From c44517645754c33045f9a6ef959f8d06057bb7c9 Mon Sep 17 00:00:00 2001 From: Ric Harvey Date: Sun, 5 Feb 2017 22:46:45 +0000 Subject: [PATCH 1/5] First 7.1 build with nginx complie --- Dockerfile | 188 +++++++++++++++++++++++++++++++++--------- README.md | 4 +- conf/supervisord.conf | 4 +- scripts/start.sh | 12 +-- 4 files changed, 157 insertions(+), 51 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2024449..fa95a0f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,51 +1,150 @@ -FROM nginx:mainline-alpine +FROM php:7.1-fpm-alpine MAINTAINER ngineered -ENV php_conf /etc/php7/php.ini -ENV fpm_conf /etc/php7/php-fpm.d/www.conf +ENV php_conf /usr/local/etc/php-fpm.conf +ENV fpm_conf /usr/local/etc/php-fpm.d/www.conf ENV composer_hash 55d6ead61b29c7bdee5cccfb50076874187bd9f21f65d8991d46ec5cc90518f447387fb9f76ebae1fbbacf329e583e30 +ENV NGINX_VERSION 1.11.9 + +RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ + && CONFIG="\ + --prefix=/etc/nginx \ + --sbin-path=/usr/sbin/nginx \ + --modules-path=/usr/lib/nginx/modules \ + --conf-path=/etc/nginx/nginx.conf \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --pid-path=/var/run/nginx.pid \ + --lock-path=/var/run/nginx.lock \ + --http-client-body-temp-path=/var/cache/nginx/client_temp \ + --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ + --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ + --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ + --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ + --user=nginx \ + --group=nginx \ + --with-http_ssl_module \ + --with-http_realip_module \ + --with-http_addition_module \ + --with-http_sub_module \ + --with-http_dav_module \ + --with-http_flv_module \ + --with-http_mp4_module \ + --with-http_gunzip_module \ + --with-http_gzip_static_module \ + --with-http_random_index_module \ + --with-http_secure_link_module \ + --with-http_stub_status_module \ + --with-http_auth_request_module \ + --with-http_xslt_module=dynamic \ + --with-http_image_filter_module=dynamic \ + --with-http_geoip_module=dynamic \ + --with-http_perl_module=dynamic \ + --with-threads \ + --with-stream \ + --with-stream_ssl_module \ + --with-stream_ssl_preread_module \ + --with-stream_realip_module \ + --with-stream_geoip_module=dynamic \ + --with-http_slice_module \ + --with-mail \ + --with-mail_ssl_module \ + --with-compat \ + --with-file-aio \ + --with-http_v2_module \ + " \ + && addgroup -S nginx \ + && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + curl \ + gnupg \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ + && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ + && export GNUPGHOME="$(mktemp -d)" \ + && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$GPG_KEYS" \ + && gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ + && rm -r "$GNUPGHOME" nginx.tar.gz.asc \ + && mkdir -p /usr/src \ + && tar -zxC /usr/src -f nginx.tar.gz \ + && rm nginx.tar.gz \ + && cd /usr/src/nginx-$NGINX_VERSION \ + && ./configure $CONFIG --with-debug \ + && make -j$(getconf _NPROCESSORS_ONLN) \ + && mv objs/nginx objs/nginx-debug \ + && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ + && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ + && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ + && mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \ + && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ + && ./configure $CONFIG \ + && make -j$(getconf _NPROCESSORS_ONLN) \ + && make install \ + && rm -rf /etc/nginx/html/ \ + && mkdir /etc/nginx/conf.d/ \ + && mkdir -p /usr/share/nginx/html/ \ + && install -m644 html/index.html /usr/share/nginx/html/ \ + && install -m644 html/50x.html /usr/share/nginx/html/ \ + && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ + && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ + && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ + && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ + && install -m755 objs/ngx_http_perl_module-debug.so /usr/lib/nginx/modules/ngx_http_perl_module-debug.so \ + && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ + && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ + && strip /usr/sbin/nginx* \ + && strip /usr/lib/nginx/modules/*.so \ + && rm -rf /usr/src/nginx-$NGINX_VERSION \ + \ + # Bring in gettext so we can get `envsubst`, then throw + # the rest away. To do this, we need to install `gettext` + # then move `envsubst` out of the way so `gettext` can + # be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache --virtual .nginx-rundeps $runDeps \ + && apk del .build-deps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ + \ + # forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log + RUN echo @testing http://nl.alpinelinux.org/alpine/edge/testing >> /etc/apk/repositories && \ - sed -i -e "s/v3.4/edge/" /etc/apk/repositories && \ +# sed -i -e "s/v3.4/edge/" /etc/apk/repositories && \ echo /etc/apk/respositories && \ apk update && \ apk add --no-cache bash \ openssh-client \ wget \ - nginx \ supervisor \ curl \ + libcurl \ git \ - php7-fpm \ - php7-pdo \ - php7-pdo_mysql \ - php7-mysqlnd \ - php7-mysqli \ - php7-mcrypt \ - php7-mbstring \ - php7-ctype \ - php7-zlib \ - php7-gd \ - php7-exif \ - php7-intl \ - php7-sqlite3 \ - php7-pdo_pgsql \ - php7-pgsql \ - php7-xml \ - php7-xsl \ - php7-curl \ - php7-openssl \ - php7-iconv \ - php7-json \ - php7-phar \ - php7-soap \ - php7-dom \ - php7-zip \ - php7-session \ python \ python-dev \ - py2-pip \ + py-pip \ augeas-dev \ openssl-dev \ ca-certificates \ @@ -53,20 +152,27 @@ RUN echo @testing http://nl.alpinelinux.org/alpine/edge/testing >> /etc/apk/repo gcc \ musl-dev \ linux-headers \ + libmcrypt-dev \ + libpng-dev \ + icu-dev \ + libpq \ + libxslt-dev \ libffi-dev &&\ + #curl iconv session + docker-php-ext-install pdo_mysql mysqli mcrypt gd exif intl xsl json soap dom zip && \ mkdir -p /etc/nginx && \ mkdir -p /var/www/app && \ mkdir -p /run/nginx && \ mkdir -p /var/log/supervisor && \ - php7 -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \ - php7 -r "if (hash_file('SHA384', 'composer-setup.php') === '${composer_hash}') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \ - php7 composer-setup.php --install-dir=/usr/bin --filename=composer && \ - php7 -r "unlink('composer-setup.php');" && \ + php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \ + php -r "if (hash_file('SHA384', 'composer-setup.php') === '${composer_hash}') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" && \ + php composer-setup.php --install-dir=/usr/bin --filename=composer && \ + php -r "unlink('composer-setup.php');" && \ pip install -U pip && \ pip install -U certbot && \ mkdir -p /etc/letsencrypt/webrootauth && \ - apk del gcc musl-dev linux-headers libffi-dev augeas-dev python-dev && \ - ln -s /usr/bin/php7 /usr/bin/php + apk del gcc musl-dev linux-headers libffi-dev augeas-dev python-dev +# ln -s /usr/bin/php7 /usr/bin/php ADD conf/supervisord.conf /etc/supervisord.conf @@ -106,9 +212,9 @@ RUN sed -i \ -e "s/;listen.group = nobody/listen.group = nginx/g" \ -e "s/listen = 127.0.0.1:9000/listen = \/var\/run\/php-fpm.sock/g" \ -e "s/^;clear_env = no$/clear_env = no/" \ - ${fpm_conf} && \ - ln -s /etc/php7/php.ini /etc/php7/conf.d/php.ini && \ - find /etc/php7/conf.d/ -name "*.ini" -exec sed -i -re 's/^(\s*)#(.