feat: Add docker stuff

000-default.conf

@@ -0,0 +1,19 @@
+<VirtualHost *:80>
+    # ServerName localhost
+    DocumentRoot /var/www/html
+
+    # ProxyPass for WebSocket handling
+    ProxyPass /wss ws://hnschat-server:4444/
+    ProxyPassReverse /wss ws://hnschat-server:4444/
+
+    <Directory /var/www/html>
+        Options +FollowSymLinks +MultiViews
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    # PHP settings
+    DirectoryIndex index.php
+    AddType application/x-httpd-php .php
+
+</VirtualHost>

Dockerfile

@@ -0,0 +1,28 @@
+# Start with the official Apache2 image
+FROM php:8.1-apache
+
+# Install additional PHP extensions if needed
+RUN docker-php-ext-install mysqli pdo pdo_mysql
+
+# Enable mod_rewrite (commonly required for Apache)
+RUN a2enmod rewrite
+RUN a2enmod proxy
+RUN a2enmod proxy_http
+RUN a2enmod proxy_wstunnel
+RUN a2enmod headers
+
+# Copy your PHP application to the web server's document root
+COPY ./ /var/www/html/
+
+# Set proper permissions for Apache to access the files
+RUN chown -R www-data:www-data /var/www/html/
+
+# Copy config
+COPY ./000-default.conf /etc/apache2/sites-available/000-default.conf
+COPY ./apache2.conf /etc/apache2/apache2.conf
+
+# Expose port 80
+EXPOSE 80
+
+# Start Apache in the foreground
+CMD ["apache2-foreground"]

apache2.conf

@@ -0,0 +1,229 @@
+# This is the main Apache server configuration file.  It contains the
+# configuration directives that give the server its instructions.
+# See http://httpd.apache.org/docs/2.4/ for detailed information about
+# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
+# hints.
+#
+#
+# Summary of how the Apache 2 configuration works in Debian:
+# The Apache 2 web server configuration in Debian is quite different to
+# upstream's suggested way to configure the web server. This is because Debian's
+# default Apache2 installation attempts to make adding and removing modules,
+# virtual hosts, and extra configuration directives as flexible as possible, in
+# order to make automating the changes and administering the server as easy as
+# possible.
+
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#       /etc/apache2/
+#       |-- apache2.conf
+#       |       `--  ports.conf
+#       |-- mods-enabled
+#       |       |-- *.load
+#       |       `-- *.conf
+#       |-- conf-enabled
+#       |       `-- *.conf
+#       `-- sites-enabled
+#               `-- *.conf
+#
+#
+# * apache2.conf is the main configuration file (this file). It puts the pieces
+#   together by including all remaining configuration files when starting up the
+#   web server.
+#
+# * ports.conf is always included from the main configuration file. It is
+#   supposed to determine listening ports for incoming connections which can be
+#   customized anytime.
+#
+# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
+#   directories contain particular configuration snippets which manage modules,
+#   global configuration fragments, or virtual host configurations,
+#   respectively.
+#
+#   They are activated by symlinking available configuration files from their
+#   respective *-available/ counterparts. These should be managed by using our
+#   helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
+#   their respective man pages for detailed information.
+#
+# * The binary is called apache2. Due to the use of environment variables, in
+#   the default configuration, apache2 needs to be started/stopped with
+#   /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
+#   work with the default configuration.
+
+
+# Global configuration
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE!  If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the Mutex documentation (available
+# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+#ServerRoot "/etc/apache2"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+#Mutex file:${APACHE_LOCK_DIR} default
+
+#
+# The directory where shm and other runtime files will be stored.
+#
+
+DefaultRuntimeDir ${APACHE_RUN_DIR}
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+# This needs to be set in /etc/apache2/envvars
+#
+PidFile ${APACHE_PID_FILE}
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 5
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here.  If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog ${APACHE_LOG_DIR}/error.log
+
+#
+# LogLevel: Control the severity of messages logged to the error_log.
+# Available values: trace8, ..., trace1, debug, info, notice, warn,
+# error, crit, alert, emerg.
+# It is also possible to configure the log level for particular modules, e.g.
+# "LogLevel info ssl:warn"
+#
+LogLevel warn
+
+# Include module configuration:
+IncludeOptional mods-enabled/*.load
+IncludeOptional mods-enabled/*.conf
+
+# Include list of ports to listen on
+Include ports.conf
+
+
+# Sets the default security model of the Apache2 HTTPD server. It does
+# not allow access to the root filesystem outside of /usr/share and /var/www.
+# The former is used by web applications packaged in Debian,
+# the latter may be used for local directories served by the web server. If
+# your system is serving content from a sub-directory in /srv you must allow
+# access here, or in any related virtual host.
+<Directory />
+        Options FollowSymLinks
+        AllowOverride None
+        Require all denied
+</Directory>
+
+<Directory /usr/share>
+        AllowOverride None
+        Require all granted
+</Directory>
+
+<Directory /var/www/>
+        Options Indexes FollowSymLinks
+        AllowOverride None
+        Require all granted
+</Directory>
+
+#<Directory /srv/>
+#       Options Indexes FollowSymLinks
+#       AllowOverride None
+#       Require all granted
+#</Directory>
+
+
+
+
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives.  See also the AllowOverride
+# directive.
+#
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+<FilesMatch "^\.ht">
+        Require all denied
+</FilesMatch>
+
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive.
+#
+# These deviate from the Common Log Format definitions in that they use %O
+# (the actual bytes sent including headers) instead of %b (the size of the
+# requested file), because the latter makes it impossible to detect partial
+# requests.
+#
+# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
+# Use mod_remoteip instead.
+#
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+# Include of directories ignores editors' and dpkg's backup files,
+# see README.Debian for details.
+
+# Include generic snippets of statements
+IncludeOptional conf-enabled/*.conf
+
+# Include the virtual host configurations:
+IncludeOptional sites-enabled/*.con
+
+# Global Server Configuration
+ServerTokens Prod
+ServerSignature Off

