diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000000000000000000000000000000000000..a30a1ed64124ad86d48de66cb5be8d8439951ada
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,18 @@
+build-v0.13:
+ stage: build
+ image:
+ name: gcr.io/kaniko-project/executor:debug
+ entrypoint: [""]
+ script:
+ - mkdir -p /kaniko/.docker
+ - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
+ - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile.v0.13 --destination $CI_REGISTRY_IMAGE:v0.13.1 --destination $CI_REGISTRY_IMAGE:latest
+build-master:
+ stage: build
+ image:
+ name: gcr.io/kaniko-project/executor:debug
+ entrypoint: [""]
+ script:
+ - mkdir -p /kaniko/.docker
+ - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
+ - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile.trunk --destination $CI_REGISTRY_IMAGE:trunk --destination $CI_REGISTRY_IMAGE:latest
diff --git a/Dockerfile b/Dockerfile.trunk
similarity index 91%
rename from Dockerfile
rename to Dockerfile.trunk
index 2ceefb484bf8556ec1f5fb5d02ee04b261b23b90..51523255dedcb6e4854210b3306c9ec8f81d4a98 100644
--- a/Dockerfile
+++ b/Dockerfile.trunk
@@ -1,5 +1,5 @@
# development image
-ARG BASE=alpine:latest
+ARG BASE=alpine:3.13
FROM $BASE AS builder
# install development dependencies
@@ -21,16 +21,10 @@ RUN apk add --no-cache \
qt5-qtbase-sqlite
ARG QUASSEL_VERSION="0.13.1"
-ARG QUASSEL_BRANCH="0.13"
-ARG QUASSEL_REPO="https://github.com/quassel/quassel"
-
-RUN if [ "$QUASSEL_BRANCH" = "0.13" ]; then \
- apk add --no-cache qt5-qtscript-dev; \
- fi
# setup repo
RUN mkdir /quassel && \
- git clone -b "$QUASSEL_BRANCH" --single-branch "$QUASSEL_REPO" /quassel/src && \
+ git clone -b master --single-branch https://github.com/quassel/quassel /quassel/src && \
cd /quassel/src && \
if [ ! -z "$QUASSEL_VERSION" ]; then \
git checkout $QUASSEL_VERSION; \
@@ -73,14 +67,6 @@ RUN apk add --no-cache \
qt5-qtbase-postgresql \
qt5-qtbase-sqlite
-ARG QUASSEL_VERSION="0.13.1"
-ARG QUASSEL_BRANCH="0.13"
-ARG QUASSEL_REPO="https://github.com/quassel/quassel"
-
-RUN if [ "$QUASSEL_BRANCH" = "0.13" ]; then \
- apk add --no-cache qt5-qtscript; \
- fi
-
# copy binaries
COPY --from=builder /quassel/install/bin /usr/bin/
COPY --from=builder /quassel/install/lib* /usr/lib/
diff --git a/Dockerfile.v0.13 b/Dockerfile.v0.13
new file mode 100644
index 0000000000000000000000000000000000000000..94f1c4a304dba2c0a71e617866cc5060940f8e87
--- /dev/null
+++ b/Dockerfile.v0.13
@@ -0,0 +1,178 @@
+# development image
+ARG BASE=alpine:3.10
+FROM $BASE AS builder
+
+# install development dependencies
+RUN apk add --no-cache \
+ cmake \
+ curl \
+ dbus-dev \
+ g++ \
+ gcc \
+ git \
+ libressl \
+ libressl-dev \
+ openldap-dev \
+ ninja \
+ paxmark \
+ boost-dev \
+ qt5-qtbase-dev \
+ qt5-qtbase-postgresql \
+ qt5-qtbase-sqlite \
+ qt5-qtscript-dev
+
+ARG QUASSEL_VERSION="0.13.1"
+
+# setup repo
+RUN mkdir /quassel && \
+ git clone -b 0.13 --single-branch https://github.com/quassel/quassel /quassel/src && \
+ cd /quassel/src && \
+ if [ ! -z "$QUASSEL_VERSION" ]; then \
+ git checkout $QUASSEL_VERSION; \
+ fi
+
+# generate build files
+RUN mkdir /quassel/build && \
+ cd /quassel/build && \
+ CXXFLAGS="-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -fPIE -pie -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now" \
+ cmake \
+ -GNinja \
+ -DCMAKE_INSTALL_PREFIX=/quassel/install \
