summaryrefslogtreecommitdiffstats
path: root/docker
diff options
context:
space:
mode:
Diffstat (limited to 'docker')
-rw-r--r--docker/builder-go.dockerfile16
-rw-r--r--docker/debian-base.dockerfile72
-rw-r--r--docker/docker-compose-dev.yml14
-rw-r--r--docker/dockerfile114
-rw-r--r--docker/etc/nscd.conf90
-rw-r--r--docker/etc/sudoers31
6 files changed, 337 insertions, 0 deletions
diff --git a/docker/builder-go.dockerfile b/docker/builder-go.dockerfile
new file mode 100644
index 0000000..1d25843
--- /dev/null
+++ b/docker/builder-go.dockerfile
@@ -0,0 +1,16 @@
+############################################
+# Build in Golang
+# Run npm run build-healthcheck-armv7 in the host first, another it will be super slow where it is building the armv7 healthcheck
+############################################
+FROM golang:1.19-buster
+WORKDIR /app
+ARG TARGETPLATFORM
+COPY ./extra/ ./extra/
+
+# Compile healthcheck.go
+RUN apt update && \
+ apt --yes --no-install-recommends install curl && \
+ curl -sL https://deb.nodesource.com/setup_18.x | bash && \
+ apt --yes --no-install-recommends install nodejs && \
+ node ./extra/build-healthcheck.js $TARGETPLATFORM && \
+ apt --yes remove nodejs
diff --git a/docker/debian-base.dockerfile b/docker/debian-base.dockerfile
new file mode 100644
index 0000000..a171743
--- /dev/null
+++ b/docker/debian-base.dockerfile
@@ -0,0 +1,72 @@
+# Download Apprise deb package
+FROM node:20-bookworm-slim AS download-apprise
+WORKDIR /app
+COPY ./extra/download-apprise.mjs ./download-apprise.mjs
+RUN apt update && \
+ apt --yes --no-install-recommends install curl && \
+ npm install cheerio semver && \
+ node ./download-apprise.mjs
+
+# Base Image (Slim)
+# If the image changed, the second stage image should be changed too
+FROM node:20-bookworm-slim AS base2-slim
+ARG TARGETPLATFORM
+
+# Specify --no-install-recommends to skip unused dependencies, make the base much smaller!
+# sqlite3 = for debugging
+# iputils-ping = for ping
+# util-linux = for setpriv (Should be dropped in 2.0.0?)
+# dumb-init = avoid zombie processes (#480)
+# curl = for debugging
+# ca-certificates = keep the cert up-to-date
+# sudo = for start service nscd with non-root user
+# nscd = for better DNS caching
+RUN apt update && \
+ apt --yes --no-install-recommends install \
+ sqlite3 \
+ ca-certificates \
+ iputils-ping \
+ util-linux \
+ dumb-init \
+ curl \
+ sudo \
+ nscd && \
+ rm -rf /var/lib/apt/lists/* && \
+ apt --yes autoremove
+
+# apprise = for notifications (Install from the deb package, as the stable one is too old) (workaround for #4867)
+# Switching to testing repo is no longer working, as the testing repo is not bookworm anymore.
+# python3-paho-mqtt (#4859)
+# TODO: no idea how to delete the deb file after installation as it becomes a layer already
+COPY --from=download-apprise /app/apprise.deb ./apprise.deb
+RUN apt update && \
+ apt --yes --no-install-recommends install ./apprise.deb python3-paho-mqtt && \
+ rm -rf /var/lib/apt/lists/* && \
+ rm -f apprise.deb && \
+ apt --yes autoremove
+
+# Install cloudflared
+RUN curl https://pkg.cloudflare.com/cloudflare-main.gpg --output /usr/share/keyrings/cloudflare-main.gpg && \
+ echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared bullseye main' | tee /etc/apt/sources.list.d/cloudflared.list && \
+ apt update && \
+ apt install --yes --no-install-recommends -t stable cloudflared && \
+ cloudflared version && \
+ rm -rf /var/lib/apt/lists/* && \
+ apt --yes autoremove
+
+# For nscd
+COPY ./docker/etc/nscd.conf /etc/nscd.conf
+COPY ./docker/etc/sudoers /etc/sudoers
+
+
+# Full Base Image
+# MariaDB, Chromium and fonts
+# Make sure to reuse the slim image here. Uncomment the above line if you want to build it from scratch.
