diff --git a/.editorconfig b/.editorconfig new file mode 100755 index 0000000..5f150f3 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,20 @@ +# This file is globally distributed to all container image projects from +# https://github.com/linuxserver/docker-jenkins-builder/blob/master/.editorconfig + +# top-most EditorConfig file +root = true + +# Unix-style newlines with a newline ending every file +[*] +end_of_line = lf +insert_final_newline = true +# trim_trailing_whitespace may cause unintended issues and should not be globally set true +trim_trailing_whitespace = false + +[{Dockerfile*,**.yml}] +indent_style = space +indent_size = 2 + +[{**.sh,root/etc/s6-overlay/s6-rc.d/**,root/etc/cont-init.d/**,root/etc/services.d/**}] +indent_style = space +indent_size = 4 diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md new file mode 100755 index 0000000..5128e62 --- /dev/null +++ b/.github/CONTRIBUTING.md @@ -0,0 +1,123 @@ +# Contributing to bookstack + +## Gotchas + +* While contributing make sure to make all your changes before creating a Pull Request, as our pipeline builds each commit after the PR is open. +* Read, and fill the Pull Request template + * If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR + * If the PR is addressing an existing issue include, closes #\, in the body of the PR commit message +* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://linuxserver.io/discord) + +## Common files + +| File | Use case | +| :----: | --- | +| `Dockerfile` | Dockerfile used to build amd64 images | +| `Dockerfile.aarch64` | Dockerfile used to build 64bit ARM architectures | +| `Dockerfile.armhf` | Dockerfile used to build 32bit ARM architectures | +| `Jenkinsfile` | This file is a product of our builder and should not be edited directly. This is used to build the image | +| `jenkins-vars.yml` | This file is used to generate the `Jenkinsfile` mentioned above, it only affects the build-process | +| `package_versions.txt` | This file is generated as a part of the build-process and should not be edited directly. It lists all the installed packages and their versions | +| `README.md` | This file is a product of our builder and should not be edited directly. This displays the readme for the repository and image registries | +| `readme-vars.yml` | This file is used to generate the `README.md` | + +## Readme + +If you would like to change our readme, please __**do not**__ directly edit the readme, as it is auto-generated on each commit. +Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-bookstack/edit/master/readme-vars.yml). + +These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play. +Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io/images/docker-bookstack) + +### Fixing typos or clarify the text in the readme + +There are variables for multiple parts of the readme, the most common ones are: + +| Variable | Description | +| :----: | --- | +| `project_blurb` | This is the short excerpt shown above the project logo. | +| `app_setup_block` | This is the text that shows up under "Application Setup" if enabled | + +### Parameters + +The compose and run examples are also generated from these variables. + +We have a [reference file](https://github.com/linuxserver/docker-jenkins-builder/blob/master/vars/_container-vars-blank) in our Jenkins Builder. + +These are prefixed with `param_` for required parameters, or `opt_param` for optional parameters, except for `cap_add`. +Remember to enable param, if currently disabled. This differs between parameters, and can be seen in the reference file. + +Devices, environment variables, ports and volumes expects its variables in a certain way. + +### Devices + +```yml +param_devices: + - { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" } +opt_param_devices: + - { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" } +``` + +### Environment variables + +```yml +param_env_vars: + - { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London." } +opt_param_env_vars: + - { env_var: "VERSION", env_value: "latest", desc: "Supported values are LATEST, PLEXPASS or a specific version number." } +``` + +### Ports + +```yml +param_ports: + - { external_port: "80", internal_port: "80", port_desc: "Application WebUI" } +opt_param_ports: + - { external_port: "80", internal_port: "80", port_desc: "Application WebUI" } +``` + +### Volumes + +```yml +param_volumes: + - { vol_path: "/config", vol_host_path: "", desc: "Configuration files." } +opt_param_volumes: + - { vol_path: "/config", vol_host_path: "", desc: "Configuration files." } +``` + +### Testing template changes + +After you make any changes to the templates, you can use our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) to have the files updated from the modified templates. Please use the command found under `Running Locally` [on this page](https://github.com/linuxserver/docker-jenkins-builder/blob/master/README.md) to generate them prior to submitting a PR. + +## Dockerfiles + +We use multiple Dockerfiles in our repos, this is because sometimes some CPU architectures needs different packages to work. +If you are proposing additional packages to be added, ensure that you added the packages to all the Dockerfiles in alphabetical order. + +### Testing your changes + +```bash +git clone https://github.com/linuxserver/docker-bookstack.git +cd docker-bookstack +docker build \ + --no-cache \ + --pull \ + -t linuxserver/bookstack:latest . +``` + +The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static` + +```bash +docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset +``` + +Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`. + +## Update the changelog + +If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-bookstack/tree/master/root), add an entry to the changelog + +```yml +changelogs: + - { date: "DD.MM.YY:", desc: "Added some love to templates" } +``` diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md deleted file mode 100644 index efe81f2..0000000 --- a/.github/ISSUE_TEMPLATE.md +++ /dev/null @@ -1,34 +0,0 @@ -[linuxserverurl]: https://linuxserver.io -[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] - -If you are new to Docker or this application our issue tracker is **ONLY** used for reporting bugs or requesting features. Please use [our discord server](https://discord.gg/YWrKVTn) for general support. - - - ------------------------------- - -## Expected Behavior - - -## Current Behavior - - -## Steps to Reproduce - - -1. -2. -3. -4. - -## Environment -**OS:** -**CPU architecture:** x86_64/arm32/arm64 -**How docker service was installed:** - - -## Command used to create docker container (run/create/compose/screenshot) - - -## Docker logs - diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100755 index 0000000..08d4369 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,13 @@ +blank_issues_enabled: false +contact_links: + - name: Discord chat support + url: https://linuxserver.io/discord + about: Realtime support / chat with the community and the team. + + - name: Discourse discussion forum + url: https://discourse.linuxserver.io + about: Post on our community forum. + + - name: Documentation + url: https://docs.linuxserver.io/images/docker-bookstack + about: Documentation - information about all of our containers. diff --git a/.github/ISSUE_TEMPLATE/issue.bug.yml b/.github/ISSUE_TEMPLATE/issue.bug.yml new file mode 100755 index 0000000..f158635 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/issue.bug.yml @@ -0,0 +1,76 @@ +# Based on the issue template +name: Bug report +description: Create a report to help us improve +title: "[BUG] " +labels: [Bug] +body: + - type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues + required: true + - type: textarea + attributes: + label: Current Behavior + description: Tell us what happens instead of the expected behavior. + validations: + required: true + - type: textarea + attributes: + label: Expected Behavior + description: Tell us what should happen. + validations: + required: false + - type: textarea + attributes: + label: Steps To Reproduce + description: Steps to reproduce the behavior. + placeholder: | + 1. In this environment... + 2. With this config... + 3. Run '...' + 4. See error... + validations: + required: true + - type: textarea + attributes: + label: Environment + description: | + examples: + - **OS**: Ubuntu 20.04 + - **How docker service was installed**: distro's packagemanager + value: | + - OS: + - How docker service was installed: + render: markdown + validations: + required: false + - type: dropdown + attributes: + label: CPU architecture + options: + - x86-64 + - arm64 + validations: + required: true + - type: textarea + attributes: + label: Docker creation + description: | + Command used to create docker container + Provide your docker create/run command or compose yaml snippet, or a screenshot of settings if using a gui to create the container + render: bash + validations: + required: true + - type: textarea + attributes: + description: | + Provide a full docker log, output of "docker logs bookstack" + label: Container logs + placeholder: | + Output of `docker logs bookstack` + render: bash + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/issue.feature.yml b/.github/ISSUE_TEMPLATE/issue.feature.yml new file mode 100755 index 0000000..099dcdb --- /dev/null +++ b/.github/ISSUE_TEMPLATE/issue.feature.yml @@ -0,0 +1,31 @@ +# Based on the issue template +name: Feature request +description: Suggest an idea for this project +title: "[FEAT] <title>" +labels: [enhancement] +body: + - type: checkboxes + attributes: + label: Is this a new feature request? + description: Please search to see if a feature request already exists. + options: + - label: I have searched the existing issues + required: true + - type: textarea + attributes: + label: Wanted change + description: Tell us what you want to happen. + validations: + required: true + - type: textarea + attributes: + label: Reason for change + description: Justify your request, why do you want it, what is the benefit. + validations: + required: true + - type: textarea + attributes: + label: Proposed code change + description: Do you have a potential code change in mind? + validations: + required: false diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 26d5031..0364628 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -2,11 +2,11 @@ [linuxserverurl]: https://linuxserver.io [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] - + <!--- Before submitting a pull request please check the following --> -<!--- If this is a fix for a typo in code or documentation in the README please file an issue and let us sort it out we do not need a PR --> +<!--- If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR --> <!--- Ask yourself if this modification is something the whole userbase will benefit from, if this is a specific change for corner case functionality or plugins please look at making a Docker Mod or local script https://blog.linuxserver.io/2019/09/14/customizing-our-containers/ --> <!--- That if the PR is addressing an existing issue include, closes #<issue number> , in the body of the PR commit message --> <!--- You have included links to any files / patches etc your PR may be using in the body of the PR commit message --> @@ -21,7 +21,11 @@ ------------------------------ -We welcome all PR’s though this doesn’t guarantee it will be accepted. + - [ ] I have read the [contributing](https://github.com/linuxserver/docker-bookstack/blob/master/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications + +------------------------------ + +<!--- We welcome all PR’s though this doesn’t guarantee it will be accepted. --> ## Description: <!--- Describe your changes in detail --> diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml new file mode 100755 index 0000000..2c30784 --- /dev/null +++ b/.github/workflows/call_issue_pr_tracker.yml @@ -0,0 +1,16 @@ +name: Issue & PR Tracker + +on: + issues: + types: [opened,reopened,labeled,unlabeled,closed] + pull_request_target: + types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed] + pull_request_review: + types: [submitted,edited,dismissed] + +jobs: + manage-project: + permissions: + issues: write + uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1 + secrets: inherit diff --git a/.github/workflows/call_issues_cron.yml b/.github/workflows/call_issues_cron.yml new file mode 100755 index 0000000..2f54573 --- /dev/null +++ b/.github/workflows/call_issues_cron.yml @@ -0,0 +1,13 @@ +name: Mark stale issues and pull requests +on: + schedule: + - cron: '3 9 * * *' + workflow_dispatch: + +jobs: + stale: + permissions: + issues: write + pull-requests: write + uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1 + secrets: inherit diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml new file mode 100755 index 0000000..ed71e16 --- /dev/null +++ b/.github/workflows/external_trigger.yml @@ -0,0 +1,144 @@ +name: External Trigger Main + +on: + workflow_dispatch: + +jobs: + external-trigger-master: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4.1.1 + + - name: External Trigger + if: github.ref == 'refs/heads/master' + env: + SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }} + run: | + printf "# External trigger for docker-bookstack\n\n" >> $GITHUB_STEP_SUMMARY + if grep -q "^bookstack_master_" <<< "${SKIP_EXTERNAL_TRIGGER}"; then + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`bookstack_master_\`; will skip trigger if version matches." >> $GITHUB_STEP_SUMMARY + elif grep -q "^bookstack_master" <<< "${SKIP_EXTERNAL_TRIGGER}"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`bookstack_master\`; skipping trigger." >> $GITHUB_STEP_SUMMARY + exit 0 + fi + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> External trigger running off of master branch. To disable this trigger, add \`bookstack_master\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY + printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY + EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/bookstackapp/bookstack/releases/latest" | jq -r '. | .tag_name') + echo "Type is \`github_stable\`" >> $GITHUB_STEP_SUMMARY + if grep -q "^bookstack_master_${EXT_RELEASE}" <<< "${SKIP_EXTERNAL_TRIGGER}"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` matches current external release; skipping trigger." >> $GITHUB_STEP_SUMMARY + exit 0 + fi + if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY + FAILURE_REASON="Can't retrieve external version for bookstack branch master" + GHA_TRIGGER_URL="https://github.com/linuxserver/docker-bookstack/actions/runs/${{ github.run_id }}" + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, + "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + exit 1 + fi + EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') + echo "External version: \`${EXT_RELEASE}\`" >> $GITHUB_STEP_SUMMARY + echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY + image="linuxserver/bookstack" + tag="latest" + token=$(curl -sX GET \ + "https://ghcr.io/token?scope=repository%3Alinuxserver%2Fbookstack%3Apull" \ + | jq -r '.token') + multidigest=$(curl -s \ + --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ + --header "Accept: application/vnd.oci.image.index.v1+json" \ + --header "Authorization: Bearer ${token}" \ + "https://ghcr.io/v2/${image}/manifests/${tag}") + if jq -e '.layers // empty' <<< "${multidigest}" >/dev/null 2>&1; then + # If there's a layer element it's a single-arch manifest so just get that digest + digest=$(jq -r '.config.digest' <<< "${multidigest}") + else + # Otherwise it's multi-arch or has manifest annotations + if jq -e '.manifests[]?.annotations // empty' <<< "${multidigest}" >/dev/null 2>&1; then + # Check for manifest annotations and delete if found + multidigest=$(jq 'del(.manifests[] | select(.annotations))' <<< "${multidigest}") + fi + if [[ $(jq '.manifests | length' <<< "${multidigest}") -gt 1 ]]; then + # If there's still more than one digest, it's multi-arch + multidigest=$(jq -r ".manifests[] | select(.platform.architecture == \"amd64\").digest?" <<< "${multidigest}") + else + # Otherwise it's single arch + multidigest=$(jq -r ".manifests[].digest?" <<< "${multidigest}") + fi + if digest=$(curl -s \ + --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ + --header "Accept: application/vnd.oci.image.manifest.v1+json" \ + --header "Authorization: Bearer ${token}" \ + "https://ghcr.io/v2/${image}/manifests/${multidigest}"); then + digest=$(jq -r '.config.digest' <<< "${digest}"); + fi + fi + image_info=$(curl -sL \ + --header "Authorization: Bearer ${token}" \ + "https://ghcr.io/v2/${image}/blobs/${digest}") + if [[ $(echo $image_info | jq -r '.container_config') == "null" ]]; then + image_info=$(echo $image_info | jq -r '.config') + else + image_info=$(echo $image_info | jq -r '.container_config') + fi + IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') + IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}') + if [ -z "${IMAGE_VERSION}" ]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "Can't retrieve last pushed version, exiting" >> $GITHUB_STEP_SUMMARY + FAILURE_REASON="Can't retrieve last pushed version for bookstack tag latest" + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, + "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + exit 1 + fi + echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY + if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then + echo "Version \`${EXT_RELEASE}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY + exit 0 + elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-bookstack/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then + echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY + exit 0 + else + if [[ "${artifacts_found}" == "false" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> New version detected, but not all artifacts are published yet; skipping trigger" >> $GITHUB_STEP_SUMMARY + FAILURE_REASON="New version ${EXT_RELEASE} for bookstack tag latest is detected, however not all artifacts are uploaded to upstream release yet. Will try again later." + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, + "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + else + printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY + echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY + if [[ "${artifacts_found}" == "true" ]]; then + echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY + fi + response=$(curl -iX