Update codeoss-server image

LcJuves · LcJuves · commit 4855dee44df1 · 2025-06-10T09:20:41.000+08:00
diff --git a/.DS_Store b/.DS_Store
diff --git a/codeoss-server/certbot_renew.sh b/codeoss-server/certbot_renew.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+# https://certbot.eff.org/instructions?ws=nginx&os=debianbuster
+
+certbot renew --quiet --renew-hook "systemctl restart nginx.service"
diff --git a/codeoss-server/init-self-hosted-codeoss-server.sh b/codeoss-server/init-self-hosted-codeoss-server.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+mail="$1"
+domain="$2"
+
+{
+    certbot certonly --manual -m "$mail" -d "$domain" --preferred-challenges dns
+} || {
+    echo "certbot generated with error!"
+}
+
+CODEOSS_SERVER_CONTAINER_ID=$(podman run -itd \
+    -p 8000:8000 -h "codeoss-server" \
+    ghcr.io/lcjuves/codeoss-server)
+echo "CodeOSS server's container id: $CODEOSS_SERVER_CONTAINER_ID"
+
+mv /etc/nginx/conf.d/localhost.conf /etc/nginx/conf.d/"$domain".conf
+sed -i "s/localhost/$domain/g" /etc/nginx/conf.d/"$domain".conf
+
+systemctl start nginx.service
diff --git a/codeoss-server/localhost.conf b/codeoss-server/localhost.conf
@@ -0,0 +1,19 @@
+server {
+    listen 443 ssl;
+    server_name localhost;
+
+    location / {
+        proxy_redirect off;
+        proxy_pass http://127.0.0.1:8000;
+        # https://github.com/nginx/nginx/blob/release-1.28.0/src/http/modules/ngx_http_proxy_module.c#L293
+        proxy_http_version 1.1;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    ssl on;
+    ssl_certificate /etc/letsencrypt/live/localhost/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/localhost/privkey.pem;
+    ssl_session_timeout 3m;
+}
diff --git a/codeoss-server/run-self-hosted-codeoss-server-container.sh b/codeoss-server/run-self-hosted-codeoss-server-container.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+if [ -z "$domain" ]; then
+    domain=localhost
+fi
+
+if [ -z "$mail" ]; then
+    mail=mail@localhost
+fi
+
+if [ -z "$sec_key" ]; then
+    sec_key="$(date +%s)"
+fi
+
+mount -t cgroup
+
+CODEOSS_SERVER_SELF_HOSTED_CONTAINER_ID=$(podman run -itd --privileged \
+    -h "$(echo "$domain" | base64)" \
+    -v /var/run/podman/podman.sock:/var/run/podman/podman.sock \
+    -p 443:443 \
+    ghcr.io/lcjuves/codeoss-server:self-hosted /sbin/init)
+
+podman exec -it \
+    --workdir /root "$CODEOSS_SERVER_SELF_HOSTED_CONTAINER_ID" \
+    bash -e init-self-hosted-codeoss-server.sh "$mail" "$domain"
diff --git a/codeoss-server/self-hosted.Dockerfile b/codeoss-server/self-hosted.Dockerfile
@@ -0,0 +1,12 @@
+FROM container-base
+RUN apt-get install -y curl podman
+
+RUN apt-get install -y nginx net-tools
+EXPOSE 443
+
+RUN apt-get install -y certbot vim
+WORKDIR /root
+ADD certbot_renew.sh .
+ADD localhost.conf /etc/nginx/conf.d/
+
+ADD init-self-hosted-codeoss-server.sh .
diff --git a/containerImages2.json b/containerImages2.json
@@ -5,7 +5,7 @@
   },
   {
     "name": "codeoss-server",
-    "tags": ["latest"]
+    "tags": ["self-hosted", "latest"]
   },
   {
     "name": "container-image-builder",

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@`
`5`	`5`	`},`
`6`	`6`	`{`
`7`	`7`	`"name": "codeoss-server",`
`8`		`- "tags": ["latest"]`
	`8`	`+ "tags": ["self-hosted", "latest"]`
`9`	`9`	`},`
`10`	`10`	`{`
`11`	`11`	`"name": "container-image-builder",`