talexander/homepage
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'buildkit'
All checks were successful
semver Build semver has succeeded
Details
build-staging Build build-staging has succeeded
Details
build Build build has succeeded
Details

Browse Source
This commit is contained in:
Tom Alexander 2024-10-20 19:40:14 -04:00
commit 1422b00208
No known key found for this signature in database
GPG Key ID: D3A179C9A53C0EDE
7 changed files with 142 additions and 524 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

273
.webhook_bridge/pipeline-build-homepage-staging.yaml
View File

@ -44,6 +44,31 @@ spec:
#!/usr/bin/env sh
set -euo pipefail
echo -n "$(date +%s)" | tee $(results.unix-time.path)
- name: get-git-commit-time
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.repo.path)"
results:
- name: unix-time
description: The time of the git commit in unix timestamp format.
steps:
- image: alpine/git:v2.34.2
name: detect-tag-step
script: |
#!/usr/bin/env sh
set -euo pipefail
echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
workspaces:
- name: repo
workspace: git-source
runAfter:
- fetch-repository
- name: report-pending
taskRef:
resolver: git
@ -56,9 +81,6 @@ spec:
value: task/gitea-set-status/0.1/gitea-set-status.yaml
runAfter:
- fetch-repository
- fetch-repository-private
- fetch-repository-explorer
- fetch-repository-organic
params:
- name: CONTEXT
value: "$(params.JOB_NAME)"
@ -94,218 +116,47 @@ spec:
value: $(params.PULL_BASE_SHA)
- name: deleteExisting
value: "true"
- name: fetch-repository-private
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml
workspaces:
- name: output
workspace: git-source-private
params:
- name: url
value: git@code.fizz.buzz:talexander/homepage_private.git
- name: revision
value: main
- name: deleteExisting
value: "true"
- name: fetch-repository-explorer
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml
workspaces:
- name: output
workspace: git-source-explorer
params:
- name: url
value: git@code.fizz.buzz:talexander/organic_ast_explorer.git
- name: revision
value: main
- name: deleteExisting
value: "true"
- name: fetch-repository-organic
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml
workspaces:
- name: output
workspace: git-source-organic
params:
- name: url
value: git@code.fizz.buzz:talexander/organic.git
- name: revision
value: main
- name: deleteExisting
value: "true"
- name: copy-private-files
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.source.path)"
steps:
- image: alpine:3.20
name: copy-private-files
script: |
#!/usr/bin/env sh
set -euo pipefail
cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/"
workspaces:
- name: source
workspace: git-source
- name: source-private
workspace: git-source-private
runAfter:
- fetch-repository
- fetch-repository-private
- name: build-explorer-image
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/kaniko/0.6/kaniko.yaml
params:
- name: IMAGE
value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
- name: CONTEXT
value: .
- name: DOCKERFILE
value: docker/organic/Dockerfile
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS
value:
- "--destination=harbor.fizz.buzz/private/homepage-build-organic" # Also write the :latest image
- "--target="
- --cache=true
- --cache-copy-layers
- --cache-repo=harbor.fizz.buzz/kanikocache/cache
- --use-new-run # Should result in a speed-up
- --reproducible # To remove timestamps so layer caching works.
- --snapshot-mode=redo
- --skip-unused-stages=true
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local
workspaces:
- name: source
workspace: git-source
- name: dockerconfig
workspace: docker-credentials
runAfter:
- fetch-repository
- name: build-explorer-wasm
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.organic.path)"
steps:
- image: "$(params.IMAGE)"
name: build-explorer-wasm
params:
- name: IMAGE
value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
workspaces:
- name: organic
workspace: git-source-organic
runAfter:
- build-explorer-image
- name: copy-explorer-files
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.source-explorer.path)"
steps:
- image: node:lts-alpine3.20
name: copy-explorer-files
script: |
#!/usr/bin/env sh
set -euo pipefail
npm install
npm run release
mkdir -p "$(workspaces.source.path)/static/organic/ast_explorer/"
cp -r "$(workspaces.source-explorer.path)/dist/"* "$(workspaces.source.path)/static/organic/ast_explorer/"
workspaces:
- name: source
workspace: git-source
- name: source-explorer
workspace: git-source-explorer
- name: organic
workspace: git-source-organic
runAfter:
- build-explorer-wasm
- name: build-image
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
value: 3411d0cd39a749464bbf70ba40e2ca83ee9e2d02
- name: pathInRepo
value: task/kaniko/0.6/kaniko.yaml
value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
params:
- name: IMAGE
value: "$(params.image-name):$(tasks.get-time.results.unix-time)"
- name: OUTPUT
value: >-
type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.get-time.results.unix-time)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
- name: CONTEXT
value: $(params.path-to-image-context)
- name: DOCKERFILE
value: $(params.path-to-dockerfile)
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS
value:
- "--destination=$(params.image-name)" # Also write the :latest image
- "--target=$(params.target-name)"
- --cache=true
- --cache-copy-layers
- --cache-repo=harbor.fizz.buzz/kanikocache/cache
- --use-new-run # Should result in a speed-up
- --reproducible # To remove timestamps so layer caching works.
- --snapshot-mode=redo
- --skip-unused-stages=true
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local
- --import-cache
- "type=registry,ref=$(params.image-name):buildcache"
- --export-cache
- "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
- --opt
- build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
- name: BUILDKITD_TOML
value: |
debug = true
[registry."docker.io"]
mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
[registry."dockerhub.dockerhub.svc.cluster.local"]
http = true
insecure = true
workspaces:
- name: source
workspace: git-source
- name: dockerconfig
workspace: docker-credentials
runAfter:
- copy-private-files
- copy-explorer-files
- fetch-repository
finally:
- name: report-success
when:
@ -379,36 +230,6 @@ spec:
requests:
storage: 10Gi
subPath: rust-source
- name: git-source-private
volumeClaimTemplate:
spec:
storageClassName: "nfs-client"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
subPath: git-source
- name: git-source-explorer
volumeClaimTemplate:
spec:
storageClassName: "nfs-client"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
subPath: git-source
- name: git-source-organic
volumeClaimTemplate:
spec:
storageClassName: "nfs-client"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
subPath: git-source
- name: docker-credentials
secret:
secretName: harbor-plain
@ -420,4 +241,4 @@ spec:
- name: path-to-image-context
value: .
- name: path-to-dockerfile
value: docker/server/Dockerfile
value: docker/server

