#2: Build and publish Docker images using GitLab CI.
See merge request jirafeau/Jirafeau!1
-# Select docker image from https://hub.docker.com/_/php/
-image: php:8.1
-
# Select what we should cache
cache:
paths:
- vendor/
-before_script:
- # Install git, the docker php image doesn't have it installed by default
- - apt-get update -yqq
- - apt-get install git -yqq
- - apt-get install zip -yqq
- # Enable necessary php extensions
- - docker-php-ext-enable curl && docker-php-ext-enable json && docker-php-ext-enable zip && docker-php-ext-enable mbstring && docker-php-ext-enable gd && docker-php-ext-enable pdo_mysql
- # Install composer
- - curl -sS https://getcomposer.org/installer | php
- # Create composer.json file manually, since this is a project without any non-dev dependencies yet
- - php composer.phar require --dev php-parallel-lint/php-parallel-lint
- - php composer.phar require --dev friendsofphp/php-cs-fixer:3.10.0
- # Install all project dependencies
- - php composer.phar install
-
-# Run tests
+# Run tests for php:8.1
job_lint_app_81:
image: php:8.1
- script:
+ before_script: &before_linter_script
+ # Install git, the docker php image doesn't have it installed by default
+ - apt-get update -yqq
+ - apt-get install git -yqq
+ - apt-get install zip -yqq
+ # Enable necessary php extensions
+ - docker-php-ext-enable curl && docker-php-ext-enable json && docker-php-ext-enable zip && docker-php-ext-enable mbstring && docker-php-ext-enable gd && docker-php-ext-enable pdo_mysql
+ # Install composer
+ - curl -sS https://getcomposer.org/installer | php
+ # Create composer.json file manually, since this is a project without any non-dev dependencies yet
+ - php composer.phar require --dev php-parallel-lint/php-parallel-lint
+ - php composer.phar require --dev friendsofphp/php-cs-fixer:3.10.0
+ # Install all project dependencies
+ - php composer.phar install
+ script: &linter_script
- ./vendor/bin/parallel-lint --exclude vendor .
- ./vendor/bin/php-cs-fixer -vvv fix . --dry-run --using-cache=no --rules=@PSR2
+# Run tests for php:7.4
job_lint_app_74:
image: php:7.4
+ before_script: *before_linter_script
+ script: *linter_script
+
+publish:
+ image: docker:latest
+ stage: deploy
+ services:
+ - docker:dind
script:
- - ./vendor/bin/parallel-lint --exclude vendor .
- - ./vendor/bin/php-cs-fixer -vvv fix . --dry-run --using-cache=no --rules=@PSR2
+ - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
+ - docker build -t $CI_REGISTRY/$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG .
+ # If we're on the default branch, also tag the image as latest
+ - docker build -t $CI_REGISTRY/$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG -t $CI_REGISTRY/$CI_REGISTRY_IMAGE:latest .
+ - docker push $CI_REGISTRY/$CI_REGISTRY_IMAGE --all-tags
+ only:
+ - tags
ln -snf /usr/share/zoneinfo/Etc/UTC /etc/localtime && \
echo "UTC" > /etc/timezone
-COPY docker/cleanup.sh /cleanup.sh
-COPY docker/run.sh /run.sh
-RUN chmod o=,ug=rx /cleanup.sh /run.sh
-COPY docker/docker_config.php /docker_config.php
+COPY --chmod=550 docker/cleanup.sh docker/run.sh /
+COPY --chmod=640 docker/docker_config.php /docker_config.php
-RUN mkdir -p /usr/local/etc/php
COPY docker/php.ini /usr/local/etc/php/php.ini
COPY docker/lighttpd.conf /etc/lighttpd/lighttpd.conf
-# install jirafeau
-RUN mkdir /www
+# Install Jirafeau
WORKDIR /www
-# Will ignore some files through .dockerignore
-COPY . .
-RUN rm -rf docker && \
+
+RUN --mount=type=bind,source=.,target=/mnt \
+ cp -r /mnt/* /www/ && \
+ rm -rf /www/docker && \
touch /www/lib/config.local.php && \
chown -R $(id -u lighttpd).$(id -g www-data) /www && \
- chmod o=,ug=rwX -R /www
+ chmod 770 /www
-CMD /run.sh
+CMD ["/run.sh"]
EXPOSE 80
\ No newline at end of file
## Installation
This shows how to install Jirafeau by your own, it's quite simple but you can
-also use a [docker image](https://hub.docker.com/r/mojo42/jirafeau/) or build
+also use a [docker image](https://gitlab.com/jirafeau/Jirafeau/container_registry/) or build
it yourself. Check [docker folder](docker/README.md) for more informations.
System requirements:
Jirafeau is a small PHP application so running it inside a docker container is pretty straightforward.
```
-docker pull mojo42/jirafeau:latest
-docker run -it --rm -p 8080:80 mojo42/jirafeau:latest
+docker pull registry.gitlab.com/jirafeau:latest
+docker run -it --rm -p 8080:80 registry.gitlab.com/jirafeau/jirafeau:latest
```
Then connect on [localhost:8080](http://localhost:8080/).
