mirror of
https://github.com/linuxserver/docker-swag.git
synced 2026-03-13 21:55:15 +09:00
Compare commits
165 Commits
2.7.4-ls25
...
2.11.0-ls3
| Author | SHA1 | Date | |
|---|---|---|---|
|
5b096a8a66 | ||
|
|
eb6dba6cbe | ||
|
|
afd6c9d827 | ||
|
daa84f28b4 | ||
|
|
cd931076e4 | ||
|
|
f5ce44887f | ||
|
|
875a17dfc7 | ||
|
|
210134745d | ||
|
|
9d469c2957 | ||
|
|
37e64ebdac | ||
|
|
47fc525094 | ||
|
|
77accb3762 | ||
|
|
7dcce8b346 | ||
|
|
03286fc238 | ||
|
|
7391dc1bcf | ||
|
|
a7ea6a955b | ||
|
|
e149638808 | ||
|
|
41cb7cb104 | ||
|
|
1499cbe7de | ||
|
|
5a7d49ec43 | ||
|
|
efc2f55f48 | ||
|
|
95c13d0082 | ||
|
|
e05fc4b1e3 | ||
|
|
099e0e75a4 | ||
|
|
fc1675f3a1 | ||
|
|
dc1bc6d5b3 | ||
|
|
db6f61bd27 | ||
|
|
67f864c7b9 | ||
|
3f885d0415 | ||
|
|
280c4bde4b | ||
|
|
59e7865464 | ||
|
|
5c58fa9383 | ||
|
|
ae19b93cc7 | ||
|
|
5dee340726 | ||
|
|
3109ff8d9c | ||
|
|
4239dc22d4 | ||
|
|
44c6bd721b | ||
|
|
d4a6be8fad | ||
|
a66b478d1d | ||
|
|
9efac76e25 | ||
|
|
23c6384f2c | ||
|
|
13ede8ea87 | ||
|
|
a9391d07ee | ||
|
|
a00d272297 | ||
|
|
0207bd8f30 | ||
|
|
3fd209d686 | ||
|
|
87ced3fd3e | ||
|
|
3e342b0529 | ||
|
|
c9504bb55f | ||
|
|
2573149089 | ||
|
|
9b3f418afd | ||
|
|
c63b437e1f | ||
|
|
f14c6a7a3a | ||
|
|
4b4c103df4 | ||
|
|
26203c8c40 | ||
|
|
259850fcc5 | ||
|
|
c6474f07ea | ||
|
|
b6a196b93a | ||
|
|
3967276f06 | ||
|
|
4853736c4e | ||
|
|
a8d03c5280 | ||
|
|
907dfc8c03 | ||
|
|
bf21a51e10 | ||
|
|
32f72ac0b4 | ||
|
|
970fa75e87 | ||
|
|
137ad9f52e | ||
|
|
5d0ec79ac5 | ||
|
|
3145477f72 | ||
|
|
58b9470c52 | ||
|
|
68f5cf8d9e | ||
|
|
e8d452f4ce | ||
|
|
4abd6c9890 | ||
|
|
c335faabdc | ||
|
|
204dd90f9d | ||
|
|
92bfbc19cd | ||
|
|
cb3c74a6ee | ||
|
|
b7f40863fe | ||
|
|
ec6fca9418 | ||
|
|
25a2832056 | ||
|
|
3eabd75388 | ||
|
|
6ed17c1d52 | ||
|
|
e568785908 | ||
|
|
bcee5182e6 | ||
|
|
514cf42606 | ||
|
|
270a0d57c9 | ||
|
|
6f51d8be26 | ||
|
|
d915d516cd | ||
|
|
ffb03a03f5 | ||
|
|
9693b5884f | ||
|
|
87ca95c8c2 | ||
|
1a376a6975 | ||
|
|
8e74593f2c | ||
|
|
00d1bce24d | ||
|
|
be853fcb4b | ||
|
|
2fb6c1f51f | ||
|
|
9339d287d2 | ||
|
|
6b62a27bf0 | ||
|
|
c50ca83ef9 | ||
|
|
bd94a67024 | ||
|
|
11e060174b | ||
|
5f8a531a93 | ||
|
|
d2f843c4d1 | ||
|
|
ad6bb30bfc | ||
|
|
11991aa0b3 | ||
|
|
c76e664965 | ||
|
|
ccbd19fe62 | ||
|
|
2573b79bad | ||
|
|
0e5ba91588 | ||
|
|
4f92460b29 | ||
|
|
ad1884e5b4 | ||
|
|
70bea0a816 | ||
|
|
85e44eb399 | ||
|
|
4d3f30b67c | ||
|
|
9da97969f8 | ||
|
|
2cd84ad12b | ||
|
|
757ef31216 | ||
|
|
767aad2286 | ||
|
|
4cb18bc106 | ||
|
|
b1cf98d214 | ||
|
|
48dfde26c7 | ||
|
|
320404d358 | ||
|
|
52ae487bea | ||
|
|
65f62d14a6 | ||
|
|
accd20cc7a | ||
|
|
24b3540da5 | ||
|
|
bc31b51afb | ||
|
|
bf6ab14281 | ||
|
|
7c5d1d886c | ||
|
|
5b77a54620 | ||
|
|
3b1478667b | ||
|
|
0ddf8a270b | ||
|
|
dabbaa3b14 | ||
|
|
bdd5e047ee | ||
|
|
78689b02e2 | ||
|
|
6c1c4cd00a | ||
|
|
31cef5050f | ||
|
|
52e8f7223e | ||
|
|
1abab5cb6d | ||
|
|
0061faef15 | ||
|
|
6e64bcbd7e | ||
|
|
b9dd1b7c5a | ||
|
|
e9bceab763 | ||
|
|
eba3c341fa | ||
|
|
5fc5825afd | ||
|
|
de18e4ef24 | ||
|
|
fbe212b67c | ||
|
|
2ca6807b64 | ||
|
|
e3560414dc | ||
|
|
2f4162578f | ||
|
|
2697b74a8c | ||
|
|
bd685533a2 | ||
|
|
287b952aea | ||
|
|
576b81ab91 | ||
|
|
8b0df1fcbb | ||
|
|
efdfa45f37 | ||
|
|
278b57fb47 | ||
|
|
82e85d22c1 | ||
|
|
8b49f2b0d4 | ||
|
|
8fdb472564 | ||
|
|
23728cba0b | ||
|
|
7e1db9c562 | ||
|
|
919b8ac152 | ||
|
|
0b738d9ee0 | ||
|
|
269e9cdd3f | ||
|
|
17387674b8 |
4
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
4
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
@@ -67,10 +67,10 @@ body:
|
|||||||
- type: textarea
|
- type: textarea
|
||||||
attributes:
|
attributes:
|
||||||
description: |
|
description: |
|
||||||
Provide a full docker log, output of "docker logs linuxserver.io"
|
Provide a full docker log, output of "docker logs swag"
|
||||||
label: Container logs
|
label: Container logs
|
||||||
placeholder: |
|
placeholder: |
|
||||||
Output of `docker logs linuxserver.io`
|
Output of `docker logs swag`
|
||||||
render: bash
|
render: bash
|
||||||
validations:
|
validations:
|
||||||
required: true
|
required: true
|
||||||
|
|||||||
2
.github/workflows/external_trigger.yml
vendored
2
.github/workflows/external_trigger.yml
vendored
@@ -7,7 +7,7 @@ jobs:
|
|||||||
external-trigger-master:
|
external-trigger-master:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
|
|
||||||
- name: External Trigger
|
- name: External Trigger
|
||||||
if: github.ref == 'refs/heads/master'
|
if: github.ref == 'refs/heads/master'
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ jobs:
|
|||||||
external-trigger-scheduler:
|
external-trigger-scheduler:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
with:
|
with:
|
||||||
fetch-depth: '0'
|
fetch-depth: '0'
|
||||||
|
|
||||||
|
|||||||
2
.github/workflows/package_trigger.yml
vendored
2
.github/workflows/package_trigger.yml
vendored
@@ -7,7 +7,7 @@ jobs:
|
|||||||
package-trigger-master:
|
package-trigger-master:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
|
|
||||||
- name: Package Trigger
|
- name: Package Trigger
|
||||||
if: github.ref == 'refs/heads/master'
|
if: github.ref == 'refs/heads/master'
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ jobs:
|
|||||||
package-trigger-scheduler:
|
package-trigger-scheduler:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
with:
|
with:
|
||||||
fetch-depth: '0'
|
fetch-depth: '0'
|
||||||
|
|
||||||
|
|||||||
2
.github/workflows/permissions.yml
vendored
2
.github/workflows/permissions.yml
vendored
@@ -5,6 +5,8 @@ on:
|
|||||||
- '**/run'
|
- '**/run'
|
||||||
- '**/finish'
|
- '**/finish'
|
||||||
- '**/check'
|
- '**/check'
|
||||||
|
- 'root/migrations/*'
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
permission_check:
|
permission_check:
|
||||||
uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
|
uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1
|
||||||
|
|||||||
74
Dockerfile
74
Dockerfile
@@ -1,6 +1,6 @@
|
|||||||
# syntax=docker/dockerfile:1
|
# syntax=docker/dockerfile:1
|
||||||
|
|
||||||
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.18
|
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.20
|
||||||
|
|
||||||
# set version label
|
# set version label
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
@@ -45,39 +45,38 @@ RUN \
|
|||||||
nginx-mod-stream \
|
nginx-mod-stream \
|
||||||
nginx-mod-stream-geoip2 \
|
nginx-mod-stream-geoip2 \
|
||||||
nginx-vim \
|
nginx-vim \
|
||||||
php82-bcmath \
|
php83-bcmath \
|
||||||
php82-bz2 \
|
php83-bz2 \
|
||||||
php82-dom \
|
php83-dom \
|
||||||
php82-exif \
|
php83-exif \
|
||||||
php82-ftp \
|
php83-ftp \
|
||||||
php82-gd \
|
php83-gd \
|
||||||
php82-gmp \
|
php83-gmp \
|
||||||
php82-imap \
|
php83-imap \
|
||||||
php82-intl \
|
php83-intl \
|
||||||
php82-ldap \
|
php83-ldap \
|
||||||
php82-mysqli \
|
php83-mysqli \
|
||||||
php82-mysqlnd \
|
php83-mysqlnd \
|
||||||
php82-opcache \
|
php83-opcache \
|
||||||
php82-pdo_mysql \
|
php83-pdo_mysql \
|
||||||
php82-pdo_odbc \
|
php83-pdo_odbc \
|
||||||
php82-pdo_pgsql \
|
php83-pdo_pgsql \
|
||||||
php82-pdo_sqlite \
|
php83-pdo_sqlite \
|
||||||
php82-pear \
|
php83-pear \
|
||||||
php82-pecl-apcu \
|
php83-pecl-apcu \
|
||||||
php82-pecl-memcached \
|
php83-pecl-mcrypt \
|
||||||
php82-pecl-redis \
|
php83-pecl-memcached \
|
||||||
php82-pgsql \
|
php83-pecl-redis \
|
||||||
php82-posix \
|
php83-pgsql \
|
||||||
php82-soap \
|
php83-posix \
|
||||||
php82-sockets \
|
php83-soap \
|
||||||
php82-sodium \
|
php83-sockets \
|
||||||
php82-sqlite3 \
|
php83-sodium \
|
||||||
php82-tokenizer \
|
php83-sqlite3 \
|
||||||
php82-xmlreader \
|
php83-tokenizer \
|
||||||
php82-xsl \
|
php83-xmlreader \
|
||||||
|
php83-xsl \
|
||||||
whois && \
|
whois && \
|
||||||
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
|
|
||||||
php82-pecl-mcrypt && \
|
|
||||||
echo "**** install certbot plugins ****" && \
|
echo "**** install certbot plugins ****" && \
|
||||||
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
||||||
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
||||||
@@ -86,7 +85,7 @@ RUN \
|
|||||||
pip install -U --no-cache-dir \
|
pip install -U --no-cache-dir \
|
||||||
pip \
|
pip \
|
||||||
wheel && \
|
wheel && \
|
||||||
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
|
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.20/ \
|
||||||
certbot==${CERTBOT_VERSION} \
|
certbot==${CERTBOT_VERSION} \
|
||||||
certbot-dns-acmedns \
|
certbot-dns-acmedns \
|
||||||
certbot-dns-aliyun \
|
certbot-dns-aliyun \
|
||||||
@@ -104,12 +103,12 @@ RUN \
|
|||||||
certbot-dns-domeneshop \
|
certbot-dns-domeneshop \
|
||||||
certbot-dns-dreamhost \
|
certbot-dns-dreamhost \
|
||||||
certbot-dns-duckdns \
|
certbot-dns-duckdns \
|
||||||
certbot-dns-dynu \
|
certbot-dns-dynudns \
|
||||||
certbot-dns-freedns \
|
certbot-dns-freedns \
|
||||||
certbot-dns-gehirn \
|
certbot-dns-gehirn \
|
||||||
|
certbot-dns-glesys \
|
||||||
certbot-dns-godaddy \
|
certbot-dns-godaddy \
|
||||||
certbot-dns-google \
|
certbot-dns-google \
|
||||||
certbot-dns-google-domains \
|
|
||||||
certbot-dns-he \
|
certbot-dns-he \
|
||||||
certbot-dns-hetzner \
|
certbot-dns-hetzner \
|
||||||
certbot-dns-infomaniak \
|
certbot-dns-infomaniak \
|
||||||
@@ -144,6 +143,8 @@ RUN \
|
|||||||
sed -i \
|
sed -i \
|
||||||
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
/defaults/nginx/ssl.conf.sample && \
|
||||||
|
echo "**** remove stream.conf ****" && \
|
||||||
|
rm -f /etc/nginx/conf.d/stream.conf && \
|
||||||
echo "**** correct ip6tables legacy issue ****" && \
|
echo "**** correct ip6tables legacy issue ****" && \
|
||||||
rm \
|
rm \
|
||||||
/sbin/ip6tables && \
|
/sbin/ip6tables && \
|
||||||
@@ -167,6 +168,7 @@ RUN \
|
|||||||
tar xf \
|
tar xf \
|
||||||
/tmp/proxy-confs.tar.gz -C \
|
/tmp/proxy-confs.tar.gz -C \
|
||||||
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
|
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
|
||||||
|
printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
|
||||||
echo "**** cleanup ****" && \
|
echo "**** cleanup ****" && \
|
||||||
apk del --purge \
|
apk del --purge \
|
||||||
build-dependencies && \
|
build-dependencies && \
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
# syntax=docker/dockerfile:1
|
# syntax=docker/dockerfile:1
|
||||||
|
|
||||||
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.18
|
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.20
|
||||||
|
|
||||||
# set version label
|
# set version label
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
@@ -45,39 +45,38 @@ RUN \
|
|||||||
nginx-mod-stream \
|
nginx-mod-stream \
|
||||||
nginx-mod-stream-geoip2 \
|
nginx-mod-stream-geoip2 \
|
||||||
nginx-vim \
|
nginx-vim \
|
||||||
php82-bcmath \
|
php83-bcmath \
|
||||||
php82-bz2 \
|
php83-bz2 \
|
||||||
php82-dom \
|
php83-dom \
|
||||||
php82-exif \
|
php83-exif \
|
||||||
php82-ftp \
|
php83-ftp \
|
||||||
php82-gd \
|
php83-gd \
|
||||||
php82-gmp \
|
php83-gmp \
|
||||||
php82-imap \
|
php83-imap \
|
||||||
php82-intl \
|
php83-intl \
|
||||||
php82-ldap \
|
php83-ldap \
|
||||||
php82-mysqli \
|
php83-mysqli \
|
||||||
php82-mysqlnd \
|
php83-mysqlnd \
|
||||||
php82-opcache \
|
php83-opcache \
|
||||||
php82-pdo_mysql \
|
php83-pdo_mysql \
|
||||||
php82-pdo_odbc \
|
php83-pdo_odbc \
|
||||||
php82-pdo_pgsql \
|
php83-pdo_pgsql \
|
||||||
php82-pdo_sqlite \
|
php83-pdo_sqlite \
|
||||||
php82-pear \
|
php83-pear \
|
||||||
php82-pecl-apcu \
|
php83-pecl-apcu \
|
||||||
php82-pecl-memcached \
|
php83-pecl-mcrypt \
|
||||||
php82-pecl-redis \
|
php83-pecl-memcached \
|
||||||
php82-pgsql \
|
php83-pecl-redis \
|
||||||
php82-posix \
|
php83-pgsql \
|
||||||
php82-soap \
|
php83-posix \
|
||||||
php82-sockets \
|
php83-soap \
|
||||||
php82-sodium \
|
php83-sockets \
|
||||||
php82-sqlite3 \
|
php83-sodium \
|
||||||
php82-tokenizer \
|
php83-sqlite3 \
|
||||||
php82-xmlreader \
|
php83-tokenizer \
|
||||||
php82-xsl \
|
php83-xmlreader \
|
||||||
|
php83-xsl \
|
||||||
whois && \
|
whois && \
|
||||||
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
|
|
||||||
php82-pecl-mcrypt && \
|
|
||||||
echo "**** install certbot plugins ****" && \
|
echo "**** install certbot plugins ****" && \
|
||||||
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
||||||
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