build.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+docker build -t hnschat-web .
+docker tag hnschat-web git.woodburn.au/nathanwoodburn/hnschat-web:latest
+docker push git.woodburn.au/nathanwoodburn/hnschat-web:latest

etc/head.php

@@ -1,7 +1,5 @@
 <?php
 	header("Access-Control-Allow-Origin: *");
-
-	$revision = 01;
 ?>
 <title>HNSChat</title>
 <meta charset="utf-8">
@@ -24,22 +22,22 @@
 <meta property="twitter:image" content="https://hns.chat/assets/img/cover">
 <link rel="manifest" href="/manifest.json">
 <link href="https://fonts.googleapis.com/css2?family=Rubik&display=swap" rel="stylesheet">
-<link rel="stylesheet" href="/assets/css/style?r=<?php echo $revision; ?>">
+<link rel="stylesheet" href="/assets/css/style?r=1">
 <script src="https://code.jquery.com/jquery-3.6.0.min.js" integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4=" crossorigin="anonymous"></script>
 <script type="text/javascript" src="https://auth.varo.domains/v1"></script>
-<script type="text/javascript" src="/assets/js/qr?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/qr?r=1"></script>
-<script type="text/javascript" src="/assets/js/qr2?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/qr2?r=1"></script>
-<script type="text/javascript" src="/assets/js/he?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/he?r=1"></script>
-<script type="text/javascript" src="/assets/js/zwj?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/zwj?r=1"></script>
-<script type="text/javascript" src="/assets/js/date?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/date?r=1"></script>
-<script type="text/javascript" src="/assets/js/emojis?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/emojis?r=1"></script>
-<script type="text/javascript" src="/assets/js/anchorme?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/anchorme?r=1"></script>
-<script type="text/javascript" src="/assets/js/mask?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/mask?r=1"></script>
-<script type="text/javascript" src="/assets/js/confetti?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/confetti?r=1"></script>
-<script type="text/javascript" src="/assets/js/dish?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/dish?r=1"></script>
-<script type="text/javascript" src="/assets/js/janus?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/janus?r=1"></script>
-<script type="text/javascript" src="/assets/js/adapter?r=<?php echo $revision; ?>"></script>
+<script type="text/javascript" src="/assets/js/adapter?r=1"></script>
-<script type="module" src="/assets/js/script?r=<?php echo $revision; ?>"></script>
+<script type="module" src="/assets/js/script?r=1"></script>
 <script type="text/javascript">
-	var revision = "<?php echo $revision; ?>"; 
+	var revision = 1; 
 </script>

nginx.template.conf

@@ -1,62 +0,0 @@
-worker_processes 1;
-
-events {
-    worker_connections 1024;
-}
-
-http {
-    include    $!{nginx}/conf/mime.types;
-    default_type  application/octet-stream;
-
-    server {
-        listen 80;
-
-        root /app;
-        index index.php;
-
-        location /wss {
-            proxy_pass http://hnschat-server:4444/;
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection 'upgrade';
-            proxy_set_header Host $host;
-        }
-
-        location / {
-            try_files $uri $uri/ /index.php?$query_string;
-        }
-
-        location ~ \.php$ {
-            include $!{nginx}/conf/fastcgi_params;
-            fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # Modify the PHP-FPM socket path as per your setup
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            fastcgi_param DOCUMENT_ROOT $document_root;
-        }
-
-        location ~* ^/(avatar.php|preview.php|assets|uploads)/ {
-            add_header Cache-Control "max-age=63072000, public";
-        }
-
-        location ~ ^/(avatar|preview)/([A-Za-z0-9]+)/?$ {
-            rewrite ^/avatar/([A-Za-z0-9]+)/?$ /etc/avatar.php?id=$1 last;
-            rewrite ^/preview/([A-Za-z0-9]+)/?$ /etc/preview.php?id=$1 last;
-        }
-
-        location ~ ^/invite/([A-Za-z0-9-]+)/?$ {
-            rewrite ^/invite/([A-Za-z0-9-]+)/?$ /id.php?invite=$1 last;
-        }
-
-        # Enable CORS headers
-        add_header Access-Control-Allow-Origin "*";
-        add_header Access-Control-Allow-Methods "GET";
-
-        # Disable server tokens and signatures
-        server_tokens off;
-        add_header X-Powered-By "PHP/7.4"; # Modify PHP version as per your setup
-
-        # Directory permissions for /app
-        location /app/ {
-            allow all;
-        }
-    }
-}

