# Run a pre-built production image from Docker Hub (no local PHP image build). # # Usage on the server (copy this file + your .env, no app source required): # docker compose -f compose.hub.yaml pull # docker compose -f compose.hub.yaml up -d # docker compose -f compose.hub.yaml exec php php bin/console doctrine:migrations:migrate --no-interaction # Optional: copy Makefile.hub into the same directory, then: make -f Makefile.hub help # # Services: `php` (web), `prewarm` (same app image; `app:prewarm` every 10 min — see README). # No bundled `database` — this stack uses the imwald hub MySQL (compose project `unfold`, network # `unfold_default`, container `unfold-mysql`). Start imwald first. # # Required in .env: APP_SECRET, MYSQL_* matching the imwald stack. Optional DATABASE_HOST (default # unfold-mysql). For TLS in front, set TRUSTED_PROXIES to include your reverse proxy CIDR. # # DEPLOY: copy THIS file + a .env to the server; do NOT reuse the imwald compose.hub.yaml. # This file has name: gitcitadel (→ containers gitcitadel-php-1 etc.), port 9085. # Host port: Apache proxies gitcitadel.imwald.eu → 127.0.0.1:9085. HTTP_PUBLISH is set in .env. # # Build & push (on your machine or CI), e.g.: # docker build --platform linux/amd64 --target frankenphp_prod -t silberengel/unfold:gitcitadel . # docker push silberengel/unfold:gitcitadel # # Override image: UNFOLD_DOCKER_IMAGE=myregistry/unfold:1.0.0 docker compose -f compose.hub.yaml up -d name: gitcitadel services: php: image: ${UNFOLD_DOCKER_IMAGE:-silberengel/unfold:gitcitadel} pull_policy: always restart: unless-stopped environment: APP_ENV: ${APP_ENV:-prod} APP_SECRET: ${APP_SECRET} TRUSTED_PROXIES: ${TRUSTED_PROXIES:-127.0.0.0/8,10.0.0.0/8} SERVER_NAME: ${SERVER_NAME:-:80} DATABASE_URL: mysql://${MYSQL_USER:-unfold_user}:${MYSQL_PASSWORD:-password}@${DATABASE_HOST:-unfold-mysql}:3306/${MYSQL_DATABASE:-unfold_db}?serverVersion=${MYSQL_VERSION:-8.0.36}&charset=${MYSQL_CHARSET:-utf8mb4} volumes: - caddy_data:/data - caddy_config:/config ports: - "${HTTP_PUBLISH:-127.0.0.1:9085}:80/tcp" networks: - default - imwald_db healthcheck: test: ["CMD", "curl", "-fsS", "http://127.0.0.1/health", "-o", "/dev/null"] interval: 10s timeout: 5s retries: 10 start_period: 180s prewarm: image: ${UNFOLD_DOCKER_IMAGE:-silberengel/unfold:gitcitadel} pull_policy: always restart: unless-stopped healthcheck: disable: true working_dir: /app entrypoint: ["/bin/sh", "-c"] command: - | until php bin/console dbal:run-sql -q "SELECT 1" 2>/dev/null; do echo "prewarm: waiting for database…" sleep 2 done until php bin/console dbal:run-sql -q "SELECT 1 FROM doctrine_migration_versions LIMIT 1" 2>/dev/null; do echo "prewarm: waiting for migrations…" sleep 3 done while true; do sleep 600 php bin/console app:prewarm $${PREWARM_FLAGS-} || true done environment: APP_ENV: ${APP_ENV:-prod} APP_SECRET: ${APP_SECRET} TRUSTED_PROXIES: ${TRUSTED_PROXIES:-127.0.0.0/8,10.0.0.0/8} SERVER_NAME: ${SERVER_NAME:-:80} DATABASE_URL: mysql://${MYSQL_USER:-unfold_user}:${MYSQL_PASSWORD:-password}@${DATABASE_HOST:-unfold-mysql}:3306/${MYSQL_DATABASE:-unfold_db}?serverVersion=${MYSQL_VERSION:-8.0.36}&charset=${MYSQL_CHARSET:-utf8mb4} PREWARM_FLAGS: ${PREWARM_FLAGS:-} networks: - default - imwald_db depends_on: php: condition: service_started networks: imwald_db: external: true name: unfold_default volumes: caddy_data: caddy_config: