diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..176a458 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +* text=auto diff --git a/.github/delete-merged-branch-config.yml b/.github/delete-merged-branch-config.yml new file mode 100644 index 0000000..07d5b8b --- /dev/null +++ b/.github/delete-merged-branch-config.yml @@ -0,0 +1,5 @@ +exclude: + - main + - stable + - develop +delete_closed_pr: true diff --git a/.github/workflows/dependency-updates.yml b/.github/workflows/dependency-updates.yml new file mode 100644 index 0000000..56c7732 --- /dev/null +++ b/.github/workflows/dependency-updates.yml @@ -0,0 +1,35 @@ +name: dependency-updates +on: + push: + branches: + - develop + schedule: + - cron: "0 */6 * * *" + workflow_dispatch: +jobs: + w2d-update: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: update peertube version + id: update + run: | + PT_VERSION="$( + git ls-remote --tags https://github.com/Chocobozzz/PeerTube \ + | cut -d/ -f3 \ + | sort -V \ + | tail -1 \ + | sed "s|\^{}||g" + )" + sed -i "s|PT_VERSION=.*|PT_VERSION=$W2D_VERSION \\\|" ./Dockerfile + echo "version=$PT_VERSION" >> $GITHUB_OUTPUT + - name: Create Pull Request + uses: peter-evans/create-pull-request@v6 + with: + signoff: true + delete-branch: true + commit-message: update peertube version to ${{ steps.update.outputs.version }} + branch: update-peertube-version + title: update peertube version to ${{ steps.update.outputs.version }} + body: update peertube version to ${{ steps.update.outputs.version }} diff --git a/.github/workflows/docker-latest.yml b/.github/workflows/docker-latest.yml new file mode 100644 index 0000000..c8a26d1 --- /dev/null +++ b/.github/workflows/docker-latest.yml @@ -0,0 +1,26 @@ +name: Docker push develop to latest +on: + workflow_dispatch: +jobs: + docker: + runs-on: ubuntu-latest + steps: + - name: Login to DockerHub + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Convert Username + id: un + run: echo "un=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ steps.un.outputs.un }} + password: ${{ github.token }} + - name: Push develop to latest + run: | + docker buildx imagetools create --tag ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} + docker buildx imagetools create --tag ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:latest ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 0000000..aff0e8e --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,72 @@ +name: Build Docker Image +on: + push: + branches: + - develop + paths: + - Dockerfile + - .github/workflows/docker.yml + pull_request: + paths: + - Dockerfile + - .github/workflows/docker.yml + workflow_dispatch: +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: arm64 #all + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver-opts: env.BUILDKIT_STEP_LOG_MAX_SIZE=-1 + - name: Login to DockerHub + if: ${{ github.event_name != 'pull_request' }} + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Convert Username + id: un + run: echo "un=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ steps.un.outputs.un }} + password: ${{ github.token }} + - name: Build + uses: docker/build-push-action@v5 + if: ${{ github.event_name != 'pull_request' }} + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64 #,linux/amd64/v2,linux/amd64/v3,linux/amd64/v4 #,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 + push: ${{ github.ref == 'refs/heads/develop' }} + tags: | + ${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} + ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ github.ref_name }} + - name: Set PR-Number (PR) + if: ${{ github.event_name == 'pull_request' }} + id: pr + run: echo "pr=$(echo pr-${{ github.ref_name }} | sed "s|refs/pull/:||g" | sed "s|/merge||g")" >> $GITHUB_OUTPUT + - name: Build (PR) + uses: docker/build-push-action@v5 + if: ${{ github.event_name == 'pull_request' }} + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64 #,linux/amd64/v2,linux/amd64/v3,linux/amd64/v4 #,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 + push: ${{ github.event_name == 'pull_request' }} + tags: ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }} + - name: add comment (PR) + uses: mshick/add-pr-comment@v2 + if: ${{ github.event_name == 'pull_request' }} + with: + message: "The Docker Image can now be found here: `ghcr.io/${{ steps.un.outputs.un }}/${{ github.event.repository.name }}:${{ steps.pr.outputs.pr }}`" + repo-token: ${{ github.token }} diff --git a/.github/workflows/dockerlint.yml b/.github/workflows/dockerlint.yml new file mode 100644 index 0000000..47508e9 --- /dev/null +++ b/.github/workflows/dockerlint.yml @@ -0,0 +1,28 @@ +name: Dockerlint +on: + push: + pull_request: + workflow_dispatch: +jobs: + docker-lint: + runs-on: ubuntu-latest + name: docker-lint + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Install hadolint + run: | + sudo wget https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -O /usr/bin/hadolint + sudo chmod +x /usr/bin/hadolint + - name: run lint + run: | + DOCKERFILES="$(find . -name "*Dockerfile*")" + for file in $(echo "$DOCKERFILES" | tr " " "\n"); do + # DL3003 warning: Use WORKDIR to switch to a directory + # DL3018 warning: Pin versions in apk add. Instead of `apk add ` use `apk add =` + # DL3013 warning: Pin versions in pip. Instead of `pip install ` use `pip install ==` or `pip install --requirement ` + hadolint "$file" --ignore DL3003 --ignore DL3013 --ignore DL3018 | tee -a hadolint.log + done + if grep -q "DL[0-9]\+\|SC[0-9]\+" hadolint.log; then + exit 1 + fi diff --git a/.github/workflows/json.yml b/.github/workflows/json.yml new file mode 100644 index 0000000..702313b --- /dev/null +++ b/.github/workflows/json.yml @@ -0,0 +1,14 @@ +name: JSON check +on: + push: + pull_request: + workflow_dispatch: +jobs: + test-json: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: json-syntax-check + uses: limitusus/json-syntax-check@v2 + with: + pattern: "\\.json" diff --git a/.github/workflows/spellcheck.yml b/.github/workflows/spellcheck.yml new file mode 100644 index 0000000..ccd319d --- /dev/null +++ b/.github/workflows/spellcheck.yml @@ -0,0 +1,18 @@ +name: spellcheck +on: + push: + pull_request: + workflow_dispatch: +jobs: + spellcheck: + name: spellcheck + runs-on: ubuntu-latest + steps: + - name: Check out code. + uses: actions/checkout@v4 + - name: Check spelling + uses: codespell-project/actions-codespell@v2 + with: + check_filenames: true + check_hidden: true + skip: .git,.gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..568d4b9 --- /dev/null +++ b/.gitignore @@ -0,0 +1,784 @@ +# User-specific stuff +.idea +desktop.files.json +package-lock.json +yarn.lock +desktop.ini + +### macOS ### +# General +.DS_Store +.AppleDouble +.LSOverride + +composer.phar +/vendor/ + +!/jobs +!/.gitignore +!/*.xml + +#ignore all files in jobs subdirectories except for folders +#note: git doesn't track folders, only file content +jobs/** +!jobs/**/ + +#uncomment the following line to save next build numbers with config +#!jobs/**/nextBuildNumber + +#exclude only config.xml files in repository subdirectories +!config.xml + +#don't track workspaces (when users build on the master) +jobs/**/*workspace + +*.iml +*.ipr +*.iws + +# IntelliJ +out + +# Compiled class file +*.class + +# Log file +*.log + +# BlueJ files +*.ctxt + +# Package Files # +*.jar +*.war +*.nar +*.ear +*.zip +*.tar.gz +*.rar + +# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml +hs_err_pid* + +*~ + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +# Icon must end with two \r +Icon + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# Windows shortcuts +*.lnk + +.gradle +/build/ + +# Ignore Gradle GUI config +gradle-app.setting + +# Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored) +!gradle-wrapper.jar + +# Cache of project +.gradletasknamecache + +target/ +pom.xml.tag +pom.xml.releaseBackup +pom.xml.versionsBackup +pom.xml.next +release.properties +dependency-reduced-pom.xml +buildNumber.properties +.mvn/timing.properties +# https://github.com/takari/maven-wrapper#usage-without-binary-jar +.mvn/wrapper/maven-wrapper.jar +.flattened-pom.xml + +# Common working directory +run + +# Logs +logs +*.log +npm-debug.log* +yarn-debug.log* +yarn-error.log* +lerna-debug.log* + +# Diagnostic reports (https://nodejs.org/api/report.html) +report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json + +# Runtime data +pids +*.pid +*.seed +*.pid.lock + +# Directory for instrumented libs generated by jscoverage/JSCover +lib-cov + +# Coverage directory used by tools like istanbul +coverage +*.lcov + +# nyc test coverage +.nyc_output + +# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) +.grunt + +# Bower dependency directory (https://bower.io/) +bower_components + +# node-waf configuration +.lock-wscript + +# Compiled binary addons (https://nodejs.org/api/addons.html) +build/Release + +# Dependency directories +node_modules/ +jspm_packages/ + +# TypeScript v1 declaration files +typings/ + +# TypeScript cache +*.tsbuildinfo + +# Optional