Compare commits

..

No commits in common. "main" and "v1.19.2-5" have entirely different histories.

8 changed files with 65 additions and 77 deletions

View File

@ -28,11 +28,12 @@ platform:
steps:
- name: dryrun
image: thegeeklab/drone-docker-buildx:23
image: thegeeklab/drone-docker-buildx:20
settings:
build_args:
- BUILD_VERSION=${DRONE_TAG%-*}
dockerfile: Dockerfile
dry_run: true
provenance: false
repo: thegeeklab/${DRONE_REPO_NAME}
when:
ref:
@ -69,12 +70,13 @@ steps:
- changelog-generate
- name: publish-dockerhub
image: thegeeklab/drone-docker-buildx:23
image: thegeeklab/drone-docker-buildx:20
settings:
build_args:
- BUILD_VERSION=${DRONE_TAG%-*}
dockerfile: Dockerfile
password:
from_secret: docker_password
provenance: false
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
@ -86,12 +88,13 @@ steps:
- changelog-format
- name: publish-quay
image: thegeeklab/drone-docker-buildx:23
image: thegeeklab/drone-docker-buildx:20
settings:
build_args:
- BUILD_VERSION=${DRONE_TAG%-*}
dockerfile: Dockerfile
password:
from_secret: quay_password
provenance: false
registry: quay.io
repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
username:
@ -173,7 +176,7 @@ steps:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
template: "Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}"
template: "Status: **{{ build.Status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.Link }}){{#if build.Branch}} ({{ build.Branch }}){{/if}} by {{ commit.Author }}<br/> Message: {{ commit.Message.Title }}"
username:
from_secret: matrix_username
when:
@ -194,6 +197,6 @@ depends_on:
---
kind: signature
hmac: cba07850e21c648f8558e69aa7e5a561ef473fe2a3a7890bf308a57c73ea0343
hmac: 07c057dfd06b861ee2213ff0f86e517c52aea018985cd84d90c69c7d21483116
...

View File

@ -1,4 +1,4 @@
FROM thegeeklab/nginx:latest@sha256:72ffd57b6b89013f6b4c6a8a97728120df1dfac0d66b2164e0aacba21ee87380
FROM thegeeklab/nginx:latest@sha256:513f14c0fd3f5dadf02205ebf4d75b30d204df5df21e2fe0b0f1599f58f3fe85
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
@ -10,24 +10,24 @@ LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/docker/fre
ARG BUILD_VERSION
# renovate: datasource=github-releases depName=FreshRSS/FreshRSS
ENV FRESHRSS_VERSION="${BUILD_VERSION:-1.21.0}"
ENV FRESHRSS_VERSION="${BUILD_VERSION:-1.19.2}"
ADD overlay/ /
RUN apk --update add --virtual .build-deps tar curl && \
apk --update add php81 php81-curl php81-fpm php81-gmp php81-intl php81-mbstring php81-xml \
php81-zip php81-ctype php81-dom php81-fileinfo php81-iconv php81-json php81-opcache php81-phar \
php81-session php81-simplexml php81-xmlreader php81-xmlwriter php81-tokenizer php81-zlib \
php81-openssl php81-pdo_sqlite php81-pdo_mysql php81-pdo_pgsql && \
apk --update add php8 php8-curl php8-fpm php8-gmp php8-intl php8-mbstring php8-xml \
php8-zip php8-ctype php8-dom php8-fileinfo php8-iconv php8-json php8-opcache php8-phar \
php8-session php8-simplexml php8-xmlreader php8-xmlwriter php8-tokenizer php8-zlib \
php8-pdo_sqlite php8-pdo_mysql php8-pdo_pgsql && \
rm -rf /var/www/localhost && \
rm -f /etc/php81/php-fpm.d/www.conf && \
rm -f /etc/php8/php-fpm.d/www.conf && \
mkdir -p /var/www/app && \
mkdir /var/www/.postgresql && \
FRESHRSS_VERSION="${FRESHRSS_VERSION##v}" && \
echo "Installing FreshRSS version '${FRESHRSS_VERSION}' ..." && \
curl -SsfL "https://github.com/FreshRSS/FreshRSS/archive/${FRESHRSS_VERSION}.tar.gz" | \
curl -SsL "https://github.com/FreshRSS/FreshRSS/archive/${FRESHRSS_VERSION}.tar.gz" | \
tar xz -C /var/www/app/ -X /.tarignore --strip-components=1 && \
curl -SsfL -o /etc/php81/browscap.ini https://browscap.org/stream?q=Lite_PHP_BrowsCapINI && \
curl -SsL -o /etc/php8/browscap.ini https://browscap.org/stream?q=Lite_PHP_BrowsCapINI && \
apk del .build-deps && \
rm -rf /var/cache/apk/* && \
rm -rf /tmp/* && \
@ -37,7 +37,7 @@ RUN apk --update add --virtual .build-deps tar curl && \
mkdir -p /var/lib/php/soap_cache && \
mkdir -p /var/lib/php/session && \
chown -R nginx /var/lib/php && \
chown nginx /etc/php81/php.ini && \
chown nginx /etc/php8/php.ini && \
chown -R nginx:nginx /var/www/.postgresql && \
chown -R nginx:nginx /var/www/app
@ -51,5 +51,6 @@ USER nginx
STOPSIGNAL SIGTERM
ENTRYPOINT ["/usr/local/bin/entrypoint"]
HEALTHCHECK --interval=30s --timeout=5s --retries=3 CMD /usr/local/bin/healthcheck
WORKDIR /var/www/app
CMD []

View File

@ -48,6 +48,7 @@ FRESHRSS_BASE_URL="http://localhost/"
FRESHRSS_LANGUAGE="en"
FRESHRSS_TITLE="FreshRSS"
FRESHRSS_META_DESCRIPTION=
FRESHRSS_DEFAULT_USER="_"
FRESHRSS_ALLOW_ANONYMOUS="false"
FRESHRSS_ALLOW_ANONYMOUS_REFRESH="false"
FRESHRSS_AUTH_TYPE="form"
@ -79,8 +80,6 @@ FRESHRSS_DB_BASE=
FRESHRSS_DB_PREFIX="freshrss_"
## comma-seperated string, extensions must be installed!
FRESHRSS_EXTENSIONS_ENABLED="Tumblr-GDPR"
## comma-seperated string
FRESHRSS_TRUSTED_SOURCES=127.0.0.0/8,::1/128
```
### PHP

View File

@ -7,16 +7,16 @@ return array(
'language' => '{{ getenv "FRESHRSS_LANGUAGE" "en" }}',
'title' => '{{ getenv "FRESHRSS_TITLE" "FreshRSS" }}',
'meta_description' => '{{ getenv "FRESHRSS_META_DESCRIPTION" }}',
'default_user' => '{{ getenv "FRESHRSS_DEFAULT_USER" "admin" }}',
'allow_anonymous' => {{ getenv "FRESHRSS_ALLOW_ANONYMOUS" "false" | conv.ToBool }},
'allow_anonymous_refresh' => {{ getenv "FRESHRSS_ALLOW_ANONYMOUS_REFRESH" "false" | conv.ToBool }},
'default_user' => '{{ getenv "FRESHRSS_DEFAULT_USER" "_" }}',
'allow_anonymous' => {{ getenv "FRESHRSS_ALLOW_ANONYMOUS" "false" }},
'allow_anonymous_refresh' => {{ getenv "FRESHRSS_ALLOW_ANONYMOUS_REFRESH" "false" }},
'auth_type' => '{{ getenv "FRESHRSS_AUTH_TYPE" "form" }}',
'api_enabled' => {{ getenv "FRESHRSS_API_ENABLED" "false" | conv.ToBool }},
'unsafe_autologin_enabled' => {{ getenv "FRESHRSS_UNSAFE_AUTOLOGIN_ENABLED" "false" | conv.ToBool }},
'simplepie_syslog_enabled' => {{ getenv "FRESHRSS_SIMPLEPIE_SYSLOG_ENABLED" "true" | conv.ToBool }},
'pubsubhubbub_enabled' => {{ getenv "FRESHRSS_PUBSUBHUBBUB_ENABLED" "false" | conv.ToBool }},
'allow_robots' => {{ getenv "FRESHRSS_ALLOW_ROBOTS" "false" | conv.ToBool }},
'allow_referrer' => {{ getenv "FRESHRSS_ALLOW_REFERRER" "false" | conv.ToBool }},
'api_enabled' => {{ getenv "FRESHRSS_API_ENABLED" "false" }},
'unsafe_autologin_enabled' => {{ getenv "FRESHRSS_UNSAFE_AUTOLOGIN_ENABLED" "false" }},
'simplepie_syslog_enabled' => {{ getenv "FRESHRSS_SIMPLEPIE_SYSLOG_ENABLED" "true" }},
'pubsubhubbub_enabled' => {{ getenv "FRESHRSS_PUBSUBHUBBUB_ENABLED" "false" }},
'allow_robots' => {{ getenv "FRESHRSS_ALLOW_ROBOTS" "false" }},
'allow_referrer' => {{ getenv "FRESHRSS_ALLOW_REFERRER" "false" }},
'limits' => array(
'cookie_duration' => {{ getenv "FRESHRSS_LIMITS_COOKIE_DURATION" "2592000" }},
@ -29,25 +29,25 @@ return array(
),
'curl_options' => array(
{{- if not (getenv "FRESHRSS_CURLOPT_SSL_VERIFYHOST" "true" | conv.ToBool) }}
{{- if not (bool (getenv "FRESHRSS_CURLOPT_SSL_VERIFYHOST" "true")) }}
CURLOPT_SSL_VERIFYHOST => {{ getenv "FRESHRSS_CURLOPT_SSL_VERIFYHOST" }},
{{- end }}
{{- if not (getenv "FRESHRSS_CURLOPT_SSL_VERIFYPEER" "true" | conv.ToBool) }}
{{- if not (bool (getenv "FRESHRSS_CURLOPT_SSL_VERIFYPEER" "true")) }}
CURLOPT_SSL_VERIFYPEER => {{ getenv "FRESHRSS_CURLOPT_SSL_VERIFYPEER" }},
{{- end }}
{{- if not (getenv "FRESHRSS_CURLOPT_PROXYTYPE" "true" | conv.ToBool) }}
{{- if not (bool (getenv "FRESHRSS_CURLOPT_PROXYTYPE" "true")) }}
CURLOPT_PROXYTYPE => {{ getenv "FRESHRSS_CURLOPT_PROXYTYPE" }},
{{- end }}
{{- if not (getenv "FRESHRSS_CURLOPT_PROXY" "true" | conv.ToBool ) }}
{{- if not (bool (getenv "FRESHRSS_CURLOPT_PROXY" "true" )) }}
CURLOPT_PROXY => '{{ getenv "FRESHRSS_CURLOPT_PROXY" }}',
{{- end }}
{{- if not (getenv "FRESHRSS_CURLOPT_PROXYPORT" "true" | conv.ToBool ) }}
{{- if not (bool (getenv "FRESHRSS_CURLOPT_PROXYPORT" "true" )) }}
CURLOPT_PROXYPORT => {{ getenv "FRESHRSS_CURLOPT_PROXYPORT" }},
{{- end }}
{{- if not (getenv "FRESHRSS_CURLOPT_PROXYAUTH" "true" | conv.ToBool ) }}
{{- if not (bool (getenv "FRESHRSS_CURLOPT_PROXYAUTH" "true" )) }}
CURLOPT_PROXYAUTH => {{ getenv "FRESHRSS_CURLOPT_PROXYAUTH" }},
{{- end }}
{{- if not (getenv "FRESHRSS_CURLOPT_PROXYUSERPWD" "true" | conv.ToBool ) }}
{{- if not (bool (getenv "FRESHRSS_CURLOPT_PROXYUSERPWD" "true" )) }}
CURLOPT_PROXYUSERPWD => '{{ getenv "FRESHRSS_CURLOPT_PROXYUSERPWD" }}',
{{- end }}
),
@ -71,10 +71,4 @@ return array(
),
'disable_update' => true,
'trusted_sources' => [
{{- range (getenv "FRESHRSS_TRUSTED_SOURCES" "127.0.0.0/8,::1/128" | strings.Split ",") }}
'{{ . | strings.TrimSpace }}',
{{- end }}
]
);

View File

@ -19,7 +19,7 @@ implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17
open_basedir = "/var/www/app:/var/lib/php/tmp_upload:/var/lib/php/session:/var/lib/php/soap_cache:/tmp"
open_basedir = "/var/www/app:/var/lib/php/tmp_upload:/var/lib/php/session:/var/lib/php/soap_cache"
disable_functions = system, exec, shell_exec, phpinfo, show_source, highlight_file, popen, proc_open, fopen_with_path, dbmopen, dbase_open, move_uploaded_file, chmod, filepro, filepro_rowcount, filepro_retrieve, posix_mkfifo
disable_classes =
@ -86,12 +86,12 @@ default_charset = "UTF-8"
;input_encoding =
;output_encoding =
;include_path = ".:/php81/includes"
;include_path = ".:/php8/includes"
doc_root =
user_dir =
extension_dir = "/usr/lib/php81/modules"
extension_dir = "/usr/lib/php8/modules"
;sys_temp_dir = "/tmp"
enable_dl = Off
@ -250,7 +250,7 @@ pgsql.log_notice = 0
bcmath.scale = 0
[browscap]
browscap = /etc/php81/browscap.ini
browscap = /etc/php8/browscap.ini
[Session]
session.save_handler = files
@ -327,7 +327,7 @@ zend.assertions = -1
;exif.decode_jis_intel = JIS
[Tidy]
;tidy.default_config = /usr/local/lib/php81/default.tcfg
;tidy.default_config = /usr/local/lib/php8/default.tcfg
tidy.clean_output = Off
[soap]

View File

@ -3,7 +3,8 @@
# shellcheck disable=SC1091
. /usr/local/lib/log.sh
/usr/local/bin/gomplate -o /etc/php81/php.ini -f /etc/templates/php.ini.tmpl
/usr/local/bin/gomplate -o /etc/php8/php.ini -f /etc/templates/php.ini.tmpl
/usr/local/bin/gomplate -o /var/www/app/data/config.php -f /etc/templates/config.php.tmpl
/usr/local/bin/gomplate -o /var/www/app/constants.local.php -f /etc/templates/constants.local.php.tmpl
if [ -n "${FRESHRSS_POSTGRES_SSL_ROOTCERT}" ] && [ ! -f "/var/www/.postgresql/root.crt" ]; then
@ -34,28 +35,27 @@ else
exit $EXITCODE
fi
log_info "Ensure default user exists"
ERROR=$(/usr/bin/php ./cli/create-user.php \
--user "${FRESHRSS_DEFAULT_USER:-admin}" \
--password "${FRESHRSS_DEFAULT_PASSWORD:-freshrss}" \
--language "${FRESHRSS_LANGUAGE:-en}" \
2>&1)
EXITCODE=$?
if [ "${FRESHRSS_DEFAULT_USER}" ]; then
log_info "Ensure default user exists"
ERROR=$(/usr/bin/php ./cli/create-user.php \
--user "$FRESHRSS_DEFAULT_USER" \
--password "$FRESHRSS_DEFAULT_PASSWORD" \
--language "${FRESHRSS_LANGUAGE:-en}" \
2>&1)
EXITCODE=$?
if [ $EXITCODE -eq 3 ]; then
log_info "FreshRSS user already exists, skipped"
elif [ $EXITCODE -eq 0 ]; then
log_info "FreshRSS user successfully created"
./cli/list-users.php | xargs -n1 ./cli/actualize-user.php --user "${FRESHRSS_DEFAULT_USER:-admin}"
./cli/access-permissions.sh
else
log_error "FreshRSS error during the creation of a user: ${ERROR}"
exit $EXITCODE
if [ $EXITCODE -eq 3 ]; then
log_info "FreshRSS user already exists, skipped"
elif [ $EXITCODE -eq 0 ]; then
log_info "FreshRSS user successfully created"
./cli/list-users.php | xargs -n1 ./cli/actualize-user.php --user "$FRESHRSS_DEFAULT_USER"
else
log_error "FreshRSS error during the creation of a user: ${ERROR}"
exit $EXITCODE
fi
fi
/usr/local/bin/gomplate -o /var/www/app/data/config.php -f /etc/templates/config.php.tmpl
log_info "Start FreshRSS Server\n"
supercronic /etc/crontabs/nginx &
php-fpm81 -F &
php-fpm8 -F &
exec nginx -g "daemon off;"

View File

@ -1,12 +1,3 @@
#!/usr/bin/env sh
# shellcheck disable=SC3040
set -eo pipefail
if [ "$(gomplate -i '{{ getenv "FRESHRSS_API_ENABLED" "false" | conv.ToBool }}')" = "true" ]; then
(php -r "readfile('http://127.0.0.1:8080/api/fever.php');" | grep -q 'api_version') || exit 1
else
(php -r "readfile('http://127.0.0.1:8080/i/');" | grep -q 'jsonVars') || exit 1
fi
exit 0
(php -r "readfile('http://127.0.0.1:8080/i/');" | grep -q 'jsonVars') || exit 1