Commit 3caf046c authored by Carlo Landmeter's avatar Carlo Landmeter
Browse files

Initial commit

parents
Pipeline #7822 passed with stages
in 4 minutes and 21 seconds
include:
- project: 'alpine/infra/gitlab-ci-templates'
ref: master
file: '/docker-image.yml'
FROM alpinelinux/mqtt-exec
ENV NQDIR=/tmp
RUN apk --no-cache add lua5.3 lua5.3-lyaml lua5.3-optarg nq git
ADD https://github.com/alpinelinux/alpine-secdb/raw/master/secfixes.lua \
/usr/share/alpine-secdb/
COPY scripts /usr/local/bin
CMD [ "/usr/bin/nq", "generate_secdb.sh" ]
server {
listen 80 default_server;
server_name localhost;
root /var/www/html;
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 192.168.0.0/16;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
location / {
autoindex on;
autoindex_exact_size off;
}
}
version: '3.7'
services:
update:
image: alpinelinux/secdb
build: .
restart: always
environment:
- MQTT_TOPICS=git/aports/#
volumes:
- aports:/root/aports
- htdocs:/var/www/html
nginx:
image: nginx:1-alpine
restart: always
volumes:
- htdocs:/var/www/html
- ./config/nginx.conf:/etc/nginx/conf.d/default.conf:ro
labels:
traefik.enable: "true"
traefik.http.routers.secdb.rule: Host(`secdb.alpinelinux.org`)
traefik.http.routers.secdb.entrypoints: http
traefik.http.routers.secdb.middlewares: redirect
traefik.http.routers.secdb-tls.rule: Host(`secdb.alpinelinux.org`)
traefik.http.routers.secdb-tls.entrypoints: https
traefik.http.routers.secdb-tls.tls: true
traefik.http.middlewares.redirect.redirectscheme.scheme: https
traefik.http.services.secdb.loadbalancer.server.port: 80
networks:
web:
volumes:
aports:
htdocs:
networks:
web:
external: true
#!/bin/sh
set -exuo pipefail
REPOS="main community"
BRANCH=${1##*/}
case $BRANCH in
master) exit 0 ;;
*-stable) RELEASE=v${BRANCH/-stable/} ;;
*) echo "unknown branch: \"$BRANCH\"" ; exit 1 ;;
esac
if [ -d "$HOME/aports/.git" ]; then
git -C "$HOME"/aports pull --quiet
else
git clone --quiet https://git.alpinelinux.org/aports "$HOME"/aports
fi
git -C "$HOME"/aports checkout --quiet "$BRANCH"
for REPO in $REPOS; do
TMPFILE=$(mktemp)
lua5.3 /usr/share/alpine-secdb/secfixes.lua \
--repo "$REPO" --release "$RELEASE" \
"$HOME"/aports/"$REPO"/*/APKBUILD > "$TMPFILE"
lua5.3 /usr/share/alpine-secdb/secfixes.lua --verify "$TMPFILE"
install -D "$TMPFILE" /var/www/html/"$RELEASE"/"$REPO".yaml
rm -f "$TMPFILE"
done
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment