add dockerfile
This commit is contained in:
parent
b3aa01ff36
commit
f4a396548a
41
Dockerfile
Normal file
41
Dockerfile
Normal file
@ -0,0 +1,41 @@
|
||||
FROM alpine:3.18
|
||||
|
||||
MAINTAINER Yazzi Huseh
|
||||
ENV TZ=Asia/Shanghai PUID=1000 PGID=100
|
||||
|
||||
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
|
||||
&& apk --update add --no-cache \
|
||||
shadow \
|
||||
&& rm -rf /var/cache/apk/*
|
||||
|
||||
RUN set -eux; BINARY_URL=https://github.com/just-containers/skaware/releases/download/v2.0.7/s6-2.11.0.0-linux-amd64-bin.tar.gz; \
|
||||
wget -O /tmp/s6.tar.gz ${BINARY_URL}; \
|
||||
tar -xzf /tmp/s6.tar.gz -C /;
|
||||
|
||||
COPY --chmod=0755 entrypoint.sh /entrypoint.sh
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
||||
# install all required apks
|
||||
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
|
||||
&& apk --update add --no-cache \
|
||||
nginx \
|
||||
nginx-mod-http-fancyindex \
|
||||
&& rm -rf /var/cache/apk/*
|
||||
|
||||
# install fancyindex theme
|
||||
RUN set -eux; BINARY_URL=https://code.simaek.com/xueye/nginx-fancyindex-theme/archive/v1.0.0.tar.gz; \
|
||||
wget -O /tmp/theme.tar.gz ${BINARY_URL}; \
|
||||
mkdir -p /fancyindex; \
|
||||
tar -xzf /tmp/theme.tar.gz -C /fancyindex --strip-components=1 --no-same-owner; \
|
||||
rm -f /tmp/theme.tar.gz;
|
||||
|
||||
#
|
||||
RUN adduser -u $PUID -D -s /sbin/nologin -h /public -g "share user" public
|
||||
|
||||
COPY nginx/default.conf /etc/nginx/http.d/default.conf
|
||||
COPY --chmod=0755 /bin/markdown-renderer /bin/markdown-renderer
|
||||
COPY --chmod=0755 services.d/markdown-renderer/run /etc/services.d/nginx/run
|
||||
COPY --chmod=0755 services.d/nginx/run /etc/services.d/markdown-renderer/run
|
||||
COPY --chmod=0755 init.sh /init.sh
|
||||
|
||||
CMD ["/init.sh"]
|
2
LICENSE
2
LICENSE
@ -1,6 +1,6 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) <year> <copyright holders>
|
||||
Copyright (c) 2023 Yazzi Hsueh
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
|
BIN
bin/markdown-renderer
Executable file
BIN
bin/markdown-renderer
Executable file
Binary file not shown.
13
docker-compose.yml
Normal file
13
docker-compose.yml
Normal file
@ -0,0 +1,13 @@
|
||||
version: "3"
|
||||
services:
|
||||
fancyindex:
|
||||
image: fancyindex
|
||||
build: .
|
||||
container_name: fancyindex
|
||||
hostname: fancyindex
|
||||
ports:
|
||||
- "3004:80/tcp"
|
||||
volumes:
|
||||
- type: bind
|
||||
source: ./data
|
||||
target: /public
|
47
entrypoint.sh
Normal file
47
entrypoint.sh
Normal file
@ -0,0 +1,47 @@
|
||||
#!/bin/sh
|
||||
|
||||
# init timezone
|
||||
test -f /usr/share/zoneinfo/${TZ} && \
|
||||
ln -sf /usr/share/zoneinfo/${TZ} /etc/localtime && \
|
||||
echo "${TZ}" > /etc/timezone && \
|
||||
echo "init TZ: ${TZ}"
|
||||
|
||||
echo "current time: `date`"
|
||||
|
||||
if [ "$(id -u)x" != "0x" ]; then
|
||||
echo "err: you must run the container as root."