+ -DCMAKE_BUILD_TYPE="Release" \
+ -DUSE_QT5=ON \
+ -DWITH_KDE=OFF \
+ -DWANT_QTCLIENT=OFF \
+ -DWANT_CORE=ON \
+ -DWANT_MONO=OFF \
+ /quassel/src
+
+# build binaries
+RUN cd /quassel/build && \
+ ninja && \
+ ninja install && \
+ paxmark -m /quassel/install/bin/quasselcore
+
+# generate empty directory so docker doesn’t break
+RUN mkdir -p /quassel/install/lib_fix_docker_copy
+
+# runtime image
+FROM $BASE
+
+# install runtime dependencies
+RUN apk add --no-cache \
+ bash \
+ boost \
+ libressl \
+ libldap \
+ qt5-qtbase \
+ qt5-qtbase-postgresql \
+ qt5-qtbase-sqlite \
+ qt5-qtscript
+
+# copy binaries
+COPY --from=builder /quassel/install/bin /usr/bin/
+COPY --from=builder /quassel/install/lib* /usr/lib/
+
+# setup user environment
+RUN addgroup -g 1000 -S quassel && \
+ adduser -S -G quassel -u 1000 -s /bin/sh -h /config quassel
+USER quassel
+VOLUME /config
+
+# expose ports
+EXPOSE 4242/tcp
+EXPOSE 10113/tcp
+
+# Specify the directory holding configuration files, the SQlite database and the SSL certificate.
+ENV CONFIG_DIR="/config"
+
+# The address(es) quasselcore will listen on.
+ENV QUASSEL_LISTEN="::,0.0.0.0"
+# The port quasselcore will listen at.
+ENV QUASSEL_PORT="4242"
+
+# Don't restore last core's state.
+ENV NORESTORE="false"
+
+# Use users' quasselcore username as ident reply. Ignores each user's configured ident setting.
+ENV STRICT_IDENT="false"
+
+# Enable internal ident daemon.
+ENV IDENT_ENABLED="false"
+# The address(es) quasselcore will listen on for ident requests. Same format as --listen.
+ENV IDENT_LISTEN="::1,127.0.0.1"
+# The port quasselcore will listen at for ident requests. Only meaningful with --ident-daemon.
+ENV IDENT_PORT="10113"
+
+# Enable oidentd integration. In most cases you should also enable --strict-ident.
+ENV OIDENTD_ENABLED="false"
+# Set path to oidentd configuration file.
+ENV OIDENTD_CONF_FILE=""
+
+# Require SSL for remote (non-loopback) client connections.
+ENV SSL_REQUIRED="false"
+# Specify the base64 encoded data for the SSL certificate.
+ENV SSL_CERT_DATA=""
+# Specify the path to the SSL certificate.
+ENV SSL_CERT_FILE=""
+# Specify the base64 encoded data for the SSL certificate.
+ENV SSL_KEY_DATA=""
+# Specify the path to the SSL key.
+ENV SSL_KEY_FILE=""
+
+# Enable metrics API.
+ENV METRICS_ENABLED="false"
+# The address(es) quasselcore will listen on for metrics requests. Same format as --listen.
+ENV METRICS_LISTEN="::1,127.0.0.1"
+# The port quasselcore will listen at for metrics requests. Only meaningful with --metrics-daemon.
+ENV METRICS_PORT="9558"
+
+# Supports one of Debug|Info|Warning|Error; default is Info.
+ENV LOGLEVEL="Info"
+
+# Enable logging of all SQL queries to debug log, also sets --loglevel Debug automatically
+ENV DEBUG_ENABLED="false"
+# Enable logging of all raw IRC messages to debug log, including passwords! In most cases you should also set --loglevel Debug
+ENV DEBUG_IRC_ENABLED="false"
+# Limit raw IRC logging to this network ID. Implies --debug-irc
+ENV DEBUG_IRC_ID=""
+# Enable logging of all parsed IRC messages to debug log, including passwords! In most cases you should also set --loglevel Debug
+ENV DEBUG_IRC_PARSED_ENABLED="false"
+# Limit parsed IRC logging to this network ID. Implies --debug-irc-parsed
+ENV DEBUG_IRC_PARSED_ID=""
+
+# Load configuration from environment variables.
