LAB-linuxserver/docker-mods
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-mods.git synced 2026-03-23 00:05:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add lscr.io support

Browse Source
This commit is contained in:
TheSpad 2023-05-24 17:42:04 +01:00
parent 09945c5b9e
commit 3a8a291866
No known key found for this signature in database
GPG Key ID: 08F06191F4587860
2 changed files with 41 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -2,6 +2,7 @@
These files are used by Linuxserver build processes to handle mods in our images. Not for end-user consumption.
* **25.05.23:** - Add lscr.io support for mods.
* **16.05.23:** - Add package installer.
* **15.05.23:** - Add DOCKER_MODS_DEBUG env.
* **19.03.23:** - Add quay.io support for mods.

45
docker-mods.v3
View File

@ -175,6 +175,7 @@ get_blob_sha() {
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
--header "Accept: application/vnd.oci.image.index.v1+json" \
--header "Authorization: Bearer ${1}" \
--user-agent "Mozilla/5.0 (Linux $(uname -m)) linuxserver/mods:${TAG}" \
"${2}/${3}" | jq -r 'first(.manifests[].digest)?')
if [[ -z "${MULTIDIGEST}" ]]; then
if DIGEST=$(curl -f --retry 10 --retry-max-time 60 --retry-connrefused \
@ -184,6 +185,7 @@ get_blob_sha() {
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
--header "Accept: application/vnd.oci.image.manifest.v1+json" \
--header "Authorization: Bearer ${1}" \
--user-agent "Mozilla/5.0 (Linux $(uname -m)) linuxserver/mods:${TAG}" \
"${2}/${3}"); then
echo "${DIGEST}" | jq -r '.layers[0].digest';
fi
@ -195,6 +197,7 @@ get_blob_sha() {
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
--header "Accept: application/vnd.oci.image.manifest.v1+json" \
--header "Authorization: Bearer ${1}" \
--user-agent "Mozilla/5.0 (Linux $(uname -m)) linuxserver/mods:${TAG}" \
"${2}/${MULTIDIGEST}"); then
echo "${DIGEST}" | jq -r '.layers[0].digest';
fi
@ -208,7 +211,19 @@ run_mods() {
# Support alternative endpoints
case "${DOCKER_MOD}" in
linuxserver/* )
REGISTRY="ghcr.io"
[[ ${DOCKER_MODS_FORCE_REGISTRY,,} = "true" ]] && REGISTRY="registry-1.docker.io" || REGISTRY="lscr.io"
;;
docker.io/linuxserver/* )
[[ ${DOCKER_MODS_FORCE_REGISTRY,,} = "true" ]] && REGISTRY="registry-1.docker.io" || REGISTRY="lscr.io"
DOCKER_MOD="${DOCKER_MOD#docker.io/*}"
;;
ghcr.io/linuxserver/* )
[[ ${DOCKER_MODS_FORCE_REGISTRY,,} = "true" ]] && REGISTRY="ghcr.io" || REGISTRY="lscr.io"
DOCKER_MOD="${DOCKER_MOD#ghcr.io/*}"
;;
lscr.io/* )
REGISTRY="lscr.io"
DOCKER_MOD="${DOCKER_MOD#lscr.io/*}"
;;
ghcr.io/* )
REGISTRY="ghcr.io"
@ -237,6 +252,7 @@ run_mods() {
MANIFEST_URL="https://${REGISTRY}/v2/${ENDPOINT}/manifests"
BLOB_URL="https://${REGISTRY}/v2/${ENDPOINT}/blobs/"
case "${REGISTRY}" in
"lscr.io") AUTH_URL="https://ghcr.io/token?scope=repository%3A${USERNAME}%2F${REPO}%3Apull";;
"ghcr.io") AUTH_URL="https://ghcr.io/token?scope=repository%3A${USERNAME}%2F${REPO}%3Apull";;
"quay.io") AUTH_URL="https://quay.io/v2/auth?service=quay.io&scope=repository%3A${USERNAME}%2F${REPO}%3Apull";;
"registry-1.docker.io") AUTH_URL="https://auth.docker.io/token?service=registry.docker.io&scope=repository:${ENDPOINT}:pull";;
@ -252,15 +268,31 @@ run_mods() {
fi
fi
done
echo "[mod-init] Applying ${DOCKER_MOD} files to container"
# Get Dockerhub token for api operations
echo "[mod-init] Adding ${DOCKER_MOD} to container"
# Get registry token for api operations
TOKEN="$(
curl -f --retry 10 --retry-max-time 60 --retry-connrefused \
${CURL_NOISE_LEVEL} \
--header 'GET' \
--request GET \
"${AUTH_URL}" |
jq -r '.token'
)"
# If we're using lscr try and get the manifest from ghcr, if it fails re-request a token from Docker Hub
if [[ "${REGISTRY}" == "lscr.io" ]]; then
if [[ -n $(curl -sLH "Authorization: Bearer ${TOKEN}" "${MANIFEST_URL}/${TAG}" | jq -r '.errors' >/dev/null 2>&1) ]]; then
AUTH_URL="https://auth.docker.io/token?service=registry.docker.io&scope=repository:${ENDPOINT}:pull"
TOKEN="$(
curl -f --retry 10 --retry-max-time 60 --retry-connrefused \
${CURL_NOISE_LEVEL} \
--request GET \
"${AUTH_URL}" |
jq -r '.token'
)"
fi
fi
if [[ ${DOCKER_MODS_DEBUG,,} = "true" ]]; then
echo "[mod-init] Using ${AUTH_URL} as auth endpoint"
fi
# Determine first and only layer of image
SHALAYER=$(get_blob_sha "${TOKEN}" "${MANIFEST_URL}" "${TAG}")
if [[ -z "${SHALAYER}" ]]; then
@ -271,19 +303,22 @@ run_mods() {
if [[ -f "/${FILENAME}" ]] && [[ "${SHALAYER}" == "$(cat /"${FILENAME}")" ]]; then
echo "[mod-init] ${DOCKER_MOD} at ${SHALAYER} has been previously applied skipping"
else
echo "[mod-init] Downloading ${DOCKER_MOD} from ${REGISTRY}"
# Download and extract layer to /
curl -f --retry 10 --retry-max-time 60 --retry-all-errors \
${CURL_NOISE_LEVEL} \
--location \
--request GET \
--header "Authorization: Bearer ${TOKEN}" \
--user-agent "Mozilla/5.0 (Linux $(uname -m)) linuxserver/mods:${TAG}" \
"${BLOB_URL}${SHALAYER}" -o \
/modtarball.tar.xz
mkdir -p /tmp/mod
if ! tar -tzf /modtarball.tar.xz >/dev/null 2>&1; then
echo "Invalid tarball, could not download ${DOCKER_MOD}"
echo "[mod-init] Invalid tarball, could not download ${DOCKER_MOD} from ${REGISTRY}"
continue
fi
echo "[mod-init] Installing ${DOCKER_MOD}"
tar xzf /modtarball.tar.xz -C /tmp/mod
if [[ -d /tmp/mod/etc/s6-overlay ]]; then
if [[ -d /tmp/mod/etc/cont-init.d ]]; then