mirror of
https://github.com/linuxserver/docker-swag.git
synced 2026-03-13 13:45:15 +09:00
Compare commits
83 Commits
2.4.0-ls18
...
2.6.0-ls22
| Author | SHA1 | Date | |
|---|---|---|---|
|
675d67bbd4 | ||
|
|
402d513115 | ||
|
|
3aab75dc8b | ||
|
|
b2e8d8c8ab | ||
|
|
dede63fdcf | ||
|
|
bee6793d45 | ||
|
29e9daa606 | ||
|
|
57c0d1f81e | ||
|
|
416bef8a2e | ||
|
|
500d5606e4 | ||
|
|
500fd0c634 | ||
|
|
adf38bcd2b | ||
|
|
5255b117f9 | ||
|
|
60f6fafc53 | ||
|
|
d5c530af49 | ||
|
|
be215d62aa | ||
|
|
db54dfaf71 | ||
|
|
0d70436ddb | ||
|
|
49d848b639 | ||
|
|
2df15e7b96 | ||
|
|
7a6c539527 | ||
|
|
230ad93b35 | ||
|
|
cc3e0b590e | ||
|
|
f9a5348035 | ||
|
|
ba685e7fd0 | ||
|
|
97782cdbed | ||
|
|
38bbfb2d01 | ||
|
|
5b492be3d7 | ||
|
|
74069d4742 | ||
|
|
c77eca9ec3 | ||
|
|
5b4a34c0e3 | ||
|
|
10d1bf7b96 | ||
|
|
24f3353692 | ||
|
|
dee14d718b | ||
|
|
5438dbf13c | ||
|
|
77b9dc3348 | ||
|
|
a2e3c8b9fb | ||
|
|
d8f252dd73 | ||
|
|
9cdedad1c8 | ||
|
|
2f740e60a8 | ||
|
|
cfb3fae7cf | ||
|
|
9357986f27 | ||
|
|
eb0bcf14dd | ||
|
|
97e2720b9c | ||
|
|
7550f946ff | ||
|
|
80705ccf19 | ||
|
|
7a831681c5 | ||
|
|
43a7239fbf | ||
|
|
73938cb4a1 | ||
|
|
1d6a30144b | ||
|
|
2e59ae36c1 | ||
|
|
e72e9f6ed0 | ||
|
|
91d449259f | ||
|
|
dd17b24158 | ||
|
|
17f70e4a31 | ||
|
|
6619c4e0cd | ||
|
|
a06bea000c | ||
|
62401a38e7 | ||
|
|
acef819cc1 | ||
|
|
74828b1e8d | ||
|
|
7e1758fde0 | ||
|
|
e2731a1227 | ||
|
|
0a919148ff | ||
|
|
6fcd80b175 | ||
|
|
c9359819b6 | ||
|
|
ce32306873 | ||
|
|
9ce4ec598d | ||
|
|
9488a4fa1d | ||
|
|
3105c07c72 | ||
|
|
286e74c027 | ||
|
|
b909214614 | ||
|
|
70c66c5495 | ||
|
|
430308342f | ||
|
|
97222fbb25 | ||
|
|
b00bf6caf2 | ||
|
|
7dac282621 | ||
|
|
0c1936f8ec | ||
|
|
e5bb6e4a9d | ||
|
|
951fafd0b9 | ||
|
|
8a1793ac6b | ||
|
|
6ac90997ca | ||
|
94d9ec6ef1 | ||
|
|
4899670c70 |
1
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
1
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
@@ -53,7 +53,6 @@ body:
|
|||||||
options:
|
options:
|
||||||
- x86-64
|
- x86-64
|
||||||
- arm64
|
- arm64
|
||||||
- armhf
|
|
||||||
validations:
|
validations:
|
||||||
required: true
|
required: true
|
||||||
- type: textarea
|
- type: textarea
|
||||||
|
|||||||
12
.github/workflows/call_invalid_helper.yml
vendored
12
.github/workflows/call_invalid_helper.yml
vendored
@@ -1,12 +0,0 @@
|
|||||||
name: Comment on invalid interaction
|
|
||||||
on:
|
|
||||||
issues:
|
|
||||||
types:
|
|
||||||
- labeled
|
|
||||||
jobs:
|
|
||||||
add-comment-on-invalid:
|
|
||||||
if: github.event.label.name == 'invalid'
|
|
||||||
permissions:
|
|
||||||
issues: write
|
|
||||||
uses: linuxserver/github-workflows/.github/workflows/invalid-interaction-helper.yml@v1
|
|
||||||
secrets: inherit
|
|
||||||
16
.github/workflows/call_issue_pr_tracker.yml
vendored
Executable file
16
.github/workflows/call_issue_pr_tracker.yml
vendored
Executable file
@@ -0,0 +1,16 @@
|
|||||||
|
name: Issue & PR Tracker
|
||||||
|
|
||||||
|
on:
|
||||||
|
issues:
|
||||||
|
types: [opened,reopened,labeled,unlabeled,closed]
|
||||||
|
pull_request_target:
|
||||||
|
types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed]
|
||||||
|
pull_request_review:
|
||||||
|
types: [submitted,edited,dismissed]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
manage-project:
|
||||||
|
permissions:
|
||||||
|
issues: write
|
||||||
|
uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1
|
||||||
|
secrets: inherit
|
||||||
13
.github/workflows/call_issues_cron.yml
vendored
Executable file
13
.github/workflows/call_issues_cron.yml
vendored
Executable file
@@ -0,0 +1,13 @@
|
|||||||
|
name: Mark stale issues and pull requests
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
- cron: '35 15 * * *'
|
||||||
|
workflow_dispatch:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
stale:
|
||||||
|
permissions:
|
||||||
|
issues: write
|
||||||
|
pull-requests: write
|
||||||
|
uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1
|
||||||
|
secrets: inherit
|
||||||
8
.github/workflows/external_trigger.yml
vendored
8
.github/workflows/external_trigger.yml
vendored
@@ -14,9 +14,11 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER }}" ]; then
|
if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER }}" ]; then
|
||||||
echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER is set; skipping trigger. ****"
|
echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER is set; skipping trigger. ****"
|
||||||
|
echo "Github secret \`PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER\". ****"
|
echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER\". ****"
|
||||||
|
echo "External trigger running off of master branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER\`" >> $GITHUB_STEP_SUMMARY
|
||||||
echo "**** Retrieving external version ****"
|
echo "**** Retrieving external version ****"
|
||||||
EXT_RELEASE=$(curl -sL "https://pypi.python.org/pypi/certbot/json" |jq -r '. | .info.version')
|
EXT_RELEASE=$(curl -sL "https://pypi.python.org/pypi/certbot/json" |jq -r '. | .info.version')
|
||||||
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
|
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
|
||||||
@@ -30,6 +32,7 @@ jobs:
|
|||||||
fi
|
fi
|
||||||
EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
|
EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
|
||||||
echo "**** External version: ${EXT_RELEASE} ****"
|
echo "**** External version: ${EXT_RELEASE} ****"
|
||||||
|
echo "External version: ${EXT_RELEASE}" >> $GITHUB_STEP_SUMMARY
|
||||||
echo "**** Retrieving last pushed version ****"
|
echo "**** Retrieving last pushed version ****"
|
||||||
image="linuxserver/swag"
|
image="linuxserver/swag"
|
||||||
tag="latest"
|
tag="latest"
|
||||||
@@ -65,14 +68,18 @@ jobs:
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
echo "**** Last pushed version: ${IMAGE_VERSION} ****"
|
echo "**** Last pushed version: ${IMAGE_VERSION} ****"
|
||||||
|
echo "Last pushed version: ${IMAGE_VERSION}" >> $GITHUB_STEP_SUMMARY
|
||||||
if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
|
if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
|
||||||
echo "**** Version ${EXT_RELEASE} already pushed, exiting ****"
|
echo "**** Version ${EXT_RELEASE} already pushed, exiting ****"
|
||||||
|
echo "Version ${EXT_RELEASE} already pushed, exiting" >> $GITHUB_STEP_SUMMARY
|
||||||
exit 0
|
exit 0
|
||||||
elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
|
elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
|
||||||
echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****"
|
echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****"
|
||||||
|
echo "New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY
|
||||||
exit 0
|
exit 0
|
||||||
else
|
else
|
||||||
echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****"
|
echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****"
|
||||||
|
echo "New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build" >> $GITHUB_STEP_SUMMARY
|
||||||
response=$(curl -iX POST \
|
response=$(curl -iX POST \
|
||||||
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/buildWithParameters?PACKAGE_CHECK=false \
|
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/buildWithParameters?PACKAGE_CHECK=false \
|
||||||
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
|
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
|
||||||
@@ -82,6 +89,7 @@ jobs:
|
|||||||
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
|
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
|
||||||
buildurl="${buildurl%$'\r'}"
|
buildurl="${buildurl%$'\r'}"
|
||||||
echo "**** Jenkins job build url: ${buildurl} ****"
|
echo "**** Jenkins job build url: ${buildurl} ****"
|
||||||
|
echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY
|
||||||
echo "**** Attempting to change the Jenkins job description ****"
|
echo "**** Attempting to change the Jenkins job description ****"
|
||||||
curl -iX POST \
|
curl -iX POST \
|
||||||
"${buildurl}submitDescription" \
|
"${buildurl}submitDescription" \
|
||||||
|
|||||||
18
.github/workflows/external_trigger_scheduler.yml
vendored
18
.github/workflows/external_trigger_scheduler.yml
vendored
@@ -2,7 +2,7 @@ name: External Trigger Scheduler
|
|||||||
|
|
||||||
on:
|
on:
|
||||||
schedule:
|
schedule:
|
||||||
- cron: '50 * * * *'
|
- cron: '2 * * * *'
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
@@ -17,18 +17,18 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
echo "**** Branches found: ****"
|
echo "**** Branches found: ****"
|
||||||
git for-each-ref --format='%(refname:short)' refs/remotes
|
git for-each-ref --format='%(refname:short)' refs/remotes
|
||||||
echo "**** Pulling the yq docker image ****"
|
|
||||||
docker pull ghcr.io/linuxserver/yq
|
|
||||||
for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
|
for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
|
||||||
do
|
do
|
||||||
br=$(echo "$br" | sed 's|origin/||g')
|
br=$(echo "$br" | sed 's|origin/||g')
|
||||||
echo "**** Evaluating branch ${br} ****"
|
echo "**** Evaluating branch ${br} ****"
|
||||||
ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/jenkins-vars.yml \
|
ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/jenkins-vars.yml)
|
||||||
| docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
|
ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch')
|
||||||
if [ "$br" == "$ls_branch" ]; then
|
ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type')
|
||||||
echo "**** Branch ${br} appears to be live; checking workflow. ****"
|
if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then
|
||||||
|
echo "**** Branch ${br} appears to be live and trigger is not os; checking workflow. ****"
|
||||||
if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then
|
if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then
|
||||||
echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****."
|
echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****."
