diff --git a/Dockerfile b/Dockerfile index c2a95e4..0cb69e1 100755 --- a/Dockerfile +++ b/Dockerfile @@ -106,6 +106,7 @@ RUN \ certbot-dns-duckdns \ certbot-dns-freedns \ certbot-dns-gehirn \ + certbot-dns-glesys \ certbot-dns-godaddy \ certbot-dns-google \ certbot-dns-google-domains \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 8f961b5..bd1f193 100755 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -106,6 +106,7 @@ RUN \ certbot-dns-duckdns \ certbot-dns-freedns \ certbot-dns-gehirn \ + certbot-dns-glesys \ certbot-dns-godaddy \ certbot-dns-google \ certbot-dns-google-domains \ diff --git a/Jenkinsfile b/Jenkinsfile index 8426013..26a84b8 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -16,6 +16,7 @@ pipeline { GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab') GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0') GITLAB_NAMESPACE=credentials('gitlab-namespace-id') + DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat') EXT_PIP = 'certbot' BUILD_VERSION_ARG = 'CERTBOT_VERSION' LS_USER = 'linuxserver' @@ -59,11 +60,16 @@ pipeline { env.COMMIT_SHA = sh( script: '''git rev-parse HEAD''', returnStdout: true).trim() + env.GH_DEFAULT_BRANCH = sh( + script: '''git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||' ''', + returnStdout: true).trim() env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/' env.PULL_REQUEST = env.CHANGE_ID env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt' } + sh '''#! /bin/bash + echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" ''' script{ env.LS_RELEASE_NUMBER = sh( script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''', @@ -120,7 +126,7 @@ pipeline { steps{ script{ env.EXT_RELEASE_CLEAN = sh( - script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g' ''', + script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/ ]//g' ''', returnStdout: true).trim() def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/ @@ -138,7 +144,7 @@ pipeline { } if (env.SEMVER != null) { - if (BRANCH_NAME != "master" && BRANCH_NAME != "main") { + if (BRANCH_NAME != "${env.GH_DEFAULT_BRANCH}") { env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}" } println("SEMVER: ${env.SEMVER}") @@ -256,115 +262,150 @@ pipeline { } } steps { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - docker pull ghcr.io/linuxserver/jenkins-builder:latest - docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest - # Stage 1 - Jenkinsfile update - if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f master - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/ - git add Jenkinsfile - git commit -m 'Bot Updating Templated Files' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Updating Jenkinsfile" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "Jenkinsfile is up to date." - fi - # Stage 2 - Delete old templates - OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf" - for i in ${OLD_TEMPLATES}; do - if [[ -f "${i}" ]]; then - TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}" - fi - done - if [[ -n "${TEMPLATES_TO_DELETE}" ]]; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f master - for i in ${TEMPLATES_TO_DELETE}; do - git rm "${i}" - done - git commit -m 'Bot Updating Templated Files' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Deleting old and deprecated templates" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "No templates to delete" - fi - # Stage 3 - Update templates - CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) - cd ${TEMPDIR}/docker-${CONTAINER_NAME} - NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) - if [[ "${CURRENTHASH}" != "${NEWHASH}" ]] || ! grep -q '.jenkins-external' "${WORKSPACE}/.gitignore" 2>/dev/null; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f master - cd ${TEMPDIR}/docker-${CONTAINER_NAME} - mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows - mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE - cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || : - cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || : - cd ${TEMPDIR}/repo/${LS_REPO}/ - if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then - echo ".jenkins-external" >> .gitignore - git add .gitignore - fi - git add readme-vars.yml ${TEMPLATED_FILES} - git commit -m 'Bot Updating Templated Files' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - else - echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - fi - mkdir -p ${TEMPDIR}/docs - git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation - if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/ - cd ${TEMPDIR}/docs/docker-documentation - git add docs/images/docker-${CONTAINER_NAME}.md - git commit -m 'Bot Updating Documentation' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git --all - fi - mkdir -p ${TEMPDIR}/unraid - git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates - git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates - if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then - sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml - elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then - sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml - fi - if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then - cd ${TEMPDIR}/unraid/templates/ - if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then - echo "Image is on the ignore list, marking Unraid template as deprecated" - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ - git add -u unraid/${CONTAINER_NAME}.xml - git mv unraid/${CONTAINER_NAME}.xml unraid/deprecated/${CONTAINER_NAME}.xml || : - git commit -m 'Bot Moving Deprecated Unraid Template' || : + withCredentials([ + [ + $class: 'UsernamePasswordMultiBinding', + credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', + usernameVariable: 'DOCKERUSER', + passwordVariable: 'DOCKERPASS' + ] + ]) { + sh '''#! /bin/bash + set -e + TEMPDIR=$(mktemp -d) + docker pull ghcr.io/linuxserver/jenkins-builder:latest + docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest + # Stage 1 - Jenkinsfile update + if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f master + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/ + git add Jenkinsfile + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Updating Jenkinsfile" + rm -Rf ${TEMPDIR} + exit 0 else - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ - git add unraid/${CONTAINER_NAME}.xml - git commit -m 'Bot Updating Unraid Template' + echo "Jenkinsfile is up to date." fi - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git --all - fi - rm -Rf ${TEMPDIR}''' - script{ - env.FILES_UPDATED = sh( - script: '''cat /tmp/${COMMIT_SHA}-${BUILD_NUMBER}''', - returnStdout: true).trim() + # Stage 2 - Delete old templates + OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf" + for i in ${OLD_TEMPLATES}; do + if [[ -f "${i}" ]]; then + TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}" + fi + done + if [[ -n "${TEMPLATES_TO_DELETE}" ]]; then + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f master + for i in ${TEMPLATES_TO_DELETE}; do + git rm "${i}" + done + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Deleting old and deprecated templates" + rm -Rf ${TEMPDIR} + exit 0 + else + echo "No templates to delete" + fi + # Stage 3 - Update templates + CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) + cd ${TEMPDIR}/docker-${CONTAINER_NAME} + NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) + if [[ "${CURRENTHASH}" != "${NEWHASH}" ]] || ! grep -q '.jenkins-external' "${WORKSPACE}/.gitignore" 2>/dev/null; then + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f master + cd ${TEMPDIR}/docker-${CONTAINER_NAME} + mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows + mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE + cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || : + cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || : + cd ${TEMPDIR}/repo/${LS_REPO}/ + if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then + echo ".jenkins-external" >> .gitignore + git add .gitignore + fi + git add readme-vars.yml ${TEMPLATED_FILES} + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + else + echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + fi + mkdir -p ${TEMPDIR}/docs + git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/ + cd ${TEMPDIR}/docs/docker-documentation + GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') + git add docs/images/docker-${CONTAINER_NAME}.md + git commit -m 'Bot Updating Documentation' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} + fi + mkdir -p ${TEMPDIR}/unraid + git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates + git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates + if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then + sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml + elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then + sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml + fi + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then + cd ${TEMPDIR}/unraid/templates/ + GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') + if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then + echo "Image is on the ignore list, marking Unraid template as deprecated" + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ + git add -u unraid/${CONTAINER_NAME}.xml + git mv unraid/${CONTAINER_NAME}.xml unraid/deprecated/${CONTAINER_NAME}.xml || : + git commit -m 'Bot Moving Deprecated Unraid Template' || : + else + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ + git add unraid/${CONTAINER_NAME}.xml + git commit -m 'Bot Updating Unraid Template' + fi + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} + fi + # Stage 4 - Sync Readme to Docker Hub + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then + if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) > 25000 ]]; then + echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub" + DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite" + else + echo "Syncing readme to Docker Hub" + DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md" + fi + DH_TOKEN=$(curl -d '{"username":"'${DOCKERUSER}'", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') + curl -s \ + -H "Authorization: JWT ${DH_TOKEN}" \ + -H "Content-Type: application/json" \ + -X PATCH \ + -d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \ + https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || : + else + echo "Not the default Github branch. Skipping readme sync to Docker Hub." + fi + rm -Rf ${TEMPDIR}''' + script{ + env.FILES_UPDATED = sh( + script: '''cat /tmp/${COMMIT_SHA}-${BUILD_NUMBER}''', + returnStdout: true).trim() + } } } } @@ -558,7 +599,8 @@ pipeline { wait git add package_versions.txt git commit -m 'Bot Updating Package Versions' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER} echo "Package tag updated, stopping build process" else @@ -854,39 +896,6 @@ EOF ) ''' } } - // Use helper container to sync the current README on master to the dockerhub endpoint - stage('Sync-README') { - when { - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' - ] - ]) { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - docker pull ghcr.io/linuxserver/jenkins-builder:latest - docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH="${BRANCH_NAME}" -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest - docker pull ghcr.io/linuxserver/readme-sync - docker run --rm=true \ - -e DOCKERHUB_USERNAME=$DOCKERUSER \ - -e DOCKERHUB_PASSWORD=$DOCKERPASS \ - -e GIT_REPOSITORY=${LS_USER}/${LS_REPO} \ - -e DOCKER_REPOSITORY=${IMAGE} \ - -e GIT_BRANCH=master \ - -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/mnt \ - ghcr.io/linuxserver/readme-sync bash -c 'node sync' - rm -Rf ${TEMPDIR} ''' - } - } - } // If this is a Pull request send the CI link as a comment on it stage('Pull Request Comment') { when { diff --git a/README.md b/README.md index 96d68d2..7b66d89 100644 --- a/README.md +++ b/README.md @@ -158,7 +158,6 @@ To help you get started creating a container from this image you can either use ```yaml --- -version: "2.1" services: swag: image: lscr.io/linuxserver/swag:latest @@ -228,7 +227,7 @@ Containers are configured using parameters passed at runtime (such as those abov | `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). | | `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) | | `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. | -| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. | +| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. | | `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. | | `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). | | `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` | @@ -309,7 +308,7 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to ## Updating Info -Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (ie. nextcloud, plex), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image. +Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image. Below are the instructions for updating containers: @@ -374,21 +373,6 @@ Below are the instructions for updating containers: docker image prune ``` -### Via Watchtower auto-updater (only use if you don't remember the original parameters) - -* Pull the latest image at its tag and replace it with the same env variables in one run: - - ```bash - docker run --rm \ - -v /var/run/docker.sock:/var/run/docker.sock \ - containrrr/watchtower \ - --run-once swag - ``` - -* You can also remove the old dangling images: `docker image prune` - -**warning**: We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose). - ### Image Update Notifications - Diun (Docker Image Update Notifier) **tip**: We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported. @@ -416,7 +400,8 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions -* **23.12.23:** - Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate. +* **23.01.24:** - Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate. +* **01.01.24:** - Add GleSYS DNS plugin. * **11.12.23:** - Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins. * **30.11.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404. * **23.11.23:** - Run certbot as root to allow fix http validation. diff --git a/package_versions.txt b/package_versions.txt index 38ff794..0fa3ba8 100755 --- a/package_versions.txt +++ b/package_versions.txt @@ -9,25 +9,24 @@ alpine-baselayout 3.4.3-r1 apk alpine-baselayout-data 3.4.3-r1 apk alpine-keys 2.4-r1 apk alpine-release 3.18.5-r0 apk -anyio 4.2.0 python aom-libs 3.6.1-r0 apk apache2-utils 2.4.58-r0 apk apk-tools 2.14.0-r2 apk apr 1.7.4-r0 apk apr-util 1.6.3-r1 apk argon2-libs 20190702-r4 apk -attrs 23.1.0 python +attrs 23.2.0 python azure-common 1.1.28 python -azure-core 1.29.6 python +azure-core 1.29.7 python azure-identity 1.15.0 python azure-mgmt-core 1.4.0 python azure-mgmt-dns 8.1.0 python bash 5.2.15-r5 apk -beautifulsoup4 4.12.2 python -boto3 1.34.7 python -botocore 1.34.7 python +beautifulsoup4 4.12.3 python +boto3 1.34.23 python +botocore 1.34.23 python brotli-libs 1.0.9-r14 apk -bs4 0.0.1 python +bs4 0.0.2 python busybox 1.36.1-r5 apk busybox-binsh 1.36.1-r5 apk c-client 2007f-r15 apk @@ -53,14 +52,15 @@ certbot-dns-dreamhost 1.0 python certbot-dns-duckdns 1.3 python certbot-dns-freedns 0.1.0 python certbot-dns-gehirn 2.8.0 python -certbot-dns-godaddy 2.7.4 python +certbot-dns-glesys 2.1.0 python +certbot-dns-godaddy 2.8.0 python certbot-dns-google 2.8.0 python certbot-dns-google-domains 0.1.11 python certbot-dns-he 1.0.0 python certbot-dns-hetzner 2.0.0 python -certbot-dns-infomaniak 0.2.1 python +certbot-dns-infomaniak 0.2.2 python certbot-dns-inwx 2.2.0 python -certbot-dns-ionos 2023.11.13.post1 python +certbot-dns-ionos 2024.1.8 python certbot-dns-linode 2.8.0 python certbot-dns-loopia 1.0.1 python certbot-dns-luadns 2.8.0 python @@ -80,16 +80,16 @@ certbot-plugin-gandi 1.5.0 python certifi 2023.11.17 python cffi 1.16.0 python charset-normalizer 3.3.2 python -cloudflare 2.14.3 python +cloudflare 2.16.0 python composer 2.6.6 binary configobj 5.0.8 python coreutils 9.3-r1 apk cryptography 41.0.7 python curl 8.5.0-r0 apk dataclasses-json 0.5.14 python -distro 1.8.0 python +distro 1.9.0 python dns-lexicon 3.17.0 python -dnslib 0.9.23 python +dnslib 0.9.24 python dnspython 2.4.2 python domeneshop 0.4.3 python fail2ban 1.0.2 python @@ -109,10 +109,10 @@ gnupg-gpgconf 2.4.3-r0 apk gnupg-keyboxd 2.4.3-r0 apk gnupg-utils 2.4.3-r0 apk gnupg-wks-client 2.4.3-r0 apk -gnutls 3.8.0-r2 apk +gnutls 3.8.3-r0 apk google-api-core 2.15.0 python -google-api-python-client 2.111.0 python -google-auth 2.25.2 python +google-api-python-client 2.114.0 python +google-auth 2.26.2 python google-auth-httplib2 0.2.0 python googleapis-common-protos 1.62.0 python gpg 2.4.3-r0 apk @@ -139,7 +139,7 @@ libavif 0.11.1-r2 apk libbsd 0.11.7-r1 apk libbz2 1.0.8-r5 apk libc-utils 0.7.2-r5 apk -libcrypto3 3.1.4-r1 apk +libcrypto3 3.1.4-r4 apk libcurl 8.5.0-r0 apk libdav1d 1.2.1-r0 apk libedit 20221030.3.1-r1 apk @@ -171,7 +171,7 @@ libsasl 2.1.28-r4 apk libseccomp 2.5.4-r2 apk libsm 1.2.4-r1 apk libsodium 1.0.18-r3 apk -libssl3 3.1.4-r1 apk +libssl3 3.1.4-r4 apk libstdc++ 12.2.1_git20220924-r10 apk libtasn1 4.19.0-r1 apk libunistring 1.1-r1 apk @@ -190,9 +190,9 @@ libzip 1.9.2-r2 apk linux-pam 1.5.2-r10 apk logrotate 3.21.0-r1 apk loopialib 0.2.0 python -lxml 4.9.4 python +lxml 5.1.0 python lz4-libs 1.9.4-r4 apk -marshmallow 3.20.1 python +marshmallow 3.20.2 python memcached 1.6.21-r0 apk mock 5.1.0 python mpdecimal 2.5.1-r2 apk @@ -227,7 +227,7 @@ nginx-mod-stream-geoip2 1.24.0-r7 apk nginx-vim 1.24.0-r7 apk npth 1.6-r4 apk oniguruma 6.9.8-r1 apk -openssl 3.1.4-r1 apk +openssl 3.1.4-r4 apk p11-kit 0.24.1-r2 apk packaging 23.2 python parsedatetime 2.6 python @@ -291,7 +291,7 @@ pkb-client 1.2 python popt 1.19-r2 apk portalocker 2.8.2 python procps-ng 4.0.4-r0 apk -protobuf 4.25.1 python +protobuf 4.25.2 python publicsuffixlist 0.9.4 python pyOpenSSL 23.3.0 python pyRFC3339 1.1 python @@ -320,15 +320,14 @@ setuptools 65.5.0 python shadow 4.13-r4 apk six 1.16.0 python skalibs 2.13.1.1-r1 apk -sniffio 1.3.0 python soupsieve 2.5 python -sqlite-libs 3.41.2-r2 apk +sqlite-libs 3.41.2-r3 apk ssl_client 1.36.1-r5 apk tiff 4.5.1-r0 apk tldextract 5.1.1 python typing-inspect 0.9.0 python typing_extensions 4.9.0 python -tzdata 2023c-r1 apk +tzdata 2023d-r0 apk unixodbc 2.3.11-r2 apk uritemplate 4.1.1 python urllib3 2.0.7 python diff --git a/readme-vars.yml b/readme-vars.yml index 3810aa3..f5ce7db 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -50,7 +50,7 @@ opt_param_usage_include_env: true opt_param_env_vars: - { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" } - { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." } - - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." } + - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." } - { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." } - { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." } - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" } @@ -168,7 +168,8 @@ app_setup_block: | # changelog changelogs: - - { date: "23.12.23:", desc: "Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate." } + - { date: "23.01.24:", desc: "Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate." } + - { date: "01.01.24:", desc: "Add GleSYS DNS plugin." } - { date: "11.12.23:", desc: "Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins." } - { date: "30.11.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404." } - { date: "23.11.23:", desc: "Run certbot as root to allow fix http validation." } diff --git a/root/defaults/dns-conf/glesys.ini b/root/defaults/dns-conf/glesys.ini new file mode 100644 index 0000000..a4ba04c --- /dev/null +++ b/root/defaults/dns-conf/glesys.ini @@ -0,0 +1,5 @@ +# Instructions: https://github.com/runfalk/certbot-dns-glesys#usage + +# GleSYS API credentials used by Certbot +dns_glesys_user = CL00000 +dns_glesys_password = apikeygoeshere