librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

docker - build and push images from GitHub actions because of future DockerHub restrictions on autobuild

This commit is contained in:
bunkerity 2021-06-11 13:39:39 +02:00
parent 16101144c5
commit b5cd4e0375
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
15 changed files with 148 additions and 374 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
.github/workflows/build-bunkerized-nginx-autoconf.yml vendored Normal file
View File

@ -0,0 +1,50 @@
name: Build and push bunkerized-nginx-autoconf
on:
push:
branches: [dev, master]
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v2
- name: Set variables
run: |
VER=$(cat VERSION | tr -d '\n')
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Setup QEMU
uses: docker/setup-qemu-action@v1
- name: Setup Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Build and push (dev)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/dev'
with:
context: .
file: autoconf/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-autoconf:dev
- name: Build and push (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
with:
context: .
file: autoconf/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-autoconf:latest,bunkerity/bunkerized-nginx-autoconf:${{ env.VERSION }}

50
.github/workflows/build-bunkerized-nginx-ui.yml vendored Normal file
View File

@ -0,0 +1,50 @@
name: Build and push bunkerized-nginx-ui
on:
push:
branches: [dev, master]
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v2
- name: Set variables
run: |
VER=$(cat VERSION | tr -d '\n')
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Setup QEMU
uses: docker/setup-qemu-action@v1
- name: Setup Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Build and push (dev)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/dev'
with:
context: .
file: ui/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-ui:dev
- name: Build and push (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
with:
context: .
file: ui/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-ui:latest,bunkerity/bunkerized-nginx-ui:${{ env.VERSION }}

48
.github/workflows/build-bunkerized-nginx.yml vendored Normal file
View File

@ -0,0 +1,48 @@
name: Build and push bunkerized-nginx
on:
push:
branches: [dev, master]
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v2
- name: Set variables
run: |
VER=$(cat VERSION | tr -d '\n')
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Setup QEMU
uses: docker/setup-qemu-action@v1
- name: Setup Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Build and push (dev)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/dev'
with:
context: .
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx:dev
- name: Build and push (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
with:
context: .
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx:latest,bunkerity/bunkerized-nginx:${{ env.VERSION }}

38
Dockerfile-amd64
View File

@ -1,38 +0,0 @@
FROM amd64/nginx:1.20.1-alpine
COPY nginx-keys/ /tmp/nginx-keys
COPY compile.sh /tmp/compile.sh
RUN chmod +x /tmp/compile.sh && \
/tmp/compile.sh && \
rm -rf /tmp/*
COPY dependencies.sh /tmp/dependencies.sh
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -rf /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/ /opt/confs
COPY scripts/ /opt/scripts
COPY lua/ /usr/local/lib/lua
COPY antibot/ /antibot
COPY defaults/ /defaults
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY prepare.sh /tmp/prepare.sh
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897
RUN apk add "curl>=7.77.0-r0"
VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins
EXPOSE 8080/tcp 8443/tcp
USER nginx:nginx
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

45
Dockerfile-arm32v7
View File

@ -1,45 +0,0 @@
FROM alpine AS builder
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-arm.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm32v7/nginx:1.20.1-alpine
COPY --from=builder qemu-arm-static /usr/bin
COPY nginx-keys/ /tmp/nginx-keys
COPY compile.sh /tmp/compile.sh
RUN chmod +x /tmp/compile.sh && \
/tmp/compile.sh && \
rm -rf /tmp/*
COPY dependencies.sh /tmp/dependencies.sh
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -rf /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/ /opt/confs
COPY scripts/ /opt/scripts
COPY lua/ /usr/local/lib/lua
COPY antibot/ /antibot
COPY defaults/ /defaults
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY prepare.sh /tmp/prepare.sh
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897
RUN apk add "curl>=7.77.0-r0"
VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins
EXPOSE 8080/tcp 8443/tcp
USER nginx:nginx
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

45
Dockerfile-arm64v8
View File

@ -1,45 +0,0 @@
FROM alpine AS builder
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-aarch64.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm64v8/nginx:1.20.1-alpine
COPY --from=builder qemu-aarch64-static /usr/bin
COPY nginx-keys/ /tmp/nginx-keys
COPY compile.sh /tmp/compile.sh
RUN chmod +x /tmp/compile.sh && \
/tmp/compile.sh && \
rm -rf /tmp/*
COPY dependencies.sh /tmp/dependencies.sh
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -rf /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/ /opt/confs
COPY scripts/ /opt/scripts
COPY lua/ /usr/local/lib/lua
COPY antibot/ /antibot
COPY defaults/ /defaults
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY prepare.sh /tmp/prepare.sh
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897
RUN apk add "curl>=7.77.0-r0"
VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins
EXPOSE 8080/tcp 8443/tcp
USER nginx:nginx
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