||||||
@@ -86,7 +85,7 @@ RUN \
|
|||||||
pip install -U --no-cache-dir \
|
pip install -U --no-cache-dir \
|
||||||
pip \
|
pip \
|
||||||
wheel && \
|
wheel && \
|
||||||
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
|
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.20/ \
|
||||||
certbot==${CERTBOT_VERSION} \
|
certbot==${CERTBOT_VERSION} \
|
||||||
certbot-dns-acmedns \
|
certbot-dns-acmedns \
|
||||||
certbot-dns-aliyun \
|
certbot-dns-aliyun \
|
||||||
@@ -104,12 +103,12 @@ RUN \
|
|||||||
certbot-dns-domeneshop \
|
certbot-dns-domeneshop \
|
||||||
certbot-dns-dreamhost \
|
certbot-dns-dreamhost \
|
||||||
certbot-dns-duckdns \
|
certbot-dns-duckdns \
|
||||||
certbot-dns-dynu \
|
certbot-dns-dynudns \
|
||||||
certbot-dns-freedns \
|
certbot-dns-freedns \
|
||||||
certbot-dns-gehirn \
|
certbot-dns-gehirn \
|
||||||
|
certbot-dns-glesys \
|
||||||
certbot-dns-godaddy \
|
certbot-dns-godaddy \
|
||||||
certbot-dns-google \
|
certbot-dns-google \
|
||||||
certbot-dns-google-domains \
|
|
||||||
certbot-dns-he \
|
certbot-dns-he \
|
||||||
certbot-dns-hetzner \
|
certbot-dns-hetzner \
|
||||||
certbot-dns-infomaniak \
|
certbot-dns-infomaniak \
|
||||||
@@ -144,6 +143,8 @@ RUN \
|
|||||||
sed -i \
|
sed -i \
|
||||||
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
/defaults/nginx/ssl.conf.sample && \
|
||||||
|
echo "**** remove stream.conf ****" && \
|
||||||
|
rm -f /etc/nginx/conf.d/stream.conf && \
|
||||||
echo "**** correct ip6tables legacy issue ****" && \
|
echo "**** correct ip6tables legacy issue ****" && \
|
||||||
rm \
|
rm \
|
||||||
/sbin/ip6tables && \
|
/sbin/ip6tables && \
|
||||||
@@ -167,6 +168,7 @@ RUN \
|
|||||||
tar xf \
|
tar xf \
|
||||||
/tmp/proxy-confs.tar.gz -C \
|
/tmp/proxy-confs.tar.gz -C \
|
||||||
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
|
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
|
||||||
|
printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
|
||||||
echo "**** cleanup ****" && \
|
echo "**** cleanup ****" && \
|
||||||
apk del --purge \
|
apk del --purge \
|
||||||
build-dependencies && \
|
build-dependencies && \
|
||||||
|
|||||||
232
Jenkinsfile
vendored
232
Jenkinsfile
vendored
@@ -16,6 +16,7 @@ pipeline {
|
|||||||
GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab')
|
GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab')
|
||||||
GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0')
|
GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0')
|
||||||
GITLAB_NAMESPACE=credentials('gitlab-namespace-id')
|
GITLAB_NAMESPACE=credentials('gitlab-namespace-id')
|
||||||
|
DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat')
|
||||||
EXT_PIP = 'certbot'
|
EXT_PIP = 'certbot'
|
||||||
BUILD_VERSION_ARG = 'CERTBOT_VERSION'
|
BUILD_VERSION_ARG = 'CERTBOT_VERSION'
|
||||||
LS_USER = 'linuxserver'
|
LS_USER = 'linuxserver'
|
||||||
@@ -59,11 +60,16 @@ pipeline {
|
|||||||
env.COMMIT_SHA = sh(
|
env.COMMIT_SHA = sh(
|
||||||
script: '''git rev-parse HEAD''',
|
script: '''git rev-parse HEAD''',
|
||||||
returnStdout: true).trim()
|
returnStdout: true).trim()
|
||||||
|
env.GH_DEFAULT_BRANCH = sh(
|
||||||
|
script: '''git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||' ''',
|
||||||
|
returnStdout: true).trim()
|
||||||
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
|
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
|
||||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
|
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
|
||||||
env.PULL_REQUEST = env.CHANGE_ID
|
env.PULL_REQUEST = env.CHANGE_ID
|
||||||
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
|
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
|
||||||
}
|
}
|
||||||
|
sh '''#! /bin/bash
|
||||||
|
echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" '''
|
||||||
script{
|
script{
|
||||||
env.LS_RELEASE_NUMBER = sh(
|
env.LS_RELEASE_NUMBER = sh(
|
||||||
script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''',
|
script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''',
|
||||||
@@ -120,7 +126,7 @@ pipeline {
|
|||||||
steps{
|
steps{
|
||||||
script{
|
script{
|
||||||
env.EXT_RELEASE_CLEAN = sh(
|
env.EXT_RELEASE_CLEAN = sh(
|
||||||
script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g' ''',
|
script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/ ]//g' ''',
|
||||||
returnStdout: true).trim()
|
returnStdout: true).trim()
|
||||||
|
|
||||||
def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/
|
def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/
|
||||||
@@ -138,7 +144,7 @@ pipeline {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (env.SEMVER != null) {
|
if (env.SEMVER != null) {
|
||||||
if (BRANCH_NAME != "master" && BRANCH_NAME != "main") {
|
if (BRANCH_NAME != "${env.GH_DEFAULT_BRANCH}") {
|
||||||
env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}"
|
env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}"
|
||||||
}
|
}
|
||||||
println("SEMVER: ${env.SEMVER}")
|
println("SEMVER: ${env.SEMVER}")
|
||||||
@@ -239,9 +245,11 @@ pipeline {
|
|||||||
-v ${WORKSPACE}:/mnt \
|
-v ${WORKSPACE}:/mnt \
|
||||||
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
|
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
|
||||||
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
|
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
|
||||||
ghcr.io/linuxserver/baseimage-alpine:3.17 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
||||||
apk add --no-cache py3-pip && \
|
apk add --no-cache python3 && \
|
||||||
pip install s3cmd && \
|
python3 -m venv /lsiopy && \
|
||||||
|
pip install --no-cache-dir -U pip && \
|
||||||
|
pip install --no-cache-dir s3cmd && \
|
||||||
s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
|
s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -260,8 +268,15 @@ pipeline {
|
|||||||
set -e
|
set -e
|
||||||
TEMPDIR=$(mktemp -d)
|
TEMPDIR=$(mktemp -d)
|
||||||
docker pull ghcr.io/linuxserver/jenkins-builder:latest
|
docker pull ghcr.io/linuxserver/jenkins-builder:latest
|
||||||
docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest
|
# Cloned repo paths for templating:
|
||||||
# Stage 1 - Jenkinsfile update
|
# ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch master of ${LS_USER}/${LS_REPO} for running the jenkins builder on
|
||||||
|
# ${TEMPDIR}/repo/${LS_REPO}: Cloned branch master of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github
|
||||||
|
# ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github
|
||||||
|
# ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos
|
||||||
|
# ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github
|
||||||
|
git clone --branch master --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME}
|
||||||
|
docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest
|
||||||
|
echo "Starting Stage 1 - Jenkinsfile update"
|
||||||
if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then
|
if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then
|
||||||
mkdir -p ${TEMPDIR}/repo
|
mkdir -p ${TEMPDIR}/repo
|
||||||
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
||||||
@@ -270,16 +285,17 @@ pipeline {
|
|||||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/
|
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/
|
||||||
git add Jenkinsfile
|
git add Jenkinsfile
|
||||||
git commit -m 'Bot Updating Templated Files'
|
git commit -m 'Bot Updating Templated Files'
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
echo "Updating Jenkinsfile"
|
echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit"
|
||||||
rm -Rf ${TEMPDIR}
|
rm -Rf ${TEMPDIR}
|
||||||
exit 0
|
exit 0
|
||||||
else
|
else
|
||||||
echo "Jenkinsfile is up to date."
|
echo "Jenkinsfile is up to date."
|
||||||
fi
|
fi
|
||||||
# Stage 2 - Delete old templates
|
echo "Starting Stage 2 - Delete old templates"
|
||||||
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf"
|
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
|
||||||
for i in ${OLD_TEMPLATES}; do
|
for i in ${OLD_TEMPLATES}; do
|
||||||
if [[ -f "${i}" ]]; then
|
if [[ -f "${i}" ]]; then
|
||||||
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
|
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
|
||||||
@@ -294,15 +310,16 @@ pipeline {
|
|||||||
git rm "${i}"
|
git rm "${i}"
|
||||||
done
|
done
|
||||||
git commit -m 'Bot Updating Templated Files'
|
git commit -m 'Bot Updating Templated Files'
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
echo "Deleting old and deprecated templates"
|
echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit"
|
||||||
rm -Rf ${TEMPDIR}
|
rm -Rf ${TEMPDIR}
|
||||||
exit 0
|
exit 0
|
||||||
else
|
else
|
||||||
echo "No templates to delete"
|
echo "No templates to delete"
|
||||||
fi
|
fi
|
||||||
# Stage 3 - Update templates
|
echo "Starting Stage 3 - Update templates"
|
||||||
CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
||||||
cd ${TEMPDIR}/docker-${CONTAINER_NAME}
|
cd ${TEMPDIR}/docker-${CONTAINER_NAME}
|
||||||
NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
||||||
@@ -323,31 +340,50 @@ pipeline {
|
|||||||
fi
|
fi
|
||||||
git add readme-vars.yml ${TEMPLATED_FILES}
|
git add readme-vars.yml ${TEMPLATED_FILES}
|
||||||
git commit -m 'Bot Updating Templated Files'
|
git commit -m 'Bot Updating Templated Files'
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
|
echo "Updating templates and exiting build, new one will trigger based on commit"
|
||||||
|
rm -Rf ${TEMPDIR}
|
||||||
|
exit 0
|
||||||
else
|
else
|
||||||
echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
|
echo "No templates to update"
|
||||||
fi
|
fi
|
||||||
|
echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub"
|
||||||
mkdir -p ${TEMPDIR}/docs
|
mkdir -p ${TEMPDIR}/docs
|
||||||
git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
|
git clone --depth=1 https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
|
||||||
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
|
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
|
||||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
|
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
|
||||||
cd ${TEMPDIR}/docs/docker-documentation
|
cd ${TEMPDIR}/docs/docker-documentation
|
||||||
|
GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
|
||||||
git add docs/images/docker-${CONTAINER_NAME}.md
|
git add docs/images/docker-${CONTAINER_NAME}.md
|
||||||
|
echo "Updating docs repo"
|
||||||
git commit -m 'Bot Updating Documentation'
|
git commit -m 'Bot Updating Documentation'
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git --all
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} || \
|
||||||
|
(MAXWAIT="10" && echo "Push to docs failed, trying again in ${MAXWAIT} seconds" && \
|
||||||
|
sleep $((RANDOM % MAXWAIT)) && \
|
||||||
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase && \
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH})
|
||||||
|
else
|
||||||
|
echo "Docs update not needed, skipping"
|
||||||
fi
|
fi
|
||||||
mkdir -p ${TEMPDIR}/unraid
|
mkdir -p ${TEMPDIR}/unraid
|
||||||
git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
|
git clone --depth=1 https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
|
||||||
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
|
git clone --depth=1 https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
|
||||||
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
|
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
|
||||||
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||||
elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
|
elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
|
||||||
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||||
fi
|
fi
|
||||||
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
|
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
|
||||||
|
echo "Updating Unraid template"
|
||||||
cd ${TEMPDIR}/unraid/templates/
|
cd ${TEMPDIR}/unraid/templates/
|
||||||
if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then
|
GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
|
||||||
|
if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list && [[ -f ${TEMPDIR}/unraid/templates/unraid/deprecated/${CONTAINER_NAME}.xml ]]; then
|
||||||
|
echo "Image is on the ignore list, and already in the deprecation folder."
