Compare commits
9 Commits
5de2b67275
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
38a75be17a
|
|||
|
6de6a7e1c0
|
|||
|
c5bde2c411
|
|||
|
349a8a05e1
|
|||
|
4fb6d71a77
|
|||
|
1af3f39722
|
|||
|
b53adb411c
|
|||
|
2da562ffcb
|
|||
|
0f78f4cebc
|
@@ -7,10 +7,8 @@ env:
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
schedule:
|
||||
- cron: "0 12 3 * *"
|
||||
- cron: "0 12 * * 3"
|
||||
workflow_dispatch:
|
||||
workflow_call:
|
||||
workflow_run:
|
||||
@@ -48,7 +46,7 @@ jobs:
|
||||
run: |
|
||||
docker build \
|
||||
--tag ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-${{ matrix.arch }} \
|
||||
--platform linux/${{ matrix.arch }} -f Dockerfile .
|
||||
--platform linux/${{ matrix.arch }} --no-cache -f Dockerfile .
|
||||
docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-${{ matrix.arch }}
|
||||
|
||||
|
||||
|
||||
@@ -39,7 +39,7 @@ jobs:
|
||||
run: |
|
||||
docker build \
|
||||
--tag ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-php74-${{ matrix.arch }} \
|
||||
--platform linux/${{ matrix.arch }} -f Dockerfile-php74 .
|
||||
--platform linux/${{ matrix.arch }} --no-cache -f Dockerfile-php74 .
|
||||
docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-php74-${{ matrix.arch }}
|
||||
|
||||
|
||||
|
||||
@@ -62,4 +62,4 @@ jobs:
|
||||
token: ${{ secrets.TELEGRAM_TOKEN }}
|
||||
format: markdown
|
||||
message: |
|
||||
Found **${{ steps.vulncount.outputs.VULNCOUNT }}** vulnerabilities in `${{ github.repository }}`
|
||||
Found **${{ steps.vulncount.outputs.VULNCOUNT }}** vulnerabilities in `${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ matrix.tag }}`
|
||||
|
||||
@@ -34,6 +34,8 @@ services:
|
||||
DISABLE_WEBROOT_CHOWN: 1 # default: 0
|
||||
DISABLE_SFTP: 1 # default: 0
|
||||
DISABLE_STATS: 1 # default: 0
|
||||
DISABLE_STATS_HOURLY: 1 # default: 0
|
||||
DISABLE_WEBDAV: 1 # default: 0
|
||||
```
|
||||
|
||||
The `/data/www` and `/data/logs` directories and their contents will be chowned to `$PUID:$PGID` and chmodded to `0755` for directories and `0644` for files at container start.
|
||||
|
||||
@@ -89,6 +89,10 @@ http {
|
||||
'' close;
|
||||
}
|
||||
|
||||
# use real IPs instead of docker ones
|
||||
set_real_ip_from 172.18.0.0/16;
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
||||
# Specifies the main log format.
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
|
||||
@@ -26,6 +26,8 @@ FPM_MAX_SPARE_SERVERS=${FPM_MAX_SPARE_SERVERS:-3}
|
||||
DISABLE_WEBROOT_CHOWN=${DISABLE_WEBROOT_CHOWN:-0}
|
||||
DISABLE_SFTP=${DISABLE_SFTP:-0}
|
||||
DISABLE_STATS=${DISABLE_STATS:-0}
|
||||
DISABLE_STATS_HOURLY=${DISABLE_STATS_HOURLY:-0}
|
||||
DISABLE_WEBDAV=${DISABLE_WEBDAV:-0}
|
||||
|
||||
export USERNAME
|
||||
export GROUPNAME
|
||||
@@ -51,6 +53,8 @@ export FPM_MAX_SPARE_SERVERS
|
||||
export DISABLE_WEBROOT_CHOWN
|
||||
export DISABLE_SFTP
|
||||
export DISABLE_STATS
|
||||
export DISABLE_STATS_HOURLY
|
||||
export DISABLE_WEBDAV
|
||||
|
||||
# run all scripts in order
|
||||
run-parts /app/entrypoint.sh.d
|
||||
@@ -78,8 +82,10 @@ echo "# Starting cron"
|
||||
crond -b
|
||||
|
||||
# start ssh
|
||||
if [ "${DISABLE_SFTP}" -ne 1 ] ; then
|
||||
echo "# Starting ssh"
|
||||
/usr/sbin/sshd -e
|
||||
fi
|
||||
|
||||
# start nginx
|
||||
echo "# Starting nginx"
|
||||
|
||||
@@ -15,6 +15,7 @@ ${PATH_LOGS}/nginx-access.log {
|
||||
compress
|
||||
delaycompress
|
||||
sharedscripts
|
||||
nodateext
|
||||
su ${USERNAME} ${GROUPNAME}
|
||||
postrotate
|
||||
/usr/sbin/nginx -s reopen
|
||||
|
||||
14
rootfs/app/entrypoint.sh.d/90_stats_hourly.sh
Executable file
14
rootfs/app/entrypoint.sh.d/90_stats_hourly.sh
Executable file
@@ -0,0 +1,14 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ ${DISABLE_STATS} -eq 1 ] ; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ ${DISABLE_STATS_HOURLY} -eq 1 ] ; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "# Configuring hourly stats"
|
||||
|
||||
# stats endpoint
|
||||
ln -s /app/stats_hourly.sh /etc/periodic/hourly/stats
|
||||
@@ -1,5 +1,9 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ ${DISABLE_WEBDAV} -eq 1 ] ; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "# Configuring webdav"
|
||||
|
||||
cat > /etc/nginx/http.d/webdav.conf <<EOF
|
||||
|
||||
15
rootfs/app/stats_hourly.sh
Executable file
15
rootfs/app/stats_hourly.sh
Executable file
@@ -0,0 +1,15 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ "${DISABLE_STATS:-0}" -eq 1 ] ; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
PATH_BASE=/data
|
||||
PATH_STATS=${PATH_BASE}/stats
|
||||
PATH_STATSDB=${PATH_BASE}/stats.db
|
||||
PATH_LOGS=${PATH_BASE}/logs
|
||||
|
||||
/usr/bin/goaccess "${PATH_LOGS}/nginx-access.log" \
|
||||
--agent-list --anonymize-ip --real-os --exclude-ip 127.0.0.1 \
|
||||
--output "${PATH_STATS}/index.html" --log-format COMBINED \
|
||||
--tz="${TZ}" "--db-path=${PATH_STATSDB}" --persist --restore
|
||||
Reference in New Issue
Block a user