LAB-linuxserver/docker-mods
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-mods.git synced 2026-03-23 00:05:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #926 from linuxserver/master-clean-tree

Browse Source 
Remove example files, direct users to template branch, standardise links
This commit is contained in:
Adam 2024-07-17 15:08:50 +01:00 committed by GitHub
commit 012acfbb03
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
19 changed files with 84 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.github/CONTRIBUTING.md vendored Normal file
View File

@ -0,0 +1,9 @@
# Contributing to mods
## Gotchas
* While contributing make sure to make all your changes before creating a Pull Request, as our pipeline builds each commit after the PR is open.
* Read, and fill the Pull Request template
* If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR
* If the PR is addressing an existing issue include, closes #\<issue number>, in the body of the PR commit message
* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://discord.gg/YWrKVTn)

43
.github/PULL_REQUEST_TEMPLATE.md vendored Normal file
View File

@ -0,0 +1,43 @@
<!--- Provide a general summary of your changes in the Title above -->
[linuxserverurl]: https://linuxserver.io
[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl]
<!--- Before submitting a pull request please check the following -->
<!--- If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR -->
<!--- Ask yourself if this modification is something the whole userbase will benefit from, if this is a specific change for corner case functionality or plugins please look at making a Docker Mod or local script https://blog.linuxserver.io/2019/09/14/customizing-our-containers/ -->
<!--- That if the PR is addressing an existing issue include, closes #<issue number> , in the body of the PR commit message -->
<!--- You have included links to any files / patches etc your PR may be using in the body of the PR commit message -->
<!--- We maintain a changelog of major revisions to the container at the end of readme-vars.yml in the root of this repository, please add your changes there if appropriate -->
<!--- Coding guidelines: -->
<!--- 1. Installed packages in the Dockerfiles should be in alphabetical order -->
<!--- 2. Changes to Dockerfile should be replicated in Dockerfile.armhf and Dockerfile.aarch64 if applicable -->
<!--- 3. Indentation style (tabs vs 4 spaces vs 1 space) should match the rest of the document -->
<!--- 4. Readme is auto generated from readme-vars.yml, make your changes there -->
------------------------------
- [ ] I have read the [contributing](https://github.com/linuxserver/docker-mods/blob/main/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
------------------------------
<!--- We welcome all PRs though this doesnt guarantee it will be accepted. -->
## Description:
<!--- Describe your changes in detail -->
## Benefits of this PR and context:
<!--- Please explain why we should accept this PR. If this fixes an outstanding bug, please reference the issue # -->
## How Has This Been Tested?
<!--- Please describe in detail how you tested your changes. -->
<!--- Include details of your testing environment, and the tests you ran to -->
<!--- see how your change affects other areas of the code, etc. -->
## Source / References:
<!--- Please include any forum posts/github links relevant to the PR -->

61
.github/workflows/BuildImage.yml vendored
View File

@ -1,61 +0,0 @@
name: Build Image
on: [push, pull_request, workflow_dispatch]
env:
ENDPOINT: "user/endpoint"
BRANCH: "master"
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.3
- name: Build image
run: |
docker build --no-cache -t ${{ github.sha }} .
- name: Tag image
if: ${{ github.ref == format('refs/heads/{0}', env.BRANCH) && env.ENDPOINT != 'user/endpoint' }}
run: |
docker tag ${{ github.sha }} ${ENDPOINT}
docker tag ${{ github.sha }} ${ENDPOINT}:${{ github.sha }}
docker tag ${{ github.sha }} ghcr.io/${ENDPOINT}
docker tag ${{ github.sha }} ghcr.io/${ENDPOINT}:${{ github.sha }}
- name: Credential check
if: ${{ github.ref == format('refs/heads/{0}', env.BRANCH) && env.ENDPOINT != 'user/endpoint' }}
run: |
echo "CR_USER=${{ secrets.CR_USER }}" >> $GITHUB_ENV
echo "CR_PAT=${{ secrets.CR_PAT }}" >> $GITHUB_ENV
echo "DOCKERUSER=${{ secrets.DOCKERUSER }}" >> $GITHUB_ENV
echo "DOCKERPASS=${{ secrets.DOCKERPASS }}" >> $GITHUB_ENV
if [[ "${{ secrets.CR_USER }}" == "" && "${{ secrets.CR_PAT }}" == "" && "${{ secrets.DOCKERUSER }}" == "" && "${{ secrets.DOCKERPASS }}" == "" ]]; then
echo "::error::Push credential secrets missing."
echo "::error::You must set either CR_USER & CR_PAT or DOCKERUSER & DOCKERPASS as secrets in your repo settings."
echo "::error::See https://github.com/linuxserver/docker-mods/blob/master/README.md for more information/instructions."
exit 1
fi
- name: Login to GitHub Container Registry
if: ${{ github.ref == format('refs/heads/{0}', env.BRANCH) && env.CR_USER && env.CR_PAT && env.ENDPOINT != 'user/endpoint' }}
run: |
echo "${{ secrets.CR_PAT }}" | docker login ghcr.io -u ${{ secrets.CR_USER }} --password-stdin
- name: Push tags to GitHub Container Registry
if: ${{ github.ref == format('refs/heads/{0}', env.BRANCH) && env.CR_USER && env.CR_PAT && env.ENDPOINT != 'user/endpoint' }}
run: |
docker push ghcr.io/${ENDPOINT}:${{ github.sha }}
docker push ghcr.io/${ENDPOINT}
- name: Login to DockerHub
if: ${{ github.ref == format('refs/heads/{0}', env.BRANCH) && env.DOCKERUSER && env.DOCKERPASS && env.ENDPOINT != 'user/endpoint' }}
run: |
echo ${{ secrets.DOCKERPASS }} | docker login -u ${{ secrets.DOCKERUSER }} --password-stdin
- name: Push tags to DockerHub
if: ${{ github.ref == format('refs/heads/{0}', env.BRANCH) && env.DOCKERUSER && env.DOCKERPASS && env.ENDPOINT != 'user/endpoint' }}
run: |
docker push ${ENDPOINT}:${{ github.sha }}
docker push ${ENDPOINT}

