fred.boniface/owa-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial

Browse Source
This commit is contained in:
Fred Boniface 2025-03-06 10:19:44 +00:00
commit a0c1042086
7 changed files with 200 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README.md Normal file
View File

@ -0,0 +1,22 @@
# Containerised OWA
Run OWA in a Docker, Docker Swarm, or Kubernetes environment.
This setup assumes a database on a separate host - to use a containerised database add that to your compose/stack/manifest and ensure the configuration mount is correct for your environment.
## Versions
This repo provides one nginx and one php-fpm container, both are required to run OWA. Ensure that both the nginx and php-fpm container are of the same version to avoid incomatibilities.
## php-fpm
Configure the database connection and OWA config with environment variables passed to the php-fpm container.
|Variable|Value|
|OWA_DB_TYPE|mysql|
|OWA_DB_NAME|Name of the database|
|OWA_DB_HOST|Host/IP of the database server|
|OWA_DB_USER|Username for the database|
|OWA_DB_PASS|Password for the user|
|OWA_PUBLIC_URL|Public URL for the OWA installation|
|OWA_SITE_ID|Site ID|

21
nginx/Dockerfile Normal file
View File

@ -0,0 +1,21 @@
FROM nginx:alpine
ENV OWA_VERSION=1.7.8
ENV OWA_URL="https://github.com/Open-Web-Analytics/Open-Web-Analytics/archive/refs/tags/${OWA_VERSION}.zip"
COPY nginx.conf /etc/nginx/nginx.conf
RUN apk add --no-cache curl unzip && \
curl -L $OWA_URL -o /tmp/owa.zip && \
unzip /tmp/owa.zip -d /usr/share/nginx/html/ && \
mv /usr/share/nginx/html/Open-Web-Analytics-${OWA_VERSION} /usr/share/nginx/html/owa && \
chown -R nginx:nginx /usr/share/nginx/html/owa && \
rm /tmp/owa.zip
WORKDIR /usr/share/nginx/html/owa
WORKDIR /var/www/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

63
nginx/nginx.conf Normal file
View File

@ -0,0 +1,63 @@
worker_processes auto;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server_tokens off; # Hide Nginx version for security
server {
listen 80;
server_name _; # Change to your domain if needed
root /usr/share/nginx/html/owa;
index index.php index.html;
# Logging (Optional)
access_log /var/log/nginx/owa_access.log;
error_log /var/log/nginx/owa_error.log;
# Serve static files directly
location ~* \.(css|js|gif|png|jpg|jpeg|ico|woff|woff2|ttf|svg|eot|otf)$ {
expires max;
log_not_found off;
}
# Pass PHP scripts to PHP-FPM
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php:9000; # PHP container (same as `php` service in Docker)
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# Handle OWA tracking requests
location ~* ^/modules/base/js.php$ {
include fastcgi_params;
fastcgi_pass php:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
expires max;
add_header Cache-Control "public, max-age=31536000, immutable";
}
location ~* ^/owa.php$ {
include fastcgi_params;
fastcgi_pass php:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# Deny access to sensitive files
location ~* /(config|logs|cache|modules/base/i18n)/ {
deny all;
}
# Security headers
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
}
}

32
php/Dockerfile Normal file
View File

@ -0,0 +1,32 @@
FROM php:8.3-fpm
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT [ "/entrypoint.sh" ]
CMD ["php-fpm"]
COPY php.ini /usr/local/etc/php/php.ini
EXPOSE 9000
ENV OWA_VERSION=1.7.8
ENV OWA_URL="https://github.com/Open-Web-Analytics/Open-Web-Analytics/archive/refs/tags/${OWA_VERSION}.zip"
RUN apt-get update && apt-get install -y \
libpng-dev \
libjpeg-dev \
libfreetype6-dev \
libxml2-dev \
zip unzip curl git \
&& docker-php-ext-configure gd --with-freetype --with-jpeg \
&& docker-php-ext-install gd mysqli pdo pdo_mysql xml \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
RUN curl -L $OWA_URL -o /tmp/owa.zip && \
unzip /tmp/owa.zip -d /var/www/html/ && \
mv /var/www/html/Open-Web-Analytics-${OWA_VERSION} /var/www/html/owa && \
chown -R www-data:www-data /var/www/html/owa && \
rm /tmp/owa.zip
WORKDIR /var/www/html/owa
RUN chown -R www-data:www-data /var/www/html/owa

15
php/entrypoint.sh Normal file
View File

@ -0,0 +1,15 @@
#!/bin/sh
cat <<EOL > /var/www/html/owa/config/owa-config.php
<?php
define('OWA_DB_TYPE', getenv('OWA_DB_TYPE') ?: 'mysql');
define('OWA_DB_NAME', getenv('OWA_DB_NAME') ?: 'owadb');
define('OWA_DB_HOST', getenv('OWA_DB_HOST') ?: 'db');
define('OWA_DB_USER', getenv('OWA_DB_USER') ?: 'owauser');
define('OWA_DB_PASSWORD', getenv('OWA_DB_PASS') ?: 'strongpassword');
define('OWA_PUBLIC_URL', 'https://your-owa-domain.com/owa/');
define('OWA_SITE_ID', 'your-site-id');
?>
EOL
exec "$@"

20
php/php.ini Normal file
View File

@ -0,0 +1,20 @@
[PHP]
memory_limit = 256M
upload_max_filesize = 32M
post_max_size = 32M
max_execution_time = 300
max_input_time = 300
date.timezone = UTC
display_errors = Off
log_errors = On
error_log = /var/log/php_errors.log
session.save_handler = files
session.gc_maxlifetime = 1440
zlib.output_compression = On
[opcache]
opcache.enable=1
opcache.memory_consumption=128
opcache.max_accelerated_files=10000
opcache.validate_timestamps=1
opcache.revalidate_freq=2

27
stack.yaml Normal file
View File

@ -0,0 +1,27 @@
version: '3.8'
services:
php:
image: git.fjla.uk/fred.boniface/owa-php:1.7.8
container_name: owa_php
environment:
OWA_DB_HOST: "db_host"
OWA_DB_NAME: "owa_db"
OWA_DB_USER: "owa_user"
OWA_DB_PASS: "owa_password"
deploy:
replicas: 1
restart_policy:
condition: on-failure
nginx:
image: git.fjla.uk/fred.boniface/owa-nginx:1.7.8
container_name: owa_nginx
ports:
- "80:80"
depends_on:
- php
deploy:
replicas: 1
restart_policy:
condition: on-failure