POST \ + https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-bookstack/job/master/buildWithParameters?PACKAGE_CHECK=false \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") + echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY + echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY + sleep 10 + buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') + buildurl="${buildurl%$'\r'}" + echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY + echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY + curl -iX POST \ + "${buildurl}submitDescription" \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ + --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ + --data-urlencode "Submit=Submit" + echo "**** Notifying Discord ****" + TRIGGER_REASON="A version change was detected for bookstack tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}" + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, + "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + fi + fi diff --git a/.github/workflows/external_trigger_scheduler.yml b/.github/workflows/external_trigger_scheduler.yml new file mode 100755 index 0000000..ae9393a --- /dev/null +++ b/.github/workflows/external_trigger_scheduler.yml @@ -0,0 +1,45 @@ +name: External Trigger Scheduler + +on: + schedule: + - cron: '19 * * * *' + workflow_dispatch: + +jobs: + external-trigger-scheduler: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4.1.1 + with: + fetch-depth: '0' + + - name: External Trigger Scheduler + run: | + printf "# External trigger scheduler for docker-bookstack\n\n" >> $GITHUB_STEP_SUMMARY + printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY + for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) + do + if [[ "${br}" == "HEAD" ]]; then + printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY + continue + fi + printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY + ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-bookstack/${br}/jenkins-vars.yml) + ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch') + ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type') + if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then + echo "Branch appears to be live and trigger is not os; checking workflow." >> $GITHUB_STEP_SUMMARY + if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-bookstack/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then + echo "Triggering external trigger workflow for branch." >> $GITHUB_STEP_SUMMARY + curl -iX POST \ + -H "Authorization: token ${{ secrets.CR_PAT }}" \ + -H "Accept: application/vnd.github.v3+json" \ + -d "{\"ref\":\"refs/heads/${br}\"}" \ + https://api.github.com/repos/linuxserver/docker-bookstack/actions/workflows/external_trigger.yml/dispatches + else + echo "Skipping branch due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY + fi + else + echo "Skipping branch due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY + fi + done diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index 5854d78..7ada469 100755 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -8,6 +8,6 @@ jobs: steps: - uses: actions/first-interaction@v1 with: - issue-message: 'Thanks for opening your first issue here! Be sure to follow the [issue template](https://github.com/linuxserver/docker-bookstack/.github/ISSUE_TEMPLATE.md)!' - pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-bookstack/.github/PULL_REQUEST_TEMPLATE.md)!' + issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.' + pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-bookstack/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!' repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/package_trigger_scheduler.yml b/.github/workflows/package_trigger_scheduler.yml new file mode 100755 index 0000000..7233671 --- /dev/null +++ b/.github/workflows/package_trigger_scheduler.yml @@ -0,0 +1,100 @@ +name: Package Trigger Scheduler + +on: + schedule: + - cron: '4 18 * * 1' + workflow_dispatch: + +jobs: + package-trigger-scheduler: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4.1.1 + with: + fetch-depth: '0' + + - name: Package Trigger Scheduler + env: + SKIP_PACKAGE_TRIGGER: ${{ vars.SKIP_PACKAGE_TRIGGER }} + run: | + printf "# Package trigger scheduler for docker-bookstack\n\n" >> $GITHUB_STEP_SUMMARY + printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY + for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) + do + if [[ "${br}" == "HEAD" ]]; then + printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY + continue + fi + printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY + JENKINS_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-bookstack/${br}/jenkins-vars.yml) + if ! curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-bookstack/${br}/Jenkinsfile >/dev/null 2>&1; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> No Jenkinsfile found. Branch is either deprecated or is an early dev branch." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif [[ "${br}" == $(yq -r '.ls_branch' <<< "${JENKINS_VARS}") ]]; then + echo "Branch appears to be live; checking workflow." >> $GITHUB_STEP_SUMMARY + README_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-bookstack/${br}/readme-vars.yml) + if [[ $(yq -r '.project_deprecation_status' <<< "${README_VARS}") == "true" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Branch appears to be deprecated; skipping trigger." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif [[ $(yq -r '.skip_package_check' <<< "${JENKINS_VARS}") == "true" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Skipping branch ${br} due to \`skip_package_check\` being set in \`jenkins-vars.yml\`." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif grep -q "^bookstack_${br}" <<< "${SKIP_PACKAGE_TRIGGER}"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_PACKAGE_TRIGGER\` contains \`bookstack_${br}\`; skipping trigger." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-bookstack/job/${br}/lastBuild/api/json | jq -r '.building' 2>/dev/null) == "true" ]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> There already seems to be an active build on Jenkins; skipping package trigger for ${br}" >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + else + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> Triggering package trigger for branch ${br}" >> $GITHUB_STEP_SUMMARY + printf "> To disable, add \`bookstack_%s\` into the Github organizational variable \`SKIP_PACKAGE_TRIGGER\`.\n\n" "${br}" >> $GITHUB_STEP_SUMMARY + triggered_branches="${triggered_branches}${br} " + response=$(curl -iX POST \ + https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-bookstack/job/${br}/buildWithParameters?PACKAGE_CHECK=true \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") + if [[ -z "${response}" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Jenkins build could not be triggered. Skipping branch." + continue + fi + echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY + echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY + sleep 10 + buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') + buildurl="${buildurl%$'\r'}" + echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY + echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY + if ! curl -ifX POST \ + "${buildurl}submitDescription" \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ + --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ + --data-urlencode "Submit=Submit"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Unable to change the Jenkins job description." + fi + sleep 20 + fi + else + echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY + fi + done + if [[ -n "${triggered_branches}" ]] || [[ -n "${skipped_branches}" ]]; then + if [[ -n "${triggered_branches}" ]]; then + NOTIFY_BRANCHES="**Triggered:** ${triggered_branches} \n" + NOTIFY_BUILD_URL="**Build URL:** https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-bookstack/activity/ \n" + echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****" + fi + if [[ -n "${skipped_branches}" ]]; then + NOTIFY_BRANCHES="${NOTIFY_BRANCHES}**Skipped:** ${skipped_branches} \n" + fi + echo "**** Notifying Discord ****" + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, + "description": "**Package Check Build(s) for bookstack** \n'"${NOTIFY_BRANCHES}"''"${NOTIFY_BUILD_URL}"'"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + fi diff --git a/.github/workflows/permissions.yml b/.github/workflows/permissions.yml new file mode 100755 index 0000000..02e1bdb --- /dev/null +++ b/.github/workflows/permissions.yml @@ -0,0 +1,12 @@ +name: Permission check +on: + pull_request_target: + paths: + - '**/run' + - '**/finish' + - '**/check' + - 'root/migrations/*' + +jobs: + permission_check: + uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1 diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml deleted file mode 100755 index 1806420..0000000 --- a/.github/workflows/stale.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Mark stale issues and pull requests - -on: - schedule: - - cron: "30 1 * * *" - -jobs: - stale: - - runs-on: ubuntu-latest - - steps: - - uses: actions/stale@v1 - with: - stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions." - stale-pr-message: "This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions." - stale-issue-label: 'no-issue-activity' - stale-pr-label: 'no-pr-activity' - days-before-stale: 30 - days-before-close: 365 - exempt-issue-labels: 'awaiting-approval,work-in-progress' - exempt-pr-labels: 'awaiting-approval,work-in-progress' - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index 0e51313..1147a31 100644 --- a/.gitignore +++ b/.gitignore @@ -42,3 +42,4 @@ Network Trash Folder Temporary Items .apdisk docker-compose.yml +.jenkins-external diff --git a/Dockerfile b/Dockerfile index aabe386..3cb5246 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,74 +1,67 @@ -FROM lsiobase/nginx:3.11 +# syntax=docker/dockerfile:1 + +FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.21 # set version label ARG BUILD_DATE ARG VERSION ARG BOOKSTACK_RELEASE LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" -LABEL maintainer="homerr" +LABEL maintainer="thespad" -# package versions -ARG BOOKSTACK_RELEASE +ENV S6_STAGE2_HOOK="/init-hook" RUN \ - echo "**** install packages ****" && \ - apk add --no-cache \ - curl \ - fontconfig \ - memcached \ - netcat-openbsd \ - php7-ctype \ - php7-curl \ - php7-dom \ - php7-gd \ - php7-ldap \ - php7-mbstring \ - php7-memcached \ - php7-mysqlnd \ - php7-openssl \ - php7-pdo_mysql \ - php7-phar \ - php7-simplexml \ - php7-tidy \ - php7-tokenizer \ - qt5-qtbase \ - tar \ - ttf-freefont \ - wkhtmltopdf && \ - echo "**** tidy bug fix ****" && \ - curl -s \ - http://dl-cdn.alpinelinux.org/alpine/v3.7/community/x86_64/tidyhtml-libs-5.4.0-r0.apk | \ - tar xfz - -C / && \ - rm -f /usr/lib/libtidy.so.5.6.0 && \ - echo "**** configure php-fpm ****" && \ - sed -i 's/;clear_env = no/clear_env = no/g' /etc/php7/php-fpm.d/www.conf && \ - echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php7/php-fpm.conf && \ - echo "**** fetch bookstack ****" && \ - mkdir -p\ - /var/www/html && \ - if [ -z ${BOOKSTACK_RELEASE+x} ]; then \ - BOOKSTACK_RELEASE=$(curl -sX GET "https://api.github.com/repos/bookstackapp/bookstack/releases/latest" \ - | awk '/tag_name/{print $4;exit}' FS='[""]'); \ - fi && \ - curl -o \ - /tmp/bookstack.tar.gz -L \ - "https://github.com/BookStackApp/BookStack/archive/${BOOKSTACK_RELEASE}.tar.gz" && \ - tar xf \ - /tmp/bookstack.tar.gz -C \ - /var/www/html/ --strip-components=1 && \ - echo "**** install composer ****" && \ - cd /tmp && \ - curl -sS https://getcomposer.org/installer | php && \ - mv /tmp/composer.phar /usr/local/bin/composer && \ - echo "**** install composer dependencies ****" && \ - composer install -d /var/www/html/ && \ - echo "**** cleanup ****" && \ - rm -rf \ - /root/.composer \ - /tmp/* + echo "**** install runtime packages ****" && \ + apk add --no-cache \ + fontconfig \ + mariadb-client \ + memcached \ + php83-dom \ + php83-exif \ + php83-gd \ + php83-ldap \ + php83-mysqlnd \ + php83-opcache \ + php83-pdo_mysql \ + php83-pecl-memcached \ + php83-tokenizer \ + qt5-qtbase \ + ttf-freefont && \ + echo "**** configure php-fpm to pass env vars ****" && \ + sed -E -i 's/^;?clear_env ?=.*$/clear_env = no/g' /etc/php83/php-fpm.d/www.conf && \ + grep -qxF 'clear_env = no' /etc/php83/php-fpm.d/www.conf || echo 'clear_env = no' >> /etc/php83/php-fpm.d/www.conf && \ + echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php83/php-fpm.conf && \ + echo "**** fetch bookstack ****" && \ + mkdir -p\ + /app/www && \ + if [ -z ${BOOKSTACK_RELEASE+x} ]; then \ + BOOKSTACK_RELEASE=$(curl -sX GET "https://api.github.com/repos/bookstackapp/bookstack/releases/latest" \ + | awk '/tag_name/{print $4;exit}' FS='[""]'); \ + fi && \ + curl -o \ + /tmp/bookstack.tar.gz -L \ + "https://github.com/BookStackApp/BookStack/archive/${BOOKSTACK_RELEASE}.tar.gz" && \ + tar xf \ + /tmp/bookstack.tar.gz -C \ + /app/www/ --strip-components=1 && \ + echo "**** install composer dependencies ****" && \ + composer install -d /app/www/ && \ + printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \ + echo "**** create symlinks ****" && \ + /bin/bash -c \ + 'dst=(www/themes www/files www/images www/uploads backups www/framework/cache www/framework/sessions www/framework/views log/bookstack/laravel.log www/.env); \ + src=(themes storage/uploads/files storage/uploads/images public/uploads storage/backups storage/framework/cache storage/framework/sessions storage/framework/views storage/logs/laravel.log .env); \ + for i in "${!src[@]}"; do rm -rf /app/www/"${src[i]}" && ln -s /config/"${dst[i]}" /app/www/"${src[i]}"; done' && \ + echo "**** cleanup ****" && \ + rm -rf \ + /tmp/* \ + $HOME/.cache \ + $HOME/.composer # copy local files COPY root/ / # ports and volumes +EXPOSE 80 443 VOLUME /config diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 3ff0607..a983af3 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -1,74 +1,67 @@ -FROM lsiobase/nginx:arm64v8-3.11 +# syntax=docker/dockerfile:1 + +FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.21 # set version label ARG BUILD_DATE ARG VERSION ARG BOOKSTACK_RELEASE LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" -LABEL maintainer="homerr" +LABEL maintainer="thespad" -# package versions -ARG BOOKSTACK_RELEASE +ENV S6_STAGE2_HOOK="/init-hook" RUN \ - echo "**** install packages ****" && \ - apk add --no-cache \ - curl \ - fontconfig \ - memcached \ - netcat-openbsd \ - php7-ctype \ - php7-curl \ - php7-dom \ - php7-gd \ - php7-ldap \ - php7-mbstring \ - php7-memcached \ - php7-mysqlnd \ - php7-openssl \ - php7-pdo_mysql \ - php7-phar \ - php7-simplexml \ - php7-tidy \ - php7-tokenizer \ - qt5-qtbase \ - tar \ - ttf-freefont \ - wkhtmltopdf && \ - echo "**** tidy bug fix ****" && \ - curl -s \ - http://dl-cdn.alpinelinux.org/alpine/v3.7/community/aarch64/tidyhtml-libs-5.4.0-r0.apk | \ - tar xfz - -C / && \ - rm -f /usr/lib/libtidy.so.5.6.0 && \ - echo "**** configure php-fpm ****" && \ - sed -i 's/;clear_env = no/clear_env = no/g' /etc/php7/php-fpm.d/www.conf && \ - echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php7/php-fpm.conf && \ - echo "**** fetch bookstack ****" && \ - mkdir -p\ - /var/www/html && \ - if [ -z ${BOOKSTACK_RELEASE+x} ]; then \ - BOOKSTACK_RELEASE=$(curl -sX GET "https://api.github.com/repos/bookstackapp/bookstack/releases/latest" \ - | awk '/tag_name/{print $4;exit}' FS='[""]'); \ - fi && \ - curl -o \ - /tmp/bookstack.tar.gz -L \ - "https://github.com/BookStackApp/BookStack/archive/${BOOKSTACK_RELEASE}.tar.gz" && \ - tar xf \ - /tmp/bookstack.tar.gz -C \ - /var/www/html/ --strip-components=1 && \ - echo "**** install composer ****" && \ - cd /tmp && \ - curl -sS https://getcomposer.org/installer | php && \ - mv /tmp/composer.phar /usr/local/bin/composer && \ - echo "**** install composer dependencies ****" && \ - composer install -d /var/www/html/ && \ - echo "**** cleanup ****" && \ - rm -rf \ - /root/.composer \ - /tmp/* + echo "**** install runtime packages ****" && \ + apk add --no-cache \ + fontconfig \ + mariadb-client \ + memcached \ + php83-dom \ + php83-exif \ + php83-gd \ + php83-ldap \ + php83-mysqlnd \ + php83-opcache \ + php83-pdo_mysql \ + php83-pecl-memcached \ + php83-tokenizer \ + qt5-qtbase \ + ttf-freefont && \ + echo "**** configure php-fpm to pass env vars ****" && \ + sed -E -i 's/^;?clear_env ?=.