+ENV CONFIG_FROM_ENVIRONMENT="false"
+
+# Specify the database backend. Allowed values: SQLite or PostgreSQL
+ENV DB_BACKEND="SQLite"
+# If the backend is PostgreSQL, specify the database user username
+ENV DB_PGSQL_USERNAME="quassel"
+# If the backend is PostgreSQL, specify the database user password
+ENV DB_PGSQL_PASSWORD=""
+# If the backend is PostgreSQL, specify the hostname of the database
+ENV DB_PGSQL_HOSTNAME="localhost"
+# If the backend is PostgreSQL, specify the port of the database
+ENV DB_PGSQL_PORT="5432"
+# If the backend is PostgreSQL, specify the database of the PostgreSQL cluster
+ENV DB_PGSQL_DATABASE="quassel"
+
+# Specify the authenticator backend. Allowed values: Database or Ldap
+ENV AUTH_AUTHENTICATOR="Database"
+# If the authenticator is Ldap, specify the hostname of the directory server
+ENV AUTH_LDAP_HOSTNAME="ldap://localhost"
+# If the authenticator is Ldap, specify the port of the directory server
+ENV AUTH_LDAP_PORT="389"
+# If the authenticator is Ldap, specify the bind dn
+ENV AUTH_LDAP_BIND_DN=""
+# If the authenticator is Ldap, specify the bind password
+ENV AUTH_LDAP_BIND_PASSWORD=""
+# If the authenticator is Ldap, specify the base dn
+ENV AUTH_LDAP_BASE_DN=""
+# If the authenticator is Ldap, specify the filter query
+ENV AUTH_LDAP_FILTER=""
+# If the authenticator is Ldap, specify the attribute to be used as userid
+ENV AUTH_LDAP_UID_ATTRIBUTE="uid"
+
+ADD src/docker-entrypoint.sh /
+ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/Makefile b/Makefile
deleted file mode 100644
index 9026c10a5e7f7db678f91ce68e5e6d051b27e1bc..0000000000000000000000000000000000000000
--- a/Makefile
+++ /dev/null
@@ -1,70 +0,0 @@
-NAME=k8r.eu/justjanne/quassel-docker
-ALPINE_VERSION=3.10
-QUASSEL_VERSION=
-QUASSEL_BRANCH=master
-QUASSEL_REPO=https://github.com/quassel/quassel
-ifeq ($(strip $(QUASSEL_VERSION)),)
-IMAGE_VERSION=trunk
-else
-IMAGE_VERSION=v$(QUASSEL_VERSION)
-endif
-
-.PHONY: all
-all: push
-
-.PHONY: build
-build: build_x86 build_aarch64 build_armhf
-
-.PHONY: build_x86
-build_x86: Dockerfile
- docker build \
- --pull \
- -t $(NAME):$(IMAGE_VERSION) \
- --build-arg BASE=alpine:$(ALPINE_VERSION) \
- --build-arg QUASSEL_VERSION=$(QUASSEL_VERSION) \
- --build-arg QUASSEL_BRANCH=$(QUASSEL_BRANCH) \
- --build-arg QUASSEL_REPO=$(QUASSEL_REPO) \
- .
- if [ ! -z "$(QUASSEL_VERSION)" ]; then docker tag $(NAME):$(IMAGE_VERSION) $(NAME):latest; fi
-
-.PHONY: build_aarch64
-build_aarch64: Dockerfile
- docker build \
- --pull \
- -t $(NAME):$(IMAGE_VERSION)-aarch64 \
- --build-arg BASE=multiarch/alpine:aarch64-v$(ALPINE_VERSION) \
- --build-arg QUASSEL_VERSION=$(QUASSEL_VERSION) \
- --build-arg QUASSEL_BRANCH=$(QUASSEL_BRANCH) \
- --build-arg QUASSEL_REPO=$(QUASSEL_REPO) \
- .
