mirror of
https://github.com/linuxserver/docker-swag.git
synced 2026-03-14 06:05:16 +09:00
Compare commits
71 Commits
2.8.0-ls27
...
2.11.0-ls3
| Author | SHA1 | Date | |
|---|---|---|---|
|
03286fc238 | ||
|
|
7391dc1bcf | ||
|
|
a7ea6a955b | ||
|
|
e149638808 | ||
|
|
41cb7cb104 | ||
|
|
1499cbe7de | ||
|
|
5a7d49ec43 | ||
|
|
efc2f55f48 | ||
|
|
95c13d0082 | ||
|
|
e05fc4b1e3 | ||
|
|
099e0e75a4 | ||
|
|
fc1675f3a1 | ||
|
|
dc1bc6d5b3 | ||
|
|
db6f61bd27 | ||
|
|
67f864c7b9 | ||
|
3f885d0415 | ||
|
|
280c4bde4b | ||
|
|
59e7865464 | ||
|
|
5c58fa9383 | ||
|
|
ae19b93cc7 | ||
|
|
5dee340726 | ||
|
|
3109ff8d9c | ||
|
|
4239dc22d4 | ||
|
|
44c6bd721b | ||
|
|
d4a6be8fad | ||
|
a66b478d1d | ||
|
|
9efac76e25 | ||
|
|
23c6384f2c | ||
|
|
13ede8ea87 | ||
|
a9391d07ee | ||
|
|
a00d272297 | ||
|
|
0207bd8f30 | ||
|
|
3fd209d686 | ||
|
|
87ced3fd3e | ||
|
|
3e342b0529 | ||
|
|
c9504bb55f | ||
|
|
2573149089 | ||
|
|
9b3f418afd | ||
|
|
c63b437e1f | ||
|
|
f14c6a7a3a | ||
|
|
4b4c103df4 | ||
|
|
26203c8c40 | ||
|
|
259850fcc5 | ||
|
|
c6474f07ea | ||
|
|
b6a196b93a | ||
|
|
3967276f06 | ||
|
|
4853736c4e | ||
|
|
a8d03c5280 | ||
|
|
907dfc8c03 | ||
|
|
bf21a51e10 | ||
|
|
32f72ac0b4 | ||
|
|
970fa75e87 | ||
|
|
137ad9f52e | ||
|
|
5d0ec79ac5 | ||
|
|
3145477f72 | ||
|
|
58b9470c52 | ||
|
|
68f5cf8d9e | ||
|
|
e8d452f4ce | ||
|
|
4abd6c9890 | ||
|
|
c335faabdc | ||
|
|
204dd90f9d | ||
|
|
92bfbc19cd | ||
|
|
cb3c74a6ee | ||
|
|
b7f40863fe | ||
|
|
ec6fca9418 | ||
|
|
25a2832056 | ||
|
|
3eabd75388 | ||
|
|
6ed17c1d52 | ||
|
|
e568785908 | ||
|
|
24b3540da5 | ||
|
|
bc31b51afb |
4
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
4
.github/ISSUE_TEMPLATE/issue.bug.yml
vendored
@@ -67,10 +67,10 @@ body:
|
|||||||
- type: textarea
|
- type: textarea
|
||||||
attributes:
|
attributes:
|
||||||
description: |
|
description: |
|
||||||
Provide a full docker log, output of "docker logs linuxserver.io"
|
Provide a full docker log, output of "docker logs swag"
|
||||||
label: Container logs
|
label: Container logs
|
||||||
placeholder: |
|
placeholder: |
|
||||||
Output of `docker logs linuxserver.io`
|
Output of `docker logs swag`
|
||||||
render: bash
|
render: bash
|
||||||
validations:
|
validations:
|
||||||
required: true
|
required: true
|
||||||
|
|||||||
2
.github/workflows/external_trigger.yml
vendored
2
.github/workflows/external_trigger.yml
vendored
@@ -7,7 +7,7 @@ jobs:
|
|||||||
external-trigger-master:
|
external-trigger-master:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
|
|
||||||
- name: External Trigger
|
- name: External Trigger
|
||||||
if: github.ref == 'refs/heads/master'
|
if: github.ref == 'refs/heads/master'
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ jobs:
|
|||||||
external-trigger-scheduler:
|
external-trigger-scheduler:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
with:
|
with:
|
||||||
fetch-depth: '0'
|
fetch-depth: '0'
|
||||||
|
|
||||||
|
|||||||
2
.github/workflows/package_trigger.yml
vendored
2
.github/workflows/package_trigger.yml
vendored
@@ -7,7 +7,7 @@ jobs:
|
|||||||
package-trigger-master:
|
package-trigger-master:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
|
|
||||||
- name: Package Trigger
|
- name: Package Trigger
|
||||||
if: github.ref == 'refs/heads/master'
|
if: github.ref == 'refs/heads/master'
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ jobs:
|
|||||||
package-trigger-scheduler:
|
package-trigger-scheduler:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3.1.0
|
- uses: actions/checkout@v4.1.1
|
||||||
with:
|
with:
|
||||||
fetch-depth: '0'
|
fetch-depth: '0'
|
||||||
|
|
||||||
|
|||||||
69
Dockerfile
69
Dockerfile
@@ -1,6 +1,6 @@
|
|||||||
# syntax=docker/dockerfile:1
|
# syntax=docker/dockerfile:1
|
||||||
|
|
||||||
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.18
|
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.19
|
||||||
|
|
||||||
# set version label
|
# set version label
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
@@ -45,39 +45,39 @@ RUN \
|
|||||||
nginx-mod-stream \
|
nginx-mod-stream \
|
||||||
nginx-mod-stream-geoip2 \
|
nginx-mod-stream-geoip2 \
|
||||||
nginx-vim \
|
nginx-vim \
|
||||||
php82-bcmath \
|
php83-bcmath \
|
||||||
php82-bz2 \
|
php83-bz2 \
|
||||||
php82-dom \
|
php83-dom \
|
||||||
php82-exif \
|
php83-exif \
|
||||||
php82-ftp \
|
php83-ftp \
|
||||||
php82-gd \
|
php83-gd \
|
||||||
php82-gmp \
|
php83-gmp \
|
||||||
php82-imap \
|
php83-imap \
|
||||||
php82-intl \
|
php83-intl \
|
||||||
php82-ldap \
|
php83-ldap \
|
||||||
php82-mysqli \
|
php83-mysqli \
|
||||||
php82-mysqlnd \
|
php83-mysqlnd \
|
||||||
php82-opcache \
|
php83-opcache \
|
||||||
php82-pdo_mysql \
|
php83-pdo_mysql \
|
||||||
php82-pdo_odbc \
|
php83-pdo_odbc \
|
||||||
php82-pdo_pgsql \
|
php83-pdo_pgsql \
|
||||||
php82-pdo_sqlite \
|
php83-pdo_sqlite \
|
||||||
php82-pear \
|
php83-pear \
|
||||||
php82-pecl-apcu \
|
php83-pecl-apcu \
|
||||||
php82-pecl-memcached \
|
php83-pecl-memcached \
|
||||||
php82-pecl-redis \
|
php83-pecl-redis \
|
||||||
php82-pgsql \
|
php83-pgsql \
|
||||||
php82-posix \
|
php83-posix \
|
||||||
php82-soap \
|
php83-soap \
|
||||||
php82-sockets \
|
php83-sockets \
|
||||||
php82-sodium \
|
php83-sodium \
|
||||||
php82-sqlite3 \
|
php83-sqlite3 \
|
||||||
php82-tokenizer \
|
php83-tokenizer \
|
||||||
php82-xmlreader \
|
php83-xmlreader \
|
||||||
php82-xsl \
|
php83-xsl \
|
||||||
whois && \
|
whois && \
|
||||||
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
|
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
|
||||||
php82-pecl-mcrypt && \
|
php83-pecl-mcrypt && \
|
||||||
echo "**** install certbot plugins ****" && \
|
echo "**** install certbot plugins ****" && \
|
||||||
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
||||||
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
||||||
@@ -86,7 +86,7 @@ RUN \
|
|||||||
pip install -U --no-cache-dir \
|
pip install -U --no-cache-dir \
|
||||||
pip \
|
pip \
|
||||||
wheel && \
|
wheel && \
|
||||||
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
|
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.19/ \
|
||||||
certbot==${CERTBOT_VERSION} \
|
certbot==${CERTBOT_VERSION} \
|
||||||
certbot-dns-acmedns \
|
certbot-dns-acmedns \
|
||||||
certbot-dns-aliyun \
|
certbot-dns-aliyun \
|
||||||
@@ -104,6 +104,7 @@ RUN \
|
|||||||
certbot-dns-domeneshop \
|
certbot-dns-domeneshop \
|
||||||
certbot-dns-dreamhost \
|
certbot-dns-dreamhost \
|
||||||
certbot-dns-duckdns \
|
certbot-dns-duckdns \
|
||||||
|
certbot-dns-dynudns \
|
||||||
certbot-dns-freedns \
|
certbot-dns-freedns \
|
||||||
certbot-dns-gehirn \
|
certbot-dns-gehirn \
|
||||||
certbot-dns-glesys \
|
certbot-dns-glesys \
|
||||||
@@ -144,6 +145,8 @@ RUN \
|
|||||||
sed -i \
|
sed -i \
|
||||||
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
/defaults/nginx/ssl.conf.sample && \
|
||||||
|
echo "**** remove stream.conf ****" && \
|
||||||
|
rm -f /etc/nginx/conf.d/stream.conf && \
|
||||||
echo "**** correct ip6tables legacy issue ****" && \
|
echo "**** correct ip6tables legacy issue ****" && \
|
||||||
rm \
|
rm \
|
||||||
/sbin/ip6tables && \
|
/sbin/ip6tables && \
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
# syntax=docker/dockerfile:1
|
# syntax=docker/dockerfile:1
|
||||||
|
|
||||||
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.18
|
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.19
|
||||||
|
|
||||||
# set version label
|
# set version label
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
@@ -45,39 +45,39 @@ RUN \
|
|||||||
nginx-mod-stream \
|
nginx-mod-stream \
|
||||||
nginx-mod-stream-geoip2 \
|
nginx-mod-stream-geoip2 \
|
||||||
nginx-vim \
|
nginx-vim \
|
||||||
php82-bcmath \
|
php83-bcmath \
|
||||||
php82-bz2 \
|
php83-bz2 \
|
||||||
php82-dom \
|
php83-dom \
|
||||||
php82-exif \
|
php83-exif \
|
||||||
php82-ftp \
|
php83-ftp \
|
||||||
php82-gd \
|
php83-gd \
|
||||||
php82-gmp \
|
php83-gmp \
|
||||||
php82-imap \
|
php83-imap \
|
||||||
php82-intl \
|
php83-intl \
|
||||||
php82-ldap \
|
php83-ldap \
|
||||||
php82-mysqli \
|
php83-mysqli \
|
||||||
php82-mysqlnd \
|
php83-mysqlnd \
|
||||||
php82-opcache \
|
php83-opcache \
|
||||||
php82-pdo_mysql \
|
php83-pdo_mysql \
|
||||||
php82-pdo_odbc \
|
php83-pdo_odbc \
|
||||||
php82-pdo_pgsql \
|
php83-pdo_pgsql \
|
||||||
php82-pdo_sqlite \
|
php83-pdo_sqlite \
|
||||||
php82-pear \
|
php83-pear \
|
||||||
php82-pecl-apcu \
|
php83-pecl-apcu \
|
||||||
php82-pecl-memcached \
|
php83-pecl-memcached \
|
||||||
php82-pecl-redis \
|
php83-pecl-redis \
|
||||||
php82-pgsql \
|
php83-pgsql \
|
||||||
php82-posix \
|
php83-posix \
|
||||||
php82-soap \
|
php83-soap \
|
||||||
php82-sockets \
|
php83-sockets \
|
||||||
php82-sodium \
|
php83-sodium \
|
||||||
php82-sqlite3 \
|
php83-sqlite3 \
|
||||||
php82-tokenizer \
|
php83-tokenizer \
|
||||||
php82-xmlreader \
|
php83-xmlreader \
|
||||||
php82-xsl \
|
php83-xsl \
|
||||||
whois && \
|
whois && \
|
||||||
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
|
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \
|
||||||
php82-pecl-mcrypt && \
|
php83-pecl-mcrypt && \
|
||||||
echo "**** install certbot plugins ****" && \
|
echo "**** install certbot plugins ****" && \
|
||||||
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
if [ -z ${CERTBOT_VERSION+x} ]; then \
|
||||||
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
|
||||||
@@ -86,7 +86,7 @@ RUN \
|
|||||||
pip install -U --no-cache-dir \
|
pip install -U --no-cache-dir \
|
||||||
pip \
|
pip \
|
||||||
wheel && \
|
wheel && \
|
||||||
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
|
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.19/ \
|
||||||
certbot==${CERTBOT_VERSION} \
|
certbot==${CERTBOT_VERSION} \
|
||||||
certbot-dns-acmedns \
|
certbot-dns-acmedns \
|
||||||
certbot-dns-aliyun \
|
certbot-dns-aliyun \
|
||||||
@@ -104,6 +104,7 @@ RUN \
|
|||||||
certbot-dns-domeneshop \
|
certbot-dns-domeneshop \
|
||||||
certbot-dns-dreamhost \
|
