Merge branch 'framework' of github.com:laradock/laradock into framework

:q

.ruby-version

@@ -0,0 +1 @@
+2.4.2

Capfile

@@ -0,0 +1,41 @@
+# Load DSL and set up stages
+require "capistrano/setup"
+
+# Include default deployment tasks
+require "capistrano/deploy"
+
+# Sudoers Service
+require "sshkit/sudo"
+
+# Load the SCM plugin appropriate to your project:
+#
+# require "capistrano/scm/hg"
+# install_plugin Capistrano::SCM::Hg
+# or
+# require "capistrano/scm/svn"
+# install_plugin Capistrano::SCM::Svn
+# or
+require "capistrano/scm/git"
+install_plugin Capistrano::SCM::Git
+
+# Include tasks from other gems included in your Gemfile
+#
+# For documentation on these, see for example:
+#
+#   https://github.com/capistrano/rvm
+#   https://github.com/capistrano/rbenv
+#   https://github.com/capistrano/chruby
+#   https://github.com/capistrano/bundler
+#   https://github.com/capistrano/rails
+#   https://github.com/capistrano/passenger
+#
+# require "capistrano/rvm"
+# require "capistrano/rbenv"
+# require "capistrano/chruby"
+# require "capistrano/bundler"
+# require "capistrano/rails/assets"
+# require "capistrano/rails/migrations"
+# require "capistrano/passenger"
+
+# Load custom tasks from `lib/capistrano/tasks` if you have any defined
+Dir.glob("lib/capistrano/tasks/*.rake").each { |r| import r }

Gemfile

@@ -0,0 +1,9 @@
+source 'https://rubygems.org'
+
+group :development, :test  do
+  gem 'capistrano'
+  gem 'sshkit-sudo'
+  gem 'docker-api'
+  gem 'rspec'
+  gem 'rubocop'
+end

cleanup.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env sh
+
+#####  WARNING !!!  ###########################
+# YOU HAVE ALREADY KNOW WHAT YOU'RE DOING !   #
+# ------------------------------------------- #
+# This will remove all your saved environment #
+# without mercy !                             #
+# ------------------------------------------- #
+
+sudo rm -rf cache
+sudo rm -rf data
+sudo rm -rf session
+
+git checkout cache
+git checkout data
+git checkout session

config/deploy.rb

@@ -0,0 +1,176 @@
+# config valid for current version and patch releases of Capistrano
+lock "~> 3.10.1"
+
+set :application, "laradock"
+set :repo_url, "git@github.com:laradock/laradock.git"
+
+# Default branch is :master
+set :branch,    'master'
+
+# Default deploy_to directory is /var/www/my_app_name
+set :root_path, "/var/www"
+set :deploy_to, "#{ fetch(:root_path) }/production"
+set :current_folder, "#{ fetch(:deploy_to) }/current"
+set :shared_folder, "#{ fetch(:deploy_to) }/shared"
+set :releases_folder, "#{ fetch(:deploy_to) }/releases"
+set :tmp_dir, "#{ fetch(:deploy_to) }/tmp"
+
+set :pty, true
+
+# Default value for :linked_files is []
+append :linked_files, ".env", "composer.json", "package.json", "composer.phar"
+
+# Default value for :linked_dirs []
+append :linked_dirs, "storage", "vendor"
+
+# Default value for keep_releases is 5
+set :keep_releases, 5
+
+set :rbenv_type, :user
+set :rbenv_ruby, '2.4.2'
+set :rbenv_prefix, "RBENV_ROOT=#{fetch(:rbenv_path)} RBENV_VERSION=#{fetch(:rbenv_ruby)} #{fetch(:rbenv_path)}/bin/rbenv exec"
+
+namespace :deploy do
+  desc 'Restart Deploy'
+  task :restart do
+    on roles(:web) do
+      if test("[ -d #{ current_path }/storage ]")
+        execute "chmod 777 -R #{ current_path }/storage"
+      else
+        info "Can't find: #{ current_path }/storage folder!"
+      end
+    end
+  end
+end
+
+namespace :chown do
+  desc 'Restore Ownership Folder'
+  task :restore do
+    on roles(:all) do
+      if test("[ -d #{ release_path }/storage]")
+        execute! :sudo, "chown www-data:www-data -R #{ release_path }/storage"
+      else
+        info "Can't find: #{ release_path }/storage folder!"
+      end
+    end
+  end
+
+  task :change do
+    on roles(:all) do
+      if test("[ -d #{ current_path }/storage]")
+        execute! :sudo, "chown www-data:www-data -R #{ current_path }/storage"
+      else
+        info "Can't find: #{ current_path }/storage folder!"
+      end
+    end
+  end
+end
+
+namespace :nginx do
+  desc 'Reload NGINX'
+  task :manual_reload do
+    on roles(:all) do
+      sudo :service, :nginx, :reload
+    end
+  end
+
+  desc 'Restart NGINX'
+  task :manual_start do
+    on roles(:all), in: :sequence do
+      execute! :sudo, :service, :nginx, :restart
+    end
+  end
+
+  task :manual_restart do
+    on roles(:all) do
+      invoke 'nginx:manual_reload'
+      invoke 'nginx:manual_start'
+    end
+  end
+end
+
+namespace :phpfpm do
+  desc 'Reload PHP-FPM'
+  task :manual_reload do
+    on roles(:all) do
+      sudo :service, :'php7.2-fpm', :reload
+    end
+  end
+
+  desc 'Restart PHP-FPM'
+  task :manual_start do
+    on roles(:all), in: :sequence do
+      execute! :sudo, :service, :'php7.2-fpm', :restart
+    end
+  end
+
+  task :manual_restart do
+    on roles(:all) do
+      invoke 'phpfpm:manual_reload'
+      invoke 'phpfpm:manual_start'
+    end
+  end
+end
+
+namespace :composer do
+  desc 'Install Composer'
+  task :install do
+    on roles(:all) do
+      execute "cd #{ current_path }; composer install"
+    end
+  end
+
+  desc 'Update Composer'
+  task :update do
+    on roles(:all) do
+      execute "cd #{ current_path }; composer self-update"
+    end
+  end
+
+  desc 'Dump Autoload Composer'
+  task :dumpautoload do
+    on roles(:all) do
+      execute "cd #{ current_path }; composer dump-autoload -o"
+    end
+  end
+
+  task :initialize do
+    on roles(:all) do
+      invoke 'composer:install'
+      invoke 'composer:dumpautoload'
+    end
+  end
+end
+
+namespace :artisan do
+  desc 'Clear View'
+  task :clear_view do
+    on roles(:all) do
+      execute "cd #{ current_path }; php artisan view:clear"
+    end
+  end
+
+  desc 'Clear Cache'
+  task :clear_cache do
+    on roles(:all) do
+      execute "cd #{ current_path }; php artisan cache:clear"
+    end
+  end
+
+  task :clear_all do
+    on roles(:all) do
+      invoke 'artisan:clear_view'
+      invoke 'artisan:clear_cache'
+    end
+  end
+end
+
+after 'deploy:publishing', 'deploy:restart'
+after 'deploy:restart', 'composer:initialize'
+after 'deploy:restart', 'artisan:clear_all'
+after 'deploy:restart', 'nginx:manual_restart'
+
+after 'chown:restore', 'nginx:manual_restart'
+after 'chown:change', 'nginx:manual_restart'
+
+after 'nginx:manual_restart', 'phpfpm:manual_restart'

config/deploy/production.rb

@@ -0,0 +1,22 @@
+server 'production', user: 'root', roles: %w{app web}
+
+set :branch,    'master'
+
+# Default deploy_to directory is /var/www/my_app_name
+set :root_path, "/var/www"
+set :deploy_to, "#{ fetch(:root_path) }/production"
+set :current_folder, "#{ fetch(:deploy_to) }/current"
+set :shared_folder, "#{ fetch(:deploy_to) }/shared"
+set :releases_folder, "#{ fetch(:deploy_to) }/releases"
+set :tmp_dir, "#{ fetch(:deploy_to) }/tmp"
+
+set :pty, true
+
+set :ssh_options, {
+  forward_agent: true
+}
+
+set :default_environment, {
+  'PATH' => "$HOME/.rbenv/shims:$HOME/.rbenv/bin:$PATH"
+}
+

config/deploy/staging.rb

@@ -0,0 +1,22 @@
+server 'staging', user: 'root', roles: %w{app web}
+
+set :branch,    'master'
+
+# Default deploy_to directory is /var/www/my_app_name
+set :root_path, "/var/www"
+set :deploy_to, "#{ fetch(:root_path) }/staging"
+set :current_folder, "#{ fetch(:deploy_to) }/current"
+set :shared_folder, "#{ fetch(:deploy_to) }/shared"
+set :releases_folder, "#{ fetch(:deploy_to) }/releases"
+set :tmp_dir, "#{ fetch(:deploy_to) }/tmp"
+
+set :pty, true
+
+set :ssh_options, {
+  forward_agent: true
+}
+
+set :default_environment, {
+  'PATH' => "$HOME/.rbenv/shims:$HOME/.rbenv/bin:$PATH"
+}
+

config/elasticsearch/2.4/elasticsearch.yml

@@ -0,0 +1 @@
+network.host: 0.0.0.0

config/elasticsearch/2.4/logging.yml

@@ -0,0 +1,15 @@
+# you can override this using by setting a system property, for example -Des.logger.level=DEBUG
+es.logger.level: INFO
+rootLogger: ${es.logger.level}, console
+logger:
+  # log action execution errors for easier debugging
+  action: DEBUG
+  # reduce the logging for aws, too much is logged under the default INFO
+  com.amazonaws: WARN
+
+appender:
+  console:
+    type: console
+    layout:
+      type: consolePattern
+      conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n"

config/elasticsearch/5/elasticsearch.yml

@@ -0,0 +1,5 @@
+http.host: 0.0.0.0
+
+# Uncomment the following lines for a production cluster deployment
+#transport.host: 0.0.0.0
+#discovery.zen.minimum_master_nodes: 1

config/elasticsearch/5/log4j2.properties

@@ -0,0 +1,9 @@
+status = error
+
+appender.console.type = Console
+appender.console.name = console
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n
+
+rootLogger.level = info
+rootLogger.appenderRef.console.ref = console

config/mongodb/mongodb.conf

@@ -0,0 +1,43 @@
+# /etc/mongod.conf
+
+# for documentation of all options, see:
+#   http://docs.mongodb.org/manual/reference/configuration-options/
+
+# Where and how to store data.
+storage:
+  dbPath: /var/lib/mongodb
+  journal:
+    enabled: true
+#  engine:
+#  mmapv1:
+#  wiredTiger:
+
+# where to write logging data.
+systemLog:
+  destination: file
+  logAppend: true
+  path: /var/log/mongodb/mongod.log
+
+# network interfaces
+net:
+  port: 27017
+  bindIp: 127.0.0.1
+
+# how the process runs
+processManagement:
+  timeZoneInfo: /usr/share/zoneinfo
+
+security:
+  authorization: "enabled"
+
+#operationProfiling:
+
+#replication:
+
+#sharding:
+
+## Enterprise-Only Options:
+
+#auditLog:
+
+#snmp:

config/mysql/conf.d/laradock.cnf

@@ -0,0 +1,3 @@
+[mysqld]
+skip-host-cache
+skip-name-resolve

config/mysql/my.cnf

@@ -0,0 +1,31 @@
+# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
+
+#
+# The MySQL  Server configuration file.
+#
+# For explanations see
+# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
+
+[mysqld]
+pid-file        = /var/run/mysqld/mysqld.pid
+socket          = /var/run/mysqld/mysqld.sock
+datadir         = /var/lib/mysql
+secure-file-priv= NULL
+# Disabling symbolic-links is recommended to prevent assorted security risks
+symbolic-links=0
+
+# Custom config should go here
+!includedir /etc/mysql/conf.d/

config/nginx/nginx.conf

@@ -0,0 +1,128 @@
+# /etc/nginx/nginx.conf
+
+user www-data;
+# you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
+worker_processes 8; #some last versions calculate it automatically
+
+# number of file descriptors used for nginx
+# the limit for the maximum FDs on the server is usually set by the OS.
+# if you don't set FD's then OS settings will be used which is by default 2000
+# worker_rlimit_nofile 300000;
+worker_rlimit_nofile 30000;
+
+pid /run/nginx.pid;
+
+# provides the configuration file context in which the directives that affect connection processing are specified.
+events {
+    # determines how much clients will be served per worker
+    # max clients = worker_connections * worker_processes
+    # max clients is also limited by the number of socket connections available on the system (~64k)
+    # worker_connections 4000;
+    worker_connections 8192;
+
+    # optmized to serve many clients with each thread, essential for linux -- for testing environment
+    use epoll;
+
+    # accept as many connections as possible, may flood worker connections if set too low -- for testing environment
+    multi_accept on;
+}
+
+http {
+    ##
+    # Logging Settings
+    ##
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+
+    # cache informations about FDs, frequently accessed files
+    # can boost performance, but you need to test those values
+    open_file_cache max=200000 inactive=20s;
+    open_file_cache_valid 30s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors on;
+
+    # to boost I/O on HDD we can disable access logs
+    access_log off;
+
+    # copies data between one FD and other from within the kernel
+    # faster then read() + write()
+    sendfile on;
+
+    # send headers in one peace, its better then sending them one by one
+    tcp_nopush on;
+
+    # don't buffer data sent, good for small data bursts in real time
+    tcp_nodelay on;
+
+    ##
+    # Gzip Settings
+    ##
+    # reduce the data that needs to be sent over network -- for testing environment
+    gzip on;
+    gzip_min_length 10240;
+    gzip_proxied expired no-cache no-store private auth;
+    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/json application/xml;
+    gzip_disable msie6;
+
+    # allow the server to close connection on non responding client, this will free up memory
+    reset_timedout_connection on;
+
+    # request timed out -- default 60
+    # client_body_timeout 10;
+
+    # if client stop responding, free up memory -- default 60
+    send_timeout 2;
+
+    # server will close connection after this time -- default 75
+    keepalive_timeout 65;
+
+    # number of requests client can make over keep-alive -- for testing environment
+    keepalive_requests 100000;
+
+    types_hash_max_size 2048;
+    server_tokens off;
+
+    server_names_hash_bucket_size 64;
+    # server_name_in_redirect off;
+
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    # ANTI DDoS
+    # limit the number of connections per single IP
+    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
+
+    # limit the number of requests for a given session
+    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
+
+    # zone which we want to limit by upper values, we want limit whole server
+    server {
+        limit_conn conn_limit_per_ip 10;
+        limit_req zone=req_limit_per_ip burst=10 nodelay;
+    }
+
+    # if the request body size is more than the buffer size, then the entire (or partial)
+    # request body is written into a temporary file
+    client_body_buffer_size  128k;
+
+    # headerbuffer size for the request header from client -- for testing environment
+    client_header_buffer_size 300m;
+
+    # maximum number and size of buffers for large headers to read from client request
+    large_client_header_buffers 4 256k;
+
+    # read timeout for the request body from client -- for testing environment
+    client_body_timeout   3m;
+
+    # how long to wait for the client to send a request header -- for testing environment
+    client_header_timeout 3m;
+
+    fastcgi_buffers         64 16k;
+    fastcgi_buffer_size     32k;
+    fastcgi_connect_timeout 300;
+    fastcgi_send_timeout    300;
+    fastcgi_read_timeout    300;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}

config/nginx/phpfpm/laradock.conf

@@ -0,0 +1,34 @@
+server {
+    listen 80;
+    listen [::]:80 ipv6only=on;
+    server_name laradock.localhost;
+
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+
+    root /var/www/public;
+    index index.php;
+
+    client_max_body_size 25M;
+    fastcgi_read_timeout 1800;
+
+    location / {
+        try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location  ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass workspace:9000;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    location  /php/fpm/status {
+        fastcgi_pass workspace:9000;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include /etc/nginx/fastcgi_params;
+    }
+
+}

config/nginx/puma/production

@@ -0,0 +1,65 @@
+upstream faye_server {
+  server laradock.com:9292;
+}
+
+upstream production {
+  server unix:/home/deploy/laradock/current/tmp/sockets/puma-production.socket fail_timeout=0;
+}
+
+server {
+  listen 80;
+  listen [::]:80 ipv6only=on;
+  server_name laradock.com;
+  root /home/deploy/laradock/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+  underscores_in_headers on;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @puma;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @puma {
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://production;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/nginx/puma/production-ssl

@@ -0,0 +1,68 @@
+upstream faye_server {
+  server laradock.com:9292;
+}
+
+upstream production {
+  server unix:/home/deploy/laradock/current/tmp/sockets/puma-production.socket fail_timeout=0;
+}
+
+server {
+  listen 443;
+  ssl on;
+  ssl_certificate     /etc/ssl/star_laradock_com.pem;
+  ssl_certificate_key /etc/ssl/laradock.key;
+
+  server_name laradock.com;
+  root /home/deploy/laradock/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @puma;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @puma {
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-Forr $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://staging;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/nginx/puma/staging

@@ -0,0 +1,65 @@
+upstream faye_server {
+  server laradock.localhost:9292;
+}
+
+upstream staging {
+  server unix:/home/deploy/laradock.dev/current/tmp/sockets/puma-staging.socket fail_timeout=0;
+}
+
+server {
+  listen 80;
+  listen [::]:80 ipv6only=on;
+  server_name laradock.localhost;
+  root /home/deploy/laradock.dev/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+  underscores_in_headers on;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @puma;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock.dev/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @puma {
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://staging;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/nginx/puma/staging-ssl

@@ -0,0 +1,68 @@
+upstream faye_server {
+  server laradock.localhost:9292;
+}
+
+upstream staging {
+  server unix:/home/deploy/laradock.dev/current/tmp/sockets/puma-staging.socket fail_timeout=0;
+}
+
+server {
+  listen 443;
+  ssl on;
+  ssl_certificate     /etc/ssl/star_laradock_com.pem;
+  ssl_certificate_key /etc/ssl/laradock.key;
+
+  server_name laradock.localhost;
+  root /home/deploy/laradock.dev/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @puma;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock.dev/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @puma {
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-Forr $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://staging;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/nginx/unicorn/production

@@ -0,0 +1,65 @@
+upstream faye_server {
+  server laradock.com:9292;
+}
+
+upstream production {
+  server unix:/home/deploy/laradock/current/tmp/sockets/unicorn-production.socket fail_timeout=0;
+}
+
+server {
+  listen 80;
+  listen [::]:80 ipv6only=on;
+  server_name laradock.com;
+  root /home/deploy/laradock/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+  underscores_in_headers on;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @unicorn;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @unicorn {
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://production;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/nginx/unicorn/production-ssl

@@ -0,0 +1,68 @@
+upstream faye_server {
+  server laradock.com:9292;
+}
+
+upstream production {
+  server unix:/home/deploy/laradock/current/tmp/sockets/unicorn-production.socket fail_timeout=0;
+}
+
+server {
+  listen 443;
+  ssl on;
+  ssl_certificate     /etc/ssl/star_laradock_com.pem;
+  ssl_certificate_key /etc/ssl/laradock.key;
+
+  server_name laradock.com;
+  root /home/deploy/laradock/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @unicorn;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @unicorn {
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-Forr $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://production;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/nginx/unicorn/staging

@@ -0,0 +1,65 @@
+upstream faye_server {
+  server laradock.localhost:9292;
+}
+
+upstream staging {
+  server unix:/home/deploy/laradock.dev/current/tmp/sockets/unicorn-staging.socket fail_timeout=0;
+}
+
+server {
+  listen 80;
+  listen [::]:80 ipv6only=on;
+  server_name laradock.localhost;
+  root /home/deploy/laradock.dev/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+  underscores_in_headers on;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @unicorn;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock.dev/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @unicorn {
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://staging;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/nginx/unicorn/staging-ssl

@@ -0,0 +1,68 @@
+upstream faye_server {
+  server laradock.localhost:9292;
+}
+
+upstream staging {
+  server unix:/home/deploy/laradock.dev/current/tmp/sockets/unicorn-staging.socket fail_timeout=0;
+}
+
+server {
+  listen 443;
+  ssl on;
+  ssl_certificate     /etc/ssl/star_laradock_com.pem;
+  ssl_certificate_key /etc/ssl/laradock.key;
+
+  server_name laradock.localhost;
+  root /home/deploy/laradock.dev/current/public;
+
+  client_max_body_size 300M;
+  keepalive_timeout 120;
+  send_timeout 120;
+
+  error_page 500 /500.html;
+  try_files /system/maintenance.html $uri/index.html $uri @unicorn;
+
+  proxy_http_version 1.1;
+  chunked_transfer_encoding off;
+  proxy_buffering off;
+  proxy_cache off;
+
+  proxy_connect_timeout 43200000;
+  proxy_read_timeout    43200000;
+  proxy_send_timeout    43200000;
+
+  location ~ ^/(assets)/ {
+    root /home/deploy/laradock.dev/current/public;
+    gzip_static on;
+    expires 1y;
+    add_header Cache-Control public;
+    break;
+  }
+
+  location @unicorn {
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header X-Request-Start "t=${msec}000";
+    proxy_set_header X-Forwarded-Forr $proxy_add_x_forwarded_for;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_pass http://staging;
+  }
+
+  location /pub-sub {
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+
+    proxy_pass http://faye_server;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+
+  if ($http_user_agent ~* (EasouSpider) ) {
+    return 403;
+  }
+
+}

