Upload files to "/"

2025-12-23 14:04:11 +01:00 · 2025-12-23 14:04:11 +01:00 · fb8d66c3dd
commit fb8d66c3dd
5 changed files with 214 additions and 0 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,18 @@
+.git
+.gitignore
+
+docker-compose.yml
+Dockerfile
+.dockerignore
+
+build.sh
+
+.env
+
+logs/
+config/
+www/
+
+.DS_Store
+.idea/
+.vscode/
--- a/37
+++ b/37
@ -0,0 +1,37 @@
+FROM nginx:mainline-alpine
+
+ENV PUID=1000 \
+    PGID=1000 \
+    UMASK=022 \
+    LOG_ROTATE_COUNT=7 \
+    LOG_ROTATE_SIZE=10M \
+    CERTBOT_EMAIL="" \
+    CERTBOT_AGREE_TOS="true"
+
+RUN apk add --no-cache \
+    certbot \
+    certbot-nginx \
+    dcron \
+    logrotate \
+    openssl && \
+    \
+    find /usr/lib/python* -name '__pycache__' -type d -exec rm -rf {} + && \
+    find /usr/lib/python* -name '*.pyc' -delete && \
+    find /usr/lib/python* -name '*.pyo' -delete && \
+    rm -rf /usr/share/doc/* /usr/share/man/* && \
+    \
+    rm -f /var/log/nginx/access.log /var/log/nginx/error.log && \
+    touch /var/log/nginx/access.log /var/log/nginx/error.log /var/log/nginx/error_log_stream && \
+    \
+    echo "0 3 * * * certbot renew --nginx --post-hook 'nginx -s reload' >> /var/log/letsencrypt/cron.log 2>&1" >> /etc/crontabs/root && \
+    \
+    cp -r /etc/nginx /etc/nginx.dist
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+EXPOSE 80 443 443/udp
+VOLUME ["/var/www", "/etc/nginx", "/etc/letsencrypt", "/var/log/nginx", "/var/log/letsencrypt"]
+
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["nginx", "-g", "daemon off;"]
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,56 @@
+#!/bin/bash
+
+set -e
+
+DOCKER_USER="blackwhitebear8"
+REPO_NAME="nginx-quic-certbot"
+
+echo "Checking if you are logged in to Docker Hub..."
+if ! docker system info | grep -q "Username"; then
+    echo "Not logged in. Starting 'docker login'..."
+    docker login
+else
+    echo "Logged in as $(docker system info | grep "Username" | awk '{print $2}')"
+fi
+
+echo ""
+read -p "Enter the version/tag (e.g., 1.0.0 or latest): " VERSION
+
+if [ -z "$VERSION" ]; then
+    echo "Error: No version specified. Script aborted."
+    exit 1
+fi
+
+FULL_IMAGE_NAME="$DOCKER_USER/$REPO_NAME:$VERSION"
+
+if ! docker buildx inspect multiarch-builder > /dev/null 2>&1; then
+    echo "Creating new buildx builder 'multiarch-builder'..."
+    docker buildx create --use --name multiarch-builder
+else
+    echo "Using existing builder 'multiarch-builder'..."
+    docker buildx use multiarch-builder
+fi
+
+TAG_ARGS="-t $FULL_IMAGE_NAME"
+
+if [ "$VERSION" != "latest" ]; then
+    echo "Adding extra tag 'latest'..."
+    TAG_ARGS="$TAG_ARGS -t $DOCKER_USER/$REPO_NAME:latest"
+fi
+
+echo ""
+echo "Building and pushing for linux/amd64 and linux/arm64..."
+echo "This may take a while..."
+
+docker buildx build \
+  --platform linux/amd64,linux/arm64 \
+  $TAG_ARGS \
+  --push \
+  .
+
+echo ""
+echo "======================================================="
+echo "Done! Your multi-arch image is now on Docker Hub:"
+echo "$FULL_IMAGE_NAME"
+echo "Architectures: AMD64 & ARM64"
+echo "======================================================="
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,21 @@
+services:
+  nginx-quic-certbot:
+    build: .
+    container_name: nginx-quic-certbot
+    restart: unless-stopped
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Amsterdam
+      - LOG_ROTATE_COUNT=7
+      - LOG_ROTATE_SIZE=10M
+    ports:
+      - "80:80"
+      - "443:443/tcp"
+      - "443:443/udp"
+    volumes:
+      - ./www:/var/www
+      - ./config/nginx:/etc/nginx
+      - ./config/letsencrypt:/etc/letsencrypt
+      - ./logs/nginx:/var/log/nginx
+      - ./logs/letsencrypt:/var/log/letsencrypt
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,82 @@
+#!/bin/sh
+set -e
+
+: "${PUID:=1000}"
+: "${PGID:=1000}"
+: "${UMASK:=022}"
+: "${LOG_ROTATE_COUNT:=7}"
+: "${LOG_ROTATE_SIZE:=10M}"
+
+umask ${UMASK}
+
+CURRENT_UID=$(id -u nginx)
+CURRENT_GID=$(id -g nginx)
+
+if [ "$PUID" != "$CURRENT_UID" ] || [ "$PGID" != "$CURRENT_GID" ]; then
+    echo "[Entrypoint] Switching Nginx PUID:PGID from $CURRENT_UID:$CURRENT_GID to $PUID:$PGID"
+    sed -i "s/^nginx:x:[0-9]*:/nginx:x:$PGID:/" /etc/group
+    sed -i "s/^nginx:x:[0-9]*:[0-9]*:/nginx:x:$PUID:$PGID:/" /etc/passwd
+fi
+
+if [ ! -f /etc/nginx/nginx.conf ]; then
+    echo "[Entrypoint] Nginx config missing. Restoring defaults..."
+    cp -r /etc/nginx.dist/* /etc/nginx/
+fi
+
+echo "[Entrypoint] Configuring Logrotate ($LOG_ROTATE_COUNT files, $LOG_ROTATE_SIZE)..."
+cat <<EOF > /etc/logrotate.d/nginx-certbot
+/var/log/nginx/*.log {
+    daily
+    missingok
+    rotate $LOG_ROTATE_COUNT
+    size $LOG_ROTATE_SIZE
+    compress
+    delaycompress
+    notifempty
+    create 0640 nginx nginx
+    sharedscripts
+    postrotate
+        if [ -f /var/run/nginx.pid ]; then
+            kill -USR1 \`cat /var/run/nginx.pid\`
+        fi
+    endscript
+}
+
+/var/log/letsencrypt/*.log {
+    daily
+    missingok
+    rotate $LOG_ROTATE_COUNT
+    size $LOG_ROTATE_SIZE
+    compress
+    delaycompress
+    notifempty
+}
+EOF
+
+echo "[Entrypoint] Setting permissions for UID $PUID..."
+
+mkdir -p /var/www \
+         /etc/letsencrypt \
+         /var/log/nginx \
+         /var/log/letsencrypt \
+         /var/lib/nginx
+
+chown -R nginx:nginx \
+    /var/www \
+    /etc/nginx \
+    /etc/letsencrypt \
+    /var/log/nginx \
+    /var/log/letsencrypt \
+    /var/lib/nginx
+
+crond -b -l 8
+
+echo "----------------------------------------------------------------"
+echo " Nginx Optimized + Certbot Started"
+echo " User: nginx (UID:${PUID} / GID:${PGID})"
+echo "----------------------------------------------------------------"
+echo " [Config Check]:   nginx -t"
+echo " [Reload Nginx]:   nginx -s reload"
+echo " [Certbot SSL]:    certbot --nginx -d domain.com -m example@email.com --agree-tos -n"
+echo "----------------------------------------------------------------"
+exec "$@"