265
.webhook_bridge/pipeline-build-homepage.yaml
View File

@ -24,7 +24,7 @@ spec:
description: The path to the Dockerfile
type: string
tasks:
- name: get-time
- name: get-git-commit-time
taskSpec:
metadata: {}
stepTemplate:
@ -33,17 +33,22 @@ spec:
requests:
cpu: 10m
memory: 600Mi
workingDir: "/"
workingDir: "$(workspaces.repo.path)"
results:
- name: unix-time
description: The current date in unix timestamp format.
description: The time of the git commit in unix timestamp format.
steps:
- image: alpine:3.20
name: get-time-step
- image: alpine/git:v2.34.2
name: detect-tag-step
script: |
#!/usr/bin/env sh
set -euo pipefail
echo -n "$(date +%s)" | tee $(results.unix-time.path)
echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path)
workspaces:
- name: repo
workspace: git-source
runAfter:
- fetch-repository
- name: detect-tag
taskSpec:
metadata: {}
@ -88,9 +93,6 @@ spec:
value: task/gitea-set-status/0.1/gitea-set-status.yaml
runAfter:
- fetch-repository
- fetch-repository-private
- fetch-repository-explorer
- fetch-repository-organic
params:
- name: CONTEXT
value: "$(params.JOB_NAME)"
@ -126,218 +128,47 @@ spec:
value: $(params.PULL_BASE_SHA)
- name: deleteExisting
value: "true"
- name: fetch-repository-private
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml
workspaces:
- name: output
workspace: git-source-private
params:
- name: url
value: git@code.fizz.buzz:talexander/homepage_private.git
- name: revision
value: main
- name: deleteExisting
value: "true"
- name: fetch-repository-explorer
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml
workspaces:
- name: output
workspace: git-source-explorer
params:
- name: url
value: git@code.fizz.buzz:talexander/organic_ast_explorer.git
- name: revision
value: main
- name: deleteExisting
value: "true"
- name: fetch-repository-organic
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/git-clone/0.9/git-clone.yaml
workspaces:
- name: output
workspace: git-source-organic
params:
- name: url
value: git@code.fizz.buzz:talexander/organic.git
- name: revision
value: main
- name: deleteExisting
value: "true"
- name: copy-private-files
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.source.path)"
steps:
- image: alpine:3.20
name: copy-private-files
script: |
#!/usr/bin/env sh
set -euo pipefail
cp -r "$(workspaces.source-private.path)/static/"* "$(workspaces.source.path)/static/"
workspaces:
- name: source
workspace: git-source
- name: source-private
workspace: git-source-private
runAfter:
- fetch-repository
- fetch-repository-private
- name: build-explorer-image
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
- name: pathInRepo
value: task/kaniko/0.6/kaniko.yaml
params:
- name: IMAGE
value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
- name: CONTEXT
value: .
- name: DOCKERFILE
value: docker/organic/Dockerfile
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS
value:
- "--destination=harbor.fizz.buzz/private/homepage-build-organic" # Also write the :latest image
- "--target="
- --cache=true
- --cache-copy-layers
- --cache-repo=harbor.fizz.buzz/kanikocache/cache
- --use-new-run # Should result in a speed-up
- --reproducible # To remove timestamps so layer caching works.
- --snapshot-mode=redo
- --skip-unused-stages=true
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local
workspaces:
- name: source
workspace: git-source
- name: dockerconfig
workspace: docker-credentials
runAfter:
- fetch-repository
- name: build-explorer-wasm
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.organic.path)"
steps:
- image: "$(params.IMAGE)"
name: build-explorer-wasm
params:
- name: IMAGE
value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)"
