diff --git a/.dockerignore b/.dockerignore index 348e0d4..d236b92 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,6 @@ .drone.yml .git +.gitea .gitignore LICENSE.md README.md diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index ee74760..0000000 --- a/.drone.yml +++ /dev/null @@ -1,66 +0,0 @@ ---- -kind: pipeline -type: exec -name: default - -platform: - os: linux - arch: amd64 - -steps: -- name: build - environment: - PDR_USER: - from_secret: docker-user-pdr - PDR_PASS: - from_secret: docker-pass-pdr - commands: - - docker build -t pdr.nephatrine.net/nephatrine/nginx-h5ai:cached --target builder . - - docker build -t pdr.nephatrine.net/nephatrine/nginx-h5ai:latest . - - docker login -p "$PDR_PASS" -u "$PDR_USER" pdr.nephatrine.net - - docker push pdr.nephatrine.net/nephatrine/nginx-h5ai:latest - - docker logout pdr.nephatrine.net -- name: publish - environment: - DOCKER_USER: - from_secret: docker-user - DOCKER_PASS: - from_secret: docker-pass - commands: - - docker tag pdr.nephatrine.net/nephatrine/nginx-h5ai:latest nephatrine/nginx-h5ai:latest - - docker login -p "$DOCKER_PASS" -u "$DOCKER_USER" - - docker push -a nephatrine/nginx-h5ai - - docker logout - depends_on: - - build - ---- -kind: pipeline -name: notify - -steps: -- name: notify-status - image: appleboy/drone-discord - failure: ignore - settings: - avatar_url: https://nephatrine.net/images/buttons/drone-ci.png - message: "Build of **[{{repo.name}}:{{commit.branch}}]()** returned [{{build.status}}](<{{build.link}}>)." - username: DroneCI - webhook_id: - from_secret: wh-infra-id - webhook_token: - from_secret: wh-infra-tok - -depends_on: -- default - -trigger: - status: - - success - - failure - ---- -kind: signature -hmac: d7774cd61d67081b28130ce74c567ec5045e030e95dd5df70f810ef3d9ce5039 - -... diff --git a/.gitea/workflows/build.yaml b/.gitea/workflows/build.yaml new file mode 100644 index 0000000..c43f05c --- /dev/null +++ b/.gitea/workflows/build.yaml @@ -0,0 +1,140 @@ +name: Build Container Image +run-name: ${{ gitea.actor }} pushed to ${{ gitea.repository }}:${{ gitea.ref_name }} +on: [push, workflow_call] +jobs: + buildamd64: + if: gitea.repository_owner == 'NephNET' && !contains(github.event.head_commit.message, '#noci') + runs-on: nephnet + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + - name: Docker Build + run: | + docker build --pull -t code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-cached --target builder ${{ gitea.workspace }} + docker build --pull -t code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-amd64 ${{ gitea.workspace }} + - name: Notify Discord + uses: actions/discord-status@v1 + if: always() + with: + title: "Container Build (X86_64)" + webhook: ${{ secrets.DISCORD_WEBHOOK_BUILD }} + buildarm64: + if: gitea.repository_owner == 'NephNET' && !contains(github.event.head_commit.message, '#noci') + runs-on: nephnet-arm64 + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + - name: Docker Build + run: | + docker build --pull -t code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-cached --target builder ${{ gitea.workspace }} + docker build --pull -t code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-arm64v8 ${{ gitea.workspace }} + - name: Notify Discord + uses: actions/discord-status@v1 + if: always() + with: + title: "Container Build (AARCH64)" + webhook: ${{ secrets.DISCORD_WEBHOOK_BUILD }} + packageamd64: + if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master' + needs: [buildamd64] + runs-on: nephnet + steps: + - name: Docker Login + uses: actions/docker-login@v2 + with: + registry: code.nephatrine.net + username: ${{ gitea.actor }} + password: ${{ secrets.PACKAGER_TOKEN }} + - name: Docker Push + run: docker push