config/php/laradock-php-ext-xdebug.ini

@@ -0,0 +1,11 @@
+;zend_extension=/usr/local/lib/php/extensions/no-debug-non-zts-20170718/xdebug.so
+xdebug.remote_autostart=1
+xdebug.remote_port=9090
+xdebug.remote_host=127.0.0.1
+xdebug.remote_enable=1
+xdebug.profiler_enable=1
+xdebug.profiler_output_dir=/var/log/xdebug
+xdebug.remote_handler=dbgp
+xdebug.remote_autostart=1
+xdebug.remote_connect_back=0
+xdebug.idekey=PHPSTORM

config/php/php-fpm.conf

@@ -0,0 +1,24 @@
+[global]
+error_log = /var/log/php-fpm/fpm-error.log
+daemonize = no
+
+[www]
+user = www-data
+group = www-data
+listen = [::]:9000
+
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+pm.status_path = /php/fpm/status
+
+clear_env = no
+
+access.log = /var/log/php-fpm/access.log
+access.format = "%t \"%m %r%Q%q\" %s %{mili}dms %{kilo}Mkb %C%%"
+catch_workers_output = yes
+
+php_flag[display_errors] = on
+php_admin_value[date.timezone] = "Europe/London"

config/php/php.ini

@@ -0,0 +1,7 @@
+[PHP]
+short_open_tag = off
+
+[Date]
+date.timezone = "Europe/London"
+
+;zend_extension=/usr/local/lib/php/extensions/no-debug-non-zts-20170718/xdebug.so

config/phpmyadmin/config.inc.php

@@ -0,0 +1,156 @@
+<?php
+/* vim: set expandtab sw=4 ts=4 sts=4: */
+/**
+ * phpMyAdmin sample configuration, you can use it as base for
+ * manual configuration. For easier setup you can use setup/
+ *
+ * All directives are explained in documentation in the doc/ folder
+ * or at <https://docs.phpmyadmin.net/>.
+ *
+ * @package PhpMyAdmin
+ */
+
+/**
+ * This is needed for cookie based authentication to encrypt password in
+ * cookie. Needs to be 32 chars long.
+ */
+$cfg['blowfish_secret'] = 'abcdefghijklmnopqwertuvwxyz1234567890'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
+
+/**
+ * Servers configuration
+ */
+$i = 0;
+
+/**
+ * First server
+ */
+$i++;
+/* Authentication type */
+$cfg['Servers'][$i]['auth_type'] = 'cookie';
+/* Server parameters */
+$cfg['Servers'][$i]['host'] = 'mariadb';   // mysql, mariadb, percona
+$cfg['Servers'][$i]['compress'] = false;
+$cfg['Servers'][$i]['AllowNoPassword'] = false;
+$cfg['Servers'][$i]['user'] = 'laradock';
+$cfg['Servers'][$i]['password'] = 'password';
+
+/**
+ * phpMyAdmin configuration storage settings.
+ */
+
+/* User used to manipulate with storage */
+// $cfg['Servers'][$i]['controlhost'] = '';
+// $cfg['Servers'][$i]['controlport'] = '';
+// $cfg['Servers'][$i]['controluser'] = 'laradock';
+// $cfg['Servers'][$i]['controlpass'] = 'password';
+
+/* Storage database and tables */
+// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
+// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
+// $cfg['Servers'][$i]['relation'] = 'pma__relation';
+// $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
+// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
+// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
+// $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
+// $cfg['Servers'][$i]['history'] = 'pma__history';
+// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
+// $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
+// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
+// $cfg['Servers'][$i]['recent'] = 'pma__recent';
+// $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
+// $cfg['Servers'][$i]['users'] = 'pma__users';
+// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
+// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
+// $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
+// $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
+// $cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
+// $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
+
+/**
+ * End of servers configuration
+ */
+
+/**
+ * Directories for saving/loading files from server
+ */
+$cfg['UploadDir'] = '';
+$cfg['SaveDir'] = '';
+
+/**
+ * Whether to display icons or text or both icons and text in table row
+ * action segment. Value can be either of 'icons', 'text' or 'both'.
+ * default = 'both'
+ */
+//$cfg['RowActionType'] = 'icons';
+
+/**
+ * Defines whether a user should be displayed a "show all (records)"
+ * button in browse mode or not.
+ * default = false
+ */
+//$cfg['ShowAll'] = true;
+
+/**
+ * Number of rows displayed when browsing a result set. If the result
+ * set contains more rows, "Previous" and "Next".
+ * Possible values: 25, 50, 100, 250, 500
+ * default = 25
+ */
+//$cfg['MaxRows'] = 50;
+
+/**
+ * Disallow editing of binary fields
+ * valid values are:
+ *   false    allow editing
+ *   'blob'   allow editing except for BLOB fields
+ *   'noblob' disallow editing except for BLOB fields
+ *   'all'    disallow editing
+ * default = 'blob'
+ */
+//$cfg['ProtectBinary'] = false;
+
+/**
+ * Default language to use, if not browser-defined or user-defined
+ * (you find all languages in the locale folder)
+ * uncomment the desired line:
+ * default = 'en'
+ */
+//$cfg['DefaultLang'] = 'en';
+//$cfg['DefaultLang'] = 'de';
+
+/**
+ * How many columns should be used for table display of a database?
+ * (a value larger than 1 results in some information being hidden)
+ * default = 1
+ */
+//$cfg['PropertiesNumColumns'] = 2;
+
+/**
+ * Set to true if you want DB-based query history.If false, this utilizes
+ * JS-routines to display query history (lost by window close)
+ *
+ * This requires configuration storage enabled, see above.
+ * default = false
+ */
+//$cfg['QueryHistoryDB'] = true;
+
+/**
+ * When using DB-based query history, how many entries should be kept?
+ * default = 25
+ */
+//$cfg['QueryHistoryMax'] = 100;
+
+/**
+ * Whether or not to query the user before sending the error report to
+ * the phpMyAdmin team when a JavaScript error occurs
+ *
+ * Available options
+ * ('ask' | 'always' | 'never')
+ * default = 'ask'
+ */
+//$cfg['SendErrorReports'] = 'always';
+
+/**
+ * You can find more configuration options in the documentation
+ * in the doc/ folder or at <https://docs.phpmyadmin.net/>.
+ */

docker-compose.sync.yml

@@ -1,4 +1,4 @@
-version: '3'
+version: '3.2'
 
 services:
 

docker-compose.yml

@@ -1,4 +1,4 @@
-version: '3'
+version: '3.2'
 
 networks:
   frontend:
@@ -45,7 +45,7 @@ services:
 ### Workspace Utilities ##################################
     workspace:
       build:
-        context: ./workspace
+        context: ./docker/workspace
         args:
           - PHP_VERSION=${PHP_VERSION}
           - INSTALL_XDEBUG=${WORKSPACE_INSTALL_XDEBUG}
@@ -106,7 +106,7 @@ services:
 ### PHP-FPM ##############################################
     php-fpm:
       build:
-        context: ./php-fpm
+        context: ./docker/php-fpm
         args:
           - PHP_VERSION=${PHP_VERSION}
           - INSTALL_XDEBUG=${PHP_FPM_INSTALL_XDEBUG}
@@ -149,7 +149,7 @@ services:
 ### PHP Worker ############################################
     php-worker:
       build:
-        context: ./php-worker
+        context: ./docker/php-worker
         args:
           - PHP_VERSION=${PHP_VERSION}
           - INSTALL_PGSQL=${PHP_WORKER_INSTALL_PGSQL}
@@ -166,7 +166,7 @@ services:
 ### NGINX Server #########################################
     nginx:
       build:
-        context: ./nginx
+        context: ./docker/nginx
         args:
           - PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
           - PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
@@ -197,7 +197,7 @@ services:
 ### Apache Server ########################################
     apache2:
       build:
-        context: ./apache2
+        context: ./docker/apache2
         args:
           - PHP_UPSTREAM_CONTAINER=${APACHE_PHP_UPSTREAM_CONTAINER}
           - PHP_UPSTREAM_PORT=${APACHE_PHP_UPSTREAM_PORT}
@@ -247,7 +247,7 @@ services:
 ### MySQL ################################################
     mysql:
       build:
-        context: ./mysql
+        context: ./docker/mysql
         args:
           - MYSQL_VERSION=${MYSQL_VERSION}
       environment:
@@ -267,7 +267,7 @@ services:
 ### Percona ################################################
     percona:
       build:
-        context: ./percona
+        context: ./docker/percona
       environment:
         - MYSQL_DATABASE=${PERCONA_DATABASE}
         - MYSQL_USER=${PERCONA_USER}
@@ -284,7 +284,7 @@ services:
 ### MSSQL ################################################
     mssql:
       build:
-        context: ./mssql
+        context: ./docker/mssql
       environment:
         - MSSQL_DATABASE=${MSSQL_DATABASE}
         - SA_PASSWORD=${MSSQL_PASSWORD}
@@ -482,7 +482,7 @@ services:
 ### Adminer ###########################################
     adminer:
       build:
-        context: ./adminer
+        context: ./docker/adminer
         args:
           - INSTALL_MSSQL=${ADM_INSTALL_MSSQL}
       ports:
@@ -544,7 +544,7 @@ services:
 ### Certbot #########################################
     certbot:
       build:
-        context: ./certbot
+        context: ./docker/certbot
       volumes:
         - ./data/certbot/certs/:/var/certs
         - ./certbot/letsencrypt/:${APP_CODE_PATH_CONTAINER}/letsencrypt
@@ -649,7 +649,7 @@ services:
 ### Grafana ################################################
     grafana:
       build:
-        context: ./grafana
+        context: ./docker/grafana
       volumes:
         - ${DATA_PATH_HOST}/grafana:/var/lib/grafana
       ports:
@@ -660,7 +660,7 @@ services:
 ### Laravel Echo Server #######################################
     laravel-echo-server:
       build:
-        context: ./laravel-echo-server
+        context: ./docker/laravel-echo-server
       volumes:
         - ./laravel-echo-server/laravel-echo-server.json:/app/laravel-echo-server.json:ro
       ports:
@@ -674,7 +674,7 @@ services:
 ### Solr ################################################
     solr:
       build:
-        context: ./solr
+        context: ./docker/solr
         args:
           - SOLR_VERSION=${SOLR_VERSION}
           - SOLR_DATAIMPORTHANDLER_MYSQL=${SOLR_DATAIMPORTHANDLER_MYSQL}
@@ -688,7 +688,7 @@ services:
 ### AWS EB-CLI ################################################
     aws:
       build:
-        context: ./aws
+        context: ./docker/aws
       volumes:
         - ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
       depends_on:

docker-remove.sh

@@ -0,0 +1,20 @@
+#!/usr/bin/env sh
+
+#####  WARNING !!!  ###########################
+# YOU HAVE ALREADY KNOW WHAT YOU'RE DOING !   #
+# ------------------------------------------- #
+# This will remove all your docker container  #
+# without mercy !                             #
+# ------------------------------------------- #
+
+##### Remove all docker "laradock" #####
+sudo docker ps -a | grep "laradock" | awk '{print $2}' | xargs sudo docker rmi -f
+
+##### Remove all docker container #####
+# WARNING! This will remove:
+#	- all stopped containers
+#	- all volumes not used by at least one container
+#	- all networks not used by at least one container
+#	- all images without at least one container associated to them
+
+# sudo docker system prune -a