You may be interested in running Jirafeau on port 80:
```
-docker run -d -p 80:80 --sysctl net.ipv4.ip_unprivileged_port_start=80 mojo42/jirafeau
+docker run -d -p 80:80 --sysctl net.ipv4.ip_unprivileged_port_start=80 registry.gitlab.com/jirafeau/jirafeau
```
Note that Jirafeau image does not provide any SSL/TLS. You may be interested in using [docker compose](https://docs.docker.com/compose/) combined with [Let's Encrypt](https://letsencrypt.org/).
Example:
```
-docker run -it -p 8080:80 --rm -e ADMIN_PASSWORD='p4ssw0rd' -e WEB_ROOT='jirafeau.mydomain.com/' -e UPLOAD_PASSWORD='foo,bar' -e PREVIEW=0 mojo42/jirafeau:latest
+docker run -it -p 8080:80 --rm -e ADMIN_PASSWORD='p4ssw0rd' -e WEB_ROOT='jirafeau.mydomain.com/' -e UPLOAD_PASSWORD='foo,bar' -e PREVIEW=0 registry.gitlab.com/jirafeau/jirafeau:latest
```
## Data storage
Example of using a dedicated volume to store Jirafeau data separately from the container:
```
docker volume create jirafeau_data
-docker run -it --rm -p 8080:80 --mount source=jirafeau_data,target=/data mojo42/jirafeau:latest
+docker run -it --rm -p 8080:80 --mount source=jirafeau_data,target=/data registry.gitlab.com/jirafeau/jirafeau:latest
```
## Few notes
}
}
-run_setup($cfg);
\ No newline at end of file
+run_setup($cfg);
require(JIRAFEAU_ROOT . 'lib/functions.php');
require(JIRAFEAU_ROOT . 'lib/lang.php');
-if ($cfg['download_password_requirement'] === "generated"){
+if ($cfg['download_password_requirement'] === "generated") {
$download_pass = jirafeau_gen_download_pass($cfg['download_password_gen_len'], $cfg['download_password_gen_chars']);
}
</p>
</div>
- <?php if ($cfg['download_password_requirement'] === "generated"){
- ?>
+ <?php if ($cfg['download_password_requirement'] === "generated") {
+ ?>
<div id="show_password">
<p><?php echo t('PSW') ?></p>
echo ' /></td></tr>';
}
- if ($cfg['download_password_requirement'] === 'generated'){
+ if ($cfg['download_password_requirement'] === 'generated') {
echo '<input type="hidden" name="key" id="input_key" value="' . $download_pass .'"/>';
- }else{
+ } else {
echo '<tr><td><label for="input_key">' . t('PSW') . ':' . '</label></td>';
echo '<td><input type="password" name="key" id="input_key" autocomplete = "new-password"';
- if ($cfg['download_password_policy'] === 'regex'){
+ if ($cfg['download_password_policy'] === 'regex') {
echo ' pattern="' . substr($cfg['download_password_policy_regex'], 1, strlen($cfg['download_password_policy_regex']) - 2) . '"'; //remove php delimiters
}
- if ($cfg['download_password_requirement'] === 'required'){
+ if ($cfg['download_password_requirement'] === 'required') {
echo ' required';
}
echo '/></td></tr>';
// Convert UTC timestamp to a datetime field
function jirafeau_get_datetimefield($timestamp)
{
-
$ts = date_create("@" . $timestamp);
$content = '<span class="datetime" data-datetime="' . date_format($ts, 'Y-m-d H:i') . '">'
. date_format($ts, 'Y-m-d H:i') . ' (GMT)</span>';
$enc = sodium_crypto_secretstream_xchacha20poly1305_push($crypt_state, $to_enc);
if (fwrite($w, $enc) === false) {
- return '';
+ return '';
}
}
$key = '';
if (isset($_POST['key'])) {
$key = $_POST['key'];
- if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){
- if (!preg_match($cfg['download_password_policy_regex'], $key)){
+ if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex') {
+ if (!preg_match($cfg['download_password_policy_regex'], $key)) {
echo 'Error 14: The download password is not complying to the security standards.';
exit;
}
}
- }elseif ($cfg['download_password_requirement'] !== 'optional'){
+ } elseif ($cfg['download_password_requirement'] !== 'optional') {
echo 'Error 13: The parameter password is required.';
exit;
}
$key = '';
if (isset($_POST['key'])) {
$key = $_POST['key'];
- if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){
- if (!preg_match($cfg['download_password_policy_regex'], $key)){
+ if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex') {
+ if (!preg_match($cfg['download_password_policy_regex'], $key)) {
echo 'Error 14: The download password is not complying to the security standards.';
exit;
}
}
- }elseif ($cfg['download_password_requirement'] !== 'optional'){
+ } elseif ($cfg['download_password_requirement'] !== 'optional') {
echo 'Error 13: The parameter password is required.';
exit;
}
$key = '';
if (isset($_POST['key'])) {
$key = $_POST['key'];
- if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){
- if (!preg_match($cfg['download_password_policy_regex'], $key)){
+ if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex') {
+ if (!preg_match($cfg['download_password_policy_regex'], $key)) {
echo 'Error 14: The download password is not complying to the security standards.';
exit;
}
}
- }elseif ($cfg['download_password_requirement'] !== 'optional'){
+ } elseif ($cfg['download_password_requirement'] !== 'optional') {
echo 'Error 13: The parameter password is required.';
exit;
}
git.p6c8.net / jirafeau_project.git / commitdiff