diff --git a/.github/workflows/build-bunkerized-nginx-autoconf.yml b/.github/workflows/build-bunkerized-nginx-autoconf.yml new file mode 100644 index 0000000..39c4cb7 --- /dev/null +++ b/.github/workflows/build-bunkerized-nginx-autoconf.yml @@ -0,0 +1,50 @@ +name: Build and push bunkerized-nginx-autoconf + +on: + push: + branches: [dev, master] + +jobs: + test: + runs-on: ubuntu-latest + steps: + + - name: Checkout source code + uses: actions/checkout@v2 + + - name: Set variables + run: | + VER=$(cat VERSION | tr -d '\n') + echo "VERSION=$VER" >> $GITHUB_ENV + + - name: Setup QEMU + uses: docker/setup-qemu-action@v1 + + - name: Setup Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + + - name: Build and push (dev) + uses: docker/build-push-action@v2 + if: github.ref == 'refs/heads/dev' + with: + context: . + file: autoconf/Dockerfile + platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8 + push: true + tags: bunkerity/bunkerized-nginx-autoconf:dev + + - name: Build and push (master) + uses: docker/build-push-action@v2 + if: github.ref == 'refs/heads/master' + with: + context: . + file: autoconf/Dockerfile + platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8 + push: true + tags: bunkerity/bunkerized-nginx-autoconf:latest,bunkerity/bunkerized-nginx-autoconf:${{ env.VERSION }} diff --git a/.github/workflows/build-bunkerized-nginx-ui.yml b/.github/workflows/build-bunkerized-nginx-ui.yml new file mode 100644 index 0000000..ad7c177 --- /dev/null +++ b/.github/workflows/build-bunkerized-nginx-ui.yml @@ -0,0 +1,50 @@ +name: Build and push bunkerized-nginx-ui + +on: + push: + branches: [dev, master] + +jobs: + test: + runs-on: ubuntu-latest + steps: + + - name: Checkout source code + uses: actions/checkout@v2 + + - name: Set variables + run: | + VER=$(cat VERSION | tr -d '\n') + echo "VERSION=$VER" >> $GITHUB_ENV + + - name: Setup QEMU + uses: docker/setup-qemu-action@v1 + + - name: Setup Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + + - name: Build and push (dev) + uses: docker/build-push-action@v2 + if: github.ref == 'refs/heads/dev' + with: + context: . + file: ui/Dockerfile + platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8 + push: true + tags: bunkerity/bunkerized-nginx-ui:dev + + - name: Build and push (master) + uses: docker/build-push-action@v2 + if: github.ref == 'refs/heads/master' + with: + context: . + file: ui/Dockerfile + platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8 + push: true + tags: bunkerity/bunkerized-nginx-ui:latest,bunkerity/bunkerized-nginx-ui:${{ env.VERSION }} diff --git a/.github/workflows/build-bunkerized-nginx.yml b/.github/workflows/build-bunkerized-nginx.yml new file mode 100644 index 0000000..c1232a5 --- /dev/null +++ b/.github/workflows/build-bunkerized-nginx.yml @@ -0,0 +1,48 @@ +name: Build and push bunkerized-nginx + +on: + push: + branches: [dev, master] + +jobs: + test: + runs-on: ubuntu-latest + steps: + + - name: Checkout source code + uses: actions/checkout@v2 + + - name: Set variables + run: | + VER=$(cat VERSION | tr -d '\n') + echo "VERSION=$VER" >> $GITHUB_ENV + + - name: Setup QEMU + uses: docker/setup-qemu-action@v1 + + - name: Setup Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to Docker Hub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + + - name: Build and push (dev) + uses: docker/build-push-action@v2 + if: github.ref == 'refs/heads/dev' + with: + context: . + platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8 + push: true + tags: bunkerity/bunkerized-nginx:dev + + - name: Build and push (master) + uses: docker/build-push-action@v2 + if: github.ref == 'refs/heads/master' + with: + context: . + platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8 + push: true + tags: bunkerity/bunkerized-nginx:latest,bunkerity/bunkerized-nginx:${{ env.VERSION }} diff --git a/Dockerfile-amd64 b/Dockerfile-amd64 deleted file mode 100644 index 63bb194..0000000 --- a/Dockerfile-amd64 +++ /dev/null @@ -1,38 +0,0 @@ -FROM amd64/nginx:1.20.1-alpine - -COPY nginx-keys/ /tmp/nginx-keys -COPY compile.sh /tmp/compile.sh -RUN chmod +x /tmp/compile.sh && \ - /tmp/compile.sh && \ - rm -rf /tmp/* - -COPY dependencies.sh /tmp/dependencies.sh -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -rf /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/ /opt/confs -COPY scripts/ /opt/scripts -COPY lua/ /usr/local/lib/lua -COPY antibot/ /antibot -COPY defaults/ /defaults -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx - -COPY prepare.sh /tmp/prepare.sh -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897 -RUN apk add "curl>=7.77.0-r0" - -VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins - -EXPOSE 8080/tcp 8443/tcp - -USER nginx:nginx - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/Dockerfile-arm32v7 b/Dockerfile-arm32v7 deleted file mode 100644 index 78fa778..0000000 --- a/Dockerfile-arm32v7 +++ /dev/null @@ -1,45 +0,0 @@ -FROM alpine AS builder - -ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-arm.tar.gz -RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1 - -FROM arm32v7/nginx:1.20.1-alpine - -COPY --from=builder qemu-arm-static /usr/bin - -COPY nginx-keys/ /tmp/nginx-keys -COPY compile.sh /tmp/compile.sh -RUN chmod +x /tmp/compile.sh && \ - /tmp/compile.sh && \ - rm -rf /tmp/* - -COPY dependencies.sh /tmp/dependencies.sh -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -rf /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/ /opt/confs -COPY scripts/ /opt/scripts -COPY lua/ /usr/local/lib/lua -COPY antibot/ /antibot -COPY defaults/ /defaults -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx - -COPY prepare.sh /tmp/prepare.sh -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897 -RUN apk add "curl>=7.77.0-r0" - -VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins - -EXPOSE 8080/tcp 8443/tcp - -USER nginx:nginx - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/Dockerfile-arm64v8 b/Dockerfile-arm64v8 deleted file mode 100644 index 34dda35..0000000 --- a/Dockerfile-arm64v8 +++ /dev/null @@ -1,45 +0,0 @@ -FROM alpine AS builder - -ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-aarch64.tar.gz -RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1 - -FROM arm64v8/nginx:1.20.1-alpine - -COPY --from=builder qemu-aarch64-static /usr/bin - -COPY nginx-keys/ /tmp/nginx-keys -COPY compile.sh /tmp/compile.sh -RUN chmod +x /tmp/compile.sh && \ - /tmp/compile.sh && \ - rm -rf /tmp/* - -COPY dependencies.sh /tmp/dependencies.sh -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -rf /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/ /opt/confs -COPY scripts/ /opt/scripts -COPY lua/ /usr/local/lib/lua -COPY antibot/ /antibot -COPY defaults/ /defaults -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx - -COPY prepare.sh /tmp/prepare.sh -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897 -RUN apk add "curl>=7.77.0-r0" - -VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins - -EXPOSE 8080/tcp 8443/tcp - -USER nginx:nginx - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/Dockerfile-i386 b/Dockerfile-i386 deleted file mode 100644 index b30d01b..0000000 --- a/Dockerfile-i386 +++ /dev/null @@ -1,38 +0,0 @@ -FROM i386/nginx:1.20.1-alpine - -COPY nginx-keys/ /tmp/nginx-keys -COPY compile.sh /tmp/compile.sh -RUN chmod +x /tmp/compile.sh && \ - /tmp/compile.sh && \ - rm -rf /tmp/* - -COPY dependencies.sh /tmp/dependencies.sh -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -rf /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/ /opt/confs -COPY scripts/ /opt/scripts -COPY lua/ /usr/local/lib/lua -COPY antibot/ /antibot -COPY defaults/ /defaults -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx - -COPY prepare.sh /tmp/prepare.sh -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -# Fix CVE-2021-22901, CVE-2021-22898 and CVE-2021-22897 -RUN apk add "curl>=7.77.0-r0" - -VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins - -EXPOSE 8080/tcp 8443/tcp - -USER nginx:nginx - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/autoconf/Dockerfile-amd64 b/autoconf/Dockerfile-amd64 deleted file mode 100644 index 8253bbb..0000000 --- a/autoconf/Dockerfile-amd64 +++ /dev/null @@ -1,22 +0,0 @@ -FROM amd64/alpine - -COPY autoconf/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/global/ /opt/confs/global -COPY confs/site/ /opt/confs/site -COPY scripts/ /opt/scripts -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx -COPY autoconf/* /opt/entrypoint/ - -COPY autoconf/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/autoconf/Dockerfile-arm32v7 b/autoconf/Dockerfile-arm32v7 deleted file mode 100644 index e1dba48..0000000 --- a/autoconf/Dockerfile-arm32v7 +++ /dev/null @@ -1,29 +0,0 @@ -FROM alpine AS builder - -ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-arm.tar.gz -RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1 - -FROM arm32v7/alpine - -COPY --from=builder qemu-arm-static /usr/bin - -COPY autoconf/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/global/ /opt/confs/global -COPY confs/site/ /opt/confs/site -COPY scripts/ /opt/scripts -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx -COPY autoconf/* /opt/entrypoint/ - -COPY autoconf/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/autoconf/Dockerfile-arm64v8 b/autoconf/Dockerfile-arm64v8 deleted file mode 100644 index 1d756b3..0000000 --- a/autoconf/Dockerfile-arm64v8 +++ /dev/null @@ -1,29 +0,0 @@ -FROM alpine AS builder - -ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-aarch64.tar.gz -RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1 - -FROM arm64v8/alpine - -COPY --from=builder qemu-aarch64-static /usr/bin - -COPY autoconf/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/global/ /opt/confs/global -COPY confs/site/ /opt/confs/site -COPY scripts/ /opt/scripts -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx -COPY autoconf/* /opt/entrypoint/ - -COPY autoconf/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/autoconf/Dockerfile-i386 b/autoconf/Dockerfile-i386 deleted file mode 100644 index 9b788b0..0000000 --- a/autoconf/Dockerfile-i386 +++ /dev/null @@ -1,22 +0,0 @@ -FROM i386/alpine - -COPY autoconf/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY entrypoint/ /opt/entrypoint -COPY confs/global/ /opt/confs/global -COPY confs/site/ /opt/confs/site -COPY scripts/ /opt/scripts -COPY settings.json /opt -COPY misc/cron /etc/crontabs/nginx -COPY autoconf/* /opt/entrypoint/ - -COPY autoconf/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -ENTRYPOINT ["/opt/entrypoint/entrypoint.sh"] diff --git a/ui/Dockerfile-amd64 b/ui/Dockerfile-amd64 deleted file mode 100644 index 6d6c663..0000000 --- a/ui/Dockerfile-amd64 +++ /dev/null @@ -1,23 +0,0 @@ -FROM amd64/alpine - -COPY ui/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY confs/site/ /opt/confs/site -COPY confs/global/ /opt/confs/global -COPY ui/ /opt/entrypoint -COPY settings.json /opt - -COPY ui/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -EXPOSE 5000 - -WORKDIR /opt/entrypoint -ENV FLASK_APP entrypoint.py -ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"] diff --git a/ui/Dockerfile-arm32v7 b/ui/Dockerfile-arm32v7 deleted file mode 100644 index a069b38..0000000 --- a/ui/Dockerfile-arm32v7 +++ /dev/null @@ -1,30 +0,0 @@ -FROM alpine AS builder - -ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-arm.tar.gz -RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1 - -FROM arm32v7/alpine - -COPY --from=builder qemu-arm-static /usr/bin - -COPY ui/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY confs/site/ /opt/confs/site -COPY confs/global/ /opt/confs/global -COPY ui/ /opt/entrypoint -COPY settings.json /opt - -COPY ui/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -EXPOSE 5000 - -WORKDIR /opt/entrypoint -ENV FLASK_APP entrypoint.py -ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"] diff --git a/ui/Dockerfile-arm64v8 b/ui/Dockerfile-arm64v8 deleted file mode 100644 index b886aa2..0000000 --- a/ui/Dockerfile-arm64v8 +++ /dev/null @@ -1,30 +0,0 @@ -FROM alpine AS builder - -ENV QEMU_URL https://github.com/balena-io/qemu/releases/download/v4.0.0%2Bbalena2/qemu-4.0.0.balena2-aarch64.tar.gz -RUN apk add curl && curl -L ${QEMU_URL} | tar zxvf - -C . --strip-components 1 - -FROM arm64v8/alpine - -COPY --from=builder qemu-aarch64-static /usr/bin - -COPY ui/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY confs/site/ /opt/confs/site -COPY confs/global/ /opt/confs/global -COPY ui/ /opt/entrypoint -COPY settings.json /opt - -COPY ui/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -EXPOSE 5000 - -WORKDIR /opt/entrypoint -ENV FLASK_APP entrypoint.py -ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"] diff --git a/ui/Dockerfile-i386 b/ui/Dockerfile-i386 deleted file mode 100644 index e060bdf..0000000 --- a/ui/Dockerfile-i386 +++ /dev/null @@ -1,23 +0,0 @@ -FROM i386/alpine - -COPY ui/dependencies.sh /tmp -RUN chmod +x /tmp/dependencies.sh && \ - /tmp/dependencies.sh && \ - rm -f /tmp/dependencies.sh - -COPY gen/ /opt/gen -COPY confs/site/ /opt/confs/site -COPY confs/global/ /opt/confs/global -COPY ui/ /opt/entrypoint -COPY settings.json /opt - -COPY ui/prepare.sh /tmp -RUN chmod +x /tmp/prepare.sh && \ - /tmp/prepare.sh && \ - rm -f /tmp/prepare.sh - -EXPOSE 5000 - -WORKDIR /opt/entrypoint -ENV FLASK_APP entrypoint.py -ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"]