npm cache directory +.npm + +# Optional eslint cache +.eslintcache + +# Microbundle cache +.rpt2_cache/ +.rts2_cache_cjs/ +.rts2_cache_es/ +.rts2_cache_umd/ + +# Optional REPL history +.node_repl_history + +# Output of 'npm pack' +*.tgz + +# Yarn Integrity file +.yarn-integrity + +# dotenv environment variables file +.env +.env.test + +# parcel-bundler cache (https://parceljs.org/) +.cache + +# Next.js build output +.next + +# Nuxt.js build / generate output +.nuxt +dist + +# Gatsby files +.cache/ +# Comment in the public line in if your project uses Gatsby and *not* Next.js +# https://nextjs.org/blog/next-9-1#public-directory-support +# public + +# vuepress build output +.vuepress/dist + +# Serverless directories +.serverless/ + +# FuseBox cache +.fusebox/ + +# DynamoDB Local files +.dynamodb/ + +# TernJS port file +.tern-port + +/vendor/ +node_modules/ +npm-debug.log +yarn-error.log + +# Laravel 4 specific +bootstrap/compiled.php +app/storage/ + +# Laravel 5 & Lumen specific +public/storage +public/hot + +# Laravel 5 & Lumen specific with changed public path +public_html/storage +public_html/hot + +storage/*.key +.env +Homestead.yaml +Homestead.json +/.vagrant +.phpunit.result.cache + +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +pip-wheel-metadata/ +share/python-wheels/ +*.egg-info/ +.installed.cfg +*.egg +MANIFEST + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.nox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +*.py,cover +.hypothesis/ +.pytest_cache/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py +db.sqlite3 +db.sqlite3-journal + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# IPython +profile_default/ +ipython_config.py + +# pyenv +.python-version + +# pipenv +# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. +# However, in case of collaboration, if having platform-specific dependencies or dependencies +# having no cross-platform support, pipenv may install dependencies that don't work, or not +# install all needed dependencies. +#Pipfile.lock + +# PEP 582; used by e.g. github.com/David-OConnor/pyflow +__pypackages__/ + +# Celery stuff +celerybeat-schedule +celerybeat.pid + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ +.dmypy.json +dmypy.json + +# Pyre type checker +.pyre/ + +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.rsuser +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Mono auto generated files +mono_crash.* + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +[Aa][Rr][Mm]/ +[Aa][Rr][Mm]64/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ +[Ll]ogs/ + +# Visual Studio 2015/2017 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# Visual Studio 2017 auto generated files +Generated\ Files/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUnit +*.VisualState.xml +TestResult.xml +nunit-*.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ + +# StyleCop +StyleCopReport.xml + +# Files built by Visual Studio +*_i.c +*_p.c +*_h.h +*.ilk +*.meta +*.obj +*.iobj +*.pch +*.pdb +*.ipdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*_wpftmp.csproj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# NuGet Symbol Packages +*.snupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx +*.appxbundle +*.appxupload + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!?*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Including strong name files can present a security risk +# (https://github.com/github/gitignore/pull/2483#issue-259490424) +#*.snk + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm +ServiceFabricBackup/ +*.rptproj.bak + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings +*.rptproj.rsuser +*- [Bb]ackup.rdl +*- [Bb]ackup ([0-9]).rdl +*- [Bb]ackup ([0-9][0-9]).rdl + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# CodeRush personal settings +.cr/personal + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ + +# Azure Stream Analytics local run output +ASALocalRun/ + +# MSBuild Binary and Structured Log +*.binlog + +# NVidia Nsight GPU debugger configuration file +*.nvuser + +# MFractors (Xamarin productivity tool) working folder +.mfractor/ + +# Local History for Visual Studio +.localhistory/ + +# BeatPulse healthcheck temp database +healthchecksdb + +# Backup folder for Package Reference Convert tool in Visual Studio 2017 +MigrationBackup/ + +# Ionide (cross platform F# VS Code tools) working folder +.ionide/ + +# ignore everything in the root except the "wp-content" directory. +!wp-content/ + +# ignore everything in