*$/clear_env = no/g' /etc/php83/php-fpm.d/www.conf && \ + grep -qxF 'clear_env = no' /etc/php83/php-fpm.d/www.conf || echo 'clear_env = no' >> /etc/php83/php-fpm.d/www.conf && \ + echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php83/php-fpm.conf && \ + echo "**** fetch bookstack ****" && \ + mkdir -p\ + /app/www && \ + if [ -z ${BOOKSTACK_RELEASE+x} ]; then \ + BOOKSTACK_RELEASE=$(curl -sX GET "https://api.github.com/repos/bookstackapp/bookstack/releases/latest" \ + | awk '/tag_name/{print $4;exit}' FS='[""]'); \ + fi && \ + curl -o \ + /tmp/bookstack.tar.gz -L \ + "https://github.com/BookStackApp/BookStack/archive/${BOOKSTACK_RELEASE}.tar.gz" && \ + tar xf \ + /tmp/bookstack.tar.gz -C \ + /app/www/ --strip-components=1 && \ + echo "**** install composer dependencies ****" && \ + composer install -d /app/www/ && \ + printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \ + echo "**** create symlinks ****" && \ + /bin/bash -c \ + 'dst=(www/themes www/files www/images www/uploads backups www/framework/cache www/framework/sessions www/framework/views log/bookstack/laravel.log www/.env); \ + src=(themes storage/uploads/files storage/uploads/images public/uploads storage/backups storage/framework/cache storage/framework/sessions storage/framework/views storage/logs/laravel.log .env); \ + for i in "${!src[@]}"; do rm -rf /app/www/"${src[i]}" && ln -s /config/"${dst[i]}" /app/www/"${src[i]}"; done' && \ + echo "**** cleanup ****" && \ + rm -rf \ + /tmp/* \ + $HOME/.cache \ + $HOME/.composer # copy local files COPY root/ / # ports and volumes +EXPOSE 80 443 VOLUME /config diff --git a/Dockerfile.armhf b/Dockerfile.armhf deleted file mode 100644 index 6ea2e6c..0000000 --- a/Dockerfile.armhf +++ /dev/null @@ -1,69 +0,0 @@ -FROM lsiobase/nginx:arm32v7-3.11 - -# set version label -ARG BUILD_DATE -ARG VERSION -ARG BOOKSTACK_RELEASE -LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" -LABEL maintainer="homerr" - -# package versions -ARG BOOKSTACK_RELEASE - -RUN \ - echo "**** install packages ****" && \ - apk add --no-cache \ - curl \ - fontconfig \ - memcached \ - netcat-openbsd \ - php7-ctype \ - php7-curl \ - php7-dom \ - php7-gd \ - php7-ldap \ - php7-mbstring \ - php7-memcached \ - php7-mysqlnd \ - php7-openssl \ - php7-pdo_mysql \ - php7-phar \ - php7-simplexml \ - php7-tidy \ - php7-tokenizer \ - qt5-qtbase \ - tar \ - ttf-freefont \ - wkhtmltopdf && \ - echo "**** configure php-fpm ****" && \ - sed -i 's/;clear_env = no/clear_env = no/g' /etc/php7/php-fpm.d/www.conf && \ - echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php7/php-fpm.conf && \ - echo "**** fetch bookstack ****" && \ - mkdir -p\ - /var/www/html && \ - if [ -z ${BOOKSTACK_RELEASE+x} ]; then \ - BOOKSTACK_RELEASE=$(curl -sX GET "https://api.github.com/repos/bookstackapp/bookstack/releases/latest" \ - | awk '/tag_name/{print $4;exit}' FS='[""]'); \ - fi && \ - curl -o \ - /tmp/bookstack.tar.gz -L \ - "https://github.com/BookStackApp/BookStack/archive/${BOOKSTACK_RELEASE}.tar.gz" && \ - tar xf \ - /tmp/bookstack.tar.gz -C \ - /var/www/html/ --strip-components=1 && \ - echo "**** install composer ****" && \ - cd /tmp && \ - curl -sS https://getcomposer.org/installer | php && \ - mv /tmp/composer.phar /usr/local/bin/composer && \ - echo "**** install composer dependencies ****" && \ - composer install -d /var/www/html/ && \ - echo "**** cleanup ****" && \ - rm -rf \ - /root/.composer \ - /tmp/* - -# copy local files -COPY root/ / - -# ports and volumes -VOLUME /config diff --git a/Jenkinsfile b/Jenkinsfile index f40faca..4cbf23a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -8,7 +8,7 @@ pipeline { } // Input to determine if this is a package check parameters { - string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK') + string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK') } // Configuration for the variables used for this specific repo environment { @@ -16,6 +16,9 @@ pipeline { GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab') GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0') GITLAB_NAMESPACE=credentials('gitlab-namespace-id') + DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat') + QUAYIO_API_TOKEN=credentials('quayio-repo-api-token') + GIT_SIGNING_KEY=credentials('484fbca6-9a4f-455e-b9e3-97ac98785f5f') EXT_GIT_BRANCH = 'master' EXT_USER = 'bookstackapp' EXT_REPO = 'bookstack' @@ -28,23 +31,55 @@ pipeline { PR_DOCKERHUB_IMAGE = 'lspipepr/bookstack' DIST_IMAGE = 'alpine' MULTIARCH = 'true' - CI = 'true' + CI = 'false' CI_WEB = 'false' CI_PORT = '80' CI_SSL = 'false' - CI_DELAY = '30' - CI_DOCKERENV='TEST_RUN=1' - CI_AUTH = 'user:password' + CI_DELAY = '60' + CI_DOCKERENV='' + CI_AUTH = '' CI_WEBPATH = '' } stages { + stage("Set git config"){ + steps{ + sh '''#!/bin/bash + cat ${GIT_SIGNING_KEY} > /config/.ssh/id_sign + chmod 600 /config/.ssh/id_sign + ssh-keygen -y -f /config/.ssh/id_sign > /config/.ssh/id_sign.pub + echo "Using $(ssh-keygen -lf /config/.ssh/id_sign) to sign commits" + git config --global gpg.format ssh + git config --global user.signingkey /config/.ssh/id_sign + git config --global commit.gpgsign true + ''' + } + } // Setup all the basic environment variables needed for the build stage("Set ENV Variables base"){ steps{ + echo "Running on node: ${NODE_NAME}" + sh '''#! /bin/bash + echo "Pruning builder" + docker builder prune -f --builder container || : + containers=$(docker ps -q) + if [[ -n "${containers}" ]]; then + BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') + for container in ${containers}; do + if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then + echo "skipping buildx container in docker stop" + else + echo "Stopping container ${container}" + docker stop ${container} + fi + done + fi + docker system prune -f --volumes || : + docker image prune -af || : + ''' script{ env.EXIT_STATUS = '' env.LS_RELEASE = sh( - script: '''docker run --rm alexeiled/skopeo sh -c 'skopeo inspect docker://docker.io/'${DOCKERHUB_IMAGE}':latest 2>/dev/null' | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', + script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:latest 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', returnStdout: true).trim() env.LS_RELEASE_NOTES = sh( script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''', @@ -55,11 +90,16 @@ pipeline { env.COMMIT_SHA = sh( script: '''git rev-parse HEAD''', returnStdout: true).trim() + env.GH_DEFAULT_BRANCH = sh( + script: '''git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||' ''', + returnStdout: true).trim() env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/' env.PULL_REQUEST = env.CHANGE_ID - env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE.md ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/greetings.yml ./.github/workflows/stale.yml' + env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml' } + sh '''#! /bin/bash + echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" ''' script{ env.LS_RELEASE_NUMBER = sh( script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''', @@ -106,7 +146,7 @@ pipeline { steps{ script{ env.EXT_RELEASE = sh( - script: '''curl -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq -r '. | .tag_name' ''', + script: '''curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq -r '. | .tag_name' ''', returnStdout: true).trim() } } @@ -124,8 +164,32 @@ pipeline { steps{ script{ env.EXT_RELEASE_CLEAN = sh( - script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g' ''', + script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/ ]//g' ''', returnStdout: true).trim() + + def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/ + if (semver.find()) { + env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${semver[0][3]}" + } else { + semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)(?:\.(\d+))?(.*)/ + if (semver.find()) { + if (semver[0][3]) { + env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${semver[0][3]}" + } else if (!semver[0][3] && !semver[0][4]) { + env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${(new Date()).format('YYYYMMdd')}" + } + } + } + + if (env.SEMVER != null) { + if (BRANCH_NAME != "${env.GH_DEFAULT_BRANCH}") { + env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}" + } + println("SEMVER: ${env.SEMVER}") + } else { + println("No SEMVER detected") + } + } } } @@ -138,14 +202,18 @@ pipeline { steps { script{ env.IMAGE = env.DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'docker.pkg.github.com/' + env.LS_USER + '/' + env.LS_REPO + '/' + env.CONTAINER_NAME + env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/' + env.CONTAINER_NAME env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME + env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER } else { env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER } + env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER env.META_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN + env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' } } } @@ -158,15 +226,19 @@ pipeline { steps { script{ env.IMAGE = env.DEV_DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'docker.pkg.github.com/' + env.LS_USER + '/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME + env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/lsiodev-' + env.CONTAINER_NAME env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME + env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA } else { env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA } + env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/' + env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' } } } @@ -178,16 +250,20 @@ pipeline { steps { script{ env.IMAGE = env.PR_DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'docker.pkg.github.com/' + env.LS_USER + '/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME + env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/lspipepr-' + env.CONTAINER_NAME env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME + env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST } else { - env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST } - env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/' + env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' } } } @@ -198,25 +274,24 @@ pipeline { } steps { withCredentials([ - string(credentialsId: 'spaces-key', variable: 'DO_KEY'), - string(credentialsId: 'spaces-secret', variable: 'DO_SECRET') + string(credentialsId: 'ci-tests-s3-key-id', variable: 'S3_KEY'), + string(credentialsId: 'ci-tests-s3-secret-access-key', variable: 'S3_SECRET') ]) { script{ - env.SHELLCHECK_URL = 'https://lsio-ci.ams3.digitaloceanspaces.com/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml' + env.SHELLCHECK_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml' } - sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-shellcheck/master/checkrun.sh | /bin/bash''' + sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-jenkins-builder/master/checkrun.sh | /bin/bash''' sh '''#! /bin/bash - set -e - docker pull lsiodev/spaces-file-upload:latest docker run --rm \ - -e DESTINATION=\"${IMAGE}/${META_TAG}/shellcheck-result.xml\" \ - -e FILE_NAME="shellcheck-result.xml" \ - -e MIMETYPE="text/xml" \ - -v ${WORKSPACE}:/mnt \ - -e SECRET_KEY=\"${DO_SECRET}\" \ - -e ACCESS_KEY=\"${DO_KEY}\" \ - -t lsiodev/spaces-file-upload:latest \ - python /upload.py''' + -v ${WORKSPACE}:/mnt \ + -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \ + -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \ + ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\ + apk add --no-cache python3 && \ + python3 -m venv /lsiopy && \ + pip install --no-cache-dir -U pip && \ + pip install --no-cache-dir s3cmd && \ + s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :''' } } } @@ -233,35 +308,198 @@ pipeline { sh '''#! /bin/bash set -e TEMPDIR=$(mktemp -d) - docker pull linuxserver/jenkins-builder:latest - docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins linuxserver/jenkins-builder:latest + docker pull ghcr.io/linuxserver/jenkins-builder:latest + # Cloned repo paths for templating: + # ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch master of ${LS_USER}/${LS_REPO} for running the jenkins builder on + # ${TEMPDIR}/repo/${LS_REPO}: Cloned branch master of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github + # ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github + # ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos + # ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github + git clone --branch master --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME} + docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest + echo "Starting Stage 1 - Jenkinsfile update" + if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f master + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/ + git add Jenkinsfile + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit" + rm -Rf ${TEMPDIR} + exit 0 + else + echo "Jenkinsfile is up to date." + fi + echo "Starting Stage 2 - Delete old templates" + OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml .github/workflows/package_trigger.yml" + for i in ${OLD_TEMPLATES}; do + if [[ -f "${i}" ]]; then + TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}" + fi + done + if [[ -n "${TEMPLATES_TO_DELETE}" ]]; then + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f master + for i in ${TEMPLATES_TO_DELETE}; do + git rm "${i}" + done + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit" + rm -Rf ${TEMPDIR} + exit 0 + else + echo "No templates to delete" + fi + echo "Starting Stage 2.5 - Update init diagram" + if ! grep -q 'init_diagram:' readme-vars.yml; then + echo "Adding the key 'init_diagram' to readme-vars.yml" + sed -i '\\|^#.*changelog.*$|d' readme-vars.yml + sed -i 's|^changelogs:|# init diagram\\ninit_diagram:\\n\\n# changelog\\nchangelogs:|' readme-vars.yml + fi + mkdir -p ${TEMPDIR}/d2 + docker run --rm -v ${TEMPDIR}/d2:/output -e PUID=$(id -u) -e PGID=$(id -g) -e RAW="true" ghcr.io/linuxserver/d2-builder:latest ${CONTAINER_NAME}:latest + ls -al ${TEMPDIR}/d2 + yq -ei ".init_diagram |= load_str(\\"${TEMPDIR}/d2/${CONTAINER_NAME}-latest.d2\\")" readme-vars.yml + if [[ $(md5sum readme-vars.yml | cut -c1-8) != $(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/readme-vars.yml | cut -c1-8) ]]; then + echo "'init_diagram' has been updated. Updating repo and exiting build, new one will trigger based on commit." + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f master + cp ${WORKSPACE}/readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/readme-vars.yml + git add readme-vars.yml + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Updating templates and exiting build, new one will trigger based on commit" + rm -Rf ${TEMPDIR} + exit 0 + else + echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Init diagram is unchanged" + fi + echo "Starting Stage 3 - Update templates" CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) cd ${TEMPDIR}/docker-${CONTAINER_NAME} NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) - if [[ "${CURRENTHASH}" != "${NEWHASH}" ]]; then + if [[ "${CURRENTHASH}" != "${NEWHASH}" ]] || ! grep -q '.jenkins-external' "${WORKSPACE}/.gitignore" 2>/dev/null; then mkdir -p ${TEMPDIR}/repo git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} cd ${TEMPDIR}/repo/${LS_REPO} git checkout -f master cd ${TEMPDIR}/docker-${CONTAINER_NAME} mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows - cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ + mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE + cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || : + cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || : cd ${TEMPDIR}/repo/${LS_REPO}/ - git add ${TEMPLATED_FILES} + if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then + echo ".jenkins-external" >> .gitignore + git add .gitignore + fi + git add readme-vars.yml ${TEMPLATED_FILES} git commit -m 'Bot Updating Templated Files' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Updating templates and exiting build, new one will trigger based on commit" + rm -Rf ${TEMPDIR} + exit 0 else echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "No templates to update" fi - mkdir -p ${TEMPDIR}/gitbook - git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/gitbook/docker-documentation - if [[ "${BRANCH_NAME}" == "master" ]] && [[ (! -f ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/docker-${CONTAINER_NAME}.md ${TEMPDIR}/gitbook/docker-documentation/images/ - cd ${TEMPDIR}/gitbook/docker-documentation/ - git add images/docker-${CONTAINER_NAME}.md + echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub" + mkdir -p ${TEMPDIR}/docs + git clone --depth=1 https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/ + cd ${TEMPDIR}/docs/docker-documentation + GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') + git add docs/images/docker-${CONTAINER_NAME}.md + echo "Updating docs repo" git commit -m 'Bot Updating Documentation' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} || \ + (MAXWAIT="10" && echo "Push to docs failed, trying again in ${MAXWAIT} seconds" && \ + sleep $((RANDOM % MAXWAIT)) && \ + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase && \ + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH}) + else + echo "Docs update not needed, skipping" + fi + mkdir -p ${TEMPDIR}/unraid + git clone --depth=1 https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates + git clone --depth=1 https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates + if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then + sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml + elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then + sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml + fi + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then + echo "Updating Unraid template" + cd ${TEMPDIR}/unraid/templates/ + GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') + if grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list && [[ -f ${TEMPDIR}/unraid/templates/unraid/deprecated/${CONTAINER_NAME}.xml ]]; then + echo "Image is on the ignore list, and already in the deprecation folder." + elif grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then + echo "Image is on the ignore list, marking Unraid template as deprecated" + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ + git add -u unraid/${CONTAINER_NAME}.xml + git mv unraid/${CONTAINER_NAME}.xml unraid/deprecated/${CONTAINER_NAME}.xml || : + git commit -m 'Bot Moving Deprecated Unraid Template' || : + else + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ + git add unraid/${CONTAINER_NAME}.xml + git commit -m 'Bot Updating Unraid Template' + fi + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} || \ + (MAXWAIT="10" && echo "Push to unraid templates failed, trying again in ${MAXWAIT} seconds" && \ + sleep $((RANDOM % MAXWAIT)) && \ + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase && \ + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH}) + else + echo "No updates to Unraid template needed, skipping" + fi + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then + if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then + echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub" + DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite" + else + echo "Syncing readme to Docker Hub" + DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md" + fi + if curl -s https://hub.docker.com/v2/namespaces/${DOCKERHUB_IMAGE%%/*}/repositories/${DOCKERHUB_IMAGE##*/}/tags | jq -r '.message' | grep -q 404; then + echo "Docker Hub endpoint doesn't exist. Creating endpoint first." + DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') + curl -s \ + -H "Authorization: JWT ${DH_TOKEN}" \ + -H "Content-Type: application/json" \ + -X POST \ + -d '{"name":"'${DOCKERHUB_IMAGE##*/}'", "namespace":"'${DOCKERHUB_IMAGE%%/*}'"}' \ + https://hub.docker.com/v2/repositories/ || : + fi + DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') + curl -s \ + -H "Authorization: JWT ${DH_TOKEN}" \ + -H "Content-Type: application/json" \ + -X PATCH \ + -d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \ + https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || : + else + echo "Not the default Github branch. Skipping readme sync to Docker Hub." fi rm -Rf ${TEMPDIR}''' script{ @@ -287,24 +525,48 @@ pipeline { } } } + // If this is a master build