|
||||||
|
echo "Triggering external trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY
|
||||||
curl -iX POST \
|
curl -iX POST \
|
||||||
-H "Authorization: token ${{ secrets.CR_PAT }}" \
|
-H "Authorization: token ${{ secrets.CR_PAT }}" \
|
||||||
-H "Accept: application/vnd.github.v3+json" \
|
-H "Accept: application/vnd.github.v3+json" \
|
||||||
@@ -36,8 +36,10 @@ jobs:
|
|||||||
https://api.github.com/repos/linuxserver/docker-swag/actions/workflows/external_trigger.yml/dispatches
|
https://api.github.com/repos/linuxserver/docker-swag/actions/workflows/external_trigger.yml/dispatches
|
||||||
else
|
else
|
||||||
echo "**** Workflow doesn't exist; skipping trigger. ****"
|
echo "**** Workflow doesn't exist; skipping trigger. ****"
|
||||||
|
echo "Skipping branch ${br} due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
|
echo "**** ${br} is either a dev branch, or has no external version; skipping trigger. ****"
|
||||||
|
echo "Skipping branch ${br} due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|||||||
4
.github/workflows/package_trigger.yml
vendored
4
.github/workflows/package_trigger.yml
vendored
@@ -14,13 +14,16 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_SWAG_MASTER }}" ]; then
|
if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_SWAG_MASTER }}" ]; then
|
||||||
echo "**** Github secret PAUSE_PACKAGE_TRIGGER_SWAG_MASTER is set; skipping trigger. ****"
|
echo "**** Github secret PAUSE_PACKAGE_TRIGGER_SWAG_MASTER is set; skipping trigger. ****"
|
||||||
|
echo "Github secret \`PAUSE_PACKAGE_TRIGGER_SWAG_MASTER\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
|
if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
|
||||||
echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****"
|
echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****"
|
||||||
|
echo "There already seems to be an active build on Jenkins; skipping package trigger" >> $GITHUB_STEP_SUMMARY
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_SWAG_MASTER\". ****"
|
echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_SWAG_MASTER\". ****"
|
||||||
|
echo "Package trigger running off of master branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_SWAG_MASTER\`" >> $GITHUB_STEP_SUMMARY
|
||||||
response=$(curl -iX POST \
|
response=$(curl -iX POST \
|
||||||
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/buildWithParameters?PACKAGE_CHECK=true \
|
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-swag/job/master/buildWithParameters?PACKAGE_CHECK=true \
|
||||||
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
|
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
|
||||||
@@ -30,6 +33,7 @@ jobs:
|
|||||||
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
|
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
|
||||||
buildurl="${buildurl%$'\r'}"
|
buildurl="${buildurl%$'\r'}"
|
||||||
echo "**** Jenkins job build url: ${buildurl} ****"
|
echo "**** Jenkins job build url: ${buildurl} ****"
|
||||||
|
echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY
|
||||||
echo "**** Attempting to change the Jenkins job description ****"
|
echo "**** Attempting to change the Jenkins job description ****"
|
||||||
curl -iX POST \
|
curl -iX POST \
|
||||||
"${buildurl}submitDescription" \
|
"${buildurl}submitDescription" \
|
||||||
|
|||||||
10
.github/workflows/package_trigger_scheduler.yml
vendored
10
.github/workflows/package_trigger_scheduler.yml
vendored
@@ -2,7 +2,7 @@ name: Package Trigger Scheduler
|
|||||||
|
|
||||||
on:
|
on:
|
||||||
schedule:
|
schedule:
|
||||||
- cron: '03 5 * * 4'
|
- cron: '1 3 * * 6'
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
@@ -17,18 +17,16 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
echo "**** Branches found: ****"
|
echo "**** Branches found: ****"
|
||||||
git for-each-ref --format='%(refname:short)' refs/remotes
|
git for-each-ref --format='%(refname:short)' refs/remotes
|
||||||
echo "**** Pulling the yq docker image ****"
|
|
||||||
docker pull ghcr.io/linuxserver/yq
|
|
||||||
for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
|
for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
|
||||||
do
|
do
|
||||||
br=$(echo "$br" | sed 's|origin/||g')
|
br=$(echo "$br" | sed 's|origin/||g')
|
||||||
echo "**** Evaluating branch ${br} ****"
|
echo "**** Evaluating branch ${br} ****"
|
||||||
ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/jenkins-vars.yml \
|
ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/jenkins-vars.yml | yq -r '.ls_branch')
|
||||||
| docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
|
|
||||||
if [ "${br}" == "${ls_branch}" ]; then
|
if [ "${br}" == "${ls_branch}" ]; then
|
||||||
echo "**** Branch ${br} appears to be live; checking workflow. ****"
|
echo "**** Branch ${br} appears to be live; checking workflow. ****"
|
||||||
if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then
|
if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-swag/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then
|
||||||
echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****"
|
echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****"
|
||||||
|
echo "Triggering package trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY
|
||||||
triggered_branches="${triggered_branches}${br} "
|
triggered_branches="${triggered_branches}${br} "
|
||||||
curl -iX POST \
|
curl -iX POST \
|
||||||
-H "Authorization: token ${{ secrets.CR_PAT }}" \
|
-H "Authorization: token ${{ secrets.CR_PAT }}" \
|
||||||
@@ -38,9 +36,11 @@ jobs:
|
|||||||
sleep 30
|
sleep 30
|
||||||
else
|
else
|
||||||
echo "**** Workflow doesn't exist; skipping trigger. ****"
|
echo "**** Workflow doesn't exist; skipping trigger. ****"
|
||||||
|
echo "Skipping branch ${br} due to no package trigger workflow present." >> $GITHUB_STEP_SUMMARY
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
|
echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
|
||||||
|
echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
|
echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"
|
||||||
|
|||||||
3
.github/workflows/permissions.yml
vendored
3
.github/workflows/permissions.yml
vendored
@@ -1,9 +1,10 @@
|
|||||||
name: Permission check
|
name: Permission check
|
||||||
on:
|
on:
|
||||||
pull_request:
|
pull_request_target:
|
||||||
paths:
|
paths:
|
||||||
- '**/run'
|
- '**/run'
|
||||||
- '**/finish'
|
- '**/finish'
|
||||||
|
- '**/check'
|
||||||
jobs:
|
jobs:
|
||||||
permission_check:
|
permission_check:
|
||||||
uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
|
uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
|
||||||
|
|||||||
23
.github/workflows/stale.yml
vendored
23
.github/workflows/stale.yml
vendored
@@ -1,23 +0,0 @@
|
|||||||
name: Mark stale issues and pull requests
|
|
||||||
|
|
||||||
on:
|
|
||||||
schedule:
|
|
||||||
- cron: "30 1 * * *"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
stale:
|
|
||||||
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/stale@v6.0.1
|
|
||||||
with:
|
|
||||||
stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
|
|
||||||
stale-pr-message: "This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
|
|
||||||
stale-issue-label: 'no-issue-activity'
|
|
||||||
stale-pr-label: 'no-pr-activity'
|
|
||||||
days-before-stale: 30
|
|
||||||
days-before-close: 365
|
|
||||||
exempt-issue-labels: 'awaiting-approval,work-in-progress'
|
|
||||||
exempt-pr-labels: 'awaiting-approval,work-in-progress'
|
|
||||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
84
Dockerfile
84
Dockerfile
@@ -1,6 +1,6 @@
|
|||||||
# syntax=docker/dockerfile:1
|
# syntax=docker/dockerfile:1
|
||||||
|
|
||||||
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.17
|
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.18
|
||||||
|
|
||||||
# set version label
|
# set version label
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
@@ -24,7 +24,7 @@ RUN \
|
|||||||
openssl-dev \
|
openssl-dev \
|
||||||
python3-dev && \
|
python3-dev && \
|
||||||
echo "**** install runtime packages ****" && \
|
echo "**** install runtime packages ****" && \
|
||||||
apk add --no-cache --upgrade \
|
apk add --no-cache \
|
||||||
fail2ban \
|
fail2ban \
|
||||||
gnupg \
|
gnupg \
|
||||||
memcached \
|
memcached \
|
||||||
@@ -45,55 +45,48 @@ RUN \
|
|||||||
nginx-mod-stream \
|
nginx-mod-stream \
|
||||||
nginx-mod-stream-geoip2 \
|
nginx-mod-stream-geoip2 \
|
||||||
nginx-vim \
|
nginx-vim \
|
||||||
php81-bcmath \
|
php82-bcmath \
|
||||||
php81-bz2 \
|
php82-bz2 \
|
||||||
php81-ctype \
|
php82-dom \
|
||||||
php81-curl \
|
php82-exif \
|
||||||
php81-dom \
|
php82-ftp \
|
||||||
php81-exif \
|
php82-gd \
|
||||||
php81-ftp \
|
php82-gmp \
|
||||||
php81-gd \
|
php82-imap \
|
||||||
php81-gmp \
|
php82-intl \
|
||||||
php81-iconv \
|
php82-ldap \
|
||||||
php81-imap \
|
php82-mysqli \
|
||||||
php81-intl \
|
php82-mysqlnd \
|
||||||
php81-ldap \
|
php82-opcache \
|
||||||
php81-mysqli \
|
php82-pdo_mysql \
|
||||||
php81-mysqlnd \
|
php82-pdo_odbc \
|
||||||
php81-opcache \
|
php82-pdo_pgsql \
|
||||||
php81-pdo_mysql \
|
php82-pdo_sqlite \
|
||||||
php81-pdo_odbc \
|
php82-pear \
|
||||||
php81-pdo_pgsql \
|
php82-pecl-apcu \
|
||||||
php81-pdo_sqlite \
|
php82-pecl-memcached \
|
||||||
php81-pear \
|
php82-pecl-redis \
|
||||||
php81-pecl-apcu \
|
php82-pgsql \
|
||||||
php81-pecl-mailparse \
|
php82-posix \
|
||||||
php81-pecl-memcached \
|
php82-soap \
|
||||||
php81-pecl-redis \
|
php82-sockets \
|
||||||
php81-pgsql \
|
php82-sodium \
|
||||||
php81-phar \
|
php82-sqlite3 \
|
||||||
php81-posix \
|
php82-tokenizer \
|
||||||
php81-soap \
|
php82-xmlreader \
|
||||||
php81-sockets \
|
php82-xsl \
|
||||||
php81-sodium \
|
|
||||||
php81-sqlite3 \
|
|
||||||
php81-tokenizer \
|
|
||||||
php81-xmlreader \
|
|
||||||
php81-xsl \
|
|
||||||
php81-zip \
|
|
||||||
whois && \
|
whois && \
|
||||||
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
|
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
|
||||||
php81-pecl-mcrypt \
|
php82-pecl-mcrypt && \
|
||||||
php81-pecl-xmlrpc && \
|
|
||||||
echo "**** install certbot plugins ****" && \
|
echo "**** install certbot plugins ****" && \
|
||||||
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
||||||
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
||||||
fi && \
|
fi && \
|
||||||
python3 -m ensurepip && \
|
python3 -m venv /lsiopy && \
|
||||||
pip3 install -U --no-cache-dir \
|
pip install -U --no-cache-dir \
|
||||||
pip \
|
pip \
|
||||||
wheel && \
|
wheel && \
|
||||||
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
|
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
|
||||||
certbot==${CERTBOT_VERSION} \
|
certbot==${CERTBOT_VERSION} \
|
||||||
certbot-dns-acmedns \
|
certbot-dns-acmedns \
|
||||||
certbot-dns-aliyun \
|
certbot-dns-aliyun \
|
||||||
@@ -113,6 +106,7 @@ RUN \
|
|||||||
certbot-dns-gehirn \
|
certbot-dns-gehirn \
|
||||||
certbot-dns-godaddy \
|
certbot-dns-godaddy \
|
||||||
certbot-dns-google \
|
certbot-dns-google \
|
||||||
|
certbot-dns-google-domains \
|
||||||
certbot-dns-he \
|
certbot-dns-he \
|
||||||
certbot-dns-hetzner \
|
certbot-dns-hetzner \
|
||||||
certbot-dns-infomaniak \
|
certbot-dns-infomaniak \
|
||||||
@@ -147,7 +141,7 @@ RUN \
|
|||||||
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
/defaults/nginx/ssl.conf.sample && \
|
||||||
echo "**** correct ip6tables legacy issue ****" && \
|
echo "**** correct ip6tables legacy issue ****" && \
|
||||||
rm \
|
rm \
|
||||||
/sbin/ip6tables && \
|
/sbin/ip6tables && \
|
||||||
ln -s \
|
ln -s \
|
||||||
/sbin/ip6tables-nft /sbin/ip6tables && \
|
/sbin/ip6tables-nft /sbin/ip6tables && \
|
||||||
@@ -158,6 +152,8 @@ RUN \
|
|||||||
mkdir -p /defaults/fail2ban && \
|
mkdir -p /defaults/fail2ban && \
|
||||||
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
|
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
|
||||||
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
|
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
|
||||||
|
echo "**** define allowipv6 to silence warning ****" && \
|
||||||
|
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
|
||||||
echo "**** copy proxy confs to /defaults ****" && \
|
echo "**** copy proxy confs to /defaults ****" && \
|
||||||
mkdir -p \
|
mkdir -p \
|
||||||
/defaults/nginx/proxy-confs && \
|
/defaults/nginx/proxy-confs && \
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
# syntax=docker/dockerfile:1
|
# syntax=docker/dockerfile:1
|
||||||
|
|
||||||
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.17
|
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.18
|
||||||
|
|
||||||
# set version label
|
# set version label
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
@@ -24,7 +24,7 @@ RUN \
|
|||||||
openssl-dev \
|
openssl-dev \
|
||||||
python3-dev && \
|
python3-dev && \
|
||||||
echo "**** install runtime packages ****" && \
|
echo "**** install runtime packages ****" && \
|
||||||
apk add --no-cache --upgrade \
|
apk add --no-cache \
|
||||||
fail2ban \
|
fail2ban \
|
||||||
gnupg \
|
gnupg \
|
||||||
memcached \
|
memcached \
|
||||||
@@ -45,55 +45,48 @@ RUN \
|
|||||||
nginx-mod-stream \
|
nginx-mod-stream \
|
||||||
nginx-mod-stream-geoip2 \
|
nginx-mod-stream-geoip2 \
|
||||||
nginx-vim \
|
nginx-vim \
|
||||||
php81-bcmath \
|
php82-bcmath \
|
||||||
php81-bz2 \
|
php82-bz2 \
|
||||||
php81-ctype \
|
php82-dom \
|
||||||
php81-curl \
|
php82-exif \
|
||||||
php81-dom \
|
php82-ftp \
|
||||||
php81-exif \
|
php82-gd \
|
||||||
php81-ftp \
|
php82-gmp \
|
||||||
php81-gd \
|
php82-imap \
|
||||||
php81-gmp \
|
php82-intl \
|
||||||
php81-iconv \
|
php82-ldap \
|
||||||
php81-imap \
|
php82-mysqli \
|
||||||
php81-intl \
|
php82-mysqlnd \
|
||||||
php81-ldap \
|
php82-opcache \
|
||||||
php81-mysqli \
|
php82-pdo_mysql \
|
||||||
php81-mysqlnd \
|
php82-pdo_odbc \
|
||||||
php81-opcache \
|
php82-pdo_pgsql \
|
||||||
php81-pdo_mysql \
|
php82-pdo_sqlite \
|
||||||
php81-pdo_odbc \
|
php82-pear \
|
||||||
php81-pdo_pgsql \
|
php82-pecl-apcu \
|
||||||
php81-pdo_sqlite \
|
php82-pecl-memcached \
|
||||||
php81-pear \
|
php82-pecl-redis \
|
||||||
php81-pecl-apcu \
|
php82-pgsql \
|
||||||
php81-pecl-mailparse \
|
php82-posix \
|
||||||
php81-pecl-memcached \
|
php82-soap \
|
||||||
php81-pecl-redis \
|
php82-sockets \
|
||||||
php81-pgsql \
|
php82-sodium \
|
||||||
php81-phar \
|
php82-sqlite3 \
|
||||||
php81-posix \
|
php82-tokenizer \
|
||||||
php81-soap \
|
php82-xmlreader \
|
||||||
php81-sockets \
|
php82-xsl \
|
||||||
php81-sodium \
|
|
||||||
php81-sqlite3 \
|
|
||||||
php81-tokenizer \
|
|
||||||
php81-xmlreader \
|
|
||||||
php81-xsl \
|
|
||||||
php81-zip \
|
|
||||||
whois && \
|
whois && \
|
||||||
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
|
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
|
||||||
php81-pecl-mcrypt \
|
php82-pecl-mcrypt && \
|
||||||
php81-pecl-xmlrpc && \
|
|
||||||
echo "**** install certbot plugins ****" && \
|
echo "**** install certbot plugins ****" && \
|
||||||
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
||||||
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
||||||
fi && \
|
fi && \
|
||||||
python3 -m ensurepip && \
|
python3 -m venv /lsiopy && \
|
||||||
pip3 install -U --no-cache-dir \
|
pip install -U --no-cache-dir \
|
||||||
pip \
|
pip \
|
||||||
wheel && \
|
wheel && \
|
||||||
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
|
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
|
||||||
certbot==${CERTBOT_VERSION} \
|
certbot==${CERTBOT_VERSION} \
|
||||||
certbot-dns-acmedns \
|
certbot-dns-acmedns \
|
||||||
certbot-dns-aliyun \
|
certbot-dns-aliyun \
|
||||||
@@ -113,6 +106,7 @@ RUN \
|
|||||||
certbot-dns-gehirn \
|
certbot-dns-gehirn \
|
||||||
certbot-dns-godaddy \
|
certbot-dns-godaddy \
|
||||||
certbot-dns-google \
|
certbot-dns-google \
|
||||||
|
certbot-dns-google-domains \
|
||||||
certbot-dns-he \
|
certbot-dns-he \
|
||||||
certbot-dns-hetzner \
|
certbot-dns-hetzner \
|
||||||
certbot-dns-infomaniak \
|
certbot-dns-infomaniak \
|
||||||
@@ -147,7 +141,7 @@ RUN \
|
|||||||
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
/defaults/nginx/ssl.conf.sample && \
|
||||||
echo "**** correct ip6tables legacy issue ****" && \
|
echo "**** correct ip6tables legacy issue ****" && \
|
||||||
rm \
|
rm \
|
||||||
/sbin/ip6tables && \
|
/sbin/ip6tables && \
|
||||||
ln -s \
|
ln -s \
|
||||||
/sbin/ip6tables-nft /sbin/ip6tables && \
|