the "wp-content" directory, except: +# "mu-plugins", "plugins", "themes" directory +wp-content/* +!wp-content/mu-plugins/ +!wp-content/plugins/ +!wp-content/themes/ + +# ignore these plugins +wp-content/plugins/hello.php + +# ignore specific themes +wp-content/themes/twenty*/ + +# ignore node dependency directories +node_modules/ + +# ignore log files and databases +*.log +*.sql +*.sqlite \ No newline at end of file diff --git a/.imgbotconfig b/.imgbotconfig new file mode 100644 index 0000000..a31c6d4 --- /dev/null +++ b/.imgbotconfig @@ -0,0 +1,6 @@ +{ + "schedule": "daily", + "aggressiveCompression": "true", + "compressWiki": "true", + "minKBReduced": 0 +} diff --git a/.whitesource b/.whitesource new file mode 100644 index 0000000..0d7ea09 --- /dev/null +++ b/.whitesource @@ -0,0 +1,13 @@ +{ + "scanSettings": { + "baseBranches": [] + }, + "checkRunSettings": { + "vulnerableCheckRunConclusionLevel": "failure", + "displayMode": "diff" + }, + "issueSettings": { + "minSeverityLevel": "LOW", + "issueType": "DEPENDENCY" + } +} \ No newline at end of file diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..0a04128 --- /dev/null +++ b/COPYING @@ -0,0 +1,165 @@ + GNU LESSER GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + + This version of the GNU Lesser General Public License incorporates +the terms and conditions of version 3 of the GNU General Public +License, supplemented by the additional permissions listed below. + + 0. Additional Definitions. + + As used herein, "this License" refers to version 3 of the GNU Lesser +General Public License, and the "GNU GPL" refers to version 3 of the GNU +General Public License. + + "The Library" refers to a covered work governed by this License, +other than an Application or a Combined Work as defined below. + + An "Application" is any work that makes use of an interface provided +by the Library, but which is not otherwise based on the Library. +Defining a subclass of a class defined by the Library is deemed a mode +of using an interface provided by the Library. + + A "Combined Work" is a work produced by combining or linking an +Application with the Library. The particular version of the Library +with which the Combined Work was made is also called the "Linked +Version". + + The "Minimal Corresponding Source" for a Combined Work means the +Corresponding Source for the Combined Work, excluding any source code +for portions of the Combined Work that, considered in isolation, are +based on the Application, and not on the Linked Version. + + The "Corresponding Application Code" for a Combined Work means the +object code and/or source code for the Application, including any data +and utility programs needed for reproducing the Combined Work from the +Application, but excluding the System Libraries of the Combined Work. + + 1. Exception to Section 3 of the GNU GPL. + + You may convey a covered work under sections 3 and 4 of this License +without being bound by section 3 of the GNU GPL. + + 2. Conveying Modified Versions. + + If you modify a copy of the Library, and, in your modifications, a +facility refers to a function or data to be supplied by an Application +that uses the facility (other than as an argument passed when the +facility is invoked), then you may convey a copy of the modified +version: + + a) under this License, provided that you make a good faith effort to + ensure that, in the event an Application does not supply the + function or data, the facility still operates, and performs + whatever part of its purpose remains meaningful, or + + b) under the GNU GPL, with none of the additional permissions of + this License applicable to that copy. + + 3. Object Code Incorporating Material from Library Header Files. + + The object code form of an Application may incorporate material from +a header file that is part of the Library. You may convey such object +code under terms of your choice, provided that, if the incorporated +material is not limited to numerical parameters, data structure +layouts and accessors, or small macros, inline functions and templates +(ten or fewer lines in length), you do both of the following: + + a) Give prominent notice with each copy of the object code that the + Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the object code with a copy of the GNU GPL and this license + document. + + 4. Combined Works. + + You may convey a Combined Work under terms of your choice that, +taken together, effectively do not restrict modification of the +portions of the