certbot-dns-dreamhost \
|
||||||
certbot-dns-duckdns \
|
certbot-dns-duckdns \
|
||||||
|
certbot-dns-dynudns \
|
||||||
certbot-dns-freedns \
|
certbot-dns-freedns \
|
||||||
certbot-dns-gehirn \
|
certbot-dns-gehirn \
|
||||||
certbot-dns-glesys \
|
certbot-dns-glesys \
|
||||||
@@ -144,6 +145,8 @@ RUN \
|
|||||||
sed -i \
|
sed -i \
|
||||||
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
|
||||||
/defaults/nginx/ssl.conf.sample && \
|
/defaults/nginx/ssl.conf.sample && \
|
||||||
|
echo "**** remove stream.conf ****" && \
|
||||||
|
rm -f /etc/nginx/conf.d/stream.conf && \
|
||||||
echo "**** correct ip6tables legacy issue ****" && \
|
echo "**** correct ip6tables legacy issue ****" && \
|
||||||
rm \
|
rm \
|
||||||
/sbin/ip6tables && \
|
/sbin/ip6tables && \
|
||||||
|
|||||||
379
Jenkinsfile
vendored
379
Jenkinsfile
vendored
@@ -245,9 +245,11 @@ pipeline {
|
|||||||
-v ${WORKSPACE}:/mnt \
|
-v ${WORKSPACE}:/mnt \
|
||||||
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
|
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
|
||||||
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
|
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
|
||||||
ghcr.io/linuxserver/baseimage-alpine:3.17 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
ghcr.io/linuxserver/baseimage-alpine:3.19 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
||||||
apk add --no-cache py3-pip && \
|
apk add --no-cache python3 && \
|
||||||
pip install s3cmd && \
|
python3 -m venv /lsiopy && \
|
||||||
|
pip install --no-cache-dir -U pip && \
|
||||||
|
pip install --no-cache-dir s3cmd && \
|
||||||
s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
|
s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -262,150 +264,178 @@ pipeline {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
withCredentials([
|
sh '''#! /bin/bash
|
||||||
[
|
set -e
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
TEMPDIR=$(mktemp -d)
|
||||||
credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
|
docker pull ghcr.io/linuxserver/jenkins-builder:latest
|
||||||
usernameVariable: 'DOCKERUSER',
|
# Cloned repo paths for templating:
|
||||||
passwordVariable: 'DOCKERPASS'
|
# ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch master of ${LS_USER}/${LS_REPO} for running the jenkins builder on
|
||||||
]
|
# ${TEMPDIR}/repo/${LS_REPO}: Cloned branch master of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github
|
||||||
]) {
|
# ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github
|
||||||
sh '''#! /bin/bash
|
# ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos
|
||||||
set -e
|
# ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github
|
||||||
TEMPDIR=$(mktemp -d)
|
git clone --branch master --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME}
|
||||||
docker pull ghcr.io/linuxserver/jenkins-builder:latest
|
docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest
|
||||||
docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest
|
echo "Starting Stage 1 - Jenkinsfile update"
|
||||||
# Stage 1 - Jenkinsfile update
|
if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then
|
||||||
if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then
|
mkdir -p ${TEMPDIR}/repo
|
||||||
mkdir -p ${TEMPDIR}/repo
|
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
||||||
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
cd ${TEMPDIR}/repo/${LS_REPO}
|
||||||
cd ${TEMPDIR}/repo/${LS_REPO}
|
git checkout -f master
|
||||||
git checkout -f master
|
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/
|
||||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/
|
git add Jenkinsfile
|
||||||
git add Jenkinsfile
|
git commit -m 'Bot Updating Templated Files'
|
||||||
git commit -m 'Bot Updating Templated Files'
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit"
|
||||||
echo "Updating Jenkinsfile"
|
rm -Rf ${TEMPDIR}
|
||||||
rm -Rf ${TEMPDIR}
|
exit 0
|
||||||
exit 0
|
else
|
||||||
else
|
echo "Jenkinsfile is up to date."
|
||||||
echo "Jenkinsfile is up to date."
|
fi
|
||||||
|
echo "Starting Stage 2 - Delete old templates"
|
||||||
|
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
|
||||||
|
for i in ${OLD_TEMPLATES}; do
|
||||||
|
if [[ -f "${i}" ]]; then
|
||||||
|
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
|
||||||
fi
|
fi
|
||||||
# Stage 2 - Delete old templates
|
done
|
||||||
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf"
|
if [[ -n "${TEMPLATES_TO_DELETE}" ]]; then
|
||||||
for i in ${OLD_TEMPLATES}; do
|
mkdir -p ${TEMPDIR}/repo
|
||||||
if [[ -f "${i}" ]]; then
|
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
||||||
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
|
cd ${TEMPDIR}/repo/${LS_REPO}
|
||||||
fi
|
git checkout -f master
|
||||||
|
for i in ${TEMPLATES_TO_DELETE}; do
|
||||||
|
git rm "${i}"
|
||||||
done
|
done
|
||||||
if [[ -n "${TEMPLATES_TO_DELETE}" ]]; then
|
git commit -m 'Bot Updating Templated Files'
|
||||||
mkdir -p ${TEMPDIR}/repo
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
cd ${TEMPDIR}/repo/${LS_REPO}
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
git checkout -f master
|
echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit"
|
||||||
for i in ${TEMPLATES_TO_DELETE}; do
|
rm -Rf ${TEMPDIR}
|
||||||
git rm "${i}"
|
exit 0
|
||||||
done
|
else
|
||||||
git commit -m 'Bot Updating Templated Files'
|
echo "No templates to delete"
|
||||||
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
fi
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
echo "Starting Stage 3 - Update templates"
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
||||||
echo "Deleting old and deprecated templates"
|
cd ${TEMPDIR}/docker-${CONTAINER_NAME}
|
||||||
rm -Rf ${TEMPDIR}
|
NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
||||||
exit 0
|
if [[ "${CURRENTHASH}" != "${NEWHASH}" ]] || ! grep -q '.jenkins-external' "${WORKSPACE}/.gitignore" 2>/dev/null; then
|
||||||
else
|
mkdir -p ${TEMPDIR}/repo
|
||||||
echo "No templates to delete"
|
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
||||||
fi
|
cd ${TEMPDIR}/repo/${LS_REPO}
|
||||||
# Stage 3 - Update templates
|
git checkout -f master
|
||||||
CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
|
||||||
cd ${TEMPDIR}/docker-${CONTAINER_NAME}
|
cd ${TEMPDIR}/docker-${CONTAINER_NAME}
|
||||||
NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
|
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
|
||||||
if [[ "${CURRENTHASH}" != "${NEWHASH}" ]] || ! grep -q '.jenkins-external' "${WORKSPACE}/.gitignore" 2>/dev/null; then
|
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE
|
||||||
mkdir -p ${TEMPDIR}/repo
|
cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || :
|
||||||
git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
|
cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || :
|
||||||
cd ${TEMPDIR}/repo/${LS_REPO}
|
cd ${TEMPDIR}/repo/${LS_REPO}/
|
||||||
git checkout -f master
|
if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then
|
||||||
cd ${TEMPDIR}/docker-${CONTAINER_NAME}
|
echo ".jenkins-external" >> .gitignore
|
||||||
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
|
git add .gitignore
|
||||||
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE
|
fi
|
||||||
cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || :
|
git add readme-vars.yml ${TEMPLATED_FILES}
|
||||||
cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || :
|
git commit -m 'Bot Updating Templated Files'
|
||||||
cd ${TEMPDIR}/repo/${LS_REPO}/
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
||||||
echo ".jenkins-external" >> .gitignore
|
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
git add .gitignore
|
echo "Updating templates and exiting build, new one will trigger based on commit"
|
||||||
fi
|
rm -Rf ${TEMPDIR}
|
||||||
git add readme-vars.yml ${TEMPLATED_FILES}
|
exit 0
|
||||||
git commit -m 'Bot Updating Templated Files'
|
else
|
||||||
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master
|
echo "No templates to update"
|
||||||
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
fi
|
||||||
|
echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub"
|
||||||
|
mkdir -p ${TEMPDIR}/docs
|
||||||
|
git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
|
||||||
|
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
|
||||||
|
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
|
||||||
|
cd ${TEMPDIR}/docs/docker-documentation
|
||||||
|
GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
|
||||||
|
git add docs/images/docker-${CONTAINER_NAME}.md
|
||||||
|
echo "Updating docs repo"
|
||||||
|
git commit -m 'Bot Updating Documentation'
|
||||||
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} || \
|
||||||
|
(MAXWAIT="10" && echo "Push to docs failed, trying again in ${MAXWAIT} seconds" && \
|
||||||
|
sleep $((RANDOM % MAXWAIT)) && \
|
||||||
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase && \
|
||||||
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH})
|
||||||
|
else
|
||||||
|
echo "Docs update not needed, skipping"
|
||||||
|
fi
|
||||||
|
mkdir -p ${TEMPDIR}/unraid
|
||||||
|
git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
|
||||||
|
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
|
||||||
|
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
|
||||||
|
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||||
|
elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
|
||||||
|
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||||
|
fi
|
||||||
|
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
|
||||||
|
echo "Updating Unraid template"
|
||||||
|
cd ${TEMPDIR}/unraid/templates/
|
||||||
|
GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
|
||||||
|
if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list && [[ -f ${TEMPDIR}/unraid/templates/unraid/deprecated/${CONTAINER_NAME}.xml ]]; then
|
||||||
|
echo "Image is on the ignore list, and already in the deprecation folder."
