add dockerfile
This commit is contained in:
parent
b3aa01ff36
commit
f4a396548a
41
Dockerfile
Normal file
41
Dockerfile
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
FROM alpine:3.18
|
||||||
|
|
||||||
|
MAINTAINER Yazzi Huseh
|
||||||
|
ENV TZ=Asia/Shanghai PUID=1000 PGID=100
|
||||||
|
|
||||||
|
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
|
||||||
|
&& apk --update add --no-cache \
|
||||||
|
shadow \
|
||||||
|
&& rm -rf /var/cache/apk/*
|
||||||
|
|
||||||
|
RUN set -eux; BINARY_URL=https://github.com/just-containers/skaware/releases/download/v2.0.7/s6-2.11.0.0-linux-amd64-bin.tar.gz; \
|
||||||
|
wget -O /tmp/s6.tar.gz ${BINARY_URL}; \
|
||||||
|
tar -xzf /tmp/s6.tar.gz -C /;
|
||||||
|
|
||||||
|
COPY --chmod=0755 entrypoint.sh /entrypoint.sh
|
||||||
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
|
|
||||||
|
# install all required apks
|
||||||
|
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
|
||||||
|
&& apk --update add --no-cache \
|
||||||
|
nginx \
|
||||||
|
nginx-mod-http-fancyindex \
|
||||||
|
&& rm -rf /var/cache/apk/*
|
||||||
|
|
||||||
|
# install fancyindex theme
|
||||||
|
RUN set -eux; BINARY_URL=https://code.simaek.com/xueye/nginx-fancyindex-theme/archive/v1.0.0.tar.gz; \
|
||||||
|
wget -O /tmp/theme.tar.gz ${BINARY_URL}; \
|
||||||
|
mkdir -p /fancyindex; \
|
||||||
|
tar -xzf /tmp/theme.tar.gz -C /fancyindex --strip-components=1 --no-same-owner; \
|
||||||
|
rm -f /tmp/theme.tar.gz;
|
||||||
|
|
||||||
|
#
|
||||||
|
RUN adduser -u $PUID -D -s /sbin/nologin -h /public -g "share user" public
|
||||||
|
|
||||||
|
COPY nginx/default.conf /etc/nginx/http.d/default.conf
|
||||||
|
COPY --chmod=0755 /bin/markdown-renderer /bin/markdown-renderer
|
||||||
|
COPY --chmod=0755 services.d/markdown-renderer/run /etc/services.d/nginx/run
|
||||||
|
COPY --chmod=0755 services.d/nginx/run /etc/services.d/markdown-renderer/run
|
||||||
|
COPY --chmod=0755 init.sh /init.sh
|
||||||
|
|
||||||
|
CMD ["/init.sh"]
|
2
LICENSE
2
LICENSE
@ -1,6 +1,6 @@
|
|||||||
MIT License
|
MIT License
|
||||||
|
|
||||||
Copyright (c) <year> <copyright holders>
|
Copyright (c) 2023 Yazzi Hsueh
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
of this software and associated documentation files (the "Software"), to deal
|
of this software and associated documentation files (the "Software"), to deal
|
||||||
|
BIN
bin/markdown-renderer
Executable file
BIN
bin/markdown-renderer
Executable file
Binary file not shown.
13
docker-compose.yml
Normal file
13
docker-compose.yml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
version: "3"
|
||||||
|
services:
|
||||||
|
fancyindex:
|
||||||
|
image: fancyindex
|
||||||
|
build: .
|
||||||
|
container_name: fancyindex
|
||||||
|
hostname: fancyindex
|
||||||
|
ports:
|
||||||
|
- "3004:80/tcp"
|
||||||
|
volumes:
|
||||||
|
- type: bind
|
||||||
|
source: ./data
|
||||||
|
target: /public
|
47
entrypoint.sh
Normal file
47
entrypoint.sh
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# init timezone
|
||||||
|
test -f /usr/share/zoneinfo/${TZ} && \
|
||||||
|
ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
|
||||||
|
echo "${TZ}" > /etc/timezone && \
|
||||||
|
echo "init TZ: ${TZ}"
|
||||||
|
|
||||||
|
echo "current time: `date`"
|
||||||
|
|
||||||
|
if [ "$(id -u)x" != "0x" ]; then
|
||||||
|
echo "err: you must run the container as root."