|
||||||
|
elif grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then
|
||||||
echo "Image is on the ignore list, marking Unraid template as deprecated"
|
echo "Image is on the ignore list, marking Unraid template as deprecated"
|
||||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
|
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
|
||||||
git add -u unraid/${CONTAINER_NAME}.xml
|
git add -u unraid/${CONTAINER_NAME}.xml
|
||||||
@@ -358,7 +394,42 @@ pipeline {
|
|||||||
git add unraid/${CONTAINER_NAME}.xml
|
git add unraid/${CONTAINER_NAME}.xml
|
||||||
git commit -m 'Bot Updating Unraid Template'
|
git commit -m 'Bot Updating Unraid Template'
|
||||||
fi
|
fi
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git --all
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} || \
|
||||||
|
(MAXWAIT="10" && echo "Push to unraid templates failed, trying again in ${MAXWAIT} seconds" && \
|
||||||
|
sleep $((RANDOM % MAXWAIT)) && \
|
||||||
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase && \
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH})
|
||||||
|
else
|
||||||
|
echo "No updates to Unraid template needed, skipping"
|
||||||
|
fi
|
||||||
|
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then
|
||||||
|
if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then
|
||||||
|
echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub"
|
||||||
|
DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite"
|
||||||
|
else
|
||||||
|
echo "Syncing readme to Docker Hub"
|
||||||
|
DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md"
|
||||||
|
fi
|
||||||
|
if curl -s https://hub.docker.com/v2/namespaces/${DOCKERHUB_IMAGE%%/*}/repositories/${DOCKERHUB_IMAGE##*/}/tags | jq -r '.message' | grep -q 404; then
|
||||||
|
echo "Docker Hub endpoint doesn't exist. Creating endpoint first."
|
||||||
|
DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token')
|
||||||
|
curl -s \
|
||||||
|
-H "Authorization: JWT ${DH_TOKEN}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-X POST \
|
||||||
|
-d '{"name":"'${DOCKERHUB_IMAGE##*/}'", "namespace":"'${DOCKERHUB_IMAGE%%/*}'"}' \
|
||||||
|
https://hub.docker.com/v2/repositories/ || :
|
||||||
|
fi
|
||||||
|
DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token')
|
||||||
|
curl -s \
|
||||||
|
-H "Authorization: JWT ${DH_TOKEN}" \
|
||||||
|
-H "Content-Type: application/json" \
|
||||||
|
-X PATCH \
|
||||||
|
-d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \
|
||||||
|
https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || :
|
||||||
|
else
|
||||||
|
echo "Not the default Github branch. Skipping readme sync to Docker Hub."
|
||||||
fi
|
fi
|
||||||
rm -Rf ${TEMPDIR}'''
|
rm -Rf ${TEMPDIR}'''
|
||||||
script{
|
script{
|
||||||
@@ -414,14 +485,16 @@ pipeline {
|
|||||||
}
|
}
|
||||||
steps{
|
steps{
|
||||||
sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \
|
sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \
|
||||||
-d '{"namespace_id":'${GITLAB_NAMESPACE}',\
|
-d '{"namespace_id":'${GITLAB_NAMESPACE}',\
|
||||||
"name":"'${LS_REPO}'",
|
"name":"'${LS_REPO}'",
|
||||||
"mirror":true,\
|
"mirror":true,\
|
||||||
"import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\
|
"import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\
|
||||||
"issues_access_level":"disabled",\
|
"issues_access_level":"disabled",\
|
||||||
"merge_requests_access_level":"disabled",\
|
"merge_requests_access_level":"disabled",\
|
||||||
"repository_access_level":"enabled",\
|
"repository_access_level":"enabled",\
|
||||||
"visibility":"public"}' '''
|
"visibility":"public"}' '''
|
||||||
|
sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \
|
||||||
|
-d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" '''
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* ###############
|
/* ###############
|
||||||
@@ -452,6 +525,7 @@ pipeline {
|
|||||||
--label \"org.opencontainers.image.title=Swag\" \
|
--label \"org.opencontainers.image.title=Swag\" \
|
||||||
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
||||||
--no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
|
--no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
|
||||||
|
--provenance=false --sbom=false \
|
||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -483,6 +557,7 @@ pipeline {
|
|||||||
--label \"org.opencontainers.image.title=Swag\" \
|
--label \"org.opencontainers.image.title=Swag\" \
|
||||||
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
||||||
--no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
|
--no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
|
||||||
|
--provenance=false --sbom=false \
|
||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -511,6 +586,7 @@ pipeline {
|
|||||||
--label \"org.opencontainers.image.title=Swag\" \
|
--label \"org.opencontainers.image.title=Swag\" \
|
||||||
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
||||||
--no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
|
--no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
|
||||||
|
--provenance=false --sbom=false \
|
||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||||
sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
||||||
retry(5) {
|
retry(5) {
|
||||||
@@ -537,7 +613,7 @@ pipeline {
|
|||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
set -e
|
||||||
TEMPDIR=$(mktemp -d)
|
TEMPDIR=$(mktemp -d)
|
||||||
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
|
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" != "true" ]; then
|
||||||
LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG}
|
LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG}
|
||||||
else
|
else
|
||||||
LOCAL_CONTAINER=${IMAGE}:${META_TAG}
|
LOCAL_CONTAINER=${IMAGE}:${META_TAG}
|
||||||
@@ -558,7 +634,8 @@ pipeline {
|
|||||||
wait
|
wait
|
||||||
git add package_versions.txt
|
git add package_versions.txt
|
||||||
git commit -m 'Bot Updating Package Versions'
|
git commit -m 'Bot Updating Package Versions'
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
echo "Package tag updated, stopping build process"
|
echo "Package tag updated, stopping build process"
|
||||||
else
|
else
|
||||||
@@ -626,14 +703,14 @@ pipeline {
|
|||||||
set -e
|
set -e
|
||||||
docker pull ghcr.io/linuxserver/ci:latest
|
docker pull ghcr.io/linuxserver/ci:latest
|
||||||
if [ "${MULTIARCH}" == "true" ]; then
|
if [ "${MULTIARCH}" == "true" ]; then
|
||||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
|
||||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
||||||
fi
|
fi
|
||||||
docker run --rm \
|
docker run --rm \
|
||||||
--shm-size=1gb \
|
--shm-size=1gb \
|
||||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||||
-e IMAGE=\"${IMAGE}\" \
|
-e IMAGE=\"${IMAGE}\" \
|
||||||
-e DELAY_START=\"${CI_DELAY}\" \
|
-e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \
|
||||||
-e TAGS=\"${CI_TAGS}\" \
|
-e TAGS=\"${CI_TAGS}\" \
|
||||||
-e META_TAG=\"${META_TAG}\" \
|
-e META_TAG=\"${META_TAG}\" \
|
||||||
-e PORT=\"${CI_PORT}\" \
|
-e PORT=\"${CI_PORT}\" \
|
||||||
@@ -661,12 +738,6 @@ pipeline {
|
|||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
withCredentials([
|
withCredentials([
|
||||||
[
|
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
|
||||||
credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
|
|
||||||
usernameVariable: 'DOCKERUSER',
|
|
||||||
passwordVariable: 'DOCKERPASS'
|
|
||||||
],
|
|
||||||
[
|
[
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
$class: 'UsernamePasswordMultiBinding',
|
||||||
credentialsId: 'Quay.io-Robot',
|
credentialsId: 'Quay.io-Robot',
|
||||||
@@ -677,7 +748,7 @@ pipeline {
|
|||||||
retry(5) {
|
retry(5) {
|
||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
set -e
|
||||||
echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin
|
echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
|
||||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||||
@@ -708,12 +779,6 @@ pipeline {
|
|||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
withCredentials([
|
withCredentials([
|
||||||
[
|
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
|
||||||
credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
|
|
||||||
usernameVariable: 'DOCKERUSER',
|
|
||||||
passwordVariable: 'DOCKERPASS'
|
|
||||||
],
|
|
||||||
[
|
[
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
$class: 'UsernamePasswordMultiBinding',
|
||||||
credentialsId: 'Quay.io-Robot',
|
credentialsId: 'Quay.io-Robot',
|
||||||
@@ -724,12 +789,12 @@ pipeline {
|
|||||||
retry(5) {
|
retry(5) {
|
||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
set -e
|
||||||
echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin
|
echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
|
||||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||||
if [ "${CI}" == "false" ]; then
|
if [ "${CI}" == "false" ]; then
|
||||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
|
||||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
||||||
fi
|
fi
|
||||||
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
|
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
|
||||||
@@ -753,35 +818,13 @@ pipeline {
|
|||||||
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
|
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
|
||||||
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||||
fi
|
fi
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:latest || :
|
done
|
||||||
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
|
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
||||||
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
|
|
||||||
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
|
|
||||||
if [ -n "${SEMVER}" ]; then
|
if [ -n "${SEMVER}" ]; then
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||||
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
|
|
||||||
fi
|
|
||||||
token=$(curl -sX GET "https://ghcr.io/token?scope=repository%3Alinuxserver%2F${CONTAINER_NAME}%3Apull" | jq -r '.token')
|
|
||||||
digest=$(curl -s \
|
|
||||||
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
|
|
||||||
--header "Authorization: Bearer ${token}" \
|
|
||||||
"https://ghcr.io/v2/linuxserver/${CONTAINER_NAME}/manifests/arm32v7-latest")
|
|
||||||
if [[ $(echo "$digest" | jq -r '.layers') != "null" ]]; then
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest || :
|
|
||||||
docker manifest create ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:amd64-latest
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest
|
|
||||||
fi
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:latest
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG}
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG}
|
|
||||||
if [ -n "${SEMVER}" ]; then
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER}
|
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
'''
|
'''
|
||||||
@@ -854,39 +897,6 @@ EOF
|
|||||||
) '''
|
) '''
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Use helper container to sync the current README on master to the dockerhub endpoint
|
|
||||||
stage('Sync-README') {
|
|
||||||
when {
|
|
||||||
environment name: 'CHANGE_ID', value: ''
|
|
||||||
environment name: 'EXIT_STATUS', value: ''
|
|
||||||
}
|
|
||||||
steps {
|
|
||||||
withCredentials([
|
|
||||||
[
|
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
|
||||||
credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
|
|
||||||
usernameVariable: 'DOCKERUSER',
|
|
||||||
passwordVariable: 'DOCKERPASS'
|
|
||||||
]
|
|
||||||
]) {
|
|
||||||
sh '''#! /bin/bash
|
|
||||||
set -e
|
|
||||||
TEMPDIR=$(mktemp -d)
|
|
||||||
docker pull ghcr.io/linuxserver/jenkins-builder:latest
|
|
||||||
docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH="${BRANCH_NAME}" -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest
|
|
||||||
docker pull ghcr.io/linuxserver/readme-sync
|
|
||||||
docker run --rm=true \
|
|
||||||
-e DOCKERHUB_USERNAME=$DOCKERUSER \
|
|
||||||
-e DOCKERHUB_PASSWORD=$DOCKERPASS \
|
|
||||||
-e GIT_REPOSITORY=${LS_USER}/${LS_REPO} \
|
|
||||||
-e DOCKER_REPOSITORY=${IMAGE} \
|
|
||||||
-e GIT_BRANCH=master \
|
|
||||||
-v ${TEMPDIR}/docker-${CONTAINER_NAME}:/mnt \
|
|
||||||
ghcr.io/linuxserver/readme-sync bash -c 'node sync'
|
|
||||||
rm -Rf ${TEMPDIR} '''
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// If this is a Pull request send the CI link as a comment on it
|
// If this is a Pull request send the CI link as a comment on it
|
||||||
stage('Pull Request Comment') {
|
stage('Pull Request Comment') {
|
||||||
when {
|
when {
|
||||||
|
|||||||
56
README.md
56
README.md
@@ -28,7 +28,7 @@ Find us at:
|
|||||||
|
|
||||||
# [linuxserver/swag](https://github.com/linuxserver/docker-swag)
|
# [linuxserver/swag](https://github.com/linuxserver/docker-swag)
|
||||||
|
|
||||||
[](https://scarf.sh/gateway/linuxserver-ci/docker/linuxserver%2Fswag)
|
[](https://scarf.sh)
|
||||||
[](https://github.com/linuxserver/docker-swag)
|
[](https://github.com/linuxserver/docker-swag)
|
||||||
[](https://github.com/linuxserver/docker-swag/releases)
|
[](https://github.com/linuxserver/docker-swag/releases)
|
||||||
[](https://github.com/linuxserver/docker-swag/packages)
|
[](https://github.com/linuxserver/docker-swag/packages)
|
||||||
@@ -45,7 +45,7 @@ SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relatio
|
|||||||
|
|
||||||
## Supported Architectures
|
## Supported Architectures
|
||||||
|
|
||||||
We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/).
|
We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://distribution.github.io/distribution/spec/manifest-v2-2/#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/).