check the S6 service file perms + stage("Check S6 Service file Permissions"){ + when { + branch "master" + environment name: 'CHANGE_ID', value: '' + environment name: 'EXIT_STATUS', value: '' + } + steps { + script{ + sh '''#! /bin/bash + WRONG_PERM=$(find ./ -path "./.git" -prune -o \\( -name "run" -o -name "finish" -o -name "check" \\) -not -perm -u=x,g=x,o=x -print) + if [[ -n "${WRONG_PERM}" ]]; then + echo "The following S6 service files are missing the executable bit; canceling the faulty build: ${WRONG_PERM}" + exit 1 + else + echo "S6 service file perms look good." + fi ''' + } + } + } /* ####################### - GitLab Mirroring + GitLab Mirroring and Quay.io Repo Visibility ####################### */ - // Ping into Gitlab to mirror this repo and have a registry endpoint - stage("GitLab Mirror"){ + // Ping into Gitlab to mirror this repo and have a registry endpoint & mark this repo on Quay.io as public + stage("GitLab Mirror and Quay.io Visibility"){ when { environment name: 'EXIT_STATUS', value: '' } steps{ sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \ - -d '{"namespace_id":'${GITLAB_NAMESPACE}',\ - "name":"'${LS_REPO}'", - "mirror":true,\ - "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\ - "issues_access_level":"disabled",\ - "merge_requests_access_level":"disabled",\ - "repository_access_level":"enabled",\ - "visibility":"public"}' ''' + -d '{"namespace_id":'${GITLAB_NAMESPACE}',\ + "name":"'${LS_REPO}'", + "mirror":true,\ + "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\ + "issues_access_level":"disabled",\ + "merge_requests_access_level":"disabled",\ + "repository_access_level":"enabled",\ + "visibility":"public"}' ''' + sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \ + -d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" ''' + sh '''curl -H "Content-Type: application/json" -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" -X POST "https://quay.io/api/v1/repository${QUAYIMAGE/quay.io/}/changevisibility" \ + -d '{"visibility":"public"}' ||: ''' } } /* ############### @@ -313,53 +575,129 @@ pipeline { // Build Docker container for push to LS Repo stage('Build-Single') { when { - environment name: 'MULTIARCH', value: 'false' + expression { + env.MULTIARCH == 'false' || params.PACKAGE_CHECK == 'true' + } environment name: 'EXIT_STATUS', value: '' } steps { - sh "docker build --no-cache --pull -t ${IMAGE}:${META_TAG} \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${META_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." + echo "Running on node: ${NODE_NAME}" + sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile" + sh "docker buildx build \ + --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ + --label \"org.opencontainers.image.authors=linuxserver.io\" \ + --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-bookstack/packages\" \ + --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-bookstack\" \ + --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-bookstack\" \ + --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ + --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ + --label \"org.opencontainers.image.vendor=linuxserver.io\" \ + --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ + --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ + --label \"org.opencontainers.image.title=Bookstack\" \ + --label \"org.opencontainers.image.description=[Bookstack](https://github.com/BookStackApp/BookStack) is a free and open source Wiki designed for creating beautiful documentation. Featuring a simple, but powerful WYSIWYG editor it allows for teams to create detailed and useful documentation with ease. Powered by SQL and including a Markdown editor for those who prefer it, BookStack is geared towards making documentation more of a pleasure than a chore. For more information on BookStack visit their website and check it out: https://www.bookstackapp.com \" \ + --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \ + --provenance=true --sbom=true --builder=container --load \ + --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." + sh '''#! /bin/bash + set -e + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker tag ${IMAGE}:${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + done + ''' + withCredentials([ + [ + $class: 'UsernamePasswordMultiBinding', + credentialsId: 'Quay.io-Robot', + usernameVariable: 'QUAYUSER', + passwordVariable: 'QUAYPASS' + ] + ]) { + retry_backoff(5,5) { + sh '''#! /bin/bash + set -e + echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin + echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin + echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin + echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin + if [[ "${PACKAGE_CHECK}" != "true" ]]; then + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & + done + for p in $(jobs -p); do + wait "$p" || { echo "job $p failed" >&2; exit 1; } + done + fi + ''' + } + } } } // Build MultiArch Docker containers for push to LS Repo stage('Build-Multi') { when { - environment name: 'MULTIARCH', value: 'true' + allOf { + environment name: 'MULTIARCH', value: 'true' + expression { params.PACKAGE_CHECK == 'false' } + } environment name: 'EXIT_STATUS', value: '' } parallel { stage('Build X86') { steps { - sh "docker build --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${META_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - } - } - stage('Build ARMHF') { - agent { - label 'ARMHF' - } - steps { + echo "Running on node: ${NODE_NAME}" + sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile" + sh "docker buildx build \ + --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ + --label \"org.opencontainers.image.authors=linuxserver.io\" \ + --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-bookstack/packages\" \ + --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-bookstack\" \ + --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-bookstack\" \ + --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ + --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ + --label \"org.opencontainers.image.vendor=linuxserver.io\" \ + --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ + --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ + --label \"org.opencontainers.image.title=Bookstack\" \ + --label \"org.opencontainers.image.description=[Bookstack](https://github.com/BookStackApp/BookStack) is a free and open source Wiki designed for creating beautiful documentation. Featuring a simple, but powerful WYSIWYG editor it allows for teams to create detailed and useful documentation with ease. Powered by SQL and including a Markdown editor for those who prefer it, BookStack is geared towards making documentation more of a pleasure than a chore. For more information on BookStack visit their website and check it out: https://www.bookstackapp.com \" \ + --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \ + --provenance=true --sbom=true --builder=container --load \ + --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." + sh '''#! /bin/bash + set -e + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker tag ${IMAGE}:amd64-${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + done + ''' withCredentials([ [ $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' + credentialsId: 'Quay.io-Robot', + usernameVariable: 'QUAYUSER', + passwordVariable: 'QUAYPASS' ] ]) { - echo 'Logging into DockerHub' - sh '''#! /bin/bash - echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin - ''' - sh "docker build --no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${META_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh "docker tag ${IMAGE}:arm32v7-${META_TAG} lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}" - retry(5) { - sh "docker push lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}" + retry_backoff(5,5) { + sh '''#! /bin/bash + set -e + echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin + echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin + echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin + echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin + if [[ "${PACKAGE_CHECK}" != "true" ]]; then + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & + done + for p in $(jobs -p); do + wait "$p" || { echo "job $p failed" >&2; exit 1; } + done + fi + ''' } - sh '''docker rmi \ - ${IMAGE}:arm32v7-${META_TAG} \ - lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :''' } } } @@ -368,28 +706,66 @@ pipeline { label 'ARM64' } steps { + echo "Running on node: ${NODE_NAME}" + sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.aarch64" + sh "docker buildx build \ + --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ + --label \"org.opencontainers.image.authors=linuxserver.io\" \ + --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-bookstack/packages\" \ + --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-bookstack\" \ + --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-bookstack\" \ + --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ + --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ + --label \"org.opencontainers.image.vendor=linuxserver.io\" \ + --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ + --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ + --label \"org.opencontainers.image.title=Bookstack\" \ + --label \"org.opencontainers.image.description=[Bookstack](https://github.com/BookStackApp/BookStack) is a free and open source Wiki designed for creating beautiful documentation. Featuring a simple, but powerful WYSIWYG editor it allows for teams to create detailed and useful documentation with ease. Powered by SQL and including a Markdown editor for those who prefer it, BookStack is geared towards making documentation more of a pleasure than a chore. For more information on BookStack visit their website and check it out: https://www.bookstackapp.com \" \ + --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \ + --provenance=true --sbom=true --builder=container --load \ + --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." + sh '''#! /bin/bash + set -e + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker tag ${IMAGE}:arm64v8-${META_TAG} ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} + done + ''' withCredentials([ [ $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' + credentialsId: 'Quay.io-Robot', + usernameVariable: 'QUAYUSER', + passwordVariable: 'QUAYPASS' ] ]) { - echo 'Logging into DockerHub' - sh '''#! /bin/bash - echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin - ''' - sh "docker build --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${META_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh "docker tag ${IMAGE}:arm64v8-${META_TAG} lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}" - retry(5) { - sh "docker push lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}" + retry_backoff(5,5) { + sh '''#! /bin/bash + set -e + echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin + echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin + echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin + echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin + if [[ "${PACKAGE_CHECK}" != "true" ]]; then + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} & + done + for p in $(jobs -p); do + wait "$p" || { echo "job $p failed" >&2; exit 1; } + done + fi + ''' } - sh '''docker rmi \ - ${IMAGE}:arm64v8-${META_TAG} \ - lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :''' } + sh '''#! /bin/bash + containers=$(docker ps -aq) + if [[ -n "${containers}" ]]; then + docker stop ${containers} + fi + docker system prune -f --volumes || : + docker image prune -af || : + ''' } } } @@ -405,22 +781,17 @@ pipeline { sh '''#! /bin/bash set -e TEMPDIR=$(mktemp -d) - if [ "${MULTIARCH}" == "true" ]; then + if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" != "true" ]; then LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG} else LOCAL_CONTAINER=${IMAGE}:${META_TAG} fi - if [ "${DIST_IMAGE}" == "alpine" ]; then - docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\ - apk info -v > /tmp/package_versions.txt && \ - sort -o /tmp/package_versions.txt /tmp/package_versions.txt && \ - chmod 777 /tmp/package_versions.txt' - elif [ "${DIST_IMAGE}" == "ubuntu" ]; then - docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\ - apt list -qq --installed | sed "s#/.*now ##g" | cut -d" " -f1 > /tmp/package_versions.txt && \ - sort -o /tmp/package_versions.txt /tmp/package_versions.txt && \ - chmod 777 /tmp/package_versions.txt' - fi + touch ${TEMPDIR}/package_versions.txt + docker run --rm \ + -v /var/run/docker.sock:/var/run/docker.sock:ro \ + -v ${TEMPDIR}:/tmp \ + ghcr.io/anchore/syft:latest \ + ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 ) echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github" if [ "${NEW_PACKAGE_TAG}" != "${PACKAGE_TAG}" ]; then @@ -431,7 +802,8 @@ pipeline { wait git add package_versions.txt git commit -m 'Bot Updating Package Versions' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER} echo "Package tag updated, stopping build process" else @@ -488,41 +860,48 @@ pipeline { } steps { withCredentials([ - string(credentialsId: 'spaces-key', variable: 'DO_KEY'), - string(credentialsId: 'spaces-secret', variable: 'DO_SECRET') + string(credentialsId: 'ci-tests-s3-key-id', variable: 'S3_KEY'), + string(credentialsId: 'ci-tests-s3-secret-access-key ', variable: 'S3_SECRET') ]) { script{ - env.CI_URL = 'https://lsio-ci.ams3.digitaloceanspaces.com/' + env.IMAGE + '/' + env.META_TAG + '/index.html' + env.CI_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/index.html' + env.CI_JSON_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/report.json' } sh '''#! /bin/bash set -e - docker pull lsiodev/ci:latest + if grep -q 'docker-baseimage' <<< "${LS_REPO}"; then + echo "Detected baseimage, setting LSIO_FIRST_PARTY=true" + if [ -n "${CI_DOCKERENV}" ]; then + CI_DOCKERENV="LSIO_FIRST_PARTY=true|${CI_DOCKERENV}" + else + CI_DOCKERENV="LSIO_FIRST_PARTY=true" + fi + fi + docker pull ghcr.io/linuxserver/ci:latest if [ "${MULTIARCH}" == "true" ]; then - docker pull lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} - docker pull lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - docker tag lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG} - docker tag lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} + docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64 + docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} fi docker run --rm \ --shm-size=1gb \ -v /var/run/docker.sock:/var/run/docker.sock \ -e IMAGE=\"${IMAGE}\" \ - -e DELAY_START=\"${CI_DELAY}\" \ + -e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \ -e TAGS=\"${CI_TAGS}\" \ -e META_TAG=\"${META_TAG}\" \ + -e RELEASE_TAG=\"latest\" \ -e PORT=\"${CI_PORT}\" \ -e SSL=\"${CI_SSL}\" \ -e BASE=\"${DIST_IMAGE}\" \ - -e SECRET_KEY=\"${DO_SECRET}\" \ - -e ACCESS_KEY=\"${DO_KEY}\" \ + -e SECRET_KEY=\"${S3_SECRET}\" \ + -e ACCESS_KEY=\"${S3_KEY}\" \ -e DOCKER_ENV=\"${CI_DOCKERENV}\" \ -e WEB_SCREENSHOT=\"${CI_WEB}\" \ -e WEB_AUTH=\"${CI_AUTH}\" \ -e WEB_PATH=\"${CI_WEBPATH}\" \ - -e DO_REGION="ams3" \ - -e DO_BUCKET="lsio-ci" \ - -t lsiodev/ci:latest \ - python /ci/ci.py''' + -e NODE_NAME=\"${NODE_NAME}\" \ + -t ghcr.io/linuxserver/ci:latest \ + python3 test_build.py''' } } } @@ -536,35 +915,23 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' - ] - ]) { - retry(5) { - sh '''#! /bin/bash - set -e - echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin - echo $GITHUB_TOKEN | docker login docker.pkg.github.com -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - for PUSHIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${IMAGE}"; do - docker tag ${IMAGE}:${META_TAG} ${PUSHIMAGE}:${META_TAG} - docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:latest - docker push ${PUSHIMAGE}:latest - docker push ${PUSHIMAGE}:${META_TAG} - done - ''' - } + retry_backoff(5,5) { sh '''#! /bin/bash - for DELETEIMAGE in "${GITHUBIMAGE}" "{GITLABIMAGE}" "${IMAGE}"; do - docker rmi \ - ${DELETEIMAGE}:${META_TAG} \ - ${DELETEIMAGE}:latest || : + set -e + for PUSHIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do + [[ ${PUSHIMAGE%%/*} =~ \\. ]] && PUSHIMAGEPLUS="${PUSHIMAGE}" || PUSHIMAGEPLUS="docker.io/${PUSHIMAGE}" + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + if [[ "${PUSHIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then + CACHEIMAGE=${i} + fi + done + docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + if [ -n "${SEMVER}" ]; then + docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + fi done - ''' + ''' } } } @@ -575,80 +942,34 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' - ] - ]) { - retry(5) { - sh '''#! /bin/bash - set -e - echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin - echo $GITHUB_TOKEN | docker login docker.pkg.github.com -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - if [ "${CI}" == "false" ]; then - docker pull lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} - docker pull lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - docker tag lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG} - docker tag lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} - fi - for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}"; do - docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} - docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} - docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} - docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest - docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest - docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest - docker push ${MANIFESTIMAGE}:amd64-${META_TAG} - docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG} - docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG} - docker push ${MANIFESTIMAGE}:amd64-latest - docker push ${MANIFESTIMAGE}:arm32v7-latest - docker push ${MANIFESTIMAGE}:arm64v8-latest - docker manifest push --purge ${MANIFESTIMAGE}:latest || : - docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest - docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm - docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8 - docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || : - docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} - docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm - docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8 - docker manifest push --purge ${MANIFESTIMAGE}:latest - docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} - done - docker tag ${IMAGE}:amd64-${META_TAG} ${GITHUBIMAGE}:amd64-${META_TAG} - docker tag ${IMAGE}:arm32v7-${META_TAG} ${GITHUBIMAGE}:arm32v7-${META_TAG} - docker tag ${IMAGE}:arm64v8-${META_TAG} ${GITHUBIMAGE}:arm64v8-${META_TAG} - docker tag ${GITHUBIMAGE}:amd64-${META_TAG} ${GITHUBIMAGE}:latest - docker tag ${GITHUBIMAGE}:amd64-${META_TAG} ${GITHUBIMAGE}:${META_TAG} - docker tag ${GITHUBIMAGE}:arm32v7-${META_TAG} ${GITHUBIMAGE}:arm32v7-latest - docker tag ${GITHUBIMAGE}:arm64v8-${META_TAG} ${GITHUBIMAGE}:arm64v8-latest - docker push ${GITHUBIMAGE}:amd64-${META_TAG} - docker push ${GITHUBIMAGE}:arm32v7-${META_TAG} - docker push ${GITHUBIMAGE}:arm64v8-${META_TAG} - docker push ${GITHUBIMAGE}:latest - docker push ${GITHUBIMAGE}:${META_TAG} - docker push ${GITHUBIMAGE}:arm32v7-latest - docker push ${GITHUBIMAGE}:arm64v8-latest - ''' - } + retry_backoff(5,5) { sh '''#! /bin/bash - for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${IMAGE}"; do - docker rmi \ - ${DELETEIMAGE}:amd64-${META_TAG} \ - ${DELETEIMAGE}:amd64-latest \ - ${DELETEIMAGE}:arm32v7-${META_TAG} \ - ${DELETEIMAGE}:arm32v7-latest \ - ${DELETEIMAGE}:arm64v8-${META_TAG} \ - ${DELETEIMAGE}:arm64v8-latest || : + set -e + for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do + [[ ${MANIFESTIMAGE%%/*} =~ \\. ]] && MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" || MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + if [[ "${MANIFESTIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then + CACHEIMAGE=${i} + fi + done + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} + if [ -n "${SEMVER}" ]; then + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} + fi + done + for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do + docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest + docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} + + docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} + if [ -n "${SEMVER}" ]; then + docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} + fi done - docker rmi \ - lsiodev/buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \ - lsiodev/buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || : - ''' + ''' } } } @@ -663,68 +984,136 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { - echo "Pushing New tag for current commit ${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}" + echo "Pushing New tag for current commit ${META_TAG}" sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \ - -d '{"tag":"'${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}'",\ + -d '{"tag":"'${META_TAG}'",\ "object": "'${COMMIT_SHA}'",\ "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\ "type": "commit",\ - "tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' ''' + "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' ''' echo "Pushing New release for Tag" sh '''#! /bin/bash - curl -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq '. |.body' | sed 's:^.\\(.*\\).$:\\1:' > releasebody.json - echo '{"tag_name":"'${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}'",\ + curl -H "Authorization: token ${GITHUB_TOKEN}" -s https://api.github.com/repos/${EXT_USER}/${EXT_REPO}/releases/latest | jq '. |.body' | sed 's:^.\\(.*\\).$:\\1:' > releasebody.json + echo '{"tag_name":"'${META_TAG}'",\ "target_commitish": "master",\ - "name": "'${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}'",\ - "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n**'${EXT_REPO}' Changes:**\\n\\n' > start + "name": "'${META_TAG}'",\ + "body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start printf '","draft": false,"prerelease": false}' >> releasebody.json paste -d'\\0' start releasebody.json > releasebody.json.done curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done''' } } - // Use helper container to sync the current README on master to the dockerhub endpoint - stage('Sync-README') { + // Add protection to the release branch + stage('Github-Release-Branch-Protection') { when { + branch "master" environment name: 'CHANGE_ID', value: '' environment name: 'EXIT_STATUS', value: '' } steps { - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' - ] - ]) { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - docker pull linuxserver/jenkins-builder:latest - docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins linuxserver/jenkins-builder:latest - docker pull lsiodev/readme-sync - docker run --rm=true \ - -e DOCKERHUB_USERNAME=$DOCKERUSER \ - -e DOCKERHUB_PASSWORD=$DOCKERPASS \ - -e GIT_REPOSITORY=${LS_USER}/${LS_REPO} \ - -e DOCKER_REPOSITORY=${IMAGE} \ - -e GIT_BRANCH=master \ - -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/mnt \ - lsiodev/readme-sync bash -c 'node sync' - rm -Rf ${TEMPDIR} ''' - } + echo "Setting up protection for release branch master" + sh '''#! /bin/bash + curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/master/protection \ + -d $(jq -c . << EOF + { + "required_status_checks": null, + "enforce_admins": false, + "required_pull_request_reviews": { + "dismiss_stale_reviews": false, + "require_code_owner_reviews": false, + "require_last_push_approval": false, + "required_approving_review_count": 1 + }, + "restrictions": null, + "required_linear_history": false, + "allow_force_pushes": false, + "allow_deletions": false, + "block_creations": false, + "required_conversation_resolution": true, + "lock_branch": false, + "allow_fork_syncing": false, + "required_signatures": false + } +EOF + ) ''' } } // If this is a Pull request send the CI link as a comment on it stage('Pull Request Comment') { when { not {environment name: 'CHANGE_ID', value: ''} - environment name: 'CI', value: 'true' environment name: 'EXIT_STATUS', value: '' } steps { - sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/issues/${PULL_REQUEST}/comments \ - -d '{"body": "I am a bot, here are the test results for this PR: \\n'${CI_URL}' \\n'${SHELLCHECK_URL}'"}' ''' + sh '''#! /bin/bash + # Function to retrieve JSON data from URL + get_json() { + local url="$1" + local response=$(curl -s "$url") + if [ $? -ne 0 ]; then + echo "Failed to retrieve JSON data from $url" + return 1 + fi + local json=$(echo "$response" | jq .) + if [ $? -ne 0 ]; then + echo "Failed to parse JSON data from $url" + return 1 + fi + echo "$json" + } + + build_table() { + local data="$1" + + # Get the keys in the JSON data + local keys=$(echo "$data" | jq -r 'to_entries | map(.key) | .[]') + + # Check if keys are empty + if [ -z "$keys" ]; then + echo "JSON report data does not contain any keys or the report does not exist." + return 1 + fi + + # Build table header + local header="| Tag | Passed |\\n| --- | --- |\\n" + + # Loop through the JSON data to build the table rows + local rows="" + for build in $keys; do + local status=$(echo "$data" | jq -r ".[\\"$build\\"].test_success") + if [ "$status" = "true" ]; then + status="✅" + else + status="❌" + fi + local row="| "$build" | "$status" |\\n" + rows="${rows}${row}" + done + + local table="${header}${rows}" + local escaped_table=$(echo "$table" | sed 's/\"/\\\\"/g') + echo "$escaped_table" + } + + if [[ "${CI}" = "true" ]]; then + # Retrieve JSON data from URL + data=$(get_json "$CI_JSON_URL") + # Create table from JSON data + table=$(build_table "$data") + echo -e "$table" + + curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github.v3+json" \ + "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ + -d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" + else + curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github.v3+json" \ + "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ + -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" + fi + ''' + } } } @@ -733,24 +1122,94 @@ pipeline { ###################### */ post { always { + sh '''#!/bin/bash + rm -rf /config/.ssh/id_sign + rm -rf /config/.ssh/id_sign.pub + git config --global --unset gpg.format + git config --global --unset user.signingkey + git config --global --unset commit.gpgsign + ''' script{ + env.JOB_DATE = sh( + script: '''date '+%Y-%m-%dT%H:%M:%S%:z' ''', + returnStdout: true).trim() if (env.EXIT_STATUS == "ABORTED"){ sh 'echo "build aborted"' - } - else if (currentBuild.currentResult == "SUCCESS"){ - sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 1681177,\ - "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** Success\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ - "username": "Jenkins"}' ${BUILDS_DISCORD} ''' - } - else { - sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 16711680,\ - "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** failure\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ + }else{ + if (currentBuild.currentResult == "SUCCESS"){ + if (env.GITHUBIMAGE =~ /lspipepr/){ + env.JOB_WEBHOOK_STATUS='Success' + env.JOB_WEBHOOK_COLOUR=3957028 + env.JOB_WEBHOOK_FOOTER='PR Build' + }else if (env.GITHUBIMAGE =~ /lsiodev/){ + env.JOB_WEBHOOK_STATUS='Success' + env.JOB_WEBHOOK_COLOUR=3957028 + env.JOB_WEBHOOK_FOOTER='Dev Build' + }else{ + env.JOB_WEBHOOK_STATUS='Success' + env.JOB_WEBHOOK_COLOUR=1681177 + env.JOB_WEBHOOK_FOOTER='Live Build' + } + }else{ + if (env.GITHUBIMAGE =~ /lspipepr/){ + env.JOB_WEBHOOK_STATUS='Failure' + env.JOB_WEBHOOK_COLOUR=12669523 + env.JOB_WEBHOOK_FOOTER='PR Build' + }else if (env.GITHUBIMAGE =~ /lsiodev/){ + env.JOB_WEBHOOK_STATUS='Failure' + env.JOB_WEBHOOK_COLOUR=12669523 + env.JOB_WEBHOOK_FOOTER='Dev Build' + }else{ + env.JOB_WEBHOOK_STATUS='Failure' + env.JOB_WEBHOOK_COLOUR=16711680 + env.JOB_WEBHOOK_FOOTER='Live Build' + } + } + sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"'color'": '${JOB_WEBHOOK_COLOUR}',\ + "footer": {"text" : "'"${JOB_WEBHOOK_FOOTER}"'"},\ + "timestamp": "'${JOB_DATE}'",\ + "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** '${JOB_WEBHOOK_STATUS}'\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ "username": "Jenkins"}' ${BUILDS_DISCORD} ''' } } } cleanup { + sh '''#! /bin/bash + echo "Pruning builder!!" + docker builder prune -f --builder container || : + containers=$(docker ps -q) + if [[ -n "${containers}" ]]; then + BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') + for container in ${containers}; do + if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then + echo "skipping buildx container in docker stop" + else + echo "Stopping container ${container}" + docker stop ${container} + fi + done + fi + docker system prune -f --volumes || : + docker image prune -af || : + ''' cleanWs() } } } + +def retry_backoff(int max_attempts, int power_base, Closure c) { + int n = 0 + while (n < max_attempts) { + try { + c() + return + } catch (err) { + if ((n + 1) >= max_attempts) { + throw err + } + sleep(power_base ** n) + n++ + } + } + return +} diff --git a/README.md b/README.md index ce3daa5..7ca0daf 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ +<!-- DO NOT EDIT THIS FILE MANUALLY --> +<!-- Please read https://github.com/linuxserver/docker-bookstack/blob/master/.github/CONTRIBUTING.md --> [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io) [![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!") -[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://discord.gg/YWrKVTn "realtime support / chat with the community and the team.") +[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://linuxserver.io/discord "realtime support / chat with the community and the team.") [![Discourse](https://img.shields.io/discourse/https/discourse.linuxserver.io/topics.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=discourse)](https://discourse.linuxserver.io "post on our community forum.") [![Fleet](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Fleet)](https://fleet.linuxserver.io "an online web interface which displays all of our maintained images.") [![GitHub](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub&logo=github)](https://github.com/linuxserver "view the source for all of our repositories.") @@ -9,15 +11,16 @@ The [LinuxServer.io](https://linuxserver.io) team brings you another container release featuring: - * regular and timely application updates - * easy user mappings (PGID, PUID) - * custom base image with s6 overlay - * weekly base OS updates with common layers across the entire LinuxServer.io ecosystem to minimise space usage, down time and bandwidth - * regular security updates +* regular and timely application updates +* easy user mappings (PGID, PUID) +* custom base image with s6 overlay +* weekly base OS updates with common layers across the entire LinuxServer.io ecosystem to minimise space usage, down time and bandwidth +* regular security updates Find us at: + * [Blog](https://blog.linuxserver.io) - all the things you can do with our containers including How-To guides, opinions and much more! -* [Discord](https://discord.gg/YWrKVTn) - realtime support / chat with the community and the team. +* [Discord](https://linuxserver.io/discord) - realtime support / chat with the community and the team. * [Discourse](https://discourse.linuxserver.io) - post on our community forum. * [Fleet](https://fleet.linuxserver.io) - an online web interface which displays all of our maintained images. * [GitHub](https://github.com/linuxserver) - view the source for all of our repositories. @@ -25,120 +28,161 @@ Find us at: # [linuxserver/bookstack](https://github.com/linuxserver/docker-bookstack) +[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Fbookstack?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh) [![GitHub Stars](https://img.shields.io/github/stars/linuxserver/docker-bookstack.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-bookstack) [![GitHub Release](https://img.shields.io/github/release/linuxserver/docker-bookstack.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-bookstack/releases) [![GitHub Package Repository](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub%20Package&logo=github)](https://github.com/linuxserver/docker-bookstack/packages) -[![GitLab Container Registry](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitLab%20Registry&logo=gitlab)](https://gitlab.com/Linuxserver.io/docker-bookstack/container_registry) -[![MicroBadger Layers](https://img.shields.io/microbadger/layers/linuxserver/bookstack.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge)](https://microbadger.com/images/linuxserver/bookstack "Get your own version badge on microbadger.com") +[![GitLab Container Registry](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitLab%20Registry&logo=gitlab)](https://gitlab.com/linuxserver.io/docker-bookstack/container_registry) +[![Quay.io](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Quay.io)](https://quay.io/repository/linuxserver.io/bookstack) [![Docker Pulls](https://img.shields.io/docker/pulls/linuxserver/bookstack.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/r/linuxserver/bookstack) [![Docker Stars](https://img.shields.io/docker/stars/linuxserver/bookstack.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=stars&logo=docker)](https://hub.docker.com/r/linuxserver/bookstack) [![Jenkins Build](https://img.shields.io/jenkins/build?labelColor=555555&logoColor=ffffff&style=for-the-badge&jobUrl=https%3A%2F%2Fci.linuxserver.io%2Fjob%2FDocker-Pipeline-Builders%2Fjob%2Fdocker-bookstack%2Fjob%2Fmaster%2F&logo=jenkins)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-bookstack/job/master/) -[![LSIO CI](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=CI&query=CI&url=https%3A%2F%2Flsio-ci.ams3.digitaloceanspaces.com%2Flinuxserver%2Fbookstack%2Flatest%2Fci-status.yml)](https://lsio-ci.ams3.digitaloceanspaces.com/linuxserver/bookstack/latest/index.html) -[Bookstack](https://github.com/BookStackApp/BookStack) is a free and open source Wiki designed for creating beautiful documentation. Feautring a simple, but powerful WYSIWYG editor it allows for teams to create detailed and useful documentation with ease. +[Bookstack](https://github.com/BookStackApp/BookStack) is a free and open source Wiki designed for creating beautiful documentation. Featuring a simple, but powerful WYSIWYG editor it allows for teams to create detailed and useful documentation with ease. Powered by SQL and including a Markdown editor for those who prefer it, BookStack is geared towards making documentation more of a pleasure than a chore. For more information on BookStack visit their website and check it out: https://www.bookstackapp.com - -[![bookstack](https://s3-us-west-2.amazonaws.com/linuxserver-docs/images/bookstack-logo500x500.png)](https://github.com/BookStackApp/BookStack) +[![bookstack](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/bookstack-logo.png)](https://github.com/BookStackApp/BookStack) ## Supported Architectures -Our images support multiple architectures such as `x86-64`, `arm64` and `armhf`. We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/). +We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://distribution.github.io/distribution/spec/manifest-v2-2/#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/). -Simply pulling `linuxserver/bookstack` should retrieve the correct image for your arch, but you can also pull specific arch images via tags. +Simply pulling `lscr.io/linuxserver/bookstack:latest` should retrieve the correct image for your arch, but you can also pull specific arch images via tags. The architectures supported by this image are: -| Architecture | Tag | -| :----: | --- | -| x86-64 | amd64-latest | -| arm64 | arm64v8-latest | -| armhf | arm32v7-latest | +| Architecture | Available | Tag | +| :----: | :----: | ---- | +| x86-64 | ✅ | amd64-\<version tag\> | +| arm64 | ✅ | arm64v8-\<version tag\> | +| armhf | ❌ | | +## Application Setup -## Usage +The default username is admin@admin.com with the password of **password**, access the container at http://<host ip>:6875. -Here are some example snippets to help you get started creating a container. +This application is dependent on a MariaDB database, be it one you already have or a new one. If you do not already have one, we provide an image here https://github.com/linuxserver/docker-mariadb. -### docker +If you intend to use this application behind a subfolder reverse proxy, such as our SWAG container or Traefik you will need to make sure that the `APP_URL` environment variable is set to your external domain, or it will not work. -``` -docker create \ - --name=bookstack \ - -e PUID=1000 \ - -e PGID=1000 \ - -e