+# FROM base2-slim AS base2
+FROM louislam/uptime-kuma:base2-slim AS base2
+ENV UPTIME_KUMA_ENABLE_EMBEDDED_MARIADB=1
+RUN apt update && \
+ apt --yes --no-install-recommends install chromium fonts-indic fonts-noto fonts-noto-cjk mariadb-server && \
+ rm -rf /var/lib/apt/lists/* && \
+ apt --yes autoremove && \
+ chown -R node:node /var/lib/mysql
diff --git a/docker/docker-compose-dev.yml b/docker/docker-compose-dev.yml
new file mode 100644
index 0000000..c66b24b
--- /dev/null
+++ b/docker/docker-compose-dev.yml
@@ -0,0 +1,14 @@
+version: '3.8'
+
+services:
+ uptime-kuma:
+ container_name: uptime-kuma-dev
+ image: louislam/uptime-kuma:nightly2
+ volumes:
+ #- ./data:/app/data
+ - ../server:/app/server
+ - ../db:/app/db
+ ports:
+ - "3001:3001" # <Host Port>:<Container Port>
+ - "3307:3306"
+
diff --git a/docker/dockerfile b/docker/dockerfile
new file mode 100644
index 0000000..d55f94f
--- /dev/null
+++ b/docker/dockerfile
@@ -0,0 +1,114 @@
+ARG BASE_IMAGE=louislam/uptime-kuma:base2
+
+############################################
+# Build in Golang
+# Run npm run build-healthcheck-armv7 in the host first, otherwise it will be super slow where it is building the armv7 healthcheck
+# Check file: builder-go.dockerfile
+############################################
+FROM louislam/uptime-kuma:builder-go AS build_healthcheck
+
+############################################
+# Build in Node.js
+############################################
+FROM louislam/uptime-kuma:base2 AS build
+USER node
+WORKDIR /app
+
+ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1
+COPY --chown=node:node .npmrc .npmrc
+COPY --chown=node:node package.json package.json
+COPY --chown=node:node package-lock.json package-lock.json
+RUN npm ci --omit=dev
+COPY . .
+COPY --chown=node:node --from=build_healthcheck /app/extra/healthcheck /app/extra/healthcheck
+RUN mkdir ./data
+
+############################################
+# ⭐ Main Image
+############################################
+FROM $BASE_IMAGE AS release
+WORKDIR /app
+
+LABEL org.opencontainers.image.source="https://github.com/louislam/uptime-kuma"
+
+ENV UPTIME_KUMA_IS_CONTAINER=1
+
+# Copy app files from build layer
+COPY --chown=node:node --from=build /app /app
+
+EXPOSE 3001
+HEALTHCHECK --interval=60s --timeout=30s --start-period=180s --retries=5 CMD extra/healthcheck
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]
+CMD ["node", "server/server.js"]
+
+############################################
+# Rootless Image
+############################################
+FROM release AS rootless
+USER node
+
+############################################
+# Mark as Nightly
+############################################
+FROM release AS nightly
+RUN npm run mark-as-nightly
+
+FROM nightly AS nightly-rootless
+USER node
+
+############################################
+# Build an image for testing pr
+############################################
+FROM louislam/uptime-kuma:base2 AS pr-test2
+WORKDIR /app
+ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1
+
+## Install Git
+RUN apt update \
+ && apt --yes --no-install-recommends install curl \
+ && curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \
+ && chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
+ && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
+ && apt update \
+ && apt --yes --no-install-recommends install git
+
+## Empty the directory, because we have to clone the Git repo.
+RUN rm -rf ./* && chown node /app
+
+USER node
+RUN git config --global user.email "no-reply@no-reply.com"
+RUN git config --global user.name "PR Tester"
+RUN git clone https://github.com/louislam/uptime-kuma.git .
