From c4fca62710dcaa45fd8b60329e478e1f2e9c92d9 Mon Sep 17 00:00:00 2001
From: hazza <hendra@yel.or.id>
Date: Mon, 21 Jul 2025 13:02:45 +0700
Subject: [PATCH] Code tweaking

---
 Dockerfile          | 114 ++++++++++++++++++++++++--------------------
 db.env              |   4 +-
 docker-compose.yaml |   9 +++-
 3 files changed, 70 insertions(+), 57 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9655f0e..8c26285 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,78 +4,86 @@ LABEL org.opencontainers.image.authors="Montala Ltd"
 
 ENV DEBIAN_FRONTEND="noninteractive"
 
+ARG RS_PUBLISHED_DOMAIN
+
+ARG RS_SERVERADMIN
+
+ARG DNS_CLOUDFLARE_API_TOKEN
+
 RUN apt-get update && apt-get install -y \
-    nano \
-    imagemagick \
-    apache2 \
-    subversion \
-    ghostscript \
-    antiword \
-    poppler-utils \
-    libimage-exiftool-perl \
-    cron \
-    postfix \
-    wget \
-    php \
-    php-apcu \
-    php-curl \
-    php-dev \
-    php-gd \
-    php-intl \
-    php-mysqlnd \
-    php-mbstring \
-    php-zip \
-    libapache2-mod-php \
-    ffmpeg \
-    libopencv-dev \
-    python3-opencv \
-    python3 \
-    certbot \
-    python3-certbot-dns-cloudflare \
-    python3-certbot-apache \
- && apt-get clean \
- && rm -rf /var/lib/apt/lists/*
-
+nano \
+imagemagick \
+apache2 \
+git \
+ghostscript \
+antiword \
+poppler-utils \
+libimage-exiftool-perl \
+cron \
+postfix \
+wget \
+php \
+php-apcu \
+php-curl \
+php-dev \
+php-gd \
+php-intl \
+php-mysqlnd \
+php-mbstring \
+php-zip \
+libapache2-mod-php \
+ffmpeg \
+libopencv-dev \
+python3-opencv \
+python3 \
+certbot \
+python3-certbot-dns-cloudflare \
+python3-certbot-apache \
+&& apt-get clean \
+&& rm -rf /var/lib/apt/lists/*
+ 
 RUN sed -i -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g" /etc/php/8.3/apache2/php.ini \
- && sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" /etc/php/8.3/apache2/php.ini \
- && sed -i -e "s/max_execution_time\s*=\s*30/max_execution_time = 300/g" /etc/php/8.3/apache2/php.ini \
- && sed -i -e "s/memory_limit\s*=\s*128M/memory_limit = 1G/g" /etc/php/8.3/apache2/php.ini
+&& sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" /etc/php/8.3/apache2/php.ini \
+&& sed -i -e "s/max_execution_time\s*=\s*30/max_execution_time = 300/g" /etc/php/8.3/apache2/php.ini \
+&& sed -i -e "s/memory_limit\s*=\s*128M/memory_limit = 4G/g" /etc/php/8.3/apache2/php.ini
 
-RUN mkdir -p ~/.secrets/certbot \
-    touch ~/.secrets/certbot/cloudflare.ini \
-    chmod 600 ~/.secrets/certbot/cloudflare.ini
-	
-RUN printf 'dns_cloudflare_api_token=$DNS_CLOUDFLARE_API_TOKEN' >>  ~/.secrets/certbot/cloudflare.ini
+RUN mkdir -p ~/.secrets/certbot
 
-RUN touch /etc/apache2/sites-available/$RS_PUBLISHED_DOMAIN.conf
+RUN printf "dns_cloudflare_api_token=$DNS_CLOUDFLARE_API_TOKEN" >>  ~/.secrets/certbot/cloudflare.ini
 
-RUN printf '<VirtualHost *:80>\n\
+RUN chmod 600 ~/.secrets/certbot/cloudflare.ini
+
+RUN printf "<VirtualHost *:80>\n\
 \tServerName $RS_PUBLISHED_DOMAIN\n\
 \tServerAdmin $RS_SERVERADMIN\n\
 \tDocumentRoot /var/www/html\n\
 \n\
 \tErrorLog ${APACHE_LOG_DIR}/$RS_PUBLISHED_DOMAIN.error.log\n\
 \tCustomLog ${APACHE_LOG_DIR}/$RS_PUBLISHED_DOMAIN.access.log combined\n\
-</VirtualHost>\n'\
+</VirtualHost>\n\
 \n\
-<Directory /var/www/>\n'\
+<Directory /var/www/>\n\
 \tOptions FollowSymLinks\n\
-</VirtualHost>\n'\
+</Directory>\n"\
 >> /etc/apache2/sites-available/$RS_PUBLISHED_DOMAIN.conf
 
-RUN a2ensite $RS_PUBLISHED_DOMAIN.conf \
-    service apache2 reload
-
-RUN certbot run --apache --non-interactive --agree-tos -m $RS_SERVERADMIN --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d $RS_PUBLISHED_DOMAIN
+RUN a2ensite $RS_PUBLISHED_DOMAIN.conf
 
 ADD cronjob /etc/cron.daily/resourcespace
 
+RUN rm -rf var/www/html/*
+
 WORKDIR /var/www/html
 
-RUN rm -f index.html \
- && svn co -q https://svn.resourcespace.com/svn/rs/releases/10.6 . \
- && mkdir -p filestore \
- && chmod 777 filestore \
- && chmod -R 777 include/
+RUN git clone --single-branch --branch 10.6 https://git.internal.yel.or.id/hazza/resourcespace . \
+&& mkdir -p filestore \
+&& chmod 777 filestore \
+&& chmod -R 777 include/
+
+RUN certbot run -i apache \
+-a dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini \
+--non-interactive --agree-tos --no-eff-email -m $RS_SERVERADMIN \
+-d $RS_PUBLISHED_DOMAIN
 
 CMD apachectl -D FOREGROUND
+
diff --git a/db.env b/db.env
index 234f5dc..4cb0a9a 100644
--- a/db.env
+++ b/db.env
@@ -1,4 +1,4 @@
-MYSQL_PASSWORD=change-me
-MYSQL_ROOT_PASSWORD=change-me
+MYSQL_PASSWORD=DAMSedapMalamIX3
+MYSQL_ROOT_PASSWORD=DAMasterSedapMalamIX3
 MYSQL_DATABASE=resourcespace
 MYSQL_USER=resourcespace_rw
\ No newline at end of file
diff --git a/docker-compose.yaml b/docker-compose.yaml
index cdea3ef..e7799ce 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,12 +1,17 @@
 services:
   resourcespace:
-    build: .
+    build:
+      context: .
+      args:
+        - RS_PUBLISHED_DOMAIN=${RS_PUBLISHED_DOMAIN}
+        - RS_SERVERADMIN=${RS_SERVERADMIN}
+        - DNS_CLOUDFLARE_API_TOKEN=${DNS_CLOUDFLARE_API_TOKEN}
     container_name: resourcespace
     restart: unless-stopped
     depends_on:
       - mariadb
     volumes:
-      - usrhome:~
+      - usrhome:/root
       - include:/var/www/html/include
       - filestore:/var/www/html/filestore
       - ./testdir:/srv/storage/testdir