No longer use PHP and some optimisations

.gitlab-ci.yml

@@ -1,14 +1,26 @@
 stages:
   - build
+  - build-manifest
 
 variables:
-  CACHETAG: build-${VERSION}
   DOCKER_HOST: tcp://docker:2375
+  BRANCH: latest
+  VERSION: ${BRANCH}
+  VERSIONARCH: ${VERSION}-${ARCH}
 
+cache:
+  key: ${CI_COMMIT_REF_SLUG}
+  paths:
+    - docker/
+
+image: docker:latest
 services:
 - docker:dind
 
 before_script:
+- if [ ! -d docker ]; then mkdir docker; fi
+# sed -ie s'/https/http/' /etc/apk/repositories
+# HTTP_PROXY=http://proxy.dege.lan:3128 apk add git curl
 - docker info
 - docker version
 - echo "$CI_JOB_TOKEN" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin

.gitlab-docker-armv7l.yml

@@ -1,14 +1,14 @@
-build:armv7l:
+armv7l:build:
   variables:
-    VERSION: armv7l
+    ARCH: armv7l
   stage: build
   image: docker:latest
   script:
     - if [ -f init ]; then chmod 500 init; fi
-    - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true
+    - ([ -z "$REFRESH" -a -f docker/${CI_COMMIT_REF_SLUG} ]) && docker load < docker/${CI_COMMIT_REF_SLUG} || true
-    - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} .
+    - docker build --build-arg HTTP_PROXY=http://proxy.dege.lan:3128 --cache-from ${CI_REGISTRY_IMAGE}:${VERSIONARCH} -t ${CI_REGISTRY_IMAGE}:${VERSIONARCH} .
-    - docker push ${CI_REGISTRY_IMAGE}:${VERSION}
+    - docker push ${CI_REGISTRY_IMAGE}:${VERSIONARCH}
-    - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG}
+    - docker save ${CI_REGISTRY_IMAGE}:${VERSIONARCH} > docker/${CI_COMMIT_REF_SLUG}
   tags:
     - docker
     - armv7l

.gitlab-docker-x86_64.yml

@@ -1,16 +1,27 @@
-build:x86_64:
+x86_64:build:
   variables:
-    VERSION: x86_64
+    ARCH: x86_64
   stage: build
   image: docker:latest
   script:
     - if [ -f init ]; then chmod 500 init; fi
-    - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true
+    - ([ -z "$REFRESH" -a -f docker/${CI_COMMIT_REF_SLUG} ]) && docker load < docker/${CI_COMMIT_REF_SLUG} || true
-    - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} .
+    - docker build --build-arg HTTP_PROXY=http://proxy.dege.lan:3128 --cache-from ${CI_REGISTRY_IMAGE}:${VERSIONARCH} -t ${CI_REGISTRY_IMAGE}:${VERSIONARCH} .
-    - docker push ${CI_REGISTRY_IMAGE}:${VERSION}
+    - docker push ${CI_REGISTRY_IMAGE}:${VERSIONARCH}
-    - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG}
+    - docker save ${CI_REGISTRY_IMAGE}:${VERSIONARCH} > docker/${CI_COMMIT_REF_SLUG}
   tags:
     - docker
     - x86_64
   only:
     - master
+
+x86_64:build-manifest:
+  stage: build-manifest
+  script:
+  - docker manifest create ${CI_REGISTRY_IMAGE}:${VERSION} ${CI_REGISTRY_IMAGE}:${VERSION}-armv7l ${CI_REGISTRY_IMAGE}:${VERSION}-x86_64
+  - docker manifest push --purge ${CI_REGISTRY_IMAGE}:${VERSION}
+  tags:
+  - docker
+  - x86_64
+  only:
+  - master

Dockerfile

@@ -1,38 +1,32 @@
 # NAME leenooks/nginx
 # VERSION latest
 
-FROM php:fpm-alpine
+FROM nginx:alpine
-RUN apk add nginx nginx-mod-mail bash
 
-EXPOSE 80 443 25 110 143
+# Change to http respositories, so they we can cache the install packages
+RUN if [ -n ${HTTP_PROXY} ] ; then sed -ie s'/https/http/' /etc/apk/repositories; fi
+
+RUN apk add --no-cache nginx nginx-mod-mail
 
 # Add acme-lego Certbot
-RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.6.0/lego_v4.6.0_linux_amd64.tar.gz | tar -C /usr/local/sbin -xzf -
+RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.6.0/lego_v4.6.0_linux_amd64.tar.gz | tar -C /usr/sbin -xzf -
-
-RUN mv /sbin/init /sbin/init.busybox
-COPY init /sbin/
-
-#RUN apt-get update && apt-get install certbot -yy \
-#	&& rm -rf /var/lib/apt/lists/* /tmp/*
-
-# Add Cloudflare Certbot
-#RUN apt-get update && apt-get install python3-certbot-dns-cloudflare -yy \
-#	&& rm -rf /var/lib/apt/lists/* /tmp/*
 
+# Configuration
 COPY etc/nginx/nginx.conf /etc/nginx
 COPY etc/nginx/default.d /etc/nginx/default.d
 COPY etc/nginx/include.d /etc/nginx/include.d
 RUN chmod 444 /etc/nginx/default.d/ssl/* && chmod 400 /etc/nginx/default.d/ssl/default.key /etc/nginx/default.d/ssl/dhparams.pem
 
-COPY var/www/maintenance /var/www/maintenance
+# Default SSL cert
-COPY www.conf /usr/local/etc/php-fpm.d/
-
-COPY ssl.sh /usr/local/sbin/
-LABEL cron.container.weekly root#/usr/local/sbin/ssl.sh lego renew
-
 RUN mkdir -p /etc/nginx/conf.d/ssl && ln -s ../../default.d/ssl/default.crt /etc/nginx/conf.d/ssl/mail.crt && ln -s ../../default.d/ssl/default.key /etc/nginx/conf.d/ssl/mail.key
+COPY ssl.sh /usr/sbin/
+
+COPY var/www/maintenance /var/www/maintenance
+
 # Expose our web root and log directories log.
 #VOLUME [ "/etc/nginx/conf.d", "/etc/nginx/default.d", "/etc/nginx/include.d" ]
 
 # Starting
-ENTRYPOINT [ "/sbin/init" ]
+LABEL cron.container.weekly root#/usr/sbin/ssl.sh lego renew
+ENTRYPOINT [ "/usr/sbin/nginx","-g","daemon off;" ]
+EXPOSE 80 443 25 110 143

etc/nginx/nginx.conf

@@ -1,4 +1,3 @@
-load_module		/usr/lib/nginx/modules/ngx_mail_module.so;
 user			nginx;
 worker_processes	auto;
 

init

@@ -1,8 +0,0 @@
-#!/bin/sh
-
-set -e
-
-echo '+ Starting PHP-FPM'
-php-fpm -D
-
-exec /usr/sbin/nginx -g "daemon off;"

www.conf

@@ -1,12 +0,0 @@
-[www]
-group = www-data
-listen = 127.0.0.1:9000
-pm = dynamic
-pm.max_children = 25
-pm.max_spare_servers = 10
-pm.min_spare_servers = 5
-pm.start_servers = 10
-user = www-data
-prefix = /var/www/html
-php_admin_value[memory_limit] = 512M
-php_admin_value[max_execution_time] = 300