docker-sync.yml

@@ -1,4 +1,4 @@
-version: "2"
+version: "3.2"
 
 options:
   verbose: false

docker/aerospike/aerospike.conf

@@ -0,0 +1,77 @@
+# Aerospike database configuration file.
+
+# This stanza must come first.
+service {
+	user root
+	group root
+	paxos-single-replica-limit 1 # Number of nodes where the replica count is automatically reduced to 1.
+	pidfile /var/run/aerospike/asd.pid
+	service-threads 4
+	transaction-queues 4
+	transaction-threads-per-queue 4
+	proto-fd-max 15000
+}
+
+logging {
+
+	# Log file must be an absolute path.
+	file /var/log/aerospike/aerospike.log {
+		context any info
+	}
+
+	# Send log messages to stdout
+	console {
+		context any critical
+	}
+}
+
+network {
+	service {
+		address any
+		port 3000
+
+		# Uncomment the following to set the `access-address` parameter to the
+		# IP address of the Docker host. This will the allow the server to correctly
+		# publish the address which applications and other nodes in the cluster to
+		# use when addressing this node.
+		# access-address <IPADDR>
+	}
+
+	heartbeat {
+
+		# mesh is used for environments that do not support multicast
+		mode mesh
+		port 3002
+
+		# use asinfo -v 'tip:host=<ADDR>;port=3002' to inform cluster of
+		# other mesh nodes
+		mesh-port 3002
+
+		interval 150
+		timeout 10
+	}
+
+	fabric {
+		port 3001
+	}
+
+	info {
+		port 3003
+	}
+}
+
+namespace test {
+	replication-factor 2
+	memory-size 1G
+	default-ttl 5d # 5 days, use 0 to never expire/evict.
+
+	#	storage-engine memory
+
+	# To use file storage backing, comment out the line above and use the
+	# following lines instead.
+	storage-engine device {
+		file /opt/aerospike/data/test.dat
+		filesize 4G
+		data-in-memory true # Store data in memory in addition to file.
+	}
+}

docker/core-base-consul/.dockerignore

@@ -0,0 +1,3 @@
+rootfs/etc/consul-template/conf-services.d/.gitkeep
+rootfs/etc/cont-consul/services.d/.gitkeep
+rootfs/etc/cont-consul/checks.d/.gitkeep

docker/core-base-consul/Dockerfile

@@ -0,0 +1,40 @@
+FROM dockerframework/core-base:latest
+
+# ================================================================================================
+#  Inspiration: Docker Alpine (https://github.com/bhuisgen/docker-alpine)
+#               Boris HUISGEN <bhuisgen@hbis.fr>
+# ================================================================================================
+#  Core Contributors:
+#   - Mahmoud Zalt @mahmoudz
+#   - Bo-Yi Wu @appleboy
+#   - Philippe Trépanier @philtrep
+#   - Mike Erickson @mikeerickson
+#   - Dwi Fahni Denni @zeroc0d3
+#   - Thor Erik @thorerik
+#   - Winfried van Loon @winfried-van-loon
+#   - TJ Miller @sixlive
+#   - Yu-Lung Shao (Allen) @bestlong
+#   - Milan Urukalo @urukalo
+#   - Vince Chu @vwchu
+#   - Huadong Zuo @zuohuadong
+# ================================================================================================
+
+MAINTAINER "Laradock Team <mahmoud@zalt.me>"
+
+ENV CONSULTEMPLATE_VERSION=0.19.4
+
+RUN mkdir -p /var/lib/consul && \
+    addgroup -g 500 -S consul && \
+    adduser -u 500 -S -D -g "" -G consul -s /sbin/nologin -h /var/lib/consul consul && \
+    chown -R consul:consul /var/lib/consul
+
+RUN apk add --update zip && \
+    curl -sSL https://releases.hashicorp.com/consul-template/${CONSULTEMPLATE_VERSION}/consul-template_${CONSULTEMPLATE_VERSION}_linux_amd64.zip -o /tmp/consul-template.zip && \
+    unzip /tmp/consul-template.zip -d /bin && \
+    rm /tmp/consul-template.zip && \
+    apk del zip && \
+    rm -rf /var/cache/apk/*
+
+COPY rootfs/ /
+
+HEALTHCHECK CMD /etc/cont-consul/check || exit 1

docker/core-base-consul/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2018 Docker Framework
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

docker/core-base-consul/Makefile.am

@@ -0,0 +1,13 @@
+IMAGE = dockerframework/core-base-consul
+
+clean-local:
+	docker rmi $(CLEAN_OPTIONS) $(IMAGE):$(TAG) || true
+
+build:
+	docker build $(BUILD_OPTIONS) -t $(IMAGE):$(TAG) .
+
+pull:
+	docker pull $(PULL_OPTIONS) $(IMAGE):$(TAG)
+
+push: build
+	docker push $(PUSH_OPTIONS) $(IMAGE):$(TAG)

docker/core-base-consul/Makefile.in

@@ -0,0 +1,412 @@
+# Makefile.in generated by automake 1.15.1 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2017 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+VPATH = @srcdir@
+am__is_gnu_make = { \
+  if test -z '$(MAKELEVEL)'; then \
+    false; \
+  elif test -n '$(MAKE_HOST)'; then \
+    true; \
+  elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+    true; \
+  else \
+    false; \
+  fi; \
+}
+am__make_running_with_option = \
+  case $${target_option-} in \
+      ?) ;; \
+      *) echo "am__make_running_with_option: internal error: invalid" \
+              "target option '$${target_option-}' specified" >&2; \
+         exit 1;; \
+  esac; \
+  has_opt=no; \
+  sane_makeflags=$$MAKEFLAGS; \
+  if $(am__is_gnu_make); then \
+    sane_makeflags=$$MFLAGS; \
+  else \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        bs=\\; \
+        sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+          | sed "s/$$bs$$bs[$$bs $$bs	]*//g"`;; \
+    esac; \
+  fi; \
+  skip_next=no; \
+  strip_trailopt () \
+  { \
+    flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+  }; \
+  for flg in $$sane_makeflags; do \
+    test $$skip_next = yes && { skip_next=no; continue; }; \
+    case $$flg in \
+      *=*|--*) continue;; \
+        -*I) strip_trailopt 'I'; skip_next=yes;; \
+      -*I?*) strip_trailopt 'I';; \
+        -*O) strip_trailopt 'O'; skip_next=yes;; \
+      -*O?*) strip_trailopt 'O';; \
+        -*l) strip_trailopt 'l'; skip_next=yes;; \
+      -*l?*) strip_trailopt 'l';; \
+      -[dEDm]) skip_next=yes;; \
+      -[JT]) skip_next=yes;; \
+    esac; \
+    case $$flg in \
+      *$$target_option*) has_opt=yes; break;; \
+    esac; \
+  done; \
+  test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+subdir = core-base-consul
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
+mkinstalldirs = $(install_sh) -d
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN     " $@;
+am__v_GEN_1 = 
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 = 
+SOURCES =
+DIST_SOURCES =
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
+am__extra_recursive_targets = build-recursive pull-recursive \
+	push-recursive
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+am__DIST_COMMON = $(srcdir)/Makefile.in
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BUILD_OPTIONS = @BUILD_OPTIONS@
+CLEAN_OPTIONS = @CLEAN_OPTIONS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DOCKER = @DOCKER@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LTLIBOBJS = @LTLIBOBJS@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MKDIR_P = @MKDIR_P@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PULL_OPTIONS = @PULL_OPTIONS@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAG = @TAG@
+VERSION = @VERSION@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+am__leading_dot = @am__leading_dot@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build_alias = @build_alias@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host_alias = @host_alias@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+runstatedir = @runstatedir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+IMAGE = dockerframework/core-base-consul
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign core-base-consul/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --foreign core-base-consul/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+build-local: 
+pull-local: 
+push-local: 
+tags TAGS:
+
+ctags CTAGS:
+
+cscope cscopelist:
+
+
+distdir: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile
+installdirs:
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+build-am: build-local
+
+clean: clean-am
+
+clean-am: clean-generic clean-local mostlyclean-am
+
+distclean: distclean-am
+	-rm -f Makefile
+distclean-am: clean-am distclean-generic
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+pull-am: pull-local
+
+push-am: push-local
+
+uninstall-am:
+
+.MAKE: install-am install-strip
+
+.PHONY: all all-am build build-am build-local check check-am clean \
+	clean-generic clean-local cscopelist-am ctags-am distclean \
+	distclean-generic distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am install-man \
+	install-pdf install-pdf-am install-ps install-ps-am \
+	install-strip installcheck installcheck-am installdirs \
+	maintainer-clean maintainer-clean-generic mostlyclean \
+	mostlyclean-generic pdf pdf-am ps ps-am pull pull-am \
+	pull-local push push-am push-local tags-am uninstall \
+	uninstall-am
+
+.PRECIOUS: Makefile
+
+
+clean-local:
+	docker rmi $(CLEAN_OPTIONS) $(IMAGE):$(TAG) || true
+
+build:
+	docker build $(BUILD_OPTIONS) -t $(IMAGE):$(TAG) .
+
+pull:
+	docker pull $(PULL_OPTIONS) $(IMAGE):$(TAG)
+
+push: build
+	docker push $(PUSH_OPTIONS) $(IMAGE):$(TAG)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:

docker/core-base-consul/README.md

@@ -0,0 +1,4 @@
+# Core-Base-Consul Container
+Core-Base-Consul Container of Docker Framework
+
+[![Build Status](https://travis-ci.org/dockerframework/core-base-consul.svg?branch=master)](https://travis-ci.org/dockerframework/core-base-consul) [![](https://images.microbadger.com/badges/image/dockerframework/core-base-consul:latest.svg)](https://microbadger.com/images/dockerframework/core-base-consul:latest "Layers") [![](https://images.microbadger.com/badges/version/dockerframework/core-base-consul:latest.svg)](https://microbadger.com/images/dockerframework/core-base-consul:latest "Version") [![GitHub issues](https://img.shields.io/github/issues/dockerframework/core-base-consul.svg)](https://github.com/dockerframework/core-base-consul/issues) [![GitHub forks](https://img.shields.io/github/forks/dockerframework/core-base-consul.svg)](https://github.com/dockerframework/core-base-consul/network) [![GitHub stars](https://img.shields.io/github/stars/dockerframework/core-base-consul.svg)](https://github.com/dockerframework/core-base-consul/stargazers) [![GitHub license](https://img.shields.io/badge/license-MIT-blue.svg)](https://raw.githubusercontent.com/dockerframework/core-base-consul/master/LICENSE)

