From b39a8186ae2b9e79963a9ecf15813b776972408c Mon Sep 17 00:00:00 2001
From: "Michael (Parker) Parker" <parkervcp@gmail.com>
Date: Sun, 27 Apr 2025 20:56:10 -0400
Subject: [PATCH] Resolve issue with avatar storage (#1281)

* Resolve issue with avatar storage

This resolves the issue with getting avatar storage working

updates the entrypoint to create the `pelican-data/storage` folder on start.

Adds a dev dockerfile to build locally instead of needing to update the standard dockerfile.

* Move avatar folder

Moves the avatars folder in the storage folder in-case anything else needs storage as well.

Fixes an issue in the entrypoint where it wasn't creating the sub-folder correctly.
---
 Dockerfile           |  24 ++++------
 Dockerfile.dev       | 111 +++++++++++++++++++++++++++++++++++++++++++
 docker/entrypoint.sh |   2 +-
 3 files changed, 120 insertions(+), 17 deletions(-)
 create mode 100644 Dockerfile.dev

diff --git a/Dockerfile b/Dockerfile
index 1b719bedb..f07367734 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,16 +1,9 @@
 # syntax=docker.io/docker/dockerfile:1.13-labs
 # Pelican Production Dockerfile
 
-
-# For those who want to build this Dockerfile themselves, uncomment lines 6-12 and replace "localhost:5000/base-php:$TARGETARCH" on lines 17 and 67 with "base".
-
-# FROM --platform=$TARGETOS/$TARGETARCH php:8.4-fpm-alpine as base
-
-# ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
-
-# RUN install-php-extensions bcmath gd intl zip opcache pcntl posix pdo_mysql pdo_pgsql
-
-# RUN rm /usr/local/bin/install-php-extensions
+##
+#  If you want to build this locally you want to run `docker build -f Dockerfile.dev`
+##
 
 # ================================
 # Stage 1-1: Composer Install
@@ -82,15 +75,14 @@ RUN chown root:www-data ./ \
     && chmod 750 ./ \
     # Files should not have execute set, but directories need it
     && find ./ -type d -exec chmod 750 {} \; \
-    # Symlink to env/database path, as www-data won't be able to write to webroot
+    # Create necessary directories 
+    && mkdir -p /pelican-data/storage /var/www/html/storage/app/public /var/run/supervisord /etc/supercronic \
+    # Symlinks for env, database, and avatars
     && ln -s /pelican-data/.env ./.env \
     && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \
-    && mkdir -p /pelican-data/storage \
     && ln -sf /var/www/html/storage/app/public /var/www/html/public/storage \
-    && ln -s /pelican-data/storage /var/www/html/storage/app/public/avatars \
-    # Create necessary directories
-    && mkdir -p /pelican-data /var/run/supervisord /etc/supercronic \
-    # Finally allow www-data write permissions where necessary 
+    && ln -s  /pelican-data/storage/avatars /var/www/html/storage/app/public/avatars \
+    # Allow www-data write permissions where necessary 
     && chown -R www-data:www-data /pelican-data ./storage ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \
     && chmod -R u+rwX,g+rwX,o-rwx /pelican-data ./storage ./bootstrap/cache /var/run/supervisord
 