|
||||||
|
elif grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then
|
||||||
|
echo "Image is on the ignore list, marking Unraid template as deprecated"
|
||||||
|
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
|
||||||
|
git add -u unraid/${CONTAINER_NAME}.xml
|
||||||
|
git mv unraid/${CONTAINER_NAME}.xml unraid/deprecated/${CONTAINER_NAME}.xml || :
|
||||||
|
git commit -m 'Bot Moving Deprecated Unraid Template' || :
|
||||||
else
|
else
|
||||||
echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
|
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
|
||||||
|
git add unraid/${CONTAINER_NAME}.xml
|
||||||
|
git commit -m 'Bot Updating Unraid Template'
|
||||||
fi
|
fi
|
||||||
mkdir -p ${TEMPDIR}/docs
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase
|
||||||
git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} || \
|
||||||
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
|
(MAXWAIT="10" && echo "Push to unraid templates failed, trying again in ${MAXWAIT} seconds" && \
|
||||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
|
sleep $((RANDOM % MAXWAIT)) && \
|
||||||
cd ${TEMPDIR}/docs/docker-documentation
|
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase && \
|
||||||
GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
|
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH})
|
||||||
git add docs/images/docker-${CONTAINER_NAME}.md
|
else
|
||||||
git commit -m 'Bot Updating Documentation'
|
echo "No updates to Unraid template needed, skipping"
|
||||||
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH}
|
fi
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH}
|
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then
|
||||||
|
if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then
|
||||||
|
echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub"
|
||||||
|
DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite"
|
||||||
|
else
|
||||||
|
echo "Syncing readme to Docker Hub"
|
||||||
|
DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md"
|
||||||
fi
|
fi
|
||||||
mkdir -p ${TEMPDIR}/unraid
|
if curl -s https://hub.docker.com/v2/namespaces/${DOCKERHUB_IMAGE%%/*}/repositories/${DOCKERHUB_IMAGE##*/}/tags | jq -r '.message' | grep -q 404; then
|
||||||
git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
|
echo "Docker Hub endpoint doesn't exist. Creating endpoint first."
|
||||||
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
|
DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token')
|
||||||
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
|
|
||||||
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
|
||||||
elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
|
|
||||||
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
|
||||||
fi
|
|
||||||
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
|
|
||||||
cd ${TEMPDIR}/unraid/templates/
|
|
||||||
GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
|
|
||||||
if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then
|
|
||||||
echo "Image is on the ignore list, marking Unraid template as deprecated"
|
|
||||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
|
|
||||||
git add -u unraid/${CONTAINER_NAME}.xml
|
|
||||||
git mv unraid/${CONTAINER_NAME}.xml unraid/deprecated/${CONTAINER_NAME}.xml || :
|
|
||||||
git commit -m 'Bot Moving Deprecated Unraid Template' || :
|
|
||||||
else
|
|
||||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
|
|
||||||
git add unraid/${CONTAINER_NAME}.xml
|
|
||||||
git commit -m 'Bot Updating Unraid Template'
|
|
||||||
fi
|
|
||||||
git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH}
|
|
||||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH}
|
|
||||||
fi
|
|
||||||
# Stage 4 - Sync Readme to Docker Hub
|
|
||||||
if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then
|
|
||||||
if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) > 25000 ]]; then
|
|
||||||
echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub"
|
|
||||||
DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite"
|
|
||||||
else
|
|
||||||
echo "Syncing readme to Docker Hub"
|
|
||||||
DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md"
|
|
||||||
fi
|
|
||||||
DH_TOKEN=$(curl -d '{"username":"'${DOCKERUSER}'", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token')
|
|
||||||
curl -s \
|
curl -s \
|
||||||
-H "Authorization: JWT ${DH_TOKEN}" \
|
-H "Authorization: JWT ${DH_TOKEN}" \
|
||||||
-H "Content-Type: application/json" \
|
-H "Content-Type: application/json" \
|
||||||
-X PATCH \
|
-X POST \
|
||||||
-d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \
|
-d '{"name":"'${DOCKERHUB_IMAGE##*/}'", "namespace":"'${DOCKERHUB_IMAGE%%/*}'"}' \
|
||||||
https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || :
|
https://hub.docker.com/v2/repositories/ || :
|
||||||
else
|
|
||||||
echo "Not the default Github branch. Skipping readme sync to Docker Hub."
|
|
||||||
fi
|
fi
|
||||||
rm -Rf ${TEMPDIR}'''
|
DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token')
|
||||||
script{
|
curl -s \
|
||||||
env.FILES_UPDATED = sh(
|
-H "Authorization: JWT ${DH_TOKEN}" \
|
||||||
script: '''cat /tmp/${COMMIT_SHA}-${BUILD_NUMBER}''',
|
-H "Content-Type: application/json" \
|
||||||
returnStdout: true).trim()
|
-X PATCH \
|
||||||
}
|
-d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \
|
||||||
|
https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || :
|
||||||
|
else
|
||||||
|
echo "Not the default Github branch. Skipping readme sync to Docker Hub."
|
||||||
|
fi
|
||||||
|
rm -Rf ${TEMPDIR}'''
|
||||||
|
script{
|
||||||
|
env.FILES_UPDATED = sh(
|
||||||
|
script: '''cat /tmp/${COMMIT_SHA}-${BUILD_NUMBER}''',
|
||||||
|
returnStdout: true).trim()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -455,14 +485,16 @@ pipeline {
|
|||||||
}
|
}
|
||||||
steps{
|
steps{
|
||||||
sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \
|
sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \
|
||||||
-d '{"namespace_id":'${GITLAB_NAMESPACE}',\
|
-d '{"namespace_id":'${GITLAB_NAMESPACE}',\
|
||||||
"name":"'${LS_REPO}'",
|
"name":"'${LS_REPO}'",
|
||||||
"mirror":true,\
|
"mirror":true,\
|
||||||
"import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\
|
"import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\
|
||||||
"issues_access_level":"disabled",\
|
"issues_access_level":"disabled",\
|
||||||
"merge_requests_access_level":"disabled",\
|
"merge_requests_access_level":"disabled",\
|
||||||
"repository_access_level":"enabled",\
|
"repository_access_level":"enabled",\
|
||||||
"visibility":"public"}' '''
|
"visibility":"public"}' '''
|
||||||
|
sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \
|
||||||
|
-d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" '''
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* ###############
|
/* ###############
|
||||||
@@ -493,6 +525,7 @@ pipeline {
|
|||||||
--label \"org.opencontainers.image.title=Swag\" \
|
--label \"org.opencontainers.image.title=Swag\" \
|
||||||
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
||||||
--no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
|
--no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \
|
||||||
|
--provenance=false --sbom=false \
|
||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -524,6 +557,7 @@ pipeline {
|
|||||||
--label \"org.opencontainers.image.title=Swag\" \
|
--label \"org.opencontainers.image.title=Swag\" \
|
||||||
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
||||||
--no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
|
--no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \
|
||||||
|
--provenance=false --sbom=false \
|
||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -552,6 +586,7 @@ pipeline {
|
|||||||
--label \"org.opencontainers.image.title=Swag\" \
|
--label \"org.opencontainers.image.title=Swag\" \
|
||||||
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
|
||||||
--no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
|
--no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \
|
||||||
|
--provenance=false --sbom=false \
|
||||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||||
sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
||||||
retry(5) {
|
retry(5) {
|
||||||
@@ -578,7 +613,7 @@ pipeline {
