diff --git a/.gitea/workflows/alpine-dockerio.yaml b/.gitea/workflows/alpine-dockerio.yaml index c7d74ab..a0abcd0 100644 --- a/.gitea/workflows/alpine-dockerio.yaml +++ b/.gitea/workflows/alpine-dockerio.yaml @@ -6,7 +6,7 @@ on: jobs: build: - name: Build and push image (root user) + name: Build and push image runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest @@ -19,42 +19,36 @@ jobs: registry: docker.io username: aprimediet password: ${{ secrets.DOCKER_TOKEN }} - - name: Build and push + - name: Build and push 1.22 uses: docker/build-push-action@v5 with: context: . file: Dockerfile.alpine build-args: | - REGISTRY_URL=aprimediet + ALPINE_VERSION=3.17 push: true tags: | - aprimediet/nginx:alpine - aprimediet/nginx:latest-alpine - aprimediet/nginx:latest - build-rootless: - name: Build and push image (rootless) - runs-on: ubuntu-latest - container: - image: ghcr.io/catthehacker/ubuntu:act-latest - steps: - - name: Check out repository code - uses: actions/checkout@v3 - - name: Login to docker.io Registry - uses: docker/login-action@v3 - with: - registry: docker.io - username: aprimediet - password: ${{ secrets.DOCKER_TOKEN }} - - name: Build and push + aprimediet/nginx:1.22-alpine + - name: Build and push 1.24 uses: docker/build-push-action@v5 with: context: . - file: Dockerfile.alpine-rootless + file: Dockerfile.alpine build-args: | - REGISTRY_URL=aprimediet + ALPINE_VERSION=3.19 push: true tags: | - aprimediet/nginx:rootless-alpine - aprimediet/nginx:rootless - aprimediet/nginx:latest-rootless-alpine - aprimediet/nginx:latest-rootless + aprimediet/nginx:1.24-alpine + - name: Build and push 1.26 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + ALPINE_VERSION=3.21 + push: true + tags: | + aprimediet/nginx:1.26-alpine + aprimediet/nginx:1.26 + aprimediet/nginx:alpine + aprimediet/nginx:latest diff --git a/.gitea/workflows/alpine-winter.yaml b/.gitea/workflows/alpine-winter.yaml index 8fc016e..844957d 100644 --- a/.gitea/workflows/alpine-winter.yaml +++ b/.gitea/workflows/alpine-winter.yaml @@ -1,4 +1,4 @@ -name: Build and Push Alpine NodeJS Image to Winter Access Registry +name: Build and Push Alpine NGINX Image to docker.io Registry on: push: branches: @@ -6,51 +6,52 @@ on: jobs: build: - name: Build and push image (Root User) + name: Build and push image runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest steps: - name: Check out repository code uses: actions/checkout@v3 - - name: Login to Docker Winter Access Git Registry + - name: Login to docker.io Registry uses: docker/login-action@v3 with: registry: git.winteraccess.id - username: aditya.prima - password: ${{ secrets.PATOKEN }} - - name: Build and push + username: ${{ vars.REGISTRY_USERNAME }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Build and push 1.22 uses: docker/build-push-action@v5 with: context: . file: Dockerfile.alpine + build-args: | + REGISTRY_URL=git.winteraccess.id/docker + ALPINE_VERSION=3.17 push: true tags: | - git.winteraccess.id/${{ gitea.repository }}:alpine - git.winteraccess.id/${{ gitea.repository }}:latest-alpine - git.winteraccess.id/${{ gitea.repository }}:latest - build-rootless: - name: Build and push image (rootless) - runs-on: ubuntu-latest - container: - image: ghcr.io/catthehacker/ubuntu:act-latest - steps: - - name: Check out repository code - uses: actions/checkout@v3 - - name: Login to Docker Winter Access Git Registry - uses: docker/login-action@v3 - with: - registry: git.winteraccess.id - username: aditya.prima - password: ${{ secrets.PATOKEN }} - - name: Build and push + git.winteraccess.id/${{ gitea.repository }}:1.22-alpine + - name: Build and push 1.24 uses: docker/build-push-action@v5 with: context: . - file: Dockerfile.alpine-rootless + file: Dockerfile.alpine + build-args: | + REGISTRY_URL=git.winteraccess.id/docker + ALPINE_VERSION=3.19 push: true tags: | - git.winteraccess.id/${{ gitea.repository }}:rootless-alpine - git.winteraccess.id/${{ gitea.repository }}:rootless - git.winteraccess.id/${{ gitea.repository }}:latest-rootless-alpine - git.winteraccess.id/${{ gitea.repository }}:latest-rootless + git.winteraccess.id/${{ gitea.repository }}:1.24-alpine + - name: Build and push 1.26 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + REGISTRY_URL=git.winteraccess.id/docker + ALPINE_VERSION=3.21 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:1.26-alpine + git.winteraccess.id/${{ gitea.repository }}:1.26 + git.winteraccess.id/${{ gitea.repository }}:alpine + git.winteraccess.id/${{ gitea.repository }}:latest diff --git a/.gitea/workflows/ubi9-dockerio.yaml b/.gitea/workflows/ubi9-dockerio.yaml new file mode 100644 index 0000000..5073a2b --- /dev/null +++ b/.gitea/workflows/ubi9-dockerio.yaml @@ -0,0 +1,79 @@ +name: Build and Push Alpine NGINX Image to docker.io Registry +on: + push: + branches: + - master + +jobs: + build: + name: Build and push ubi9 image + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to docker.io Registry + uses: docker/login-action@v3 + with: + registry: docker.io + username: aprimediet + password: ${{ secrets.DOCKER_TOKEN }} + - name: Build and push 1.22 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9 + build-args: | + NGINX_VERSION=1.22 + push: true + tags: | + aprimediet/nginx:1.22-ubi9 + - name: Build and push 1.24 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9 + build-args: | + NGINX_VERSION=1.24 + push: true + tags: | + aprimediet/nginx:1.24-ubi9 + aprimediet/nginx:ubi9 + build-micro: + name: Build and push ubi9-micro image + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + needs: + - build + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to docker.io Registry + uses: docker/login-action@v3 + with: + registry: docker.io + username: aprimediet + password: ${{ secrets.DOCKER_TOKEN }} + - name: Build and push 1.22 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9-micro + build-args: | + NGINX_VERSION=1.22 + push: true + tags: | + aprimediet/nginx:1.22-ubi9-micro + - name: Build and push 1.24 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9-micro + build-args: | + NGINX_VERSION=1.24 + push: true + tags: | + aprimediet/nginx:1.24-ubi9-micro + aprimediet/nginx:ubi9-micro \ No newline at end of file diff --git a/.gitea/workflows/ubi9-winter.yaml b/.gitea/workflows/ubi9-winter.yaml new file mode 100644 index 0000000..19edd7b --- /dev/null +++ b/.gitea/workflows/ubi9-winter.yaml @@ -0,0 +1,79 @@ +name: Build and Push Alpine NGINX Image to git.winteraccess.id Registry +on: + push: + branches: + - master + +jobs: + build: + name: Build and push ubi9 image + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to git.winteraccess.id Registry + uses: docker/login-action@v3 + with: + registry: git.winteraccess.id + username: ${{ vars.REGISTRY_USERNAME }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Build and push 1.22 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9 + build-args: | + NGINX_VERSION=1.22 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:1.22-ubi9 + - name: Build and push 1.24 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9 + build-args: | + NGINX_VERSION=1.24 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:1.24-ubi9 + git.winteraccess.id/${{ gitea.repository }}:ubi9 + build-micro: + name: Build and push ubi9-micro image + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + needs: + - build + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to git.winteraccess.id Registry + uses: docker/login-action@v3 + with: + registry: git.winteraccess.id + username: ${{ vars.REGISTRY_USERNAME }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Build and push 1.22 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9-micro + build-args: | + NGINX_VERSION=1.22 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:1.22-ubi9-micro + - name: Build and push 1.24 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubi9-micro + build-args: | + NGINX_VERSION=1.24 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:1.24-ubi9-micro + git.winteraccess.id/${{ gitea.repository }}:ubi9-micro \ No newline at end of file diff --git a/Dockerfile.alpine b/Dockerfile.alpine index 11767c9..14fe977 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -1,7 +1,7 @@ # 1.22.1 Alpine 3.17 # 1.24.0 Alpine 3.19 # 1.26.2 Alpine 3.21 -ARG REGISTRY_URL=git.winteraccess.id/docker +ARG REGISTRY_URL=docker.io/aprimediet ARG ALPINE_VERSION=3.21 FROM ${REGISTRY_URL}/alpine:${ALPINE_VERSION} @@ -9,34 +9,33 @@ LABEL maintainer=" aprimediet@gmail.com" USER root -WORKDIR /app - # Add nginx user and group -RUN addgroup -g 10001 nginx && adduser -D -u 10001 -G nginx -s /sbin/nologin -h /app nginx +RUN addgroup -g 10001 nginx && \ + adduser -D -u 10001 -G nginx -s /sbin/nologin -h /app nginx && \ + mkdir -p /var/run/nginx && \ + chown nginx:nginx /var/run/nginx # INSTALL WGET AND REQUIRED BUILD TOOLS RUN --mount=type=cache,target=/var/cache/apk \ apk update && apk upgrade && apk add \ - nginx nginx-mod-http-naxsi + nginx # COPY CONFIGURATION FILES -ADD ./etc/nginx/nginx-rootless.conf /etc/nginx/nginx.conf -ADD ./etc/nginx/naxsi_core.rules /etc/nginx/ -ADD ./etc/nginx/proxy_params /etc/nginx/ -ADD ./etc/nginx/ssl_params /etc/nginx/ -ADD ./etc/nginx/conf.d /etc/nginx/conf.d - -ADD ./app . +ADD ./etc/alpine /etc/nginx +ADD ./app /app RUN chown -R nginx:nginx /app && \ chown -R nginx:nginx /var/lib/nginx # CLEAR CACHE RUN apk del curl && \ - rm -rf /var/cache/apk/* + rm -rf /var/cache/apk/* && \ + rm -rf /etc/nginx/http.d USER nginx -CMD ["nginx"] +WORKDIR /app -EXPOSE 80 \ No newline at end of file +EXPOSE 80 + +CMD ["nginx"]