diff --git a/Dockerfile.dev b/Dockerfile.dev
new file mode 100644
index 000000000..078e107c9
--- /dev/null
+++ b/Dockerfile.dev
@@ -0,0 +1,111 @@
+# syntax=docker.io/docker/dockerfile:1.13-labs
+# Pelican Development Dockerfile
+
+FROM --platform=$TARGETOS/$TARGETARCH php:8.4-fpm-alpine AS base
+
+ADD --chmod=0755 https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
+
+RUN install-php-extensions bcmath gd intl zip opcache pcntl posix pdo_mysql pdo_pgsql
+
+RUN rm /usr/local/bin/install-php-extensions
+
+# ================================
+# Stage 1-1: Composer Install
+# ================================
+FROM --platform=$TARGETOS/$TARGETARCH base AS composer
+
+WORKDIR /build
+
+COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
+
+# Copy bare minimum to install Composer dependencies
+COPY composer.json composer.lock ./
+
+RUN composer install --no-dev --no-interaction --no-autoloader --no-scripts
+
+# ================================
+# Stage 1-2: Yarn Install
+# ================================
+FROM --platform=$TARGETOS/$TARGETARCH node:20-alpine AS yarn
+
+WORKDIR /build
+
+# Copy bare minimum to install Yarn dependencies
+COPY package.json yarn.lock ./
+
+RUN yarn config set network-timeout 300000 \
+    && yarn install --frozen-lockfile
+
+# ================================
+# Stage 2-1: Composer Optimize
+# ================================
+FROM --platform=$TARGETOS/$TARGETARCH composer AS composerbuild
+
+# Copy full code to optimize autoload
+COPY --exclude=Caddyfile --exclude=docker/ . ./
+
+RUN composer dump-autoload --optimize
+
+# ================================
+# Stage 2-2: Build Frontend Assets
+# ================================
+FROM --platform=$TARGETOS/$TARGETARCH yarn AS yarnbuild
+
+WORKDIR /build
+
+# Copy full code
+COPY --exclude=Caddyfile --exclude=docker/ . ./
+COPY --from=composer /build .
+
+RUN yarn run build
+
+# ================================
+# Stage 5: Build Final Application Image
+# ================================
+FROM --platform=$TARGETOS/$TARGETARCH base AS final
+
+WORKDIR /var/www/html
+
+# Install additional required libraries
+RUN apk update && apk add --no-cache \
+    caddy ca-certificates supervisor supercronic
+
+COPY --chown=root:www-data --chmod=640 --from=composerbuild /build .
+COPY --chown=root:www-data --chmod=640 --from=yarnbuild /build/public ./public
+
+# Set permissions
+# First ensure all files are owned by root and restrict www-data to read access
+RUN chown root:www-data ./ \
+    && chmod 750 ./ \
+    # Files should not have execute set, but directories need it
+    && find ./ -type d -exec chmod 750 {} \; \
+    # Create necessary directories 
+    && mkdir -p /pelican-data/storage /var/www/html/storage/app/public /var/run/supervisord /etc/supercronic \
+    # Symlinks for env, database, and avatars
+    && ln -s /pelican-data/.env ./.env \
+    && ln -s /pelican-data/database/database.sqlite ./database/database.sqlite \
+    && ln -sf /var/www/html/storage/app/public /var/www/html/public/storage \
+    && ln -s  /pelican-data/storage/avatars /var/www/html/storage/app/public/avatars \
+    # Allow www-data write permissions where necessary 
+    && chown -R www-data:www-data /pelican-data ./storage ./bootstrap/cache /var/run/supervisord /var/www/html/public/storage \
+    && chmod -R u+rwX,g+rwX,o-rwx /pelican-data ./storage ./bootstrap/cache /var/run/supervisord
+
+# Configure Supervisor
+COPY docker/supervisord.conf /etc/supervisord.conf
+COPY docker/Caddyfile /etc/caddy/Caddyfile
+# Add Laravel scheduler to crontab
+COPY docker/crontab /etc/supercronic/crontab
+
+COPY docker/entrypoint.sh ./docker/entrypoint.sh
+
+HEALTHCHECK --interval=5m --timeout=10s --start-period=5s --retries=3 \
+  CMD curl -f http://localhost/up || exit 1
+
+EXPOSE 80 443
+
+VOLUME /pelican-data
+
+USER www-data
+
+ENTRYPOINT [ "/bin/ash", "docker/entrypoint.sh" ]
+CMD [ "supervisord", "-n", "-c", "/etc/supervisord.conf" ]
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index c97577bf3..0dd8d2e29 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -23,7 +23,7 @@ else
   echo -e "APP_INSTALLED=false" >> /pelican-data/.env
 fi
 
-mkdir /pelican-data/database /var/www/html/storage/logs/supervisord 2>/dev/null
+mkdir -p /pelican-data/database /pelican-data/storage/avatars /var/www/html/storage/logs/supervisord 2>/dev/null
 
 if ! grep -q "APP_KEY=" .env || grep -q "APP_KEY=$" .env; then
   echo "Generating APP_KEY..."