|
||||||
|
|
||||||
Simply pulling `lscr.io/linuxserver/swag:latest` should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
|
Simply pulling `lscr.io/linuxserver/swag:latest` should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
|
||||||
|
|
||||||
@@ -74,6 +74,21 @@ The architectures supported by this image are:
|
|||||||
* After setup, navigate to `https://yourdomain.url` to access the default homepage (http access through port 80 is disabled by default, you can enable it by editing the default site config at `/config/nginx/site-confs/default.conf`).
|
* After setup, navigate to `https://yourdomain.url` to access the default homepage (http access through port 80 is disabled by default, you can enable it by editing the default site config at `/config/nginx/site-confs/default.conf`).
|
||||||
* Certs are checked nightly and if expiration is within 30 days, renewal is attempted. If your cert is about to expire in less than 30 days, check the logs under `/config/log/letsencrypt` to see why the renewals have been failing. It is recommended to input your e-mail in docker parameters so you receive expiration notices from Let's Encrypt in those circumstances.
|
* Certs are checked nightly and if expiration is within 30 days, renewal is attempted. If your cert is about to expire in less than 30 days, check the logs under `/config/log/letsencrypt` to see why the renewals have been failing. It is recommended to input your e-mail in docker parameters so you receive expiration notices from Let's Encrypt in those circumstances.
|
||||||
|
|
||||||
|
### Certbot Plugins
|
||||||
|
|
||||||
|
SWAG includes many Certbot plugins out of the box, but not all plugins can be includes.
|
||||||
|
If you need a plugin that is not included, the quickest way to have the plugin available is to use our [Universal Package Install Docker Mod](https://github.com/linuxserver/docker-mods/tree/universal-package-install).
|
||||||
|
|
||||||
|
Set the following environment variables on your container:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
DOCKER_MODS=linuxserver/mods:universal-package-install
|
||||||
|
INSTALL_PIP_PACKAGES=certbot-dns-<plugin>
|
||||||
|
```
|
||||||
|
|
||||||
|
Set the required credentials (usually found in the plugin documentation) in `/config/dns-conf/<plugin>.ini`.
|
||||||
|
It is recommended to attempt obtaining a certificate with `STAGING=true` first to make sure the plugin is working as expected.
|
||||||
|
|
||||||
### Security and password protection
|
### Security and password protection
|
||||||
|
|
||||||
* The container detects changes to url and subdomains, revokes existing certs and generates new ones during start.
|
* The container detects changes to url and subdomains, revokes existing certs and generates new ones during start.
|
||||||
@@ -143,7 +158,6 @@ To help you get started creating a container from this image you can either use
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
---
|
---
|
||||||
version: "2.1"
|
|
||||||
services:
|
services:
|
||||||
swag:
|
swag:
|
||||||
image: lscr.io/linuxserver/swag:latest
|
image: lscr.io/linuxserver/swag:latest
|
||||||
@@ -165,7 +179,7 @@ services:
|
|||||||
- EXTRA_DOMAINS= #optional
|
- EXTRA_DOMAINS= #optional
|
||||||
- STAGING=false #optional
|
- STAGING=false #optional
|
||||||
volumes:
|
volumes:
|
||||||
- /path/to/appdata/config:/config
|
- /path/to/swag/config:/config
|
||||||
ports:
|
ports:
|
||||||
- 443:443
|
- 443:443
|
||||||
- 80:80 #optional
|
- 80:80 #optional
|
||||||
@@ -193,7 +207,7 @@ docker run -d \
|
|||||||
-e STAGING=false `#optional` \
|
-e STAGING=false `#optional` \
|
||||||
-p 443:443 \
|
-p 443:443 \
|
||||||
-p 80:80 `#optional` \
|
-p 80:80 `#optional` \
|
||||||
-v /path/to/appdata/config:/config \
|
-v /path/to/swag/config:/config \
|
||||||
--restart unless-stopped \
|
--restart unless-stopped \
|
||||||
lscr.io/linuxserver/swag:latest
|
lscr.io/linuxserver/swag:latest
|
||||||
```
|
```
|
||||||
@@ -213,13 +227,13 @@ Containers are configured using parameters passed at runtime (such as those abov
|
|||||||
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
||||||
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
||||||
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
||||||
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynu`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
||||||
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
||||||
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
||||||
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
||||||
| `-e EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org` |
|
| `-e EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org` |
|
||||||
| `-e STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. |
|
| `-e STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. |
|
||||||
| `-v /config` | All the config files including the webroot reside here. |
|
| `-v /config` | Persistent config files |
|
||||||
|
|
||||||
### Portainer notice
|
### Portainer notice
|
||||||
|
|
||||||
@@ -294,7 +308,7 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to
|
|||||||
|
|
||||||
## Updating Info
|
## Updating Info
|
||||||
|
|
||||||
Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (ie. nextcloud, plex), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image.
|
Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image.
|
||||||
|
|
||||||
Below are the instructions for updating containers:
|
Below are the instructions for updating containers:
|
||||||
|
|
||||||
@@ -359,21 +373,6 @@ Below are the instructions for updating containers:
|
|||||||
docker image prune
|
docker image prune
|
||||||
```
|
```
|
||||||
|
|
||||||
### Via Watchtower auto-updater (only use if you don't remember the original parameters)
|
|
||||||
|
|
||||||
* Pull the latest image at its tag and replace it with the same env variables in one run:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker run --rm \
|
|
||||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
|
||||||
containrrr/watchtower \
|
|
||||||
--run-once swag
|
|
||||||
```
|
|
||||||
|
|
||||||
* You can also remove the old dangling images: `docker image prune`
|
|
||||||
|
|
||||||
**warning**: We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose).
|
|
||||||
|
|
||||||
### Image Update Notifications - Diun (Docker Image Update Notifier)
|
### Image Update Notifications - Diun (Docker Image Update Notifier)
|
||||||
|
|
||||||
**tip**: We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
|
**tip**: We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
|
||||||
@@ -401,6 +400,17 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
|||||||
|
|
||||||
## Versions
|
## Versions
|
||||||
|
|
||||||
|
* **24.07.14:** - Rebase to Alpine 3.20. Remove deprecated Google Domains certbot plugin. Existing users should update their nginx confs to avoid http2 deprecation warnings.
|
||||||
|
* **23.03.24:** - Fix perms on the generated `priv-fullchain-bundle.pem`.
|
||||||
|
* **14.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38.
|
||||||
|
* **11.03.24:** - Restore support for DynuDNS using `certbot-dns-dynudns`.
|
||||||
|
* **06.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf.
|
||||||
|
* **04.03.24:** - Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`.
|
||||||
|
* **23.01.24:** - Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate.
|
||||||
|
* **01.01.24:** - Add GleSYS DNS plugin.
|
||||||
|
* **11.12.23:** - Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins.
|
||||||
|
* **30.11.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404.
|
||||||
|
* **23.11.23:** - Run certbot as root to allow fix http validation.
|
||||||
* **01.10.23:** - Fix "unrecognized arguments" issue in DirectAdmin DNS plugin.
|
* **01.10.23:** - Fix "unrecognized arguments" issue in DirectAdmin DNS plugin.
|
||||||
* **28.08.23:** - Add Namecheap DNS plugin.
|
* **28.08.23:** - Add Namecheap DNS plugin.
|
||||||
* **12.08.23:** - Add FreeDNS plugin. Detect certbot DNS authenticators using CLI.
|
* **12.08.23:** - Add FreeDNS plugin. Detect certbot DNS authenticators using CLI.
|
||||||
|
|||||||
@@ -6,7 +6,6 @@ external_type: pip_version
|
|||||||
release_type: stable
|
release_type: stable
|
||||||
release_tag: latest
|
release_tag: latest
|
||||||
ls_branch: master
|
ls_branch: master
|
||||||
build_armhf: false
|
|
||||||
repo_vars:
|
repo_vars:
|
||||||
- EXT_PIP = 'certbot'
|
- EXT_PIP = 'certbot'
|
||||||
- BUILD_VERSION_ARG = 'CERTBOT_VERSION'
|
- BUILD_VERSION_ARG = 'CERTBOT_VERSION'
|
||||||
|
|||||||
@@ -1,340 +1,359 @@
|
|||||||
NAME VERSION TYPE
|
NAME VERSION TYPE
|
||||||
ConfigArgParse 1.7 python
|
ConfigArgParse 1.7 python
|
||||||
PyJWT 2.8.0 python
|
PyJWT 2.8.0 python
|
||||||
PyNamecheap 0.0.3 python
|
PyNamecheap 0.0.3 python
|
||||||
PyYAML 6.0.1 python
|
PyYAML 6.0.1 python
|
||||||
Simple Launcher Executable 1.1.0.14 dotnet
|
Simple Launcher 1.1.0.14 dotnet (+5 duplicates)
|
||||||
acme 2.7.4 python
|
acme 2.11.0 python
|
||||||
alpine-baselayout 3.4.3-r1 apk
|
alpine-baselayout 3.6.5-r0 apk
|
||||||
alpine-baselayout-data 3.4.3-r1 apk
|
alpine-baselayout-data 3.6.5-r0 apk
|
||||||
alpine-keys 2.4-r1 apk
|
alpine-keys 2.4-r1 apk
|
||||||
alpine-release 3.18.4-r0 apk
|
alpine-release 3.20.1-r0 apk
|
||||||
aom-libs 3.6.1-r0 apk
|
aom-libs 3.9.0-r0 apk
|
||||||
apache2-utils 2.4.58-r0 apk
|
apache2-utils 2.4.62-r0 apk
|
||||||
apk-tools 2.14.0-r2 apk
|
apk-tools 2.14.4-r0 apk
|
||||||
apr 1.7.4-r0 apk
|
apr 1.7.4-r0 apk
|
||||||
apr-util 1.6.3-r1 apk
|
apr-util 1.6.3-r1 apk
|
||||||
argon2-libs 20190702-r4 apk
|
argon2-libs 20190702-r5 apk
|
||||||
attrs 23.1.0 python
|
attrs 23.2.0 python
|
||||||
azure-common 1.1.28 python
|
autocommand 2.2.2 python
|
||||||
azure-core 1.29.5 python
|
azure-common 1.1.28 python
|
||||||
azure-identity 1.15.0 python
|
azure-core 1.30.2 python
|
||||||
azure-mgmt-core 1.4.0 python
|
azure-identity 1.17.1 python
|
||||||
azure-mgmt-dns 8.1.0 python
|
azure-mgmt-core 1.4.0 python
|
||||||
bash 5.2.15-r5 apk
|
azure-mgmt-dns 8.1.0 python
|
||||||
beautifulsoup4 4.12.2 python
|
backports.tarfile 1.2.0 python
|
||||||
boto3 1.28.78 python
|
bash 5.2.26-r0 apk
|
||||||
botocore 1.31.78 python
|