workspaces:
- name: organic
workspace: git-source-organic
runAfter:
- build-explorer-image
- name: copy-explorer-files
taskSpec:
metadata: {}
stepTemplate:
image: alpine:3.20
computeResources:
requests:
cpu: 10m
memory: 600Mi
workingDir: "$(workspaces.source-explorer.path)"
steps:
- image: node:lts-alpine3.20
name: copy-explorer-files
script: |
#!/usr/bin/env sh
set -euo pipefail
npm install
npm run release
mkdir -p "$(workspaces.source.path)/static/organic/ast_explorer/"
cp -r "$(workspaces.source-explorer.path)/dist/"* "$(workspaces.source.path)/static/organic/ast_explorer/"
workspaces:
- name: source
workspace: git-source
- name: source-explorer
workspace: git-source-explorer
- name: organic
workspace: git-source-organic
runAfter:
- build-explorer-wasm
- name: build-image
taskRef:
resolver: git
params:
- name: url
value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git
value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git
- name: revision
value: df36b3853a5657fd883015cdbf07ad6466918acf
value: 3411d0cd39a749464bbf70ba40e2ca83ee9e2d02
- name: pathInRepo
value: task/kaniko/0.6/kaniko.yaml
value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml
params:
- name: IMAGE
value: "$(params.image-name):$(tasks.detect-tag.results.tag)"
- name: OUTPUT
value: >-
type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.detect-tag.results.tag)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true
- name: CONTEXT
value: $(params.path-to-image-context)
- name: DOCKERFILE
value: $(params.path-to-dockerfile)
- name: BUILDER_IMAGE
value: "gcr.io/kaniko-project/executor:v1.12.1"
- name: EXTRA_ARGS
value:
- "--destination=$(params.image-name)" # Also write the :latest image
- "--target=$(params.target-name)"
- --cache=true
- --cache-copy-layers
- --cache-repo=harbor.fizz.buzz/kanikocache/cache
- --use-new-run # Should result in a speed-up
- --reproducible # To remove timestamps so layer caching works.
- --snapshot-mode=redo
- --skip-unused-stages=true
- --registry-mirror=dockerhub.dockerhub.svc.cluster.local
- --import-cache
- "type=registry,ref=$(params.image-name):buildcache"
- --export-cache
- "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true"
- --opt
- build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time)
- name: BUILDKITD_TOML
value: |
debug = true
[registry."docker.io"]
mirrors = ["dockerhub.dockerhub.svc.cluster.local"]
[registry."dockerhub.dockerhub.svc.cluster.local"]
http = true
insecure = true
workspaces:
- name: source
workspace: git-source
- name: dockerconfig
workspace: docker-credentials
runAfter:
- copy-private-files
- copy-explorer-files
- fetch-repository
finally:
- name: report-success
when:
@ -411,36 +242,6 @@ spec:
requests:
storage: 10Gi
subPath: rust-source
- name: git-source-private
volumeClaimTemplate:
spec:
storageClassName: "nfs-client"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
subPath: git-source
- name: git-source-explorer
volumeClaimTemplate:
spec:
storageClassName: "nfs-client"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
subPath: git-source
- name: git-source-organic
volumeClaimTemplate:
spec:
storageClassName: "nfs-client"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
subPath: git-source
- name: docker-credentials
secret:
secretName: harbor-plain
@ -452,4 +253,4 @@ spec:
- name: path-to-image-context
value: .
- name: path-to-dockerfile
value: docker/server/Dockerfile
value: docker/server

7
docker/organic/Dockerfile
View File

@ -1,7 +0,0 @@
FROM rustlang/rust:nightly-alpine3.20
RUN apk add --no-cache musl-dev make bash
RUN rustup target add wasm32-unknown-unknown
RUN cargo install wasm-bindgen-cli
CMD ["make", "wasm"]