|
||||||
|
echo "you can specific the PUID and PGID if you want the app run as specific user."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
PUID=${PUID:-1000}
|
||||||
|
PGID=${PGID:-100}
|
||||||
|
|
||||||
|
groupmod -o -g "$PGID" public
|
||||||
|
usermod -o -u "$PUID" public
|
||||||
|
|
||||||
|
echo "
|
||||||
|
-------------------------------------
|
||||||
|
_ _
|
||||||
|
___(_)_ __ ___ __ _ ___| | __
|
||||||
|
/ __| | '_ ` _ \ / _` |/ _ \ |/ /
|
||||||
|
\__ \ | | | | | | (_| | __/ <
|
||||||
|
|___/_|_| |_| |_|\__,_|\___|_|\_\
|
||||||
|
|
||||||
|
Brought to you by simaek.com
|
||||||
|
We gratefully accept donations at:
|
||||||
|
https://www.simaek.com/
|
||||||
|
-------------------------------------
|
||||||
|
GID/UID
|
||||||
|
-------------------------------------"
|
||||||
|
echo "
|
||||||
|
User uid: $(id -u public)
|
||||||
|
User gid: $(id -g public)
|
||||||
|
-------------------------------------
|
||||||
|
"
|
||||||
|
|
||||||
|
if [ $# -gt 0 ]; then
|
||||||
|
$1
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec /bin/s6-svscan -t0 /etc/services.d/
|
20
init.sh
Executable file
20
init.sh
Executable file
@ -0,0 +1,20 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
PUID=${PUID:-1000}
|
||||||
|
PGID=${PGID:-100}
|
||||||
|
|
||||||
|
groupmod -o -g "$PGID" public
|
||||||
|
usermod -o -u "$PUID" public
|
||||||
|
|
||||||
|
echo "**** Make sure the data folders exist ****"
|
||||||
|
[ ! -d /public ] && \
|
||||||
|
mkdir -p /public
|
||||||
|
|
||||||
|
[ ! -e /app/ssl/ssl.crt ] && \
|
||||||
|
cp -r /etc/nginx/ssl/ssl.* /app/ssl/
|
||||||
|
|
||||||
|
echo "**** Set Permissions ****" && \
|
||||||
|
chown -R "$PUID":"$PGID" /public
|
||||||
|
chown -R "$PUID":"$PGID" /fancyindex
|
||||||
|
|
||||||
|
echo "**** Setup complete, starting the server. ****"
|
85
nginx/default.conf
Normal file
85
nginx/default.conf
Normal file
@ -0,0 +1,85 @@
|
|||||||
|
server {
|
||||||
|
listen 80; ## listen for ipv4; this line is default and implied
|
||||||
|
listen [::]:80; ## listen for ipv6
|
||||||
|
server_name localhost;
|
||||||
|
|
||||||
|
root /public;
|
||||||
|
index index.html index.htm;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
#include /fancyindex/fancyindex.conf;
|
||||||
|
fancyindex on;
|
||||||
|
fancyindex_localtime on; #on for local time zone. off for GMT
|
||||||
|
fancyindex_exact_size off; #off for human-readable. on for exact size in bytes
|
||||||
|
fancyindex_header "/fancyindex/header.html";
|
||||||
|
fancyindex_footer "/fancyindex/footer.html";
|
||||||
|
fancyindex_ignore "fancyindex"; #ignore this directory when showing list
|
||||||
|
fancyindex_ignore "cgi"; #ignore this directory when showing list
|
||||||
|
fancyindex_ignore ".php"; #ignore this directory when showing list
|
||||||
|
fancyindex_time_format "%Y-%m-%d %H:%M:%S";
|
||||||
|
fancyindex_name_length 200;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ \.(?:md|markdown)$$ {
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_pass http://127.0.0.1:8002; # Markdown Renderer server.
|
||||||
|
}
|
||||||
|
location =/assets/gfm.css {
|
||||||
|
proxy_pass http://127.0.0.1:8002; # Markdown Renderer server.
|
||||||
|
}
|
||||||
|
|
||||||
|
# fixup fancyindex subrequest
|
||||||
|
location ^~ /fancyindex/ {
|
||||||
|
alias /fancyindex/;
|
||||||
|
}
|
||||||
|
|
||||||
|
# fixup favicon.ico
|
||||||
|
location /favicon.ico {
|
||||||
|
alias /fancyindex/favicon.ico;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /fancyindex/fancyindex.conf {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /fancyindex/README.md {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
location =passwd {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN";
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
add_header X-Content-Type-Options "nosniff";
|
||||||
|
|
||||||
|
location = /favicon.ico { access_log off; log_not_found off; }
|
||||||
|
location = /robots.txt { access_log off; log_not_found off; }
|
||||||
|
|
||||||
|
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|ttf|ttc|otf|eot|woff)$ {
|
||||||
|
expires 30d;
|
||||||
|
access_log off;
|
||||||
|
add_header Pragma public;
|
||||||
|
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* \.(?:css|js)$ {
|
||||||
|
expires 1d;
|
||||||
|
add_header Cache-Control "public";
|
||||||
|
}
|
||||||
|
|
||||||
|
# deny access to . files, for security
|
||||||
|
location ~ /\.(?!well-known).* {
|
||||||
|
access_log off;
|
||||||
|
log_not_found off;
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* (?:\.(?:bak|config|db|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
|
||||||
|
deny all;
|
||||||
|
access_log off;
|
||||||
|
log_not_found off;
|
||||||
|
}
|
||||||
|
}
|
12
services.d/markdown-renderer/run
Executable file
12
services.d/markdown-renderer/run
Executable file
@ -0,0 +1,12 @@
|
|||||||
|
#! /bin/sh
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
exec 2>&1
|
||||||
|
|
||||||
|
COMMAND=/bin/markdown-renderer
|
||||||
|
|
||||||
|
# Check nginx command is executable or not
|
||||||
|
test -x ${COMMAND} || exit 0
|
||||||
|
|
||||||
|
exec ${COMMAND} -mode local -root /public
|
21
services.d/nginx/run
Executable file
21
services.d/nginx/run
Executable file
@ -0,0 +1,21 @@
|
|||||||
|
#! /bin/sh
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
exec 2>&1
|
||||||
|
|
||||||
|
COMMAND=/usr/sbin/nginx
|
||||||
|
PID_FILE=/run/nginx/nginx.pid
|
||||||
|
|
||||||
|
# Create pid file's directory
|
||||||
|
install -d -o nginx -g nginx ${PID_FILE%/*}
|
||||||
|
|
||||||
|
# Check nginx command is executable or not
|
||||||
|
test -x ${COMMAND} || exit 0
|
||||||
|
|
||||||
|
# Test nginx configuration
|
||||||
|
${COMMAND} -t -q || exit 0
|
||||||
|
|
||||||
|
${COMMAND} -v
|
||||||
|
|
||||||
|
exec ${COMMAND} -c /etc/nginx/nginx.conf -g "pid $PID_FILE; daemon off;"
|
Loading…
Reference in New Issue
Block a user