*)/\1;\2/g' {} \; + ${fpm_conf} +# ln -s /etc/php7/php.ini /etc/php7/conf.d/php.ini && \ +# find /etc/php7/conf.d/ -name "*.ini" -exec sed -i -re 's/^(\s*)#(.*)/\1;\2/g' {} \; # Add Scripts diff --git a/README.md b/README.md index 93ec41e..2fdb32e 100644 --- a/README.md +++ b/README.md @@ -14,8 +14,8 @@ The Docker hub build can be found here: [https://registry.hub.docker.com/u/richa ## Versions | Tag | Nginx | PHP | Alpine | |-----|-------|-----|--------| -| latest | 1.11.5 | 7.0.14 | 3.4@edge | -| php7 | 1.11.5 | 7.0.14 | 3.4@edge | +| latest | 1.11.9 | 7.1.1 | 3.4 | +| php7 | 1.11.9 | 7.1.1 | 3.4 | | php5 | 1.11.5 | 5.6.29 | 3.4 | **PLEASE NOTE: PHP7 is now the default** diff --git a/conf/supervisord.conf b/conf/supervisord.conf index e077455..a988f24 100644 --- a/conf/supervisord.conf +++ b/conf/supervisord.conf @@ -21,8 +21,8 @@ supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] serverurl=unix:///dev/shm/supervisor.sock ; use a unix:// URL for a unix socket -[program:php-fpm7] -command = /usr/sbin/php-fpm7 --nodaemonize --fpm-config /etc/php7/php-fpm.d/www.conf +[program:php-fpm] +command = /usr/local/sbin/php-fpm --nodaemonize --fpm-config /usr/local/etc/php-fpm.d/www.conf autostart=true autorestart=true priority=5 diff --git a/scripts/start.sh b/scripts/start.sh index c33c42d..f84a531 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -67,31 +67,31 @@ fi # Display PHP error's or not if [[ "$ERRORS" != "1" ]] ; then - echo php_flag[display_errors] = off >> /etc/php7/php-fpm.conf + echo php_flag[display_errors] = off >> /usr/local/etc/php-fpm.conf else - echo php_flag[display_errors] = on >> /etc/php7/php-fpm.conf + echo php_flag[display_errors] = on >> /usr/local/etc/php-fpm.conf fi # Display Version Details or not if [[ "$HIDE_NGINX_HEADERS" == "0" ]] ; then sed -i "s/server_tokens off;/server_tokens on;/g" /etc/nginx/nginx.conf else - sed -i "s/expose_php = On/expose_php = Off/g" /etc/php7/conf.d/php.ini + sed -i "s/expose_php = On/expose_php = Off/g" /usr/local/etc/php-fpm.conf fi # Increase the memory_limit if [ ! -z "$PHP_MEM_LIMIT" ]; then - sed -i "s/memory_limit = 128M/memory_limit = ${PHP_MEM_LIMIT}M/g" /etc/php7/conf.d/php.ini + sed -i "s/memory_limit = 128M/memory_limit = ${PHP_MEM_LIMIT}M/g" /usr/local/etc/php-fpm.conf fi # Increase the post_max_size if [ ! -z "$PHP_POST_MAX_SIZE" ]; then - sed -i "s/post_max_size = 100M/post_max_size = ${PHP_POST_MAX_SIZE}M/g" /etc/php7/conf.d/php.ini + sed -i "s/post_max_size = 100M/post_max_size = ${PHP_POST_MAX_SIZE}M/g" /usr/local/etc/php-fpm.conf fi # Increase the upload_max_filesize if [ ! -z "$PHP_UPLOAD_MAX_FILESIZE" ]; then - sed -i "s/upload_max_filesize = 100M/upload_max_filesize= ${PHP_UPLOAD_MAX_FILESIZE}M/g" /etc/php7/conf.d/php.ini + sed -i "s/upload_max_filesize = 100M/upload_max_filesize= ${PHP_UPLOAD_MAX_FILESIZE}M/g" /usr/local/etc/php-fpm.conf fi # Always chown webroot for better mounting From 77ae7cd09b110adceb6f867ad756d5541e5f7835 Mon Sep 17 00:00:00 2001 From: Ric Harvey Date: Tue, 7 Feb 2017 09:52:47 +0000 Subject: [PATCH 2/5] Make docker vars work (post_max_size, etc) --- Dockerfile | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index fa95a0f..3beee48 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,6 +4,7 @@ MAINTAINER ngineered ENV php_conf /usr/local/etc/php-fpm.conf ENV fpm_conf /usr/local/etc/php-fpm.d/www.conf +ENV php_vars /usr/local/etc/php/conf.d/docker-vars.ini ENV composer_hash 55d6ead61b29c7bdee5cccfb50076874187bd9f21f65d8991d46ec5cc90518f447387fb9f76ebae1fbbacf329e583e30 ENV NGINX_VERSION 1.11.9 @@ -191,25 +192,22 @@ ADD conf/nginx-site-ssl.conf /etc/nginx/sites-available/default-ssl.conf RUN ln -s /etc/nginx/sites-available/default.conf /etc/nginx/sites-enabled/default.conf # tweak php-fpm config -RUN sed -i \ - -e "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g" \ - -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g" \ - -e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" \ - -e "s/variables_order = \"GPCS\"/variables_order = \"EGPCS\"/g" \ - ${php_conf} && \ +RUN echo "cgi.fix_pathinfo=0" > ${php_vars} &&\ + echo "upload_max_filesize = 100M" >> ${php_vars} &&\ + echo "post_max_size = 100M" >> ${php_vars} &&\ + echo "variables_order = \"EGPCS\"" >> ${php_vars} && \ sed -i \ - -e "s/;daemonize\s*=\s*yes/daemonize = no/g" \ -e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g" \ - -e "s/pm.max_children = 4/pm.max_children = 4/g" \ + -e "s/pm.max_children = 5/pm.max_children = 4/g" \ -e "s/pm.start_servers = 2/pm.start_servers = 3/g" \ -e "s/pm.min_spare_servers = 1/pm.min_spare_servers = 2/g" \ -e "s/pm.max_spare_servers = 3/pm.max_spare_servers = 4/g" \ - -e "s/pm.max_requests = 500/pm.max_requests = 200/g" \ + -e "s/;pm.max_requests = 500/pm.max_requests = 200/g" \ -e "s/user = nobody/user = nginx/g" \ -e "s/group = nobody/group = nginx/g" \ -e "s/;listen.mode = 0660/listen.mode = 0666/g" \ - -e "s/;listen.owner = nobody/listen.owner = nginx/g" \ - -e "s/;listen.group = nobody/listen.group = nginx/g" \ + -e "s/;listen.owner = www-data/listen.owner = nginx/g" \ + -e "s/;listen.group = www-data/listen.group = nginx/g" \ -e "s/listen = 127.0.0.1:9000/listen = \/var\/run\/php-fpm.sock/g" \ -e "s/^;clear_env = no$/clear_env = no/" \ ${fpm_conf} From 784e07feb087de81d0b4e9f24de4304f7a07b6de Mon Sep 17 00:00:00 2001 From: Ric Harvey Date: Tue, 7 Feb 2017 09:55:21 +0000 Subject: [PATCH 3/5] fix script to change php vars --- Dockerfile | 1 + scripts/start.sh | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3beee48..7156d0c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -196,6 +196,7 @@ RUN echo "cgi.fix_pathinfo=0" > ${php_vars} &&\ echo "upload_max_filesize = 100M" >> ${php_vars} &&\ echo "post_max_size = 100M" >> ${php_vars} &&\ echo "variables_order = \"EGPCS\"" >> ${php_vars} && \ + echo "memory_limit = 128M" >> ${php_vars} && \ sed -i \ -e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g" \ -e "s/pm.max_children = 5/pm.max_children = 4/g" \ diff --git a/scripts/start.sh b/scripts/start.sh index f84a531..f1da4a8 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -81,17 +81,17 @@ fi # Increase the memory_limit if [ ! -z "$PHP_MEM_LIMIT" ]; then - sed -i "s/memory_limit = 128M/memory_limit = ${PHP_MEM_LIMIT}M/g" /usr/local/etc/php-fpm.conf + sed -i "s/memory_limit = 128M/memory_limit = ${PHP_MEM_LIMIT}M/g" /usr/local/etc/php/conf.d/docker-vars.ini fi # Increase the post_max_size if [ ! -z "$PHP_POST_MAX_SIZE" ]; then - sed -i "s/post_max_size = 100M/post_max_size = ${PHP_POST_MAX_SIZE}M/g" /usr/local/etc/php-fpm.conf + sed -i "s/post_max_size = 100M/post_max_size = ${PHP_POST_MAX_SIZE}M/g" /usr/local/etc/php/conf.d/docker-vars.ini fi # Increase the upload_max_filesize if [ ! -z "$PHP_UPLOAD_MAX_FILESIZE" ]; then - sed -i "s/upload_max_filesize = 100M/upload_max_filesize= ${PHP_UPLOAD_MAX_FILESIZE}M/g" /usr/local/etc/php-fpm.conf + sed -i "s/upload_max_filesize = 100M/upload_max_filesize= ${PHP_UPLOAD_MAX_FILESIZE}M/g" /usr/local/etc/php/conf.d/docker-vars.ini fi # Always chown webroot for better mounting From cfcf9f7fbc05e5d74e5384c2e3dc5b9749dd593a Mon Sep 17 00:00:00 2001 From: Ric Harvey Date: Tue, 7 Feb 2017 10:19:30 +0000 Subject: [PATCH 4/5] Fix ownership --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7156d0c..6dd6cf4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -204,8 +204,8 @@ RUN echo "cgi.fix_pathinfo=0" > ${php_vars} &&\ -e "s/pm.min_spare_servers = 1/pm.min_spare_servers = 2/g" \ -e "s/pm.max_spare_servers = 3/pm.max_spare_servers = 4/g" \ -e "s/;pm.max_requests = 500/pm.max_requests = 200/g" \ - -e "s/user = nobody/user = nginx/g" \ - -e "s/group = nobody/group = nginx/g" \ + -e "s/user = www-data/user = nginx/g" \ + -e "s/group = www-data/group = nginx/g" \ -e "s/;listen.mode = 0660/listen.mode = 0666/g" \ -e "s/;listen.owner = www-data/listen.owner = nginx/g" \ -e "s/;listen.group = www-data/listen.group = nginx/g" \ From 2ec8a51070f5a620fbd3ac09526903b96b249a9a Mon Sep 17 00:00:00 2001 From: Ric Harvey Date: Tue, 7 Feb 2017 10:36:43 +0000 Subject: [PATCH 5/5] merge in @royrico pull request into 7.1 code --- README.md | 1 + scripts/start.sh | 23 ++++++++++++----------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 2fdb32e..8a1cc21 100644 --- a/README.md +++ b/README.md @@ -48,6 +48,7 @@ The following flags are a list of all the currently supported options that can b - **GIT_BRANCH** : Select a specific branch (optional) - **GIT_EMAIL** : Set your email for code pushing (required for git to work) - **GIT_NAME** : Set your name for code pushing (required for git to work) + - **GIT_USE_SSH** : Set this to 1 if you want to use git over SSH (instead of HTTP), useful if you want to use Bitbucket instead of GitHub - **SSH_KEY** : Private SSH deploy key for your repository base64 encoded (requires write permissions for pushing) - **GIT_PERSONAL_TOKEN** : Personal access token for your git account (required for HTTPS git access) - **GIT_USERNAME** : Git username for use with personal tokens. (required for HTTPS git access) diff --git a/scripts/start.sh b/scripts/start.sh index f1da4a8..1082291 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -34,19 +34,20 @@ if [ ! -d "/var/www/html/.git" ]; then if [ ! -z "$GIT_REPO" ]; then # Remove the test index file rm -Rf /var/www/html/* + GIT_COMMAND='git clone ' if [ ! -z "$GIT_BRANCH" ]; then - if [ -z "$GIT_USERNAME" ] && [ -z "$GIT_PERSONAL_TOKEN" ]; then - git clone -b $GIT_BRANCH $GIT_REPO /var/www/html/ || exit 1 - else - git clone -b ${GIT_BRANCH} https://${GIT_USERNAME}:${GIT_PERSONAL_TOKEN}@${GIT_REPO} /var/www/html || exit 1 - fi - else - if [ -z "$GIT_USERNAME" ] && [ -z "$GIT_PERSONAL_TOKEN" ]; then - git clone $GIT_REPO /var/www/html/ || exit 1 - else - git clone https://${GIT_USERNAME}:${GIT_PERSONAL_TOKEN}@${GIT_REPO} /var/www/html || exit 1 - fi + GIT_COMMAND=${GIT_COMMAND}" -b ${GIT_BRANCH}" fi + + if [ -z "$GIT_USERNAME" ] && [ -z "$GIT_PERSONAL_TOKEN" ]; then + GIT_COMMAND=${GIT_COMMAND}" ${GIT_REPO}" + else + if [[ "$GIT_USE_SSH" == "1" ]]; then + GIT_COMMAND=${GIT_COMMAND}" ${GIT_REPO}" + else + GIT_COMMAND=${GIT_COMMAND}" https://${GIT_USERNAME}:${GIT_PERSONAL_TOKEN}@${GIT_REPO}" + fi + ${GIT_COMMAND} /var/www/html || exit 1 chown -Rf nginx.nginx /var/www/html fi fi