From bc31b51afb379830d89e02a38fc4c50b7ba6fea0 Mon Sep 17 00:00:00 2001 From: Eric Nemchik Date: Sat, 23 Dec 2023 16:12:03 -0600 Subject: [PATCH 1/2] Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate Signed-off-by: Eric Nemchik --- Dockerfile | 66 +++++++++++++++++++++--------------------- Dockerfile.aarch64 | 66 +++++++++++++++++++++--------------------- README.md | 7 +++-- readme-vars.yml | 5 ++-- root/etc/crontabs/root | 6 ++++ 5 files changed, 79 insertions(+), 71 deletions(-) diff --git a/Dockerfile b/Dockerfile index eea3d74..f9a64fa 100755 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 -FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.18 +FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.19 # set version label ARG BUILD_DATE @@ -45,39 +45,39 @@ RUN \ nginx-mod-stream \ nginx-mod-stream-geoip2 \ nginx-vim \ - php82-bcmath \ - php82-bz2 \ - php82-dom \ - php82-exif \ - php82-ftp \ - php82-gd \ - php82-gmp \ - php82-imap \ - php82-intl \ - php82-ldap \ - php82-mysqli \ - php82-mysqlnd \ - php82-opcache \ - php82-pdo_mysql \ - php82-pdo_odbc \ - php82-pdo_pgsql \ - php82-pdo_sqlite \ - php82-pear \ - php82-pecl-apcu \ - php82-pecl-memcached \ - php82-pecl-redis \ - php82-pgsql \ - php82-posix \ - php82-soap \ - php82-sockets \ - php82-sodium \ - php82-sqlite3 \ - php82-tokenizer \ - php82-xmlreader \ - php82-xsl \ + php83-bcmath \ + php83-bz2 \ + php83-dom \ + php83-exif \ + php83-ftp \ + php83-gd \ + php83-gmp \ + php83-imap \ + php83-intl \ + php83-ldap \ + php83-mysqli \ + php83-mysqlnd \ + php83-opcache \ + php83-pdo_mysql \ + php83-pdo_odbc \ + php83-pdo_pgsql \ + php83-pdo_sqlite \ + php83-pear \ + php83-pecl-apcu \ + php83-pecl-memcached \ + php83-pecl-redis \ + php83-pgsql \ + php83-posix \ + php83-soap \ + php83-sockets \ + php83-sodium \ + php83-sqlite3 \ + php83-tokenizer \ + php83-xmlreader \ + php83-xsl \ whois && \ apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \ - php82-pecl-mcrypt && \ + php83-pecl-mcrypt && \ echo "**** install certbot plugins ****" && \ if [ -z ${CERTBOT_VERSION+x} ]; then \ CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \ @@ -86,7 +86,7 @@ RUN \ pip install -U --no-cache-dir \ pip \ wheel && \ - pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \ + pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.19/ \ certbot==${CERTBOT_VERSION} \ certbot-dns-acmedns \ certbot-dns-aliyun \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index b183d89..0279e4f 100755 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -1,6 +1,6 @@ # syntax=docker/dockerfile:1 -FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.18 +FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.19 # set version label ARG BUILD_DATE @@ -45,39 +45,39 @@ RUN \ nginx-mod-stream \ nginx-mod-stream-geoip2 \ nginx-vim \ - php82-bcmath \ - php82-bz2 \ - php82-dom \ - php82-exif \ - php82-ftp \ - php82-gd \ - php82-gmp \ - php82-imap \ - php82-intl \ - php82-ldap \ - php82-mysqli \ - php82-mysqlnd \ - php82-opcache \ - php82-pdo_mysql \ - php82-pdo_odbc \ - php82-pdo_pgsql \ - php82-pdo_sqlite \ - php82-pear \ - php82-pecl-apcu \ - php82-pecl-memcached \ - php82-pecl-redis \ - php82-pgsql \ - php82-posix \ - php82-soap \ - php82-sockets \ - php82-sodium \ - php82-sqlite3 \ - php82-tokenizer \ - php82-xmlreader \ - php82-xsl \ + php83-bcmath \ + php83-bz2 \ + php83-dom \ + php83-exif \ + php83-ftp \ + php83-gd \ + php83-gmp \ + php83-imap \ + php83-intl \ + php83-ldap \ + php83-mysqli \ + php83-mysqlnd \ + php83-opcache \ + php83-pdo_mysql \ + php83-pdo_odbc \ + php83-pdo_pgsql \ + php83-pdo_sqlite \ + php83-pear \ + php83-pecl-apcu \ + php83-pecl-memcached \ + php83-pecl-redis \ + php83-pgsql \ + php83-posix \ + php83-soap \ + php83-sockets \ + php83-sodium \ + php83-sqlite3 \ + php83-tokenizer \ + php83-xmlreader \ + php83-xsl \ whois && \ apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \ - php82-pecl-mcrypt && \ + php83-pecl-mcrypt && \ echo "**** install certbot plugins ****" && \ if [ -z ${CERTBOT_VERSION+x} ]; then \ CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \ @@ -86,7 +86,7 @@ RUN \ pip install -U --no-cache-dir \ pip \ wheel && \ - pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \ + pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.19/ \ certbot==${CERTBOT_VERSION} \ certbot-dns-acmedns \ certbot-dns-aliyun \ diff --git a/README.md b/README.md index 