DB_HOST=<yourdbhost> \ - -e DB_USER=<yourdbuser> \ - -e DB_PASS=<yourdbpass> \ - -e DB_DATABASE=bookstackapp \ - -e APP_URL=http://your.site.here.xyz `#optional` \ - -p 6875:80 \ - -v /path/to/data:/config \ - --restart unless-stopped \ - linuxserver/bookstack -``` +Documentation for BookStack can be found at https://www.bookstackapp.com/docs/. + +### BookStack File & Directory Paths + +This container ensures certain BookStack application files & folders, such as user file upload folders, are retained within the `/config` folder so that they are persistent & accessible when the `/config` container path is bound as a volume. There may be cases, when following the BookStack documentation, that you'll need to know how these files and folders are used relative to a non-container BookStack installation. +Below is a mapping of container `/config` paths to those relative within a BookStack install directory: -### docker-compose +- **/config container path** => **BookStack relative path** +- `/config/www/.env` => `.env` +- `/config/log/bookstack/laravel.log` => `storage/logs/laravel.log` +- `/config/backups/` => `storage/backups/` +- `/config/www/files/` => `storage/uploads/files/` +- `/config/www/images/` => `storage/uploads/images/` +- `/config/www/themes/` => `themes/` +- `/config/www/uploads/` => `public/uploads/` -Compatible with docker-compose v2 schemas. +### Changing APP_URL +If you change the APP_URL after initial install, you should run the following line from your host terminal to update the database URL entries: + +```shell +docker exec -it bookstack php /app/www/artisan bookstack:update-url ${OLD_URL} ${NEW_URL} ``` + +### Advanced Users (full control over the .env file) + +If you wish to use the extra functionality of BookStack such as email, LDAP and so on you will need to set additional environment variables or make your own .env file with guidance from the BookStack documentation. + +The container will copy an exemplary .env file to /config/www/.env on your host system for you to use. + +## Read-Only Operation + +This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/). + +### Caveats + +* `/tmp` must be mounted to tmpfs + +## Usage + +To help you get started creating a container from this image you can either use docker-compose or the docker cli. + +>[!NOTE] +>Unless a parameter is flaged as 'optional', it is *mandatory* and a value must be provided. + +### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose)) + +```yaml --- -version: "2" services: bookstack: - image: linuxserver/bookstack + image: lscr.io/linuxserver/bookstack:latest container_name: bookstack environment: - PUID=1000 - PGID=1000 - - DB_HOST=bookstack_db - - DB_USER=bookstack - - DB_PASS=<yourdbpass> - - DB_DATABASE=bookstackapp + - TZ=Etc/UTC + - APP_URL= + - APP_KEY= + - DB_HOST= + - DB_PORT=3306 + - DB_USERNAME= + - DB_PASSWORD= + - DB_DATABASE= + - QUEUE_CONNECTION= #optional volumes: - - /path/to/data:/config + - /path/to/bookstack/config:/config ports: - 6875:80 restart: unless-stopped - depends_on: - - bookstack_db - bookstack_db: - image: linuxserver/mariadb - container_name: bookstack_db - environment: - - PUID=1000 - - PGID=1000 - - MYSQL_ROOT_PASSWORD=<yourdbpass> - - TZ=Europe/London - - MYSQL_DATABASE=bookstackapp - - MYSQL_USER=bookstack - - MYSQL_PASSWORD=<yourdbpass> - volumes: - - /path/to/data:/config - restart: unless-stopped +``` + +### docker cli ([click here for more info](https://docs.docker.com/engine/reference/commandline/cli/)) +```bash +docker run -d \ + --name=bookstack \ + -e PUID=1000 \ + -e PGID=1000 \ + -e TZ=Etc/UTC \ + -e APP_URL= \ + -e APP_KEY= \ + -e DB_HOST= \ + -e DB_PORT=3306 \ + -e DB_USERNAME= \ + -e DB_PASSWORD= \ + -e DB_DATABASE= \ + -e QUEUE_CONNECTION= `#optional` \ + -p 6875:80 \ + -v /path/to/bookstack/config:/config \ + --restart unless-stopped \ + lscr.io/linuxserver/bookstack:latest ``` ## Parameters -Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container. +Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container. | Parameter | Function | | :----: | --- | -| `-p 80` | will map the container's port 80 to port 6875 on the host | +| `-p 6875:80` | http/s web interface. | | `-e PUID=1000` | for UserID - see below for explanation | | `-e PGID=1000` | for GroupID - see below for explanation | -| `-e DB_HOST=<yourdbhost>` | for specifying the database host | -| `-e DB_USER=<yourdbuser>` | for specifying the database user | -| `-e DB_PASS=<yourdbpass>` | for specifying the database password | -| `-e DB_DATABASE=bookstackapp` | for specifying the database to be used | -| `-e APP_URL=http://your.site.here.xyz` | for specifying the url your application will be accessed on (required for correct operation of reverse proxy) | -| `-v /config` | this will store any uploaded data on the docker host | +| `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). | +| `-e APP_URL=` | The protocol, IP/URL, and port that your application will be accessed on (ie. `http://192.168.1.1:6875` or `https://bookstack.mydomain.com` | +| `-e APP_KEY=` | Session encryption key. You will need to generate this with `docker run -it --rm --entrypoint /bin/bash lscr.io/linuxserver/bookstack:latest appkey` | +| `-e DB_HOST=` | The database instance hostname | +| `-e DB_PORT=3306` | Database port | +| `-e DB_USERNAME=` | Database user | +| `-e DB_PASSWORD=` | Database password (minimum 4 characters & non-alphanumeric passwords must be properly escaped.) | +| `-e DB_DATABASE=` | Database name | +| `-e QUEUE_CONNECTION=` | Set to `database` to enable async actions like sending email or triggering webhooks. See [documentation](https://www.bookstackapp.com/docs/admin/email-webhooks/#async-action-handling). | +| `-v /config` | Persistent config files | +| `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). | ## Environment variables from files (Docker secrets) @@ -146,11 +190,11 @@ You can set any environment variable from a file by using a special prepend `FIL As an example: -``` --e FILE__PASSWORD=/run/secrets/mysecretpassword +```bash +-e FILE__MYVAR=/run/secrets/mysecretvariable ``` -Will set the environment variable `PASSWORD` based on the contents of the `/run/secrets/mysecretpassword` file. +Will set the environment variable `MYVAR` based on the contents of the `/run/secrets/mysecretvariable` file. ## Umask for running applications @@ -159,112 +203,172 @@ Keep in mind umask is not chmod it subtracts from permissions based on it's valu ## User / Group Identifiers -When using volumes (`-v` flags) permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`. +When using volumes (`-v` flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`. Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic. -In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as below: +In this instance `PUID=1000` and `PGID=1000`, to find yours use `id your_user` as below: +```bash +id your_user ``` - $ id username - uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup) + +Example output: + +```text +uid=1000(your_user) gid=1000(your_user) groups=1000(your_user) ``` +## Docker Mods -  -## Application Setup +[![Docker Mods](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=bookstack&query=%24.mods%5B%27bookstack%27%5D.mod_count&url=https%3A%2F%2Fraw.githubusercontent.com%2Flinuxserver%2Fdocker-mods%2Fmaster%2Fmod-list.yml)](https://mods.linuxserver.io/?mod=bookstack "view available mods for this container.") [![Docker Universal Mods](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=universal&query=%24.mods%5B%27universal%27%5D.mod_count&url=https%3A%2F%2Fraw.githubusercontent.com%2Flinuxserver%2Fdocker-mods%2Fmaster%2Fmod-list.yml)](https://mods.linuxserver.io/?mod=universal "view available universal mods.") +We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to enable additional functionality within the containers. The list of Mods available for this image (if any) as well as universal mods that can be applied to any one of our images can be accessed via the dynamic badges above. -The default username is admin@admin.com with the password of **password**, access the container at http://dockerhost:6875. +## Support Info -This application is dependent on a MySQL database be it one you already have or a new one. If you do not already have one, set up our MariaDB container here https://hub.docker.com/r/linuxserver/mariadb/. +* Shell access whilst the container is running: + ```bash + docker exec -it bookstack /bin/bash + ``` -If you intend to use this application behind a subfolder reverse proxy, such as our LetsEncrypt container or Traefik you will need to make sure that the `APP_URL` environment variable is set, or it will not work +* To monitor the logs of the container in realtime: -Documentation for BookStack can be found at https://www.bookstackapp.com/docs/ + ```bash + docker logs -f bookstack + ``` -### Advanced Users (full control over the .env file) -If you wish to use the extra functionality of BookStack such as email, Memcache, LDAP and so on you will need to make your own .env file with guidance from the BookStack documentation. - -When you create the container, do not set any arguments for any SQL settings, or APP_URL. The container will copy an exemplary .env file to /config/www/.env on your host system for you to edit. +* Container version number: -#### PDF Rendering -[wkhtmltopdf](https://wkhtmltopdf.org/) is available to use as an alternative PDF rendering generator as described at https://www.bookstackapp.com/docs/admin/pdf-rendering/. + ```bash + docker inspect -f '{{ index .Config.Labels "build_version" }}' bookstack + ``` -The path to wkhtmltopdf in this image to include in your .env file is `/usr/bin/wkhtmltopdf`. +* Image version number: + ```bash + docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/bookstack:latest + ``` -## Docker Mods -[![Docker Mods](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=mods&query=%24.mods%5B%27bookstack%27%5D.mod_count&url=https%3A%2F%2Fraw.githubusercontent.com%2Flinuxserver%2Fdocker-mods%2Fmaster%2Fmod-list.yml)](https://mods.linuxserver.io/?mod=bookstack "view available mods for this container.") +## Updating Info -We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to enable additional functionality within the containers. The list of Mods available for this image (if any) can be accessed via the dynamic badge above. +Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image. +Below are the instructions for updating containers: -## Support Info +### Via Docker Compose -* Shell access whilst the container is running: `docker exec -it bookstack /bin/bash` -* To monitor the logs of the container in realtime: `docker logs -f bookstack` -* container version number - * `docker inspect -f '{{ index .Config.Labels "build_version" }}' bookstack` -* image version number - * `docker inspect -f '{{ index .Config.Labels "build_version" }}' linuxserver/bookstack` +* Update images: + * All images: -## Updating Info + ```bash + docker-compose pull + ``` -Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (ie. nextcloud, plex), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image. + * Single image: -Below are the instructions for updating containers: + ```bash + docker-compose pull bookstack + ``` -### Via Docker Run/Create -* Update the image: `docker pull linuxserver/bookstack` -* Stop the running container: `docker stop bookstack` -* Delete the container: `docker rm bookstack` -* Recreate a new container with the same docker create parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved) -* Start the new container: `docker start bookstack` -* You can also remove the old dangling images: `docker image prune` +* Update containers: + * All containers: -### Via Docker Compose -* Update all images: `docker-compose pull` - * or update a single image: `docker-compose pull bookstack` -* Let compose update all containers as necessary: `docker-compose up -d` - * or update a single container: `docker-compose up -d bookstack` -* You can also remove the old dangling images: `docker image prune` + ```bash + docker-compose up -d + ``` + + * Single container: + + ```bash + docker-compose up -d bookstack + ``` + +* You can also remove the old dangling images: + + ```bash + docker image prune + ``` + +### Via Docker Run + +* Update the image: + + ```bash + docker pull lscr.io/linuxserver/bookstack:latest + ``` -### Via Watchtower auto-updater (especially useful if you don't remember the original parameters) -* Pull the latest image at its tag and replace it with the same env variables in one run: - ``` - docker run --rm \ - -v /var/run/docker.sock:/var/run/docker.sock \ - containrrr/watchtower \ - --run-once bookstack - ``` +* Stop the running container: -**Note:** We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using Docker Compose. + ```bash + docker stop bookstack + ``` -* You can also remove the old dangling images: `docker image prune` +* Delete the container: + + ```bash + docker rm bookstack + ``` + +* Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved) +* You can also remove the old dangling images: + + ```bash + docker image prune + ``` + +### Image Update Notifications - Diun (Docker Image Update Notifier) + +>[!TIP] +>We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported. ## Building locally If you want to make local modifications to these images for development purposes or just to customize the logic: -``` + +```bash git clone https://github.com/linuxserver/docker-bookstack.git cd docker-bookstack docker build \ --no-cache \ --pull \ - -t linuxserver/bookstack:latest . + -t lscr.io/linuxserver/bookstack:latest . ``` -The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static` -``` -docker run --rm --privileged multiarch/qemu-user-static:register --reset +The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static` + +```bash +docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset ``` Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`. ## Versions +* **04.01.25:** - Add php-opcache. +* **17.12.24:** - Rebase to Alpine 3.21. +* **11.10.24:** - Default to environment config over .env file config. +* **06.09.24:** - Add php-exif for reading image EXIF data. +* **27.05.24:** - Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings. +* **25.01.24:** - Existing users should update: site-confs/default.conf - Cleanup default site conf. +* **23.12.23:** - Rebase to Alpine 3.19 with php 8.3. +* **31.10.23:** - Further sanitize sed replace. +* **07.06.23:** - Add mariadb-client for bookstack-system-cli support. +* **25.05.23:** - Rebase to Alpine 3.18, deprecate armhf. +* **13.04.23:** - Move ssl.conf include to default.conf. +* **01.03.23:** - Add php iconv. +* **19.01.23:** - Rebase to alpine 3.17 with php8.1. +* **16.01.23:** - Wrap `.env` values in quotes. +* **05.01.23:** - Fix db password setting (sed escape `&`). +* **21.12.22:** - Update db info in .env file when env vars are updated. +* **10.10.22:** - Remove password escape logic which caused problems for a small subset of users. +* **20.08.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)). +* **14.03.22:** - Add symlinks for theme support. +* **11.07.21:** - Rebase to Alpine 3.14. +* **12.01.21:** - Remove unused requirement, as of release 0.31.0. +* **17.12.20:** - Make APP_URL var required (upstream changes). +* **17.09.20:** - Rebase to alpine 3.12. Fix APP_URL setting. Bump php post max and upload max filesizes to 100MB by default. * **19.12.19:** - Rebasing to alpine 3.11. * **26.07.19:** - Use old version of tidyhtml pending upstream fixes. * **28.06.19:** - Rebasing to alpine 3.10. diff --git a/jenkins-vars.yml b/jenkins-vars.yml index 69a2c9c..11a6cda 100644 --- a/jenkins-vars.yml +++ b/jenkins-vars.yml @@ -19,11 +19,11 @@ repo_vars: - PR_DOCKERHUB_IMAGE = 'lspipepr/bookstack' - DIST_IMAGE = 'alpine' - MULTIARCH = 'true' - - CI = 'true' + - CI = 'false' - CI_WEB = 'false' - CI_PORT = '80' - CI_SSL = 'false' - - CI_DELAY = '30' - - CI_DOCKERENV='TEST_RUN=1' - - CI_AUTH = 'user:password' + - CI_DELAY = '60' + - CI_DOCKERENV='' + - CI_AUTH = '' - CI_WEBPATH = '' diff --git a/package_versions.txt b/package_versions.txt index 16cf5df..2ad3e9e 100644 --- a/package_versions.txt +++ b/package_versions.txt @@ -1,179 +1,290 @@ -alpine-baselayout-3.2.0-r3 -alpine-keys-2.1-r2 -alsa-lib-1.2.1.2-r0 -apache2-utils-2.4.46-r0 -apk-tools-2.10.5-r0 -apr-1.7.0-r0 -apr-util-1.6.1-r6 -argon2-libs-20190702-r1 -avahi-libs-0.7-r4 -bash-5.0.11-r1 -busybox-1.31.1-r9 -ca-certificates-20191127-r2 -ca-certificates-cacert-20191127-r2 -cairo-1.16.0-r2 -cdparanoia-libs-10.2-r7 -coreutils-8.31-r0 -cups-libs-2.2.12-r1 -curl-7.67.0-r0 -db-5.3.28-r1 -dbus-libs-1.12.16-r3 -encodings-1.0.5-r0 -eudev-libs-3.2.9-r1 -expat-2.2.9-r1 -fontconfig-2.13.1-r2 -freetype-2.10.1-r0 -fribidi-1.0.8-r0 -git-2.24.3-r0 -glib-2.62.6-r0 -gmp-6.1.2-r1 -gnutls-3.6.14-r0 -graphite2-1.3.13-r1 -gst-plugins-base-1.16.2-r0 -gstreamer-1.16.2-r0 -harfbuzz-2.6.4-r0 -hicolor-icon-theme-0.17-r1 -icu-libs-64.2-r1 -libacl-2.2.53-r0 -libattr-2.4.48-r0 -libblkid-2.34-r1 -libbsd-0.10.0-r0 -libbz2-1.0.8-r1 -libc-utils-0.7.2-r0 -libcap-2.27-r0 -libcrypto1.1-1.1.1g-r0 -libcurl-7.67.0-r0 -libdrm-2.4.100-r0 -libedit-20191211.3.1-r0 -libevdev-1.8.0-r0 -libevent-2.1.11-r0 -libffi-3.2.1-r6 -libfontenc-1.1.4-r0 -libgcc-9.3.0-r0 -libgcrypt-1.8.5-r0 -libgpg-error-1.36-r2 -libice-1.0.10-r0 -libinput-libs-1.14.3-r0 -libintl-0.20.1-r2 -libjpeg-turbo-2.0.4-r1 -libldap-2.4.48-r2 -libmagic-5.37-r1 -libmemcached-libs-1.0.18-r4 -libmount-2.34-r1 -libogg-1.3.4-r0 -libpciaccess-0.16-r0 -libpcre2-16-10.34-r1 -libpng-1.6.37-r1 -libproc-3.3.16-r0 -libressl3.0-libcrypto-3.0.2-r0 -libressl3.0-libssl-3.0.2-r0 -libsasl-2.1.27-r5 -libseccomp-2.4.2-r2 -libsm-1.2.3-r0 -libssl1.1-1.1.1g-r0 -libstdc++-9.3.0-r0 -libtasn1-4.15.0-r0 -libtheora-1.1.1-r14 -libtls-standalone-2.9.1-r0 -libunistring-0.9.10-r0 -libuuid-2.34-r1 -libvorbis-1.3.6-r2 -libwebp-1.0.3-r0 -libx11-1.6.12-r0 -libxau-1.0.9-r0 -libxcb-1.13.1-r0 -libxcomposite-0.4.5-r0 -libxdamage-1.1.5-r0 -libxdmcp-1.1.3-r0 -libxext-1.3.4-r0 -libxfixes-5.0.3-r2 -libxft-2.3.3-r0 -libxkbcommon-0.9.1-r0 -libxkbcommon-x11-0.9.1-r0 -libxml2-2.9.10-r3 -libxpm-3.5.13-r0 -libxrender-0.9.10-r3 -libxshmfence-1.3-r0 -libxslt-1.1.34-r0 -libxt-1.2.0-r0 -libxv-1.0.11-r2 -libxxf86vm-1.1.4-r2 -linux-pam-1.3.1-r1 -logrotate-3.15.1-r0 -memcached-1.5.20-r0 -mesa-19.2.7-r0 -mesa-egl-19.2.7-r0 -mesa-gbm-19.2.7-r0 -mesa-gl-19.2.7-r0 -mesa-glapi-19.2.7-r0 -mkfontscale-1.2.1-r1 -mtdev-1.1.5-r2 -musl-1.1.24-r2 -musl-utils-1.1.24-r2 -nano-4.6-r0 -ncurses-libs-6.1_p20200118-r4 -ncurses-terminfo-base-6.1_p20200118-r4 -netcat-openbsd-1.130-r1 -nettle-3.5.1-r0 -nghttp2-libs-1.40.0-r1 -nginx-1.16.1-r6 -openssl-1.1.1g-r0 -opus-1.3.1-r0 -orc-0.4.31-r0 -p11-kit-0.23.18.1-r0 -pango-1.44.7-r0 -pcre-8.43-r0 -pcre2-10.34-r1 -php7-7.3.18-r0 -php7-common-7.3.18-r0 -php7-ctype-7.3.18-r0 -php7-curl-7.3.18-r0 -php7-dom-7.3.18-r0 -php7-fileinfo-7.3.18-r0 -php7-fpm-7.3.18-r0 -php7-gd-7.3.18-r0 -php7-json-7.3.18-r0 -php7-ldap-7.3.18-r0 -php7-mbstring-7.3.18-r0 -php7-mysqlnd-7.3.18-r0 -php7-openssl-7.3.18-r0 -php7-pdo-7.3.18-r0 -php7-pdo_mysql-7.3.18-r0 -php7-pecl-igbinary-3.0.1-r1 -php7-pecl-memcached-3.1.5-r0 -php7-phar-7.3.18-r0 -php7-session-7.3.18-r0 -php7-simplexml-7.3.18-r0 -php7-tidy-7.3.18-r0 -php7-tokenizer-7.3.18-r0 -php7-xml-7.3.18-r0 -php7-xmlwriter-7.3.18-r0 -pixman-0.38.4-r0 -popt-1.16-r7 -procps-3.3.16-r0 -qt5-qtbase-5.12.5-r0 -qt5-qtbase-x11-5.12.5-r0 -qt5-qtdeclarative-5.12.5-r0 -qt5-qtsvg-5.12.5-r0 -qt5-qtwebkit-5.9.1-r7 -readline-8.0.1-r0 -scanelf-1.2.4-r0 -shadow-4.7-r1 -sqlite-libs-3.30.1-r2 -ssl_client-1.31.1-r9 -tar-1.32-r1 -tidyhtml-libs-5.6.0-r0 -ttf-freefont-20120503-r1 -tzdata-2020a-r0 -wayland-libs-client-1.17.0-r0 -wayland-libs-egl-1.17.0-r0 -wayland-libs-server-1.17.0-r0 -wkhtmltopdf-0.12.5-r0 -xcb-util-0.4.0-r1 -xcb-util-image-0.4.0-r1 -xcb-util-keysyms-0.4.0-r1 -xcb-util-renderutil-0.3.9-r1 -xcb-util-wm-0.4.1-r1 -xz-5.2.4-r0 -xz-libs-5.2.4-r0 -zlib-1.2.11-r3 +NAME VERSION TYPE +Hidden Input 1, 0, 0, 0 binary +acl-libs 2.3.2-r1 apk +alpine-baselayout 3.6.8-r1 apk +alpine-baselayout-data 3.6.8-r1 apk +alpine-keys 2.5-r0 apk +alpine-release 3.21.3-r0 apk +aom-libs 3.11.0-r0 apk +apache2-utils 2.4.62-r0 apk +apk-tools 2.14.6-r3 apk +apr 1.7.5-r0 apk +apr-util 1.6.3-r1 apk +argon2-libs 20190702-r5 apk +aws/aws-crt-php v1.2.7 php-composer +aws/aws-sdk-php 3.343.22 php-composer +bacon/bacon-qr-code v3.0.1 php-composer +bash 5.2.37-r0 apk +brick/math 0.12.3 php-composer +brotli-libs 1.1.0-r2 apk +busybox 1.37.0-r12 apk +busybox-binsh 1.37.0-r12 apk +c-ares 1.34.5-r0 apk +ca-certificates 20241121-r1 apk +ca-certificates-bundle 20241121-r1 apk +carbonphp/carbon-doctrine-types 3.2.0 php-composer +catatonit 0.2.0-r0 apk +composer 2.8.9 binary +coreutils 9.5-r2 apk +coreutils-env 9.5-r2 apk +coreutils-fmt 9.5-r2 apk +coreutils-sha512sum 9.5-r2 apk +curl 8.12.1-r1 apk +dasprid/enum 1.0.6 php-composer +dbus-libs 1.14.10-r4 apk +dflydev/dot-access-data v3.0.3 php-composer +doctrine/inflector 2.0.10 php-composer +doctrine/lexer 3.0.1 php-composer +dompdf/dompdf v3.1.0 php-composer +dompdf/php-font-lib 1.0.1 php-composer +dompdf/php-svg-lib 1.0.0 php-composer +dragonmantank/cron-expression v3.4.0 php-composer +egulias/email-validator 4.0.4 php-composer +encodings 1.0.7-r1 apk +fakerphp/faker v1.24.1 php-composer +filp/whoops 2.18.0 php-composer +findutils 4.10.0-r0 apk +firebase/php-jwt v6.11.1 php-composer +font-freefont 20120503-r4 apk +fontconfig 2.15.0-r1 apk +freetype 2.13.3-r0 apk +fruitcake/php-cors v1.3.0 php-composer +gdbm 1.24-r0 apk +git 2.47.2-r0 apk +git-init-template 2.47.2-r0 apk +glib 2.82.5-r0 apk +graham-campbell/result-type v1.1.3 php-composer +guzzlehttp/guzzle 7.9.3 php-composer +guzzlehttp/promises 2.2.0 php-composer +guzzlehttp/psr7 2.7.1 php-composer +guzzlehttp/uri-template v1.0.4 php-composer +hamcrest/hamcrest-php v2.1.1 php-composer +iamcal/sql-parser v0.6 php-composer +icu-data-full 74.2-r0 apk +icu-libs 74.2-r0 apk +intervention/gif 4.2.2 php-composer +intervention/image 3.11.3 php-composer +itsgoingd/clockwork v5.3.4 php-composer +jq 1.7.1-r0 apk +knplabs/knp-snappy v1.5.1 php-composer +larastan/larastan v3.4.0 php-composer +laravel/framework v11.45.0 php-composer +laravel/prompts v0.3.5 php-composer +laravel/serializable-closure v2.0.4 php-composer +laravel/socialite v5.21.0 php-composer +laravel/tinker v2.10.1 php-composer +league/commonmark 2.7.0 php-composer +league/config v1.2.0 php-composer +league/flysystem 3.29.1 php-composer +league/flysystem-aws-s3-v3 3.29.0 php-composer +league/flysystem-local 3.29.0 php-composer +league/html-to-markdown 5.1.1 php-composer +league/mime-type-detection 1.16.0 php-composer +league/oauth1-client v1.11.0 php-composer +league/oauth2-client 2.8.1 php-composer +league/uri 7.5.1 php-composer +league/uri-interfaces 7.5.0 php-composer +libattr 2.5.2-r2 apk +libavif 1.0.4-r0 apk +libblkid 2.40.4-r1 apk +libbsd 0.12.2-r0 apk +libbz2 1.0.8-r6 apk +libcrypto3 3.3.3-r0 apk +libcurl 8.12.1-r1 apk +libdav1d 1.5.0-r0 apk +libeconf 0.6.3-r0 apk +libedit 20240808.3.1-r0 apk +libevent 2.1.12-r7 apk +libexpat 2.7.0-r0 apk +libffi 3.4.7-r0 apk +libfontenc 1.1.8-r0 apk +libgcc 14.2.0-r4 apk +libice 1.1.1-r6 apk +libidn2 2.3.7-r0 apk +libintl 0.22.5-r0 apk +libjpeg-turbo 3.0.4-r0 apk +libldap 2.6.8-r0 apk +libmd 1.1.0-r0 apk +libmemcached-libs 1.1.4-r1 apk +libmount 2.40.4-r1 apk +libncursesw 6.5_p20241006-r3 apk +libpcre2-16 10.43-r0 apk +libpng 1.6.47-r0 apk +libproc2 4.0.4-r2 apk +libpsl 0.21.5-r3 apk +libsasl 2.1.28-r8 apk +libseccomp 2.5.5-r1 apk +libsharpyuv 1.4.0-r0 apk +libsm 1.2.4-r4 apk +libssl3 3.3.3-r0 apk +libstdc++ 14.2.0-r4 apk +libunistring 1.2-r0 apk +libuuid 2.40.4-r1 apk +libwebp 1.4.0-r0 apk +libx11 1.8.10-r0 apk +libxau 1.0.11-r4 apk +libxcb 1.16.1-r0 apk +libxdmcp 1.1.5-r1 apk +libxext 1.3.6-r2 apk +libxml2 2.13.4-r6 apk +libxpm 3.5.17-r0 apk +libxt 1.3.1-r0 apk +libzip 1.11.2-r0 apk +linux-pam 1.6.1-r1 apk +logrotate 3.21.0-r1 apk +mariadb-client 11.4.5-r0 apk +mariadb-common 11.4.5-r0 apk +masterminds/html5 2.9.0 php-composer +memcached 1.6.32-r0 apk +mkfontscale 1.2.3-r1 apk +mockery/mockery 1.6.12 php-composer +monolog/monolog 3.9.0 php-composer +mtdowling/jmespath.php 2.8.0 php-composer +musl 1.2.5-r9 apk +musl-utils 1.2.5-r9 apk +myclabs/deep-copy 1.13.1 php-composer +nano 8.2-r0 apk +ncurses-terminfo-base 6.5_p20241006-r3 apk +nesbot/carbon 3.9.1 php-composer +netcat-openbsd 1.226.1.1-r0 apk +nette/schema v1.3.2 php-composer +nette/utils v4.0.6 php-composer +nghttp2-libs 1.64.0-r0 apk +nginx 1.26.3-r0 apk +nikic/php-parser v5.5.0 php-composer +nunomaduro/collision v8.8.0 php-composer +nunomaduro/termwind v2.3.1 php-composer +onelogin/php-saml 4.3.0 php-composer +oniguruma 6.9.9-r0 apk +openssl 3.3.3-r0 apk +paragonie/constant_time_encoding v3.0.0 php-composer +paragonie/random_compat v9.99.100 php-composer +pcre 8.45-r3 apk +pcre2 10.43-r0 apk +phar-io/manifest 2.0.4 php-composer +phar-io/version 3.2.1 php-composer +php83 8.3.19-r0 apk +php83-common 8.3.19-r0 apk +php83-ctype 8.3.19-r0 apk +php83-curl 8.3.19-r0 apk +php83-dom 8.3.19-r0 apk +php83-exif 8.3.19-r0 apk +php83-fileinfo 8.3.19-r0 apk +php83-fpm 8.3.19-r0 apk +php83-gd 8.3.19-r0 apk +php83-iconv 8.3.19-r0 apk +php83-ldap 8.3.19-r0 apk +php83-mbstring 8.3.19-r0 apk +php83-mysqlnd 8.3.19-r0 apk +php83-opcache 8.3.19-r0 apk +php83-openssl 8.3.19-r0 apk +php83-pdo 8.3.19-r0 apk +php83-pdo_mysql 8.3.19-r0 apk +php83-pecl-igbinary 3.2.16-r0 apk +php83-pecl-memcached 3.3.0-r0 apk +php83-pecl-msgpack 3.0.0-r0 apk +php83-phar 8.3.19-r0 apk +php83-session 8.3.19-r0 apk +php83-simplexml 8.3.19-r0 apk +php83-sockets 8.3.19-r0 apk +php83-tokenizer 8.3.19-r0 apk +php83-xml 8.3.19-r0 apk +php83-xmlwriter 8.3.19-r0 apk +php83-zip 8.3.19-r0 apk +phpoption/phpoption 1.9.3 php-composer +phpseclib/phpseclib 3.0.43 php-composer +phpstan/phpstan 2.1.17 php-composer +phpunit/php-code-coverage 11.0.9 php-composer +phpunit/php-file-iterator 5.1.0 php-composer +phpunit/php-invoker 5.0.1 php-composer +phpunit/php-text-template 4.0.1 php-composer +phpunit/php-timer 7.0.1 php-composer +phpunit/phpunit 11.5.21 php-composer +popt 1.19-r4 apk +pragmarx/google2fa v8.0.3 php-composer +predis/predis v2.4.0 php-composer +procps-ng 4.0.4-r2 apk +psr/clock 1.0.0 php-composer +psr/container 2.0.2 php-composer +psr/event-dispatcher 1.0.0 php-composer +psr/http-client 1.0.3 php-composer +psr/http-factory 1.1.0 php-composer +psr/http-message 2.0 php-composer +psr/log 3.0.2 php-composer +psr/simple-cache 3.0.0 php-composer +psy/psysh v0.12.8 php-composer +qt5-qtbase 5.15.10_git20230714-r3 apk +ralouphie/getallheaders 3.0.3 php-composer +ramsey/collection 2.1.1 php-composer +ramsey/uuid 4.7.6 php-composer +readline 8.2.13-r0 apk +robrichards/xmlseclibs 3.1.3 php-composer +sabberworm/php-css-parser v8.8.0 php-composer +scanelf 1.3.8-r1 apk +sebastian/cli-parser 3.0.2 php-composer +sebastian/code-unit 3.0.3 php-composer +sebastian/code-unit-reverse-lookup 4.0.1 php-composer +sebastian/comparator 6.3.1 php-composer +sebastian/complexity 4.0.1 php-composer +sebastian/diff 6.0.2 php-composer +sebastian/environment 7.2.1 php-composer +sebastian/exporter 6.3.0 php-composer +sebastian/global-state 7.0.2 php-composer +sebastian/lines-of-code 3.0.1 php-composer +sebastian/object-enumerator 6.0.1 php-composer +sebastian/object-reflector 4.0.1 php-composer +sebastian/recursion-context 6.0.2 php-composer +sebastian/type 5.1.2 php-composer +sebastian/version 5.0.2 php-composer +shadow 4.16.0-r1 apk +skalibs-libs 2.14.3.0-r0 apk +socialiteproviders/discord 4.2.0 php-composer +socialiteproviders/gitlab 4.1.0 php-composer +socialiteproviders/manager v4.8.1 php-composer +socialiteproviders/microsoft-azure 5.2.0 php-composer +socialiteproviders/okta 4.5.0 php-composer +socialiteproviders/twitch 5.4.0 php-composer +squizlabs/php_codesniffer 3.13.0 php-composer +ssddanbrown/asserthtml v3.1.0 php-composer +ssddanbrown/htmldiff v1.0.4 php-composer +ssddanbrown/symfony-mailer 7.2.x-dev php-composer +ssl_client 1.37.0-r12 apk +staabm/side-effects-detector 1.0.5 php-composer +symfony/clock v7.3.0 php-composer +symfony/console v7.3.0 php-composer +symfony/css-selector v7.3.0 php-composer +symfony/deprecation-contracts v3.6.0 php-composer +symfony/dom-crawler v7.3.0 php-composer +symfony/error-handler v7.3.0 php-composer +symfony/event-dispatcher v7.3.0 php-composer +symfony/event-dispatcher-contracts v3.6.0 php-composer +symfony/finder v7.3.0 php-composer +symfony/http-foundation v7.3.0 php-composer +symfony/http-kernel v7.3.0 php-composer +symfony/mime v7.3.0 php-composer +symfony/polyfill-ctype v1.32.0 php-composer +symfony/polyfill-intl-grapheme v1.32.0 php-composer +symfony/polyfill-intl-idn v1.32.0 php-composer +symfony/polyfill-intl-normalizer v1.32.0 php-composer +symfony/polyfill-mbstring v1.32.0 php-composer +symfony/polyfill-php80 v1.32.0 php-composer +symfony/polyfill-php83 v1.32.0 php-composer +symfony/polyfill-uuid v1.32.0 php-composer +symfony/process v7.3.0 php-composer +symfony/routing v7.3.0 php-composer +symfony/service-contracts v3.6.0 php-composer +symfony/string v7.3.0 php-composer +symfony/translation v7.3.0 php-composer +symfony/translation-contracts v3.6.0 php-composer +symfony/uid v7.3.0 php-composer +symfony/var-dumper v7.3.0 php-composer +theseer/tokenizer 1.2.3 php-composer +tijsverkoyen/css-to-inline-styles v2.3.0 php-composer +tzdata 2025b-r0 apk +utmps-libs 0.1.2.3-r2 apk +vlucas/phpdotenv v5.6.2 php-composer +voku/portable-ascii 2.0.3 php-composer +webmozart/assert 1.11.0 php-composer +xz-libs 5.6.3-r1 apk +zlib 1.3.1-r2 apk +zstd-libs 1.5.6-r2 apk diff --git a/readme-vars.yml b/readme-vars.yml index 1bac271..caed560 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -3,112 +3,171 @@ # project information project_name: bookstack project_url: "https://github.com/BookStackApp/BookStack" -project_logo: "https://s3-us-west-2.amazonaws.com/linuxserver-docs/images/bookstack-logo500x500.png" +project_logo: "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/bookstack-logo.png" project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}" +project_categories: "Content Management" project_blurb: | - [{{ project_name|capitalize }}]({{ project_url }}) is a free and open source Wiki designed for creating beautiful documentation. Feautring a simple, but powerful WYSIWYG editor it allows for teams to create detailed and useful documentation with ease. + [{{ project_name|capitalize }}]({{ project_url }}) is a free and open source Wiki designed for creating beautiful documentation. Featuring a simple, but powerful WYSIWYG editor it allows for teams to create detailed and useful documentation with ease. Powered by SQL and including a Markdown editor for those who prefer it, BookStack is geared towards making documentation more of a pleasure than a chore. For more information on BookStack visit their website and check it out: https://www.bookstackapp.com - # supported architectures available_architectures: - - { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"} - - { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"} - - { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"} - + - {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"} + - {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"} # container parameters param_container_name: "{{ project_name }}" param_usage_include_vols: true param_volumes: - - { vol_path: "/config", vol_host_path: "/path/to/data", desc: "this will store any uploaded data on the docker host" } + - {vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files"} param_usage_include_env: true param_env_vars: - - { env_var: "DB_HOST", env_value: "<yourdbhost>", desc: "for specifying the database host" } - - { env_var: "DB_USER", env_value: "<yourdbuser>", desc: "for specifying the database user" } - - { env_var: "DB_PASS", env_value: "<yourdbpass>", desc: "for specifying the database password" } - - { env_var: "DB_DATABASE", env_value: "bookstackapp", desc: "for specifying the database to be used" } - + - {env_var: "APP_URL", env_value: "", desc: "The protocol, IP/URL, and port that your application will be accessed on (ie. `http://192.168.1.1:6875` or `https://bookstack.mydomain.com`"} + - {env_var: "APP_KEY", env_value: "", desc: "Session encryption key. You will need to generate this with `docker run -it --rm --entrypoint /bin/bash lscr.io/linuxserver/bookstack:latest appkey`"} + - {env_var: "DB_HOST", env_value: "", desc: "The database instance hostname"} + - {env_var: "DB_PORT", env_value: "3306", desc: "Database port"} + - {env_var: "DB_USERNAME", env_value: "", desc: "Database user"} + - {env_var: "DB_PASSWORD", env_value: "", desc: "Database password (minimum 4 characters & non-alphanumeric passwords must be properly escaped.)"} + - {env_var: "DB_DATABASE", env_value: "", desc: "Database name"} param_usage_include_ports: true param_ports: - - { external_port: "6875", internal_port: "80", port_desc: "will map the container's port 80 to port 6875 on the host" } - + - {external_port: "6875", internal_port: "80", port_desc: "http/s web interface."} opt_param_usage_include_env: true opt_param_env_vars: - - { env_var: "APP_URL", env_value: "http://your.site.here.xyz", desc: "for specifying the url your application will be accessed on (required for correct operation of reverse proxy)"} - -custom_compose: | - --- - version: "2" - services: - bookstack: - image: linuxserver/bookstack - container_name: bookstack - environment: - - PUID=1000 - - PGID=1000 - - DB_HOST=bookstack_db - - DB_USER=bookstack - - DB_PASS=<yourdbpass> - - DB_DATABASE=bookstackapp - volumes: - - /path/to/data:/config - ports: - - 6875:80 - restart: unless-stopped - depends_on: - - bookstack_db - bookstack_db: - image: linuxserver/mariadb - container_name: bookstack_db - environment: - - PUID=1000 - - PGID=1000 - - MYSQL_ROOT_PASSWORD=<yourdbpass> - - TZ=Europe/London - - MYSQL_DATABASE=bookstackapp - - MYSQL_USER=bookstack - - MYSQL_PASSWORD=<yourdbpass> - volumes: - - /path/to/data:/config - restart: unless-stopped - + - {env_var: "QUEUE_CONNECTION", env_value: "", desc: "Set to `database` to enable async actions like sending email or triggering webhooks. See [documentation](https://www.bookstackapp.com/docs/admin/email-webhooks/#async-action-handling)."