|
|||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
set -e
|
||||||
TEMPDIR=$(mktemp -d)
|
TEMPDIR=$(mktemp -d)
|
||||||
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
|
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" != "true" ]; then
|
||||||
LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG}
|
LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG}
|
||||||
else
|
else
|
||||||
LOCAL_CONTAINER=${IMAGE}:${META_TAG}
|
LOCAL_CONTAINER=${IMAGE}:${META_TAG}
|
||||||
@@ -675,7 +710,7 @@ pipeline {
|
|||||||
--shm-size=1gb \
|
--shm-size=1gb \
|
||||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||||
-e IMAGE=\"${IMAGE}\" \
|
-e IMAGE=\"${IMAGE}\" \
|
||||||
-e DELAY_START=\"${CI_DELAY}\" \
|
-e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \
|
||||||
-e TAGS=\"${CI_TAGS}\" \
|
-e TAGS=\"${CI_TAGS}\" \
|
||||||
-e META_TAG=\"${META_TAG}\" \
|
-e META_TAG=\"${META_TAG}\" \
|
||||||
-e PORT=\"${CI_PORT}\" \
|
-e PORT=\"${CI_PORT}\" \
|
||||||
@@ -703,12 +738,6 @@ pipeline {
|
|||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
withCredentials([
|
withCredentials([
|
||||||
[
|
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
|
||||||
credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
|
|
||||||
usernameVariable: 'DOCKERUSER',
|
|
||||||
passwordVariable: 'DOCKERPASS'
|
|
||||||
],
|
|
||||||
[
|
[
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
$class: 'UsernamePasswordMultiBinding',
|
||||||
credentialsId: 'Quay.io-Robot',
|
credentialsId: 'Quay.io-Robot',
|
||||||
@@ -719,7 +748,7 @@ pipeline {
|
|||||||
retry(5) {
|
retry(5) {
|
||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
set -e
|
||||||
echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin
|
echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
|
||||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||||
@@ -750,12 +779,6 @@ pipeline {
|
|||||||
}
|
}
|
||||||
steps {
|
steps {
|
||||||
withCredentials([
|
withCredentials([
|
||||||
[
|
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
|
||||||
credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
|
|
||||||
usernameVariable: 'DOCKERUSER',
|
|
||||||
passwordVariable: 'DOCKERPASS'
|
|
||||||
],
|
|
||||||
[
|
[
|
||||||
$class: 'UsernamePasswordMultiBinding',
|
$class: 'UsernamePasswordMultiBinding',
|
||||||
credentialsId: 'Quay.io-Robot',
|
credentialsId: 'Quay.io-Robot',
|
||||||
@@ -766,7 +789,7 @@ pipeline {
|
|||||||
retry(5) {
|
retry(5) {
|
||||||
sh '''#! /bin/bash
|
sh '''#! /bin/bash
|
||||||
set -e
|
set -e
|
||||||
echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin
|
echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
|
||||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||||
@@ -795,35 +818,13 @@ pipeline {
|
|||||||
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
|
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
|
||||||
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||||
fi
|
fi
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:latest || :
|
done
|
||||||
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
|
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
||||||
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
|
|
||||||
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
|
|
||||||
if [ -n "${SEMVER}" ]; then
|
if [ -n "${SEMVER}" ]; then
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
|
docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||||
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
|
||||||
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
|
|
||||||
fi
|
|
||||||
token=$(curl -sX GET "https://ghcr.io/token?scope=repository%3Alinuxserver%2F${CONTAINER_NAME}%3Apull" | jq -r '.token')
|
|
||||||
digest=$(curl -s \
|
|
||||||
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
|
|
||||||
--header "Authorization: Bearer ${token}" \
|
|
||||||
"https://ghcr.io/v2/linuxserver/${CONTAINER_NAME}/manifests/arm32v7-latest")
|
|
||||||
if [[ $(echo "$digest" | jq -r '.layers') != "null" ]]; then
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest || :
|
|
||||||
docker manifest create ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:amd64-latest
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest
|
|
||||||
fi
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:latest
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG}
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG}
|
|
||||||
if [ -n "${SEMVER}" ]; then
|
|
||||||
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER}
|
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
'''
|
'''
|
||||||
|
|||||||
16
README.md
16
README.md
@@ -28,7 +28,7 @@ Find us at:
|
|||||||
|
|
||||||
# [linuxserver/swag](https://github.com/linuxserver/docker-swag)
|
# [linuxserver/swag](https://github.com/linuxserver/docker-swag)
|
||||||
|
|
||||||
[](https://scarf.sh/gateway/linuxserver-ci/docker/linuxserver%2Fswag)
|
[](https://scarf.sh)
|
||||||
[](https://github.com/linuxserver/docker-swag)
|
[](https://github.com/linuxserver/docker-swag)
|
||||||
[](https://github.com/linuxserver/docker-swag/releases)
|
[](https://github.com/linuxserver/docker-swag/releases)
|
||||||
[](https://github.com/linuxserver/docker-swag/packages)
|
[](https://github.com/linuxserver/docker-swag/packages)
|
||||||
@@ -179,7 +179,7 @@ services:
|
|||||||
- EXTRA_DOMAINS= #optional
|
- EXTRA_DOMAINS= #optional
|
||||||
- STAGING=false #optional
|
- STAGING=false #optional
|
||||||
volumes:
|
volumes:
|
||||||
- /path/to/appdata/config:/config
|
- /path/to/swag/config:/config
|
||||||
ports:
|
ports:
|
||||||
- 443:443
|
- 443:443
|
||||||
- 80:80 #optional
|
- 80:80 #optional
|
||||||
@@ -207,7 +207,7 @@ docker run -d \
|
|||||||
-e STAGING=false `#optional` \
|
-e STAGING=false `#optional` \
|
||||||
-p 443:443 \
|
-p 443:443 \
|
||||||
-p 80:80 `#optional` \
|
-p 80:80 `#optional` \
|
||||||
-v /path/to/appdata/config:/config \
|
-v /path/to/swag/config:/config \
|
||||||
--restart unless-stopped \
|
--restart unless-stopped \
|
||||||
lscr.io/linuxserver/swag:latest
|
lscr.io/linuxserver/swag:latest
|
||||||
```
|
```
|
||||||
@@ -227,13 +227,13 @@ Containers are configured using parameters passed at runtime (such as those abov
|
|||||||
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
|
||||||
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
|
||||||
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
|
||||||
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
|
||||||
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
|
||||||
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
|
||||||
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
|
||||||
| `-e EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org` |
|
| `-e EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org` |
|
||||||
| `-e STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. |
|
| `-e STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. |
|
||||||
| `-v /config` | All the config files including the webroot reside here. |
|
| `-v /config` | Persistent config files |
|
||||||
|
|
||||||
### Portainer notice
|
### Portainer notice
|
||||||
|
|
||||||
@@ -400,6 +400,12 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
|||||||
|
|
||||||
## Versions
|
## Versions
|
||||||
|
|
||||||
|
* **23.03.24:** - Fix perms on the generated `priv-fullchain-bundle.pem`.
|
||||||
|
* **14.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38.
|
||||||
|
* **11.03.24:** - Restore support for DynuDNS using `certbot-dns-dynudns`.
|
||||||
|
* **06.03.24:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf.
|
||||||
|
* **04.03.24:** - Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`.
|
||||||
|
* **23.01.24:** - Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate.
|
||||||
* **01.01.24:** - Add GleSYS DNS plugin.
|
* **01.01.24:** - Add GleSYS DNS plugin.
|
||||||
* **11.12.23:** - Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins.
|
* **11.12.23:** - Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins.
|
||||||
* **30.11.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404.
|
* **30.11.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404.
|
||||||
|
|||||||
@@ -1,342 +1,349 @@
|
|||||||
NAME VERSION TYPE
|
NAME VERSION TYPE
|
||||||
ConfigArgParse 1.7 python
|