/sbin/ip6tables-nft /sbin/ip6tables && \
|
||||||
@@ -158,6 +152,8 @@ RUN \
|
|||||||
mkdir -p /defaults/fail2ban && \
|
mkdir -p /defaults/fail2ban && \
|
||||||
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
|
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
|
||||||
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
|
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
|
||||||
|
echo "**** define allowipv6 to silence warning ****" && \
|
||||||
|
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
|
||||||
echo "**** copy proxy confs to /defaults ****" && \
|
echo "**** copy proxy confs to /defaults ****" && \
|
||||||
mkdir -p \
|
mkdir -p \
|
||||||
/defaults/nginx/proxy-confs && \
|
/defaults/nginx/proxy-confs && \
|
||||||
|
|||||||
183
Dockerfile.armhf
183
Dockerfile.armhf
@@ -1,183 +0,0 @@
|
|||||||
# syntax=docker/dockerfile:1
|
|
||||||
|
|
||||||
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.17
|
|
||||||
|
|
||||||
# set version label
|
|
||||||
ARG BUILD_DATE
|
|
||||||
ARG VERSION
|
|
||||||
ARG CERTBOT_VERSION
|
|
||||||
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
|
|
||||||
LABEL maintainer="nemchik"
|
|
||||||
|
|
||||||
# environment settings
|
|
||||||
ENV DHLEVEL=2048 ONLY_SUBDOMAINS=false AWS_CONFIG_FILE=/config/dns-conf/route53.ini
|
|
||||||
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
|
|
||||||
|
|
||||||
RUN \
|
|
||||||
echo "**** install build packages ****" && \
|
|
||||||
apk add --no-cache --virtual=build-dependencies \
|
|
||||||
build-base \
|
|
||||||
cargo \
|
|
||||||
libffi-dev \
|
|
||||||
libxml2-dev \
|
|
||||||
libxslt-dev \
|
|
||||||
openssl-dev \
|
|
||||||
python3-dev && \
|
|
||||||
echo "**** install runtime packages ****" && \
|
|
||||||
apk add --no-cache --upgrade \
|
|
||||||
fail2ban \
|
|
||||||
gnupg \
|
|
||||||
memcached \
|
|
||||||
nginx-mod-http-brotli \
|
|
||||||
nginx-mod-http-dav-ext \
|
|
||||||
nginx-mod-http-echo \
|
|
||||||
nginx-mod-http-fancyindex \
|
|
||||||
nginx-mod-http-geoip2 \
|
|
||||||
nginx-mod-http-headers-more \
|
|
||||||
nginx-mod-http-image-filter \
|
|
||||||
nginx-mod-http-perl \
|
|
||||||
nginx-mod-http-redis2 \
|
|
||||||
nginx-mod-http-set-misc \
|
|
||||||
nginx-mod-http-upload-progress \
|
|
||||||
nginx-mod-http-xslt-filter \
|
|
||||||
nginx-mod-mail \
|
|
||||||
nginx-mod-rtmp \
|
|
||||||
nginx-mod-stream \
|
|
||||||
nginx-mod-stream-geoip2 \
|
|
||||||
nginx-vim \
|
|
||||||
php81-bcmath \
|
|
||||||
php81-bz2 \
|
|
||||||
php81-ctype \
|
|
||||||
php81-curl \
|
|
||||||
php81-dom \
|
|
||||||
php81-exif \
|
|
||||||
php81-ftp \
|
|
||||||
php81-gd \
|
|
||||||
php81-gmp \
|
|
||||||
php81-iconv \
|
|
||||||
php81-imap \
|
|
||||||
php81-intl \
|
|
||||||
php81-ldap \
|
|
||||||
php81-mysqli \
|
|
||||||
php81-mysqlnd \
|
|
||||||
php81-opcache \
|
|
||||||
php81-pdo_mysql \
|
|
||||||
php81-pdo_odbc \
|
|
||||||
php81-pdo_pgsql \
|
|
||||||
php81-pdo_sqlite \
|
|
||||||
php81-pear \
|
|
||||||
php81-pecl-apcu \
|
|
||||||
php81-pecl-mailparse \
|
|
||||||
php81-pecl-memcached \
|
|
||||||
php81-pecl-redis \
|
|
||||||
php81-pgsql \
|
|
||||||
php81-phar \
|
|
||||||
php81-posix \
|
|
||||||
php81-soap \
|
|
||||||
php81-sockets \
|
|
||||||
php81-sodium \
|
|
||||||
php81-sqlite3 \
|
|
||||||
php81-tokenizer \
|
|
||||||
php81-xmlreader \
|
|
||||||
php81-xsl \
|
|
||||||
php81-zip \
|
|
||||||
whois && \
|
|
||||||
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
|
|
||||||
php81-pecl-mcrypt \
|
|
||||||
php81-pecl-xmlrpc && \
|
|
||||||
echo "**** install certbot plugins ****" && \
|
|
||||||
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
|
||||||
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
|
||||||
fi && \
|
|
||||||
python3 -m ensurepip && \
|
|
||||||
pip3 install -U --no-cache-dir \
|
|
||||||
pip \
|
|
||||||
wheel && \
|
|
||||||
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
|
|
||||||
certbot==${CERTBOT_VERSION} \
|
|
||||||
certbot-dns-acmedns \
|
|
||||||
certbot-dns-aliyun \
|
|
||||||
certbot-dns-azure \
|
|
||||||
certbot-dns-cloudflare \
|
|
||||||
certbot-dns-cpanel \
|
|
||||||
certbot-dns-desec \
|
|
||||||
certbot-dns-digitalocean \
|
|
||||||
certbot-dns-directadmin \
|
|
||||||
certbot-dns-dnsimple \
|
|
||||||
certbot-dns-dnsmadeeasy \
|
|
||||||
certbot-dns-dnspod \
|
|
||||||
certbot-dns-do \
|
|
||||||
certbot-dns-domeneshop \
|
|
||||||
certbot-dns-duckdns \
|
|
||||||
certbot-dns-dynu \
|
|
||||||
certbot-dns-gehirn \
|
|
||||||
certbot-dns-godaddy \
|
|
||||||
certbot-dns-google \
|
|
||||||
certbot-dns-he \
|
|
||||||
certbot-dns-hetzner \
|
|
||||||
certbot-dns-infomaniak \
|
|
||||||
certbot-dns-inwx \
|
|
||||||
certbot-dns-ionos \
|
|
||||||
certbot-dns-linode \
|
|
||||||
certbot-dns-loopia \
|
|
||||||
certbot-dns-luadns \
|
|
||||||
certbot-dns-netcup \
|
|
||||||
certbot-dns-njalla \
|
|
||||||
certbot-dns-nsone \
|
|
||||||
certbot-dns-ovh \
|
|
||||||
certbot-dns-porkbun \
|
|
||||||
certbot-dns-rfc2136 \
|
|
||||||
certbot-dns-route53 \
|
|
||||||
certbot-dns-sakuracloud \
|
|
||||||
certbot-dns-standalone \
|
|
||||||
certbot-dns-transip \
|
|
||||||
certbot-dns-vultr \
|
|
||||||
certbot-plugin-gandi \
|
|
||||||
cryptography \
|
|
||||||
future \
|
|
||||||
requests && \
|
|
||||||
echo "**** enable OCSP stapling from base ****" && \
|
|
||||||
sed -i \
|
|
||||||
's|#ssl_stapling on;|ssl_stapling on;|' \
|
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
|
||||||
sed -i \
|
|
||||||
's|#ssl_stapling_verify on;|ssl_stapling_verify on;|' \
|
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
|
||||||
sed -i \
|
|
||||||
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
|
||||||
echo "**** correct ip6tables legacy issue ****" && \
|
|
||||||
rm \
|
|
||||||
/sbin/ip6tables && \
|
|
||||||
ln -s \
|
|
||||||
/sbin/ip6tables-nft /sbin/ip6tables && \
|
|
||||||
echo "**** remove unnecessary fail2ban filters ****" && \
|
|
||||||
rm \
|
|
||||||
/etc/fail2ban/jail.d/alpine-ssh.conf && \
|
|
||||||
echo "**** copy fail2ban default action and filter to /defaults ****" && \
|
|
||||||
mkdir -p /defaults/fail2ban && \
|
|
||||||
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
|
|
||||||
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
|
|
||||||
echo "**** copy proxy confs to /defaults ****" && \
|
|
||||||
mkdir -p \
|
|
||||||
/defaults/nginx/proxy-confs && \
|
|
||||||
curl -o \
|
|
||||||
/tmp/proxy-confs.tar.gz -L \
|
|
||||||
"https://github.com/linuxserver/reverse-proxy-confs/tarball/master" && \
|
|
||||||
tar xf \
|
|
||||||
/tmp/proxy-confs.tar.gz -C \
|
|
||||||
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
|
|
||||||
echo "**** cleanup ****" && \
|
|
||||||
apk del --purge \
|
|
||||||
build-dependencies && \
|
|
||||||
rm -rf \
|
|
||||||
/tmp/* \
|
|
||||||
$HOME/.cache \
|
|
||||||
$HOME/.cargo
|
|
||||||
|
|
||||||
# copy local files
|
|
||||||
COPY root/ /
|
|
||||||
|
|
||||||
# ports and volumes
|
|
||||||
EXPOSE 80 443
|
|
||||||
VOLUME /config
|
|
||||||
282
Jenkinsfile
vendored
282
Jenkinsfile
vendored
@@ -40,10 +40,16 @@ pipeline {
|
|||||||
// Setup all the basic environment variables needed for the build
|
// Setup all the basic environment variables needed for the build
|
||||||
stage("Set ENV Variables base"){
|
stage("Set ENV Variables base"){
|
||||||
steps{
|
steps{
|
||||||
|
sh '''#! /bin/bash
|
||||||
|
containers=$(docker ps -aq)
|
||||||
|
if [[ -n "${containers}" ]]; then
|
||||||
|
docker stop ${containers}
|
||||||
|
fi
|
||||||
|
docker system prune -af --volumes || : '''
|
||||||
script{
|
script{
|
||||||
env.EXIT_STATUS = ''
|
env.EXIT_STATUS = ''
|
||||||
env.LS_RELEASE = sh(
|
env.LS_RELEASE = sh(
|
||||||
script: '''docker run --rm ghcr.io/linuxserver/alexeiled-skopeo sh -c 'skopeo inspect docker://docker.io/'${DOCKERHUB_IMAGE}':latest 2>/dev/null' | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''',
|
script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:latest 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''',
|
||||||
returnStdout: true).trim()
|
returnStdout: true).trim()
|
||||||
env.LS_RELEASE_NOTES = sh(
|
env.LS_RELEASE_NOTES = sh(
|
||||||
script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''',
|
script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''',
|
||||||
@@ -57,7 +63,7 @@ pipeline {
|
|||||||
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
|
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
|
||||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
|
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
|
||||||
env.PULL_REQUEST = env.CHANGE_ID
|
env.PULL_REQUEST = env.CHANGE_ID
|
||||||
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/stale.yml ./.github/workflows/call_invalid_helper.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
|
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
|
||||||
}
|
}
|
||||||
script{
|
script{
|
||||||
env.LS_RELEASE_NUMBER = sh(
|
env.LS_RELEASE_NUMBER = sh(
|
||||||
@@ -157,7 +163,7 @@ pipeline {
|
|||||||
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
|
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
|
||||||
env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
|
env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
|
||||||
if (env.MULTIARCH == 'true') {
|
if (env.MULTIARCH == 'true') {
|
||||||
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
|
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
|
||||||
} else {
|
} else {
|
||||||
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
|
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
|
||||||
}
|
}
|
||||||
@@ -180,7 +186,7 @@ pipeline {
|
|||||||
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
|
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
|
||||||
env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
|
env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
|
||||||
if (env.MULTIARCH == 'true') {
|
if (env.MULTIARCH == 'true') {
|
||||||
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
|
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
|
||||||
} else {
|
} else {
|
||||||
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
|
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
|
||||||
}
|
}
|
||||||
@@ -203,12 +209,12 @@ pipeline {
|
|||||||
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
|
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
|
||||||
env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
|
env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
|
||||||
if (env.MULTIARCH == 'true') {
|
if (env.MULTIARCH == 'true') {
|
||||||
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
|
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
|
||||||
} else {
|
} else {
|
||||||
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
|
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
|
||||||
}
|
}
|
||||||
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
|
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
|
||||||
env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
|
env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
|
||||||
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
|
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
|
||||||
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
|
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
|
||||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
|
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
|
||||||
@@ -228,19 +234,16 @@ pipeline {
|
|||||||
script{
|
script{
|
||||||
env.SHELLCHECK_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml'
|
env.SHELLCHECK_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml'
|
||||||
}
|
}
|
||||||
sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-shellcheck/master/checkrun.sh | /bin/bash'''
|
sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-jenkins-builder/master/checkrun.sh | /bin/bash'''
|
||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
|
||||||
docker pull ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest
|
|
||||||
docker run --rm \
|
docker run --rm \
|
||||||
-e DESTINATION=\"${IMAGE}/${META_TAG}/shellcheck-result.xml\" \
|
-v ${WORKSPACE}:/mnt \
|
||||||
-e FILE_NAME="shellcheck-result.xml" \
|
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
|
||||||
-e MIMETYPE="text/xml" \
|
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
|
||||||
-v ${WORKSPACE}:/mnt \
|
ghcr.io/linuxserver/baseimage-alpine:3.17 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
||||||
-e SECRET_KEY=\"${S3_SECRET}\" \
|
apk add --no-cache py3-pip && \
|
||||||
-e ACCESS_KEY=\"${S3_KEY}\" \
|
pip install s3cmd && \
|
||||||
-t ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest \
|
s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
|
||||||
python /upload.py'''
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -277,7 +280,7 @@ pipeline {
|
|||||||
echo "Jenkinsfile is up to date."
|
echo "Jenkinsfile is up to date."
|
||||||
fi
|
fi
|
||||||
# Stage 2 - Delete old templates
|
# Stage 2 - Delete old templates
|
||||||
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md\n.github/ISSUE_TEMPLATE/issue.bug.md\n.github/ISSUE_TEMPLATE/issue.feature.md"
|
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf"
|
||||||
for i in ${OLD_TEMPLATES}; do
|
for i in ${OLD_TEMPLATES}; do
|
||||||
if [[ -f "${i}" ]]; then
|
if [[ -f "${i}" ]]; then
|
||||||
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
|
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
|
||||||
@@ -294,7 +297,7 @@ pipeline {
|
|||||||
git commit -m 'Bot Updating Templated Files'
|
git commit -m 'Bot Updating Templated Files'
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
echo "Deleting old templates"
|
echo "Deleting old and deprecated templates"
|
||||||
rm -Rf ${TEMPDIR}
|
rm -Rf ${TEMPDIR}
|
||||||
exit 0
|
exit 0
|
||||||
else
|
else
|
||||||
@@ -313,12 +316,13 @@ pipeline {
|
|||||||
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
|
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
|
||||||
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE
|
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE
|
||||||
cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || :
|
cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || :
|
||||||
|
cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || :
|
||||||
cd ${TEMPDIR}/repo/${LS_REPO}/
|
cd ${TEMPDIR}/repo/${LS_REPO}/
|
||||||
if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then
|
if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then
|
||||||
echo ".jenkins-external" >> .gitignore
|
echo ".jenkins-external" >> .gitignore
|
||||||
git add .gitignore
|
git add .gitignore
|
||||||
fi
|
fi
|
||||||
git add ${TEMPLATED_FILES}
|
git add readme-vars.yml ${TEMPLATED_FILES}
|
||||||
git commit -m 'Bot Updating Templated Files'
|
git commit -m 'Bot Updating Templated Files'
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
@@ -339,6 +343,8 @@ pipeline {
|
|||||||
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
|
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
|
||||||
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
|
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
|
||||||
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||||
|
elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
|
||||||
|
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||||
fi
|
fi
|
||||||
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
|
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
|
||||||
cd ${TEMPDIR}/unraid/templates/
|
cd ${TEMPDIR}/unraid/templates/
|
||||||
@@ -379,6 +385,26 @@ pipeline {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// If this is a master build check the S6 service file perms
|
||||||
|
stage("Check S6 Service file Permissions"){
|
||||||
|
when {
|
||||||
|
branch "master"
|
||||||
|
environment name: 'CHANGE_ID', value: ''
|
||||||
|
environment name: 'EXIT_STATUS', value: ''
|
||||||
|
}
|
||||||
|
steps {
|
||||||
|
script{
|
||||||
|
sh '''#! /bin/bash
|
||||||
|
WRONG_PERM=$(find ./ -path "./.git" -prune -o \\( -name "run" -o -name "finish" -o -name "check" \\) -not -perm -u=x,g=x,o=x -print)
|
||||||
|
if [[ -n "${WRONG_PERM}" ]]; then
|
||||||
|
echo "The following S6 service files are missing the executable bit; canceling the faulty build: ${WRONG_PERM}"
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
echo "S6 service file perms look good."
