Upload files to "/"

jitsi_admin_application_dockerfile.txt

@@ -0,0 +1,68 @@
+FROM erseco/alpine-php-webserver:3.20.5
+
+ARG VERSION=
+ARG WEBDIR=/var/www/html
+
+LABEL version="${VERSION}" \
+    Maintainer="H2 invent GmbH" \
+    Description="Docker Image der Anwendung Jitsi Admin" \
+    org.opencontainers.version="${VERSION}" \
+    org.opencontainers.image.title="Jitsi Admin" \
+    org.opencontainers.image.license="AGPLv3" \
+    org.opencontainers.image.vendor="H2 invent GmbH" \
+    org.opencontainers.image.authors="Emanuel Holzmann <support@h2-invent.com>" \
+    org.opencontainers.image.source="https://github.com/h2-invent/jitsi-admin" \
+    org.opencontainers.image.documentation="https://meetling.de" \
+    org.opencontainers.image.url="https://jitsi-admin.de"
+
+USER root
+RUN apk --no-cache add \
+    unzip \
+    sqlite \
+    cronie \
+    libcap \
+    php83-sqlite3 \
+    php83-pdo_sqlite
+
+RUN mkdir /etc/service/crond \
+    && echo "#!/bin/sh -e" > /etc/service/crond/run \
+    && echo "exec 2>&1 /usr/sbin/crond -f" >> /etc/service/crond/run \
+    && chown -R nobody:nobody /etc/service/crond \
+    && chmod -R +x /etc/service/crond \
+    && chown nobody:nobody /usr/sbin/crond \
+    && setcap cap_setgid=ep /usr/sbin/crond \
+    && setcap cap_setuid=ep /usr/sbin/crond
+
+RUN mkdir /etc/service/symfony_messenger \
+    && echo "#!/bin/sh -e" > /etc/service/symfony_messenger/run \
+    && echo "exec 2>&1 php -d memory_limit=-1 ${WEBDIR}/bin/console messenger:consume async --memory-limit=512m --env=prod" >> /etc/service/symfony_messenger/run \
+    && chown -R nobody:nobody /etc/service/symfony_messenger \
+    && chmod -R +x /etc/service/symfony_messenger 
+
+RUN echo "# Docker Cron Jobs" > /etc/crontabs/nobody \
+    && echo "* * * * * curl http://localhost:8080/health/check" >> /etc/crontabs/nobody \
+    && chown nobody:nobody /etc/crontabs/nobody \
+    && chmod +x /etc/crontabs/nobody
+
+RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/symfony.sh \
+    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+    && echo "php ${WEBDIR}/bin/console doc:mig:mig --no-interaction" >> /docker-entrypoint-init.d/symfony.sh \
+    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+    && chmod +x /docker-entrypoint-init.d/*
+
+RUN wget https://github.com/H2-invent/jitsi-admin/releases/download/${VERSION}/application.zip -O artifact.zip \
+    && unzip artifact.zip -d ${WEBDIR} \
+    && chown -R nobody ${WEBDIR}/public \
+    && chown -R nobody ${WEBDIR}/var \
+    && chmod -R 700 ${WEBDIR}/public \
+    && chmod -R 700 ${WEBDIR}/var
+
+RUN apk del unzip \
+    && rm artifact.zip \
+    && rm -r ${WEBDIR}/var/cache \
+    && rm -rf /var/cache/apk/*
+
+USER nobody
+
+ENV nginx_root_directory=/var/www/html/public \
+    upload_max_filesize=10M

jitsi_admin_middleware_dockerfile.txt

@@ -0,0 +1,54 @@
+FROM erseco/alpine-php-webserver:3.20.5
+
+ARG VERSION=
+ARG WEBDIR=/var/www/html
+
+LABEL version="${VERSION}" \
+    Maintainer="H2 invent GmbH" \
+    Description="Meetling Livekit Middleware" \
+    org.opencontainers.version="${VERSION}" \
+    org.opencontainers.image.title="Meetling Livekit Middleware" \
+    org.opencontainers.image.license="INTERN" \
+    org.opencontainers.image.vendor="H2 invent GmbH" \
+    org.opencontainers.image.authors="Andreas Holzmann <support@h2-invent.com>" \
+    org.opencontainers.image.source="https://github.com/h2-invent/livekit" \
+    org.opencontainers.image.documentation="https://meetling.de" \
+    org.opencontainers.image.url="https://meetling.de"
+
+USER root
+
+RUN apk --no-cache add \
+    unzip \
+    cronie \
+    openssl
+
+RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/02-openssl.sh \
+    && echo "openssl genrsa -out ${WEBDIR}/private.pem" >> /docker-entrypoint-init.d/02-openssl.sh \
+    && echo "openssl rsa -in ${WEBDIR}/private.pem -pubout -out ${WEBDIR}/public/public.pem" >> /docker-entrypoint-init.d/02-openssl.sh \
+    && echo "chown nobody ${WEBDIR}/private.pem" >> /docker-entrypoint-init.d/02-openssl.sh \
+    && chmod +x /docker-entrypoint-init.d/*
+
+RUN --mount=type=secret,id=ARTIFACT_USER \
+    --mount=type=secret,id=ARTIFACT_SECRET \
+    --mount=type=secret,id=ARTIFACT_URL \
+    ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \
+    ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \
+    ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \
+    && wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \
+    && unzip artifact.zip -d ${WEBDIR} \
+    && chown -R nobody ${WEBDIR}/public \
+    && chown -R nobody ${WEBDIR}/var \
+    && chmod -R 700 ${WEBDIR}/public \
+    && chmod -R 700 ${WEBDIR}/var
+
+RUN apk del unzip \
+    && rm artifact.zip \
+    && rm ${WEBDIR}/private.pem \
+    && rm ${WEBDIR}/public/public.pem \
+    && rm -r ${WEBDIR}/var/cache \
+    && rm -rf /var/cache/apk/*
+
+USER nobody
+
+ENV nginx_root_directory=/var/www/html/public \
+    upload_max_filesize=10M

