linuxserver/docker-heimdall
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-heimdall.git synced 2025-10-31 04:57:39 +09:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #109 from linuxserver/standard-base-development

Browse Source 
Standard-base-development
This commit is contained in:
Eric Nemchik
2022-11-23 17:07:11 -06:00
committed by GitHub
parent 377ef23204 f8a96addfe
commit c32aedc81d
12 changed files with 225 additions and 248 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
Dockerfile
View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.15
# set version label
ARG BUILD_DATE
@@ -11,29 +11,35 @@ LABEL maintainer="aptalca"
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \
echo "**** install runtime packages ****" && \
apk add --no-cache \
curl \
php7-ctype \
php7-intl \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-pdo_mysql \
php7-tokenizer \
php7-zip && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
| awk '/sha/{print $4;exit}' FS='[""]'); \
fi && \
curl -o \
/heimdall/heimdall.tar.gz -L \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
php8-ctype \
php8-curl \
php8-intl \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pdo_mysql \
php8-tokenizer \
php8-zip \
tar && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
| awk '/sha/{print $4;exit}' FS='[""]'); \
fi && \
curl -o \
/heimdall/heimdall.tar.gz -L \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
# add local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

51
Dockerfile.aarch64
View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.15
# set version label
ARG BUILD_DATE
@@ -11,26 +11,35 @@ LABEL maintainer="aptalca"
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \
echo "**** install runtime packages ****" && \
apk add --no-cache \
curl \
php7-ctype \
php7-pdo_sqlite \
php7-tokenizer \
php7-zip && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
| awk '/sha/{print $4;exit}' FS='[""]'); \
fi && \
curl -o \
/heimdall/heimdall.tar.gz -L \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
php8-ctype \
php8-curl \
php8-intl \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pdo_mysql \
php8-tokenizer \
php8-zip \
tar && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
| awk '/sha/{print $4;exit}' FS='[""]'); \
fi && \
curl -o \
/heimdall/heimdall.tar.gz -L \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
# add local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

51
Dockerfile.armhf
View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.15
# set version label
ARG BUILD_DATE
@@ -11,26 +11,35 @@ LABEL maintainer="aptalca"
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \
echo "**** install runtime packages ****" && \
apk add --no-cache \
curl \
php7-ctype \
php7-pdo_sqlite \
php7-tokenizer \
php7-zip && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
| awk '/sha/{print $4;exit}' FS='[""]'); \
fi && \
curl -o \
/heimdall/heimdall.tar.gz -L \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
php8-ctype \
php8-curl \
php8-intl \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pdo_mysql \
php8-tokenizer \
php8-zip \
tar && \
echo "**** install heimdall ****" && \
mkdir -p \
/heimdall && \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/commits/2.x" \
| awk '/sha/{print $4;exit}' FS='[""]'); \
fi && \
curl -o \
/heimdall/heimdall.tar.gz -L \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
echo "**** cleanup ****" && \
rm -rf \
/tmp/*
# add local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

5
README.md
View File

@@ -76,7 +76,7 @@ Access the web gui at http://SERVERIP:PORT
### Adding password protection
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. Uncomment the `basic auth` lines in `/config/nginx/site-confs/default.conf` and restart the container.
## Usage
@@ -240,6 +240,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **14.11.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)).
* **04.11.22:** - Build commits to upstream branch 2.x.
* **13.03.21:** - Make searchproviders.yaml user configurable.
* **11.03.21:** - Rebase to alpine 3.14.
@@ -258,5 +259,5 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
* **07.10.18:** - Symlink `.env` rather than copy. It now resides under `/config/www`
* **30.09.18:** - Multi-arch image. Move `.env` to `/config`.
* **05.09.18:** - Rebase to alpine linux 3.8.
* **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place
* **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place
* **12.02.18:** - Initial Release.