docker/core-base-consul/docker-compose.skeleton.yml

@@ -0,0 +1,71 @@
+version: '3.2'
+
+services:
+
+#================================================================================================
+# CORE-BASE-CONSUL
+#================================================================================================
+  core-base-consul:
+    ports:
+      - "1234:1234"
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      #- CONTAINER_RESOLVER=route                                   # IP resolver method for container (route/interface, default: route)
+      #- CONTAINER_RESOLVER_INTERFACENAME=eth0                      # network interface name for IP resolver (default: eth0)
+      #- CONTAINER_RESOLVER_INTERFACETYPE=inet                      # network interface type for IP resolver (inet/inet6, default: inet)
+      - CONSUL_AGENT=172.16.0.1                                     # agent hostname
+      - CONSUL_PORT=8500                                            # agent port
+      - CONSUL_TLS=0                                                # enable TLS
+      #- CONSUL_TLSCAFILE=/etc/consul.d/ssl/ca.pem                  # TLS CA certificate file
+      #- CONSUL_TLSCERTFILE=/etc/consul.d/ssl/client.pem            # TLS client certificate file
+      #- CONSUL_TLSKEYFILE=/etc/consul.d/ssl/client-priv-key.pem    # TLS client certificate key file
+      #- CONSUL_TLSSERVERNAME=                                      # SNI server name for validation
+      #- CONSUL_TLSVERIFY=0                                         # enable TLS peer verification
+      #- CONSUL_TOKEN=43480d61-aea9-4a21-9deb-5e68dbc44985          # API token
+      #- CONSUL_KEYPREFIX=path/prefix/                              # keystore prefix path
+      #- CONSUL_RESOLVER=container                                  # IP resolver method for consul service registration (container/route/interface, by default container)
+      #- CONSUL_RESOLVER_INTERFACENAME=eth0                         # network interface name for IP resolver (default: eth0)
+      #- CONSUL_RESOLVER_INTERFACETYPE=inet                         # network interface type for IP resolver (inet/inet6, default: inet)
+      - CONSUL_SERVICENAME=foo                                      # service name to register
+      #- CONSUL_SERVICETAGS=local,foo                               # service tags (optional)
+      - CONSUL_SERVICEPORT=1234                                     # service port
+      #- CONSUL_CHECKTYPE=tcp                                       # health check type (none/http/script/tcp/ttl, default: none)
+      #- CONSUL_CHECKINTERVAL=15s                                   # health check interval
+      #- CONSUL_DEREGISTERCRITICALSERVICEAFTER=0                    # delay after which the service will be deregistered if this check remains critical (0 to disable)
+
+      #
+      # HTTP health check
+      #
+      #- CONSUL_CHECKTYPE=http
+      #- CONSUL_CHECKHTTPURL=http://foo:1234                        # HTTP custom URL
+      #- CONSUL_CHECKHTTPPATH=/                                     # HTTP path for auto-generated URL (http://<container_ip>:<service_port><path>)
+      #- CONSUL_CHECKHTTPTLSSKIPVERIFY=0                            # skip TLS certificate verification
+      #- CONSUL_CHECKINTERVAL=15s                                   # check interval
+      #- CONSUL_DEREGISTERCRITICALSERVICEAFTER=0                    # delay after which the service will be deregistered if this check remains critical (0 to disable)
+
+      #
+      # Script health check
+      #
+      #- CONSUL_CHECKTYPE=script
+      #- CONSUL_CHECKSCRIPT=/usr/local/bin/healthcheck.sh           # script to execute
+      #- CONSUL_CHECKDOCKERCONTAINERID=                             # docker container id
+      #- CONSUL_CHECKSHELL=/bin/bash                                # custom shell
+      #- CONSUL_CHECKINTERVAL=15s                                   # check interval
+      #- CONSUL_DEREGISTERCRITICALSERVICEAFTER=0                    # delay after which the service will be deregistered if this check remains critical (0 to disable)
+
+      #
+      # TCP health check
+      #
+      #- CONSUL_CHECKTYPE=tcp
+      #- CONSUL_CHECKADDR=static                                    # custom TCP address if different from service registration
+      #- CONSUL_CHECKPORT=5678                                      # custom TCP port if different from service registration
+      #- CONSUL_CHECKINTERVAL=15s                                   # check interval
+      #- CONSUL_DEREGISTERCRITICALSERVICEAFTER=0                    # delay after which the service will be deregistered if this check remains critical (0 to disable)
+
+      #
+      # TTL health check
+      #
+      #- CONSUL_CHECKTYPE=ttl
+      #- CONSUL_CHECKTTL=15s                                        # TTL update
+      #- CONSUL_DEREGISTERCRITICALSERVICEAFTER=0                    # delay after which the service will be deregistered if this check remains critical (0 to disable)

docker/core-base-consul/rootfs/etc/consul-template/conf-cont.d/01-cont-consul.conf

@@ -0,0 +1,29 @@
+template {
+    source = "/etc/consul-template/templates/cont-consul/service.json.ctmpl"
+    destination = "/etc/cont-consul/services.d/container.json"
+    perms = 0640
+}
+
+template {
+    source = "/etc/consul-template/templates/cont-consul/check-http.json.ctmpl"
+    destination = "/etc/cont-consul/checks.d/container-http.json"
+    perms = 0640
+}
+
+template {
+    source = "/etc/consul-template/templates/cont-consul/check-script.json.ctmpl"
+    destination = "/etc/cont-consul/checks.d/container-script.json"
+    perms = 0640
+}
+
+template {
+    source = "/etc/consul-template/templates/cont-consul/check-tcp.json.ctmpl"
+    destination = "/etc/cont-consul/checks.d/container-tcp.json"
+    perms = 0640
+}
+
+template {
+    source = "/etc/consul-template/templates/cont-consul/check-ttl.json.ctmpl"
+    destination = "/etc/cont-consul/checks.d/container-ttl.json"
+    perms = 0640
+}

docker/core-base-consul/rootfs/etc/consul-template/templates/cont-consul/check-http.json.ctmpl

@@ -0,0 +1,31 @@
+{{- $host := env "CONTAINER_HOST" -}}
+{{- $ip := env "CONTAINER_IP" -}}
+{{- $name := env "CONSUL_SERVICENAME" -}}
+{{- $port := env "CONSUL_SERVICEPORT" -}}
+{{- $check_type := env "CONSUL_CHECKTYPE" -}}
+{{- $check_httpurl := env "CONSUL_CHECKHTTPURL" -}}
+{{- $check_httppath := env "CONSUL_CHECKHTTPPATH" -}}
+{{- $check_httptlsskipverify := env "CONSUL_CHECKHTTPTLSSKIPVERIFY" -}}
+{{- $check_interval := env "CONSUL_CHECKINTERVAL" -}}
+{{- $check_deregistercriticalserviceafter := env "CONSUL_DEREGISTERCRITICALSERVICEAFTER" -}}
+{{- if eq $check_type "http" -}}
+{{- if and $host $ip $name $port -}}
+{
+    "ID": "{{print $name "-" $host "-http"}}",
+    "Name": "Check HTTP",
+    "ServiceID": "{{print $name "-" $host}}",
+    {{if $check_deregistercriticalserviceafter}}
+    "DeregisterCriticalServiceAfter": "{{$check_deregistercriticalserviceafter}}",
+    {{end}}
+    {{if $check_httpurl}}
+    "HTTP": "{{$check_httpurl}}",
+    {{else}}
+    "HTTP": "http://{{$ip}}:{{$port}}{{if $check_httppath}}{{$check_httppath}}{{else}}/{{end}}",
+    {{end}}
+    {{if eq $check_httptlsskipverify "1"}}
+    "TLSSkipVerify": true,
+    {{end}}
+    "Interval": {{if $check_interval}}{{$check_interval}}{{else}}"15s"{{end}}
+}
+{{- end -}}
+{{- end -}}

docker/core-base-consul/rootfs/etc/consul-template/templates/cont-consul/check-script.json.ctmpl

@@ -0,0 +1,27 @@
+{{- $host := env "CONTAINER_HOST" -}}
+{{- $ip := env "CONTAINER_IP" -}}
+{{- $name := env "CONSUL_SERVICENAME" -}}
+{{- $check_type := env "CONSUL_CHECKTYPE" -}}
+{{- $check_script := env "CONSUL_CHECKSCRIPT" -}}
+{{- $check_docker_container_id := env "CONSUL_CHECKDOCKERCONTAINERID" -}}
+{{- $check_shell := env "CONSUL_CHECKSHELL" -}}
+{{- $check_interval := env "CONSUL_CHECKINTERVAL" -}}
+{{- $check_deregistercriticalserviceafter := env "CONSUL_DEREGISTERCRITICALSERVICEAFTER" -}}
+{{- if eq $check_type "script" -}}
+{{- if and $host $ip $name $check_script -}}
+{
+    "ID": "{{print $name "-" $host "-script"}}",
+    "Name": "Check script",
+    "ServiceID": "{{print $name "-" $host}}",
+    {{if $check_deregistercriticalserviceafter}}
+    "DeregisterCriticalServiceAfter": "{{$check_deregistercriticalserviceafter}}",
+    {{end}}
+    "Script": "{{$check_script}}",
+    {{if and $check_docker_container_id $check_shell -}}
+    "DockerContainerID": "{{$check_docker_container_id}}",
+    "Shell": "{{$check_shell}}",
+    {{end -}}
+    "Interval": {{if $check_interval}}{{$check_interval}}{{else}}"15s"{{end}}
+}
+{{- end -}}
+{{- end -}}

docker/core-base-consul/rootfs/etc/consul-template/templates/cont-consul/check-tcp.json.ctmpl

@@ -0,0 +1,36 @@
+{{- $host := env "CONTAINER_HOST" -}}
+{{- $ip := env "CONTAINER_IP" -}}
+{{- $name := env "CONSUL_SERVICENAME" -}}
+{{- $port := env "CONSUL_SERVICEPORT" -}}
+{{- $check_type := env "CONSUL_CHECKTYPE" -}}
+{{- $check_addr := env "CONSUL_CHECKADDR" -}}
+{{- $check_port := env "CONSUL_CHECKPORT" -}}
+{{- $check_interval := env "CONSUL_CHECKINTERVAL" -}}
+{{- $check_deregistercriticalserviceafter := env "CONSUL_DEREGISTERCRITICALSERVICEAFTER" -}}
+{{- if eq $check_type "tcp" -}}
+{{- if and $host $ip $name $port $check_addr $check_port -}}
+{
+    "ID": "{{print $name "-" $host "-tcp"}}",
+    "Name": "Check TCP",
+    "ServiceID": "{{print $name "-" $host}}",
+    {{if $check_deregistercriticalserviceafter}}
+    "DeregisterCriticalServiceAfter": "{{$check_deregistercriticalserviceafter}}",
+    {{end}}
+    "TCP": "{{$check_addr}}:{{$check_port}}",
+    "Interval": {{if $check_interval}}{{$check_interval}}{{else}}"15s"{{end}}
+}
+{{- else -}}
+{{- if and $host $ip $name $port -}}
+{
+    "ID": "{{print $name "-" $host "-tcp"}}",
+    "Name": "Check TCP",
+    "ServiceID": "{{print $name "-" $host}}",
+    {{if $check_deregistercriticalserviceafter}}
+    "DeregisterCriticalServiceAfter": "{{$check_deregistercriticalserviceafter}}",
+    {{end}}
+    "TCP": "{{$ip}}:{{$port}}",
+    "Interval": {{if $check_interval}}{{$check_interval}}{{else}}"15s"{{end}}
+}
+{{- end -}}
+{{- end -}}
+{{- end -}}

docker/core-base-consul/rootfs/etc/consul-template/templates/cont-consul/check-ttl.json.ctmpl