jitsi_admin_websocket_dockerfile.txt

@@ -0,0 +1,46 @@
+FROM erseco/alpine-php-webserver:3.20.5
+
+ARG VERSION=
+ARG WEBDIR=/var/www/html
+
+LABEL version="${VERSION}" \
+    Maintainer="H2 invent GmbH" \
+    Description="Docker Image Jitsi Admin Websocket" \
+    org.opencontainers.version="${VERSION}" \
+    org.opencontainers.image.title="Jitsi Admin" \
+    org.opencontainers.image.license="AGPLv3" \
+    org.opencontainers.image.vendor="H2 invent GmbH" \
+    org.opencontainers.image.authors="Emanuel Holzmann <support@h2-invent.com>" \
+    org.opencontainers.image.source="https://github.com/h2-invent/jitsi-admin" \
+    org.opencontainers.image.documentation="https://meetling.de" \
+    org.opencontainers.image.url="https://jitsi-admin.de"
+
+USER root
+RUN apk --no-cache add \
+    unzip \
+    nodejs \
+    cronie
+
+RUN rm -r /etc/service/nginx \
+    && rm -r /etc/service/php
+
+RUN mkdir /etc/service/websocket \
+    && echo "#!/bin/sh -e" > /etc/service/websocket/run \
+    && echo "exec 2>&1 /usr/bin/node ${WEBDIR}" >> /etc/service/websocket/run \
+    && chown -R nobody:nobody /etc/service/websocket \
+    && chmod +x /etc/service/websocket/run
+
+RUN wget https://github.com/H2-invent/jitsi-admin/releases/download/${VERSION}/websocket.zip -O artifact.zip \
+    && unzip artifact.zip -d ${WEBDIR} \
+    && chown -R nobody ${WEBDIR} \
+    && chmod -R 700 ${WEBDIR}
+
+RUN apk del unzip \
+    && rm artifact.zip \
+    && rm -rf /var/cache/apk/*
+
+EXPOSE 3000
+
+USER nobody
+
+HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:3000/healthz || exit 1