beautifulsoup4 4.12.3 python
|
||||||
brotli-libs 1.0.9-r14 apk
|
boto3 1.34.149 python
|
||||||
bs4 0.0.1 python
|
botocore 1.34.149 python
|
||||||
busybox 1.36.1-r4 apk
|
brotli-libs 1.1.0-r2 apk
|
||||||
busybox-binsh 1.36.1-r4 apk
|
bs4 0.0.2 python
|
||||||
c-client 2007f-r15 apk
|
busybox 1.36.1-r29 apk
|
||||||
ca-certificates 20230506-r0 apk
|
busybox-binsh 1.36.1-r29 apk
|
||||||
ca-certificates-bundle 20230506-r0 apk
|
c-ares 1.28.1-r0 apk
|
||||||
cachetools 5.3.2 python
|
c-client 2007f-r15 apk
|
||||||
certbot 2.7.4 python
|
ca-certificates 20240705-r0 apk
|
||||||
certbot-dns-acmedns 0.1.0 python
|
ca-certificates-bundle 20240705-r0 apk
|
||||||
certbot-dns-aliyun 2.0.0 python
|
cachetools 5.4.0 python
|
||||||
certbot-dns-azure 2.4.0 python
|
catatonit 0.2.0-r0 apk
|
||||||
certbot-dns-bunny 0.0.9 python
|
certbot 2.11.0 python
|
||||||
certbot-dns-cloudflare 2.7.4 python
|
certbot-dns-acmedns 0.1.0 python
|
||||||
certbot-dns-cpanel 0.4.0 python
|
certbot-dns-aliyun 2.0.0 python
|
||||||
certbot-dns-desec 1.2.1 python
|
certbot-dns-azure 2.5.0 python
|
||||||
certbot-dns-digitalocean 2.7.4 python
|
certbot-dns-bunny 0.0.9 python
|
||||||
certbot-dns-directadmin 1.0.3 python
|
certbot-dns-cloudflare 2.11.0 python
|
||||||
certbot-dns-dnsimple 2.6.0 python
|
certbot-dns-cpanel 0.4.0 python
|
||||||
certbot-dns-dnsmadeeasy 2.6.0 python
|
certbot-dns-desec 1.2.1 python
|
||||||
certbot-dns-dnspod 0.1.0 python
|
certbot-dns-digitalocean 2.11.0 python
|
||||||
certbot-dns-do 0.31.0 python
|
certbot-dns-directadmin 1.0.4 python
|
||||||
certbot-dns-domeneshop 0.2.9 python
|
certbot-dns-dnsimple 2.11.0 python
|
||||||
certbot-dns-dreamhost 1.0 python
|
certbot-dns-dnsmadeeasy 2.11.0 python
|
||||||
certbot-dns-duckdns 1.3 python
|
certbot-dns-dnspod 0.1.0 python
|
||||||
certbot-dns-dynu 0.0.4 python
|
certbot-dns-do 0.31.0 python
|
||||||
certbot-dns-freedns 0.1.0 python
|
certbot-dns-domeneshop 0.2.9 python
|
||||||
certbot-dns-gehirn 2.6.0 python
|
certbot-dns-dreamhost 1.0 python
|
||||||
certbot-dns-godaddy 0.2.2 python
|
certbot-dns-duckdns 1.3 python
|
||||||
certbot-dns-google 2.7.4 python
|
certbot-dns-dynudns 0.0.6 python
|
||||||
certbot-dns-google-domains 0.1.11 python
|
certbot-dns-freedns 0.2.0 python
|
||||||
certbot-dns-he 1.0.0 python
|
certbot-dns-gehirn 2.11.0 python
|
||||||
certbot-dns-hetzner 2.0.0 python
|
certbot-dns-glesys 2.1.0 python
|
||||||
certbot-dns-infomaniak 0.2.1 python
|
certbot-dns-godaddy 2.8.0 python
|
||||||
certbot-dns-inwx 2.2.0 python
|
certbot-dns-google 2.11.0 python
|
||||||
certbot-dns-ionos 2022.11.24 python
|
certbot-dns-he 1.0.0 python
|
||||||
certbot-dns-linode 2.6.0 python
|
certbot-dns-hetzner 2.0.1 python
|
||||||
certbot-dns-loopia 1.0.1 python
|
certbot-dns-infomaniak 0.2.2 python
|
||||||
certbot-dns-luadns 2.6.0 python
|
certbot-dns-inwx 2.2.0 python
|
||||||
certbot-dns-namecheap 1.0.0 python
|
certbot-dns-ionos 2024.1.8 python
|
||||||
certbot-dns-netcup 1.3.1 python
|
certbot-dns-linode 2.11.0 python
|
||||||
certbot-dns-njalla 1.0.0 python
|
certbot-dns-loopia 1.0.1 python
|
||||||
certbot-dns-nsone 2.6.0 python
|
certbot-dns-luadns 2.11.0 python
|
||||||
certbot-dns-ovh 2.6.0 python
|
certbot-dns-namecheap 1.0.0 python
|
||||||
certbot-dns-porkbun 0.8 python
|
certbot-dns-netcup 1.4.3 python
|
||||||
certbot-dns-rfc2136 2.7.4 python
|
certbot-dns-njalla 1.0.0 python
|
||||||
certbot-dns-route53 2.7.4 python
|
certbot-dns-nsone 2.11.0 python
|
||||||
certbot-dns-sakuracloud 2.6.0 python
|
certbot-dns-ovh 2.11.0 python
|
||||||
certbot-dns-standalone 1.1 python
|
certbot-dns-porkbun 0.8 python
|
||||||
certbot-dns-transip 0.5.2 python
|
certbot-dns-rfc2136 2.11.0 python
|
||||||
certbot-dns-vultr 1.1.0 python
|
certbot-dns-route53 2.11.0 python
|
||||||
certbot-plugin-gandi 1.4.3 python
|
certbot-dns-sakuracloud 2.11.0 python
|
||||||
certifi 2023.7.22 python
|
certbot-dns-standalone 1.1 python
|
||||||
cffi 1.16.0 python
|
certbot-dns-transip 0.5.2 python
|
||||||
charset-normalizer 3.3.2 python
|
certbot-dns-vultr 1.1.0 python
|
||||||
cloudflare 2.12.4 python
|
certbot-plugin-gandi 1.5.0 python
|
||||||
configobj 5.0.8 python
|
certifi 2024.7.4 python
|
||||||
coreutils 9.3-r1 apk
|
cffi 1.16.0 python
|
||||||
cryptography 41.0.5 python
|
charset-normalizer 3.3.2 python
|
||||||
curl 8.4.0-r0 apk
|
cloudflare 2.19.4 python
|
||||||
dataclasses-json 0.5.14 python
|
composer 2.7.7 binary
|
||||||
distro 1.8.0 python
|
configobj 5.0.8 python
|
||||||
dns-lexicon 3.11.7 python
|
coreutils 9.5-r1 apk
|
||||||
dnslib 0.9.23 python
|
coreutils-env 9.5-r1 apk
|
||||||
dnspython 2.4.2 python
|
coreutils-fmt 9.5-r1 apk
|
||||||
domeneshop 0.4.3 python
|
coreutils-sha512sum 9.5-r1 apk
|
||||||
fail2ban 1.0.2 python
|
cryptography 43.0.0 python
|
||||||
fail2ban 1.0.2-r2 apk
|
curl 8.8.0-r0 apk
|
||||||
fail2ban-pyc 1.0.2-r2 apk
|
distro 1.9.0 python
|
||||||
filelock 3.13.1 python
|
dns-lexicon 3.17.0 python
|
||||||
fontconfig 2.14.2-r3 apk
|
dnslib 0.9.25 python
|
||||||
freetype 2.13.0-r5 apk
|
dnspython 2.6.1 python
|
||||||
future 0.18.3 python
|
domeneshop 0.4.4 python
|
||||||
gdbm 1.23-r1 apk
|
fail2ban 1.1.0 python
|
||||||
git 2.40.1-r0 apk
|
fail2ban 1.1.0-r0 apk
|
||||||
git-perl 2.40.1-r0 apk
|
fail2ban-pyc 1.1.0-r0 apk
|
||||||
gmp 6.2.1-r3 apk
|
filelock 3.15.4 python
|
||||||
gnupg 2.4.3-r0 apk
|
findutils 4.9.0-r5 apk
|
||||||
gnupg-dirmngr 2.4.3-r0 apk
|
fontconfig 2.15.0-r1 apk
|
||||||
gnupg-gpgconf 2.4.3-r0 apk
|
freetype 2.13.2-r0 apk
|
||||||
gnupg-keyboxd 2.4.3-r0 apk
|
future 1.0.0 python
|
||||||
gnupg-utils 2.4.3-r0 apk
|
gdbm 1.23-r1 apk
|
||||||
gnupg-wks-client 2.4.3-r0 apk
|
git 2.45.2-r0 apk
|
||||||
gnutls 3.8.0-r2 apk
|
git-init-template 2.45.2-r0 apk
|
||||||
google-api-core 2.12.0 python
|
git-perl 2.45.2-r0 apk
|
||||||
google-api-python-client 2.106.0 python
|
gmp 6.3.0-r1 apk
|
||||||
google-auth 2.23.4 python
|
gnupg 2.4.5-r0 apk
|
||||||
google-auth-httplib2 0.1.1 python
|
gnupg-dirmngr 2.4.5-r0 apk
|
||||||
googleapis-common-protos 1.61.0 python
|
gnupg-gpgconf 2.4.5-r0 apk
|
||||||
gpg 2.4.3-r0 apk
|
gnupg-keyboxd 2.4.5-r0 apk
|
||||||
gpg-agent 2.4.3-r0 apk
|
gnupg-utils 2.4.5-r0 apk
|
||||||
gpg-wks-server 2.4.3-r0 apk
|
gnupg-wks-client 2.4.5-r0 apk
|
||||||
gpgsm 2.4.3-r0 apk
|
gnutls 3.8.5-r0 apk
|
||||||
gpgv 2.4.3-r0 apk
|
google-api-core 2.19.1 python
|
||||||
httplib2 0.22.0 python
|
google-api-python-client 2.138.0 python
|
||||||
icu-data-en 73.2-r2 apk
|
google-auth 2.32.0 python
|
||||||
icu-libs 73.2-r2 apk
|
google-auth-httplib2 0.2.0 python
|
||||||
idna 3.4 python
|
googleapis-common-protos 1.63.2 python
|
||||||
importlib-metadata 6.8.0 python
|
gpg 2.4.5-r0 apk
|
||||||
ip6tables 1.8.9-r2 apk
|
gpg-agent 2.4.5-r0 apk
|
||||||
iptables 1.8.9-r2 apk
|
gpg-wks-server 2.4.5-r0 apk
|
||||||
isodate 0.6.1 python
|
gpgsm 2.4.5-r0 apk
|
||||||
jmespath 1.0.1 python
|
gpgv 2.4.5-r0 apk
|
||||||
josepy 1.14.0 python
|
httplib2 0.22.0 python
|
||||||
jq 1.6-r3 apk
|
icu-data-en 74.2-r0 apk
|
||||||
jsonlines 4.0.0 python
|
icu-libs 74.2-r0 apk
|
||||||
jsonpickle 3.0.2 python
|
idna 3.7 python
|
||||||
libacl 2.3.1-r3 apk
|
importlib_metadata 8.0.0 python
|
||||||
libassuan 2.5.6-r0 apk
|
importlib_resources 6.4.0 python
|
||||||
libattr 2.5.1-r4 apk
|
inflect 7.3.1 python
|
||||||
libavif 0.11.1-r2 apk
|
iptables 1.8.10-r3 apk
|
||||||
libbsd 0.11.7-r1 apk
|
isodate 0.6.1 python
|
||||||
libbz2 1.0.8-r5 apk
|
jaraco.context 5.3.0 python
|
||||||
libc-utils 0.7.2-r5 apk
|
jaraco.functools 4.0.1 python
|
||||||
libcrypto3 3.1.4-r0 apk
|
jaraco.text 3.12.1 python
|
||||||
libcurl 8.4.0-r0 apk
|
jmespath 1.0.1 python
|
||||||
libdav1d 1.2.1-r0 apk
|
josepy 1.14.0 python
|
||||||
libedit 20221030.3.1-r1 apk
|
jq 1.7.1-r0 apk
|
||||||
libevent 2.1.12-r6 apk
|
jsonlines 4.0.0 python
|
||||||
libexpat 2.5.0-r1 apk
|
jsonpickle 3.2.2 python
|
||||||
libffi 3.4.4-r2 apk
|
libacl 2.3.2-r0 apk
|
||||||
libgcc 12.2.1_git20220924-r10 apk
|
libassuan 2.5.7-r0 apk
|
||||||
libgcrypt 1.10.2-r1 apk
|
libattr 2.5.2-r0 apk
|
||||||
libgd 2.3.3-r7 apk
|
libavif 1.0.4-r0 apk
|
||||||
libgpg-error 1.47-r1 apk
|
libbsd 0.12.2-r0 apk
|
||||||
libice 1.1.1-r2 apk
|
libbz2 1.0.8-r6 apk
|
||||||
libidn2 2.3.4-r1 apk
|
libcrypto3 3.3.1-r3 apk
|
||||||
libintl 0.21.1-r7 apk
|
libcurl 8.8.0-r0 apk
|
||||||
libjpeg-turbo 2.1.5.1-r3 apk
|
libdav1d 1.4.2-r0 apk
|
||||||
libksba 1.6.4-r0 apk
|
libedit 20240517.3.1-r0 apk
|
||||||
libldap 2.6.5-r0 apk
|
libevent 2.1.12-r7 apk
|
||||||
libmaxminddb-libs 1.7.1-r1 apk
|
libexpat 2.6.2-r0 apk
|
||||||
libmcrypt 2.5.8-r10 apk
|
libffi 3.4.6-r0 apk
|
||||||
libmd 1.0.4-r2 apk
|
libgcc 13.2.1_git20240309-r0 apk
|
||||||
libmemcached-libs 1.1.4-r1 apk
|
libgcrypt 1.10.3-r0 apk
|
||||||
libmnl 1.0.5-r1 apk
|
libgd 2.3.3-r9 apk
|
||||||
libncursesw 6.4_p20230506-r0 apk
|
libgpg-error 1.49-r0 apk
|
||||||
libnftnl 1.2.5-r1 apk
|
libice 1.1.1-r6 apk
|
||||||
libpanelw 6.4_p20230506-r0 apk
|
libidn2 2.3.7-r0 apk
|
||||||
libpng 1.6.39-r3 apk
|
libintl 0.22.5-r0 apk
|
||||||
libpq 15.4-r0 apk
|
libjpeg-turbo 3.0.3-r0 apk
|
||||||
libproc2 4.0.4-r0 apk
|
libksba 1.6.6-r0 apk
|
||||||
libsasl 2.1.28-r4 apk
|
libldap 2.6.7-r0 apk
|
||||||
libseccomp 2.5.4-r2 apk
|
libmaxminddb-libs 1.9.1-r0 apk
|
||||||
libsm 1.2.4-r1 apk
|
libmcrypt 2.5.8-r10 apk
|
||||||
libsodium 1.0.18-r3 apk
|
libmd 1.1.0-r0 apk
|
||||||
libssl3 3.1.4-r0 apk
|
libmemcached-libs 1.1.4-r1 apk
|
||||||
libstdc++ 12.2.1_git20220924-r10 apk
|
libmnl 1.0.5-r2 apk
|
||||||
libtasn1 4.19.0-r1 apk
|
libncursesw 6.4_p20240420-r0 apk
|
||||||
libunistring 1.1-r1 apk
|
libnftnl 1.2.6-r0 apk
|
||||||
libuuid 2.38.1-r8 apk
|
libpanelw 6.4_p20240420-r0 apk
|
||||||
libwebp 1.3.2-r0 apk
|
libpng 1.6.43-r0 apk
|
||||||
libx11 1.8.7-r0 apk
|
libpq 16.3-r0 apk
|
||||||
libxau 1.0.11-r2 apk
|
libproc2 4.0.4-r0 apk
|
||||||
libxcb 1.15-r1 apk
|
libpsl 0.21.5-r1 apk
|
||||||
libxdmcp 1.1.4-r2 apk
|
libsasl 2.1.28-r6 apk
|
||||||
libxext 1.3.5-r2 apk
|
libseccomp 2.5.5-r1 apk
|
||||||
libxml2 2.11.4-r0 apk
|
libsharpyuv 1.3.2-r0 apk
|
||||||
libxpm 3.5.16-r1 apk
|
libsm 1.2.4-r4 apk
|
||||||
libxslt 1.1.38-r0 apk
|
libsodium 1.0.19-r0 apk
|
||||||
libxt 1.3.0-r2 apk
|
libssl3 3.3.1-r3 apk
|
||||||
libzip 1.9.2-r2 apk
|
libstdc++ 13.2.1_git20240309-r0 apk
|
||||||