@@ -0,0 +1,19 @@
+{{- $host := env "CONTAINER_HOST" -}}
+{{- $ip := env "CONTAINER_IP" -}}
+{{- $name := env "CONSUL_SERVICENAME" -}}
+{{- $check_type := env "CONSUL_CHECKTYPE" -}}
+{{- $check_ttl := env "CONSUL_CHECKTTL" -}}
+{{- $check_deregistercriticalserviceafter := env "CONSUL_DEREGISTERCRITICALSERVICEAFTER" -}}
+{{- if eq $check_type "ttl" -}}
+{{- if and $host $ip $name $check_ttl -}}
+{
+    "ID": "{{print $name "-" $host "-ttl"}}",
+    "Name": "Check TTL",
+    "ServiceID": "{{print $name "-" $host}}",
+    {{if $check_deregistercriticalserviceafter}}
+    "DeregisterCriticalServiceAfter": "{{$check_deregistercriticalserviceafter}}",
+    {{end}}
+    "TTL": "{{$check_ttl}}"
+}
+{{- end -}}
+{{- end -}}

docker/core-base-consul/rootfs/etc/consul-template/templates/cont-consul/service.json.ctmpl

@@ -0,0 +1,17 @@
+{{- $host := env "CONTAINER_HOST" -}}
+{{- $ip := env "CONTAINER_IP" -}}
+{{- $name := env "CONSUL_SERVICENAME" -}}
+{{- $tags := env "CONSUL_SERVICETAGS" -}}
+{{- $addr := env "CONSUL_SERVICEADDR" -}}
+{{- $port := env "CONSUL_SERVICEPORT" -}}
+{{- if and $host $ip $name $addr $port -}}
+{
+    "ID": "{{print $name "-" $host}}",
+    "Name": "{{$name}}",
+    {{if $tags -}}
+    "Tags": [ {{range $index, $tag := $tags | split ","}}{{if gt $index 0}}, {{end}}"{{$tag}}"{{end}} ],
+    {{- end}}
+    "Address": "{{$addr}}",
+    "Port": {{$port}}
+}
+{{- end -}}

docker/core-base-consul/rootfs/etc/consul.d/ssl/ca.pem

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID6zCCAtOgAwIBAgIJAKMb63RFQYl1MA0GCSqGSIb3DQEBCwUAMIGLMQswCQYD
+VQQGEwJMVTETMBEGA1UECAwKTHV4ZW1ib3VyZzETMBEGA1UEBwwKTHV4ZW1ib3Vy
+ZzESMBAGA1UECgwJbG9jYWxob3N0MRIwEAYDVQQLDAlsb2NhbGhvc3QxCzAJBgNV
+BAMMAmNhMR0wGwYJKoZIhvcNAQkBFg5yb290QGxvY2FsaG9zdDAeFw0xNjA1MjQx
+NTI3NDNaFw0yNjA1MjIxNTI3NDNaMIGLMQswCQYDVQQGEwJMVTETMBEGA1UECAwK
+THV4ZW1ib3VyZzETMBEGA1UEBwwKTHV4ZW1ib3VyZzESMBAGA1UECgwJbG9jYWxo
+b3N0MRIwEAYDVQQLDAlsb2NhbGhvc3QxCzAJBgNVBAMMAmNhMR0wGwYJKoZIhvcN
+AQkBFg5yb290QGxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAOpn0LnH3KlJtPr6gjNuAw2jEsDXhHQ97HLHCb6n0f+37dlcEoxGtKAVPf3x
+rxz2yf8Uqw+fzGAQ4p36k/9ssfpoHx2P5OOnX2q49iLO0rabXLfXxF9OCqr3Idko
+Wjj2y/X6a0BCpBWdki/cOnqw8pmrCsnAG1YB4TyuR0hJ1bAKXKTPqYZ7zQZQm2GR
+78PXAockrccXQyYoaNL3p7a+d+qXJkYmVX0r187IrjnWRDF/DFgzBvWVP/rUM0XL
+Old+LbcJr3QWorXlfFGs1K+M67Fy+26BXwxeqhqrH0MOmlUeVCaVYz45ACYgiHV0
+5bIgz6Lryn98nTR0uzQMU7UePZMCAwEAAaNQME4wHQYDVR0OBBYEFOWiAYmYILN7
+aMfwMZeREIF45I+rMB8GA1UdIwQYMBaAFOWiAYmYILN7aMfwMZeREIF45I+rMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAERA/QUP48scwzmxmFrwW+Ww
+E1qPwE61Vzpke0xphm0WZpRNABNUL4eAdtw9yN2mDnhDm5KmVF92uLwFNqkNCwqO
+h6vM/zEu6xp1AjG6WNfVmaGm/k0AGu8w+7GofsCLvWGKJcLX2w6fxy7dSwI836Kw
+/QEnfEtdgri1e1hE6ZGRZv1vxkhVKHUAL/6aVV2cYscNYf+Ul1JkWkjIhrvzbEv+
+hlfaYDlkKsFza2f+KTm9IPjgxb9gA/FHqVTiFaFcut2CnVxb/sbW44cbbae8dV4F
+AXmLhAowvG3z8ufpUMs9ZFPtF60uAh+nOC79pdNH/kMYgKNCQNEc57LjFovIGQc=
+-----END CERTIFICATE-----

docker/core-base-consul/rootfs/etc/consul.d/ssl/client-priv-key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAwu7fq5EH89WrHNXQntvSWQZb/C7cFtMIdUAvV9X8ZzjWNCKM
+nl9zdrhiPq33011yT2JOG1KcDHf9XmYTJ6EIa+EO7+xQgjPdFNlk1Qp85UdLnyMa
+2MqABjq4WfeJtjhmRFbFiBiy67Y1eFrC4XoULMEioVtQAcu3uPHszW/sh0oi7n+N
+pZARcZ3xSnKy63f33VJxlUKiG5fHLAMmCsgGRG5paSiWRVe5CmajFf0g2Sz565HS
+zDSSw9RfI/+oiDumj+x9wN9TiFp2h1bC1U3fLrZj6gD5xGBPj7cMIYD6ny1X4O4c
+84iUQhHqmsEU6iQpWp/QjMd6Bln63bC3y208tQIDAQABAoIBAFijFcGFqQAO4Ee0
+UbBqdDNW2OzKwfj+7JGkJeLiwmqNRZlfPGGnNXF+Ve36XP4XN6sxICL8ZUimJueN
+spgKeTHUnF4sLk+GFbktQNQ+eJwo1xH9fG+nZJ9wg/Mkw9G/w4C/lAJWeMUFjTq0
+yniMcjAHgh+szayDXX8TQoIHqp25JJLd6Xn5gJaqM0p6XqUE2NAHG/WHhZKYRd0p
+zQATKVZ/RYriea5HN6+l6rBLqi0hqe8fqByodPVYEKh4fCrcsls3wROvgMmMOd5U
+kvy9aK6niCSxA02y8C9WVeUEKpoe6n3YDkfSQTYQa431dDpQroLKI1mBY2PhgjvI
+6gumxeECgYEA74PjSS+EHihOoiQPS/Z/8HE0KgQUVEzAIzI3I3Zd8nuXCTd8IVEO
+JPiRbeiF216p3IeD1QG8gK6T9XvUqLGYKqJSuMJ5xBvq0k6n47CJ7FX7Cd7miGl5
+wYHRV82vV+HszDS7b2PXnkQBalQleiKe8daRIxXKPGG58v6URE87Z08CgYEA0Fl6
+AVFkCJbx5TRtoe2V1v+IoaAiC1U3yFptSeZm1cfOIcX7UFFDr4AoI3ZCeDDOYGQK
+fjNWlndHXv/9DSRtfYJwxcn0ZpeNXrf5kHFAtNJoRhOvGDrj0vc7FZzspdi6oUez
+S6EkjBWxGNvel7BRZCg8QhXXIAvOx6MWWm4ZWrsCgYEAjMfvu1+zf2pftcwONa8g
+yjov2BZnwJkQQl/Mqwpy9AkS4Lb9PjP/ZVm5WWnX6/Y7T0VUBsqretOiYiMz/yfL
+8htRFgoxOkTShGT5J8rndsOe99FNnZapm0TrwHlEfBpubiT8mt+LqBn+3vmwwZZB
+6JIe4wl2woEKpDpg+bm8h98CgYEAz211kSBWBlM5KueCiqc9+ZnYjokdu8iwy7Bz
+hBJ1qTrOV0ODjBgL2gsuavfO/1gf70lKRRCZkR3ZmZQkfFQbCcy2t8PzpbwWjAl/
+1jVapWuhUrtAJFBlB2EKmt7rn8XhMLZwo8gf2bOy6DvmJYDt11hTfbu+vHHlAU61
+73wTlAcCgYA0K5HWOb5sdNStdq9G52W6aNGAuWPF8vC8ph9mhGqb1sQ2NVrvu0Kj
+7BB2wzxXUoBQigUtCqKGFU7HMbArxW7LOqGSD0nD72u1FhILOgESYfy2KS/JnAxL
+NSSI414QETtZed8OmXzqwssdLGHBlO+qEhjptP9HQpg7/9IjDq5Oug==
+-----END RSA PRIVATE KEY-----