|
||||||
|
fi '''
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
/* #######################
|
/* #######################
|
||||||
GitLab Mirroring
|
GitLab Mirroring
|
||||||
####################### */
|
####################### */
|
||||||
@@ -410,8 +436,7 @@ pipeline {
|
|||||||
}
|
}
|
||||||
steps{
|
steps{
|
||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
PACKAGE_UUID=$(curl -X GET -H "Authorization: Bearer ${SCARF_TOKEN}" https://scarf.sh/api/v1/organizations/linuxserver-ci/packages | jq -r '.[] | select(.name=="linuxserver/swag") | .uuid' || :)
|
||||||
PACKAGE_UUID=$(curl -X GET -H "Authorization: Bearer ${SCARF_TOKEN}" https://scarf.sh/api/v1/organizations/linuxserver-ci/packages | jq -r '.[] | select(.name=="linuxserver/swag") | .uuid')
|
|
||||||
if [ -z "${PACKAGE_UUID}" ]; then
|
if [ -z "${PACKAGE_UUID}" ]; then
|
||||||
echo "Adding package to Scarf.sh"
|
echo "Adding package to Scarf.sh"
|
||||||
curl -sX POST https://scarf.sh/api/v1/organizations/linuxserver-ci/packages \
|
curl -sX POST https://scarf.sh/api/v1/organizations/linuxserver-ci/packages \
|
||||||
@@ -491,41 +516,6 @@ pipeline {
|
|||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
stage('Build ARMHF') {
|
|
||||||
agent {
|
|
||||||
label 'ARMHF'
|
|
||||||
}
|
|
||||||
steps {
|
|
||||||
echo "Running on node: ${NODE_NAME}"
|
|
||||||
echo 'Logging into Github'
|
|
||||||
sh '''#! /bin/bash
|
|
||||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
|
||||||
'''
|
|
||||||
sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.armhf"
|
|
||||||
sh "docker buildx build \
|
|
||||||
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
|
|
||||||
--label \"org.opencontainers.image.authors=linuxserver.io\" \
|
|
||||||
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-swag/packages\" \
|
|
||||||
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-swag\" \
|
|
||||||
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-swag\" \
|
|
||||||
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
|
|
||||||
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
|
|
||||||
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
|
|
||||||
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
|
|
||||||
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
|
|
||||||
--label \"org.opencontainers.image.title=Swag\" \
|
|
||||||
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
|
||||||
--no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} --platform=linux/arm/v7 \
|
|
||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
|
||||||
sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
|
|
||||||
retry(5) {
|
|
||||||
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
|
|
||||||
}
|
|
||||||
sh '''docker rmi \
|
|
||||||
${IMAGE}:arm32v7-${META_TAG} \
|
|
||||||
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
|
|
||||||
}
|
|
||||||
}
|
|
||||||
stage('Build ARM64') {
|
stage('Build ARM64') {
|
||||||
agent {
|
agent {
|
||||||
label 'ARM64'
|
label 'ARM64'
|
||||||
@@ -556,9 +546,12 @@ pipeline {
|
|||||||
retry(5) {
|
retry(5) {
|
||||||
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
||||||
}
|
}
|
||||||
sh '''docker rmi \
|
sh '''#! /bin/bash
|
||||||
${IMAGE}:arm64v8-${META_TAG} \
|
containers=$(docker ps -aq)
|
||||||
ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
|
if [[ -n "${containers}" ]]; then
|
||||||
|
docker stop ${containers}
|
||||||
|
fi
|
||||||
|
docker system prune -af --volumes || : '''
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -619,13 +612,6 @@ pipeline {
|
|||||||
environment name: 'EXIT_STATUS', value: ''
|
environment name: 'EXIT_STATUS', value: ''
|
||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
sh '''#! /bin/bash
|
|
||||||
echo "Packages were updated. Cleaning up the image and exiting."
|
|
||||||
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
|
|
||||||
docker rmi ${IMAGE}:amd64-${META_TAG}
|
|
||||||
else
|
|
||||||
docker rmi ${IMAGE}:${META_TAG}
|
|
||||||
fi'''
|
|
||||||
script{
|
script{
|
||||||
env.EXIT_STATUS = 'ABORTED'
|
env.EXIT_STATUS = 'ABORTED'
|
||||||
}
|
}
|
||||||
@@ -643,13 +629,6 @@ pipeline {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
sh '''#! /bin/bash
|
|
||||||
echo "There are no package updates. Cleaning up the image and exiting."
|
|
||||||
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
|
|
||||||
docker rmi ${IMAGE}:amd64-${META_TAG}
|
|
||||||
else
|
|
||||||
docker rmi ${IMAGE}:${META_TAG}
|
|
||||||
fi'''
|
|
||||||
script{
|
script{
|
||||||
env.EXIT_STATUS = 'ABORTED'
|
env.EXIT_STATUS = 'ABORTED'
|
||||||
}
|
}
|
||||||
@@ -671,14 +650,13 @@ pipeline {
|
|||||||
]) {
|
]) {
|
||||||
script{
|
script{
|
||||||
env.CI_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/index.html'
|
env.CI_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/index.html'
|
||||||
|
env.CI_JSON_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/report.json'
|
||||||
}
|
}
|
||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
set -e
|
||||||
docker pull ghcr.io/linuxserver/ci:latest
|
docker pull ghcr.io/linuxserver/ci:latest
|
||||||
if [ "${MULTIARCH}" == "true" ]; then
|
if [ "${MULTIARCH}" == "true" ]; then
|
||||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
|
|
||||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
|
|
||||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
||||||
fi
|
fi
|
||||||
docker run --rm \
|
docker run --rm \
|
||||||
@@ -697,8 +675,6 @@ pipeline {
|
|||||||
-e WEB_SCREENSHOT=\"${CI_WEB}\" \
|
-e WEB_SCREENSHOT=\"${CI_WEB}\" \
|
||||||
-e WEB_AUTH=\"${CI_AUTH}\" \
|
-e WEB_AUTH=\"${CI_AUTH}\" \
|
||||||
-e WEB_PATH=\"${CI_WEBPATH}\" \
|
-e WEB_PATH=\"${CI_WEBPATH}\" \
|
||||||
-e DO_REGION="ams3" \
|
|
||||||
-e DO_BUCKET="lsio-ci" \
|
|
||||||
-t ghcr.io/linuxserver/ci:latest \
|
-t ghcr.io/linuxserver/ci:latest \
|
||||||
python3 test_build.py'''
|
python3 test_build.py'''
|
||||||
}
|
}
|
||||||
@@ -751,17 +727,6 @@ pipeline {
|
|||||||
done
|
done
|
||||||
'''
|
'''
|
||||||
}
|
}
|
||||||
sh '''#! /bin/bash
|
|
||||||
for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
|
|
||||||
docker rmi \
|
|
||||||
${DELETEIMAGE}:${META_TAG} \
|
|
||||||
${DELETEIMAGE}:${EXT_RELEASE_TAG} \
|
|
||||||
${DELETEIMAGE}:latest || :
|
|
||||||
if [ -n "${SEMVER}" ]; then
|
|
||||||
docker rmi ${DELETEIMAGE}:${SEMVER} || :
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
'''
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -794,8 +759,6 @@ pipeline {
|
|||||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||||
if [ "${CI}" == "false" ]; then
|
if [ "${CI}" == "false" ]; then
|
||||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
|
|
||||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
|
|
||||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
||||||
fi
|
fi
|
||||||
@@ -803,49 +766,47 @@ pipeline {
|
|||||||
docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
|
docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
|
||||||
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
|
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
|
||||||
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
|
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
|
||||||
docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG}
|
|
||||||
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest
|
|
||||||
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
|
|
||||||
docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
||||||
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest
|
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest
|
||||||
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
||||||
if [ -n "${SEMVER}" ]; then
|
if [ -n "${SEMVER}" ]; then
|
||||||
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
|
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
|
||||||
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${SEMVER}
|
|
||||||
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||||
fi
|
fi
|
||||||
docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
|
docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
|
||||||
docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
|
docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
|
||||||
docker push ${MANIFESTIMAGE}:amd64-latest
|
docker push ${MANIFESTIMAGE}:amd64-latest
|
||||||
docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG}
|
|
||||||
docker push ${MANIFESTIMAGE}:arm32v7-latest
|
|
||||||
docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
|
|
||||||
docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
||||||
docker push ${MANIFESTIMAGE}:arm64v8-latest
|
docker push ${MANIFESTIMAGE}:arm64v8-latest
|
||||||
docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
||||||
if [ -n "${SEMVER}" ]; then
|
if [ -n "${SEMVER}" ]; then
|
||||||
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
|
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
|
||||||
docker push ${MANIFESTIMAGE}:arm32v7-${SEMVER}
|
|
||||||
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||||
fi
|
fi
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:latest || :
|
docker manifest push --purge ${MANIFESTIMAGE}:latest || :
|
||||||
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest
|
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
|
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
|
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
|
||||||
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
|
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
|
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
|
||||||
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} --os linux --arch arm
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
|
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
|
||||||
if [ -n "${SEMVER}" ]; then
|
if [ -n "${SEMVER}" ]; then
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
|
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
|
||||||
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} --os linux --arch arm
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
|
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
|
||||||
fi
|
fi
|
||||||
|
token=$(curl -sX GET "https://ghcr.io/token?scope=repository%3Alinuxserver%2F${CONTAINER_NAME}%3Apull" | jq -r '.token')
|
||||||
|
digest=$(curl -s \
|
||||||
|
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
|
||||||
|
--header "Authorization: Bearer ${token}" \
|
||||||
|
"https://ghcr.io/v2/linuxserver/${CONTAINER_NAME}/manifests/arm32v7-latest")
|
||||||
|
if [[ $(echo "$digest" | jq -r '.layers') != "null" ]]; then
|
||||||
|
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest || :
|
||||||
|
docker manifest create ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:amd64-latest
|
||||||
|
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest
|
||||||
|
fi
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:latest
|
docker manifest push --purge ${MANIFESTIMAGE}:latest
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG}
|
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG}
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG}
|
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG}
|
||||||
@@ -855,29 +816,6 @@ pipeline {
|
|||||||
done
|
done
|
||||||
'''
|
'''
|
||||||
}
|
}
|
||||||
sh '''#! /bin/bash
|
|
||||||
for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
|
|
||||||
docker rmi \
|
|
||||||
${DELETEIMAGE}:amd64-${META_TAG} \
|
|
||||||
${DELETEIMAGE}:amd64-latest \
|
|
||||||
${DELETEIMAGE}:amd64-${EXT_RELEASE_TAG} \
|
|
||||||
${DELETEIMAGE}:arm32v7-${META_TAG} \
|
|
||||||
${DELETEIMAGE}:arm32v7-latest \
|
|
||||||
${DELETEIMAGE}:arm32v7-${EXT_RELEASE_TAG} \
|
|
||||||
${DELETEIMAGE}:arm64v8-${META_TAG} \
|
|
||||||
${DELETEIMAGE}:arm64v8-latest \
|
|
||||||
${DELETEIMAGE}:arm64v8-${EXT_RELEASE_TAG} || :
|
|
||||||
if [ -n "${SEMVER}" ]; then
|
|
||||||
docker rmi \
|
|
||||||
${DELETEIMAGE}:amd64-${SEMVER} \
|
|
||||||
${DELETEIMAGE}:arm32v7-${SEMVER} \
|
|
||||||
${DELETEIMAGE}:arm64v8-${SEMVER} || :
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
docker rmi \
|
|
||||||
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \
|
|
||||||
ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :
|
|
||||||
'''
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -948,12 +886,78 @@ pipeline {
|
|||||||
stage('Pull Request Comment') {
|
stage('Pull Request Comment') {
|
||||||
when {
|
when {
|
||||||
not {environment name: 'CHANGE_ID', value: ''}
|
not {environment name: 'CHANGE_ID', value: ''}
|
||||||
environment name: 'CI', value: 'true'
|
|
||||||
environment name: 'EXIT_STATUS', value: ''
|
environment name: 'EXIT_STATUS', value: ''
|
||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/issues/${PULL_REQUEST}/comments \
|
sh '''#! /bin/bash
|
||||||
-d '{"body": "I am a bot, here are the test results for this PR: \\n'${CI_URL}' \\n'${SHELLCHECK_URL}'"}' '''
|
# Function to retrieve JSON data from URL
|
||||||
|
get_json() {
|
||||||
|
local url="$1"
|
||||||
|
local response=$(curl -s "$url")
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
echo "Failed to retrieve JSON data from $url"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
local json=$(echo "$response" | jq .)
