Docker: add [c]git, nginx, fastapi, php-fpm, ca

Now, we have a full collection of services used to run
aurweb over HTTPS using a self-signed CA.

New Docker services:

- `ca` - Certificate authority services
    - When the `ca` service is run, it will (if needed) generate
      a CA certificate and leaf certificate for localhost AUR
      access. This ca is then shared with things like nginx to
      use the leaf certificate. Users can import
      `./cache/ca.root.pem` into their browser or ca-certificates
      as a root CA who issued aurweb's certificate.
- `git` - Start sshd and set it up for aur git access
- `cgit` - Serve cgit with uwsgi on port 3000
- `fastapi` - Serve our FastAPI app with `hypercorn` on port 8000
- `php-fpm` - Serve our PHP-wise aurweb
- `nginx` - Serve FastAPI, PHP and CGit with an HTTPS certificate.
    - PHP: https://localhost:8443
    - PHP CGit: https://localhost:8443/cgit
    - FastAPI: https://localhost:8444
    - FastAPI CGit: https://localhost:8444/cgit

Short of it: Run the following in a shell to run PHP and FastAPI
servers on port **8443** and **8444**, respectively.

    $ docker-compose up nginx

This will host the PHP, FastAPI, CGit and Git ecosystems.

Git SSH can be knocked at `aur@localhost:2222` as long as you have a
valid public key in the aurweb database.

Signed-off-by: Kevin Morris <kevr@0cost.org>

docker/scripts/run-fastapi.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Initialize the new database; ignore errors.
+python -m aurweb.initdb 2>/dev/null || /bin/true
+
+exec hypercorn --reload \
+    --certfile /cache/localhost.cert.pem \
+    --keyfile /cache/localhost.key.pem \
+    --error-logfile - \
+    --log-config docker/logging.conf \
+    -b "0.0.0.0:8000" aurweb.asgi:app

docker/scripts/run-nginx.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+echo "=== Running nginx server! ==="
+echo
+echo " Services:"
+echo "  - FastAPI : https://localhost:8444/"
+echo "     (cgit) : https://localhost:8444/cgit/"
+echo "  - PHP     : https://localhost:8443/"
+echo "     (cgit) : https://localhost:8443/cgit/"
+echo
+echo " Note: Copy root CA (./cache/ca.root.pem) to ca-certificates or browser."
+echo
+echo " Thanks for using aurweb!"
+echo
+
+exec nginx -c /etc/nginx/nginx.conf

docker/scripts/run-php.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -eou pipefail
+
+# Initialize the new database; ignore errors.
+python -m aurweb.initdb 2>/dev/null || /bin/true
+
+exec php-fpm --fpm-config /etc/php/php-fpm.conf --nodaemonize

docker/scripts/run-sshd.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+exec /usr/sbin/sshd -D