ConfigArgParse 1.7 python
|
||||||
PyJWT 2.8.0 python
|
PyJWT 2.8.0 python
|
||||||
PyNamecheap 0.0.3 python
|
PyNamecheap 0.0.3 python
|
||||||
PyYAML 6.0.1 python
|
PyYAML 6.0.1 python
|
||||||
Simple Launcher 1.1.0.14 dotnet
|
Simple Launcher 1.1.0.14 dotnet (+5 duplicates)
|
||||||
acme 2.8.0 python
|
acme 2.11.0 python
|
||||||
alpine-baselayout 3.4.3-r1 apk
|
alpine-baselayout 3.4.3-r2 apk
|
||||||
alpine-baselayout-data 3.4.3-r1 apk
|
alpine-baselayout-data 3.4.3-r2 apk
|
||||||
alpine-keys 2.4-r1 apk
|
alpine-keys 2.4-r1 apk
|
||||||
alpine-release 3.18.5-r0 apk
|
alpine-release 3.19.1-r0 apk
|
||||||
anyio 4.2.0 python
|
aom-libs 3.7.1-r0 apk
|
||||||
aom-libs 3.6.1-r0 apk
|
apache2-utils 2.4.59-r0 apk
|
||||||
apache2-utils 2.4.58-r0 apk
|
apk-tools 2.14.4-r0 apk
|
||||||
apk-tools 2.14.0-r2 apk
|
apr 1.7.4-r0 apk
|
||||||
apr 1.7.4-r0 apk
|
apr-util 1.6.3-r1 apk
|
||||||
apr-util 1.6.3-r1 apk
|
argon2-libs 20190702-r5 apk
|
||||||
argon2-libs 20190702-r4 apk
|
attrs 23.2.0 python
|
||||||
attrs 23.2.0 python
|
azure-common 1.1.28 python
|
||||||
azure-common 1.1.28 python
|
azure-core 1.30.2 python
|
||||||
azure-core 1.29.6 python
|
azure-identity 1.16.1 python
|
||||||
azure-identity 1.15.0 python
|
azure-mgmt-core 1.4.0 python
|
||||||
azure-mgmt-core 1.4.0 python
|
azure-mgmt-dns 8.1.0 python
|
||||||
azure-mgmt-dns 8.1.0 python
|
bash 5.2.21-r0 apk
|
||||||
bash 5.2.15-r5 apk
|
beautifulsoup4 4.12.3 python
|
||||||
beautifulsoup4 4.12.2 python
|
boto3 1.34.127 python
|
||||||
boto3 1.34.18 python
|
botocore 1.34.127 python
|
||||||
botocore 1.34.18 python
|
brotli-libs 1.1.0-r1 apk
|
||||||
brotli-libs 1.0.9-r14 apk
|
bs4 0.0.2 python
|
||||||
bs4 0.0.1 python
|
busybox 1.36.1-r18 apk
|
||||||
busybox 1.36.1-r5 apk
|
busybox-binsh 1.36.1-r18 apk
|
||||||
busybox-binsh 1.36.1-r5 apk
|
c-ares 1.27.0-r0 apk
|
||||||
c-client 2007f-r15 apk
|
c-client 2007f-r15 apk
|
||||||
ca-certificates 20230506-r0 apk
|
ca-certificates 20240226-r0 apk
|
||||||
ca-certificates-bundle 20230506-r0 apk
|
ca-certificates-bundle 20240226-r0 apk
|
||||||
cachetools 5.3.2 python
|
cachetools 5.3.3 python
|
||||||
certbot 2.8.0 python
|
catatonit 0.2.0-r0 apk
|
||||||
certbot-dns-acmedns 0.1.0 python
|
certbot 2.11.0 python
|
||||||
certbot-dns-aliyun 2.0.0 python
|
certbot-dns-acmedns 0.1.0 python
|
||||||
certbot-dns-azure 2.4.0 python
|
certbot-dns-aliyun 2.0.0 python
|
||||||
certbot-dns-bunny 0.0.9 python
|
certbot-dns-azure 2.5.0 python
|
||||||
certbot-dns-cloudflare 2.8.0 python
|
certbot-dns-bunny 0.0.9 python
|
||||||
certbot-dns-cpanel 0.4.0 python
|
certbot-dns-cloudflare 2.11.0 python
|
||||||
certbot-dns-desec 1.2.1 python
|
certbot-dns-cpanel 0.4.0 python
|
||||||
certbot-dns-digitalocean 2.8.0 python
|
certbot-dns-desec 1.2.1 python
|
||||||
certbot-dns-directadmin 1.0.3 python
|
certbot-dns-digitalocean 2.11.0 python
|
||||||
certbot-dns-dnsimple 2.8.0 python
|
certbot-dns-directadmin 1.0.4 python
|
||||||
certbot-dns-dnsmadeeasy 2.8.0 python
|
certbot-dns-dnsimple 2.11.0 python
|
||||||
certbot-dns-dnspod 0.1.0 python
|
certbot-dns-dnsmadeeasy 2.11.0 python
|
||||||
certbot-dns-do 0.31.0 python
|
certbot-dns-dnspod 0.1.0 python
|
||||||
certbot-dns-domeneshop 0.2.9 python
|
certbot-dns-do 0.31.0 python
|
||||||
certbot-dns-dreamhost 1.0 python
|
certbot-dns-domeneshop 0.2.9 python
|
||||||
certbot-dns-duckdns 1.3 python
|
certbot-dns-dreamhost 1.0 python
|
||||||
certbot-dns-freedns 0.1.0 python
|
certbot-dns-duckdns 1.3 python
|
||||||
certbot-dns-gehirn 2.8.0 python
|
certbot-dns-dynudns 0.0.6 python
|
||||||
certbot-dns-glesys 2.1.0 python
|
certbot-dns-freedns 0.2.0 python
|
||||||
certbot-dns-godaddy 2.8.0 python
|
certbot-dns-gehirn 2.11.0 python
|
||||||
certbot-dns-google 2.8.0 python
|
certbot-dns-glesys 2.1.0 python
|
||||||
certbot-dns-google-domains 0.1.11 python
|
certbot-dns-godaddy 2.8.0 python
|
||||||
certbot-dns-he 1.0.0 python
|
certbot-dns-google 2.11.0 python
|
||||||
certbot-dns-hetzner 2.0.0 python
|
certbot-dns-google-domains 0.1.11 python
|
||||||
certbot-dns-infomaniak 0.2.1 python
|
certbot-dns-he 1.0.0 python
|
||||||
certbot-dns-inwx 2.2.0 python
|
certbot-dns-hetzner 2.0.0 python
|
||||||
certbot-dns-ionos 2024.1.8 python
|
certbot-dns-infomaniak 0.2.2 python
|
||||||
certbot-dns-linode 2.8.0 python
|
certbot-dns-inwx 2.2.0 python
|
||||||
certbot-dns-loopia 1.0.1 python
|
certbot-dns-ionos 2024.1.8 python
|
||||||
certbot-dns-luadns 2.8.0 python
|
certbot-dns-linode 2.11.0 python
|
||||||
certbot-dns-namecheap 1.0.0 python
|
certbot-dns-loopia 1.0.1 python
|
||||||
certbot-dns-netcup 1.4.3 python
|
certbot-dns-luadns 2.11.0 python
|
||||||
certbot-dns-njalla 1.0.0 python
|
certbot-dns-namecheap 1.0.0 python
|
||||||
certbot-dns-nsone 2.8.0 python
|
certbot-dns-netcup 1.4.3 python
|
||||||
certbot-dns-ovh 2.8.0 python
|
certbot-dns-njalla 1.0.0 python
|
||||||
certbot-dns-porkbun 0.8 python
|
certbot-dns-nsone 2.11.0 python
|
||||||
certbot-dns-rfc2136 2.8.0 python
|
certbot-dns-ovh 2.11.0 python
|
||||||
certbot-dns-route53 2.8.0 python
|
certbot-dns-porkbun 0.8 python
|
||||||
certbot-dns-sakuracloud 2.8.0 python
|
certbot-dns-rfc2136 2.11.0 python
|
||||||
certbot-dns-standalone 1.1 python
|
certbot-dns-route53 2.11.0 python
|
||||||
certbot-dns-transip 0.5.2 python
|
certbot-dns-sakuracloud 2.11.0 python
|
||||||
certbot-dns-vultr 1.1.0 python
|
certbot-dns-standalone 1.1 python
|
||||||
certbot-plugin-gandi 1.5.0 python
|
certbot-dns-transip 0.5.2 python
|
||||||
certifi 2023.11.17 python
|
certbot-dns-vultr 1.1.0 python
|
||||||
cffi 1.16.0 python
|
certbot-plugin-gandi 1.5.0 python
|
||||||
charset-normalizer 3.3.2 python
|
certifi 2024.6.2 python
|
||||||
cloudflare 2.16.0 python
|
cffi 1.16.0 python
|
||||||
composer 2.6.6 binary
|
charset-normalizer 3.3.2 python
|
||||||
configobj 5.0.8 python
|
cloudflare 2.19.4 python
|
||||||
coreutils 9.3-r1 apk
|
composer 2.7.7 binary
|
||||||
cryptography 41.0.7 python
|
configobj 5.0.8 python
|
||||||
curl 8.5.0-r0 apk
|
coreutils 9.4-r2 apk
|
||||||
dataclasses-json 0.5.14 python
|
coreutils-env 9.4-r2 apk
|
||||||
distro 1.9.0 python
|
coreutils-fmt 9.4-r2 apk
|
||||||
dns-lexicon 3.17.0 python
|
coreutils-sha512sum 9.4-r2 apk
|
||||||
dnslib 0.9.24 python
|
cryptography 42.0.8 python
|
||||||
dnspython 2.4.2 python
|
curl 8.5.0-r0 apk
|
||||||
domeneshop 0.4.3 python
|
dataclasses-json 0.5.14 python
|
||||||
fail2ban 1.0.2 python
|
distro 1.9.0 python
|
||||||
fail2ban 1.0.2-r2 apk
|
dns-lexicon 3.17.0 python
|
||||||
fail2ban-pyc 1.0.2-r2 apk
|
dnslib 0.9.24 python
|
||||||
filelock 3.13.1 python
|
dnspython 2.6.1 python
|
||||||
fontconfig 2.14.2-r3 apk
|
domeneshop 0.4.4 python
|
||||||
freetype 2.13.0-r5 apk
|
fail2ban 1.0.2 python
|
||||||
future 0.18.3 python
|
fail2ban 1.0.2-r3 apk
|
||||||
gdbm 1.23-r1 apk
|
fail2ban-pyc 1.0.2-r3 apk
|
||||||
git 2.40.1-r0 apk
|
filelock 3.15.1 python
|
||||||
git-perl 2.40.1-r0 apk
|
findutils 4.9.0-r5 apk
|
||||||
gmp 6.2.1-r3 apk
|
fontconfig 2.14.2-r4 apk
|
||||||
gnupg 2.4.3-r0 apk
|
freetype 2.13.2-r0 apk
|
||||||
gnupg-dirmngr 2.4.3-r0 apk
|
future 1.0.0 python
|
||||||
gnupg-gpgconf 2.4.3-r0 apk
|
gdbm 1.23-r1 apk
|
||||||
gnupg-keyboxd 2.4.3-r0 apk
|
git 2.43.4-r0 apk
|
||||||
gnupg-utils 2.4.3-r0 apk
|
git-perl 2.43.4-r0 apk
|
||||||
gnupg-wks-client 2.4.3-r0 apk
|
gmp 6.3.0-r0 apk
|
||||||
gnutls 3.8.0-r2 apk
|
gnupg 2.4.4-r0 apk
|
||||||
google-api-core 2.15.0 python
|
gnupg-dirmngr 2.4.4-r0 apk
|
||||||
google-api-python-client 2.113.0 python
|
gnupg-gpgconf 2.4.4-r0 apk
|
||||||
google-auth 2.26.2 python
|
gnupg-keyboxd 2.4.4-r0 apk
|
||||||
google-auth-httplib2 0.2.0 python
|
gnupg-utils 2.4.4-r0 apk
|
||||||
googleapis-common-protos 1.62.0 python
|
gnupg-wks-client 2.4.4-r0 apk
|
||||||
gpg 2.4.3-r0 apk
|
gnutls 3.8.4-r0 apk
|
||||||
gpg-agent 2.4.3-r0 apk
|
google-api-core 2.19.0 python
|
||||||
gpg-wks-server 2.4.3-r0 apk
|
google-api-python-client 2.133.0 python
|
||||||
gpgsm 2.4.3-r0 apk
|
google-auth 2.30.0 python
|
||||||
gpgv 2.4.3-r0 apk
|
google-auth-httplib2 0.2.0 python
|
||||||
httplib2 0.22.0 python
|
googleapis-common-protos 1.63.1 python
|
||||||
icu-data-en 73.2-r2 apk
|
gpg 2.4.4-r0 apk
|
||||||
icu-libs 73.2-r2 apk
|
gpg-agent 2.4.4-r0 apk
|
||||||
idna 3.6 python
|
gpg-wks-server 2.4.4-r0 apk
|
||||||
ip6tables 1.8.9-r2 apk
|
gpgsm 2.4.4-r0 apk