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
echo "Failed to parse JSON data from $url"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
echo "$json"
|
||||||
|
}
|
||||||
|
|
||||||
|
build_table() {
|
||||||
|
local data="$1"
|
||||||
|
|
||||||
|
# Get the keys in the JSON data
|
||||||
|
local keys=$(echo "$data" | jq -r 'to_entries | map(.key) | .[]')
|
||||||
|
|
||||||
|
# Check if keys are empty
|
||||||
|
if [ -z "$keys" ]; then
|
||||||
|
echo "JSON report data does not contain any keys or the report does not exist."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Build table header
|
||||||
|
local header="| Tag | Passed |\\n| --- | --- |\\n"
|
||||||
|
|
||||||
|
# Loop through the JSON data to build the table rows
|
||||||
|
local rows=""
|
||||||
|
for build in $keys; do
|
||||||
|
local status=$(echo "$data" | jq -r ".[\\"$build\\"].test_success")
|
||||||
|
if [ "$status" = "true" ]; then
|
||||||
|
status="✅"
|
||||||
|
else
|
||||||
|
status="❌"
|
||||||
|
fi
|
||||||
|
local row="| "$build" | "$status" |\\n"
|
||||||
|
rows="${rows}${row}"
|
||||||
|
done
|
||||||
|
|
||||||
|
local table="${header}${rows}"
|
||||||
|
local escaped_table=$(echo "$table" | sed 's/\"/\\\\"/g')
|
||||||
|
echo "$escaped_table"
|
||||||
|
}
|
||||||
|
|
||||||
|
if [[ "${CI}" = "true" ]]; then
|
||||||
|
# Retrieve JSON data from URL
|
||||||
|
data=$(get_json "$CI_JSON_URL")
|
||||||
|
# Create table from JSON data
|
||||||
|
table=$(build_table "$data")
|
||||||
|
echo -e "$table"
|
||||||
|
|
||||||
|
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
|
||||||
|
-H "Accept: application/vnd.github.v3+json" \
|
||||||
|
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
|
||||||
|
-d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}"
|
||||||
|
else
|
||||||
|
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
|
||||||
|
-H "Accept: application/vnd.github.v3+json" \
|
||||||
|
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
|
||||||
|
-d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}"
|
||||||
|
fi
|
||||||
|
'''
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -979,6 +983,14 @@ pipeline {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
cleanup {
|
cleanup {
|
||||||
|
sh '''#! /bin/bash
|
||||||
|
echo "Performing docker system prune!!"
|
||||||
|
containers=$(docker ps -aq)
|
||||||
|
if [[ -n "${containers}" ]]; then
|
||||||
|
docker stop ${containers}
|
||||||
|
fi
|
||||||
|
docker system prune -af --volumes || :
|
||||||
|
'''
|
||||||
cleanWs()
|
cleanWs()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
10
README.md
10
README.md
@@ -56,7 +56,7 @@ The architectures supported by this image are:
|
|||||||
| :----: | :----: | ---- |
|
| :----: | :----: | ---- |
|
||||||
| x86-64 | ✅ | amd64-\<version tag\> |
|
| x86-64 | ✅ | amd64-\<version tag\> |
|
||||||
| arm64 | ✅ | arm64v8-\<version tag\> |
|
| arm64 | ✅ | arm64v8-\<version tag\> |
|
||||||
| armhf | ✅ | arm32v7-\<version tag\> |
|
| armhf | ❌ | |
|
||||||
|
|
||||||
## Application Setup
|
## Application Setup
|
||||||
|
|
||||||
@@ -215,7 +215,7 @@ Container images are configured using parameters passed at runtime (such as thos
|
|||||||
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
||||||
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
||||||
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
||||||
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
||||||
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
||||||
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
||||||
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
||||||
@@ -336,6 +336,12 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
|||||||
|
|
||||||
## Versions
|
## Versions
|
||||||
|
|
||||||
|
* **25.05.23:** - Rebase to Alpine 3.18, deprecate armhf.
|
||||||
|
* **27.04.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf, authentik-location.conf, authentik-server.conf - Simplify auth configs and fix Set-Cookie header bug.
|
||||||
|
* **13.04.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik.
|
||||||
|
* **25.03.23:** - Fix renewal post hook.
|
||||||
|
* **10.03.23:** - Cleanup unused csr and keys folders. See [certbot 2.3.0 release notes](https://github.com/certbot/certbot/releases/tag/v2.3.0).
|
||||||
|
* **09.03.23:** - Add Google Domains DNS support, `google-domains`.
|
||||||
* **02.03.23:** - Set permissions on crontabs during init.
|
* **02.03.23:** - Set permissions on crontabs during init.
|
||||||
* **09.02.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs.
|
* **09.02.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs.
|
||||||
* **06.02.23:** - Add porkbun support back in.
|
* **06.02.23:** - Add porkbun support back in.
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ external_type: pip_version
|
|||||||
release_type: stable
|
release_type: stable
|
||||||
release_tag: latest
|
release_tag: latest
|
||||||
ls_branch: master
|
ls_branch: master
|
||||||
|
build_armhf: false
|
||||||
repo_vars:
|
repo_vars:
|
||||||
- EXT_PIP = 'certbot'
|
- EXT_PIP = 'certbot'
|
||||||
- BUILD_VERSION_ARG = 'CERTBOT_VERSION'
|
- BUILD_VERSION_ARG = 'CERTBOT_VERSION'
|
||||||
|
|||||||
@@ -1,329 +1,340 @@
|
|||||||
NAME VERSION TYPE
|
NAME VERSION TYPE
|
||||||
ConfigArgParse 1.5.3 python
|
ConfigArgParse 1.5.5 python
|
||||||
PyJWT 2.6.0 python
|
PyJWT 2.7.0 python
|
||||||
PyYAML 6.0 python
|
PyYAML 6.0 python
|
||||||
acme 2.4.0 python
|
acme 2.6.0 python
|
||||||
alpine-baselayout 3.4.0-r0 apk
|
alpine-baselayout 3.4.3-r1 apk
|
||||||
alpine-baselayout-data 3.4.0-r0 apk
|
alpine-baselayout-data 3.4.3-r1 apk
|
||||||
alpine-keys 2.4-r1 apk
|
alpine-keys 2.4-r1 apk
|
||||||
alpine-release 3.17.2-r0 apk
|
alpine-release 3.18.2-r0 apk
|
||||||
aom-libs 3.5.0-r0 apk
|
aom-libs 3.6.1-r0 apk
|
||||||
apache2-utils 2.4.55-r0 apk
|
apache2-utils 2.4.57-r2 apk
|
||||||
apk-tools 2.12.10-r1 apk
|
apk-tools 2.14.0-r2 apk
|
||||||
apr 1.7.2-r0 apk
|
apr 1.7.4-r0 apk
|
||||||
apr-util 1.6.3-r0 apk
|
apr-util 1.6.3-r1 apk
|
||||||
argon2-libs 20190702-r2 apk
|
argon2-libs 20190702-r4 apk
|
||||||
attrs 22.2.0 python
|
attrs 23.1.0 python
|
||||||
azure-common 1.1.28 python
|
azure-common 1.1.28 python
|
||||||
azure-core 1.26.3 python
|
azure-core 1.27.1 python
|
||||||
azure-identity 1.12.0 python
|
azure-identity 1.13.0 python
|
||||||
azure-mgmt-core 1.3.2 python
|
azure-mgmt-core 1.4.0 python
|
||||||
azure-mgmt-dns 8.0.0 python
|
azure-mgmt-dns 8.1.0 python
|
||||||
bash 5.2.15-r0 apk
|
bash 5.2.15-r5 apk
|
||||||
beautifulsoup4 4.11.2 python
|
beautifulsoup4 4.12.2 python
|
||||||
boto3 1.26.87 python
|
boto3 1.26.165 python
|
||||||
botocore 1.29.87 python
|
botocore 1.29.165 python
|
||||||
brotli-libs 1.0.9-r9 apk
|
brotli-libs 1.0.9-r14 apk
|
||||||
bs4 0.0.1 python
|
bs4 0.0.1 python
|
||||||
busybox 1.35.0 binary
|
busybox 1.36.1 binary
|
||||||
busybox 1.35.0-r29 apk
|
busybox 1.36.1-r0 apk
|
||||||
busybox-binsh 1.35.0-r29 apk
|
busybox-binsh 1.36.1-r0 apk
|
||||||
c-client 2007f-r14 apk
|
c-client 2007f-r15 apk
|
||||||
ca-certificates 20220614-r4 apk
|
ca-certificates 20230506-r0 apk
|
||||||
ca-certificates-bundle 20220614-r4 apk
|
ca-certificates-bundle 20230506-r0 apk
|
||||||
cachetools 5.3.0 python
|
cachetools 5.3.1 python
|
||||||
certbot 2.4.0 python
|
certbot 2.6.0 python
|
||||||
certbot-dns-acmedns 0.1.0 python
|
certbot-dns-acmedns 0.1.0 python
|
||||||
certbot-dns-aliyun 2.0.0 python
|
certbot-dns-aliyun 2.0.0 python
|
||||||
certbot-dns-azure 2.1.0 python
|
certbot-dns-azure 2.3.0 python
|
||||||
certbot-dns-cloudflare 2.4.0 python
|
certbot-dns-cloudflare 2.6.0 python
|
||||||
certbot-dns-cpanel 0.4.0 python
|
certbot-dns-cpanel 0.4.0 python
|
||||||
certbot-dns-desec 1.2.1 python
|
certbot-dns-desec 1.2.1 python
|
||||||
certbot-dns-digitalocean 2.4.0 python
|
certbot-dns-digitalocean 2.6.0 python
|
||||||
certbot-dns-directadmin 1.0.3 python
|
certbot-dns-directadmin 1.0.3 python
|
||||||
certbot-dns-dnsimple 2.4.0 python
|
certbot-dns-dnsimple 2.6.0 python
|
||||||
certbot-dns-dnsmadeeasy 2.4.0 python
|
certbot-dns-dnsmadeeasy 2.6.0 python
|
||||||
certbot-dns-dnspod 0.1.0 python
|
certbot-dns-dnspod 0.1.0 python
|
||||||
certbot-dns-do 0.31.0 python
|
certbot-dns-do 0.31.0 python
|
||||||
certbot-dns-domeneshop 0.2.9 python
|
certbot-dns-domeneshop 0.2.9 python
|
||||||
certbot-dns-duckdns 1.2.1 python
|
certbot-dns-duckdns 1.3 python
|
||||||
certbot-dns-dynu 0.0.4 python
|
certbot-dns-dynu 0.0.4 python
|
||||||
certbot-dns-gehirn 2.4.0 python
|
certbot-dns-gehirn 2.6.0 python
|
||||||
certbot-dns-godaddy 0.2.2 python
|
certbot-dns-godaddy 0.2.2 python
|
||||||
certbot-dns-google 2.4.0 python
|
certbot-dns-google 2.6.0 python
|
||||||
certbot-dns-he 1.0.0 python
|
certbot-dns-google-domains 0.1.11 python
|
||||||
certbot-dns-hetzner 2.0.0 python
|
certbot-dns-he 1.0.0 python
|
||||||
certbot-dns-infomaniak 0.2.1 python
|
certbot-dns-hetzner 2.0.0 python
|
||||||
certbot-dns-inwx 2.2.0 python
|
certbot-dns-infomaniak 0.2.1 python
|
||||||
certbot-dns-ionos 2022.11.24 python
|
certbot-dns-inwx 2.2.0 python
|
||||||
certbot-dns-linode 2.4.0 python
|
certbot-dns-ionos 2022.11.24 python
|
||||||
certbot-dns-loopia 1.0.1 python
|
certbot-dns-linode 2.6.0 python
|
||||||
certbot-dns-luadns 2.4.0 python
|
certbot-dns-loopia 1.0.1 python
|
||||||
certbot-dns-netcup 1.2.0 python
|
certbot-dns-luadns 2.6.0 python
|
||||||
certbot-dns-njalla 1.0.0 python
|
certbot-dns-netcup 1.3.0 python
|
||||||
certbot-dns-nsone 2.4.0 python
|
certbot-dns-njalla 1.0.0 python
|
||||||
certbot-dns-ovh 2.4.0 python
|
certbot-dns-nsone 2.6.0 python
|
||||||
certbot-dns-porkbun 0.7 python
|
certbot-dns-ovh 2.6.0 python
|
||||||
certbot-dns-rfc2136 2.4.0 python
|
certbot-dns-porkbun 0.8 python
|
||||||
certbot-dns-route53 2.4.0 python
|
certbot-dns-rfc2136 2.6.0 python
|
||||||
certbot-dns-sakuracloud 2.4.0 python
|
certbot-dns-route53 2.6.0 python
|
||||||
certbot-dns-standalone 1.1 python
|
certbot-dns-sakuracloud 2.6.0 python
|
||||||
certbot-dns-transip 0.5.2 python
|
certbot-dns-standalone 1.1 python
|
||||||
certbot-dns-vultr 1.0.3 python
|
certbot-dns-transip 0.5.2 python
|
||||||
certbot-plugin-gandi 1.4.3 python
|
certbot-dns-vultr 1.1.0 python
|
||||||
certifi 2022.12.7 python
|
certbot-plugin-gandi 1.4.3 python
|
||||||
cffi 1.15.1 python
|
certifi 2023.5.7 python
|
||||||
charset-normalizer 3.1.0 python
|
cffi 1.15.1 python
|
||||||
cloudflare 2.11.1 python
|
charset-normalizer 3.1.0 python
|
||||||
configobj 5.0.8 python
|
cloudflare 2.11.6 python
|
||||||
coreutils 9.1-r0 apk
|
configobj 5.0.8 python
|
||||||
cryptography 39.0.2 python
|
coreutils 9.3-r1 apk
|
||||||
curl 7.88.1-r0 apk
|
cryptography 41.0.1 python
|
||||||
distro 1.8.0 python
|
curl 8.1.2-r0 apk
|
||||||
dns-lexicon 3.11.7 python
|
dataclasses-json 0.5.9 python
|
||||||
dnslib 0.9.23 python
|
distro 1.8.0 python
|
||||||
dnspython 2.3.0 python
|
dns-lexicon 3.11.7 python
|
||||||
domeneshop 0.4.3 python
|
dnslib 0.9.23 python
|
||||||
