<: *cr_secrets
+
+depends_on:
+  - docker-build-amd64
+  - docker-build-arm64
+

.gitignore

@@ -0,0 +1 @@
+data/

CHANGELOG.md

@@ -0,0 +1,15 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+
+## [1.0.0] - 2022-04-15
+
+### Added
+ - Initial release
+ - Published docker image: https://hub.docker.com/r/olofvndrhr/flox-dockerized
+
+

Dockerfile.amd64

@@ -0,0 +1,73 @@
+FROM composer:1.10.17 AS composer
+
+# build flox
+RUN \
+  echo "**** building flox ****" && \
+  apk add git && \
+  git clone --branch master https://github.com/devfake/flox.git /build/flox && \
+  cd /build/flox/backend && \
+  composer install
+
+###########################################
+
+FROM cr.44net.ch/baseimages/debian-s6:1.3.1
+
+# set version label
+ARG BUILD_DATE
+ARG VERSION
+LABEL build_version="Version:- ${VERSION} Build-date:- ${BUILD_DATE}"
+LABEL maintainer="Ivan Schaller"
+
+ARG db_path='/flox/backend/database/db.sqlite'
+
+COPY --from=composer /build/flox /app/flox
+
+# install packages
+RUN \
+  echo "**** installing base packages ****" && \
+  apt-get update && \
+  apt-get install -y --no-install-recommends \
+      sqlite3 \
+      php7.4 \
+      php7.4-sqlite3 \
+      php-fpm \
+      php-xml \
+      php-mbstring \
+      php-bcmath \
+      php-opcache \
+      nginx \
+      && \
+  echo "**** prepare app ****" && \
+  touch "/app${db_path}" && \
+  cd /app/flox/backend && \
+  php artisan flox:init --no-interaction "${db_path}" && \
+  sed -i \
+      -e 's,DB_CONNECTION=.*,DB_CONNECTION=sqlite,g' \
+      -e 's,DB_DATABASE=.*,DB_DATABASE='"${db_path}"',g' \
+          /app/flox/backend/.env && \
+  echo "**** other preparation ****" && \
+  mkdir -p mkdir -p /run/php/ && \
+  touch /run/php/php7.4-fpm.sock && \
+  sed -i \
+      -e 's,user =.*,user = abc,g' \
+      -e 's,group =.*,group = abc,g' \
+      -e 's,listen.owner =.*,listen.owner = abc,g' \
+      -e 's,listen.group =.*,listen.group = abc,g' \
+          /etc/php/7.4/fpm/pool.d/www.conf && \
+  chown -R abc:abc /app/flox && \
+  echo "**** cleanup ****" && \
+  apt-get purge --auto-remove -y && \
+  apt-get clean && \
+  rm -rf \
+    /tmp/* \
+    /var/lib/apt/lists/* \
+    /var/tmp/*
+
+
+# copy files to container
+COPY rootfs /
+
+WORKDIR /flox
+
+EXPOSE 8080
+

Dockerfile.arm64

@@ -0,0 +1,73 @@
+FROM composer:1.10.17 AS composer
+
+# build flox
+RUN \
+  echo "**** building flox ****" && \
+  apk add git && \
+  git clone --branch master https://github.com/devfake/flox.git /build/flox && \
+  cd /build/flox/backend && \
+  composer install
+
+###########################################
+
+FROM cr.44net.ch/baseimages/debian-s6:1.3.1
+
+# set version label
+ARG BUILD_DATE
+ARG VERSION
+LABEL build_version="Version:- ${VERSION} Build-date:- ${BUILD_DATE}"
+LABEL maintainer="Ivan Schaller"
+
+ARG db_path='/flox/backend/database/db.sqlite'
+
+COPY --from=composer /build/flox /app/flox
+
+# install packages
+RUN \
+  echo "**** installing base packages ****" && \
+  apt-get update && \
+  apt-get install -y --no-install-recommends \
+      sqlite3 \
+      php7.4 \
+      php7.4-sqlite3 \
+      php-fpm \
+      php-xml \
+      php-mbstring \
+      php-bcmath \
+      php-opcache \
+      nginx \
+      && \
+  echo "**** prepare app ****" && \
+  touch "/app${db_path}" && \
+  cd /app/flox/backend && \
+  php artisan flox:init --no-interaction "${db_path}" && \
+  sed -i \
+      -e 's,DB_CONNECTION=.*,DB_CONNECTION=sqlite,g' \
+      -e 's,DB_DATABASE=.*,DB_DATABASE='"${db_path}"',g' \
+          /app/flox/backend/.env && \
+  echo "**** other preparation ****" && \
+  mkdir -p mkdir -p /run/php/ && \
+  touch /run/php/php7.4-fpm.sock && \
+  sed -i \
+      -e 's,user =.*,user = abc,g' \
+      -e 's,group =.*,group = abc,g' \
+      -e 's,listen.owner =.*,listen.owner = abc,g' \
+      -e 's,listen.group =.*,listen.group = abc,g' \
+          /etc/php/7.4/fpm/pool.d/www.conf && \
+  chown -R abc:abc /app/flox && \
+  echo "**** cleanup ****" && \
+  apt-get purge --auto-remove -y && \
+  apt-get clean && \
+  rm -rf \
+    /tmp/* \
+    /var/lib/apt/lists/* \
+    /var/tmp/*
+
+
+# copy files to container
+COPY rootfs /
+
+WORKDIR /flox
+
+EXPOSE 8080
+