10
.github/workflows/permissions.yml vendored
View File

@ -1,10 +0,0 @@
name: Permission check
on:
pull_request_target:
paths:
- '**/run'
- '**/finish'
- '**/check'
jobs:
permission_check:
uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1

4
Dockerfile
View File

@ -1,4 +0,0 @@
FROM scratch
# copy local files
COPY root/ /

21
Dockerfile.complex
View File

@ -1,21 +0,0 @@
## Buildstage ##
FROM ghcr.io/linuxserver/baseimage-alpine:3.12 as buildstage
RUN \
echo "**** install packages ****" && \
apk add --no-cache \
curl && \
echo "**** grab rclone ****" && \
mkdir -p /root-layer && \
curl -o \
/root-layer/rclone.deb -L \
"https://downloads.rclone.org/v1.47.0/rclone-v1.47.0-linux-amd64.deb"
# copy local files
COPY root/ /root-layer/
## Single layer deployed image ##
FROM scratch
# Add files from buildstage
COPY --from=buildstage /root-layer/ /

58
README.md
View File

@ -9,7 +9,7 @@ This allows:
* Zero cost hosting and build pipelines for these modifications leveraging GitHub Container Registry and Dockerhub
* Full custom configuration management layers for hooking containers into each other using environment variables contained in a compose file
It is important to note to end users of this system that there are not only extreme security implications to consuming files from souces outside of our control, but by leveraging community Mods you essentially lose direct support from the core LinuxServer team. Our first and foremost troubleshooting step will be to remove the `DOCKER_MODS` environment variable when running into issues and replace the container with a clean LSIO one.
It is important to note to end users of this system that there are not only extreme security implications to consuming files from sources outside of our control, but by leveraging community Mods you essentially lose direct support from the core LinuxServer team. Our first and foremost troubleshooting step will be to remove the `DOCKER_MODS` environment variable when running into issues and replace the container with a clean LSIO one.
Again, when pulling in logic from external sources practice caution and trust the sources/community you get them from.
@ -17,7 +17,7 @@ Again, when pulling in logic from external sources practice caution and trust th
We host and publish official Mods at the [linuxserver/mods](https://github.com/orgs/linuxserver/packages/container/mods/versions) endpoint as separate tags. Each tag is in the format of `<imagename>-<modname>` for the latest versions, and `<imagename>-<modname>-<commitsha>` for the specific versions.
Here's a list of the official Mods we host: <https://mods.linuxserver.io/>
Here's a list of the official Mods we host: [https://mods.linuxserver.io/](https://mods.linuxserver.io/)
## Using a Docker Mod
@ -31,49 +31,53 @@ Consumption of a Docker Mod is intended to be as user friendly as possible and c
Full example:
docker run
```bash
docker create \
--name=nzbget \
-e DOCKER_MODS=taisun/nzbget-mod:latest \
-e DOCKER_MODS=lscr.io/linuxserver/mods:universal-tshoot \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Europe/London \
-p 6789:6789 \
-v <path to data>:/config \
-v <path/to/downloads>:/downloads \
-v /path/to/nzbget/data:/config \
-v /path/to/downloads:/downloads \
--restart unless-stopped \
linuxserver/nzbget
lscr.io/linuxserver/nzbget
```
docker compose
```yaml
---
services:
nzbget:
image: linuxserver/nzbget:latest
image: lscr.io/linuxserver/nzbget:latest
container_name: nzbget
environment:
- DOCKER_MODS=taisun/nzbget-mod:latest
- DOCKER_MODS=lscr.io/linuxserver/mods:universal-tshoot
- PUID=1000
- PGID=1000
- TZ=Europe/London
volumes:
- /path/to/data:/config
- /path/to/nzbget/data:/config
- /path/to/downloads:/downloads #optional
ports:
- 6789:6789
restart: unless-stopped
```
This will spinup an nzbget container and apply the custom logic found in the following repository:
This will spin up an nzbget container and apply the custom logic found in the following repository:
<https://github.com/Taisun-Docker/Linuxserver-Mod-Demo>
[https://github.com/linuxserver/docker-mods/tree/universal-tshoot](https://github.com/linuxserver/docker-mods/tree/universal-tshoot)
This basic demo installs Pip and a couple dependencies for plugins some users leverage with nzbget.