docker/core-base-consul/rootfs/etc/consul.d/ssl/client.pem

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECDCCAvCgAwIBAgIBCzANBgkqhkiG9w0BAQUFADCBizELMAkGA1UEBhMCTFUx
+EzARBgNVBAgMCkx1eGVtYm91cmcxEzARBgNVBAcMCkx1eGVtYm91cmcxEjAQBgNV
+BAoMCWxvY2FsaG9zdDESMBAGA1UECwwJbG9jYWxob3N0MQswCQYDVQQDDAJjYTEd
+MBsGCSqGSIb3DQEJARYOcm9vdEBsb2NhbGhvc3QwHhcNMTYwNTI0MTUyOTIxWhcN
+MjYwNTIyMTUyOTIxWjCBhzEcMBoGA1UEAwwTY2xpZW50LmxvY2FsLmNvbnN1bDET
+MBEGA1UECAwKTHV4ZW1ib3VyZzELMAkGA1UEBhMCTFUxHTAbBgkqhkiG9w0BCQEW
+DnJvb3RAbG9jYWxob3N0MRIwEAYDVQQKDAlsb2NhbGhvc3QxEjAQBgNVBAsMCWxv
+Y2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMLu36uRB/PV
+qxzV0J7b0lkGW/wu3BbTCHVAL1fV/Gc41jQijJ5fc3a4Yj6t99Ndck9iThtSnAx3
+/V5mEyehCGvhDu/sUIIz3RTZZNUKfOVHS58jGtjKgAY6uFn3ibY4ZkRWxYgYsuu2
+NXhawuF6FCzBIqFbUAHLt7jx7M1v7IdKIu5/jaWQEXGd8Upysut3991ScZVCohuX
+xywDJgrIBkRuaWkolkVXuQpmoxX9INks+euR0sw0ksPUXyP/qIg7po/sfcDfU4ha
+dodWwtVN3y62Y+oA+cRgT4+3DCGA+p8tV+DuHPOIlEIR6prBFOokKVqf0IzHegZZ
++t2wt8ttPLUCAwEAAaN5MHcwCQYDVR0TBAIwADAdBgNVHQ4EFgQUyvEMuCadNsgZ
+yF0OK+Z0CzjCuPUwHwYDVR0jBBgwFoAU5aIBiZggs3tox/Axl5EQgXjkj6swCwYD
+VR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG
+9w0BAQUFAAOCAQEAoo4MAvVoWpdrKM9sTaljDmcR0B/mIIx71+AM7B8H0Bg/cDnr
+4ofvBntf+kw0oemrSnyd9fxTuONCyn4ROu496h15Wi1yy256v5UTj+zccHluHwbD
+ZrRcN3WRdsGp65YQd/lyqNQ36t/19JCwhFYIHtx4j+JXa5va7d9tGcQyntqhYxxA
+BUW1TQFhRxQEFzL6995jv/x43ie5OkDX4GZovNE5TJ8oGPLHg56TcjqpqOPGi3mR
+L5bCnH1oKO4y/40nqxz+foW6JbpzQPRtV/D7abt0qWTaC0OxkpPayI8nHf67SMQl
+GPPyFS/NxX63z5Ft/75kGnPqat9z9mJTnn518g==
+-----END CERTIFICATE-----

docker/core-base-consul/rootfs/etc/cont-consul/check

@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+if [ -z "${CONSUL_AGENT}" ]; then
+    exit 0
+fi
+
+options=""
+url="http://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+if [ ! -z "${CONSUL_TLS}" ] && [ "${CONSUL_TLS}" -eq 1 ]; then
+    url="https://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+    if [ ! -z "${CONSUL_TLSCAFILE}" ]; then
+        options="${options} --cacert ${CONSUL_TLSCAFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSCERTFILE}" ]; then
+        options="${options} --cert ${CONSUL_TLSCERTFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSKEYFILE}" ]; then
+        options="${options} --key ${CONSUL_TLSKEYFILE}"
+    fi
+
+    if [ -z "${CONSUL_TLSVERIFY}" ] || [ "${CONSUL_TLSVERIFY}" -ne 1 ]; then
+        options="${options} --insecure"
+    fi
+fi
+
+if [ ! -z "${CONSUL_TOKEN}" ]; then
+    options="${options} --header X-Consul-Token:${CONSUL_TOKEN}"
+fi
+
+status=0
+
+if [ -d /etc/cont-consul/services.d/ ]; then
+    for file in /etc/cont-consul/services.d/*.json; do
+        [ -f "$file" ] || continue
+
+        id=$(jq -r '.ID' "$file") && \
+            name=$(jq -r '.Name' "$file") && \
+            health=$(curl -s ${options} -X GET "${url}/v1/health/service/${name}" \
+                        -G --data-urlencode "passing=true") && \
+            service_ids=$(echo "$health"|jq -r '.[].Service.ID') || break
+
+        check=0
+        for service_id in $service_ids; do
+            if [ "$service_id" == "$id" ]; then
+                check=1
+
+                break
+            fi
+        done
+
+        if [ $check -eq 0 ]; then
+            status=1
+        fi
+    done
+fi
+
+exit $status

docker/core-base-consul/rootfs/etc/cont-consul/deregister

@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+
+if [ -z ${CONSUL_AGENT} ]; then
+    exit 0
+fi
+
+options=""
+url="http://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+if [ ! -z "${CONSUL_TLS}" ] && [ "${CONSUL_TLS}" -eq 1 ]; then
+    url="https://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+    if [ ! -z "${CONSUL_TLSCAFILE}" ]; then
+        options="${options} --cacert ${CONSUL_TLSCAFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSCERTFILE}" ]; then
+        options="${options} --cert ${CONSUL_TLSCERTFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSKEYFILE}" ]; then
+        options="${options} --key ${CONSUL_TLSKEYFILE}"
+    fi
+
+    if [ -z "${CONSUL_TLSVERIFY}" ] || [ "${CONSUL_TLSVERIFY}" -ne 1 ]; then
+        options="${options} --insecure"
+    fi
+fi
+
+if [ ! -z "${CONSUL_TOKEN}" ]; then
+    options="${options} --header X-Consul-Token:${CONSUL_TOKEN}"
+fi
+
+status=0
+
+if [ -d /etc/cont-consul/services.d/ ]; then
+    for file in /etc/cont-consul/services.d/*.json; do
+        [ -f "$file" ] || continue
+
+        serviceid=$(jq -r '.ID' "$file") && \
+            [ $(curl -s -w '%{http_code}' --out /dev/null ${options} \
+                -X GET "${url}/v1/agent/service/deregister/${serviceid}") == "200" ] || status=1
+    done
+fi
+
+if [ -d /etc/cont-consul/checks.d/ ]; then
+    for file in /etc/cont-consul/checks.d/*.json; do
+        [ -f "$file" ] || continue
+
+        checkid=$(jq -r '.ID' "$file") && \
+            [ $(curl -s -w '%{http_code}' --out /dev/null ${options} \
+                -X GET "${url}/v1/agent/check/deregister/${checkid}") == "200" ] || status=1
+    done
+fi
+
+exit $status

docker/core-base-consul/rootfs/etc/cont-consul/maintenance

@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+if [ -z ${CONSUL_AGENT} ]; then
+    exit 0
+fi
+
+options=""
+url="http://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+if [ ! -z "${CONSUL_TLS}" ] && [ "${CONSUL_TLS}" -eq 1 ]; then
+    url="https://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+    if [ ! -z "${CONSUL_TLSCAFILE}" ]; then
+        options="${options} --cacert ${CONSUL_TLSCAFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSCERTFILE}" ]; then
+        options="${options} --cert ${CONSUL_TLSCERTFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSKEYFILE}" ]; then
+        options="${options} --key ${CONSUL_TLSKEYFILE}"
+    fi
+
+    if [ -z "${CONSUL_TLSVERIFY}" ] || [ "${CONSUL_TLSVERIFY}" -ne 1 ]; then
+        options="${options} --insecure"
+    fi
+fi
+
+if [ ! -z "${CONSUL_TOKEN}" ]; then
+    options="${options} --header X-Consul-Token:${CONSUL_TOKEN}"
+fi
+
+if [ ! -z "$1" ] && [ "$1" == "--enable" ]; then
+    options="${options} -G --data-urlencode enable=true"
+elif [ ! -z "$1" ] && [ "$1" == "--disable" ]; then
+    options="${options} -G --data-urlencode enable=false"
+else
+    exit 1
+fi
+
+status=0
+
+if [ -d /etc/cont-consul/services.d/ ]; then
+    for file in /etc/cont-consul/services.d/*.json; do
+        [ -f "$file" ] || continue
+
+        serviceid=$(jq -r '.ID' "$file") && \
+            [ $(curl -s -w '%{http_code}' --out /dev/null ${options} \
+                -X PUT "${url}/v1/agent/service/maintenance/${serviceid}") == "200" ] || status=1
+    done
+fi
+
+exit $status

docker/core-base-consul/rootfs/etc/cont-consul/register

@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+if [ -z ${CONSUL_AGENT} ]; then
+    exit 0
+fi
+
+options=""
+url="http://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+if [ ! -z "${CONSUL_TLS}" ] && [ "${CONSUL_TLS}" -eq 1 ]; then
+    url="https://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+    if [ ! -z "${CONSUL_TLSCAFILE}" ]; then
+        options="${options} --cacert ${CONSUL_TLSCAFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSCERTFILE}" ]; then
+        options="${options} --cert ${CONSUL_TLSCERTFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSKEYFILE}" ]; then
+        options="${options} --key ${CONSUL_TLSKEYFILE}"
+    fi
+
+    if [ -z "${CONSUL_TLSVERIFY}" ] || [ "${CONSUL_TLSVERIFY}" -ne 1 ]; then
+        options="${options} --insecure"
+    fi
+fi
+
+if [ ! -z "${CONSUL_TOKEN}" ]; then
+    options="${options} --header X-Consul-Token:${CONSUL_TOKEN}"
+fi
+
+status=0
+
+if [ -d /etc/cont-consul/services.d/ ]; then
+    for file in /etc/cont-consul/services.d/*.json; do
+        [ -f "$file" ] || continue
+
+        [ $(curl -s -w '%{http_code}' --out /dev/null ${options} \
+            -X PUT -d "@${file}" "${url}/v1/agent/service/register") == "200" ] || status=1
+    done
+fi
+
+if [ -d /etc/cont-consul/checks.d/ ]; then
+    for file in /etc/cont-consul/checks.d/*.json; do
+        [ -f "$file" ] || continue
+
+        [ $(curl -s -w '%{http_code}' --out /dev/null ${options} \
+            -X PUT -d "@${file}" "${url}/v1/agent/check/register") == "200" ] || status=1
+    done
+fi
+
+exit $status

docker/core-base-consul/rootfs/etc/cont-finish.d/02-cont-consul

@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv sh
+
+if [ ! -z ${CONSUL_AGENT} ]; then
+    echo "==> Deregistering container"
+
+    /etc/cont-consul/deregister
+fi

docker/core-base-consul/rootfs/etc/cont-finish.d/03-consul-template

@@ -0,0 +1,8 @@
+#!/usr/bin/with-contenv sh
+
+if [ ! -z ${CONSUL_AGENT} ] && [ ${CONSULTEMPLATE_CONTAINER} -eq 1 ]; then
+    echo "==> Removing container configuration"
+
+    rm -f /etc/cont-consul/services.d/container.json
+    rm -f /etc/cont-consul/checks.d/container-*.json
+fi