|
||||||
iptables 1.8.9-r2 apk
|
gpgv 2.4.4-r0 apk
|
||||||
isodate 0.6.1 python
|
httplib2 0.22.0 python
|
||||||
jmespath 1.0.1 python
|
icu-data-en 74.1-r0 apk
|
||||||
josepy 1.14.0 python
|
icu-libs 74.1-r0 apk
|
||||||
jq 1.6-r4 apk
|
idna 3.7 python
|
||||||
jsonlines 4.0.0 python
|
iptables 1.8.10-r3 apk
|
||||||
jsonpickle 3.0.2 python
|
isodate 0.6.1 python
|
||||||
libacl 2.3.1-r3 apk
|
jmespath 1.0.1 python
|
||||||
libassuan 2.5.6-r0 apk
|
josepy 1.14.0 python
|
||||||
libattr 2.5.1-r4 apk
|
jq 1.7.1-r0 apk
|
||||||
libavif 0.11.1-r2 apk
|
jsonlines 4.0.0 python
|
||||||
libbsd 0.11.7-r1 apk
|
jsonpickle 3.2.1 python
|
||||||
libbz2 1.0.8-r5 apk
|
libacl 2.3.1-r4 apk
|
||||||
libc-utils 0.7.2-r5 apk
|
libassuan 2.5.6-r1 apk
|
||||||
libcrypto3 3.1.4-r3 apk
|
libattr 2.5.1-r5 apk
|
||||||
libcurl 8.5.0-r0 apk
|
libavif 1.0.3-r0 apk
|
||||||
libdav1d 1.2.1-r0 apk
|
libbsd 0.11.7-r3 apk
|
||||||
libedit 20221030.3.1-r1 apk
|
libbz2 1.0.8-r6 apk
|
||||||
libevent 2.1.12-r6 apk
|
libc-utils 0.7.2-r5 apk
|
||||||
libexpat 2.5.0-r1 apk
|
libcrypto3 3.1.5-r0 apk
|
||||||
libffi 3.4.4-r2 apk
|
libcurl 8.5.0-r0 apk
|
||||||
libgcc 12.2.1_git20220924-r10 apk
|
libdav1d 1.3.0-r1 apk
|
||||||
libgcrypt 1.10.2-r1 apk
|
libedit 20230828.3.1-r3 apk
|
||||||
libgd 2.3.3-r7 apk
|
libevent 2.1.12-r7 apk
|
||||||
libgpg-error 1.47-r1 apk
|
libexpat 2.6.2-r0 apk
|
||||||
libice 1.1.1-r2 apk
|
libffi 3.4.4-r3 apk
|
||||||
libidn2 2.3.4-r1 apk
|
libgcc 13.2.1_git20231014-r0 apk
|
||||||
libintl 0.21.1-r7 apk
|
libgcrypt 1.10.3-r0 apk
|
||||||
libjpeg-turbo 2.1.5.1-r3 apk
|
libgd 2.3.3-r8 apk
|
||||||
libksba 1.6.4-r0 apk
|
libgpg-error 1.47-r2 apk
|
||||||
libldap 2.6.5-r0 apk
|
libice 1.1.1-r5 apk
|
||||||
libmaxminddb-libs 1.7.1-r1 apk
|
libidn2 2.3.4-r4 apk
|
||||||
libmcrypt 2.5.8-r10 apk
|
libintl 0.22.3-r0 apk
|
||||||
libmd 1.0.4-r2 apk
|
libjpeg-turbo 3.0.1-r0 apk
|
||||||
libmemcached-libs 1.1.4-r1 apk
|
libksba 1.6.5-r0 apk
|
||||||
libmnl 1.0.5-r1 apk
|
libldap 2.6.6-r1 apk
|
||||||
libncursesw 6.4_p20230506-r0 apk
|
libmaxminddb-libs 1.7.1-r2 apk
|
||||||
libnftnl 1.2.5-r1 apk
|
libmcrypt 2.5.8-r10 apk
|
||||||
libpanelw 6.4_p20230506-r0 apk
|
libmd 1.1.0-r0 apk
|
||||||
libpng 1.6.39-r3 apk
|
libmemcached-libs 1.1.4-r1 apk
|
||||||
libpq 15.5-r0 apk
|
libmnl 1.0.5-r2 apk
|
||||||
libproc2 4.0.4-r0 apk
|
libncursesw 6.4_p20231125-r0 apk
|
||||||
libsasl 2.1.28-r4 apk
|
libnftnl 1.2.6-r0 apk
|
||||||
libseccomp 2.5.4-r2 apk
|
libpanelw 6.4_p20231125-r0 apk
|
||||||
libsm 1.2.4-r1 apk
|
libpng 1.6.40-r0 apk
|
||||||
libsodium 1.0.18-r3 apk
|
libpq 16.3-r0 apk
|
||||||
libssl3 3.1.4-r3 apk
|
libproc2 4.0.4-r0 apk
|
||||||
libstdc++ 12.2.1_git20220924-r10 apk
|
libsasl 2.1.28-r5 apk
|
||||||
libtasn1 4.19.0-r1 apk
|
libseccomp 2.5.5-r0 apk
|
||||||
libunistring 1.1-r1 apk
|
libsharpyuv 1.3.2-r0 apk
|
||||||
libuuid 2.38.1-r8 apk
|
libsm 1.2.4-r3 apk
|
||||||
libwebp 1.3.2-r0 apk
|
libsodium 1.0.19-r0 apk
|
||||||
libx11 1.8.7-r0 apk
|
libssl3 3.1.5-r0 apk
|
||||||
libxau 1.0.11-r2 apk
|
libstdc++ 13.2.1_git20231014-r0 apk
|
||||||
libxcb 1.15-r1 apk
|
libtasn1 4.19.0-r2 apk
|
||||||
libxdmcp 1.1.4-r2 apk
|
libunistring 1.1-r2 apk
|
||||||
libxext 1.3.5-r2 apk
|
libuuid 2.39.3-r0 apk
|
||||||
libxml2 2.11.6-r0 apk
|
libwebp 1.3.2-r0 apk
|
||||||
libxpm 3.5.16-r1 apk
|
libx11 1.8.7-r0 apk
|
||||||
libxslt 1.1.38-r0 apk
|
libxau 1.0.11-r3 apk
|
||||||
libxt 1.3.0-r2 apk
|
libxcb 1.16-r0 apk
|
||||||
libzip 1.9.2-r2 apk
|
libxdmcp 1.1.4-r3 apk
|
||||||
linux-pam 1.5.2-r10 apk
|
libxext 1.3.5-r3 apk
|
||||||
logrotate 3.21.0-r1 apk
|
libxml2 2.11.8-r0 apk
|
||||||
loopialib 0.2.0 python
|
libxpm 3.5.17-r0 apk
|
||||||
lxml 5.1.0 python
|
libxslt 1.1.39-r0 apk
|
||||||
lz4-libs 1.9.4-r4 apk
|
libxt 1.3.0-r4 apk
|
||||||
marshmallow 3.20.2 python
|
libxtables 1.8.10-r3 apk
|
||||||
memcached 1.6.21-r0 apk
|
libzip 1.10.1-r0 apk
|
||||||
mock 5.1.0 python
|
linux-pam 1.5.3-r7 apk
|
||||||
mpdecimal 2.5.1-r2 apk
|
logrotate 3.21.0-r1 apk
|
||||||
msal 1.26.0 python
|
loopialib 0.2.0 python
|
||||||
msal-extensions 1.1.0 python
|
lxml 5.2.2 python
|
||||||
musl 1.2.4-r2 apk
|
lz4-libs 1.9.4-r5 apk
|
||||||
musl-utils 1.2.4-r2 apk
|
marshmallow 3.21.3 python
|
||||||
mypy-extensions 1.0.0 python
|
memcached 1.6.22-r0 apk
|
||||||
nano 7.2-r1 apk
|
mock 5.1.0 python
|
||||||
ncurses-terminfo-base 6.4_p20230506-r0 apk
|
mpdecimal 2.5.1-r2 apk
|
||||||
netcat-openbsd 1.219-r1 apk
|
msal 1.28.1 python
|
||||||
nettle 3.8.1-r2 apk
|
msal-extensions 1.1.0 python
|
||||||
nghttp2-libs 1.57.0-r0 apk
|
musl 1.2.4_git20230717-r4 apk
|
||||||
nginx 1.24.0-r7 apk
|
musl-utils 1.2.4_git20230717-r4 apk
|
||||||
nginx-mod-devel-kit 1.24.0-r7 apk
|
mypy-extensions 1.0.0 python
|
||||||
nginx-mod-http-brotli 1.24.0-r7 apk
|
nano 7.2-r1 apk
|
||||||
nginx-mod-http-dav-ext 1.24.0-r7 apk
|
ncurses-terminfo-base 6.4_p20231125-r0 apk
|
||||||
nginx-mod-http-echo 1.24.0-r7 apk
|
netcat-openbsd 1.226-r0 apk
|
||||||
nginx-mod-http-fancyindex 1.24.0-r7 apk
|
nettle 3.9.1-r0 apk
|
||||||
nginx-mod-http-geoip2 1.24.0-r7 apk
|
nghttp2-libs 1.58.0-r0 apk
|
||||||
nginx-mod-http-headers-more 1.24.0-r7 apk
|
nginx 1.24.0-r16 apk
|
||||||
nginx-mod-http-image-filter 1.24.0-r7 apk
|
nginx-mod-devel-kit 1.24.0-r16 apk
|
||||||
nginx-mod-http-perl 1.24.0-r7 apk
|
nginx-mod-http-brotli 1.24.0-r16 apk
|
||||||
nginx-mod-http-redis2 1.24.0-r7 apk
|
nginx-mod-http-dav-ext 1.24.0-r16 apk
|
||||||
nginx-mod-http-set-misc 1.24.0-r7 apk
|
nginx-mod-http-echo 1.24.0-r16 apk
|
||||||
nginx-mod-http-upload-progress 1.24.0-r7 apk
|
nginx-mod-http-fancyindex 1.24.0-r16 apk
|
||||||
nginx-mod-http-xslt-filter 1.24.0-r7 apk
|
nginx-mod-http-geoip2 1.24.0-r16 apk
|
||||||
nginx-mod-mail 1.24.0-r7 apk
|
nginx-mod-http-headers-more 1.24.0-r16 apk
|
||||||
nginx-mod-rtmp 1.24.0-r7 apk
|
nginx-mod-http-image-filter 1.24.0-r16 apk
|
||||||
nginx-mod-stream 1.24.0-r7 apk
|
nginx-mod-http-perl 1.24.0-r16 apk
|
||||||
nginx-mod-stream-geoip2 1.24.0-r7 apk
|
nginx-mod-http-redis2 1.24.0-r16 apk
|
||||||
nginx-vim 1.24.0-r7 apk
|
nginx-mod-http-set-misc 1.24.0-r16 apk
|
||||||
npth 1.6-r4 apk
|
nginx-mod-http-upload-progress 1.24.0-r16 apk
|
||||||
oniguruma 6.9.8-r1 apk
|
nginx-mod-http-xslt-filter 1.24.0-r16 apk
|
||||||
openssl 3.1.4-r3 apk
|
nginx-mod-mail 1.24.0-r16 apk
|
||||||
p11-kit 0.24.1-r2 apk
|
nginx-mod-rtmp 1.24.0-r16 apk
|
||||||
packaging 23.2 python
|
nginx-mod-stream 1.24.0-r16 apk
|
||||||
parsedatetime 2.6 python
|
nginx-mod-stream-geoip2 1.24.0-r16 apk
|
||||||
pcre 8.45-r3 apk
|
nginx-vim 1.24.0-r16 apk
|
||||||
pcre2 10.42-r1 apk
|
npth 1.6-r4 apk
|
||||||
perl 5.36.2-r0 apk
|
oniguruma 6.9.9-r0 apk
|
||||||
perl-error 0.17029-r1 apk
|
openssl 3.1.5-r0 apk
|
||||||
perl-git 2.40.1-r0 apk
|
p11-kit 0.25.3-r0 apk
|
||||||
php82 8.2.13-r0 apk
|
packaging 24.1 python
|
||||||
php82-bcmath 8.2.13-r0 apk
|
parsedatetime 2.6 python
|
||||||
php82-bz2 8.2.13-r0 apk
|
pcre 8.45-r3 apk
|
||||||
php82-common 8.2.13-r0 apk
|
pcre2 10.42-r2 apk
|
||||||
php82-ctype 8.2.13-r0 apk
|
perl 5.38.2-r0 apk
|
||||||
php82-curl 8.2.13-r0 apk
|
perl-error 0.17029-r2 apk
|
||||||
php82-dom 8.2.13-r0 apk
|
perl-git 2.43.4-r0 apk
|
||||||
php82-exif 8.2.13-r0 apk
|
php83 8.3.8-r0 apk
|
||||||
php82-fileinfo 8.2.13-r0 apk
|
php83-bcmath 8.3.8-r0 apk
|
||||||
php82-fpm 8.2.13-r0 apk
|
php83-bz2 8.3.8-r0 apk
|
||||||
php82-ftp 8.2.13-r0 apk
|
php83-common 8.3.8-r0 apk
|
||||||
php82-gd 8.2.13-r0 apk
|
php83-ctype 8.3.8-r0 apk
|
||||||
php82-gmp 8.2.13-r0 apk
|
php83-curl 8.3.8-r0 apk
|
||||||
php82-iconv 8.2.13-r0 apk
|
php83-dom 8.3.8-r0 apk
|
||||||
php82-imap 8.2.13-r0 apk
|
php83-exif 8.3.8-r0 apk
|
||||||
php82-intl 8.2.13-r0 apk
|
php83-fileinfo 8.3.8-r0 apk
|
||||||
php82-ldap 8.2.13-r0 apk
|
php83-fpm 8.3.8-r0 apk
|
||||||
php82-mbstring 8.2.13-r0 apk
|
php83-ftp 8.3.8-r0 apk
|
||||||
php82-mysqli 8.2.13-r0 apk
|
php83-gd 8.3.8-r0 apk
|
||||||
php82-mysqlnd 8.2.13-r0 apk
|
php83-gmp 8.3.8-r0 apk
|
||||||
php82-opcache 8.2.13-r0 apk
|
php83-iconv 8.3.8-r0 apk
|
||||||
php82-openssl 8.2.13-r0 apk
|
php83-imap 8.3.8-r0 apk
|
||||||
php82-pdo 8.2.13-r0 apk
|
php83-intl 8.3.8-r0 apk
|
||||||
php82-pdo_mysql 8.2.13-r0 apk
|
php83-ldap 8.3.8-r0 apk
|
||||||
php82-pdo_odbc 8.2.13-r0 apk
|
php83-mbstring 8.3.8-r0 apk
|
||||||
php82-pdo_pgsql 8.2.13-r0 apk
|
php83-mysqli 8.3.8-r0 apk