- if [ ! -z "$(QUASSEL_VERSION)" ]; then docker tag $(NAME):$(IMAGE_VERSION)-aarch64 $(NAME):aarch64; fi
-
-.PHONY: build_armhf
-build_armhf: Dockerfile
- docker build \
- --pull \
- -t $(NAME):$(IMAGE_VERSION)-armhf \
- --build-arg BASE=multiarch/alpine:armhf-v$(ALPINE_VERSION) \
- --build-arg QUASSEL_VERSION=$(QUASSEL_VERSION) \
- --build-arg QUASSEL_BRANCH=$(QUASSEL_BRANCH) \
- --build-arg QUASSEL_REPO=$(QUASSEL_REPO) \
- .
- if [ ! -z "$(QUASSEL_VERSION)" ]; then docker tag $(NAME):$(IMAGE_VERSION)-armhf $(NAME):armhf; fi
-
-.PHONY: push
-push: push_x86 push_aarch64 push_armhf
-
-.PHONY: push_x86
-push_x86: build_x86
- docker push $(NAME):$(IMAGE_VERSION)
- if [ ! -z "$(QUASSEL_VERSION)" ]; then docker push $(NAME):latest; fi
-
-.PHONY: push_aarch64
-push_aarch64: build_aarch64
- docker push $(NAME):$(IMAGE_VERSION)-aarch64
- if [ ! -z "$(QUASSEL_VERSION)" ]; then docker push $(NAME):aarch64; fi
-
-.PHONY: push_armhf
-push_armhf: build_armhf
- docker push $(NAME):$(IMAGE_VERSION)-armhf
- if [ ! -z "$(QUASSEL_VERSION)" ]; then docker push $(NAME):armhf; fi
diff --git a/build.sh b/build.sh
index 1396bc797d179b72244e8ed64bf9ad5c6f5f9de4..44742344391298189c6ea9b35824d83b77b99fbf 100755
--- a/build.sh
+++ b/build.sh
@@ -1,9 +1,51 @@
#!/bin/sh
+NAME=k8r.eu/justjanne/quassel-docker
docker run --rm --privileged multiarch/qemu-user-static:register --reset
-make \
- QUASSEL_BRANCH=0.13 \
- QUASSEL_VERSION=0.13.1
-make \
- QUASSEL_BRANCH=master \
- QUASSEL_REPO=https://github.com/quassel/quassel
+
+cd "$(dirname "$0")"
+
+docker build . \
+ -f Dockerfile.v0.13 \
+ --pull \
+ -t ${NAME}:v0.13.1 \
+ --build-arg BASE=alpine:3.10
+docker build . \
+ -f Dockerfile.v0.13 \
+ --pull \
+ -t ${NAME}:v0.13.1-aarch64 \
+ --build-arg BASE=multiarch/alpine:aarch64-v3.10
+docker build . \
+ -f Dockerfile.v0.13 \
+ --pull \
+ -t ${NAME}:v0.13.1-armhf \
+ --build-arg BASE=multiarch/alpine:armhf-v3.10
+
+docker tag ${NAME}:v0.13.1-aarch64 ${NAME}:aarch64
+docker tag ${NAME}:v0.13.1-armhf ${NAME}:armhf
+
+docker build . \
+ -f Dockerfile.trunk \
+ --pull \
+ -t ${NAME}:trunk \
+ --build-arg BASE=alpine:3.13
+docker build . \
+ -f Dockerfile.trunk \
+ --pull \
+ -t ${NAME}:trunk-aarch64 \
+ --build-arg BASE=multiarch/alpine:aarch64-v3.13
+docker build . \
+ -f Dockerfile.trunk \
+ --pull \
+ -t ${NAME}:trunk-armhf \
+ --build-arg BASE=multiarch/alpine:armhf-v3.13
+
+docker push \
+ ${NAME}:v0.13.1 \
+ ${NAME}:v0.13.1-aarch64 \
+ ${NAME}:v0.13.1-armhf \
+ ${NAME}:aarch64 \
+ ${NAME}:armhf \
+ ${NAME}:trunk \
+ ${NAME}:trunk-aarch64 \
+ ${NAME}:trunk-armhf