LICENSE.md

@@ -0,0 +1,19 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 devfake
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,91 @@
+# flox-dockerized
+
+[![Build Status](https://drone.44net.ch/api/badges/olofvndrhr/flox-dockerized/status.svg)](https://drone.44net.ch/olofvndrhr/flox-dockerized)
+
+### This is a docker container for the flox watchlist. Be sure to check out the original project: https://github.com/devfake/flox
+
+>Flox is a self hosted Movie, Series and Animes watch list. It's build on top of Laravel and Vue.js and uses [The Movie Database](https://www.themoviedb.org/) API.
+The rating based on an 3-Point system for `good`, `medium` and `bad`.
+
+>### [Try live demo](https://flox-demo.pyxl.dev) and [login](https://flox-demo.pyxl.dev/login) with `demo / demo` to add new stuff or change ratings.
+
+<img src="https://raw.githubusercontent.com/devfake/flox/master/public/assets/screenshot.jpg" alt="drawing" width="800"/>
+
+---
+
+## Running the container
+
+> This image is available for arm64 and amd64. The right version for you system will automatically be pulled.
+
+This container only exposes port 80/tcp. It is advised to run this configuration through a reverse proxy providing SSL if the service will be exposed over the internet. Data
+is saved in the container at `/flox`.
+
+To use the container you will need to set the env variable `tmdb_api_key` with your own [TheMovieDatabase API key](https://developers.themoviedb.org/3/getting-started/introduction). It is also recommended that you set `flox_admin_pass`. On first startup you also need to set `flox_db_init` to `true`.
+
+---
+
+### An minimal configuration example would be:
+```bash
+# with docker run
+cd <project_root>
+docker run -p '80:80' --volume '/<data-directory>/:/flox/' -e tmdb_api_key=<key> -e flox_db_init=true --name flox olofvndrhr:flox-dockerized:latest
+```
+
+```bash
+# with docker-compose (be sure to check all environment variables and change when neccesary)
+cd <project_root>
+nano docker-compose.yml # set tmdb_api_key & flox_db_init
+docker-compose pull
+docker-compose up -d
+```
+In order to create an admin user you will need to run an initial migration. This can be done by running the container once with the environment variable `flox_db_init=true`.
+If the env variables `flox_username` and `flox_password` are not set, the default login is: `admin:admin`.
+
+You can then connect to [http://localhost](http://localhost) to access the application.
+If you mounted the data directory, all changes will be saved through container recreation.
+
+In the data directory is a file called `.lock`. This file controls whether or not to "reset" all application data. So don't remove the file unless you want to reset you installation.
+The removed data will still be available in the running container in the directory `/tmp/flox` until you remove the container. After a reset you need to start the container with `flox_db_init=true` again.
+
+---
+
+## Supportet environment variables
+
+| Name | Description |
+|--|--|
+| tmdb_api_key | **(required)** The TMDB API key to use - required for startup *(https://developers.themoviedb.org/3/getting-started/introduction)* |
+| flox_db_init | **(required)** Run db initialization at container startup *(default: false)* |
+| flox_app_url | The url you will be hosting the app on *(default: http://localhost)* |
+| flox_username | Inital username. Will not be overwritten after the initialization |
+| flox_password | Initial password. Will not be overwritten after the initialization|
+| flox_client_uri | The relative path you are hosting on *(default: /)* |
+| flox_timezone | The timezone flox is running in *(default: UTC)* |
+| flox_daily_reminder_time | The daily reminder time *(default: 10:00)* |
+| flox_weekly_reminder_time | The weekly reminder time *(default: 20:00)* |
+| puid | Unix user id to run the container as (default 4444) |
+| pgid | Unix group id to run the container as (default 4444) |
+| flox_mail_driver | Mail driver (most likely smtp) |
+| flox_mail_host | Hostname of the mail server |
+| flox_mail_port | Port of the mail server (smtp port) |
+| flox_mail_from | Email address from which flox sends the mails |
+| flox_mail_username | User name on the mail server |
+| flox_mail_password | User password |
+| flox_mail_encryption | Encryption type (tls,ssl,none) |
+
+---
+
+## Contribution
+
+Like this project? Want to contribute? Awesome! Feel free to open some pull requests or just open an issue.
+
+
+## Changelogs
+
+Changelogs can be found [here](https://github.com/olofvndrhr/flox-dockerized/blob/master/CHANGELOG.md). But they may be not fully detailled.
+
+
+## License
+
+Flox is published under the MIT license. See LICENSE for more information. All credits to [devfake](https://github.com/devfake/flox/releases)
+
+

