From 23bdaa15177ce1eac24b92b8d5613d9d1ee06fff Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Tue, 3 Oct 2023 16:34:23 -0400 Subject: [PATCH 1/7] Publish to GitHub Container Registry --- .github/workflows/main.yml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ca9d9a1..0d6c62f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -19,8 +19,10 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Login to Dockerhub - run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin + - name: Login to Docker & GHCR + run: | + echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin + echo "${{ secrets.GHCR_PASSWORD }}" | docker login ghcr.io -u "${{ secrets.GHCR_USERNAME }}" --password-stdin - name: Setup building file structure run: | @@ -35,12 +37,8 @@ jobs: --build-arg VERSION=${{ github.event.release.tag_name }} \ --provenance=false \ --platform linux/amd64,linux/arm64 \ - --tag zoraxydocker/zoraxy:${{ github.event.release.tag_name }} \ - . - - docker buildx build --push \ - --build-arg VERSION=${{ github.event.release.tag_name }} \ - --provenance=false \ - --platform linux/amd64,linux/arm64 \ - --tag zoraxydocker/zoraxy:latest \ + --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:${{ github.event.release.tag_name }} \ + --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:latest \ + --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:${{ steps.get_latest_release_tag.outputs.latest_tag }} \ + --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:latest \ . From 045e66b631b9940fd6477e5a1f5cfbddd17d509a Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Tue, 3 Oct 2023 16:35:10 -0400 Subject: [PATCH 2/7] Revert "Publish to GitHub Container Registry" This reverts commit 23bdaa15177ce1eac24b92b8d5613d9d1ee06fff. --- .github/workflows/main.yml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0d6c62f..ca9d9a1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -19,10 +19,8 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Login to Docker & GHCR - run: | - echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin - echo "${{ secrets.GHCR_PASSWORD }}" | docker login ghcr.io -u "${{ secrets.GHCR_USERNAME }}" --password-stdin + - name: Login to Dockerhub + run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin - name: Setup building file structure run: | @@ -37,8 +35,12 @@ jobs: --build-arg VERSION=${{ github.event.release.tag_name }} \ --provenance=false \ --platform linux/amd64,linux/arm64 \ - --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:${{ github.event.release.tag_name }} \ - --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:latest \ - --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:${{ steps.get_latest_release_tag.outputs.latest_tag }} \ - --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:latest \ + --tag zoraxydocker/zoraxy:${{ github.event.release.tag_name }} \ + . + + docker buildx build --push \ + --build-arg VERSION=${{ github.event.release.tag_name }} \ + --provenance=false \ + --platform linux/amd64,linux/arm64 \ + --tag zoraxydocker/zoraxy:latest \ . From 4d40e0aa38a1eaad292abf29c6e02edfe206ce25 Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Tue, 3 Oct 2023 16:36:53 -0400 Subject: [PATCH 3/7] Publish to GHCR --- .github/workflows/main.yml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ca9d9a1..0d6c62f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -19,8 +19,10 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Login to Dockerhub - run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin + - name: Login to Docker & GHCR + run: | + echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin + echo "${{ secrets.GHCR_PASSWORD }}" | docker login ghcr.io -u "${{ secrets.GHCR_USERNAME }}" --password-stdin - name: Setup building file structure run: | @@ -35,12 +37,8 @@ jobs: --build-arg VERSION=${{ github.event.release.tag_name }} \ --provenance=false \ --platform linux/amd64,linux/arm64 \ - --tag zoraxydocker/zoraxy:${{ github.event.release.tag_name }} \ - . - - docker buildx build --push \ - --build-arg VERSION=${{ github.event.release.tag_name }} \ - --provenance=false \ - --platform linux/amd64,linux/arm64 \ - --tag zoraxydocker/zoraxy:latest \ + --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:${{ github.event.release.tag_name }} \ + --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:latest \ + --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:${{ steps.get_latest_release_tag.outputs.latest_tag }} \ + --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:latest \ . From dbb10644dea3cc456faf8a89b330bd5ba20e4fde Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Sat, 25 Nov 2023 12:14:26 -0500 Subject: [PATCH 4/7] Update to new port --- docker/Dockerfile | 2 +- docker/README.md | 8 ++++---- docker/entrypoint.sh | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 8ffd402..1b00642 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -34,5 +34,5 @@ ENV ARGS="-noauth=false" ENTRYPOINT ["/opt/zoraxy/entrypoint.sh"] -HEALTHCHECK --interval=5s --timeout=5s --retries=2 CMD nc -vz 127.0.0.1 8000 || exit 1 +HEALTHCHECK --interval=5s --timeout=5s --retries=2 CMD nc -vz 127.0.0.1 5487 || exit 1 diff --git a/docker/README.md b/docker/README.md index beaaea4..2e07b88 100644 --- a/docker/README.md +++ b/docker/README.md @@ -25,7 +25,7 @@ services: ports: - 80:80 - 443:443 - - (external):8000 + - (external):5487 volumes: - (path to storage directory):/opt/zoraxy/config/ environment: @@ -39,12 +39,12 @@ services: | `-p (ports)` | Yes | Depending on how your network is setup, you may need to portforward 80, 443, and the management port. | | `-v (path to storage directory):/opt/zoraxy/config/` | Recommend | Sets the folder that holds your files. This should be the place you just chose. By default, it will create a Docker volume for the files for persistency but they will not be accessible. | | `-e ARGS='(your arguments)'` | No | Sets the arguments to run Zoraxy with. Enter them as you would normally. By default, it is ran with `-noauth=false` but you cannot change the management port. This is required for the healthcheck to work. | -| `zoraxydocker/zoraxy:latest` | Yes | The repository on Docker hub. By default, it is the latest version that I have published. | +| `zoraxydocker/zoraxy:latest` | Yes | The repository on Docker hub. By default, it is the latest version that is published. | ## Examples:
### Docker Run
``` -docker run -d --name zoraxy -p 80:80 -p 443:443 -p 8005:8000/tcp -v /home/docker/Containers/Zoraxy:/opt/zoraxy/config/ -e ARGS='-noauth=false' zoraxydocker/zoraxy:latest +docker run -d --name zoraxy -p 80:80 -p 443:443 -p 5487:5487/tcp -v /home/docker/Containers/Zoraxy:/opt/zoraxy/config/ -e ARGS='-noauth=false' zoraxydocker/zoraxy:latest ``` ### Docker Compose
@@ -57,7 +57,7 @@ services: ports: - 80:80 - 443:443 - - 8005:8000/tcp + - 5487:5487/tcp volumes: - /home/docker/Containers/Zoraxy:/opt/zoraxy/config/ environment: diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index cc51aff..c8159b4 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -1,4 +1,4 @@ #!/usr/bin/env bash echo "Zoraxy version $VERSION" -zoraxy -port=:8000 ${ARGS} +zoraxy -port=:5487 ${ARGS} From ffad2cab81a74e0a127e25e7657fd902640ff734 Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Sat, 25 Nov 2023 12:15:25 -0500 Subject: [PATCH 5/7] Comment out GHCR --- .github/workflows/main.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0d6c62f..419d50a 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -22,7 +22,7 @@ jobs: - name: Login to Docker & GHCR run: | echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin - echo "${{ secrets.GHCR_PASSWORD }}" | docker login ghcr.io -u "${{ secrets.GHCR_USERNAME }}" --password-stdin + #echo "${{ secrets.GHCR_PASSWORD }}" | docker login ghcr.io -u "${{ secrets.GHCR_USERNAME }}" --password-stdin - name: Setup building file structure run: | @@ -39,6 +39,7 @@ jobs: --platform linux/amd64,linux/arm64 \ --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:${{ github.event.release.tag_name }} \ --tag ${{ secrets.DOCKER_USERNAME }}/zoraxy:latest \ - --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:${{ steps.get_latest_release_tag.outputs.latest_tag }} \ - --tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:latest \ + # Since this is still undetermined, I will leave it commented + #--tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:${{ steps.get_latest_release_tag.outputs.latest_tag }} \ + #--tag ghcr.io/${{ secrets.GHCR_USERNAME }}/zoraxy:latest \ . From 1f758e953deca55bf93875fcb01fdc5e37c4bd4e Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Sun, 26 Nov 2023 16:16:31 -0500 Subject: [PATCH 6/7] Fix: OpenSSL CVE --- docker/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker/Dockerfile b/docker/Dockerfile index 1b00642..49b1ba3 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -3,6 +3,8 @@ FROM docker.io/golang:alpine ARG VERSION RUN apk add --no-cache bash netcat-openbsd sudo +# Alternatives for security +RUN apk add --no-cache openssl=3.1.4-r1 RUN mkdir -p /opt/zoraxy/source/ &&\ mkdir -p /opt/zoraxy/config/ &&\ From 70ace02e80dcf0d30ba9061a99b132d9ebd929e6 Mon Sep 17 00:00:00 2001 From: PassiveLemon Date: Mon, 27 Nov 2023 20:18:24 -0500 Subject: [PATCH 7/7] Revert port update --- docker/Dockerfile | 2 +- docker/README.md | 6 +++--- docker/entrypoint.sh | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 49b1ba3..eb2b15b 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -36,5 +36,5 @@ ENV ARGS="-noauth=false" ENTRYPOINT ["/opt/zoraxy/entrypoint.sh"] -HEALTHCHECK --interval=5s --timeout=5s --retries=2 CMD nc -vz 127.0.0.1 5487 || exit 1 +HEALTHCHECK --interval=5s --timeout=5s --retries=2 CMD nc -vz 127.0.0.1 8000 || exit 1 diff --git a/docker/README.md b/docker/README.md index 2e07b88..42cdd14 100644 --- a/docker/README.md +++ b/docker/README.md @@ -25,7 +25,7 @@ services: ports: - 80:80 - 443:443 - - (external):5487 + - (external):8000 volumes: - (path to storage directory):/opt/zoraxy/config/ environment: @@ -44,7 +44,7 @@ services: ## Examples:
### Docker Run
``` -docker run -d --name zoraxy -p 80:80 -p 443:443 -p 5487:5487/tcp -v /home/docker/Containers/Zoraxy:/opt/zoraxy/config/ -e ARGS='-noauth=false' zoraxydocker/zoraxy:latest +docker run -d --name zoraxy -p 80:80 -p 443:443 -p 8005:8000/tcp -v /home/docker/Containers/Zoraxy:/opt/zoraxy/config/ -e ARGS='-noauth=false' zoraxydocker/zoraxy:latest ``` ### Docker Compose
@@ -57,7 +57,7 @@ services: ports: - 80:80 - 443:443 - - 5487:5487/tcp + - 8005:8000/tcp volumes: - /home/docker/Containers/Zoraxy:/opt/zoraxy/config/ environment: diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index c8159b4..cc51aff 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -1,4 +1,4 @@ #!/usr/bin/env bash echo "Zoraxy version $VERSION" -zoraxy -port=:5487 ${ARGS} +zoraxy -port=:8000 ${ARGS}