fail2ban 1.0.2 python
|
dnspython 2.3.0 python
|
||||||
fail2ban 1.0.2-r0 apk
|
domeneshop 0.4.3 python
|
||||||
filelock 3.9.0 python
|
fail2ban 1.0.2 python
|
||||||
fontconfig 2.14.1-r0 apk
|
fail2ban 1.0.2-r2 apk
|
||||||
freetype 2.12.1-r0 apk
|
fail2ban-pyc 1.0.2-r2 apk
|
||||||
future 0.18.3 python
|
filelock 3.12.2 python
|
||||||
gdbm 1.23-r0 apk
|
fontconfig 2.14.2-r3 apk
|
||||||
git 2.38.4-r0 apk
|
freetype 2.13.0-r5 apk
|
||||||
gmp 6.2.1-r2 apk
|
future 0.18.3 python
|
||||||
gnupg 2.2.40-r0 apk
|
gdbm 1.23-r1 apk
|
||||||
gnupg-dirmngr 2.2.40-r0 apk
|
git 2.40.1-r0 apk
|
||||||
gnupg-gpgconf 2.2.40-r0 apk
|
git-perl 2.40.1-r0 apk
|
||||||
gnupg-utils 2.2.40-r0 apk
|
gmp 6.2.1-r3 apk
|
||||||
gnupg-wks-client 2.2.40-r0 apk
|
gnupg 2.4.1-r1 apk
|
||||||
gnutls 3.7.8-r3 apk
|
gnupg-dirmngr 2.4.1-r1 apk
|
||||||
google-api-core 2.11.0 python
|
gnupg-gpgconf 2.4.1-r1 apk
|
||||||
google-api-python-client 2.80.0 python
|
gnupg-keyboxd 2.4.1-r1 apk
|
||||||
google-auth 2.16.2 python
|
gnupg-utils 2.4.1-r1 apk
|
||||||
google-auth-httplib2 0.1.0 python
|
gnupg-wks-client 2.4.1-r1 apk
|
||||||
googleapis-common-protos 1.58.0 python
|
gnutls 3.8.0-r2 apk
|
||||||
gpg 2.2.40-r0 apk
|
google-api-core 2.11.1 python
|
||||||
gpg-agent 2.2.40-r0 apk
|
google-api-python-client 2.91.0 python
|
||||||
gpg-wks-server 2.2.40-r0 apk
|
google-auth 2.21.0 python
|
||||||
gpgsm 2.2.40-r0 apk
|
google-auth-httplib2 0.1.0 python
|
||||||
gpgv 2.2.40-r0 apk
|
googleapis-common-protos 1.59.1 python
|
||||||
httplib2 0.21.0 python
|
gpg 2.4.1-r1 apk
|
||||||
icu-data-en 72.1-r1 apk
|
gpg-agent 2.4.1-r1 apk
|
||||||
icu-libs 72.1-r1 apk
|
gpg-wks-server 2.4.1-r1 apk
|
||||||
idna 3.4 python
|
gpgsm 2.4.1-r1 apk
|
||||||
importlib-metadata 6.0.0 python
|
gpgv 2.4.1-r1 apk
|
||||||
ip6tables 1.8.8-r2 apk
|
httplib2 0.22.0 python
|
||||||
iptables 1.8.8-r2 apk
|
icu-data-en 73.2-r1 apk
|
||||||
isodate 0.6.1 python
|
icu-libs 73.2-r1 apk
|
||||||
jmespath 1.0.1 python
|
idna 3.4 python
|
||||||
josepy 1.13.0 python
|
importlib-metadata 6.7.0 python
|
||||||
jq 1.6-r2 apk
|
ip6tables 1.8.9-r2 apk
|
||||||
jsonlines 3.1.0 python
|
iptables 1.8.9-r2 apk
|
||||||
jsonpickle 3.0.1 python
|
isodate 0.6.1 python
|
||||||
libacl 2.3.1-r1 apk
|
jmespath 1.0.1 python
|
||||||
libassuan 2.5.5-r1 apk
|
josepy 1.13.0 python
|
||||||
libattr 2.5.1-r2 apk
|
jq 1.6-r3 apk
|
||||||
libavif 0.11.1-r0 apk
|
jsonlines 3.1.0 python
|
||||||
libbsd 0.11.7-r0 apk
|
jsonpickle 3.0.1 python
|
||||||
libbz2 1.0.8-r4 apk
|
libacl 2.3.1-r3 apk
|
||||||
libc-utils 0.7.2-r3 apk
|
libassuan 2.5.6-r0 apk
|
||||||
libcrypto3 3.0.8-r0 apk
|
libattr 2.5.1-r4 apk
|
||||||
libcurl 7.88.1-r0 apk
|
libavif 0.11.1-r2 apk
|
||||||
libdav1d 1.0.0-r2 apk
|
libbsd 0.11.7-r1 apk
|
||||||
libedit 20221030.3.1-r0 apk
|
libbz2 1.0.8-r5 apk
|
||||||
libevent 2.1.12-r5 apk
|
libc-utils 0.7.2-r5 apk
|
||||||
libexpat 2.5.0-r0 apk
|
libcrypto3 3.1.1-r1 apk
|
||||||
libffi 3.4.4-r0 apk
|
libcurl 8.1.2-r0 apk
|
||||||
libgcc 12.2.1_git20220924-r4 apk
|
libdav1d 1.2.1-r0 apk
|
||||||
libgcrypt 1.10.1-r0 apk
|
libedit 20221030.3.1-r1 apk
|
||||||
libgd 2.3.3-r3 apk
|
libevent 2.1.12-r6 apk
|
||||||
libgpg-error 1.46-r1 apk
|
libexpat 2.5.0-r1 apk
|
||||||
libice 1.0.10-r1 apk
|
libffi 3.4.4-r2 apk
|
||||||
libidn 1.41-r0 apk
|
libgcc 12.2.1_git20220924-r10 apk
|
||||||
libintl 0.21.1-r1 apk
|
libgcrypt 1.10.2-r1 apk
|
||||||
libjpeg-turbo 2.1.4-r0 apk
|
libgd 2.3.3-r7 apk
|
||||||
libksba 1.6.3-r0 apk
|
libgpg-error 1.47-r1 apk
|
||||||
libldap 2.6.3-r6 apk
|
libice 1.1.1-r2 apk
|
||||||
libmaxminddb-libs 1.7.1-r0 apk
|
libidn2 2.3.4-r1 apk
|
||||||
libmcrypt 2.5.8-r10 apk
|
libintl 0.21.1-r7 apk
|
||||||
libmd 1.0.4-r0 apk
|
libjpeg-turbo 2.1.5.1-r3 apk
|
||||||
libmemcached-libs 1.0.18-r5 apk
|
libksba 1.6.4-r0 apk
|
||||||
libmnl 1.0.5-r0 apk
|
libldap 2.6.4-r3 apk
|
||||||
libnftnl 1.2.4-r0 apk
|
libmaxminddb-libs 1.7.1-r1 apk
|
||||||
libpng 1.6.38-r0 apk
|
libmcrypt 2.5.8-r10 apk
|
||||||
libpq 15.2-r0 apk
|
libmd 1.0.4-r2 apk
|
||||||
libproc 3.3.17-r2 apk
|
libmemcached-libs 1.1.4-r1 apk
|
||||||
libsasl 2.1.28-r3 apk
|
libmnl 1.0.5-r1 apk
|
||||||
libseccomp 2.5.4-r0 apk
|
libncursesw 6.4_p20230506-r0 apk
|
||||||
libsm 1.2.3-r1 apk
|
libnftnl 1.2.5-r1 apk
|
||||||
libsodium 1.0.18-r2 apk
|
libpanelw 6.4_p20230506-r0 apk
|
||||||
libssl3 3.0.8-r0 apk
|
libpng 1.6.39-r3 apk
|
||||||
libstdc++ 12.2.1_git20220924-r4 apk
|
libpq 15.3-r0 apk
|
||||||
libtasn1 4.19.0-r0 apk
|
libproc2 4.0.3-r1 apk
|
||||||
libunistring 1.1-r0 apk
|
libsasl 2.1.28-r4 apk
|
||||||
libuuid 2.38.1-r1 apk
|
libseccomp 2.5.4-r2 apk
|
||||||
libwebp 1.2.4-r1 apk
|
libsm 1.2.4-r1 apk
|
||||||
libx11 1.8.4-r0 apk
|
libsodium 1.0.18-r3 apk
|
||||||
libxau 1.0.10-r0 apk
|
libssl3 3.1.1-r1 apk
|
||||||
libxcb 1.15-r0 apk
|
libstdc++ 12.2.1_git20220924-r10 apk
|
||||||
libxdmcp 1.1.4-r0 apk
|
libtasn1 4.19.0-r1 apk
|
||||||
libxext 1.3.5-r0 apk
|
libunistring 1.1-r1 apk
|
||||||
libxml2 2.10.3-r1 apk
|
libuuid 2.38.1-r8 apk
|
||||||
libxpm 3.5.15-r0 apk
|
libwebp 1.3.1-r0 apk
|
||||||
libxslt 1.1.37-r0 apk
|
libx11 1.8.4-r4 apk
|
||||||
libxt 1.2.1-r0 apk
|
libxau 1.0.11-r2 apk
|
||||||
libzip 1.9.2-r2 apk
|
libxcb 1.15-r1 apk
|
||||||
linux-pam 1.5.2-r1 apk
|
libxdmcp 1.1.4-r2 apk
|
||||||
logrotate 3.20.1-r3 apk
|
libxext 1.3.5-r2 apk
|
||||||
loopialib 0.2.0 python
|
libxml2 2.11.4-r0 apk
|
||||||
lxml 4.9.2 python
|
libxpm 3.5.16-r1 apk
|
||||||
lz4-libs 1.9.4-r1 apk
|
libxslt 1.1.38-r0 apk
|
||||||
memcached 1.6.17 binary
|
libxt 1.3.0-r2 apk
|
||||||
memcached 1.6.17-r0 apk
|
libzip 1.9.2-r2 apk
|
||||||
mock 5.0.1 python
|
linux-pam 1.5.2-r10 apk
|
||||||
mpdecimal 2.5.1-r1 apk
|
logrotate 3.21.0-r1 apk
|
||||||
msal 1.21.0 python
|
loopialib 0.2.0 python
|
||||||
msal-extensions 1.0.0 python
|
lxml 4.9.2 python
|
||||||
msrest 0.7.1 python
|
lz4-libs 1.9.4-r4 apk
|
||||||
musl 1.2.3-r4 apk
|
marshmallow 3.19.0 python
|
||||||
musl-utils 1.2.3-r4 apk
|
marshmallow-enum 1.5.1 python
|
||||||
nano 7.0-r0 apk
|
memcached 1.6.21 binary
|
||||||
ncurses-libs 6.3_p20221119-r0 apk
|
memcached 1.6.21-r0 apk
|
||||||
ncurses-terminfo-base 6.3_p20221119-r0 apk
|
mock 5.0.2 python
|
||||||
netcat-openbsd 1.130-r4 apk
|
mpdecimal 2.5.1-r2 apk
|
||||||
nettle 3.8.1-r0 apk
|
msal 1.22.0 python
|
||||||
nghttp2-libs 1.51.0-r0 apk
|
msal-extensions 1.0.0 python
|
||||||
nginx 1.22.1-r0 apk
|
musl 1.2.4-r0 apk
|
||||||
nginx-mod-devel-kit 1.22.1-r0 apk
|
musl-utils 1.2.4-r0 apk
|
||||||
nginx-mod-http-brotli 1.22.1-r0 apk
|
mypy-extensions 1.0.0 python
|
||||||
nginx-mod-http-dav-ext 1.22.1-r0 apk
|
nano 7.2-r1 apk
|
||||||
nginx-mod-http-echo 1.22.1-r0 apk
|
ncurses-terminfo-base 6.4_p20230506-r0 apk
|
||||||
nginx-mod-http-fancyindex 1.22.1-r0 apk
|
netcat-openbsd 1.219-r1 apk
|
||||||
nginx-mod-http-geoip2 1.22.1-r0 apk
|
nettle 3.8.1-r2 apk
|
||||||
nginx-mod-http-headers-more 1.22.1-r0 apk
|
nghttp2-libs 1.53.0-r0 apk
|
||||||
nginx-mod-http-image-filter 1.22.1-r0 apk
|
nginx 1.24.0-r6 apk
|
||||||
nginx-mod-http-perl 1.22.1-r0 apk
|
nginx-mod-devel-kit 1.24.0-r6 apk
|
||||||
nginx-mod-http-redis2 1.22.1-r0 apk
|
nginx-mod-http-brotli 1.24.0-r6 apk
|
||||||
nginx-mod-http-set-misc 1.22.1-r0 apk
|
nginx-mod-http-dav-ext 1.24.0-r6 apk
|
||||||
nginx-mod-http-upload-progress 1.22.1-r0 apk
|
nginx-mod-http-echo 1.24.0-r6 apk
|
||||||
nginx-mod-http-xslt-filter 1.22.1-r0 apk
|
nginx-mod-http-fancyindex 1.24.0-r6 apk
|
||||||
nginx-mod-mail 1.22.1-r0 apk
|
nginx-mod-http-geoip2 1.24.0-r6 apk
|
||||||
nginx-mod-rtmp 1.22.1-r0 apk
|
nginx-mod-http-headers-more 1.24.0-r6 apk
|
||||||
nginx-mod-stream 1.22.1-r0 apk
|
nginx-mod-http-image-filter 1.24.0-r6 apk
|
||||||
nginx-mod-stream-geoip2 1.22.1-r0 apk
|
nginx-mod-http-perl 1.24.0-r6 apk
|
||||||
nginx-vim 1.22.1-r0 apk
|
nginx-mod-http-redis2 1.24.0-r6 apk
|
||||||
npth 1.6-r2 apk
|
nginx-mod-http-set-misc 1.24.0-r6 apk
|
||||||
oauth2client 4.1.3 python
|
nginx-mod-http-upload-progress 1.24.0-r6 apk
|
||||||
oauthlib 3.2.2 python
|
nginx-mod-http-xslt-filter 1.24.0-r6 apk
|
||||||
oniguruma 6.9.8-r0 apk
|
nginx-mod-mail 1.24.0-r6 apk
|
||||||
openssl 3.0.8-r0 apk
|
nginx-mod-rtmp 1.24.0-r6 apk
|
||||||
p11-kit 0.24.1-r1 apk
|
nginx-mod-stream 1.24.0-r6 apk
|
||||||
parsedatetime 2.6 python
|
nginx-mod-stream-geoip2 1.24.0-r6 apk
|
||||||
pcre 8.45-r2 apk
|
nginx-vim 1.24.0-r6 apk
|
||||||
pcre2 10.42-r0 apk
|
npth 1.6-r4 apk
|
||||||
perl 5.36.0-r0 apk
|
oniguruma 6.9.8-r1 apk
|
||||||
php-cli 8.1.16 binary
|
openssl 3.1.1-r1 apk
|
||||||
php-fpm 8.1.16 binary
|
p11-kit 0.24.1-r2 apk
|
||||||
php81 8.1.16-r0 apk
|
packaging 23.1 python
|
||||||
php81-bcmath 8.1.16-r0 apk
|
parsedatetime 2.6 python
|
||||||
php81-bz2 8.1.16-r0 apk
|
pcre 8.45-r3 apk
|
||||||
php81-common 8.1.16-r0 apk
|
pcre2 10.42-r1 apk
|
||||||
php81-ctype 8.1.16-r0 apk
|
perl 5.36.1-r2 apk
|
||||||
php81-curl 8.1.16-r0 apk
|
perl-error 0.17029-r1 apk
|
||||||
php81-dom 8.1.16-r0 apk
|
perl-git 2.40.1-r0 apk
|
||||||
php81-exif 8.1.16-r0 apk
|
php-cli 8.2.7 binary
|
||||||
php81-fileinfo 8.1.16-r0 apk
|
php-fpm 8.2.7 binary
|
||||||
php81-fpm 8.1.16-r0 apk
|
php82 8.2.7-r0 apk
|
||||||
php81-ftp 8.1.16-r0 apk
|
php82-bcmath 8.2.7-r0 apk
|
||||||
php81-gd 8.1.16-r0 apk
|
php82-bz2 8.2.7-r0 apk
|
||||||
php81-gmp 8.1.16-r0 apk
|
php82-common 8.2.7-r0 apk
|
||||||
php81-iconv 8.1.16-r0 apk
|
php82-ctype 8.2.7-r0 apk
|
||||||
php81-imap 8.1.16-r0 apk
|
php82-curl 8.2.7-r0 apk
|
||||||
php81-intl 8.1.16-r0 apk
|
php82-dom 8.2.7-r0 apk
|
||||||
php81-ldap 8.1.16-r0 apk
|
php82-exif 8.2.7-r0 apk
|
||||||
php81-mbstring 8.1.16-r0 apk
|
php82-fileinfo 8.2.7-r0 apk
|
||||||
php81-mysqli 8.1.16-r0 apk
|
php82-fpm 8.2.7-r0 apk
|
||||||
php81-mysqlnd 8.1.16-r0 apk
|
php82-ftp 8.2.7-r0 apk
|
||||||
php81-opcache 8.1.16-r0 apk
|
php82-gd 8.2.7-r0 apk
|
||||||
php81-openssl 8.1.16-r0 apk
|
php82-gmp 8.2.7-r0 apk
|
||||||
php81-pdo 8.1.16-r0 apk
|
php82-iconv 8.2.7-r0 apk
|
||||||
php81-pdo_mysql 8.1.16-r0 apk
|
php82-imap 8.2.7-r0 apk
|
||||||
php81-pdo_odbc 8.1.16-r0 apk
|
php82-intl 8.2.7-r0 apk
|
||||||
php81-pdo_pgsql 8.1.16-r0 apk
|
php82-ldap 8.2.7-r0 apk
|
||||||
php81-pdo_sqlite 8.1.16-r0 apk
|
php82-mbstring 8.2.7-r0 apk
|
||||||
php81-pear 8.1.16-r0 apk
|
php82-mysqli 8.2.7-r0 apk
|
||||||
php81-pecl-apcu 5.1.22-r0 apk
|
php82-mysqlnd 8.2.7-r0 apk
|
||||||
php81-pecl-igbinary 3.2.12-r0 apk
|
php82-opcache 8.2.7-r0 apk
|
||||||
php81-pecl-mailparse 3.1.4-r0 apk
|
php82-openssl 8.2.7-r0 apk
|
||||||
php81-pecl-mcrypt 1.0.6-r0 apk
|
php82-pdo 8.2.7-r0 apk
|
||||||
php81-pecl-memcached 3.2.0-r0 apk
|
php82-pdo_mysql 8.2.7-r0 apk
|
||||||
php81-pecl-redis 5.3.7-r0 apk
|
php82-pdo_odbc 8.2.7-r0 apk
|
||||||
php81-pecl-xmlrpc 1.0.0_rc3-r0 apk
|
php82-pdo_pgsql 8.2.7-r0 apk
|
||||||
php81-pgsql 8.1.16-r0 apk
|
php82-pdo_sqlite 8.2.7-r0 apk
|
||||||
php81-phar 8.1.16-r0 apk
|
php82-pear 8.2.7-r0 apk
|
||||||
php81-posix 8.1.16-r0 apk
|
php82-pecl-apcu 5.1.22-r0 apk
|
||||||
php81-session 8.1.16-r0 apk
|
php82-pecl-igbinary 3.2.14-r0 apk
|
||||||
