🗃️ Updated 🗃️

Dockerfile .env.scripts .gitattributes .gitea/workflows/build.yml .gitignore README.md rootfs/root/docker/setup/00-init.sh rootfs/root/docker/setup/01-system.sh rootfs/root/docker/setup/02-packages.sh rootfs/root/docker/setup/03-files.sh rootfs/root/docker/setup/04-users.sh rootfs/root/docker/setup/05-custom.sh rootfs/root/docker/setup/06-post.sh rootfs/root/docker/setup/07-cleanup.sh rootfs/tmp/etc/opengist/config.yaml rootfs/usr/local/bin/entrypoint.sh rootfs/usr/local/etc/docker/functions/entrypoint.sh rootfs/usr/local/etc/docker/init.d/00-opengist.sh rootfs/usr/local/etc/resolv.conf
2026-06-24 14:01:06 -04:00 · 2026-06-12 05:39:45 -04:00
parent 00be90c1a0
commit bc212ec85c
19 changed files with 1112 additions and 736 deletions
@@ -0,0 +1,86 @@
+name: Build and Push
+
+on:
+  push:
+    branches: [main]
+  schedule:
+    - cron: '0 2 1 * *'
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
+
+      - name: Compute build metadata
+        id: meta
+        run: |
+          echo "build_date=$(date -u +%Y%m%d%H%M)" >> "$GITHUB_OUTPUT"
+          echo "tag_yymm=$(date -u +%y%m)" >> "$GITHUB_OUTPUT"
+          echo "git_commit=${GITHUB_SHA::7}" >> "$GITHUB_OUTPUT"
+          echo "registry_host=$(echo '${{ github.server_url }}' | sed 's|https://||')" >> "$GITHUB_OUTPUT"
+
+      # ── Always: login to Gitea (GITEA_TOKEN is auto-provided) ────────────────
+      - name: Login to Gitea registry
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
+        with:
+          registry: ${{ steps.meta.outputs.registry_host }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITEA_TOKEN }}
+
+      # ── Optional: login to external registry when vars.DOCKER_USERNAME is set ──
+      # vars.DOCKER_REGISTRY defaults to docker.io; set it to push elsewhere.
+      # Login uses vars.DOCKER_USERNAME; secrets.DOCKER_PASSWORD is passed only
+      # via with: and never touches a shell.
+      - name: Login to Docker Hub
+        if: vars.DOCKER_USERNAME != ''
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
+        with:
+          registry: ${{ vars.DOCKER_REGISTRY || 'docker.io' }}
+          username: ${{ vars.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      # ── Build once, push to all logged-in registries ─────────────────────────
+      # Image namespace uses vars.DOCKER_ORG when set, falls back to vars.DOCKER_USERNAME.
+      # yymm tag pushed first; latest pushed last so registries show :latest as current.
+      - name: Build and push
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ steps.meta.outputs.registry_host }}/${{ github.repository }}:${{ steps.meta.outputs.tag_yymm }}
+            ${{ vars.DOCKER_USERNAME != '' && format('{0}/{1}/{2}:{3}', vars.DOCKER_REGISTRY || 'docker.io', vars.DOCKER_ORG || vars.DOCKER_USERNAME, github.event.repository.name, steps.meta.outputs.tag_yymm) || '' }}
+            ${{ steps.meta.outputs.registry_host }}/${{ github.repository }}:latest
+            ${{ vars.DOCKER_USERNAME != '' && format('{0}/{1}/{2}:{3}', vars.DOCKER_REGISTRY || 'docker.io', vars.DOCKER_ORG || vars.DOCKER_USERNAME, github.event.repository.name, 'latest') || '' }}
+          build-args: |
+            BUILD_DATE=${{ steps.meta.outputs.build_date }}
+            GIT_COMMIT=${{ steps.meta.outputs.git_commit }}
+            BUILD_VERSION=${{ steps.meta.outputs.tag_yymm }}
+          annotations: |
+            org.opencontainers.image.created=${{ steps.meta.outputs.build_date }}
+            org.opencontainers.image.version=latest
+            org.opencontainers.image.revision=${{ steps.meta.outputs.git_commit }}
+            org.opencontainers.image.title=${{ github.event.repository.name }}
+            org.opencontainers.image.description=Containerized version of ${{ github.event.repository.name }}
+            org.opencontainers.image.vendor=CasjaysDev
+            org.opencontainers.image.authors=CasjaysDev
+            org.opencontainers.image.licenses=WTFPL
+            org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.vcs-type=Git
+            com.github.containers.toolbox=false