code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-amd64 + packagearm64: + if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master' + needs: [buildarm64] + runs-on: nephnet-arm64 + steps: + - name: Docker Login + uses: actions/docker-login@v2 + with: + registry: code.nephatrine.net + username: ${{ gitea.actor }} + password: ${{ secrets.PACKAGER_TOKEN }} + - name: Docker Push + run: docker push code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-arm64v8 + manifestpkg: + if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master' + needs: [packageamd64, packagearm64] + runs-on: nephnet + steps: + - name: Docker Login + uses: actions/docker-login@v2 + with: + registry: code.nephatrine.net + username: ${{ gitea.actor }} + password: ${{ secrets.PACKAGER_TOKEN }} + - name: Docker Manifest + run: | + docker manifest create code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }} --amend code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-amd64 --amend code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }}-arm64v8 + docker manifest push --purge code.nephatrine.net/nephnet/nginx-h5ai:${{ gitea.ref_name }} + publishamd64: + if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master' + needs: [buildamd64] + runs-on: nephnet + steps: + - name: Check Base Image + if: github.event_name != 'push' + uses: actions/docker-base-image-check@v1.2.1 + id: checkbase + with: + base-image: nephatrine/nginx-php:latest-amd64 + image: nephatrine/nginx-h5ai:latest-amd64 + - name: Docker Login + uses: actions/docker-login@v2 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_PASS }} + - name: Docker Push + run: | + docker tag code.nephatrine.net/nephnet/nginx-h5ai:master-amd64 nephatrine/nginx-h5ai:latest-amd64 + docker push nephatrine/nginx-h5ai:latest-amd64 + - name: Notify Discord + if: github.event_name == 'push' || steps.checkbase.outputs.needs-updating == 'true' + uses: actions/discord-status@v1 + with: + title: "DockerHub: nginx-h5ai" + description: "The container image was pushed to [DockerHub](https://hub.docker.com/repository/docker/nephatrine/nginx-h5ai/general).\nPull `nephatrine/nginx-h5ai:latest-amd64` for the newest image." + nodetail: true + webhook: ${{ secrets.DISCORD_WEBHOOK_PACKAGE }} + publisharm64: + if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master' + needs: [buildarm64] + runs-on: nephnet-arm64 + steps: + - name: Docker Login + uses: actions/docker-login@v2 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_PASS }} + - name: Docker Push + run: | + docker tag code.nephatrine.net/nephnet/nginx-h5ai:master-arm64v8 nephatrine/nginx-h5ai:latest-arm64v8 + docker push nephatrine/nginx-h5ai:latest-arm64v8 + manifesthub: + if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master' + needs: [publishamd64, publisharm64] + runs-on: nephnet + steps: + - name: Docker Login + uses: actions/docker-login@v2 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_PASS }} + - name: Docker Manifest + run: | + docker manifest create nephatrine/nginx-h5ai:8.2.6 --amend nephatrine/nginx-h5ai:latest-amd64 --amend nephatrine/nginx-h5ai:latest-arm64v8 + docker manifest create nephatrine/nginx-h5ai:8.2 --amend nephatrine/nginx-h5ai:latest-amd64 --amend nephatrine/nginx-h5ai:latest-arm64v8 + docker manifest create nephatrine/nginx-h5ai:8 --amend nephatrine/nginx-h5ai:latest-amd64 --amend nephatrine/nginx-h5ai:latest-arm64v8 + docker manifest create nephatrine/nginx-h5ai:latest --amend nephatrine/nginx-h5ai:latest-amd64 --amend nephatrine/nginx-h5ai:latest-arm64v8 + docker manifest push --purge nephatrine/nginx-h5ai:8.2.6 + docker manifest push --purge nephatrine/nginx-h5ai:8.2 + docker manifest push --purge nephatrine/nginx-h5ai:8 + docker manifest push --purge