linux-pam 1.5.2-r10 apk
|
libtasn1 4.19.0-r2 apk
|
||||||
logrotate 3.21.0-r1 apk
|
libunistring 1.2-r0 apk
|
||||||
loopialib 0.2.0 python
|
libuuid 2.40.1-r1 apk
|
||||||
lxml 4.9.3 python
|
libwebp 1.3.2-r0 apk
|
||||||
lz4-libs 1.9.4-r4 apk
|
libx11 1.8.9-r1 apk
|
||||||
marshmallow 3.20.1 python
|
libxau 1.0.11-r4 apk
|
||||||
memcached 1.6.21-r0 apk
|
libxcb 1.16.1-r0 apk
|
||||||
mock 5.1.0 python
|
libxdmcp 1.1.5-r1 apk
|
||||||
mpdecimal 2.5.1-r2 apk
|
libxext 1.3.6-r2 apk
|
||||||
msal 1.25.0 python
|
libxml2 2.12.7-r0 apk
|
||||||
msal-extensions 1.0.0 python
|
libxpm 3.5.17-r0 apk
|
||||||
musl 1.2.4-r2 apk
|
libxslt 1.1.39-r1 apk
|
||||||
musl-utils 1.2.4-r2 apk
|
libxt 1.3.0-r5 apk
|
||||||
mypy-extensions 1.0.0 python
|
libxtables 1.8.10-r3 apk
|
||||||
nano 7.2-r1 apk
|
libzip 1.10.1-r0 apk
|
||||||
ncurses-terminfo-base 6.4_p20230506-r0 apk
|
linux-pam 1.6.0-r0 apk
|
||||||
netcat-openbsd 1.219-r1 apk
|
logrotate 3.21.0-r1 apk
|
||||||
nettle 3.8.1-r2 apk
|
loopialib 0.2.0 python
|
||||||
nghttp2-libs 1.57.0-r0 apk
|
lxml 5.2.2 python
|
||||||
nginx 1.24.0-r7 apk
|
lz4-libs 1.9.4-r5 apk
|
||||||
nginx-mod-devel-kit 1.24.0-r7 apk
|
memcached 1.6.27-r0 apk
|
||||||
nginx-mod-http-brotli 1.24.0-r7 apk
|
mock 5.1.0 python
|
||||||
nginx-mod-http-dav-ext 1.24.0-r7 apk
|
more-itertools 10.3.0 python
|
||||||
nginx-mod-http-echo 1.24.0-r7 apk
|
mpdecimal 4.0.0-r0 apk
|
||||||
nginx-mod-http-fancyindex 1.24.0-r7 apk
|
msal 1.30.0 python
|
||||||
nginx-mod-http-geoip2 1.24.0-r7 apk
|
msal-extensions 1.2.0 python
|
||||||
nginx-mod-http-headers-more 1.24.0-r7 apk
|
musl 1.2.5-r0 apk
|
||||||
nginx-mod-http-image-filter 1.24.0-r7 apk
|
musl-utils 1.2.5-r0 apk
|
||||||
nginx-mod-http-perl 1.24.0-r7 apk
|
my-test-package 1.0 python
|
||||||
nginx-mod-http-redis2 1.24.0-r7 apk
|
nano 8.0-r0 apk
|
||||||
nginx-mod-http-set-misc 1.24.0-r7 apk
|
ncurses-terminfo-base 6.4_p20240420-r0 apk
|
||||||
nginx-mod-http-upload-progress 1.24.0-r7 apk
|
netcat-openbsd 1.226-r0 apk
|
||||||
nginx-mod-http-xslt-filter 1.24.0-r7 apk
|
nettle 3.9.1-r0 apk
|
||||||
nginx-mod-mail 1.24.0-r7 apk
|
nghttp2-libs 1.62.1-r0 apk
|
||||||
nginx-mod-rtmp 1.24.0-r7 apk
|
nginx 1.26.1-r0 apk
|
||||||
nginx-mod-stream 1.24.0-r7 apk
|
nginx-mod-devel-kit 1.26.1-r0 apk
|
||||||
nginx-mod-stream-geoip2 1.24.0-r7 apk
|
nginx-mod-http-brotli 1.26.1-r0 apk
|
||||||
nginx-vim 1.24.0-r7 apk
|
nginx-mod-http-dav-ext 1.26.1-r0 apk
|
||||||
npth 1.6-r4 apk
|
nginx-mod-http-echo 1.26.1-r0 apk
|
||||||
oniguruma 6.9.8-r1 apk
|
nginx-mod-http-fancyindex 1.26.1-r0 apk
|
||||||
openssl 3.1.4-r0 apk
|
nginx-mod-http-geoip2 1.26.1-r0 apk
|
||||||
p11-kit 0.24.1-r2 apk
|
nginx-mod-http-headers-more 1.26.1-r0 apk
|
||||||
packaging 23.2 python
|
nginx-mod-http-image-filter 1.26.1-r0 apk
|
||||||
parsedatetime 2.6 python
|
nginx-mod-http-perl 1.26.1-r0 apk
|
||||||
pcre 8.45-r3 apk
|
nginx-mod-http-redis2 1.26.1-r0 apk
|
||||||
pcre2 10.42-r1 apk
|
nginx-mod-http-set-misc 1.26.1-r0 apk
|
||||||
perl 5.36.1-r2 apk
|
nginx-mod-http-upload-progress 1.26.1-r0 apk
|
||||||
perl-error 0.17029-r1 apk
|
nginx-mod-http-xslt-filter 1.26.1-r0 apk
|
||||||
perl-git 2.40.1-r0 apk
|
nginx-mod-mail 1.26.1-r0 apk
|
||||||
php82 8.2.10-r0 apk
|
nginx-mod-rtmp 1.26.1-r0 apk
|
||||||
php82-bcmath 8.2.10-r0 apk
|
nginx-mod-stream 1.26.1-r0 apk
|
||||||
php82-bz2 8.2.10-r0 apk
|
nginx-mod-stream-geoip2 1.26.1-r0 apk
|
||||||
php82-common 8.2.10-r0 apk
|
nginx-vim 1.26.1-r0 apk
|
||||||
php82-ctype 8.2.10-r0 apk
|
npth 1.6-r4 apk
|
||||||
php82-curl 8.2.10-r0 apk
|
oniguruma 6.9.9-r0 apk
|
||||||
php82-dom 8.2.10-r0 apk
|
openssl 3.3.1-r3 apk
|
||||||
php82-exif 8.2.10-r0 apk
|
ordered-set 4.1.0 python
|
||||||
php82-fileinfo 8.2.10-r0 apk
|
p11-kit 0.25.3-r0 apk
|
||||||
php82-fpm 8.2.10-r0 apk
|
packaging 24.1 python
|
||||||
php82-ftp 8.2.10-r0 apk
|
parsedatetime 2.6 python
|
||||||
php82-gd 8.2.10-r0 apk
|
pcre 8.45-r3 apk
|
||||||
php82-gmp 8.2.10-r0 apk
|
pcre2 10.43-r0 apk
|
||||||
php82-iconv 8.2.10-r0 apk
|
perl 5.38.2-r0 apk
|
||||||
php82-imap 8.2.10-r0 apk
|
perl-error 0.17029-r2 apk
|
||||||
php82-intl 8.2.10-r0 apk
|
perl-git 2.45.2-r0 apk
|
||||||
php82-ldap 8.2.10-r0 apk
|
php83 8.3.9-r0 apk
|
||||||
php82-mbstring 8.2.10-r0 apk
|
php83-bcmath 8.3.9-r0 apk
|
||||||
php82-mysqli 8.2.10-r0 apk
|
php83-bz2 8.3.9-r0 apk
|
||||||
php82-mysqlnd 8.2.10-r0 apk
|
php83-common 8.3.9-r0 apk
|
||||||
php82-opcache 8.2.10-r0 apk
|
php83-ctype 8.3.9-r0 apk
|
||||||
php82-openssl 8.2.10-r0 apk
|
php83-curl 8.3.9-r0 apk
|
||||||
php82-pdo 8.2.10-r0 apk
|
php83-dom 8.3.9-r0 apk
|
||||||
php82-pdo_mysql 8.2.10-r0 apk
|
php83-exif 8.3.9-r0 apk
|
||||||
php82-pdo_odbc 8.2.10-r0 apk
|
php83-fileinfo 8.3.9-r0 apk
|
||||||
php82-pdo_pgsql 8.2.10-r0 apk
|
php83-fpm 8.3.9-r0 apk
|
||||||
php82-pdo_sqlite 8.2.10-r0 apk
|
php83-ftp 8.3.9-r0 apk
|
||||||
php82-pear 8.2.10-r0 apk
|
php83-gd 8.3.9-r0 apk
|
||||||
php82-pecl-apcu 5.1.22-r0 apk
|
php83-gmp 8.3.9-r0 apk
|
||||||
php82-pecl-igbinary 3.2.14-r0 apk
|
php83-iconv 8.3.9-r0 apk
|
||||||
php82-pecl-mcrypt 1.0.6-r0 apk
|
php83-imap 8.3.9-r0 apk
|
||||||
php82-pecl-memcached 3.2.0-r1 apk
|
php83-intl 8.3.9-r0 apk
|
||||||
php82-pecl-msgpack 2.2.0-r0 apk
|
php83-ldap 8.3.9-r0 apk
|
||||||
php82-pecl-redis 6.0.2-r0 apk
|
php83-mbstring 8.3.9-r0 apk
|
||||||
php82-pgsql 8.2.10-r0 apk
|
php83-mysqli 8.3.9-r0 apk
|
||||||
php82-phar 8.2.10-r0 apk
|
php83-mysqlnd 8.3.9-r0 apk
|
||||||
php82-posix 8.2.10-r0 apk
|
php83-opcache 8.3.9-r0 apk
|
||||||
php82-session 8.2.10-r0 apk
|
php83-openssl 8.3.9-r0 apk
|
||||||
php82-simplexml 8.2.10-r0 apk
|
php83-pdo 8.3.9-r0 apk
|
||||||
php82-soap 8.2.10-r0 apk
|
php83-pdo_mysql 8.3.9-r0 apk
|
||||||
php82-sockets 8.2.10-r0 apk
|
php83-pdo_odbc 8.3.9-r0 apk
|
||||||
php82-sodium 8.2.10-r0 apk
|
php83-pdo_pgsql 8.3.9-r0 apk
|
||||||
php82-sqlite3 8.2.10-r0 apk
|
php83-pdo_sqlite 8.3.9-r0 apk
|
||||||
php82-tokenizer 8.2.10-r0 apk
|
php83-pear 8.3.9-r0 apk
|
||||||
php82-xml 8.2.10-r0 apk
|
php83-pecl-apcu 5.1.23-r0 apk
|
||||||
php82-xmlreader 8.2.10-r0 apk
|
php83-pecl-igbinary 3.2.15-r0 apk
|
||||||
php82-xmlwriter 8.2.10-r0 apk
|
php83-pecl-mcrypt 1.0.7-r0 apk
|
||||||
php82-xsl 8.2.10-r0 apk
|
php83-pecl-memcached 3.2.0-r0 apk
|
||||||
php82-zip 8.2.10-r0 apk
|
php83-pecl-msgpack 2.2.0-r2 apk
|
||||||
pinentry 1.2.1-r1 apk
|
php83-pecl-redis 6.0.2-r0 apk
|
||||||
pip 23.3.1 python
|
php83-pgsql 8.3.9-r0 apk
|
||||||
pkb-client 1.2 python
|
php83-phar 8.3.9-r0 apk
|
||||||
popt 1.19-r2 apk
|
php83-posix 8.3.9-r0 apk
|
||||||
portalocker 2.8.2 python
|
php83-session 8.3.9-r0 apk
|
||||||
procps-ng 4.0.4-r0 apk
|
php83-simplexml 8.3.9-r0 apk
|
||||||
protobuf 4.25.0 python
|
php83-soap 8.3.9-r0 apk
|
||||||
publicsuffixlist 0.9.4 python
|
php83-sockets 8.3.9-r0 apk
|
||||||
pyOpenSSL 23.3.0 python
|
php83-sodium 8.3.9-r0 apk
|
||||||
pyRFC3339 1.1 python
|
php83-sqlite3 8.3.9-r0 apk
|
||||||
pyacmedns 0.4 python
|
php83-tokenizer 8.3.9-r0 apk
|
||||||
pyasn1 0.5.0 python
|
php83-xml 8.3.9-r0 apk
|
||||||
pyasn1-modules 0.3.0 python
|
php83-xmlreader 8.3.9-r0 apk
|
||||||
pyc 0.1-r0 apk
|
php83-xmlwriter 8.3.9-r0 apk
|
||||||
pycparser 2.21 python
|
php83-xsl 8.3.9-r0 apk
|
||||||
pyparsing 3.1.1 python
|
php83-zip 8.3.9-r0 apk
|
||||||
python-dateutil 2.8.2 python
|
pinentry 1.3.0-r0 apk
|
||||||
python-digitalocean 1.17.0 python
|
pip 24.1.2 python
|
||||||
python-transip 0.6.0 python
|
pkb-client 1.2 python
|
||||||
python3 3.11.6-r0 apk
|
platformdirs 4.2.2 python
|
||||||
python3-pyc 3.11.6-r0 apk
|
popt 1.19-r3 apk
|
||||||
python3-pycache-pyc0 3.11.6-r0 apk
|
portalocker 2.10.1 python
|
||||||
pytz 2023.3.post1 python
|
procps-ng 4.0.4-r0 apk
|
||||||
readline 8.2.1-r1 apk
|
proto-plus 1.24.0 python
|
||||||
requests 2.31.0 python
|
protobuf 5.27.2 python
|
||||||
requests-file 1.5.1 python
|
pyOpenSSL 24.2.1 python
|
||||||
requests-mock 1.11.0 python
|
pyRFC3339 1.1 python
|
||||||
rsa 4.9 python
|
pyacmedns 0.4 python
|
||||||
s3transfer 0.7.0 python
|
pyasn1 0.6.0 python
|
||||||
scanelf 1.3.7-r1 apk
|
pyasn1_modules 0.4.0 python
|
||||||
setuptools 65.5.0 python
|
pyc 3.12.3-r1 apk
|
||||||
shadow 4.13-r4 apk
|
pycparser 2.22 python
|
||||||
six 1.16.0 python
|
pyotp 2.9.0 python
|
||||||
skalibs 2.13.1.1-r1 apk
|
pyparsing 3.1.2 python
|
||||||
soupsieve 2.5 python
|
python-dateutil 2.9.0.post0 python
|
||||||
sqlite-libs 3.41.2-r2 apk
|
python-digitalocean 1.17.0 python
|
||||||
ssl_client 1.36.1-r4 apk
|
python-transip 0.6.0 python
|
||||||
tiff 4.5.1-r0 apk
|
python3 3.12.3-r1 apk
|
||||||
tldextract 5.0.1 python
|
python3-pyc 3.12.3-r1 apk
|
||||||
typing-inspect 0.9.0 python
|
python3-pycache-pyc0 3.12.3-r1 apk
|
||||||
typing_extensions 4.8.0 python
|
pytz 2024.1 python
|
||||||
tzdata 2023c-r1 apk
|
readline 8.2.10-r0 apk
|
||||||
unixodbc 2.3.11-r2 apk
|
requests 2.32.3 python
|
||||||
uritemplate 4.1.1 python
|
requests-file 2.1.0 python
|
||||||
urllib3 1.26.18 python
|
requests-mock 1.12.1 python
|
||||||
utmps-libs 0.1.2.1-r1 apk
|
rsa 4.9 python
|
||||||
wheel 0.41.3 python
|
s3transfer 0.10.2 python
|
||||||
whois 5.5.17-r0 apk
|
scanelf 1.3.7-r2 apk
|
||||||
xz-libs 5.4.3-r0 apk
|
setuptools 71.1.0 python
|
||||||
zipp 3.17.0 python
|
shadow 4.15.1-r0 apk
|
||||||
zlib 1.2.13-r1 apk
|
six 1.16.0 python
|
||||||
zope.interface 6.1 python
|
skalibs 2.14.1.1-r0 apk
|
||||||
zstd-libs 1.5.5-r4 apk
|
soupsieve 2.5 python
|
||||||
|
sqlite-libs 3.45.3-r1 apk
|
||||||
|
ssl_client 1.36.1-r29 apk
|
||||||
|
tiff 4.6.0t-r0 apk
|
||||||
|
tldextract 5.1.2 python
|
||||||
|
tomli 2.0.1 python
|
||||||
|
typeguard 4.3.0 python
|
||||||
|
typing_extensions 4.12.2 python (+1 duplicate)
|
||||||
|
tzdata 2024a-r1 apk
|
||||||
|
unixodbc 2.3.12-r0 apk
|
||||||
|
uritemplate 4.1.1 python
|
||||||
|
urllib3 2.2.2 python
|
||||||
|
utmps-libs 0.1.2.2-r1 apk
|
||||||
|
wheel 0.43.0 python (+1 duplicate)
|
||||||
|
whois 5.5.23-r0 apk
|
||||||
|
xz-libs 5.6.1-r3 apk
|
||||||
|
zipp 3.19.2 python
|
||||||
|
zlib 1.3.1-r1 apk
|
||||||
|
zope.interface 6.4.post2 python
|
||||||
|
zstd-libs 1.5.6-r0 apk
|
||||||
|
|||||||
@@ -7,40 +7,24 @@ project_logo: "https://github.com/linuxserver/docker-templates/raw/master/linuxs
|
|||||||
project_blurb: "SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention."