php81-simplexml 8.1.16-r0 apk
|
php82-pecl-mcrypt 1.0.6-r0 apk
|
||||||
php81-soap 8.1.16-r0 apk
|
php82-pecl-memcached 3.2.0-r1 apk
|
||||||
php81-sockets 8.1.16-r0 apk
|
php82-pecl-msgpack 2.2.0-r0 apk
|
||||||
php81-sodium 8.1.16-r0 apk
|
php82-pecl-redis 5.3.7-r2 apk
|
||||||
php81-sqlite3 8.1.16-r0 apk
|
php82-pgsql 8.2.7-r0 apk
|
||||||
php81-tokenizer 8.1.16-r0 apk
|
php82-phar 8.2.7-r0 apk
|
||||||
php81-xml 8.1.16-r0 apk
|
php82-posix 8.2.7-r0 apk
|
||||||
php81-xmlreader 8.1.16-r0 apk
|
php82-session 8.2.7-r0 apk
|
||||||
php81-xmlwriter 8.1.16-r0 apk
|
php82-simplexml 8.2.7-r0 apk
|
||||||
php81-xsl 8.1.16-r0 apk
|
php82-soap 8.2.7-r0 apk
|
||||||
php81-zip 8.1.16-r0 apk
|
php82-sockets 8.2.7-r0 apk
|
||||||
pinentry 1.2.1-r0 apk
|
php82-sodium 8.2.7-r0 apk
|
||||||
pip 23.0.1 python
|
php82-sqlite3 8.2.7-r0 apk
|
||||||
pkb-client 1.2 python
|
php82-tokenizer 8.2.7-r0 apk
|
||||||
popt 1.19-r0 apk
|
php82-xml 8.2.7-r0 apk
|
||||||
portalocker 2.7.0 python
|
php82-xmlreader 8.2.7-r0 apk
|
||||||
procps 3.3.17-r2 apk
|
php82-xmlwriter 8.2.7-r0 apk
|
||||||
protobuf 4.22.1 python
|
php82-xsl 8.2.7-r0 apk
|
||||||
pyOpenSSL 23.0.0 python
|
php82-zip 8.2.7-r0 apk
|
||||||
pyRFC3339 1.1 python
|
pinentry 1.2.1-r1 apk
|
||||||
pyacmedns 0.4 python
|
pip 23.1.2 python
|
||||||
pyasn1 0.4.8 python
|
pkb-client 1.2 python
|
||||||
pyasn1-modules 0.2.8 python
|
popt 1.19-r2 apk
|
||||||
pycparser 2.21 python
|
portalocker 2.7.0 python
|
||||||
pyparsing 3.0.9 python
|
procps-ng 4.0.3-r1 apk
|
||||||
python 3.10.10 binary
|
protobuf 4.23.3 python
|
||||||
python-dateutil 2.8.2 python
|
publicsuffixlist 0.9.4 python
|
||||||
python-digitalocean 1.17.0 python
|
pyOpenSSL 23.2.0 python
|
||||||
python-transip 0.6.0 python
|
pyRFC3339 1.1 python
|
||||||
python3 3.10.10-r0 apk
|
pyacmedns 0.4 python
|
||||||
pytz 2022.7.1 python
|
pyasn1 0.5.0 python
|
||||||
readline 8.2.0-r0 apk
|
pyasn1-modules 0.3.0 python
|
||||||
requests 2.28.2 python
|
pyc 0.1-r0 apk
|
||||||
requests-file 1.5.1 python
|
pycparser 2.21 python
|
||||||
requests-mock 1.10.0 python
|
pyparsing 3.1.0 python
|
||||||
requests-oauthlib 1.3.1 python
|
python 3.11.4 binary
|
||||||
rsa 4.9 python
|
python-dateutil 2.8.2 python
|
||||||
s3transfer 0.6.0 python
|
python-digitalocean 1.17.0 python
|
||||||
scanelf 1.3.5-r1 apk
|
python-transip 0.6.0 python
|
||||||
setuptools 65.5.0 python
|
python3 3.11.4-r0 apk
|
||||||
shadow 4.13-r0 apk
|
python3-pyc 3.11.4-r0 apk
|
||||||
six 1.16.0 python
|
python3-pycache-pyc0 3.11.4-r0 apk
|
||||||
skalibs 2.12.0.1-r0 apk
|
pytz 2023.3 python
|
||||||
soupsieve 2.4 python
|
readline 8.2.1-r1 apk
|
||||||
sqlite-libs 3.40.1-r0 apk
|
requests 2.31.0 python
|
||||||
ssl_client 1.35.0-r29 apk
|
requests-file 1.5.1 python
|
||||||
tiff 4.4.0-r1 apk
|
requests-mock 1.11.0 python
|
||||||
tldextract 3.4.0 python
|
rsa 4.9 python
|
||||||
typing_extensions 4.5.0 python
|
s3transfer 0.6.1 python
|
||||||
tzdata 2022f-r1 apk
|
scanelf 1.3.7-r1 apk
|
||||||
unixodbc 2.3.11-r0 apk
|
setuptools 65.5.0 python
|
||||||
uritemplate 4.1.1 python
|
shadow 4.13-r4 apk
|
||||||
urllib3 1.26.14 python
|
six 1.16.0 python
|
||||||
utmps-libs 0.1.2.0-r1 apk
|
skalibs 2.13.1.1-r1 apk
|
||||||
wheel 0.38.4 python
|
soupsieve 2.4.1 python
|
||||||
whois 5.5.14-r0 apk
|
sqlite-libs 3.41.2-r2 apk
|
||||||
xz 5.2.9-r0 apk
|
ssl_client 1.36.1-r0 apk
|
||||||
xz-libs 5.2.9-r0 apk
|
tiff 4.5.1-r0 apk
|
||||||
zipp 3.15.0 python
|
tldextract 3.4.4 python
|
||||||
zlib 1.2.13-r0 apk
|
typing-inspect 0.9.0 python
|
||||||
zope.interface 5.5.2 python
|
typing_extensions 4.7.0 python
|
||||||
zstd-libs 1.5.2-r9 apk
|
tzdata 2023c-r1 apk
|
||||||
|
unixodbc 2.3.11-r2 apk
|
||||||
|
uritemplate 4.1.1 python
|
||||||
|
urllib3 1.26.16 python
|
||||||
|
utmps-libs 0.1.2.1-r1 apk
|
||||||
|
wheel 0.40.0 python
|
||||||
|
whois 5.5.17-r0 apk
|
||||||
|
xz-libs 5.4.3-r0 apk
|
||||||
|
zipp 3.15.0 python
|
||||||
|
zlib 1.2.13-r1 apk
|
||||||
|
zope.interface 6.0 python
|
||||||
|
zstd-libs 1.5.5-r4 apk
|
||||||
|
|||||||
@@ -14,7 +14,6 @@ project_blurb_optional_extras: []
|
|||||||
available_architectures:
|
available_architectures:
|
||||||
- { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
|
- { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
|
||||||
- { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
|
- { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
|
||||||
- { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
|
|
||||||
|
|
||||||
# development version
|
# development version
|
||||||
development_versions: false
|
development_versions: false
|
||||||
@@ -51,7 +50,7 @@ opt_param_usage_include_env: true
|
|||||||
opt_param_env_vars:
|
opt_param_env_vars:
|
||||||
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
||||||
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
||||||
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
||||||
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
||||||
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
||||||
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
||||||
@@ -154,6 +153,12 @@ app_setup_block: |
|
|||||||
|
|
||||||
# changelog
|
# changelog
|
||||||
changelogs:
|
changelogs:
|
||||||
|
- { date: "25.05.23:", desc: "Rebase to Alpine 3.18, deprecate armhf." }
|
||||||
|
- { date: "27.04.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf, authentik-location.conf, authentik-server.conf - Simplify auth configs and fix Set-Cookie header bug." }
|
||||||
|
- { date: "13.04.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik." }
|
||||||
|
- { date: "25.03.23:", desc: "Fix renewal post hook." }
|
||||||
|
- { date: "10.03.23:", desc: "Cleanup unused csr and keys folders. See [certbot 2.3.0 release notes](https://github.com/certbot/certbot/releases/tag/v2.3.0)." }
|
||||||
|
- { date: "09.03.23:", desc: "Add Google Domains DNS support, `google-domains`." }
|
||||||
- { date: "02.03.23:", desc: "Set permissions on crontabs during init." }
|
- { date: "02.03.23:", desc: "Set permissions on crontabs during init." }
|
||||||
- { date: "09.02.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs." }
|
- { date: "09.02.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs." }
|
||||||
- { date: "06.02.23:", desc: "Add porkbun support back in." }
|
- { date: "06.02.23:", desc: "Add porkbun support back in." }
|
||||||
|
|||||||
4
root/defaults/dns-conf/google-domains.ini
Normal file
4
root/defaults/dns-conf/google-domains.ini
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
# Instructions: https://github.com/aaomidi/certbot-dns-google-domains#credentials
|
||||||
|
# Replace with your value
|
||||||
|
dns_google_domains_access_token = abcdef
|
||||||
|
dns_google_domains_zone = example.com
|
||||||
@@ -5,7 +5,7 @@
|
|||||||
. /config/.donoteditthisfile.conf
|
. /config/.donoteditthisfile.conf
|
||||||
|
|
||||||
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
|
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
|
||||||
if pgrep -f "s6-supervise nginx" >/dev/null; then
|
if pgrep -f "s6-supervise svc-nginx" >/dev/null; then
|
||||||
s6-svc -u /run/service/svc-nginx
|
s6-svc -u /run/service/svc-nginx
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
|
|||||||
@@ -3,5 +3,3 @@
|
|||||||
[Definition]
|
[Definition]
|
||||||
|
|
||||||
failregex = ^<HOST>.*"(GET|POST|HEAD).*" (401) .*$
|
failregex = ^<HOST>.*"(GET|POST|HEAD).*" (401) .*$
|
||||||
|
|
||||||
ignoreregex = .*(?i)plex.*
|
|
||||||
|
|||||||
@@ -1,29 +1,27 @@
|
|||||||
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
|
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
|
||||||
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
||||||
# Rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf
|
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
||||||
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
||||||
|
|
||||||
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource.
|
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource
|
||||||
auth_request /authelia/api/verify;
|
auth_request /authelia/api/verify;
|
||||||
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal.
|
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
||||||
error_page 401 = @authelia_proxy_signin;
|
error_page 401 = @authelia_proxy_signin;
|
||||||
|
|
||||||
## Translate response headers from Authelia into variables
|
## Translate the user information response headers from the auth subrequest into variables
|
||||||
auth_request_set $user $upstream_http_remote_user;
|
auth_request_set $email $upstream_http_remote_email;
|
||||||
auth_request_set $groups $upstream_http_remote_groups;
|
auth_request_set $groups $upstream_http_remote_groups;
|
||||||
auth_request_set $name $upstream_http_remote_name;
|
auth_request_set $name $upstream_http_remote_name;
|
||||||
auth_request_set $email $upstream_http_remote_email;
|
auth_request_set $user $upstream_http_remote_user;
|
||||||
auth_request_set $authorization $upstream_http_authorization;
|
|
||||||
auth_request_set $proxy_authorization $upstream_http_proxy_authorization;
|
|
||||||
|
|
||||||
## Inject the response header variables into the request made to the actual upstream
|
## Inject the user information into the request made to the actual upstream
|
||||||
proxy_set_header Remote-User $user;
|
proxy_set_header Remote-Email $email;
|
||||||
proxy_set_header Remote-Groups $groups;
|
proxy_set_header Remote-Groups $groups;
|
||||||
proxy_set_header Remote-Name $name;
|
proxy_set_header Remote-Name $name;
|
||||||
proxy_set_header Remote-Email $email;
|
proxy_set_header Remote-User $user;
|
||||||
proxy_set_header Authorization $authorization;
|
|
||||||
proxy_set_header Proxy-Authorization $proxy_authorization;
|
|
||||||
|
|
||||||
## Include the Set-Cookie header if present.
|
## Translate the Set-Cookie response header from the auth subrequest into a variable
|
||||||
auth_request_set $set_cookie $upstream_http_set_cookie;
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
add_header Set-Cookie $set_cookie;
|
|
||||||
|
## Translate the Location response header from the auth subrequest into a variable
|
||||||
|
auth_request_set $signin_url $upstream_http_location;
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
||||||
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
||||||
# Rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf
|
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
||||||
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
||||||
|
|
||||||
# location for authelia subfolder requests
|
# location for authelia subfolder requests
|
||||||
@@ -19,9 +19,9 @@ location = /authelia/api/verify {
|
|||||||
include /config/nginx/proxy.conf;
|
include /config/nginx/proxy.conf;
|
||||||
include /config/nginx/resolver.conf;
|
include /config/nginx/resolver.conf;
|
||||||
set $upstream_authelia authelia;
|
set $upstream_authelia authelia;
|
||||||
proxy_pass http://$upstream_authelia:9091/authelia/api/verify;
|
proxy_pass http://$upstream_authelia:9091;
