Draft
Conversation
USA-RedDragon
force-pushed
the
rootless
branch
4 times, most recently
from
f422269 to
efb140b
Compare
USA-RedDragon
force-pushed
the
rootless
branch
3 times, most recently
from
2f8aa68 to
1452f9e
Compare
Member
|
@USA-RedDragon This is a good idea. Should nginx tmp files be moved to |
USA-RedDragon
commented
Apr 17, 2026
Author
There was a problem hiding this comment.
I think we no longer need this as RoadRunner should gracefully handle SIGTERM for shutdown: https://docs.roadrunner.dev/docs/app-server/cli#stopping-the-server.
USA-RedDragon
commented
Apr 17, 2026
Author
There was a problem hiding this comment.
This is a bit dumb, there might be a better way
USA-RedDragon
commented
Apr 17, 2026
| cgi-fcgi -bind -connect \ | ||
| "${HEALTH_CHECK_IP:-127.0.0.1}:${HEALTH_CHECK_PORT:-9000}" \ | ||
| | grep -e pong >/dev/null | ||
| wget -qO /dev/null "http://${HEALTH_CHECK_HOST}:${HEALTH_CHECK_PORT}/health?plugin=http" |
Author
There was a problem hiding this comment.
The app's .rr.yaml needs
status:
address: "127.0.0.1:${RR_STATUS_PORT:-2114}"
USA-RedDragon
commented
Apr 17, 2026
| ONBUILD ARG INSTALL_IMAGICK | ||
| ONBUILD ARG INSTALL_MOSQUITTO | ||
| ONBUILD ARG INSTALL_MYSQL | ||
| ONBUILD ARG INSTALL_SOCKETS=true |
Author
There was a problem hiding this comment.
laravel/octane needs spiral/roadrunner-cli and spiral/roadrunner-http which one or both depend on ext-sockets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
POC for rootless PHP containers
The containers run as
nobody:nogroup.nginx and php-fpm are removed in favor of Laravel Octane and RoadRunner.
The existing images are adjusted in some minor ways:
s6-svscan-rootlessutility is added that uses/tmpto provide a place for the.s6-svscanfile to live. Other than the worker for some apps needing to run bothcronandphp /app/artisan queue:work, we don't have a strong dependency ons6for this image anymore..rr.yaml, eliminating the need for Laravel-specific code in this repo and simplifying config from envs to a yaml file in the project.php:*-fpm-alpinetophp:*-cli-alpinebecausephp-fpmis no longer needed./health?plugin=http) viawgetinstead of the oldcgi-fcgi pingtophp-fpm. This does require the RoadRunner config to havegettextis dropped as we no longer have to do configuration templatingINSTALL_SOCKETS=trueis added as a default build arg since it's required byspiral/roadrunner-cli/spiral/roadrunner-http.USER root/USER nobody:nogroupsandwich so thatclevyr-buildcan install extensions as root, then drops back to nobody.I have a draft PR 1291 in another repo that I won't link due to the name of it being a privacy concern that shows how this might look on the application side