docker/core-base-consul/rootfs/etc/cont-finish.d/98-consul-template

@@ -0,0 +1,7 @@
+#!/usr/bin/with-contenv sh
+
+if [ ! -z ${CONSUL_AGENT} ] && [ ${CONSULTEMPLATE_SERVICES} -eq 1 ]; then
+    echo "==> Disabling services configuration"
+
+    touch /etc/services.d/consul-template/down
+fi

docker/core-base-consul/rootfs/etc/cont-init.d/02-consul

@@ -0,0 +1,106 @@
+#!/usr/bin/with-contenv sh
+
+if [ -z "${CONSUL_AGENT}" ]; then
+    export CONSUL_AGENT=""
+    printf "%s" "${CONSUL_AGENT}" > /var/run/s6/container_environment/CONSUL_AGENT
+fi
+
+if [ -z "${CONSUL_PORT}" ]; then
+    export CONSUL_PORT=8500
+    printf "%s" "${CONSUL_PORT}" > /var/run/s6/container_environment/CONSUL_PORT
+fi
+
+if [ -z "${CONSUL_TLS}" ]; then
+    export CONSUL_TLS=""
+    printf "%s" "${CONSUL_TLS}" > /var/run/s6/container_environment/CONSUL_TLS
+fi
+
+if [ -z "${CONSUL_TOKEN}" ]; then
+    export CONSUL_TOKEN=""
+    printf "%s" "${CONSUL_TOKEN}" > /var/run/s6/container_environment/CONSUL_TOKEN
+fi
+
+if [ -z "${CONSUL_KEYPREFIX}" ]; then
+    export CONSUL_KEYPREFIX=""
+    printf "%s" "${CONSUL_KEYPREFIX}" > /var/run/s6/container_environment/CONSUL_KEYPREFIX
+fi
+
+if [ ! -z "${CONSUL_AGENT}" ] && [ ! -z "${CONSUL_SERVICENAME}" ]; then
+    if [ -z "${CONSUL_RESOLVER}" ]; then
+        CONSUL_RESOLVER=container
+    fi
+
+    case ${CONSUL_RESOLVER} in
+        container)
+            CONSUL_SERVICEADDR=${CONTAINER_IP}
+            ;;
+
+        interface)
+            if [ -z "${CONTAINER_RESOLVER_INTERFACENAME}" ]; then
+                CONSUL_RESOLVER_INTERFACENAME=eth0
+            fi
+
+            if [ -z "${CONTAINER_RESOLVER_INTERFACETYPE}" ]; then
+                CONSUL_RESOLVER_INTERFACETYPE=inet
+            fi
+
+            CONSUL_SERVICEADDR=$(ip -o addr show ${CONSUL_RESOLVER_INTERFACENAME}|grep "${CONSUL_RESOLVER_INTERFACETYPE} "|awk '{ print $4; }'|sed -e 's/\/.*$//')
+            ;;
+
+        route)
+            CONSUL_SERVICEADDR=$(ip route get 1|awk '{ print $NF; exit; }')
+            ;;
+    esac
+
+    if [ -z "${CONSUL_SERVICEADDR}" ]; then
+        echo "Failed to resolve consul service address, aborting" >&2
+        exit 1
+    fi
+
+    export CONSUL_SERVICEADDR
+    printf "%s" "${CONSUL_SERVICEADDR}" > /var/run/s6/container_environment/CONSUL_SERVICEADDR
+fi
+
+if [ ! -z "${CONSUL_AGENT}" ]; then
+    options=""
+    url="http://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+    if [ ! -z "${CONSUL_TLS}" ] && [ ${CONSUL_TLS} -eq 1 ]; then
+        url="https://${CONSUL_AGENT}:${CONSUL_PORT}"
+
+        if [ ! -z "${CONSUL_TLSCAFILE}" ]; then
+            options="${options} --cacert ${CONSUL_TLSCAFILE}"
+        fi
+
+        if [ ! -z "${CONSUL_TLSCERTFILE}" ]; then
+            options="${options} --cert ${CONSUL_TLSCERTFILE}"
+        fi
+
+        if [ ! -z "${CONSUL_TLSKEYFILE}" ]; then
+            options="${options} --key ${CONSUL_TLSKEYFILE}"
+        fi
+
+        if [ -z "${CONSUL_TLSVERIFY}" ] || [ "${CONSUL_TLSVERIFY}" -ne 1 ]; then
+            options="${options} --insecure"
+        fi
+    fi
+
+    if [ ! -z "${CONSUL_TOKEN}" ]; then
+        options="${options} --header X-Consul-Token:${CONSUL_TOKEN}"
+    fi
+
+    retry=0
+    while true; do
+        [ $(curl -sI -w '%{http_code}' --out /dev/null ${options} "${url}/v1/agent/self") == "200" ] && break
+        retry=$((retry+1))
+        if [ "$retry" -lt 3 ]; then
+            echo "Failed to check consul agent, retrying in few seconds" >&2
+
+            sleep 15
+            continue
+        fi
+
+        echo "Failed to check consul agent, aborting" >&2
+        exit 1
+    done
+fi

docker/core-base-consul/rootfs/etc/cont-init.d/03-consul-template

@@ -0,0 +1,57 @@
+#!/usr/bin/with-contenv sh
+
+if [ -z "$CONSULTEMPLATE_CONTAINER" ]; then
+    export CONSULTEMPLATE_CONTAINER=1
+    printf "%s" "${CONSULTEMPLATE_CONTAINER}" > /var/run/s6/container_environment/CONSULTEMPLATE_CONTAINER
+fi
+
+if [ -z "$CONSULTEMPLATE_SERVICES" ]; then
+    export CONSULTEMPLATE_SERVICES=1
+    printf "%s" "${CONSULTEMPLATE_SERVICES}" > /var/run/s6/container_environment/CONSULTEMPLATE_SERVICES
+fi
+
+if [ ! -z "${CONSUL_AGENT}" ] && [ "${CONSULTEMPLATE_CONTAINER}" -eq 1 ]; then
+    echo "==> Creating container configuration"
+
+    options="-config /etc/consul-template/conf-cont.d -once -consul-addr ${CONSUL_AGENT}:${CONSUL_PORT}"
+
+    if [ ! -z "${CONSUL_TLS}" ] && [ "${CONSUL_TLS}" -eq 1 ]; then
+        options="${options} -consul-ssl"
+
+        if [ ! -z "${CONSUL_TLSCAFILE}" ]; then
+            options="${options} -consul-ssl-ca-cert ${CONSUL_TLSCAFILE}"
+        fi
+
+        if [ ! -z "${CONSUL_TLSCERTFILE}" ]; then
+            options="${options} -consul-ssl-cert ${CONSUL_TLSCERTFILE}"
+        fi
+
+        if [ ! -z "${CONSUL_TLSKEYFILE}" ]; then
+            options="${options} -consul-ssl-key ${CONSUL_TLSKEYFILE}"
+        fi
+
+        if [ ! -z "${CONSUL_TLSSERVERNAME}" ]; then
+            options="${options} -consul-ssl-server-name ${CONSUL_TLSSERVERNAME}"
+        fi
+
+        if [ ! -z "${CONSUL_TLSVERIFY}" ] && [ "${CONSUL_TLSVERIFY}" -eq 1 ]; then
+            options="${options} -consul-ssl-verify"
+        fi
+    fi
+
+    if [ ! -z "${CONSUL_TOKEN}" ]; then
+        options="${options} -consul-token ${CONSUL_TOKEN}"
+    fi
+
+    options="${options} -kill-signal SIGTERM"
+
+    if [ ! -z "${CONSULTEMPLATE_OPTIONS}" ]; then
+        options="${options} ${CONSULTEMPLATE_OPTIONS}"
+    fi
+
+    consul-template ${options}
+    if [ $? -ne 0 ]; then
+        echo "Failed to render templates, aborting" >&2
+        exit 1
+    fi
+fi

docker/core-base-consul/rootfs/etc/cont-init.d/04-cont-consul

@@ -0,0 +1,9 @@
+#!/usr/bin/with-contenv sh
+
+if [ ! -z "${CONSUL_AGENT}" ]; then
+    echo "==> Registering container"
+
+    /etc/cont-consul/register || (
+        echo "Failed to register container, aborting" >&2 && exit 1
+    )
+fi

docker/core-base-consul/rootfs/etc/cont-init.d/98-consul-template

@@ -0,0 +1,10 @@
+#!/usr/bin/with-contenv sh
+
+if [ ! -z "${CONSUL_AGENT}" ] && [ "${CONSULTEMPLATE_SERVICES}" -eq 1 ]; then
+    count=$(find /etc/consul-template/conf-services.d/ -maxdepth 1 -type f|wc -l)
+    if [ "$count" -gt 0 ]; then
+        echo "==> Enabling services configuration"
+
+        rm -f /etc/services.d/consul-template/down
+    fi
+fi

docker/core-base-consul/rootfs/etc/fix-attrs.d/01-consul

@@ -0,0 +1,2 @@
+/etc/consul.d true root:consul 0640 0750
+/var/lib/consul false consul:consul 0640 0750

docker/core-base-consul/rootfs/etc/fix-attrs.d/02-consul-template

@@ -0,0 +1 @@
+/etc/consul-template false root:root 0640 0750

docker/core-base-consul/rootfs/etc/fix-attrs.d/03-cont-consul

@@ -0,0 +1 @@
+/etc/cont-consul false root:root 0640 0750

docker/core-base-consul/rootfs/etc/services.d/consul-template/run

@@ -0,0 +1,39 @@
+#!/usr/bin/with-contenv sh
+
+options="-config /etc/consul-template/conf-services.d -consul-addr ${CONSUL_AGENT}:${CONSUL_PORT}"
+
+if [ ! -z "${CONSUL_TLS}" ] && [ "${CONSUL_TLS}" -eq 1 ]; then
+    options="${options} -consul-ssl"
+
+    if [ ! -z "${CONSUL_TLSCAFILE}" ]; then
+        options="${options} -consul-ssl-ca-cert ${CONSUL_TLSCAFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSCERTFILE}" ]; then
+        options="${options} -consul-ssl-cert ${CONSUL_TLSCERTFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSKEYFILE}" ]; then
+        options="${options} -consul-ssl-key ${CONSUL_TLSKEYFILE}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSSERVERNAME}" ]; then
+        options="${options} -consul-ssl-server-name ${CONSUL_TLSSERVERNAME}"
+    fi
+
+    if [ ! -z "${CONSUL_TLSVERIFY}" ] && [ "${CONSUL_TLSVERIFY}" -eq 1 ]; then
+        options="${options} -consul-ssl-verify"
+    fi
+fi
+
+if [ ! -z "${CONSUL_TOKEN}" ]; then
+    options="${options} -consul-token ${CONSUL_TOKEN}"
+fi
+
+options="${options} -kill-signal SIGTERM"
+
+if [ ! -z "${CONSULTEMPLATE_OPTIONS}" ]; then
+    options="${options} ${CONSULTEMPLATE_OPTIONS}"
+fi
+
+exec /bin/consul-template ${options}