38
Dockerfile-i386
View File

@ -1,38 +0,0 @@
FROM i386/nginx:1.20.1-alpine
COPY nginx-keys/ /tmp/nginx-keys
COPY compile.sh /tmp/compile.sh
RUN chmod +x /tmp/compile.sh && \
/tmp/compile.sh && \
rm -rf /tmp/*
COPY dependencies.sh /tmp/dependencies.sh
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -rf /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/ /opt/confs
COPY scripts/ /opt/scripts
COPY lua/ /usr/local/lib/lua
COPY antibot/ /antibot
COPY defaults/ /defaults
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY prepare.sh /tmp/prepare.sh
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897
RUN apk add "curl>=7.77.0-r0"
VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins
EXPOSE 8080/tcp 8443/tcp
USER nginx:nginx
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

22
autoconf/Dockerfile-amd64
View File

@ -1,22 +0,0 @@
FROM amd64/alpine
COPY autoconf/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/global/ /opt/confs/global
COPY confs/site/ /opt/confs/site
COPY scripts/ /opt/scripts
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY autoconf/* /opt/entrypoint/
COPY autoconf/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

29
autoconf/Dockerfile-arm32v7
View File

@ -1,29 +0,0 @@
FROM alpine AS builder
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-arm.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm32v7/alpine
COPY --from=builder qemu-arm-static /usr/bin
COPY autoconf/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/global/ /opt/confs/global
COPY confs/site/ /opt/confs/site
COPY scripts/ /opt/scripts
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY autoconf/* /opt/entrypoint/
COPY autoconf/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

29
autoconf/Dockerfile-arm64v8
View File

@ -1,29 +0,0 @@
FROM alpine AS builder
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-aarch64.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm64v8/alpine
COPY --from=builder qemu-aarch64-static /usr/bin
COPY autoconf/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/global/ /opt/confs/global
COPY confs/site/ /opt/confs/site
COPY scripts/ /opt/scripts
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY autoconf/* /opt/entrypoint/
COPY autoconf/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

22
autoconf/Dockerfile-i386
View File

@ -1,22 +0,0 @@
FROM i386/alpine
COPY autoconf/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY entrypoint/ /opt/entrypoint
COPY confs/global/ /opt/confs/global
COPY confs/site/ /opt/confs/site
COPY scripts/ /opt/scripts
COPY settings.json /opt
COPY misc/cron /etc/crontabs/nginx
COPY autoconf/* /opt/entrypoint/
COPY autoconf/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"]

23
ui/Dockerfile-amd64
View File

@ -1,23 +0,0 @@
FROM amd64/alpine
COPY ui/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY confs/site/ /opt/confs/site
COPY confs/global/ /opt/confs/global
COPY ui/ /opt/entrypoint
COPY settings.json /opt
COPY ui/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
EXPOSE 5000
WORKDIR /opt/entrypoint
ENV FLASK_APP entrypoint.py
ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"]

30
ui/Dockerfile-arm32v7
View File

@ -1,30 +0,0 @@
FROM alpine AS builder
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-arm.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm32v7/alpine
COPY --from=builder qemu-arm-static /usr/bin
COPY ui/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY confs/site/ /opt/confs/site
COPY confs/global/ /opt/confs/global
COPY ui/ /opt/entrypoint
COPY settings.json /opt
COPY ui/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
EXPOSE 5000
WORKDIR /opt/entrypoint
ENV FLASK_APP entrypoint.py
ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"]

30
ui/Dockerfile-arm64v8
View File

@ -1,30 +0,0 @@
FROM alpine AS builder
ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-aarch64.tar.gz
RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1
FROM arm64v8/alpine
COPY --from=builder qemu-aarch64-static /usr/bin
COPY ui/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY confs/site/ /opt/confs/site
COPY confs/global/ /opt/confs/global
COPY ui/ /opt/entrypoint
COPY settings.json /opt
COPY ui/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
EXPOSE 5000
WORKDIR /opt/entrypoint
ENV FLASK_APP entrypoint.py
ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"]

23
ui/Dockerfile-i386
View File

@ -1,23 +0,0 @@
FROM i386/alpine
COPY ui/dependencies.sh /tmp
RUN chmod +x /tmp/dependencies.sh && \
/tmp/dependencies.sh && \
rm -f /tmp/dependencies.sh
COPY gen/ /opt/gen
COPY confs/site/ /opt/confs/site
COPY confs/global/ /opt/confs/global
COPY ui/ /opt/entrypoint
COPY settings.json /opt
COPY ui/prepare.sh /tmp
RUN chmod +x /tmp/prepare.sh && \
/tmp/prepare.sh && \
rm -f /tmp/prepare.sh
EXPOSE 5000
WORKDIR /opt/entrypoint
ENV FLASK_APP entrypoint.py
ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"]