Re-implement docker (#154)

Re-implement docker. Addresses #151 and undoes PR #65.

.dockerignore

@@ -0,0 +1,8 @@
+# Ignore everything
+*
+
+# Allow files and directories
+!/src
+!/daemon.php
+!/composer.json
+!/composer.lock

.github/workflows/build.yml

@@ -8,7 +8,50 @@ permissions:
   contents: read
   packages: write
 
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+  DESCRIPTION: Vigilant is a PHP script for monitoring RSS/ATOM/JSON feeds and sending push notifications on new entries.
+
 jobs:
+  docker:
+    name: Docker Images
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Metadata
+        id: meta
+        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=semver,pattern={{version}}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          outputs: type=image,name=target,annotation-index.org.opencontainers.image.description=${{ env.DESCRIPTION }}
+
   zip:
     name: Zip archive
     runs-on: ubuntu-22.04

Dockerfile

@@ -0,0 +1,31 @@
+FROM composer:2.7.2 AS composer
+
+COPY ./ /app
+WORKDIR /app
+
+# Run composer to install dependencies
+RUN composer install \
+  --optimize-autoloader \
+  --no-interaction \
+  --no-progress \
+  --no-dev
+
+FROM alpine:3.19.1
+
+# Install packages
+RUN apk add --no-cache \
+  curl \
+  php82 \
+  php82-curl \
+  php82-ctype \
+  php82-mbstring \
+  php82-openssl \
+  php82-phar \
+  php82-xml \
+  php82-xmlreader
+
+# Copy app folder from composer build stage
+COPY --from=composer /app /app
+WORKDIR /app
+
+CMD [ "php", "./daemon.php" ]

docker-compose.yml

@@ -0,0 +1,14 @@
+version: '3'
+services:
+  vigilant:
+    image: ghcr.io/verifiedjoseph/vigilant:1.2.0
+    environment:
+      - VIGILANT_TIMEZONE=Europe/London
+      - VIGILANT_NOTIFICATION_SERVICE=ntfy
+      - VIGILANT_NOTIFICATION_NTFY_URL=https://ntfy.sh/
+      - VIGILANT_NOTIFICATION_NTFY_TOPIC=testingtesting
+    volumes:
+      - "./feeds.yaml:/app/feeds.yaml"
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true

docker/docker-compose.yml

@@ -0,0 +1,15 @@
+# This file is for testing. For the production version see: https://github.com/VerifiedJoseph/vigilant/tree/main/docker-compose.yml
+version: '3'
+services:
+  app:
+    build: ../
+    container_name: vigilant
+    environment:
+      - VIGILANT_TIMEZONE=Europe/London
+      - VIGILANT_NOTIFICATION_SERVICE=ntfy
+      - VIGILANT_NOTIFICATION_NTFY_URL=https://ntfy.sh/
+      - VIGILANT_NOTIFICATION_NTFY_TOPIC=testingtesting
+    volumes:
+      - "../feeds.yaml:/app/feeds.yaml"
+    security_opt:
+      - no-new-privileges:true

docs/install.md

@@ -1,25 +1,38 @@
 # Installation
 
+## docker-compose
+
+```yaml
+version: '3'
+services:
+  vigilant:
+    image: ghcr.io/verifiedjoseph/vigilant:1.2.0
+    environment:
+      - VIGILANT_NOTIFICATION_SERVICE=ntfy
+      - VIGILANT_NOTIFICATION_NTFY_URL=https://ntfy.sh/
+      - VIGILANT_NOTIFICATION_NTFY_TOPIC=testingtesting
+    volumes:
+      - "./feeds.yaml:/app/feeds.yaml"
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+```
+
 ## Manually
 
-Clone the repository.
+1) Download the [latest release](https://github.com/VerifiedJoseph/vigilant/releases/latest) to your server and extract the zip archive.
 
-```
-git clone https://github.com/VerifiedJoseph/vigilant.git
-```
+2) Setup the feeds to monitor using a [feeds file](feeds.md).
 
-Install dependencies with composer.
+3) Set the configuration using [environment variables](configuration.md) with `config.php` copied from [`config.example.php`](../config.example.php).
 
-```
-composer install --no-dev
-```
+	```
+	cp config.example.php config.php
+	```
 
-There are two scripts that can be used to run Vigilant: `vigilant.php` and `daemon.php`.
+4) Create a scheduled task with cron (below) or similar that runs `vigilant.php` at least every 5 minutes.
 
-`vigilant.php` is designed to be used with a task scheduler like cron, whilst `daemon.php` is designed to used as a daemon process.
+	```
+	1 * * * * php path/to/vigilant/vigilant.php
+	```
 
-Cron example:
-```
-5 * * * * php vigilant.php
-```
-When Vigilant running via a task scheduler, the script should ran at a minimum of every 5 minutes.