Library contained in the Combined Work and reverse +engineering for debugging such modifications, if you also do each of +the following: + + a) Give prominent notice with each copy of the Combined Work that + the Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the Combined Work with a copy of the GNU GPL and this license + document. + + c) For a Combined Work that displays copyright notices during + execution, include the copyright notice for the Library among + these notices, as well as a reference directing the user to the + copies of the GNU GPL and this license document. + + d) Do one of the following: + + 0) Convey the Minimal Corresponding Source under the terms of this + License, and the Corresponding Application Code in a form + suitable for, and under terms that permit, the user to + recombine or relink the Application with a modified version of + the Linked Version to produce a modified Combined Work, in the + manner specified by section 6 of the GNU GPL for conveying + Corresponding Source. + + 1) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (a) uses at run time + a copy of the Library already present on the user's computer + system, and (b) will operate properly with a modified version + of the Library that is interface-compatible with the Linked + Version. + + e) Provide Installation Information, but only if you would otherwise + be required to provide such information under section 6 of the + GNU GPL, and only to the extent that such information is + necessary to install and execute a modified version of the + Combined Work produced by recombining or relinking the + Application with a modified version of the Linked Version. (If + you use option 4d0, the Installation Information must accompany + the Minimal Corresponding Source and Corresponding Application + Code. If you use option 4d1, you must provide the Installation + Information in the manner specified by section 6 of the GNU GPL + for conveying Corresponding Source.) + + 5. Combined Libraries. + + You may place library facilities that are a work based on the +Library side by side in a single library together with other library +facilities that are not Applications and are not covered by this +License, and convey such a combined library under terms of your +choice, if you do both of the following: + + a) Accompany the combined library with a copy of the same work based + on the Library, uncombined with any other library facilities, + conveyed under the terms of this License. + + b) Give prominent notice with the combined library that part of it + is a work based on the Library, and explaining where to find the + accompanying uncombined form of the same work. + + 6. Revised Versions of the GNU Lesser General Public License. + + The Free Software Foundation may publish revised and/or new versions +of the GNU Lesser General Public License from time to time. Such new +versions will be similar in spirit to the present version, but may +differ in detail to address new problems or concerns. + + Each version is given a distinguishing version number. If the +Library as you received it specifies that a certain numbered version +of the GNU Lesser General Public License "or any later version" +applies to it, you have the option of following the terms and +conditions either of that published version or of any later version +published by the Free Software Foundation. If the Library as you +received it does not specify a version number of the GNU Lesser +General Public License, you may choose any version of the GNU Lesser +General Public License ever published by the Free Software Foundation. + + If the Library as you received it specifies that a proxy can decide +whether future versions of the GNU Lesser General Public License shall +apply, that proxy's public statement of acceptance of any version is +permanent authorization for you to choose that version for the +Library. diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..f64d3b9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,61 @@ +# syntax=docker/dockerfile:labs +FROM --platform="$BUILDPLATFORM" alpine:3.19.1 as build +SHELL ["/bin/ash", "-eo", "pipefail", "-c"] +ARG PT_VERSION=v6.0.1 \ + TARGETARCH + +RUN apk upgrade --no-cache -a && \ + apk add --no-cache ca-certificates bash nodejs-current yarn npm git && \ + yarn global add clean-modules && \ + git clone --recursive https://github.com/FKLC/WhatsAppToDiscord --branch "$PT_VERSION" /app && \ + sed -i "s|gosu|su-exec|g" /app/support/docker/production/entrypoint.sh && \ + if [ "$TARGETARCH" = "amd64" ]; then \ + cd /app/client && \ + npm_config_target_platform=linux npm_config_target_arch=x64 yarn install --no-lockfile && \ + clean-modules --yes && \ + cd /app && \ + npm_config_target_platform=linux npm_config_target_arch=x64 yarn install --no-lockfile && \ + clean-modules --yes && \ + npm_config_target_platform=linux npm_config_target_arch=x64 npm run build && \ + clean-modules --yes && \ + rm -r /app/client/node_modules /app/node_modules /app/client/.angular && \ + npm_config_target_platform=linux npm_config_target_arch=x64 yarn install --no-lockfile --production && \ + clean-modules --yes; \ + elif [ "$TARGETARCH" = "arm64" ]; then \ + cd /app/client && \ + npm_config_target_platform=linux npm_config_target_arch=arm64 yarn install --no-lockfile && \ + clean-modules --yes && \ + cd /app && \ + npm_config_target_platform=linux npm_config_target_arch=arm64 yarn install --no-lockfile && \ + clean-modules --yes && \ + npm_config_target_platform=linux npm_config_target_arch=arm64 npm run build && \ + clean-modules --yes && \ + rm -r /app/client/node_modules /app/node_modules /app/client/.angular && \ + npm_config_target_platform=linux npm_config_target_arch=arm64 yarn install --no-lockfile --production && \ + clean-modules --yes; \ + fi && \ + yarn cache clean --all + +FROM alpine:3.19.1 +SHELL ["/bin/ash", "-eo", "pipefail", "-c"] +COPY --from=build /app /app +WORKDIR /app + +# Install dependencies +RUN apk add --no-cache ca-certificates tzdata tini ffmpeg su-exec shadow nodejs-current && \ +# Add peertube user + groupadd -r peertube && \ + useradd -r -g peertube -m peertube && \ +# script, folder, permissions and cleanup + mv /app/support/docker/production/entrypoint.sh /usr/local/bin/entrypoint.sh && \ + chmod +x /usr/local/bin/entrypoint.sh && \ + mkdir /data /config && \ + chown -R peertube:peertube /app /data /config && \ + apk del --no-cache shadow + +ENV NODE_ENV=production +ENV NODE_CONFIG_DIR=/app/config:/app/support/docker/production/config:/config +ENV PEERTUBE_LOCAL_CONFIG=/config + +ENTRYPOINT ["tini", "--", "entrypoint.sh"] +CMD ["node", "dist/server"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..593b504 --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +# w2d-docker + +## How to use? + +This docker image includes https://github.com/Chocobozzz/PeerTube, see the compose.yaml and stack.env if you want to use it. + +## WHy? + +see https://github.com/Chocobozzz/PeerTube/issues/6148 diff --git a/compose.yaml b/compose.yaml new file mode 100644 index 0000000..4d2f727 --- /dev/null +++ b/compose.yaml @@ -0,0 +1,34 @@ +services: + peertube: + container_name: peertube + image: chocobozzz/peertube:production-bookworm + restart: always + ports: + # - "1935:1935" + - "127.0.0.1:9000:9000" + depends_on: + - postgres + - redis + env_file: + - stack.env + volumes: + - /opt/peertube/data:/data + - /opt/peertube/config:/config + + postgres: + container_name: peertube-db + image: postgres:15-alpine + restart: always + env_file: + - stack.env + volumes: + - /opt/peertube/db:/var/lib/postgresql/data + + redis: + container_name: peertube-redis + image: redis:alpine + restart: always + environment: + - "TZ=Europe/Berlin" + volumes: + - /opt/peertube/redis:/data diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..2162be3 --- /dev/null +++ b/renovate.json @@ -0,0 +1,13 @@ +{ + "extends": [ + "config:base" + ], + "baseBranches": [], + "includeForks": true, + "automerge": false, + "branchPrefix": "renovate-deps-update-", + "rangeStrategy": "pin", + "digest": { + "enabled": true + } +} diff --git a/stack.env b/stack.env new file mode 100644 index 0000000..1e60a57 --- /dev/null +++ b/stack.env @@ -0,0 +1,22 @@ +POSTGRES_USER=peertube +POSTGRES_PASSWORD=... +POSTGRES_DB=peertube +PEERTUBE_DB_USERNAME=peertube +PEERTUBE_DB_PASSWORD=... +PEERTUBE_DB_SSL=false +PEERTUBE_DB_HOSTNAME=postgres +PEERTUBE_WEBSERVER_HOSTNAME=peertube.example.org +PEERTUBE_WEBSERVER_PORT=443 +PEERTUBE_WEBSERVER_HTTPS=true +PEERTUBE_TRUST_PROXY=["loopback", "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] +PEERTUBE_SECRET=..- +PEERTUBE_SMTP_HOSTNAME=mx.example.org +PEERTUBE_SMTP_PORT=587 +PEERTUBE_SMTP_FROM=peertube@example.org +PEERTUBE_SMTP_TLS=false +PEERTUBE_SMTP_DISABLE_STARTTLS=false +PEERTUBE_ADMIN_EMAIL=peertube@z0ey.de +PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PUBLIC="public-read" +PEERTUBE_OBJECT_STORAGE_UPLOAD_ACL_PRIVATE="private" +PEERTUBE_LOG_LEVEL=info +TZ=Europe/Berlin