This mod installs some basic troubleshooting tools such as dig, netstat, nslookup, etc.
## Creating and maintaining a Docker Mod
We will always recommend to our users consuming Mods that they leverage ones from active community members or projects so transparency is key here. We understand that image layers can be pushed on the back end behind these pipelines, but every little bit helps.
In this repository we will be going over two basic methods of making a Mod along with an example of the GitHub Actions build logic to get this into a Dockerhub and/or GitHub Container Registry endpoint. Though we are not officially endorsing GitHub Actions here it is built in to GitHub repositories and forks making it very easy to get started. If you prefer others feel free to use them as long as build jobs are transparent.
**All of the example files referenced in this section are available in the [template](https://github.com/linuxserver/docker-mods/tree/template) branch of this repo.**
We will always recommend to our users consuming Mods that they leverage ones from active community members or projects so transparency is key here. We understand that image layers can be pushed on the back end behind these pipelines, but every little bit helps. In this repository we will be going over two basic methods of making a Mod along with an example of the GitHub Actions build logic to get this into a Dockerhub and/or GitHub Container Registry endpoint. Though we are not officially endorsing GitHub Actions here it is built in to GitHub repositories and forks making it very easy to get started. If you prefer others feel free to use them as long as build jobs are transparent.
> **Note**
> One of the core ideas to remember when creating a Mod is that it can only contain a **single image layer**, the examples below will show you how to add files standardly and how to run complex logic to assemble the files in a build layer to copy them over into this single layer.
@ -186,7 +190,7 @@ In this repository you will find the `Dockerfile.complex` containing:
```Dockerfile
## Buildstage ##
FROM ghcr.io/linuxserver/baseimage-alpine:3.12 as buildstage
FROM ghcr.io/linuxserver/baseimage-alpine:3.20 as buildstage
RUN \
echo "**** install packages ****" && \
@ -208,14 +212,14 @@ FROM scratch
COPY --from=buildstage /root-layer/ /
```
Here we are leveraging a multi stage DockerFile to run custom logic and pull down an Rclone deb from the Internet to include in our image layer for distribution. Any amount of logic can be run in this build stage or even multiple build stages as long as the files in the end are combined into a single folder for the COPY command in the final output.
Here we are leveraging a multi stage DockerFile to run custom logic and pull down an rclone deb from the Internet to include in our image layer for distribution. Any amount of logic can be run in this build stage or even multiple build stages as long as the files in the end are combined into a single folder for the COPY command in the final output.
## Getting a Mod to Dockerhub
To publish a Mod to DockerHub you will need the following accounts:
* Github- <https://github.com/join>
* DockerHub- <https://hub.docker.com/signup>
* Github- [https://github.com/join](https://github.com/join)
* DockerHub- [https://hub.docker.com/signup](https://hub.docker.com/signup)
We recommend using this repository as a template for your first Mod, so in this section we assume the code is finished and we will only concentrate on plugging into GitHub Actions/Dockerhub.
@ -232,7 +236,7 @@ Head over to `https://github.com/user/endpoint/settings/secrets` and click on `N
Add `DOCKERUSER` (your DockerHub username) and `DOCKERPASS` (your DockerHub password or token).
You can create a token by visiting <https://hub.docker.com/settings/security>
You can create a token by visiting [https://hub.docker.com/settings/security](https://hub.docker.com/settings/security)
GitHub Actions will trigger a build off of your repo when you commit. The image will be pushed to Dockerhub on success. This Dockerhub endpoint is the Mod variable you can use to customize your container now.
@ -240,7 +244,7 @@ GitHub Actions will trigger a build off of your repo when you commit. The image