|
||||
echo "you can specific the PUID and PGID if you want the app run as specific user."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PUID=${PUID:-1000}
|
||||
PGID=${PGID:-100}
|
||||
|
||||
groupmod -o -g "$PGID" public
|
||||
usermod -o -u "$PUID" public
|
||||
|
||||
echo "
|
||||
-------------------------------------
|
||||
_ _
|
||||
___(_)_ __ ___ __ _ ___| | __
|
||||
/ __| | '_ ` _ \ / _` |/ _ \ |/ /
|
||||
\__ \ | | | | | | (_| | __/ <
|
||||
|___/_|_| |_| |_|\__,_|\___|_|\_\
|
||||
|
||||
Brought to you by simaek.com
|
||||
We gratefully accept donations at:
|
||||
https://www.simaek.com/
|
||||
-------------------------------------
|
||||
GID/UID
|
||||
-------------------------------------"
|
||||
echo "
|
||||
User uid: $(id -u public)
|
||||
User gid: $(id -g public)
|
||||
-------------------------------------
|
||||
"
|
||||
|
||||
if [ $# -gt 0 ]; then
|
||||
$1
|
||||
fi
|
||||
|
||||
exec /bin/s6-svscan -t0 /etc/services.d/
|
20
init.sh
Executable file
20
init.sh
Executable file
@ -0,0 +1,20 @@
|
||||
#!/bin/sh
|
||||
|
||||
PUID=${PUID:-1000}
|
||||
PGID=${PGID:-100}
|
||||
|
||||
groupmod -o -g "$PGID" public
|
||||
usermod -o -u "$PUID" public
|
||||
|
||||
echo "**** Make sure the data folders exist ****"
|
||||
[ ! -d /public ] && \
|
||||
mkdir -p /public
|
||||
|
||||
[ ! -e /app/ssl/ssl.crt ] && \
|
||||
cp -r /etc/nginx/ssl/ssl.* /app/ssl/
|
||||
|
||||
echo "**** Set Permissions ****" && \
|
||||
chown -R "$PUID":"$PGID" /public
|
||||
chown -R "$PUID":"$PGID" /fancyindex
|
||||
|
||||
echo "**** Setup complete, starting the server. ****"
|
85
nginx/default.conf
Normal file
85
nginx/default.conf
Normal file
@ -0,0 +1,85 @@
|
||||
server {
|
||||
listen 80; ## listen for ipv4; this line is default and implied
|
||||
listen [::]:80; ## listen for ipv6
|
||||
server_name localhost;
|
||||
|
||||
root /public;
|
||||
index index.html index.htm;
|
||||
|
||||
location / {
|
||||
#include /fancyindex/fancyindex.conf;
|
||||
fancyindex on;
|
||||
fancyindex_localtime on; #on for local time zone. off for GMT
|
||||
fancyindex_exact_size off; #off for human-readable. on for exact size in bytes
|
||||
fancyindex_header "/fancyindex/header.html";
|
||||
fancyindex_footer "/fancyindex/footer.html";
|
||||
fancyindex_ignore "fancyindex"; #ignore this directory when showing list
|
||||
fancyindex_ignore "cgi"; #ignore this directory when showing list
|
||||
fancyindex_ignore ".php"; #ignore this directory when showing list
|
||||
fancyindex_time_format "%Y-%m-%d %H:%M:%S";
|
||||
fancyindex_name_length 200;
|
||||
}
|
||||
|
||||
location ~ \.(?:md|markdown)$$ {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://127.0.0.1:8002; # Markdown Renderer server.
|
||||
}
|
||||
location =/assets/gfm.css {
|
||||
proxy_pass http://127.0.0.1:8002; # Markdown Renderer server.
|
||||
}
|
||||
|
||||
# fixup fancyindex subrequest
|
||||
location ^~ /fancyindex/ {
|
||||
alias /fancyindex/;
|
||||
}
|
||||
|
||||
# fixup favicon.ico
|
||||
location /favicon.ico {
|
||||
alias /fancyindex/favicon.ico;
|
||||
}
|
||||
|
||||
location = /fancyindex/fancyindex.conf {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location = /fancyindex/README.md {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location =passwd {
|
||||
deny all;
|
||||
}
|
||||
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
|
||||
location = /favicon.ico { access_log off; log_not_found off; }
|
||||
location = /robots.txt { access_log off; log_not_found off; }
|
||||
|
||||
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|ttf|ttc|otf|eot|woff)$ {
|
||||
expires 30d;
|
||||
access_log off;
|
||||
add_header Pragma public;
|
||||
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
|
||||
}
|
||||
|
||||
location ~* \.(?:css|js)$ {
|
||||
expires 1d;
|
||||
add_header Cache-Control "public";
|
||||
}
|
||||
|
||||
# deny access to . files, for security
|
||||
location ~ /\.(?!well-known).* {
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~* (?:\.(?:bak|config|db|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
}
|
12
services.d/markdown-renderer/run
Executable file
12
services.d/markdown-renderer/run
Executable file
@ -0,0 +1,12 @@
|
||||
#! /bin/sh
|
||||
|
||||
set -eu
|
||||
|
||||
exec 2>&1
|
||||
|
||||
COMMAND=/bin/markdown-renderer
|
||||
|
||||
# Check nginx command is executable or not
|
||||
test -x ${COMMAND} || exit 0
|
||||
|
||||
exec ${COMMAND} -mode local -root /public
|
21
services.d/nginx/run
Executable file
21
services.d/nginx/run
Executable file
@ -0,0 +1,21 @@
|
||||
#! /bin/sh
|
||||
|
||||
set -eu
|
||||
|
||||
exec 2>&1
|
||||
|
||||
COMMAND=/usr/sbin/nginx
|
||||
PID_FILE=/run/nginx/nginx.pid
|
||||
|
||||
# Create pid file's directory
|
||||
install -d -o nginx -g nginx ${PID_FILE%/*}
|
||||
|
||||
# Check nginx command is executable or not
|
||||
test -x ${COMMAND} || exit 0
|
||||
|
||||
# Test nginx configuration
|
||||
${COMMAND} -t -q || exit 0
|
||||
|
||||
${COMMAND} -v
|
||||
|
||||
exec ${COMMAND} -c /etc/nginx/nginx.conf -g "pid $PID_FILE; daemon off;"
|
Loading…
Reference in New Issue
Block a user