From 47293a8ab30310d556d2615beaf012eaf7b63688 Mon Sep 17 00:00:00 2001
From: Florian Rey <nervo@nervo.net>
Date: Tue, 12 Dec 2023 12:07:55 +0100
Subject: [PATCH 1/2] [Elao - App - Docker] Switch to systemd

---
 elao.app.docker/.manala/Makefile.tmpl                        | 2 +-
 .../ansible/templates/ohmyzsh/functions/nginx_timeout.j2     | 2 +-
 elao.app.docker/.manala/docker/Dockerfile.tmpl               | 5 +++--
 elao.app.docker/.manala/docker/compose/init.systemd.yaml     | 5 ++++-
 elao.app.docker/README.md                                    | 2 +-
 5 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/elao.app.docker/.manala/Makefile.tmpl b/elao.app.docker/.manala/Makefile.tmpl
index e37bd7ef..5a0a48ed 100644
--- a/elao.app.docker/.manala/Makefile.tmpl
+++ b/elao.app.docker/.manala/Makefile.tmpl
@@ -31,7 +31,7 @@ MANALA_DOCKER_COMPOSE_ENV += \
 	MANALA_HOST_OS=$(MANALA_OS) \
 	MANALA_HOST_DIR=$(abspath $(MANALA_DIR))
 MANALA_DOCKER_COMPOSE_FILE += \
-	$(MANALA_DIR)/.manala/docker/compose/init.sysv.yaml \
+	$(MANALA_DIR)/.manala/docker/compose/init.systemd.yaml \
 	$(if $(SYMFONY_IDE), $(MANALA_DIR)/.manala/docker/compose/symfony.yaml)
 MANALA_DOCKER_COMPOSE_PROFILE ?= development
 
diff --git a/elao.app.docker/.manala/ansible/templates/ohmyzsh/functions/nginx_timeout.j2 b/elao.app.docker/.manala/ansible/templates/ohmyzsh/functions/nginx_timeout.j2
index 846fd456..2e0c6638 100644
--- a/elao.app.docker/.manala/ansible/templates/ohmyzsh/functions/nginx_timeout.j2
+++ b/elao.app.docker/.manala/ansible/templates/ohmyzsh/functions/nginx_timeout.j2
@@ -1,7 +1,7 @@
 manala_nginx_timeout () {
     if [[ $1 == off ]]; then sudo sed -ri 's/fastcgi_read_timeout (.*);$/fastcgi_read_timeout 999s;#origin\1/' /etc/nginx/conf.d/php_fpm_app
     else sudo sed -ri 's/^fastcgi_read_timeout 999s;#origin(.*)/fastcgi_read_timeout \1;/' /etc/nginx/conf.d/php_fpm_app; fi
-    sudo /etc/init.d/nginx restart
+    sudo systemctl restart nginx
 }
 
 echo -e " \e[36m‣\e[0m \e[36mENABLE/DISABLE NGINX TIMEOUT\e[0m
diff --git a/elao.app.docker/.manala/docker/Dockerfile.tmpl b/elao.app.docker/.manala/docker/Dockerfile.tmpl
index e327a73b..0f62727b 100644
--- a/elao.app.docker/.manala/docker/Dockerfile.tmpl
+++ b/elao.app.docker/.manala/docker/Dockerfile.tmpl
@@ -170,15 +170,16 @@ RUN \
         > /etc/sudoers.d/systemd \
     && rm -rf \
         /etc/systemd/system/*.wants/* \
+        /lib/systemd/system/basic.target.wants/* \
         /lib/systemd/system/multi-user.target.wants/* \
         /lib/systemd/system/local-fs.target.wants/* \
         /lib/systemd/system/sockets.target.wants/*udev* \
         /lib/systemd/system/sockets.target.wants/*initctl* \
         /lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev* \
+        /lib/systemd/system/systemd-ask-password-console.* \
+        /lib/systemd/system/systemd-tmpfiles-clean.* \
         /lib/systemd/system/systemd-update-utmp*
 
-VOLUME /sys/fs/cgroup
-
 STOPSIGNAL SIGRTMIN+3
 
 CMD ["/lib/systemd/systemd"]
diff --git a/elao.app.docker/.manala/docker/compose/init.systemd.yaml b/elao.app.docker/.manala/docker/compose/init.systemd.yaml
index 9d79cd5c..48309b6c 100644
--- a/elao.app.docker/.manala/docker/compose/init.systemd.yaml
+++ b/elao.app.docker/.manala/docker/compose/init.systemd.yaml
@@ -8,7 +8,10 @@ services:
         build:
             args:
                 MANALA_INIT: systemd
+        cgroup: host
         tty: true
-        privileged: true
+        tmpfs:
+            - /run
+            - /run/lock
         volumes:
             - /sys/fs/cgroup:/sys/fs/cgroup:rw
diff --git a/elao.app.docker/README.md b/elao.app.docker/README.md
index c7821ced..c4a83a0a 100644
--- a/elao.app.docker/README.md
+++ b/elao.app.docker/README.md
@@ -12,7 +12,7 @@ MacOS
 
 * Docker Desktop 4.29.0+
 (`brew install docker`)
-* Mutagen Compose 0.17.5+
+* Mutagen Compose 0.18.0+
 (`brew install mutagen-io/mutagen/mutagen-compose`)
 
 Linux

From 9691cbb4d5431750bd0147899690dfff3cf5247f Mon Sep 17 00:00:00 2001
From: Florian Rey <nervo@nervo.net>
Date: Fri, 22 Nov 2024 11:06:41 +0100
Subject: [PATCH 2/2] maybe ?

---
 elao.app.docker/.manala/docker/compose/init.systemd.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/elao.app.docker/.manala/docker/compose/init.systemd.yaml b/elao.app.docker/.manala/docker/compose/init.systemd.yaml
index 48309b6c..f9303836 100644
--- a/elao.app.docker/.manala/docker/compose/init.systemd.yaml
+++ b/elao.app.docker/.manala/docker/compose/init.systemd.yaml
@@ -13,5 +13,7 @@ services:
         tmpfs:
             - /run
             - /run/lock
+        security_opt:
+            - apparmor=unconfined
         volumes:
             - /sys/fs/cgroup:/sys/fs/cgroup:rw