} +readonly_supported: true +readonly_message: | + * `/tmp` must be mounted to tmpfs # application setup block app_setup_block_enabled: true app_setup_block: | + The default username is admin@admin.com with the password of **password**, access the container at http://<host ip>:6875. - The default username is admin@admin.com with the password of **password**, access the container at http://dockerhost:6875. + This application is dependent on a MariaDB database, be it one you already have or a new one. If you do not already have one, we provide an image here https://github.com/linuxserver/docker-mariadb. - This application is dependent on a MySQL database be it one you already have or a new one. If you do not already have one, set up our MariaDB container here https://hub.docker.com/r/linuxserver/mariadb/. + If you intend to use this application behind a subfolder reverse proxy, such as our SWAG container or Traefik you will need to make sure that the `APP_URL` environment variable is set to your external domain, or it will not work. - - If you intend to use this application behind a subfolder reverse proxy, such as our LetsEncrypt container or Traefik you will need to make sure that the `APP_URL` environment variable is set, or it will not work + Documentation for BookStack can be found at https://www.bookstackapp.com/docs/. - Documentation for BookStack can be found at https://www.bookstackapp.com/docs/ + ### BookStack File & Directory Paths - ### Advanced Users (full control over the .env file) - If you wish to use the extra functionality of BookStack such as email, Memcache, LDAP and so on you will need to make your own .env file with guidance from the BookStack documentation. - - When you create the container, do not set any arguments for any SQL settings, or APP_URL. The container will copy an exemplary .env file to /config/www/.env on your host system for you to edit. - - #### PDF Rendering - [wkhtmltopdf](https://wkhtmltopdf.org/) is available to use as an alternative PDF rendering generator as described at https://www.bookstackapp.com/docs/admin/pdf-rendering/. - - The path to wkhtmltopdf in this image to include in your .env file is `/usr/bin/wkhtmltopdf`. + This container ensures certain BookStack application files & folders, such as user file upload folders, are retained within the `/config` folder so that they are persistent & accessible when the `/config` container path is bound as a volume. There may be cases, when following the BookStack documentation, that you'll need to know how these files and folders are used relative to a non-container BookStack installation. + Below is a mapping of container `/config` paths to those relative within a BookStack install directory: + + - **/config container path** => **BookStack relative path** + - `/config/www/.env` => `.env` + - `/config/log/bookstack/laravel.log` => `storage/logs/laravel.log` + - `/config/backups/` => `storage/backups/` + - `/config/www/files/` => `storage/uploads/files/` + - `/config/www/images/` => `storage/uploads/images/` + - `/config/www/themes/` => `themes/` + - `/config/www/uploads/` => `public/uploads/` + + ### Changing APP_URL + + If you change the APP_URL after initial install, you should run the following line from your host terminal to update the database URL entries: + + ```shell + docker exec -it bookstack php /app/www/artisan bookstack:update-url ${OLD_URL} ${NEW_URL} + ``` + + ### Advanced Users (full control over the .env file) + If you wish to use the extra functionality of BookStack such as email, LDAP and so on you will need to set additional environment variables or make your own .env file with guidance from the BookStack documentation. + + The container will copy an exemplary .env file to /config/www/.env on your host system for you to use. +# init diagram +init_diagram: | + "bookstack:latest": { + docker-mods + base { + fix-attr +\nlegacy cont-init + } + docker-mods -> base + legacy-services + custom services + init-services -> legacy-services + init-services -> custom services + custom services -> legacy-services + legacy-services -> ci-service-check + init-migrations -> init-adduser + init-nginx-end -> init-bookstack-config + init-nginx-end -> init-config + init-os-end -> init-config + init-bookstack-config -> init-config-end + init-config -> init-config-end + init-crontab-config -> init-config-end + init-config -> init-crontab-config + init-mods-end -> init-custom-files + init-adduser -> init-device-perms + base -> init-envfile + init-os-end -> init-folders + init-php -> init-keygen + base -> init-migrations + init-config-end -> init-mods + init-mods-package-install -> init-mods-end + init-mods -> init-mods-package-install + init-samples -> init-nginx + init-version-checks -> init-nginx-end + init-adduser -> init-os-end + init-device-perms -> init-os-end + init-envfile -> init-os-end + init-keygen -> init-permissions + init-nginx -> init-php + init-folders -> init-samples + init-custom-files -> init-services + init-permissions -> init-version-checks + init-services -> svc-cron + svc-cron -> legacy-services + init-services -> svc-memcached + svc-memcached -> legacy-services + init-services -> svc-nginx + svc-nginx -> legacy-services + init-services -> svc-php-fpm + svc-php-fpm -> legacy-services + init-services -> svc-queue-worker + svc-queue-worker -> legacy-services + } + Base Images: { + "baseimage-alpine-nginx:3.21" <- "baseimage-alpine:3.21" + } + "bookstack:latest" <- Base Images # changelog changelogs: - - { date: "19.12.19:", desc: "Rebasing to alpine 3.11." } - - { date: "26.07.19:", desc: "Use old version of tidyhtml pending upstream fixes." } - - { date: "28.06.19:", desc: "Rebasing to alpine 3.10." } - - { date: "14.06.19:", desc: "Add wkhtmltopdf to image for PDF rendering." } - - { date: "20.04.19:", desc: "Rebase to Alpine 3.9, add MySQL init logic." } - - { date: "22.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag." } - - { date: "20.01.19:", desc: "Added php7-curl"} - - { date: "04.11.18:", desc: "Added php7-ldap"} - - { date: "15.10.18:", desc: "Changed functionality for advanced users"} - - { date: "08.10.18:", desc: "Advanced mode, symlink changes, sed fixing, docs updated, added some composer files"} - - { date: "23.09.28:", desc: "Updates pre-release"} - - { date: "02.07.18:", desc: "Initial Release." } + - {date: "04.01.25:", desc: "Add php-opcache."} + - {date: "17.12.24:", desc: "Rebase to Alpine 3.21."} + - {date: "11.10.24:", desc: "Default to environment config over .env file config."} + - {date: "06.09.24:", desc: "Add php-exif for reading image EXIF data."} + - {date: "27.05.24:", desc: "Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings."} + - {date: "25.01.24:", desc: "Existing users should update: site-confs/default.conf - Cleanup default site conf."} + - {date: "23.12.23:", desc: "Rebase to Alpine 3.19 with php 8.3."} + - {date: "31.10.23:", desc: "Further sanitize sed replace."} + - {date: "07.06.23:", desc: "Add mariadb-client for bookstack-system-cli support."} + - {date: "25.05.23:", desc: "Rebase to Alpine 3.18, deprecate armhf."} + - {date: "13.04.23:", desc: "Move ssl.conf include to default.conf."} + - {date: "01.03.23:", desc: "Add php iconv."} + - {date: "19.01.23:", desc: "Rebase to alpine 3.17 with php8.1."} + - {date: "16.01.23:", desc: "Wrap `.env` values in quotes."} + - {date: "05.01.23:", desc: "Fix db password setting (sed escape `&`)."} + - {date: "21.12.22:", desc: "Update db info in .env file when env vars are updated."} + - {date: "10.10.22:", desc: "Remove password escape logic which caused problems for a small subset of users."} + - {date: "20.08.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))."} + - {date: "14.03.22:", desc: "Add symlinks for theme support."} + - {date: "11.07.21:", desc: "Rebase to Alpine 3.14."} + - {date: "12.01.21:", desc: "Remove unused requirement, as of release 0.31.0."} + - {date: "17.12.20:", desc: "Make APP_URL var required (upstream changes)."} + - {date: "17.09.20:", desc: "Rebase to alpine 3.12. Fix APP_URL setting. Bump php post max and upload max filesizes to 100MB by default."} + - {date: "19.12.19:", desc: "Rebasing to alpine 3.11."} + - {date: "26.07.19:", desc: "Use old version of tidyhtml pending upstream fixes."} + - {date: "28.06.19:", desc: "Rebasing to alpine 3.10."} + - {date: "14.06.19:", desc: "Add wkhtmltopdf to image for PDF rendering."} + - {date: "20.04.19:", desc: "Rebase to Alpine 3.9, add MySQL init logic."} + - {date: "22.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag."} + - {date: "20.01.19:", desc: "Added php7-curl"} + - {date: "04.11.18:", desc: "Added php7-ldap"} + - {date: "15.10.18:", desc: "Changed functionality for advanced users"} + - {date: "08.10.18:", desc: "Advanced mode, symlink changes, sed fixing, docs updated, added some composer files"} + - {date: "23.09.28:", desc: "Updates pre-release"} + - {date: "02.07.18:", desc: "Initial Release."} diff --git a/root/appkey b/root/appkey new file mode 100755 index 0000000..684439f --- /dev/null +++ b/root/appkey @@ -0,0 +1,9 @@ +#!/bin/bash + +mkdir -p \ + /config/www/framework/{cache,sessions,views} \ + /config/log/bookstack + +touch /config/log/bookstack/laravel.log + +php /app/www/artisan key:generate --show diff --git a/root/defaults/default b/root/defaults/default deleted file mode 100644 index da56e4c..0000000 --- a/root/defaults/default +++ /dev/null @@ -1,39 +0,0 @@ -## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default - -server { - listen 80 default_server; - - listen 443 ssl; - - root /var/www/html/public; - index index.php index.html index.htm; - - server_name _; - - ssl_certificate /config/keys/cert.crt; - ssl_certificate_key /config/keys/cert.key; - - client_max_body_size 0; - - error_page 599 = @noauth; - - location @noauth { - try_files $uri $uri/ /index.php?$args; - } - - location / { - try_files $uri $uri/ /index.php?$query_string; - - } - - location ~ \.php$ { - fastcgi_split_path_info ^(.+\.php)(/.+)$; - # With php5-cgi alone: - fastcgi_pass 127.0.0.1:9000; - # With php5-fpm: - #fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_index index.php; - include /etc/nginx/fastcgi_params; - - } -} diff --git a/root/defaults/nginx.conf b/root/defaults/nginx.conf deleted file mode 100644 index 70e8488..0000000 --- a/root/defaults/nginx.conf +++ /dev/null @@ -1,98 +0,0 @@ -user abc; -worker_processes 4; -pid /run/nginx.pid; -include /etc/nginx/modules/*.conf; - -events { - worker_connections 768; - # multi_accept on; -} - -http { - - ## - # Basic Settings - ## - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - # server_tokens off; - - # server_names_hash_bucket_size 64; - # server_name_in_redirect off; - - client_max_body_size 0; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # Logging Settings - ## - - access_log /config/log/nginx/access.log; - error_log /config/log/nginx/error.log; - - ## - # Gzip Settings - ## - - gzip on; - gzip_disable "msie6"; - - # gzip_vary on; - # gzip_proxied any; - # gzip_comp_level 6; - # gzip_buffers 16 8k; - # gzip_http_version 1.1; - # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; - - ## - # nginx-naxsi config - ## - # Uncomment it if you installed nginx-naxsi - ## - - #include /etc/nginx/naxsi_core.rules; - - ## - # nginx-passenger config - ## - # Uncomment it if you installed nginx-passenger - ## - - #passenger_root /usr; - #passenger_ruby /usr/bin/ruby; - - ## - # Virtual Host Configs - ## - include /etc/nginx/conf.d/*.conf; - include /config/nginx/site-confs/*; -} - - -#mail { -# # See sample authentication script at: -# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript -# -# # auth_http localhost/auth.php; -# # pop3_capabilities "TOP" "USER"; -# # imap_capabilities "IMAP4rev1" "UIDPLUS"; -# -# server { -# listen localhost:110; -# protocol pop3; -# proxy on; -# } -# -# server { -# listen localhost:143; -# protocol imap; -# proxy on; -# } -#} -daemon off; diff --git a/root/etc/cont-init.d/50-config b/root/etc/cont-init.d/50-config deleted file mode 100644 index e663f79..0000000 --- a/root/etc/cont-init.d/50-config +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/with-contenv bash - -# create directory structure -mkdir -p \ - /config/www/{uploads,files,images} - -# check for .env and copy default if needed -[[ ! -f "/config/www/.env" ]] && \ - cp /var/www/html/.env.example /config/www/.env - -# create symlinks -symlinks=( \ -/var/www/html/storage/uploads/files \ -/var/www/html/storage/uploads/images \ -/var/www/html/public/uploads \ -/var/www/html/.env \ -/var/www/html/storage/logs/laravel.log -) - -for i in "${symlinks[@]}" -do -[[ -e "$i" && ! -L "$i" ]] && rm -rf "$i" -[[ ! -L "$i" ]] && ln -s /config/www/"$(basename "$i")" "$i" -done - -# Echo init finish for test runs -if [ -n "${TEST_RUN}" ]; then - echo '[services.d] done.' -fi - -# Create API key if needed -if [ ! -f "/config/BOOKSTACK_APP_KEY.txt" ]; - then - echo "Generating BookStack app key for first run" - key=$(php /var/www/html/artisan key:generate --show) - echo $key > /config/BOOKSTACK_APP_KEY.txt - echo "App Key set to $key you can modify the file to update /config/BOOKSTACK_APP_KEY.txt" -elif [ -f "/config/BOOKSTACK_APP_KEY.txt" ]; - then - echo "App Key found - setting variable for seds" - key=$(cat /config/BOOKSTACK_APP_KEY.txt) -fi - -# .env file setup -# check for the default app key or if it has been updated -if grep -Fxq "APP_KEY=SomeRandomString" /config/www/.env || \ -! grep -Fxq "APP_KEY=${key}" /config/www/.env; then - sed -i "s#^APP_KEY=.*#APP_KEY=${key}#" /config/www/.env -fi -# check to see if db_user is set, if it is then run seds and if not then leave them -if [ "${DB_USER}" ]; - then - echo "Running config - db_user set" - sed -i "s/DB_HOST=localhost/DB_HOST=${DB_HOST}/g" /config/www/.env - sed -i "s/DB_DATABASE=database_database/DB_DATABASE=${DB_DATABASE}/g" /config/www/.env - sed -i "s/DB_USERNAME=database_username/DB_USERNAME=${DB_USER}/g" /config/www/.env - sed -i "s/DB_PASSWORD=database_user_password/DB_PASSWORD=${DB_PASS}/g" /config/www/.env -fi - -# set appurl if detected -[[ "${APP_URL}" ]] && sed -i "s,#\sAPP_URL.*,APP_URL=${APP_URL},g" /config/www/.env - -# check for the mysql endpoint for 30 seconds -END=$((SECONDS+30)) -while [ ${SECONDS} -lt ${END} ] && [ -n "${DB_HOST+x}" ]; do - /usr/bin/nc -z ${DB_HOST} 3306 && \ - if [ ! -z "$(/usr/bin/nc -w1 ${DB_HOST} 3306)" ]; then - [ ! -z "${RUN}" ] && break - RUN="RAN" - # we sleep here again due to first run init on DB containers - [ ! -f /dbwait.lock ] && sleep 5 - else - sleep 1 - fi - sleep 1 -done - -# update database - will set up database if fresh, or, migrate existing -if [ -z "${CI_RUN+x}" ]; then - php /var/www/html/artisan migrate --force -fi - -# set permissions -chown -R abc:abc \ - /config \ - /var/www/ - -# set lockfile to avoid DB waits for this specific container -touch /dbwait.lock diff --git a/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/dependencies.d/init-nginx-end b/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/dependencies.d/init-nginx-end new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/run b/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/run new file mode 100755 index 0000000..01ba342 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/run @@ -0,0 +1,63 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +# create directory structure +mkdir -p \ + /config/www/{uploads,files,images,themes} \ + /config/www/framework/{cache,sessions,views} \ + /config/backups \ + /config/log/bookstack + +if [[ ! -f /tmp/dbwait.lock ]];then + rm -rf /config/www/framework/{cache,sessions,views}/* +fi + +# check for .env and copy default if needed +if [[ ! -f "/config/www/.env" ]] || [[ ! -s "/config/www/.env" ]]; then + cp /app/www/.env.example /config/www/.env +fi + +# Check for app key +if [[ -z ${APP_KEY} ]]; then + if ! grep -qE "APP_KEY=[0-9A-Za-z:+\/=]{1,}" /config/www/.env 2> /dev/null || grep -qE "APP_KEY=SomeRandomString" /config/www/.env 2> /dev/null; then + echo "The application key is missing, halting init!" + echo "You can generate a key with: docker run -it --rm --entrypoint /bin/bash lscr.io/linuxserver/bookstack:latest appkey" + echo "And apply it to the APP_KEY environment variable." + sleep infinity + fi +fi + +## Bump php upload max filesize and post max size to 100MB by default +if ! grep -qx '^upload_max_filesize.*$' /config/php/php-local.ini; then + echo 'upload_max_filesize = 100M' >>/config/php/php-local.ini +fi +if ! grep -qx '^post_max_size.*$' /config/php/php-local.ini; then + echo 'post_max_size = 100M' >>/config/php/php-local.ini +fi + +# if DB_PORT is not set +if [[ -z "${DB_PORT}" ]]; then + DB_PORT="3306" +fi + +# check for the mysql endpoint +echo "Waiting for DB to be available" +END=$((SECONDS + 30)) +while [[ ${SECONDS} -lt ${END} ]] && [[ -n "${DB_HOST+x}" ]]; do + if [[ $(/usr/bin/nc -w1 "${DB_HOST}" "${DB_PORT}" | tr -d '\0') ]]; then + if [[ ! -f /tmp/dbwait.lock ]]; then + sleep 5 + fi + touch /tmp/dbwait.lock + break + else + sleep 1 + fi +done + +# update database - will set up database if fresh, or, migrate existing +php /app/www/artisan migrate --force + +# permissions +lsiown -R abc:abc \ + /config diff --git a/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/type b/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/up b/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/up new file mode 100644 index 0000000..c9f39e1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-bookstack-config/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-bookstack-config/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-bookstack-config b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-bookstack-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-memcached/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/svc-memcached/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/services.d/memcached/run b/root/etc/s6-overlay/s6-rc.d/svc-memcached/run old mode 100644 new mode 100755 similarity index 67% rename from root/etc/services.d/memcached/run rename to root/etc/s6-overlay/s6-rc.d/svc-memcached/run index bd4a49e..4ba399b --- a/root/etc/services.d/memcached/run +++ b/root/etc/s6-overlay/s6-rc.d/svc-memcached/run @@ -1,2 +1,4 @@ #!/usr/bin/with-contenv bash +# shellcheck shell=bash + exec memcached -u abc diff --git a/root/etc/s6-overlay/s6-rc.d/svc-memcached/type b/root/etc/s6-overlay/s6-rc.d/svc-memcached/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-memcached/type @@ -0,0 +1 @@ +longrun diff --git a/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/run b/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/run new file mode 100755 index 0000000..a14bc14 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/run @@ -0,0 +1,6 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +echo "*** Starting Async Action Queue ***" + +exec /usr/bin/php /app/www/artisan queue:work --sleep=3 --tries=1 --max-time=3600 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/type b/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-queue-worker/type @@ -0,0 +1 @@ +longrun diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-bookstack-config b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-bookstack-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-memcached b/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-memcached new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/services.d/php-fpm/run b/root/etc/services.d/php-fpm/run deleted file mode 100644 index 4e0812f..0000000 --- a/root/etc/services.d/php-fpm/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/usr/bin/with-contenv bash -exec /usr/sbin/php-fpm7 -F diff --git a/root/init-hook b/root/init-hook new file mode 100755 index 0000000..906cefc --- /dev/null +++ b/root/init-hook @@ -0,0 +1,9 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +if [[ -n "${QUEUE_CONNECTION}" ]]; then + touch /etc/s6-overlay/s6-rc.d/user/contents.d/svc-queue-worker +fi + +exec \ + /docker-mods diff --git a/root/migrations/02-default-location b/root/migrations/02-default-location new file mode 100755 index 0000000..42407f9 --- /dev/null +++ b/root/migrations/02-default-location @@ -0,0 +1,11 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +DEFAULT_CONF="/config/nginx/site-confs/default.conf" +OLD_ROOT="root /var/www/html/public;" +NEW_ROOT="root /app/www/public;" + +if [[ -f "${DEFAULT_CONF}" ]] && grep -q "${OLD_ROOT}" "${DEFAULT_CONF}" 2>/dev/null; then + echo "updating root in ${DEFAULT_CONF}" + sed -i "s|${OLD_ROOT}|${NEW_ROOT}|" "${DEFAULT_CONF}" +fi diff --git a/root/var/www/html/public/index.html b/root/var/www/html/public/index.html new file mode 100644 index 0000000..2ac31be --- /dev/null +++ b/root/var/www/html/public/index.html @@ -0,0 +1,40 @@ +<html> + <head> + <title>Upgrade Required! + + + +
+

Upgrade Required!

+

The application inside this image has been moved to a new folder.

+

You will need to update your /config/nginx/nginx.conf and /config/nginx/site-confs/default.conf in order for the application to work.

+

New config samples are located at /config/nginx/nginx.conf.sample and /config/nginx/site-confs/default.conf.sample

+

Please review our announcement: Significant changes to nginx based images

+
+ +