To publish a Mod to GitHub Container Registry you will need the following accounts:
* Github- <https://github.com/join>
* Github- [https://github.com/join](https://github.com/join)
We recommend using this repository as a template for your first Mod, so in this section we assume the code is finished and we will only concentrate on plugging into GitHub Actions/GitHub Container Registry.
@ -251,13 +255,13 @@ The only code change you need to make to the build logic file `.github/workflows
BRANCH: "master"
```
User is your GitHub user and endpoint is your own custom name (typically the name of the repository where your mod is). You do not need to create this endpoint beforehand, the build logic will push it and create it on first run.
`user` is your GitHub user and `endpoint` is your own custom name (typically the name of the repository where your mod is). You do not need to create this endpoint beforehand, the build logic will push it and create it on first run.
Head over to `https://github.com/user/endpoint/settings/secrets` and click on `New secret`
Head over to `https://github.com/<user>/<endpoint>/settings/secrets` and click on `New secret`
Add `CR_USER` (your GitHub username) and `CR_PAT` (a personal access token with `read:packages` and `write:packages` scopes).
You can create a personal access token by visiting <https://github.com/settings/tokens>
You can create a personal access token by visiting [https://github.com/settings/tokens](https://github.com/settings/tokens)
GitHub Actions will trigger a build off of your repo when you commit. The image will be pushed to GitHub Container Registry on success. This GitHub Container Registry endpoint is the Mod variable you can use to customize your container now.
@ -284,18 +288,20 @@ s6 init files must be encoded in plain `UTF-8`, and not `UTF-8 with BOM`. You ca
To inspect the file contents of external Mods dive is a great CLI tool:
<https://github.com/wagoodman/dive>
[https://github.com/wagoodman/dive](https://github.com/wagoodman/dive)
Basic usage:
**Unix w/ Docker**
#### With Docker
```bash
docker run --rm -it \
-v /var/run/docker.sock:/var/run/docker.sock \
wagoodman/dive:latest <Image Name>
```
**w/o Docker**
#### Without Docker
```bash
dive <Image Name>
```

24
root/etc/cont-init.d/98-vpn-config
View File

@ -1,24 +0,0 @@
#!/usr/bin/with-contenv bash
if [ -f /usr/bin/apt ]; then
## Ubuntu
apt-get update
apt-get install --no-install-recommends -y \
iptables \
openssh-client \
python3 \
python3-pip
pip3 install sshuttle
fi
if [ -f /sbin/apk ]; then
# Alpine
apk add --no-cache \
iptables \
openssh \
py3-pip \
python3
pip3 install sshuttle
fi
chown -R root:root /root
chmod -R 600 /root/.ssh

0
root/etc/s6-overlay/s6-rc.d/init-mod-universal-sshvpn/dependencies.d/init-mods
View File

25
root/etc/s6-overlay/s6-rc.d/init-mod-universal-sshvpn/run
View File

@ -1,25 +0,0 @@
#!/usr/bin/with-contenv bash
if [ -f /usr/bin/apt ]; then
## Ubuntu
echo "\
iptables \
openssh-client \
python3 \
python3-pip" >> /mod-repo-packages-to-install.list
fi
if [ -f /sbin/apk ]; then
# Alpine
echo "\
iptables \
openssh \
python3 \
py3-pip" >> /mod-repo-packages-to-install.list
fi
echo "\
sshuttle" >> /mod-pip-packages-to-install.list
chown -R root:root /root
chmod -R 600 /root/.ssh

1
root/etc/s6-overlay/s6-rc.d/init-mod-universal-sshvpn/type
View File

@ -1 +0,0 @@
oneshot

1
root/etc/s6-overlay/s6-rc.d/init-mod-universal-sshvpn/up
View File

@ -1 +0,0 @@
/etc/s6-overlay/s6-rc.d/init-mod-universal-sshvpn/run

0
root/etc/s6-overlay/s6-rc.d/init-mods-package-install/dependencies.d/init-mod-universal-sshvpn
View File

0
root/etc/s6-overlay/s6-rc.d/svc-mod-universal-sshvpn/dependencies.d/init-services
View File

3
root/etc/s6-overlay/s6-rc.d/svc-mod-universal-sshvpn/run
View File

@ -1,3 +0,0 @@
#!/usr/bin/with-contenv bash
sshuttle --dns --remote root@${HOST}:${PORT} 0/0 -x 172.17.0.0/16

1
root/etc/s6-overlay/s6-rc.d/svc-mod-universal-sshvpn/type
View File

@ -1 +0,0 @@
longrun

0
root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mod-universal-sshvpn
View File

0
root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-mod-universal-sshvpn
View File

3
root/etc/services.d/sshvpn/run
View File

@ -1,3 +0,0 @@
#!/usr/bin/with-contenv bash
sshuttle --dns --remote root@${HOST}:${PORT} 0/0 -x 172.17.0.0/16