|
||||||
php82-pdo_sqlite 8.2.13-r0 apk
|
php83-mysqlnd 8.3.8-r0 apk
|
||||||
php82-pear 8.2.13-r0 apk
|
php83-opcache 8.3.8-r0 apk
|
||||||
php82-pecl-apcu 5.1.22-r0 apk
|
php83-openssl 8.3.8-r0 apk
|
||||||
php82-pecl-igbinary 3.2.14-r0 apk
|
php83-pdo 8.3.8-r0 apk
|
||||||
php82-pecl-mcrypt 1.0.7-r0 apk
|
php83-pdo_mysql 8.3.8-r0 apk
|
||||||
php82-pecl-memcached 3.2.0-r1 apk
|
php83-pdo_odbc 8.3.8-r0 apk
|
||||||
php82-pecl-msgpack 2.2.0-r0 apk
|
php83-pdo_pgsql 8.3.8-r0 apk
|
||||||
php82-pecl-redis 6.0.2-r0 apk
|
php83-pdo_sqlite 8.3.8-r0 apk
|
||||||
php82-pgsql 8.2.13-r0 apk
|
php83-pear 8.3.8-r0 apk
|
||||||
php82-phar 8.2.13-r0 apk
|
php83-pecl-apcu 5.1.23-r0 apk
|
||||||
php82-posix 8.2.13-r0 apk
|
php83-pecl-igbinary 3.2.15-r0 apk
|
||||||
php82-session 8.2.13-r0 apk
|
php83-pecl-mcrypt 1.0.7-r0 apk
|
||||||
php82-simplexml 8.2.13-r0 apk
|
php83-pecl-memcached 3.2.0-r0 apk
|
||||||
php82-soap 8.2.13-r0 apk
|
php83-pecl-msgpack 2.2.0-r2 apk
|
||||||
php82-sockets 8.2.13-r0 apk
|
php83-pecl-redis 6.0.2-r0 apk
|
||||||
php82-sodium 8.2.13-r0 apk
|
php83-pgsql 8.3.8-r0 apk
|
||||||
php82-sqlite3 8.2.13-r0 apk
|
php83-phar 8.3.8-r0 apk
|
||||||
php82-tokenizer 8.2.13-r0 apk
|
php83-posix 8.3.8-r0 apk
|
||||||
php82-xml 8.2.13-r0 apk
|
php83-session 8.3.8-r0 apk
|
||||||
php82-xmlreader 8.2.13-r0 apk
|
php83-simplexml 8.3.8-r0 apk
|
||||||
php82-xmlwriter 8.2.13-r0 apk
|
php83-soap 8.3.8-r0 apk
|
||||||
php82-xsl 8.2.13-r0 apk
|
php83-sockets 8.3.8-r0 apk
|
||||||
php82-zip 8.2.13-r0 apk
|
php83-sodium 8.3.8-r0 apk
|
||||||
pinentry 1.2.1-r1 apk
|
php83-sqlite3 8.3.8-r0 apk
|
||||||
pip 23.3.2 python
|
php83-tokenizer 8.3.8-r0 apk
|
||||||
pkb-client 1.2 python
|
php83-xml 8.3.8-r0 apk
|
||||||
popt 1.19-r2 apk
|
php83-xmlreader 8.3.8-r0 apk
|
||||||
portalocker 2.8.2 python
|
php83-xmlwriter 8.3.8-r0 apk
|
||||||
procps-ng 4.0.4-r0 apk
|
php83-xsl 8.3.8-r0 apk
|
||||||
protobuf 4.25.2 python
|
php83-zip 8.3.8-r0 apk
|
||||||
publicsuffixlist 0.9.4 python
|
pinentry 1.2.1-r1 apk
|
||||||
pyOpenSSL 23.3.0 python
|
pip 24.0 python
|
||||||
pyRFC3339 1.1 python
|
pkb-client 1.2 python
|
||||||
pyacmedns 0.4 python
|
popt 1.19-r3 apk
|
||||||
pyasn1 0.5.1 python
|
portalocker 2.8.2 python
|
||||||
pyasn1-modules 0.3.0 python
|
procps-ng 4.0.4-r0 apk
|
||||||
pyc 0.1-r0 apk
|
proto-plus 1.23.0 python
|
||||||
pycparser 2.21 python
|
protobuf 4.25.3 python
|
||||||
pyotp 2.9.0 python
|
publicsuffixlist 0.9.4 python
|
||||||
pyparsing 3.1.1 python
|
pyOpenSSL 24.1.0 python
|
||||||
python-dateutil 2.8.2 python
|
pyRFC3339 1.1 python
|
||||||
python-digitalocean 1.17.0 python
|
pyacmedns 0.4 python
|
||||||
python-transip 0.6.0 python
|
pyasn1 0.6.0 python
|
||||||
python3 3.11.6-r0 apk
|
pyasn1_modules 0.4.0 python
|
||||||
python3-pyc 3.11.6-r0 apk
|
pyc 3.11.9-r0 apk
|
||||||
python3-pycache-pyc0 3.11.6-r0 apk
|
pycparser 2.22 python
|
||||||
pytz 2023.3.post1 python
|
pyotp 2.9.0 python
|
||||||
readline 8.2.1-r1 apk
|
pyparsing 3.1.2 python
|
||||||
requests 2.31.0 python
|
python-dateutil 2.9.0.post0 python
|
||||||
requests-file 1.5.1 python
|
python-digitalocean 1.17.0 python
|
||||||
requests-mock 1.11.0 python
|
python-transip 0.6.0 python
|
||||||
rsa 4.9 python
|
python3 3.11.9-r0 apk
|
||||||
s3transfer 0.10.0 python
|
python3-pyc 3.11.9-r0 apk
|
||||||
scanelf 1.3.7-r1 apk
|
python3-pycache-pyc0 3.11.9-r0 apk
|
||||||
setuptools 65.5.0 python
|
pytz 2024.1 python
|
||||||
shadow 4.13-r4 apk
|
readline 8.2.1-r2 apk
|
||||||
six 1.16.0 python
|
requests 2.32.3 python
|
||||||
skalibs 2.13.1.1-r1 apk
|
requests-file 2.1.0 python
|
||||||
sniffio 1.3.0 python
|
requests-mock 1.12.1 python
|
||||||
soupsieve 2.5 python
|
rsa 4.9 python
|
||||||
sqlite-libs 3.41.2-r2 apk
|
s3transfer 0.10.1 python
|
||||||
ssl_client 1.36.1-r5 apk
|
scanelf 1.3.7-r2 apk
|
||||||
tiff 4.5.1-r0 apk
|
setuptools 65.5.0 python
|
||||||
tldextract 5.1.1 python
|
shadow 4.14.2-r0 apk
|
||||||
typing-inspect 0.9.0 python
|
six 1.16.0 python
|
||||||
typing_extensions 4.9.0 python
|
skalibs 2.14.0.1-r0 apk
|
||||||
tzdata 2023d-r0 apk
|
soupsieve 2.5 python
|
||||||
unixodbc 2.3.11-r2 apk
|
sqlite-libs 3.44.2-r0 apk
|
||||||
uritemplate 4.1.1 python
|
ssl_client 1.36.1-r18 apk
|
||||||
urllib3 2.0.7 python
|
tiff 4.6.0-r0 apk
|
||||||
utmps-libs 0.1.2.1-r1 apk
|
tldextract 5.1.2 python
|
||||||
wheel 0.42.0 python
|
typing-inspect 0.9.0 python
|
||||||
whois 5.5.17-r0 apk
|
typing_extensions 4.12.2 python
|
||||||
xz-libs 5.4.3-r0 apk
|
tzdata 2024a-r0 apk
|
||||||
zlib 1.2.13-r1 apk
|
unixodbc 2.3.12-r0 apk
|
||||||
zope.interface 6.1 python
|
uritemplate 4.1.1 python
|
||||||
zstd-libs 1.5.5-r4 apk
|
urllib3 2.2.1 python
|
||||||
|
utmps-libs 0.1.2.2-r0 apk
|
||||||
|
wheel 0.43.0 python
|
||||||
|
whois 5.5.20-r0 apk
|
||||||
|
xz-libs 5.4.5-r0 apk
|
||||||
|
zlib 1.3.1-r0 apk
|
||||||
|
zope.interface 6.4.post2 python
|
||||||
|
zstd-libs 1.5.5-r8 apk
|
||||||
|
|||||||
@@ -34,7 +34,7 @@ param_env_vars:
|
|||||||
- { env_var: "VALIDATION", env_value: "http", desc: "Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set)." }
|
- { env_var: "VALIDATION", env_value: "http", desc: "Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set)." }
|
||||||
param_usage_include_vols: true
|
param_usage_include_vols: true
|
||||||
param_volumes:
|
param_volumes:
|
||||||
- { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "All the config files including the webroot reside here." }
|
- { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" }
|
||||||
param_usage_include_ports: true
|
param_usage_include_ports: true
|
||||||
param_ports:
|
param_ports:
|
||||||
- { external_port: "443", internal_port: "443", port_desc: "Https port" }
|
- { external_port: "443", internal_port: "443", port_desc: "Https port" }
|
||||||
@@ -50,7 +50,7 @@ opt_param_usage_include_env: true
|
|||||||
opt_param_env_vars:
|
opt_param_env_vars:
|
||||||
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
|
||||||
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
|
||||||
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynudns`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
|
||||||
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
|
||||||
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
|
||||||
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
|
||||||
@@ -58,7 +58,7 @@ opt_param_env_vars:
|
|||||||
- { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." }
|
- { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." }
|
||||||
opt_param_usage_include_vols: false
|
opt_param_usage_include_vols: false
|
||||||
opt_param_volumes:
|
opt_param_volumes:
|
||||||
- { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Configuration files." }
|
- { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" }
|
||||||
opt_param_usage_include_ports: true
|
opt_param_usage_include_ports: true
|
||||||
opt_param_ports:
|
opt_param_ports:
|
||||||
- { external_port: "80", internal_port: "80", port_desc: "Http port (required for http validation and http -> https redirect)" }
|
- { external_port: "80", internal_port: "80", port_desc: "Http port (required for http validation and http -> https redirect)" }
|
||||||
@@ -168,6 +168,12 @@ app_setup_block: |
|
|||||||
|
|
||||||
# changelog
|
# changelog
|
||||||
changelogs:
|
changelogs:
|
||||||
|
- { date: "23.03.24:", desc: "Fix perms on the generated `priv-fullchain-bundle.pem`." }
|
||||||
|
- { date: "14.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf - Update Authelia conf samples with support for 4.38." }
|
||||||
|
- { date: "11.03.24:", desc: "Restore support for DynuDNS using `certbot-dns-dynudns`." }
|
||||||
|
- { date: "06.03.24:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Cleanup default site conf." }
|
||||||
|
- { date: "04.03.24:", desc: "Remove `stream.conf` inside the container to allow users to include their own block in `nginx.conf`." }
|
||||||
|
- { date: "23.01.24:", desc: "Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate." }
|
||||||
- { date: "01.01.24:", desc: "Add GleSYS DNS plugin." }
|
- { date: "01.01.24:", desc: "Add GleSYS DNS plugin." }
|
||||||
- { date: "11.12.23:", desc: "Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins." }
|
- { date: "11.12.23:", desc: "Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins." }
