Your private self-hosted composer repository.
- Docker
- MariaDB/MySQL
- the running docker container has access to private git repositories with ssh.
Create a docker-compose.yml
file in an empty directory.
version: '3.6'
services:
devliver:
image: nicklog/devliver:latest
volumes:
- ./data:/var/www/html/data
- ${HOME}/.ssh:/home/docker/.ssh
- ${HOME}/.composer/:/home/docker/.composer/
environment:
- TZ=Europe/Berlin
- APP_API_KEY=A-TOP-SECRET-KEY
- DATABASE_NAME=devliver
- DATABASE_USER=devliver
- DATABASE_PASSWORD=devliver
- DATABASE_HOST=database
- DATABASE_PORT=3306
depends_on:
- database
networks:
- default
ports:
- "9000:80"
database:
image: mariadb:latest
environment:
- MYSQL_DATABASE=devliver
- MYSQL_USER=devliver
- MYSQL_PASSWORD=devliver
- MYSQL_ROOT_PASSWORD=devliver
networks:
- default
Change any settings to your needs and then run simply docker-compose up -d
.
You should now be able to access the site under port 9000
or the port you set.
With this example setup the website is not secured by https.
When you want to secure it I suggest to use a reverse proxy.
On first call of the website you can create a user. Create one and then login.
The first user becomes an admin and can create more user if necessary.
The packages.json, available under https://devliver-domain.url/packages.json
, is secured by basic http authentication.
Add clients. These clients have access to the packages.json and can download archives.
Each client gets a token automatically.
The git repositories will usually be protected.
You have to store an SSH key in the ssh directory in the home directory for the corresponding web server
or in the directory of the docker-compose directory.
No matter, it must be ensured in any case that the SSH keys are available in the Docker container like in the example.
To use your Devliver installation in Composer, there is a package repository you have to add to the composer.json in your projects.
This is your repository of private packages. Composer will ask you for credentials.
Use a client name
as username
and the token
as password
. If you want store these credentials in auth.json.
Otherwise Composer will aks you always again.
{
"repositories": [
{
"type": "composer",
"url": "https://devliver-domain.url",
}
]
}
Creating a Webhook ensures that your package will always be updated instantly when you push to your repository.
- Go to your GitHub repository
- Click the
Settings
button - Click
Webhooks
and click onAdd webhook
- Enter
https://devliver-domain.url/api/update-package?token=APP_API_TOKEN
inPayload URL
- Select
application/json
inContent type
and letSecret
empty Which events would you like to trigger this webhook?
-Just the push event.
- Finally click on the green button
Add webhook
- Go to your Admin Area
- Click the "System Hooks" button in den left panel
- Enter
https://devliver-domain.url/api/update-package?token=APP_API_TOKEN
in url field - Let "Secret Token" empty
- Enable "Push events" and "Tag push events"
- Submit the form
- Go to your BitBucket repository
- Open the settings and select "Webhooks" in the menu
- Add a new hook.
- Enter
https://devliver-domain.url/api/update-package?token=APP_API_TOKEN
as URL - Save your changes and you're done.
If you do not use Bitbucket or GitHub there is a generic endpoint you can call manually from a git post-receive hook or similar.
You have to do a POST
request to https://devliver-domain.url/api/update-package?token=APP_API_TOKEN
with a request body looking like this:
{
"repository": {
"git_url": "REPOSITORY_GIT_URL"
}
}
For example with curl
curl -XPOST -H'content-type:application/json' 'https://devliver-domain.url/api/update-package?token=APP_API_TOKEN' -d'{"repository":{"git_url":"REPOSITORY_GIT_URL"}}'
Just update the docker image with...
docker-compose pull
docker-compose up -d