0168cf0..96d68d2 100644 --- a/README.md +++ b/README.md @@ -180,7 +180,7 @@ services: - EXTRA_DOMAINS= #optional - STAGING=false #optional volumes: - - /path/to/appdata/config:/config + - /path/to/swag/config:/config ports: - 443:443 - 80:80 #optional @@ -208,7 +208,7 @@ docker run -d \ -e STAGING=false `#optional` \ -p 443:443 \ -p 80:80 `#optional` \ - -v /path/to/appdata/config:/config \ + -v /path/to/swag/config:/config \ --restart unless-stopped \ lscr.io/linuxserver/swag:latest ``` @@ -234,7 +234,7 @@ Containers are configured using parameters passed at runtime (such as those abov | `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` | | `-e EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org` | | `-e STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. | -| `-v /config` | All the config files including the webroot reside here. | +| `-v /config` | Persistent config files | ### Portainer notice @@ -416,6 +416,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **23.12.23:** - Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate. * **11.12.23:** - Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins. * **30.11.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404. * **23.11.23:** - Run certbot as root to allow fix http validation. diff --git a/readme-vars.yml b/readme-vars.yml index 01f7830..3810aa3 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -34,7 +34,7 @@ param_env_vars: - { env_var: "VALIDATION", env_value: "http", desc: "Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set)." } param_usage_include_vols: true param_volumes: - - { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "All the config files including the webroot reside here." } + - { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" } param_usage_include_ports: true param_ports: - { external_port: "443", internal_port: "443", port_desc: "Https port" } @@ -58,7 +58,7 @@ opt_param_env_vars: - { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." } opt_param_usage_include_vols: false opt_param_volumes: - - { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Configuration files." } + - { vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/config", desc: "Persistent config files" } opt_param_usage_include_ports: true opt_param_ports: - { external_port: "80", internal_port: "80", port_desc: "Http port (required for http validation and http -> https redirect)" } @@ -168,6 +168,7 @@ app_setup_block: | # changelog changelogs: + - { date: "23.12.23:", desc: "Rebase to Alpine 3.19 with php 8.3, add root periodic crontabs for logrotate." } - { date: "11.12.23:", desc: "Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins." } - { date: "30.11.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404." } - { date: "23.11.23:", desc: "Run certbot as root to allow fix http validation." } diff --git a/root/etc/crontabs/root b/root/etc/crontabs/root index a9909e3..15de5f7 100644 --- a/root/etc/crontabs/root +++ b/root/etc/crontabs/root @@ -1,2 +1,8 @@ # min hour day month weekday command +*/15 * * * * run-parts /etc/periodic/15min +0 * * * * run-parts /etc/periodic/hourly +0 2 * * * run-parts /etc/periodic/daily +0 3 * * 6 run-parts /etc/periodic/weekly +0 5 1 * * run-parts /etc/periodic/monthly + 8 2 * * * /app/le-renew.sh >> /config/log/letsencrypt/letsencrypt.log 2>&1 From 24b3540da5ccf5b6e1d4724eb06ea96b49889a6c Mon Sep 17 00:00:00 2001 From: Eric Nemchik Date: Sat, 23 Dec 2023 16:18:56 -0600 Subject: [PATCH 2/2] Fix php83-pecl-mcrypt Signed-off-by: Eric Nemchik --- Dockerfile | 2 +- Dockerfile.aarch64 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index f9a64fa..c2a95e4 100755 --- a/Dockerfile +++ b/Dockerfile @@ -76,7 +76,7 @@ RUN \ php83-xmlreader \ php83-xsl \ whois && \ - apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \ + apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \ php83-pecl-mcrypt && \ echo "**** install certbot plugins ****" && \ if [ -z ${CERTBOT_VERSION+x} ]; then \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 0279e4f..8f961b5 100755 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -76,7 +76,7 @@ RUN \ php83-xmlreader \ php83-xsl \ whois && \ - apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community \ + apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \ php83-pecl-mcrypt && \ echo "**** install certbot plugins ****" && \ if [ -z ${CERTBOT_VERSION+x} ]; then \