Michael Schiemer
3b623e7afb
- Create AnsibleDeployStage using framework's Process module for secure command execution - Integrate AnsibleDeployStage into DeploymentPipelineCommands for production deployments - Add force_deploy flag support in Ansible playbook to override stale locks - Use PHP deployment module as orchestrator (php console.php deploy:production) - Fix ErrorAggregationInitializer to use Environment class instead of $_ENV superglobal Architecture: - BuildStage → AnsibleDeployStage → HealthCheckStage for production - Process module provides timeout, error handling, and output capture - Ansible playbook supports rollback via rollback-git-based.yml - Zero-downtime deployments with health checks
49 lines
1.9 KiB
Bash
49 lines
1.9 KiB
Bash
#!/bin/bash
|
|
set -e
|
|
|
|
# This script runs as root to handle Docker volume mounting,
|
|
# then switches to appuser for security
|
|
|
|
# CRITICAL: Do NOT create ANY subdirectories under /var/www/html/storage!
|
|
# Docker needs to create the storage directory tree when mounting Named Volumes.
|
|
# Creating storage or any storage/* subdirectory here prevents Docker volume mounting.
|
|
|
|
# Only create directories that are NOT under storage/ and are NOT volume mount points
|
|
mkdir -p /var/www/html/var/cache \
|
|
/var/www/html/var/logs \
|
|
/var/www/html/cache
|
|
|
|
# Set correct ownership and permissions for appuser
|
|
# Volume mount points are created by Docker and will be owned by root initially
|
|
# We fix ownership AFTER Docker has mounted them
|
|
|
|
# Wait for Docker to finish mounting volumes
|
|
sleep 1
|
|
|
|
# NOW we can safely create non-volume storage subdirectories
|
|
# Docker has already mounted: storage/logs, storage/cache, storage/queue, storage/discovery, storage/uploads
|
|
# We create other directories that are NOT volume mounts:
|
|
mkdir -p /var/www/html/storage/analytics 2>/dev/null || true
|
|
mkdir -p /var/www/html/storage/sessions 2>/dev/null || true
|
|
|
|
# Fix ownership for all storage directories (including mounted volumes)
|
|
if [ -d /var/www/html/storage ]; then
|
|
chown -R appuser:appuser /var/www/html/storage 2>/dev/null || true
|
|
chmod -R 775 /var/www/html/storage 2>/dev/null || true
|
|
fi
|
|
|
|
chown -R appuser:appuser /var/www/html/var 2>/dev/null || true
|
|
chown -R appuser:appuser /var/www/html/cache 2>/dev/null || true
|
|
|
|
chmod -R 775 /var/www/html/var 2>/dev/null || true
|
|
chmod -R 775 /var/www/html/cache 2>/dev/null || true
|
|
|
|
# For PHP-FPM, run as root and let it manage user switching internally
|
|
# PHP-FPM will drop privileges to the user specified in pool configuration
|
|
# For other commands (console.php, etc.), switch to appuser
|
|
if [ "$1" = "php-fpm" ]; then
|
|
exec "$@"
|
|
else
|
|
exec gosu appuser "$@"
|
|
fi
|