+RUN npm ci
+
+EXPOSE 3000 3001
+HEALTHCHECK --interval=60s --timeout=30s --start-period=180s --retries=5 CMD extra/healthcheck
+CMD ["npm", "run", "start-pr-test"]
+
+############################################
+# Upload the artifact to Github
+############################################
+FROM louislam/uptime-kuma:base2 AS upload-artifact
+WORKDIR /
+RUN apt update && \
+ apt --yes install curl file
+
+COPY --from=build /app /app
+
+ARG VERSION
+ARG GITHUB_TOKEN
+ARG TARGETARCH
+ARG PLATFORM=debian
+ARG FILE=$PLATFORM-$TARGETARCH-$VERSION.tar.gz
+ARG DIST=dist.tar.gz
+
+RUN chmod +x /app/extra/upload-github-release-asset.sh
+
+# Full Build
+# RUN tar -zcvf $FILE app
+# RUN /app/extra/upload-github-release-asset.sh github_api_token=$GITHUB_TOKEN owner=louislam repo=uptime-kuma tag=$VERSION filename=$FILE
+
+# Dist only
+RUN cd /app && tar -zcvf $DIST dist
+RUN /app/extra/upload-github-release-asset.sh github_api_token=$GITHUB_TOKEN owner=louislam repo=uptime-kuma tag=$VERSION filename=/app/$DIST
+
diff --git a/docker/etc/nscd.conf b/docker/etc/nscd.conf
new file mode 100644
index 0000000..18b92bf
--- /dev/null
+++ b/docker/etc/nscd.conf
@@ -0,0 +1,90 @@
+#
+# /etc/nscd.conf
+#
+# An example Name Service Cache config file. This file is needed by nscd.
+#
+# Legal entries are:
+#
+# logfile <file>
+# debug-level <level>
+# threads <initial #threads to use>
+# max-threads <maximum #threads to use>
+# server-user <user to run server as instead of root>
+# server-user is ignored if nscd is started with -S parameters
+# stat-user <user who is allowed to request statistics>
+# reload-count unlimited|<number>
+# paranoia <yes|no>
+# restart-interval <time in seconds>
+#
+# enable-cache <service> <yes|no>
+# positive-time-to-live <service> <time in seconds>
+# negative-time-to-live <service> <time in seconds>
+# suggested-size <service> <prime number>
+# check-files <service> <yes|no>
+# persistent <service> <yes|no>
+# shared <service> <yes|no>
+# max-db-size <service> <number bytes>
+# auto-propagate <service> <yes|no>
+#
+# Currently supported cache names (services): passwd, group, hosts, services
+#
+
+
+# logfile /var/log/nscd.log
+# threads 4
+# max-threads 32
+# server-user node
+# stat-user somebody
+ debug-level 0
+# reload-count 5
+ paranoia no
+# restart-interval 3600
+
+ enable-cache passwd no
+ positive-time-to-live passwd 600
+ negative-time-to-live passwd 20
+ suggested-size passwd 211
+ check-files passwd yes
+ persistent passwd yes
+ shared passwd yes
+ max-db-size passwd 33554432
+ auto-propagate passwd yes
+
+ enable-cache group no
+ positive-time-to-live group 3600
+ negative-time-to-live group 60
+ suggested-size group 211
+ check-files group yes
+ persistent group yes
+ shared group yes
+ max-db-size group 33554432
+ auto-propagate group yes
+
+ enable-cache hosts yes
+ positive-time-to-live hosts 3600
+ negative-time-to-live hosts 20
+ suggested-size hosts 211
+ check-files hosts yes
+ persistent hosts yes
+# Set shared to "no" to display stats in `nscd -g`
+# Read more: https://stackoverflow.com/questions/40429245/nscdcentos7curl-0-dns-cache-hit-rate
+ shared hosts no
+ max-db-size hosts 33554432
+
+ enable-cache services no
+ positive-time-to-live services 28800
+ negative-time-to-live services 20
+ suggested-size services 211
+ check-files services yes
+ persistent services yes
+ shared services yes
+ max-db-size services 33554432
+
+ enable-cache netgroup no
+ positive-time-to-live netgroup 28800
+ negative-time-to-live netgroup 20
+ suggested-size netgroup 211
+ check-files netgroup yes
+ persistent netgroup yes
+ shared netgroup yes
+ max-db-size netgroup 33554432
diff --git a/docker/etc/sudoers b/docker/etc/sudoers
new file mode 100644
index 0000000..07aa4d8
--- /dev/null
+++ b/docker/etc/sudoers
@@ -0,0 +1,31 @@
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Please consider adding local content in /etc/sudoers.d/ instead of
+# directly modifying this file.
+#
+# See the man page for details on how to write a sudoers file.
+#
+Defaults env_reset
+Defaults mail_badpass
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root ALL=(ALL:ALL) ALL
+
+# Allow members of group sudo to execute any command
+%sudo ALL=(ALL:ALL) ALL
+
+# See sudoers(5) for more information on "#include" directives:
+
+#includedir /etc/sudoers.d
+
+# Allow `node` to control service (mainly for nscd)
+node ALL=(root) NOPASSWD: /usr/sbin/nscdservice
+node ALL=(root) NOPASSWD: /usr/sbin/service