Update to alpine

This commit is contained in:
Deon George 2023-05-17 00:18:41 +10:00
parent 28ba2b6497
commit 3d11c9ccc2
6 changed files with 80 additions and 26 deletions

View File

@ -1,17 +1,31 @@
stages: stages:
- build - build
- build-manifest
variables: variables:
CACHETAG: build-${VERSION} VERSION: latest
DOCKER_HOST: tcp://docker:2375 DOCKER_HOST: tcp://docker:2375
VERSIONARCH: ${VERSION}-${ARCH}
cache:
key: ${CI_JOB_NAME_SLUG}-${CI_COMMIT_REF_SLUG}
paths:
- build-cache
image: docker:latest
services: services:
- docker:dind - docker:dind
before_script: before_script:
- docker info - if [ ! -d build-cache ]; then mkdir build-cache; fi
- docker version - sed -ie s'/https/http/' /etc/apk/repositories
- HTTP_PROXY=http://proxy.dege.lan:3128 apk add git curl
- docker info && docker version
# env|sort
- echo "$CI_JOB_TOKEN" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin - echo "$CI_JOB_TOKEN" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin
- env|sort
include: .gitlab-docker-x86_64.yml include:
- .gitlab-docker-x86_64.yml
# .gitlab-docker-armv7l.yml
# .gitlab-docker-arm64.yml
- .gitlab-docker-manifest.yml

View File

@ -0,0 +1,10 @@
x86_64:build-manifest:
stage: build-manifest
script:
- docker manifest create ${CI_REGISTRY_IMAGE}:${VERSION} ${CI_REGISTRY_IMAGE}:${VERSION}-x86_64 #${CI_REGISTRY_IMAGE}:${VERSION}-arm64 ${CI_REGISTRY_IMAGE}:${VERSION}armv7l
- docker manifest push --purge ${CI_REGISTRY_IMAGE}:${VERSION}
tags:
- docker
- x86_64
only:
- master

View File

@ -1,14 +1,14 @@
x86_64:build: x86_64:build:
variables: variables:
VERSION: x86_64 ARCH: x86_64
stage: build stage: build
image: docker:latest
script: script:
- if [ -f init ]; then chmod 500 init; fi - if [ -f init ]; then chmod 500 init; fi
- ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || echo "true" - ([ -z "$REFRESH" -a -f build-cache/${CI_COMMIT_REF_SLUG} ]) && docker load < build-cache/${CI_COMMIT_REF_SLUG} || true
- docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} . - rm build-cache/* || true
- docker push ${CI_REGISTRY_IMAGE}:${VERSION} - docker build --build-arg HTTP_PROXY=http://proxy.dege.lan:3128 --cache-from ${CI_REGISTRY_IMAGE}:${VERSIONARCH} -t ${CI_REGISTRY_IMAGE}:${VERSIONARCH} .
- docker push ${CI_REGISTRY_IMAGE}:${CACHETAG} - docker push ${CI_REGISTRY_IMAGE}:${VERSIONARCH}
- docker save ${CI_REGISTRY_IMAGE}:${VERSIONARCH} > build-cache/${CI_COMMIT_REF_SLUG}
tags: tags:
- docker - docker
- x86_64 - x86_64

View File

@ -1,21 +1,17 @@
# NAME leenooks/rspamd # NAME leenooks/rspamd
# VERSION latest # VERSION latest
FROM debian:stretch-slim FROM alpine
RUN apt-get update \ # Change to http respositories, so they we can cache the install packages
&& apt-get install curl gnupg2 procps -yyq \ RUN if [ -n ${HTTP_PROXY} ] ; then sed -i -e s'/https/http/' /etc/apk/repositories; fi
&& curl -L https://rspamd.com/apt-stable/gpg.key | apt-key add - \
&& apt-get purge curl gnupg2 -yyq && apt autoremove -yyq \
&& echo "deb http://rspamd.com/apt-stable/ stretch main" > /etc/apt/sources.list.d/rspamd.list \
&& apt-get update \
&& apt-get install rspamd iputils-ping -yyq \
&& rm -rf /var/lib/apt/lists/* /tmp/*
RUN apk add --no-cache rspamd
ADD rspamd.conf.local.override /etc/rspamd/
EXPOSE 11332 11333 11334 EXPOSE 11332 11333 11334
COPY init /sbin/ COPY init /sbin/
# Starting # Starting
ENTRYPOINT [ "/sbin/init" ] ENTRYPOINT [ "/sbin/init" ]
CMD [ "start" ]

23
init
View File

@ -1,4 +1,4 @@
#!/bin/bash #!/bin/sh
set -e set -e
NAME="RSPAMD" NAME="RSPAMD"
@ -13,12 +13,25 @@ function stop {
trap 'stop' SIGTERM trap 'stop' SIGTERM
if [ "$1" == "start" ]; then if [ -z "$@" ]; then
if [ -z "${NO_CLAMAV}" ]; then if [ -n "${ENABLE_CLAMAV}" ]; then
x=0; until ping -c1 ${CLAMAV} &>/dev/null; do echo "Waiting for [${CLAMAV}]..."; let x=$x+1; if [ $x -ge ${TRIES} ]; then NOTON=1; break; fi ; sleep ${WAIT}; done ; [ -n "${NOTON}" ] && echo "No [${CLAMAV}]?" && exit 1 x=0;
until ping -c1 ${CLAMAV} &>/dev/null; do
echo "Waiting for [${CLAMAV}]...";
let x=$x+1;
if [ $x -ge ${TRIES} ]; then
NOTON=1;
break;
fi
sleep ${WAIT};
done
[ -n "${NOTON}" ] && echo "No [${CLAMAV}]?" && exit 1
fi fi
[ -x /usr/bin/rspamd ] && exec /usr/bin/rspamd -u _rspamd -g _rspamd -c /etc/rspamd/rspamd.conf -f -p /var/run/rspamd.pid & # Set password
[ -n "${RSPAMD_PASSWD}" ] && sed -i -e 's/^#\s*password/ password/' -e "s/@PASSWORD@/${RSPAMD_PASSWD}/" /etc/rspamd/rspamd.conf.local.override
[ -x /usr/bin/rspamd ] && exec /usr/bin/rspamd -u rspamd -g rspamd -c /etc/rspamd/rspamd.conf -f -p /var/run/rspamd.pid &
wait wait
else else

View File

@ -0,0 +1,21 @@
worker "normal" {
bind_socket = "*:11333";
.include "$CONFDIR/worker-normal.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-normal.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-normal.inc"
}
worker "controller" {
bind_socket = "*:11334";
# password = "@PASSWORD@";
.include "$CONFDIR/worker-controller.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-controller.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-controller.inc"
}
worker "rspamd_proxy" {
bind_socket = "*:11332";
.include "$CONFDIR/worker-proxy.inc"
.include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/worker-proxy.inc"
.include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/worker-proxy.inc"
}