52
docker/organic/Makefile
View File

@ -1,52 +0,0 @@
SHELL := bash
.ONESHELL:
.SHELLFLAGS := -eu -o pipefail -c
.DELETE_ON_ERROR:
MAKEFLAGS += --warn-undefined-variables
MAKEFLAGS += --no-builtin-rules
OS:=$(shell uname -s)
ifeq ($(origin .RECIPEPREFIX), undefined)
$(error This Make does not support .RECIPEPREFIX. Please use GNU Make 4.0 or later)
endif
.RECIPEPREFIX = >
IMAGE_NAME:=homepage-build-organic
# REMOTE_REPO:=harbor.fizz.buzz/private
TARGET :=
.PHONY: help
help:
> @grep -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -E 's/^([^:]*): *## */\1: /'
.PHONY: build
build: ## Build the docker image.
> docker build --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../
.PHONY: push
push: ## Push the docker image to a remote repository.
ifdef REMOTE_REPO
> docker tag $(IMAGE_NAME) $(REMOTE_REPO)/$(IMAGE_NAME)
> docker push $(REMOTE_REPO)/$(IMAGE_NAME)
else
> @echo "REMOTE_REPO not defined, not pushing to a remote repo."
endif
.PHONY: clean
clean:
> docker rmi $(IMAGE_NAME)
ifdef REMOTE_REPO
> docker rmi $(REMOTE_REPO)/$(IMAGE_NAME)
else
> @echo "REMOTE_REPO not defined, not removing from remote repo."
endif
.PHONY: run
run: build
run: ## Launch the docker image
> docker run --rm -i -t $(IMAGE_NAME)
.PHONY: shell
shell: ## Launch an interactive shell inside the docker image.
shell: build
> docker run --rm -i -t --entrypoint /bin/bash --mount type=tmpfs,destination=/tmp $(IMAGE_NAME)

64
docker/server/Dockerfile
View File

@ -1,10 +1,62 @@
FROM harbor.fizz.buzz/private/natter:latest AS builder
# syntax=docker/dockerfile:1
ARG ALPINE_VERSION="3.20"
COPY . /source
RUN ls /source/
RUN natter build --config /source/natter.toml
FROM alpine:3.20 AS server
FROM scratch AS private
ADD git@code.fizz.buzz:talexander/homepage_private.git /homepage_private
FROM scratch AS explorer
ADD https://code.fizz.buzz/talexander/organic_ast_explorer.git /organic_ast_explorer
FROM scratch AS organic
ADD git@code.fizz.buzz:talexander/organic.git /organic
FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS organic-build
RUN apk add --no-cache musl-dev make bash
RUN rustup target add wasm32-unknown-unknown
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked cargo install wasm-bindgen-cli
COPY --link --from=organic /organic /organic
WORKDIR /organic
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked make wasm
FROM node:lts-alpine$ALPINE_VERSION AS explorer-build
COPY --link --from=explorer /organic_ast_explorer /organic_ast_explorer
COPY --link --from=organic-build /organic /organic
WORKDIR /organic_ast_explorer
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/npmcache,sharing=locked npm set cache /npmcache && npm install
RUN npm run release
FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS natter-build
RUN apk add --no-cache musl-dev
ADD git@code.fizz.buzz:talexander/natter.git /natter
WORKDIR /natter
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked CARGO_TARGET_DIR=/target cargo build --profile release-lto
FROM alpine:$ALPINE_VERSION AS natter
COPY --link --from=natter-build /target/release-lto/natter /usr/bin/
COPY --link . /source
COPY --link --from=private /homepage_private/static/* /source/static/
COPY --link --from=explorer-build /organic_ast_explorer/dist/* /source/static/organic/ast_explorer/
RUN --network=none --mount=type=tmpfs,target=/tmp natter build --config /source/natter.toml
FROM alpine:$ALPINE_VERSION AS server
RUN apk add --no-cache bash nginx
RUN addgroup web && adduser -D -G web web && install -d -D -o web -g web -m 700 /srv/http/public
@ -12,6 +64,6 @@ RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/
COPY --chown=web:web docker/server/nginx.conf /srv/http
COPY --chown=web:web docker/server/headers.include /srv/http
COPY --from=builder --chown=web:web /source/output/ /srv/http/public/
COPY --from=natter --chown=web:web /source/output/ /srv/http/public/
ENTRYPOINT ["/usr/sbin/nginx", "-c", "/srv/http/nginx.conf", "-e", "stderr", "-g", "daemon off;"]

2
docker/server/Makefile
View File

@ -21,7 +21,7 @@ help:
.PHONY: build
build: ## Build the docker image.
> docker build --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../
> docker build --ssh default --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../
.PHONY: push
push: ## Push the docker image to a remote repository.

3
docker/server/nginx.conf
View File

@ -31,6 +31,9 @@ http {
root /srv/http/public;
location / {
try_files $uri $uri/ =404;
autoindex on;
index index.html index.htm;
if (-d $request_filename) {
rewrite [^/]$ $http_x_forwarded_proto://$http_host$uri/ redirect;