Succesfull BoltCMS DockerFile and docker-compose with multi-networking

docker-compose.yml

version: '3.4'

services:
  # db:
  #   image: mysql:5.7
  #   environment:
  #     - MYSQL_DATABASE=bolt_db
  #     - MYSQL_USER=bolt_usr
  #     - MYSQL_PASSWORD=password
  #     - MYSQL_ROOT_PASSWORD=password
  #   volumes:
  #     # - db-data:/var/lib/mysql:rw
  #     # You may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
  #     - ./docker/db/data:/var/lib/mysql:rw
  #   ports:
  #     - target: 3306
  #       # published: 3307
  #       protocol: tcp
  #   networks:
  #     - internal

  php:
    build:
      context: ./
      target: php
    healthcheck:
      interval: 10s
      timeout: 3s
      retries: 3
      start_period: 30s
    # depends_on:
      # - db
      # - mailcatcher
    volumes:
      - ./:/srv/bolt:rw,cached
      - ./docker/php/conf.d/bolt.dev.ini:/usr/local/etc/php/conf.d/bolt.ini
      # if you develop on Linux, you may use a bind-mounted host directory instead
      # - ./var:/srv/bolt/var:rw
    networks:
      - internal

  nginx:
    build:
      context: ./
      target: nginx
    depends_on:
      - php
    volumes:
      - ./public:/srv/bolt/public:ro
    ports:
      - target: 80
        published: 8080
        protocol: tcp
    expose:
      - 80
    networks:
      - internal
      - proxy

  # h2-proxy:
  #   build:
  #     context: ./docker/h2-proxy
  #   depends_on:
  #     - nginx
  #   ports:
  #     - target: 8443
  #       published: 8443
  #       protocol: tcp

  # mailcatcher:
  #   image: schickling/mailcatcher
  #   ports:
  #     - target: 1080
  #       published: 1080
  #       protocol: tcp

# volumes:
#   db-data: {}
networks:
  proxy:
    name: proxy-net
    external: false
  internal:
    name: bolt-net-1
    external: false

Dockerfile

# the different stages of this Dockerfile are meant to be built into separate images
# https://docs.docker.com/develop/develop-images/multistage-build/#stop-at-a-specific-build-stage
# https://docs.docker.com/compose/compose-file/#target


# https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact
ARG PHP_VERSION=7.4
ARG OPENRESTY_VERSION=1.17.8.2

# "php" stage
FROM php:${PHP_VERSION}-fpm-alpine3.13 AS php

# persistent / runtime deps
RUN apk add --no-cache \
	acl \
	fcgi \
	file \
	gettext \
	git \
	ttf-freefont \
	fontconfig \
	dbus \
	freetype-dev \
	libjpeg-turbo-dev \
	libpng-dev

ARG APCU_VERSION=5.1.18
RUN set -eux; \
	apk add --no-cache --virtual .build-deps \
	$PHPIZE_DEPS \
	icu-dev \
	libzip-dev \
	zlib-dev \
	oniguruma-dev \
	; \
	\
	docker-php-ext-configure zip; \
	docker-php-ext-configure gd --with-freetype --with-jpeg ;\
	docker-php-ext-install -j$(nproc) \
	intl \
	pdo_mysql \
	zip \
	gd \
	exif \
	pdo \
	iconv \
	pcntl \
	mbstring \
	fileinfo \
	posix \
	; \
	pecl install \
	apcu-${APCU_VERSION} \
	; \
	pecl clear-cache; \
	docker-php-ext-enable \
	apcu \
	opcache \
	; \
	\
	runDeps="$( \
	scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
	| tr ',' '\n' \
	| sort -u \
	| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
	)"; \
	apk add --no-cache --virtual .api-phpexts-rundeps $runDeps; \
	\
	apk del .build-deps

COPY --from=composer:2.3 /usr/bin/composer /usr/bin/composer

RUN ln -s $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
COPY docker/php/conf.d/bolt.prod.ini $PHP_INI_DIR/conf.d/bolt.ini

RUN set -eux; \
	{ \
	echo '[www]'; \
	echo 'ping.path = /ping'; \
	} | tee /usr/local/etc/php-fpm.d/docker-healthcheck.conf

# https://getcomposer.org/doc/03-cli.md#composer-allow-superuser
ENV COMPOSER_ALLOW_SUPERUSER=1
# install Symfony Flex globally to speed up download of Composer packages (parallelized prefetching)
RUN set -eux; \
	composer global config --no-plugins allow-plugins.symfony/flex true; \
	composer global require "symfony/flex" --prefer-dist --no-progress --no-suggest --classmap-authoritative; \
	composer clear-cache
ENV PATH="${PATH}:/root/.composer/vendor/bin"

WORKDIR /srv/bolt

# build for production
ARG APP_ENV=prod

# prevent the reinstallation of vendors at every changes in the source code
COPY composer.json composer.lock symfony.lock ./
RUN set -eux; \
	composer install --prefer-dist --no-dev --no-scripts --no-progress --no-suggest; \
	composer clear-cache

# do not use .env files in production
COPY .env ./
RUN composer dump-env prod; \
	rm .env

# copy only specifically what we need
COPY bin bin/
COPY config config/
COPY public public/
COPY src src/
COPY translations translations/

RUN set -eux; \
	mkdir -p var/cache var/log; \
	composer dump-autoload --classmap-authoritative --no-dev; \
	chmod +x bin/console; sync
VOLUME /srv/bolt/var

COPY docker/php/docker-healthcheck.sh /usr/local/bin/docker-healthcheck
RUN chmod +x /usr/local/bin/docker-healthcheck

HEALTHCHECK --interval=10s --timeout=3s --retries=3 CMD ["docker-healthcheck"]

COPY docker/php/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
RUN chmod +x /usr/local/bin/docker-entrypoint

ENTRYPOINT ["docker-entrypoint"]
CMD ["php-fpm"]


# "nginx" stage
# depends on the "php" stage above
# The OpenResty distribution of NGINX is only needed for Kubernetes compatiblity (dynamic upstream resolution)
FROM openresty/openresty:${OPENRESTY_VERSION}-alpine AS nginx

RUN echo -e "env UPSTREAM;\n$(cat /usr/local/openresty/nginx/conf/nginx.conf)" > /usr/local/openresty/nginx/conf/nginx.conf
COPY docker/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf

WORKDIR /srv/bolt/public

COPY --from=php /srv/bolt/public ./