docker-compose.yml

@@ -0,0 +1,27 @@
+version: "3"
+services:
+
+  flox:
+    image: olofvndrhr/flox-dockerized:latest
+    container_name: flox-watchlist
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    ports:
+      - 80:80
+    networks:
+      - appnet
+    volumes:
+      - ./data/:/flox/
+    environment:
+      - TZ=Europe/Zurich
+      - PUID=4444 # custom userid
+      - PGID=4444 # custom groupid
+      - tmdb_api_key= # (required) The TMDB API key to use
+      - flox_init=true # run db initialization at container startup
+
+networks:
+  appnet:
+    name: appnet
+    driver: bridge
+

manifest.tmpl

@@ -0,0 +1,20 @@
+image: olofvndrhr/flox-dockerized:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}dev{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}
+{{/each}}
+  - "latest"
+{{/if}}
+manifests:
+  -
+    image: olofvndrhr/flox-dockerized:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{else}}dev-{{/if}}linux-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  -
+    image: olofvndrhr/flox-dockerized:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{else}}dev-{{/if}}linux-arm64
+    platform:
+      architecture: arm64
+      os: linux
+      variant: v8

rootfs/etc/cont-init.d/20-setenv

@@ -0,0 +1,22 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# set all env variables for further use. if variable is unset, it will have the defaults on the right side after ":="
+
+# custom env vars
+: "${tmdb_api_key:=}"
+: "${flox_app_url:=http://localhost}"
+: "${flox_client_uri:=/}"
+: "${flox_init:=false}"
+: "${flox_username:=admin}"
+: "${flox_password:=admin}"
+: "${flox_timezone:=UTC}"
+: "${flox_daily_reminder_time:=10:00}"
+: "${flox_weekly_reminder_time:=20:00}"
+: "${flox_mail_driver:=}"
+: "${flox_mail_host:=}"
+: "${flox_mail_port:=}"
+: "${flox_mail_from:=}"
+: "${flox_mail_username:=}"
+: "${flox_mail_password:=}"
+: "${flox_mail_encryption:=}"

rootfs/etc/cont-init.d/50-init

@@ -0,0 +1,20 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# source env variables
+source /etc/cont-init.d/20-setenv
+
+
+# check if lock file is present
+if [[ ! -f /flox/.lock ]]; then
+  printf 'Copying files to bind mount path\n'
+  # move app to permanent path
+  rsync --archive --delete --backup --backup-dir=/tmp /app/flox/ /flox
+
+  # create lock file to prevent overwriting existing files
+  touch /flox/.lock
+  chmod 600 /flox/.lock
+else
+  printf 'Lock file present. Not copying files\n'
+fi
+

