build on every push

build on wednesday
skip docker cache
2025-10-02 22:50:52 +02:00 · 2025-10-02 22:50:06 +02:00 · 2025-10-02 22:49:49 +02:00 · 2025-10-02 22:48:53 +02:00 · 2025-08-04 11:43:13 +02:00 · 2025-08-01 14:30:44 +02:00
11 changed files with 57 additions and 11 deletions
--- a/.gitea/workflows/build_and_publish.yaml
+++ b/.gitea/workflows/build_and_publish.yaml
@@ -7,10 +7,8 @@ env:
 on:
  push:
    branches:
      - master
  schedule:
-    - cron: "0 12 3 * *"
+    - cron: "0 12 * * 3"
  workflow_dispatch:
  workflow_call:
  workflow_run:
@@ -48,7 +46,7 @@ jobs:
        run: |
          docker build \
            --tag ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-${{ matrix.arch }} \
-            --platform linux/${{ matrix.arch }} -f Dockerfile .
+            --platform linux/${{ matrix.arch }} --no-cache -f Dockerfile .
          docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-${{ matrix.arch }}
--- a/.gitea/workflows/build_and_publish_php74.yaml
+++ b/.gitea/workflows/build_and_publish_php74.yaml
@@ -39,7 +39,7 @@ jobs:
        run: |
          docker build \
            --tag ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-php74-${{ matrix.arch }} \
-            --platform linux/${{ matrix.arch }} -f Dockerfile-php74 .
+            --platform linux/${{ matrix.arch }} --no-cache -f Dockerfile-php74 .
          docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-php74-${{ matrix.arch }}
--- a/.gitea/workflows/vulnscan.yaml
+++ b/.gitea/workflows/vulnscan.yaml
@@ -62,4 +62,4 @@ jobs:
          token: ${{ secrets.TELEGRAM_TOKEN }}
          format: markdown
          message: |
-            Found **${{ steps.vulncount.outputs.VULNCOUNT }}** vulnerabilities in `${{ github.repository }}`
+            Found **${{ steps.vulncount.outputs.VULNCOUNT }}** vulnerabilities in `${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ matrix.tag }}`
--- a/README.md
+++ b/README.md
@@ -34,6 +34,8 @@ services:
      DISABLE_WEBROOT_CHOWN: 1  # default: 0
      DISABLE_SFTP: 1           # default: 0
      DISABLE_STATS: 1          # default: 0
      DISABLE_STATS_HOURLY: 1   # default: 0
      DISABLE_WEBDAV: 1         # default: 0
 ```
 The `/data/www` and `/data/logs` directories and their contents will be chowned to `$PUID:$PGID` and chmodded to `0755` for directories and `0644` for files at container start.
--- a/rootfs-php74/app/entrypoint.sh
+++ b/rootfs-php74/app/entrypoint.sh
@@ -79,7 +79,9 @@ if [ -f /ssh/authorized_keys ] ; then
  chown "${USERNAME}:${GROUPNAME}" /ssh/authorized_keys
 fi
-chmod 0700 "${WEBROOT}/.ssh"
+if [ -d "${PATH_WEBROOT}/.ssh" ] ; then
  chmod 0700 "${PATH_WEBROOT}/.ssh"
 fi
 /usr/sbin/sshd -e
 cat > /etc/nginx/conf.d/user.conf <<EOF
--- a/rootfs-php74/etc/nginx/nginx.conf
+++ b/rootfs-php74/etc/nginx/nginx.conf
@@ -9,7 +9,7 @@ worker_processes auto;
 pcre_jit on;
 # Configures default error logger.
-error_log /data/logs/nginx-error.log warn;
+error_log /var/log/nginx/error.log warn;
 # Includes files with directives to load dynamic modules.
 include /etc/nginx/modules/*.conf;
@@ -89,6 +89,10 @@ http {
                '' close;
        }
 	# use real IPs instead of docker ones
 	set_real_ip_from 172.18.0.0/16;
 	real_ip_header X-Forwarded-For;
 	real_ip_recursive on;
        # Specifies the main log format.
        log_format main '$remote_addr - $remote_user [$time_local] "$request" '
@@ -96,7 +100,7 @@ http {
                        '"$http_user_agent" "$http_x_forwarded_for"';