|
||||||
|
|
||||||
## Include the Set-Cookie header if present.
|
## Include the Set-Cookie header if present
|
||||||
auth_request_set $set_cookie $upstream_http_set_cookie;
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
add_header Set-Cookie $set_cookie;
|
add_header Set-Cookie $set_cookie;
|
||||||
|
|
||||||
@@ -29,27 +29,25 @@ location = /authelia/api/verify {
|
|||||||
proxy_set_header Content-Length "";
|
proxy_set_header Content-Length "";
|
||||||
}
|
}
|
||||||
|
|
||||||
# Virtual location for authelia 401 redirects
|
# virtual location for authelia 401 redirects
|
||||||
location @authelia_proxy_signin {
|
location @authelia_proxy_signin {
|
||||||
internal;
|
internal;
|
||||||
|
|
||||||
## Set the $target_url variable based on the original request.
|
## Include the Set-Cookie header if present
|
||||||
set_escape_uri $target_url $scheme://$http_host$request_uri;
|
|
||||||
|
|
||||||
## Include the Set-Cookie header if present.
|
|
||||||
auth_request_set $set_cookie $upstream_http_set_cookie;
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
add_header Set-Cookie $set_cookie;
|
add_header Set-Cookie $set_cookie;
|
||||||
|
|
||||||
## Set $authelia_backend to route requests to the current domain by default
|
## Set the $target_url variable based on the original request
|
||||||
set $authelia_backend $http_host;
|
set_escape_uri $target_url $scheme://$http_host$request_uri;
|
||||||
## In order for Webauthn to work with multiple domains authelia must operate on a separate subdomain
|
|
||||||
## To use authelia on a separate subdomain:
|
|
||||||
## * comment the $authelia_backend line above
|
|
||||||
## * rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf
|
|
||||||
## * make sure that your dns has a cname set for authelia
|
|
||||||
## * uncomment the $authelia_backend line below and change example.com to your domain
|
|
||||||
## * restart the swag container
|
|
||||||
#set $authelia_backend authelia.example.com;
|
|
||||||
|
|
||||||
return 302 https://$authelia_backend/authelia/?rd=$target_url;
|
## Translate the Location response header from the auth subrequest into a variable
|
||||||
|
auth_request_set $signin_url $upstream_http_location;
|
||||||
|
|
||||||
|
if ($signin_url = '') {
|
||||||
|
## Set the $signin_url variable
|
||||||
|
set $signin_url https://$http_host/authelia/?rd=$target_url;
|
||||||
|
}
|
||||||
|
|
||||||
|
## Redirect to login
|
||||||
|
return 302 $signin_url;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,26 +1,25 @@
|
|||||||
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-location.conf.sample
|
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-location.conf.sample
|
||||||
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
|
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
|
||||||
# Rename /config/nginx/proxy-confs/authentik.conf.sample to /config/nginx/proxy-confs/authentik.conf
|
# Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf
|
||||||
|
|
||||||
## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource.
|
## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource
|
||||||
auth_request /outpost.goauthentik.io/auth/nginx;
|
auth_request /outpost.goauthentik.io/auth/nginx;
|
||||||
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal.
|
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
||||||
error_page 401 = @goauthentik_proxy_signin;
|
error_page 401 = @goauthentik_proxy_signin;
|
||||||
|
|
||||||
## Translate response headers from Authentik into variables
|
## Translate the user information response headers from the auth subrequest into variables
|
||||||
auth_request_set $authentik_username $upstream_http_x_authentik_username;
|
|
||||||
auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
|
|
||||||
auth_request_set $authentik_email $upstream_http_x_authentik_email;
|
auth_request_set $authentik_email $upstream_http_x_authentik_email;
|
||||||
|
auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
|
||||||
auth_request_set $authentik_name $upstream_http_x_authentik_name;
|
auth_request_set $authentik_name $upstream_http_x_authentik_name;
|
||||||
auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
|
auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
|
||||||
|
auth_request_set $authentik_username $upstream_http_x_authentik_username;
|
||||||
|
|
||||||
## Inject the response header variables into the request made to the actual upstream
|
## Inject the user information into the request made to the actual upstream
|
||||||
proxy_set_header X-authentik-username $authentik_username;
|
|
||||||
proxy_set_header X-authentik-groups $authentik_groups;
|
|
||||||
proxy_set_header X-authentik-email $authentik_email;
|
proxy_set_header X-authentik-email $authentik_email;
|
||||||
|
proxy_set_header X-authentik-groups $authentik_groups;
|
||||||
proxy_set_header X-authentik-name $authentik_name;
|
proxy_set_header X-authentik-name $authentik_name;
|
||||||
proxy_set_header X-authentik-uid $authentik_uid;
|
proxy_set_header X-authentik-uid $authentik_uid;
|
||||||
|
proxy_set_header X-authentik-username $authentik_username;
|
||||||
|
|
||||||
## Include the Set-Cookie header if present.
|
## Translate the Set-Cookie response header from the auth subrequest into a variable
|
||||||
auth_request_set $set_cookie $upstream_http_set_cookie;
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
add_header Set-Cookie $set_cookie;
|
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
|
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
|
||||||
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
|
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
|
||||||
# Rename /config/nginx/proxy-confs/authentik.conf.sample to /config/nginx/proxy-confs/authentik.conf
|
# Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf
|
||||||
|
|
||||||
# location for authentik subfolder requests
|
# location for authentik subfolder requests
|
||||||
location ^~ /outpost.goauthentik.io {
|
location ^~ /outpost.goauthentik.io {
|
||||||
@@ -18,9 +18,9 @@ location = /outpost.goauthentik.io/auth/nginx {
|
|||||||
include /config/nginx/proxy.conf;
|
include /config/nginx/proxy.conf;
|
||||||
include /config/nginx/resolver.conf;
|
include /config/nginx/resolver.conf;
|
||||||
set $upstream_authentik authentik-server;
|
set $upstream_authentik authentik-server;
|
||||||
proxy_pass http://$upstream_authentik:9000/outpost.goauthentik.io/auth/nginx;
|
proxy_pass http://$upstream_authentik:9000;
|
||||||
|
|
||||||
## Include the Set-Cookie header if present.
|
## Include the Set-Cookie header if present
|
||||||
auth_request_set $set_cookie $upstream_http_set_cookie;
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
add_header Set-Cookie $set_cookie;
|
add_header Set-Cookie $set_cookie;
|
||||||
|
|
||||||
@@ -28,18 +28,20 @@ location = /outpost.goauthentik.io/auth/nginx {
|
|||||||
proxy_set_header Content-Length "";
|
proxy_set_header Content-Length "";
|
||||||
}
|
}
|
||||||
|
|
||||||
# Virtual location for authentik 401 redirects
|
# virtual location for authentik 401 redirects
|
||||||
location @goauthentik_proxy_signin {
|
location @goauthentik_proxy_signin {
|
||||||
internal;
|
internal;
|
||||||
|
|
||||||
## Set the $target_url variable based on the original request.
|
## Include the Set-Cookie header if present
|
||||||
set_escape_uri $target_url $scheme://$http_host$request_uri;
|
|
||||||
|
|
||||||
## Include the Set-Cookie header if present.
|
|
||||||
auth_request_set $set_cookie $upstream_http_set_cookie;
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
add_header Set-Cookie $set_cookie;
|
add_header Set-Cookie $set_cookie;
|
||||||
|
|
||||||
## Set $authentik_backend to route requests to the current domain by default
|
## Set the $target_url variable based on the original request
|
||||||
set $authentik_backend $http_host;
|
set_escape_uri $target_url $scheme://$http_host$request_uri;
|
||||||
return 302 https://$authentik_backend/outpost.goauthentik.io/start?rd=$target_url;
|
|
||||||
|
## Set the $signin_url variable
|
||||||
|
set $signin_url https://$http_host/outpost.goauthentik.io/start?rd=$target_url;
|
||||||
|
|
||||||
|
## Redirect to login
|
||||||
|
return 302 $signin_url;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
|
## Version 2023/06/05 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
|
||||||
|
|
||||||
# redirect all traffic to https
|
# redirect all traffic to https
|
||||||
server {
|
server {
|
||||||
@@ -17,6 +17,8 @@ server {
|
|||||||
|
|
||||||
server_name _;
|
server_name _;
|
||||||
|
|
||||||
|
include /config/nginx/ssl.conf;
|
||||||
|
|
||||||
root /config/www;
|
root /config/www;
|
||||||
index index.html index.htm index.php;
|
index index.html index.htm index.php;
|
||||||
|
|
||||||
@@ -50,6 +52,19 @@ server {
|
|||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^(.+\.php)(.*)$ {
|
location ~ ^(.+\.php)(.*)$ {
|
||||||
|
# enable the next two lines for http auth
|
||||||
|
#auth_basic "Restricted";
|
||||||
|
#auth_basic_user_file /config/nginx/.htpasswd;
|
||||||
|
|
||||||
|
# enable for ldap auth (requires ldap-server.conf in the server block)
|
||||||
|
#include /config/nginx/ldap-location.conf;
|
||||||
|
|
||||||
|
# enable for Authelia (requires authelia-server.conf in the server block)
|
||||||
|
#include /config/nginx/authelia-location.conf;
|
||||||
|
|
||||||
|
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||||
|
#include /config/nginx/authentik-location.conf;
|
||||||
|
|
||||||
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
||||||
fastcgi_pass 127.0.0.1:9000;
|
fastcgi_pass 127.0.0.1:9000;
|
||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
|
|||||||
@@ -24,23 +24,24 @@ for i in "${SANED_VARS[@]}"; do
|
|||||||
done
|
done
|
||||||
|
|
||||||
# check to make sure DNSPLUGIN is selected if dns validation is used
|
# check to make sure DNSPLUGIN is selected if dns validation is used
|
||||||
if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
|
if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|google-domains|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
|
||||||
echo "Please set the DNSPLUGIN variable to a valid plugin name. See docker info for more details."
|
echo "Please set the DNSPLUGIN variable to a valid plugin name. See docker info for more details."
|
||||||
sleep infinity
|
sleep infinity
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# copy dns default configs
|
# copy dns default configs
|
||||||
cp -n /defaults/dns-conf/* /config/dns-conf/
|
cp -n /defaults/dns-conf/* /config/dns-conf/ 2> >(grep -v 'cp: not replacing')
|
||||||
lsiown -R abc:abc /config/dns-conf
|
lsiown -R abc:abc /config/dns-conf
|
||||||
|
|
||||||
# copy default renewal hooks
|
# copy default renewal hooks
|
||||||
chmod -R +x /defaults/etc/letsencrypt/renewal-hooks
|
chmod -R +x /defaults/etc/letsencrypt/renewal-hooks
|
||||||
cp -nR /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/
|
cp -nR /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/ 2> >(grep -v 'cp: not replacing')
|
||||||
lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
|
lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
|
||||||
|
|
||||||
# replace nginx service location in renewal hooks
|
# replace nginx service location in renewal hooks
|
||||||
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/run/service/nginx|/run/service/svc-nginx|g' {} \;
|
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/run/service/nginx|/run/service/svc-nginx|g' {} \;
|
||||||
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/var/run/s6/services/nginx|/run/service/svc-nginx|g' {} \;
|
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/var/run/s6/services/nginx|/run/service/svc-nginx|g' {} \;
|
||||||
|
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|s6-supervise nginx|s6-supervise svc-nginx|g' {} \;
|
||||||
|
|
||||||
# create original config file if it doesn't exist, move non-hidden legacy file to hidden
|
# create original config file if it doesn't exist, move non-hidden legacy file to hidden
|
||||||
if [[ -f "/config/donoteditthisfile.conf" ]]; then
|
if [[ -f "/config/donoteditthisfile.conf" ]]; then
|
||||||
@@ -140,6 +141,10 @@ else
|
|||||||
ln -s ../etc/letsencrypt/live/"${URL}" /config/keys/letsencrypt
|
ln -s ../etc/letsencrypt/live/"${URL}" /config/keys/letsencrypt
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# cleanup unused csr and keys folders
|
||||||
|
rm -rf /etc/letsencrypt/csr
|
||||||
|
rm -rf /etc/letsencrypt/keys
|
||||||
|
|
||||||
# checking for changes in cert variables, revoking certs if necessary
|
# checking for changes in cert variables, revoking certs if necessary
|
||||||
if [[ ! "${URL}" = "${ORIGURL}" ]] ||
|
if [[ ! "${URL}" = "${ORIGURL}" ]] ||
|
||||||
[[ ! "${SUBDOMAINS}" = "${ORIGSUBDOMAINS}" ]] ||
|
[[ ! "${SUBDOMAINS}" = "${ORIGSUBDOMAINS}" ]] ||
|
||||||
@@ -269,7 +274,7 @@ if [[ "${VALIDATION}" = "dns" ]]; then
|
|||||||
DNSCREDENTIALSPARAM=""
|
DNSCREDENTIALSPARAM=""
|
||||||
fi
|
fi
|
||||||
# plugins that don't support setting propagation
|
# plugins that don't support setting propagation
|
||||||
if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|standalone)$ ]]; then
|
if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|route53|standalone)$ ]]; then
|
||||||
if [[ -n "${PROPAGATION}" ]]; then echo "${DNSPLUGIN} dns plugin does not support setting propagation time"; fi
|
if [[ -n "${PROPAGATION}" ]]; then echo "${DNSPLUGIN} dns plugin does not support setting propagation time"; fi
|
||||||
PROPAGATIONPARAM=""
|
PROPAGATIONPARAM=""
|
||||||
fi
|
fi
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ if [[ ! -f /config/crontabs/root ]]; then
|
|||||||
|
|
||||||
# if crontabs still do not exist in config (were not copied from system)
|
# if crontabs still do not exist in config (were not copied from system)
|
||||||
# copy crontab from included defaults (using -n, do not overwrite an existing file)
|
# copy crontab from included defaults (using -n, do not overwrite an existing file)
|
||||||
cp -n /etc/crontabs/root /config/crontabs/
|
cp -n /etc/crontabs/root /config/crontabs/ 2> >(grep -v 'cp: not replacing')
|
||||||
fi
|
fi
|
||||||
# set permissions and import user crontabs
|
# set permissions and import user crontabs
|
||||||
lsiown root:root /config/crontabs/root
|
lsiown root:root /config/crontabs/root
|
||||||
@@ -31,7 +31,7 @@ if [[ ! -f /config/crontabs/abc ]]; then
|
|||||||
|
|
||||||
# if crontabs still do not exist in config (were not copied from system)
|
# if crontabs still do not exist in config (were not copied from system)
|
||||||
# copy crontab from included defaults (using -n, do not overwrite an existing file)
|
# copy crontab from included defaults (using -n, do not overwrite an existing file)
|
||||||
cp -n /etc/crontabs/abc /config/crontabs/
|
cp -n /etc/crontabs/abc /config/crontabs/ 2> >(grep -v 'cp: not replacing')
|
||||||
fi
|
fi
|
||||||
# set permissions and import user crontabs
|
# set permissions and import user crontabs
|
||||||
lsiown abc:abc /config/crontabs/abc
|
lsiown abc:abc /config/crontabs/abc
|
||||||
|
|||||||
Reference in New Issue
Block a user