rootfs/etc/cont-init.d/51-prepare

@@ -0,0 +1,23 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# source env variables
+source /etc/cont-init.d/20-setenv
+
+# set db connection options
+sed -i \
+  -e 's,^TMDB_API_KEY=.*,TMDB_API_KEY='"${tmdb_api_key}"',g' \
+  -e 's,^APP_URL=.*,APP_URL='"${flox_app_url}"',g' \
+  -e 's,^CLIENT_URI=.*,CLIENT_URI='"${flox_client_uri}"',g' \
+  -e 's,^TIMEZONE=.*,TIMEZONE='"${flox_timezone}"',g' \
+  -e 's,^DAILY_REMINDER_TIME=.*,DAILY_REMINDER_TIME='"${flox_daily_reminder_time}"',g' \
+  -e 's,^WEEKLY_REMINDER_TIME=.*,WEEKLY_REMINDER_TIME='"${flox_weekly_reminder_time}"',g' \
+  -e 's,^MAIL_DRIVER=.*,MAIL_DRIVER='"${flox_mail_driver}"',g'  \
+  -e 's,^MAIL_HOST=.*,MAIL_HOST='"${flox_mail_host}"',g' \
+  -e 's,^MAIL_PORT=.*,MAIL_PORT='"${flox_mail_port}"',g' \
+  -e 's,^MAIL_FROM=.*,MAIL_FROM='"${flox_mail_from}"',g' \
+  -e 's,^MAIL_USERNAME=.*,MAIL_USERNAME='"${flox_mail_username}"',g' \
+  -e 's,^MAIL_PASSWORD=.*,MAIL_PASSWORD='"${flox_mail_password}"',g' \
+  -e 's,^MAIL_ENCRYPTION=.*,MAIL_ENCRYPTION='"${flox_mail_encryption}"',g' \
+        /flox/backend/.env
+

rootfs/etc/cont-init.d/52-migrate

@@ -0,0 +1,15 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# source env variables
+source /etc/cont-init.d/20-setenv
+
+
+if [[ "${flox_init,,}" == "true" ]]; then
+  # init db
+  php /flox/backend/artisan flox:db --no-interaction "${flox_username}" "${flox_password}" #>/dev/null
+else
+  # migrate db
+  php /flox/backend/artisan migrate #>/dev/null
+fi
+

rootfs/etc/cont-init.d/80-fix-perms

@@ -0,0 +1,15 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# source env variables
+source /etc/cont-init.d/20-setenv
+
+app_path='/flox/'
+
+# fix permissions
+find "${app_path}" -type d -not -perm 775 -exec chmod 775 '{}' \+
+find "${app_path}" -type f -not -perm 664 -exec chmod 664 '{}' \+
+
+find "${app_path}" -not -user abc -exec chown abc '{}' \+
+find "${app_path}" -not -group abc -exec chown :abc '{}' \+
+

rootfs/etc/cron.d/flox

@@ -0,0 +1 @@
+* * * * * php /flox/backend/artisan schedule:run >> /dev/null 2>&1

rootfs/etc/nginx/nginx.conf

@@ -0,0 +1,36 @@
+user abc;
+daemon off;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+worker_connections 768;
+# multi_accept on;
+}
+
+http {
+
+sendfile on;
+tcp_nopush on;
+types_hash_max_size 2048;
+# server_tokens off;
+
+# server_names_hash_bucket_size 64;
+# server_name_in_redirect off;
+
+include /etc/nginx/mime.types;
+default_type application/octet-stream;
+
+ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+ssl_prefer_server_ciphers on;
+
+access_log /var/log/nginx/access.log;
+error_log /var/log/nginx/error.log;
+
+gzip on;
+
+
+include /etc/nginx/conf.d/*.conf;
+include /etc/nginx/sites-enabled/*;
+}

rootfs/etc/nginx/sites-enabled/default

@@ -0,0 +1,23 @@
+server {
+    listen 80 default_server;
+
+    server_name localhost;
+
+    root /flox/public/;
+    index index.php;
+
+    client_max_body_size 64M;
+
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+	location ~ \.php$ {
+         try_files $uri =404;
+         fastcgi_split_path_info ^(.+\.php)(/.+)$;
+         fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+         fastcgi_index index.php;
+         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+         include fastcgi_params;
+    }
+}

rootfs/etc/services.d/flox-worker/run

@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# source env variables
+source /etc/cont-init.d/20-setenv
+
+exec php /flox/backend/artisan queue:work --tries=3

rootfs/etc/services.d/nginx/run

@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# source env variables
+source /etc/cont-init.d/20-setenv
+
+exec nginx

rootfs/etc/services.d/php-fpm/run

@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# source env variables
+source /etc/cont-init.d/20-setenv
+
+exec php-fpm7.4 --nodaemonize

rootfs/etc/usr/local/etc/php/conf.d/uploads.ini

@@ -0,0 +1,5 @@
+file_uploads = On
+memory_limit = 64M
+upload_max_filesize = 64M
+post_max_size = 64M
+max_execution_time = 600