5
readme-vars.yml
View File

@@ -54,10 +54,11 @@ app_setup_block: |
### Adding password protection
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. Uncomment the `basic auth` lines in `/config/nginx/site-confs/default.conf` and restart the container.
# changelog
changelogs:
- { date: "14.11.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
- { date: "04.11.22:", desc: "Build commits to upstream branch 2.x." }
- { date: "13.03.21:", desc: "Make searchproviders.yaml user configurable." }
- { date: "11.03.21:", desc: "Rebase to alpine 3.14." }
@@ -76,5 +77,5 @@ changelogs:
- { date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`" }
- { date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`." }
- { date: "05.09.18:", desc: "Rebase to alpine linux 3.8." }
- { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place" }
- { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place" }
- { date: "12.02.18:", desc: "Initial Release." }

43
root/defaults/default
View File

@@ -1,43 +0,0 @@
## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
server {
listen 80 default_server;
listen 443 ssl;
root /var/www/localhost/heimdall/public;
index index.php index.html index.htm;
server_name _;
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
client_max_body_size 0;
error_page 599 = @noauth;
location / {
if (!-f /config/nginx/.htpasswd) {
return 599;
}
auth_basic "Restricted";
auth_basic_user_file /config/nginx/.htpasswd;
try_files $uri $uri/ /index.php?$args;
}
location @noauth {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# With php5-cgi alone:
fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}

98
root/defaults/nginx.conf
View File

@@ -1,98 +0,0 @@
user abc;
worker_processes 4;
pid /run/nginx.pid;
include /etc/nginx/modules/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
client_max_body_size 0;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /config/log/nginx/access.log;
error_log /config/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /config/nginx/site-confs/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
daemon off;

34
root/defaults/nginx/site-confs/default.conf.sample Normal file
View File

@@ -0,0 +1,34 @@
## Version 2022/11/14 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/nginx/site-confs/default.conf.sample
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
root /app/www/public;
index index.html index.htm index.php;
location / {
# enable for basic auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
try_files $uri $uri/ /index.html /index.php$is_args$args;
}
location ~ ^(.+\.php)(.*)$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
# deny access to .htaccess/.htpasswd files
location ~ /\.ht {
deny all;
}
}

80
root/etc/cont-init.d/50-config
View File

@@ -2,57 +2,65 @@
# make our folders
mkdir -p \
/config/www/{backgrounds,icons,avatars,SupportedApps} \
/var/www/localhost/heimdall \
/config/log/heimdall
/config/www/{backgrounds,icons,avatars,SupportedApps} \
/app/www \
/config/log/heimdall
# install heimdall if necessary
[[ -f /heimdall/heimdall.tar.gz ]] && \
echo "New container detected, installing Heimdall" && \
tar xf \
/heimdall/heimdall.tar.gz -C \
/var/www/localhost/heimdall --strip-components=1 && \
echo -e '\n# Heimdall user authorization\nfastcgi_param PHP_AUTH_USER $remote_user;\nfastcgi_param PHP_AUTH_PW $http_authorization;' >> \
/etc/nginx/fastcgi_params && \
rm -rf /heimdall && \
cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig && \
chown -R abc:abc /var/www/localhost/heimdall
if [[ -f /heimdall/heimdall.tar.gz ]]; then
echo "New container detected, installing Heimdall"
tar xf \
/heimdall/heimdall.tar.gz -C \
/app/www --strip-components=1
echo -e '\n# Heimdall user authorization\nfastcgi_param PHP_AUTH_USER $remote_user;\nfastcgi_param PHP_AUTH_PW $http_authorization;' >> \
/etc/nginx/fastcgi_params
rm -rf /heimdall
cp /app/www/storage/app/searchproviders.yaml /app/www/storage/app/searchproviders.yaml.orig
chown -R abc:abc /app/www
fi
# create symlinks
symlinks=( \
/var/www/localhost/heimdall/storage/app/public/avatars \
/var/www/localhost/heimdall/storage/app/public/backgrounds \
/var/www/localhost/heimdall/storage/app/public/icons \
/var/www/localhost/heimdall/app/SupportedApps \
/var/www/localhost/heimdall/database/app.sqlite \
/var/www/localhost/heimdall/.env )
/app/www/storage/app/public/avatars \
/app/www/storage/app/public/backgrounds \
/app/www/storage/app/public/icons \
/app/www/app/SupportedApps \
/app/www/database/app.sqlite \
/app/www/.env )
for i in "${symlinks[@]}"
do
[[ -e "$i" && ! -L "$i" ]] && rm -rf "$i"
[[ ! -L "$i" ]] && ln -s /config/www/"$(basename "$i")" "$i"
if [[ -e "$i" && ! -L "$i" ]]; then
rm -rf "$i"
fi
if [[ ! -L "$i" ]]; then
ln -s /config/www/"$(basename "$i")" "$i"
fi
done
[[ -e "/var/www/localhost/heimdall/storage/logs/laravel.log" && ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] \
&& rm -rf "/var/www/localhost/heimdall/storage/logs/laravel.log"
[[ ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] && \
ln -s "/config/log/heimdall/laravel.log" "/var/www/localhost/heimdall/storage/logs/laravel.log"
if [[ -e "/app/www/storage/logs/laravel.log" && ! -L "/app/www/storage/logs/laravel.log" ]]; then
rm -rf "/app/www/storage/logs/laravel.log"
fi
if [[ ! -L "/app/www/storage/logs/laravel.log" ]]; then
ln -s "/config/log/heimdall/laravel.log" "/app/www/storage/logs/laravel.log"
fi
# copy .env if not exists
[[ ! -f /config/www/.env ]] && \
cp /var/www/localhost/heimdall/.env.example /config/www/.env && \
echo "generating app key"
php /var/www/localhost/heimdall/artisan key:generate
if [[ ! -f /config/www/.env ]]; then
cp /app/www/.env.example /config/www/.env
echo "Creating app key. This may take a while on slower systems"
php /app/www/artisan key:generate
fi
# copy searchproviders if not exists and symlink
[[ ! -f /config/www/searchproviders.yaml ]] && \
cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml
rm -rf /var/www/localhost/heimdall/storage/app/searchproviders.yaml
ln -s /config/www/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml
if [[ ! -f /config/www/searchproviders.yaml ]]; then
cp /app/www/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml
fi
rm -rf /app/www/storage/app/searchproviders.yaml
ln -s /config/www/searchproviders.yaml /app/www/storage/app/searchproviders.yaml
# set queue driver to database
sed -i 's/QUEUE_DRIVER=sync/QUEUE_DRIVER=database/' /config/www/.env
# permissions
echo "Setting permissions"
chown -R abc:abc \
/config \
/var/www/localhost/heimdall
/config

2
root/etc/services.d/queue/run
View File

@@ -1,4 +1,4 @@
#!/usr/bin/with-contenv bash
exec \
s6-setuidgid abc php /var/www/localhost/heimdall/artisan queue:work database --sleep=3 --tries=3
s6-setuidgid abc php /app/www/artisan queue:work database --sleep=3 --tries=3

10
root/migrations/02-default-location Normal file
View File

@@ -0,0 +1,10 @@
#!/usr/bin/with-contenv bash
DEFAULT_CONF="/config/nginx/site-confs/default.conf"
OLD_ROOT="root /var/www/localhost/heimdall/public;"
NEW_ROOT="root /app/www/public;"
if grep -q "${OLD_ROOT}" "${DEFAULT_CONF}" 2>/dev/null; then
echo "updating root in ${DEFAULT_CONF}"
sed -i "s|${OLD_ROOT}|${NEW_ROOT}|" "${DEFAULT_CONF}"
fi

40
root/var/www/localhost/heimdall/public/index.html Normal file
View File

@@ -0,0 +1,40 @@
<html>
<head>
<title>Upgrade Required!</title>
<style>
body{
font-family: Helvetica, Arial, sans-serif;
}
.message{
width:440px;
padding:20px 40px;
margin:0 auto;
background-color:#f9f9f9;
border:1px solid #ddd;
color: #1e3d62;
}
center{
margin:40px 0;
}
h1{
font-size: 18px;
line-height: 26px;
}
p{
font-size: 12px;
}
a{
color: rgb(207, 48, 139);
}
</style>
</head>
<body>
<div class="message">
<h1>Upgrade Required!</h1>
<p>The application inside this image has been moved to a new folder.</p>
<p>You will need to update your <strong>/config/nginx/nginx.conf</strong> and <strong>/config/nginx/site-confs/default.conf</strong> in order for the application to work.</p>
<p>New config samples are located at <strong>/config/nginx/nginx.conf.sample</strong> and <strong>/config/nginx/site-confs/default.conf.sample</strong></p>
<p>Please review our announcement: <a target="_blank" href="https://info.linuxserver.io/issues/2022-08-20-nginx-base/">Significant changes to nginx based images</a></p>
</div>
</body>
</html>