|
project_blurb: "SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention."
|
||||||
project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}"
|
project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}"
|
||||||
|
|
||||||
project_blurb_optional_extras_enabled: false
|
|
||||||
project_blurb_optional_extras: []
|
|
||||||
|
|
||||||
# supported architectures
|
# supported architectures
|
||||||
available_architectures:
|
available_architectures:
|
||||||
- { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
|
- { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
|
||||||
- { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
|
- { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
|
||||||
|
|
||||||
# development version
|
|
||||||
development_versions: false
|
|
||||||
development_versions_items:
|
|
||||||
- { tag: "latest", desc: "Stable releases" }
|
|
||||||
|
|
||||||
|
|
||||||
# container parameters
|
# container parameters
|
||||||
common_param_env_vars_enabled: true #PGID, PUID, etc, you can set it to 'optional'
|
common_param_env_vars_enabled: true
|
||||||
param_container_name: "{{ project_name }}"
|
param_container_name: "{{ project_name }}"
|
||||||
param_usage_include_net: false #you can set it to 'optional'
|
|
||||||
param_net: "host"
|
|
||||||
param_net_desc: "Shares host networking with container."
|
|
||||||
param_usage_include_env: true
|
param_usage_include_env: true
|
||||||
param_env_vars:
|
param_env_vars:
|
||||||
- { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London." }
|
|
||||||
- { env_var: "URL", env_value: "yourdomain.url", desc: "Top url you have control over (`customdomain.com` if you own it, or `customsubdomain.ddnsprovider.com` if dynamic dns)." }
|
- { env_var: "URL", env_value: "yourdomain.url", desc: "Top url you have control over (`customdomain.com` if you own it, or `customsubdomain.ddnsprovider.com` if dynamic dns)." }
|
||||||
- { env_var: "VALIDATION", env_value: "http", desc: "Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set)." }
|
- { env_var: "VALIDATION", env_value: "http", desc: "Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set).", env_options: ["http", "dns"] }
|
||||||
param_usage_include_vols: true
|
param_usage_include_vols: true
|
||||||
param_volumes:
|
param_volumes:
|
||||||
- { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "All the config files including the webroot reside here." }
|
- { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" }
|
||||||
param_usage_include_ports: true
|
param_usage_include_ports: true
|
||||||
param_ports:
|
param_ports:
|
||||||
- { external_port: "443", internal_port: "443", port_desc: "Https port" }
|
- { external_port: "443", internal_port: "443", port_desc: "Https port" }
|
||||||
param_device_map: false
|
|
||||||
param_devices:
|
|
||||||
- { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" }
|
|
||||||
cap_add_param: true
|
cap_add_param: true
|
||||||
cap_add_param_vars:
|
cap_add_param_vars:
|
||||||
- { cap_add_var: "NET_ADMIN" }
|
- { cap_add_var: "NET_ADMIN" }
|
||||||
@@ -50,27 +34,15 @@ opt_param_usage_include_env: true
|
|||||||
opt_param_env_vars:
|
opt_param_env_vars:
|
||||||
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
||||||
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
||||||
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynu`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
||||||
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
||||||
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
||||||
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
||||||
- { env_var: "EXTRA_DOMAINS", env_value: "", desc: "Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org`" }
|
- { env_var: "EXTRA_DOMAINS", env_value: "", desc: "Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org`" }
|
||||||
- { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." }
|
- { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." }
|
||||||
opt_param_usage_include_vols: false
|
|
||||||
opt_param_volumes:
|
|
||||||
- { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Configuration files." }
|
|
||||||
opt_param_usage_include_ports: true
|
opt_param_usage_include_ports: true
|
||||||
opt_param_ports:
|
opt_param_ports:
|
||||||
- { external_port: "80", internal_port: "80", port_desc: "Http port (required for http validation and http -> https redirect)" }
|
- { external_port: "80", internal_port: "80", port_desc: "Http port (required for http validation and http -> https redirect)" }
|
||||||
opt_param_device_map: false
|
|
||||||
opt_param_devices:
|
|
||||||
- { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" }
|
|
||||||
opt_cap_add_param: false
|
|
||||||
opt_cap_add_param_vars:
|
|
||||||
- { cap_add_var: "NET_ADMIN" }
|
|
||||||
|
|
||||||
optional_block_1: false
|
|
||||||
optional_block_1_items: ""
|
|
||||||
|
|
||||||
# application setup block
|
# application setup block
|
||||||
app_setup_block_enabled: true
|
app_setup_block_enabled: true
|
||||||
@@ -90,6 +62,21 @@ app_setup_block: |
|
|||||||
* After setup, navigate to `https://yourdomain.url` to access the default homepage (http access through port 80 is disabled by default, you can enable it by editing the default site config at `/config/nginx/site-confs/default.conf`).
|
* After setup, navigate to `https://yourdomain.url` to access the default homepage (http access through port 80 is disabled by default, you can enable it by editing the default site config at `/config/nginx/site-confs/default.conf`).
|
||||||
* Certs are checked nightly and if expiration is within 30 days, renewal is attempted. If your cert is about to expire in less than 30 days, check the logs under `/config/log/letsencrypt` to see why the renewals have been failing. It is recommended to input your e-mail in docker parameters so you receive expiration notices from Let's Encrypt in those circumstances.
|
* Certs are checked nightly and if expiration is within 30 days, renewal is attempted. If your cert is about to expire in less than 30 days, check the logs under `/config/log/letsencrypt` to see why the renewals have been failing. It is recommended to input your e-mail in docker parameters so you receive expiration notices from Let's Encrypt in those circumstances.
|
||||||
|
|
||||||
|
### Certbot Plugins
|
||||||
|
|
||||||
|
SWAG includes many Certbot plugins out of the box, but not all plugins can be includes.
|
||||||
|
If you need a plugin that is not included, the quickest way to have the plugin available is to use our [Universal Package Install Docker Mod](https://github.com/linuxserver/docker-mods/tree/universal-package-install).
|
||||||
|
|
||||||
|
Set the following environment variables on your container:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
DOCKER_MODS=linuxserver/mods:universal-package-install
|
||||||
|
INSTALL_PIP_PACKAGES=certbot-dns-<plugin>
|
||||||
|
```
|
||||||
|
|
||||||
|
Set the required credentials (usually found in the plugin documentation) in `/config/dns-conf/<plugin>.ini`.
|
||||||
|
It is recommended to attempt obtaining a certificate with `STAGING=true` first to make sure the plugin is working as expected.
|
||||||
|
|
||||||
### Security and password protection
|
### Security and password protection
|
||||||
|
|
||||||
* The container detects changes to url and subdomains, revokes existing certs and generates new ones during start.
|
* The container detects changes to url and subdomains, revokes existing certs and generates new ones during start.
|
||||||
@@ -153,6 +140,17 @@ app_setup_block: |
|
|||||||
|
|
||||||
# changelog
|
# changelog
|
||||||
changelogs:
|
changelogs:
|
||||||
|
- { date: "24.07.14:", desc: "Rebase to Alpine 3.20. Remove deprecated Google Domains certbot plugin. Existing users should update their nginx confs to avoid http2 deprecation warnings."}
|
||||||
|
- { date: "23.03.24:", desc: "Fix perms on the generated `priv-fullchain-bundle.pem`." }
|
||||||
|
- { date: "14.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38." }
|
||||||
|
- { date: "11.03.24:", desc: "Restore support for DynuDNS using `certbot-dns-dynudns`." }
|
||||||
|
- { date: "06.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf." }
|
||||||
|
- { date: "04.03.24:", desc: "Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`." }
|
||||||
|
- { date: "23.01.24:", desc: "Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate." }
|
||||||
|
- { date: "01.01.24:", desc: "Add GleSYS DNS plugin." }
|
||||||
|
- { date: "11.12.23:", desc: "Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins." }
|
||||||
|
- { date: "30.11.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404." }
|
||||||
|
- { date: "23.11.23:", desc: "Run certbot as root to allow fix http validation." }
|
||||||
- { date: "01.10.23:", desc: "Fix \"unrecognized arguments\" issue in DirectAdmin DNS plugin." }
|
- { date: "01.10.23:", desc: "Fix \"unrecognized arguments\" issue in DirectAdmin DNS plugin." }
|
||||||
- { date: "28.08.23:", desc: "Add Namecheap DNS plugin." }
|
- { date: "28.08.23:", desc: "Add Namecheap DNS plugin." }
|
||||||
- { date: "12.08.23:", desc: "Add FreeDNS plugin. Detect certbot DNS authenticators using CLI." }
|
- { date: "12.08.23:", desc: "Add FreeDNS plugin. Detect certbot DNS authenticators using CLI." }