        # Sets the path, format, and configuration for a buffered log write.
-        access_log /data/logs/nginx-access.log main;
+        access_log /var/log/nginx/access.log main;
        # Includes virtual hosts configs.
--- a/rootfs/app/entrypoint.sh
+++ b/rootfs/app/entrypoint.sh
@@ -26,6 +26,8 @@ FPM_MAX_SPARE_SERVERS=${FPM_MAX_SPARE_SERVERS:-3}
 DISABLE_WEBROOT_CHOWN=${DISABLE_WEBROOT_CHOWN:-0}
 DISABLE_SFTP=${DISABLE_SFTP:-0}
 DISABLE_STATS=${DISABLE_STATS:-0}
 DISABLE_STATS_HOURLY=${DISABLE_STATS_HOURLY:-0}
 DISABLE_WEBDAV=${DISABLE_WEBDAV:-0}
 export USERNAME
 export GROUPNAME
@@ -51,6 +53,8 @@ export FPM_MAX_SPARE_SERVERS
 export DISABLE_WEBROOT_CHOWN
 export DISABLE_SFTP
 export DISABLE_STATS
 export DISABLE_STATS_HOURLY
 export DISABLE_WEBDAV
 # run all scripts in order
 run-parts /app/entrypoint.sh.d
@@ -78,8 +82,10 @@ echo "# Starting cron"
 crond -b
 # start ssh
 if [ "${DISABLE_SFTP}" -ne 1 ] ; then
  echo "# Starting ssh"
  /usr/sbin/sshd -e
 fi
 # start nginx
 echo "# Starting nginx"
--- a/rootfs/app/entrypoint.sh.d/90_logs.sh
+++ b/rootfs/app/entrypoint.sh.d/90_logs.sh
@@ -15,6 +15,7 @@ ${PATH_LOGS}/nginx-access.log {
    compress
    delaycompress
    sharedscripts
    nodateext
    su ${USERNAME} ${GROUPNAME}
    postrotate
        /usr/sbin/nginx -s reopen
--- a/rootfs/app/entrypoint.sh.d/90_stats_hourly.sh
+++ b/rootfs/app/entrypoint.sh.d/90_stats_hourly.sh
@@ -0,0 +1,14 @@
 #!/bin/sh
 if [ ${DISABLE_STATS} -eq 1 ] ; then
  exit 0
 fi
 if [ ${DISABLE_STATS_HOURLY} -eq 1 ] ; then
  exit 0
 fi
 echo "# Configuring hourly stats"
 # stats endpoint
 ln -s /app/stats_hourly.sh /etc/periodic/hourly/stats
--- a/rootfs/app/entrypoint.sh.d/90_webdav.sh
+++ b/rootfs/app/entrypoint.sh.d/90_webdav.sh
@@ -1,5 +1,9 @@
 #!/bin/sh
 if [ ${DISABLE_WEBDAV} -eq 1 ] ; then
  exit 0
 fi
 echo "# Configuring webdav"
 cat > /etc/nginx/http.d/webdav.conf <<EOF
--- a/rootfs/app/stats_hourly.sh
+++ b/rootfs/app/stats_hourly.sh
@@ -0,0 +1,15 @@
 #!/bin/sh
 if [ "${DISABLE_STATS:-0}" -eq 1 ] ; then
  exit 0
 fi
 PATH_BASE=/data
 PATH_STATS=${PATH_BASE}/stats
 PATH_STATSDB=${PATH_BASE}/stats.db
 PATH_LOGS=${PATH_BASE}/logs
 /usr/bin/goaccess "${PATH_LOGS}/nginx-access.log" \
    --agent-list --anonymize-ip --real-os --exclude-ip 127.0.0.1 \
    --output "${PATH_STATS}/index.html" --log-format COMBINED \
    --tz="${TZ}" "--db-path=${PATH_STATSDB}" --persist --restore
Author	SHA1	Message	Date
paspo	38a75be17a	build on every push All checks were successful Container Publish / on-success-skip (push) Has been skipped Details Container Publish / build-image (amd64) (push) Successful in 48s Details Container Publish / build-image (arm64) (push) Successful in 30s Details Container Publish / update docker manifest (push) Successful in 9s Details Vulnerability Scan / Daily Vulnerability Scan (arm64, latest) (push) Successful in 7s Details Vulnerability Scan / Daily Vulnerability Scan (arm64, latest-php74) (push) Successful in 5s Details Vulnerability Scan / Daily Vulnerability Scan (amd64, latest-php74) (push) Successful in 7s Details Vulnerability Scan / Daily Vulnerability Scan (amd64, latest) (push) Successful in 15s Details	2025-10-02 22:50:52 +02:00
paspo	6de6a7e1c0	build on wednesday	2025-10-02 22:50:06 +02:00