nephatrine/nginx-h5ai:latest diff --git a/.gitea/workflows/pullreq.yaml b/.gitea/workflows/pullreq.yaml new file mode 100644 index 0000000..a2a89a8 --- /dev/null +++ b/.gitea/workflows/pullreq.yaml @@ -0,0 +1,14 @@ +name: Build Container Image +run-name: ${{ gitea.actor }} pushed to ${{ gitea.repository }}:${{ gitea.ref_name }} +on: + pull_request: + types: [ opened, synchronize, ready_for_review ] +jobs: + build: + if: gitea.actor == 'nephatrine' && gitea.event.pull_request.draft == false + runs-on: nephnet + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + - name: Docker Build + run: docker build --pull ${{ gitea.workspace }} diff --git a/Dockerfile b/Dockerfile index 09255bd..8171b78 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM nephatrine/nxbuilder:nodejs AS builder +FROM nephatrine/nxbuilder:alpine AS builder ARG H5AI_VERSION=0.31.0 RUN git -C /root clone -b "$H5AI_VERSION" --single-branch --depth=1 https://github.com/glubsy/h5ai.git diff --git a/LICENSE.md b/LICENSE.md index 1a6ea67..2f3a979 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,4 +1,4 @@ -Copyright © 2021 Daniel Wolf <> +Copyright © 2023 Daniel Wolf <> **Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above diff --git a/README.md b/README.md index 61f5c7b..7a2e03c 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,7 @@ -[Git](https://code.nephatrine.net/nephatrine/docker-nginx-h5ai/src/branch/master) | +[Git](https://code.nephatrine.net/NephNET/docker-nginx-h5ai/src/branch/master) | [Docker](https://hub.docker.com/r/nephatrine/nginx-h5ai/) | [unRAID](https://code.nephatrine.net/nephatrine/unraid-containers) -[![Build Status](https://ci.nephatrine.net/api/badges/nephatrine/docker-nginx-h5ai/status.svg?ref=refs/heads/master)](https://ci.nephatrine.net/nephatrine/docker-nginx-h5ai) - # H5AI Web Index This docker container manages the NGINX application with the H5AI PHP web @@ -15,17 +13,13 @@ lock them down via the NGINX config or use a container that is not publicly accessible in the first place. If using this as a standalone web server, you can configure TLS the same way as -the [nginx-ssl](https://hub.docker.com/r/nephatrine/nginx-ssl/) container. If -part of a larger envinronment, we suggest using a separate container as a -reverse proxy server and handle TLS there rather than here. +the [nginx-ssl](https://code.nephatrine.net/NephNET/docker-nginx-ssl) container. +If part of a larger envinronment, we suggest using a separate container as a +reverse proxy server and handle TLS there instead. -- [Alpine Linux](https://alpinelinux.org/) -- [Skarnet Software](https://skarnet.org/software/) -- [S6 Overlay](https://github.com/just-containers/s6-overlay) -- [CertBot](https://certbot.eff.org/) -- [NGINX](https://www.nginx.com/) -- [PHP](https://www.php.net/) -- [H5AI](https://larsjung.de/h5ai/) +- [Alpine Linux](https://alpinelinux.org/) w/ [S6 Overlay](https://github.com/just-containers/s6-overlay) +- [NGINX](https://www.nginx.com/) w/ [CertBot](https://certbot.eff.org/) +- [PHP](https://www.php.net/) w/ [H5AI](https://larsjung.de/h5ai/) You can spin up a quick temporary test container like this: @@ -33,14 +27,11 @@ You can spin up a quick temporary test container like this: docker run --rm -p 80:80 -it nephatrine/nginx-h5ai:latest /bin/bash ~~~ -This container is primarily intended to be used as a base container for PHP web -applications. - **Remember to change the password in the h5ai configuration as the info page might expose information about your server that you do not want exposed.** ## Docker Tags -- **nephatrine/nginx-h5ai:latest**: H5AI 0.31.0-glubsy / PHP 8.x / NGINX Mainline / Alpine Latest +- **nephatrine/nginx-h5ai:latest**: H5AI 0.31.0-glubsy / Alpine Latest ## Configuration Variables