|
||||||
|
|||||||
3
root/defaults/dns-conf/dynu-credentials.ini
Normal file
3
root/defaults/dns-conf/dynu-credentials.ini
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
# Instructions: https://github.com/DustyRah/certbot-dns-dynudns
|
||||||
|
# Replace with your API token from your dynudns account.
|
||||||
|
dns_dynu_auth_token = AbCbASsd!@34
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
# Instructions: https://github.com/bikram990/certbot-dns-dynu#configuration
|
|
||||||
# Replace with your API token from your dynu account.
|
|
||||||
dns_dynu_auth_token = AbCbASsd!@34
|
|
||||||
5
root/defaults/dns-conf/glesys.ini
Normal file
5
root/defaults/dns-conf/glesys.ini
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
# Instructions: https://github.com/runfalk/certbot-dns-glesys#usage
|
||||||
|
|
||||||
|
# GleSYS API credentials used by Certbot
|
||||||
|
dns_glesys_user = CL00000
|
||||||
|
dns_glesys_password = apikeygoeshere
|
||||||
@@ -1,4 +0,0 @@
|
|||||||
# Instructions: https://github.com/aaomidi/certbot-dns-google-domains#credentials
|
|
||||||
# Replace with your value
|
|
||||||
dns_google_domains_access_token = abcdef
|
|
||||||
dns_google_domains_zone = example.com
|
|
||||||
@@ -5,4 +5,5 @@ cd /config/keys/letsencrypt || exit 1
|
|||||||
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
|
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
|
||||||
sleep 1
|
sleep 1
|
||||||
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem
|
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem
|
||||||
|
chmod 600 priv-fullchain-bundle.pem
|
||||||
chown -R abc:abc /config/etc/letsencrypt
|
chown -R abc:abc /config/etc/letsencrypt
|
||||||
|
|||||||
@@ -12,4 +12,4 @@ datepattern = {^LN-BEG}
|
|||||||
|
|
||||||
# DEV NOTES:
|
# DEV NOTES:
|
||||||
#
|
#
|
||||||
# Author: Will L (driz@linuxserver.io)
|
# Author: notdriz
|
||||||
|
|||||||
@@ -1,10 +1,15 @@
|
|||||||
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
|
## Version 2024/03/14 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
|
||||||
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
||||||
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
||||||
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
# For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
||||||
|
# For authelia 4.38 and above, make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
|
||||||
|
|
||||||
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource
|
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource
|
||||||
auth_request /authelia/api/verify;
|
## For authelia 4.37 and below, use the following line
|
||||||
|
# auth_request /authelia/api/verify;
|
||||||
|
## For authelia 4.38 and above, use the following line
|
||||||
|
auth_request /authelia/api/authz/auth-request;
|
||||||
|
|
||||||
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
||||||
error_page 401 = @authelia_proxy_signin;
|
error_page 401 = @authelia_proxy_signin;
|
||||||
|
|
||||||
|
|||||||
@@ -1,18 +1,20 @@
|
|||||||
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
## Version 2024/03/16 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
||||||
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
||||||
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
||||||
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
# For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
||||||
|
# For authelia 4.38 and above, make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
|
||||||
|
|
||||||
# location for authelia subfolder requests
|
# location for authelia subfolder requests
|
||||||
location ^~ /authelia {
|
location ^~ /authelia {
|
||||||
auth_request off; # requests to this subfolder must be accessible without authentication
|
auth_request off; # requests to this subfolder must be accessible without authentication
|
||||||
|
|
||||||
include /config/nginx/proxy.conf;
|
include /config/nginx/proxy.conf;
|
||||||
include /config/nginx/resolver.conf;
|
include /config/nginx/resolver.conf;
|
||||||
set $upstream_authelia authelia;
|
set $upstream_authelia authelia;
|
||||||
proxy_pass http://$upstream_authelia:9091;
|
proxy_pass http://$upstream_authelia:9091;
|
||||||
}
|
}
|
||||||
|
|
||||||
# location for authelia auth requests
|
# location for authelia 4.37 and below auth requests
|
||||||
location = /authelia/api/verify {
|
location = /authelia/api/verify {
|
||||||
internal;
|
internal;
|
||||||
|
|
||||||
@@ -29,6 +31,23 @@ location = /authelia/api/verify {
|
|||||||
proxy_set_header Content-Length "";
|
proxy_set_header Content-Length "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# location for authelia 4.38 and above auth requests
|
||||||
|
location = /authelia/api/authz/auth-request {
|
||||||
|
internal;
|
||||||
|
|
||||||
|
include /config/nginx/proxy.conf;
|
||||||
|
include /config/nginx/resolver.conf;
|
||||||
|
set $upstream_authelia authelia;
|
||||||
|
proxy_pass http://$upstream_authelia:9091;
|
||||||
|
|
||||||
|
## Include the Set-Cookie header if present
|
||||||
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
|
add_header Set-Cookie $set_cookie;
|
||||||
|
|
||||||
|
proxy_pass_request_body off;
|
||||||
|
proxy_set_header Content-Length "";
|
||||||
|
}
|
||||||
|
|
||||||
# virtual location for authelia 401 redirects
|
# virtual location for authelia 401 redirects
|
||||||
location @authelia_proxy_signin {
|
location @authelia_proxy_signin {
|
||||||
internal;
|
internal;
|
||||||
|
|||||||
@@ -4,6 +4,7 @@
|
|||||||
|
|
||||||
## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource
|
## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource
|
||||||
auth_request /outpost.goauthentik.io/auth/nginx;
|
auth_request /outpost.goauthentik.io/auth/nginx;
|
||||||
|
|
||||||
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
||||||
error_page 401 = @goauthentik_proxy_signin;
|
error_page 401 = @goauthentik_proxy_signin;
|
||||||
|
|
||||||
|
|||||||
@@ -5,6 +5,7 @@
|
|||||||
# location for authentik subfolder requests
|
# location for authentik subfolder requests
|
||||||
location ^~ /outpost.goauthentik.io {
|
location ^~ /outpost.goauthentik.io {
|
||||||
auth_request off; # requests to this subfolder must be accessible without authentication
|
auth_request off; # requests to this subfolder must be accessible without authentication
|
||||||
|
|
||||||
include /config/nginx/proxy.conf;
|
include /config/nginx/proxy.conf;
|
||||||
include /config/nginx/resolver.conf;
|
include /config/nginx/resolver.conf;
|
||||||
set $upstream_authentik authentik-server;
|
set $upstream_authentik authentik-server;
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
## Version 2023/06/05 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
|
## Version 2024/07/16 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
|
||||||
|
|
||||||
# redirect all traffic to https
|
# redirect all traffic to https
|
||||||
server {
|
server {
|
||||||
@@ -12,8 +12,8 @@ server {
|
|||||||
|
|
||||||
# main server block
|
# main server block
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2 default_server;
|
listen 443 ssl default_server;
|
||||||
listen [::]:443 ssl http2 default_server;
|
listen [::]:443 ssl default_server;
|
||||||
|
|
||||||
server_name _;
|
server_name _;
|
||||||
|
|
||||||
@@ -48,7 +48,7 @@ server {
|
|||||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||||
#include /config/nginx/authentik-location.conf;
|
#include /config/nginx/authentik-location.conf;
|
||||||
|
|
||||||
try_files $uri $uri/ /index.html /index.php$is_args$args =404;
|
try_files $uri $uri/ /index.html /index.htm /index.php$is_args$args;
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^(.+\.php)(.*)$ {
|
location ~ ^(.+\.php)(.*)$ {
|
||||||
@@ -66,6 +66,7 @@ server {
|
|||||||
#include /config/nginx/authentik-location.conf;
|
#include /config/nginx/authentik-location.conf;
|
||||||
|
|
||||||
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
||||||
|
if (!-f $document_root$fastcgi_script_name) { return 404; }
|
||||||
fastcgi_pass 127.0.0.1:9000;
|
fastcgi_pass 127.0.0.1:9000;
|
||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
include /etc/nginx/fastcgi_params;
|
include /etc/nginx/fastcgi_params;
|
||||||
|
|||||||
@@ -1,9 +1,8 @@
|
|||||||
# do daily/weekly/monthly maintenance
|
|
||||||
# min hour day month weekday command
|
# min hour day month weekday command
|
||||||
*/15 * * * * run-parts /etc/periodic/15min
|
*/15 * * * * run-parts /etc/periodic/15min
|
||||||
0 * * * * run-parts /etc/periodic/hourly
|
0 * * * * run-parts /etc/periodic/hourly
|
||||||
0 2 * * * run-parts /etc/periodic/daily
|
0 2 * * * run-parts /etc/periodic/daily
|
||||||
0 3 * * 6 run-parts /etc/periodic/weekly
|
0 3 * * 6 run-parts /etc/periodic/weekly
|
||||||
0 5 1 * * run-parts /etc/periodic/monthly
|
0 5 1 * * run-parts /etc/periodic/monthly
|
||||||
# renew letsencrypt certs
|
|
||||||
8 2 * * * /app/le-renew.sh >> /config/log/letsencrypt/letsencrypt.log 2>&1
|
8 2 * * * /app/le-renew.sh >> /config/log/letsencrypt/letsencrypt.log 2>&1
|
||||||
|
|||||||
@@ -23,6 +23,13 @@ for i in "${SANED_VARS[@]}"; do
|
|||||||
export echo "${i}"="$(echo "${!i}" | tr '[:upper:]' '[:lower:]')"
|
export echo "${i}"="$(echo "${!i}" | tr '[:upper:]' '[:lower:]')"
|
||||||
done
|
done
|
||||||
|
|
||||||
|
# Check for and install requested DNS plugins
|
||||||
|
if grep -q "universal-package-install" <<< "${DOCKER_MODS}" && grep -q "certbot-dns" <<< "${INSTALL_PIP_PACKAGES}"; then
|
||||||
|
echo "**** Installing requested dns plugins ****"
|
||||||
|
/etc/s6-overlay/s6-rc.d/init-mod-universal-package-install-add-package/run
|
||||||
|
/etc/s6-overlay/s6-rc.d/init-mods-package-install/run
|
||||||
|
fi
|
||||||
|
|
||||||
# check to make sure DNSPLUGIN is selected if dns validation is used
|
# check to make sure DNSPLUGIN is selected if dns validation is used
|
||||||
CERTBOT_DNS_AUTHENTICATORS=$(certbot plugins --authenticators 2>/dev/null | sed -e 's/^Entry point: EntryPoint(name='\''cpanel'\''/Entry point: EntryPoint(name='\''dns-cpanel'\''/' -e '/EntryPoint(name='\''dns-/!d' -e 's/^Entry point: EntryPoint(name='\''dns-\([^ ]*\)'\'',/\1/' | sort)
|
CERTBOT_DNS_AUTHENTICATORS=$(certbot plugins --authenticators 2>/dev/null | sed -e 's/^Entry point: EntryPoint(name='\''cpanel'\''/Entry point: EntryPoint(name='\''dns-cpanel'\''/' -e '/EntryPoint(name='\''dns-/!d' -e 's/^Entry point: EntryPoint(name='\''dns-\([^ ]*\)'\'',/\1/' | sort)
|
||||||
if [[ "${VALIDATION}" = "dns" ]] && ! echo "${CERTBOT_DNS_AUTHENTICATORS}" | grep -q "${DNSPLUGIN}"; then
|
if [[ "${VALIDATION}" = "dns" ]] && ! echo "${CERTBOT_DNS_AUTHENTICATORS}" | grep -q "${DNSPLUGIN}"; then
|
||||||
@@ -31,6 +38,12 @@ if [[ "${VALIDATION}" = "dns" ]] && ! echo "${CERTBOT_DNS_AUTHENTICATORS}" | gre
|
|||||||
sleep infinity
|
sleep infinity
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# set owner of certbot's CONFIG_DIR, WORK_DIR, and LOGS_DIR to abc
|
||||||
|
lsiown -R abc:abc \
|
||||||
|
/etc/letsencrypt \
|
||||||
|
/var/lib/letsencrypt \
|
||||||
|
/var/log/letsencrypt
|
||||||
|
|
||||||
# set_ini_value logic:
|
# set_ini_value logic:
|
||||||
# - if the name is not found in the file, append the name=value to the end of the file
|
# - if the name is not found in the file, append the name=value to the end of the file
|
||||||
# - if the name is found in the file, replace the value
|
# - if the name is found in the file, replace the value
|
||||||
@@ -46,6 +59,7 @@ function set_ini_value() {
|
|||||||
|
|
||||||
# ensure config files exist and has at least one value set (set_ini_value does not work on empty files)
|
# ensure config files exist and has at least one value set (set_ini_value does not work on empty files)
|
||||||
touch /config/etc/letsencrypt/cli.ini
|
touch /config/etc/letsencrypt/cli.ini
|
||||||
|
lsiown abc:abc /config/etc/letsencrypt/cli.ini
|
||||||
grep -qF 'agree-tos' /config/etc/letsencrypt/cli.ini || echo 'agree-tos=true' >>/config/etc/letsencrypt/cli.ini
|
grep -qF 'agree-tos' /config/etc/letsencrypt/cli.ini || echo 'agree-tos=true' >>/config/etc/letsencrypt/cli.ini
|
||||||
|
|
||||||
# copy dns default configs
|
# copy dns default configs
|
||||||
|
|||||||
@@ -1,38 +0,0 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
|
||||||
# shellcheck shell=bash
|
|
||||||
|
|
||||||
# make folders
|
|
||||||
mkdir -p \
|
|
||||||
/config/crontabs
|
|
||||||
|
|
||||||
## root
|
|
||||||
# if crontabs do not exist in config
|
|
||||||
if [[ ! -f /config/crontabs/root ]]; then
|
|
||||||
# copy crontab from system
|
|
||||||
if crontab -l -u root; then
|
|
||||||
crontab -l -u root >/config/crontabs/root
|
|
||||||
fi
|
|
||||||
|
|
||||||
# if crontabs still do not exist in config (were not copied from system)
|
|
||||||
# copy crontab from included defaults (using -n, do not overwrite an existing file)
|
|
||||||
cp -n /etc/crontabs/root /config/crontabs/ 2> >(grep -v 'cp: not replacing')
|
|
||||||
fi
|
|
||||||
# set permissions and import user crontabs
|
|
||||||
lsiown root:root /config/crontabs/root
|
|
||||||
crontab -u root /config/crontabs/root
|
|
||||||
|
|
||||||
## abc
|
|
||||||
# if crontabs do not exist in config
|
|
||||||
if [[ ! -f /config/crontabs/abc ]]; then
|
|
||||||
# copy crontab from system
|
|
||||||
if crontab -l -u abc; then
|
|
||||||
crontab -l -u abc >/config/crontabs/abc
|
|
||||||
fi
|
|
||||||
|
|
||||||
# if crontabs still do not exist in config (were not copied from system)
|
|
||||||
# copy crontab from included defaults (using -n, do not overwrite an existing file)
|
|
||||||
cp -n /etc/crontabs/abc /config/crontabs/ 2> >(grep -v 'cp: not replacing')
|
|
||||||
fi
|
|
||||||
# set permissions and import user crontabs
|
|
||||||
lsiown abc:abc /config/crontabs/abc
|
|
||||||
crontab -u abc /config/crontabs/abc
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
oneshot
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
/etc/s6-overlay/s6-rc.d/init-crontabs-config/run
|
|
||||||
@@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
# make our folders and links
|
# make our folders and links
|
||||||
mkdir -p \
|
mkdir -p \
|
||||||
/config/{fail2ban,crontabs,dns-conf} \
|
/config/{fail2ban,dns-conf} \
|
||||||
/config/etc/letsencrypt/renewal-hooks \
|
/config/etc/letsencrypt/renewal-hooks \
|
||||||
/config/log/{fail2ban,letsencrypt,nginx} \
|
/config/log/{fail2ban,letsencrypt,nginx} \
|
||||||
/config/nginx/proxy-confs \
|
/config/nginx/proxy-confs \
|
||||||
|
|||||||
@@ -9,5 +9,5 @@ if [[ -d /defaults/nginx/proxy-confs/ ]]; then
|
|||||||
-maxdepth 1 \
|
-maxdepth 1 \
|
||||||
-name "*.conf.sample" \
|
-name "*.conf.sample" \
|
||||||
-type f \
|
-type f \
|
||||||
-exec cp "{}" /config/nginx/proxy-confs/ +
|
-exec cp "{}" /config/nginx/proxy-confs/ \;
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user