oldnixpacks.json

@@ -1,47 +0,0 @@
-{
-    "providers": ["php"],
-    "buildImage": "ghcr.io/railwayapp/nixpacks:ubuntu-1731369831",
-    "variables": {
-      "NIXPACKS_METADATA": "php",
-      "PORT": "80"
-    },
-    "staticAssets": {
-      "apache.template.conf": "<VirtualHost *:${PORT}>\n    ServerName localhost\n    DocumentRoot \"${NIXPACKS_PHP_ROOT_DIR:-/app}\"\n\n    <Directory \"${NIXPACKS_PHP_ROOT_DIR:-/app}\">\n        Options Indexes +FollowSymLinks +MultiViews\n        AllowOverride All\n        Require all granted\n    </Directory>\n\n    <FilesMatch \\.php$>\n        SetHandler \"proxy:fcgi://127.0.0.1:9000\"\n    </FilesMatch>\n\n    ServerTokens Prod\n    ServerSignature Off\n\n    DirectoryIndex index.php\n    AddType text/html php\n    AddType application/x-httpd-php .php\n\n    ErrorLog /dev/stdout\n    CustomLog /dev/stdout combined\n\n    Header always set X-Frame-Options \"SAMEORIGIN\"\n    Header always set X-Content-Type-Options \"nosniff\"\n\n    RewriteEngine On\n    RewriteCond %{REQUEST_FILENAME} !-f\n    RewriteCond %{REQUEST_FILENAME} !-d\n    RewriteRule ^ index.php [QSA,L]\n\n    <FilesMatch \"^\\\\.(?!well-known).*\">\n        Require all denied\n    </FilesMatch>\n</VirtualHost>\n",
-      "php-fpm.conf": "[www]\nlisten = 127.0.0.1:9000\nuser = nobody\npm = dynamic\npm.max_children = 50\npm.min_spare_servers = 4\npm.max_spare_servers = 32\npm.start_servers = 18\nclear_env = no\ncatch_workers_output = yes\n",
-      "scripts/config/template.mjs": "import { readFile, writeFile } from \"fs/promises\";\nimport { getNixPath } from \"../util/nix.mjs\";\n\nconst replaceStr = input =>\n    input\n        .replaceAll(/\\${(\\w+)}/g,\n            (_all, name) => process.env[name]\n        )\n        .replaceAll(/\\$!{(\\w+)}/g,\n            (_all, exe) => getNixPath(exe)\n        )\n\nexport async function compileTemplate(infile, outfile) {\n    await writeFile(outfile,\n        replaceStr(await readFile(infile, { encoding: 'utf8' })),\n        { encoding: 'utf8' })\n}\n",
-      "scripts/prestart.mjs": "#!/usr/bin/env node\nimport { compileTemplate } from \"./config/template.mjs\";\nimport { e } from \"./util/cmd.mjs\";\n\nif (process.argv.length != 4) {\n    console.error(`Usage: ${process.argv[1]} <config-file> <output-file>`);\n    process.exit(1);\n}\n\nawait compileTemplate(process.argv[2], process.argv[3]);\nconsole.log(`Server starting on port ${process.env.PORT}`);\n",
-      "scripts/util/cmd.mjs": "import { execSync } from \"child_process\";\nexport const e = cmd => execSync(cmd).toString().replace('\\n', '');"
-    },
-    "phases": {
-      "install": {
-        "dependsOn": [
-          "setup"
-        ],
-        "cmds": [
-          "mkdir -p /var/log/apache2 && mkdir -p /var/cache/apache2 && mkdir -p /etc/apache2/sites-available",
-          "cp /assets/apache.template.conf /etc/apache2/sites-available/000-default.conf"
-        ]
-      },
-      "setup": {
-        "nixPkgs": [
-          "(php83.withExtensions (pe: pe.enabled ++ []))",
-          "apacheHttpd",
-          "libmysqlclient",
-          "php83Packages.composer",
-          "nodejs_18",
-          "npm-9_x"
-        ],
-        "nixLibs": [
-          "libmysqlclient"
-        ],
-        "nixOverlays": [
-          "https://github.com/railwayapp/nix-npm-overlay/archive/main.tar.gz"
-        ],
-        "nixpkgsArchive": "dbc4f15b899ac77a8d408d8e0f89fa9c0c5f2b78"
-      }
-    },
-    "start": {
-      "cmd": "node /assets/scripts/prestart.mjs /assets/apache.template.conf /etc/apache2/sites-available/000-default.conf && (php-fpm -y /assets/php-fpm.conf & apachectl -D FOREGROUND)"
-    }
-  }
-