paspo	c5bde2c411	skip docker cache	2025-10-02 22:49:49 +02:00
paspo	349a8a05e1	better vulnscan message	2025-10-02 22:48:53 +02:00
paspo	4fb6d71a77	start SSH only if enables Some checks failed Container Publish / on-success-skip (push) Has been skipped Details Container Publish / build-image (arm64) (push) Successful in 11s Details Container Publish / build-image (amd64) (push) Successful in 46s Details Container Publish / update docker manifest (push) Successful in 9s Details Vulnerability Scan / Daily Vulnerability Scan (arm64, latest) (push) Failing after 6s Details Vulnerability Scan / Daily Vulnerability Scan (arm64, latest-php74) (push) Successful in 4s Details Vulnerability Scan / Daily Vulnerability Scan (amd64, latest) (push) Failing after 7s Details Vulnerability Scan / Daily Vulnerability Scan (amd64, latest-php74) (push) Successful in 15s Details	2025-08-04 11:43:13 +02:00
paspo	1af3f39722	hourly stats All checks were successful Container Publish / on-success-skip (push) Has been skipped Details Container Publish / build-image (arm64) (push) Successful in 13s Details Container Publish / build-image (amd64) (push) Successful in 20s Details Container Publish / update docker manifest (push) Successful in 12s Details Vulnerability Scan / Daily Vulnerability Scan (arm64, latest) (push) Successful in 9s Details Vulnerability Scan / Daily Vulnerability Scan (arm64, latest-php74) (push) Successful in 5s Details Vulnerability Scan / Daily Vulnerability Scan (amd64, latest) (push) Successful in 16s Details Vulnerability Scan / Daily Vulnerability Scan (amd64, latest-php74) (push) Successful in 17s Details	2025-08-01 14:30:44 +02:00
paspo	b53adb411c	fix log name All checks were successful Container Publish / on-success-skip (push) Has been skipped Details Container Publish / build-image (amd64) (push) Successful in 19s Details Container Publish / build-image (arm64) (push) Successful in 21s Details Container Publish / update docker manifest (push) Successful in 10s Details	2025-08-01 08:11:38 +02:00
paspo	2da562ffcb	fix #5 : added DISABLE_WEBDAV flag All checks were successful Container Publish / on-success-skip (push) Has been skipped Details Container Publish / build-image (arm64) (push) Successful in 20s Details Container Publish / build-image (amd64) (push) Successful in 3m21s Details Container Publish / update docker manifest (push) Successful in 53s Details	2025-07-31 20:16:35 +02:00
paspo	0f78f4cebc	use real IPs instead of docker ones (PHP 7.4) All checks were successful Container Publish / on-success-skip (push) Has been skipped Details Container Publish / build-image (arm64) (push) Successful in 11s Details Container Publish / build-image (amd64) (push) Successful in 12s Details Container Publish / update docker manifest (push) Successful in 10s Details	2025-07-31 17:29:31 +02:00
paspo	5de2b67275	fix log path in php7.4 All checks were successful Container Publish / on-success-skip (push) Has been skipped Details Container Publish / build-image (arm64) (push) Successful in 11s Details Container Publish / build-image (amd64) (push) Successful in 17s Details Container Publish / update docker manifest (push) Successful in 9s Details	2025-07-31 17:22:27 +02:00
paspo	1857bd66c5	fix chmod if dir not exists in php 7.4	2025-07-31 17:20:31 +02:00