|
||||||
- { date: "30.11.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404." }
|
- { date: "30.11.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404." }
|
||||||
|
|||||||
3
root/defaults/dns-conf/dynu-credentials.ini
Normal file
3
root/defaults/dns-conf/dynu-credentials.ini
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
# Instructions: https://github.com/DustyRah/certbot-dns-dynudns
|
||||||
|
# Replace with your API token from your dynudns account.
|
||||||
|
dns_dynu_auth_token = AbCbASsd!@34
|
||||||
@@ -5,4 +5,5 @@ cd /config/keys/letsencrypt || exit 1
|
|||||||
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
|
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
|
||||||
sleep 1
|
sleep 1
|
||||||
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem
|
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem
|
||||||
|
chmod 600 priv-fullchain-bundle.pem
|
||||||
chown -R abc:abc /config/etc/letsencrypt
|
chown -R abc:abc /config/etc/letsencrypt
|
||||||
|
|||||||
@@ -1,10 +1,15 @@
|
|||||||
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
|
## Version 2024/03/14 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
|
||||||
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
||||||
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
||||||
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
# For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
||||||
|
# For authelia 4.38 and above, make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
|
||||||
|
|
||||||
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource
|
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource
|
||||||
auth_request /authelia/api/verify;
|
## For authelia 4.37 and below, use the following line
|
||||||
|
# auth_request /authelia/api/verify;
|
||||||
|
## For authelia 4.38 and above, use the following line
|
||||||
|
auth_request /authelia/api/authz/auth-request;
|
||||||
|
|
||||||
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
||||||
error_page 401 = @authelia_proxy_signin;
|
error_page 401 = @authelia_proxy_signin;
|
||||||
|
|
||||||
|
|||||||
@@ -1,18 +1,20 @@
|
|||||||
## Version 2023/04/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
## Version 2024/03/16 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
|
||||||
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
|
||||||
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
|
||||||
# Make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
# For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined
|
||||||
|
# For authelia 4.38 and above, make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
|
||||||
|
|
||||||
# location for authelia subfolder requests
|
# location for authelia subfolder requests
|
||||||
location ^~ /authelia {
|
location ^~ /authelia {
|
||||||
auth_request off; # requests to this subfolder must be accessible without authentication
|
auth_request off; # requests to this subfolder must be accessible without authentication
|
||||||
|
|
||||||
include /config/nginx/proxy.conf;
|
include /config/nginx/proxy.conf;
|
||||||
include /config/nginx/resolver.conf;
|
include /config/nginx/resolver.conf;
|
||||||
set $upstream_authelia authelia;
|
set $upstream_authelia authelia;
|
||||||
proxy_pass http://$upstream_authelia:9091;
|
proxy_pass http://$upstream_authelia:9091;
|
||||||
}
|
}
|
||||||
|
|
||||||
# location for authelia auth requests
|
# location for authelia 4.37 and below auth requests
|
||||||
location = /authelia/api/verify {
|
location = /authelia/api/verify {
|
||||||
internal;
|
internal;
|
||||||
|
|
||||||
@@ -29,6 +31,23 @@ location = /authelia/api/verify {
|
|||||||
proxy_set_header Content-Length "";
|
proxy_set_header Content-Length "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# location for authelia 4.38 and above auth requests
|
||||||
|
location = /authelia/api/authz/auth-request {
|
||||||
|
internal;
|
||||||
|
|
||||||
|
include /config/nginx/proxy.conf;
|
||||||
|
include /config/nginx/resolver.conf;
|
||||||
|
set $upstream_authelia authelia;
|
||||||
|
proxy_pass http://$upstream_authelia:9091;
|
||||||
|
|
||||||
|
## Include the Set-Cookie header if present
|
||||||
|
auth_request_set $set_cookie $upstream_http_set_cookie;
|
||||||
|
add_header Set-Cookie $set_cookie;
|
||||||
|
|
||||||
|
proxy_pass_request_body off;
|
||||||
|
proxy_set_header Content-Length "";
|
||||||
|
}
|
||||||
|
|
||||||
# virtual location for authelia 401 redirects
|
# virtual location for authelia 401 redirects
|
||||||
location @authelia_proxy_signin {
|
location @authelia_proxy_signin {
|
||||||
internal;
|
internal;
|
||||||
|
|||||||
@@ -4,6 +4,7 @@
|
|||||||
|
|
||||||
## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource
|
## Send a subrequest to Authentik to verify if the user is authenticated and has permission to access the resource
|
||||||
auth_request /outpost.goauthentik.io/auth/nginx;
|
auth_request /outpost.goauthentik.io/auth/nginx;
|
||||||
|
|
||||||
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
||||||
error_page 401 = @goauthentik_proxy_signin;
|
error_page 401 = @goauthentik_proxy_signin;
|
||||||
|
|
||||||
|
|||||||
@@ -5,6 +5,7 @@
|
|||||||
# location for authentik subfolder requests
|
# location for authentik subfolder requests
|
||||||
location ^~ /outpost.goauthentik.io {
|
location ^~ /outpost.goauthentik.io {
|
||||||
auth_request off; # requests to this subfolder must be accessible without authentication
|
auth_request off; # requests to this subfolder must be accessible without authentication
|
||||||
|
|
||||||
include /config/nginx/proxy.conf;
|
include /config/nginx/proxy.conf;
|
||||||
include /config/nginx/resolver.conf;
|
include /config/nginx/resolver.conf;
|
||||||
set $upstream_authentik authentik-server;
|
set $upstream_authentik authentik-server;
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
## Version 2023/11/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
|
## Version 2024/03/06 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
|
||||||
|
|
||||||
# redirect all traffic to https
|
# redirect all traffic to https
|
||||||
server {
|
server {
|
||||||
@@ -48,7 +48,7 @@ server {
|
|||||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||||
#include /config/nginx/authentik-location.conf;
|
#include /config/nginx/authentik-location.conf;
|
||||||
|
|
||||||
try_files $uri $uri/ /index.html /index.php$is_args$args;
|
try_files $uri $uri/ /index.html /index.htm /index.php$is_args$args;
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^(.+\.php)(.*)$ {
|
location ~ ^(.+\.php)(.*)$ {
|
||||||
@@ -65,8 +65,8 @@ server {
|
|||||||
# enable for Authentik (requires authentik-server.conf in the server block)
|
# enable for Authentik (requires authentik-server.conf in the server block)
|
||||||
#include /config/nginx/authentik-location.conf;
|
#include /config/nginx/authentik-location.conf;
|
||||||
|
|
||||||
try_files $fastcgi_script_name =404;
|
|
||||||
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
||||||
|
if (!-f $document_root$fastcgi_script_name) { return 404; }
|
||||||
fastcgi_pass 127.0.0.1:9000;
|
fastcgi_pass 127.0.0.1:9000;
|
||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
include /etc/nginx/fastcgi_params;
|
include /etc/nginx/fastcgi_params;
|
||||||
|
|||||||
@@ -1,2 +1,8 @@
|
|||||||
# min hour day month weekday command
|
# min hour day month weekday command
|
||||||
|
*/15 * * * * run-parts /etc/periodic/15min
|
||||||
|
0 * * * * run-parts /etc/periodic/hourly
|
||||||
|
0 2 * * * run-parts /etc/periodic/daily
|
||||||
|
0 3 * * 6 run-parts /etc/periodic/weekly
|
||||||
|
0 5 1 * * run-parts /etc/periodic/monthly
|
||||||
|
|
||||||
8 2 * * * /app/le-renew.sh >> /config/log/letsencrypt/letsencrypt.log 2>&1
|
8 2 * * * /app/le-renew.sh >> /config/log/letsencrypt/letsencrypt.log 2>&1
|
||||||
|
|||||||
@@ -23,6 +23,13 @@ for i in "${SANED_VARS[@]}"; do
|
|||||||
export echo "${i}"="$(echo "${!i}" | tr '[:upper:]' '[:lower:]')"
|
export echo "${i}"="$(echo "${!i}" | tr '[:upper:]' '[:lower:]')"
|
||||||
done
|
done
|
||||||
|
|
||||||
|
# Check for and install requested DNS plugins
|
||||||
|
if grep -q "universal-package-install" <<< "${DOCKER_MODS}" && grep -q "certbot-dns" <<< "${INSTALL_PIP_PACKAGES}"; then
|
||||||
|
echo "**** Installing requested dns plugins ****"
|
||||||
|
/etc/s6-overlay/s6-rc.d/init-mod-universal-package-install-add-package/run
|
||||||
|
/etc/s6-overlay/s6-rc.d/init-mods-package-install/run
|
||||||
|
fi
|
||||||
|
|
||||||
# check to make sure DNSPLUGIN is selected if dns validation is used
|
# check to make sure DNSPLUGIN is selected if dns validation is used
|
||||||
CERTBOT_DNS_AUTHENTICATORS=$(certbot plugins --authenticators 2>/dev/null | sed -e 's/^Entry point: EntryPoint(name='\''cpanel'\''/Entry point: EntryPoint(name='\''dns-cpanel'\''/' -e '/EntryPoint(name='\''dns-/!d' -e 's/^Entry point: EntryPoint(name='\''dns-\([^ ]*\)'\'',/\1/' | sort)
|
CERTBOT_DNS_AUTHENTICATORS=$(certbot plugins --authenticators 2>/dev/null | sed -e 's/^Entry point: EntryPoint(name='\''cpanel'\''/Entry point: EntryPoint(name='\''dns-cpanel'\''/' -e '/EntryPoint(name='\''dns-/!d' -e 's/^Entry point: EntryPoint(name='\''dns-\([^ ]*\)'\'',/\1/' | sort)
|
||||||
if [[ "${VALIDATION}" = "dns" ]] && ! echo "${CERTBOT_DNS_AUTHENTICATORS}" | grep -q "${DNSPLUGIN}"; then
|
if [[ "${VALIDATION}" = "dns" ]] && ! echo "${CERTBOT_DNS_AUTHENTICATORS}" | grep -q "${DNSPLUGIN}"; then
|
||||||
|
|||||||
@@ -9,5 +9,5 @@ if [[ -d /defaults/nginx/proxy-confs/ ]]; then
|
|||||||
-maxdepth 1 \
|
-maxdepth 1 \
|
||||||
-name "*.conf.sample" \
|
-name "*.conf.sample" \
|
||||||
-type f \
|
-type f \
|
||||||
-exec cp "{}" /config/nginx/proxy-confs/ +
|
-exec cp "{}" /config/nginx/proxy-confs/ \;
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user