odc_dockerfile.txt

@@ -0,0 +1,63 @@
+FROM erseco/alpine-php-webserver:3.20.5
+
+ARG VERSION=
+ARG WEBDIR=/var/www/html
+
+LABEL version="${VERSION}" \
+    Maintainer="H2 invent GmbH" \
+    Description="Docker Image der Anwendung Open Datenschutzcenter" \
+    org.opencontainers.version="${VERSION}" \
+    org.opencontainers.image.title="Open Datenschutzcenter" \
+    org.opencontainers.image.license="AGPLv3" \
+    org.opencontainers.image.vendor="H2 invent GmbH" \
+    org.opencontainers.image.authors="Andreas Holzmann <support@h2-invent.com>" \
+    org.opencontainers.image.source="https://github.com/h2-invent/open-datenschutzcenter" \
+    org.opencontainers.image.documentation="https://open-datenschutzcenter.de" \
+    org.opencontainers.image.url="https://open-datenschutzcenter.de"
+
+USER root
+RUN apk --no-cache add \
+    unzip \
+    sqlite \
+    cronie \
+    libcap \
+    php83-sqlite3 \
+    php83-pdo_sqlite
+
+RUN mkdir /etc/service/crond \
+    && echo "#!/bin/sh -e" > /etc/service/crond/run \
+    && echo "exec 2>&1 /usr/sbin/crond -f" >> /etc/service/crond/run \
+    && chown -R nobody:nobody /etc/service/crond \
+    && chmod -R +x /etc/service/crond \
+    && chown nobody:nobody /usr/sbin/crond \
+    && setcap cap_setgid=ep /usr/sbin/crond \
+    && setcap cap_setuid=ep /usr/sbin/crond
+
+RUN echo "# Docker Cron Jobs" > /etc/crontabs/nobody \
+    && echo "* * * * * curl http://localhost:8080/health/check > /dev/null > 2>&1" >> /etc/crontabs/nobody \
+    && echo "0 1 * * * curl https://open-datenschutzcenter.de/health/check > /dev/null > 2>&1" >> /etc/crontabs/nobody \
+    && chown nobody:nobody /etc/crontabs/nobody \
+    && chmod +x /etc/crontabs/nobody
+
+RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/symfony.sh \
+    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+    && echo "php ${WEBDIR}/bin/console doc:mig:mig --no-interaction" >> /docker-entrypoint-init.d/symfony.sh \
+    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+    && chmod +x /docker-entrypoint-init.d/*
+
+RUN wget https://github.com/H2-invent/open-datenschutzcenter/releases/download/${VERSION}/application.zip -O artifact.zip \
+    && unzip artifact.zip -d ${WEBDIR} \
+    && chown -R nobody ${WEBDIR}/public \
+    && chown -R nobody ${WEBDIR}/var \
+    && chmod -R 700 ${WEBDIR}/public \
+    && chmod -R 700 ${WEBDIR}/var
+
+RUN apk del unzip \
+    && rm artifact.zip \
+    && rm -r ${WEBDIR}/var/cache \
+    && rm -rf /var/cache/apk/*
+
+USER nobody
+
+ENV nginx_root_directory=/var/www/html/public \
+    upload_max_filesize=10M

skib_application_dockerfile.txt

@@ -0,0 +1,65 @@
+FROM erseco/alpine-php-webserver:3.20.5
+
+ARG VERSION=
+ARG WEBDIR=/var/www/html
+
+LABEL version="${VERSION}" \
+    Maintainer="H2 invent GmbH" \
+    Description="Docker Image der Anwendung Unsere Schulkindbetreuung" \
+    org.opencontainers.version="${VERSION}" \
+    org.opencontainers.image.title="Unsere Schulkindbetreuung" \
+    org.opencontainers.image.license="INTERNAL" \
+    org.opencontainers.image.vendor="H2 invent GmbH" \
+    org.opencontainers.image.authors="Andreas Holzmann <support@h2-invent.com>" \
+    org.opencontainers.image.source="https://github.com/h2-invent/skb" \
+    org.opencontainers.image.documentation="https://unsere-schulkindbetreuung.de" \
+    org.opencontainers.image.url="https://unsere-schulkindbetreuung.de"
+
+USER root
+RUN apk --no-cache add \
+    unzip \
+    cronie \
+    libcap
+
+RUN mkdir /etc/service/crond \
+    && echo "#!/bin/sh -e" > /etc/service/crond/run \
+    && echo "exec 2>&1 /usr/sbin/crond -f" >> /etc/service/crond/run \
+    && chown -R nobody:nobody /etc/service/crond \
+    && chmod -R +x /etc/service/crond \
+    && chown nobody:nobody /usr/sbin/crond \
+    && setcap cap_setgid=ep /usr/sbin/crond \
+    && setcap cap_setuid=ep /usr/sbin/crond
+
+RUN echo "# Docker Cron Jobs" > /etc/crontabs/nobody \
+    && echo "*/10 * * * * php ${WEBDIR}/bin/console app:stats > /dev/null > 2>&1" >> /etc/crontabs/nobody \
+    && chown nobody:nobody /etc/crontabs/nobody \
+    && chmod +x /etc/crontabs/nobody
+
+#RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/symfony.sh \
+#    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+#    && echo "php ${WEBDIR}/bin/console doc:mig:mig --no-interaction" >> /docker-entrypoint-init.d/symfony.sh \
+#    && echo "php ${WEBDIR}/bin/console cache:clear" >> /docker-entrypoint-init.d/symfony.sh \
+#    && chmod +x /docker-entrypoint-init.d/*
+
+RUN --mount=type=secret,id=ARTIFACT_USER \
+    --mount=type=secret,id=ARTIFACT_SECRET \
+    --mount=type=secret,id=ARTIFACT_URL \
+    ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \
+    ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \
+    ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \
+    && wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \
+    && unzip artifact.zip -d ${WEBDIR} \
+    && chown -R nobody ${WEBDIR}/public \
+    && chown -R nobody ${WEBDIR}/var \
+    && chmod -R 700 ${WEBDIR}/public \
+    && chmod -R 700 ${WEBDIR}/var
+
+RUN apk del unzip \
+    && rm artifact.zip \
+    && rm -r ${WEBDIR}/var/cache \
+    && rm -rf /var/cache/apk/*
+
+USER nobody
+
+ENV nginx_root_directory=/var/www/html/public \
+    upload_max_filesize=10M