diff --git a/.github/renovate.json5 b/.github/renovate.json5 new file mode 100644 index 0000000..892ed9d --- /dev/null +++ b/.github/renovate.json5 @@ -0,0 +1,10 @@ +{ + extends: ["config:base"], + dependencyDashboard: false, + packageRules: [ + { + matchUpdateTypes: ["minor", "patch", "pin", "digest"], + automerge: true, + }, + ], +} diff --git a/.github/workflows/autorelease.yml b/.github/workflows/autorelease.yml new file mode 100644 index 0000000..ab7d6ef --- /dev/null +++ b/.github/workflows/autorelease.yml @@ -0,0 +1,16 @@ +name: Release + +on: + push: + tags: + - "v[0-9].*.*" + +jobs: + build: + runs-on: ubuntu-latest + name: Build image + steps: + - name: ๐Ÿš€ Release new version + uses: softprops/action-gh-release@v1 + with: + generate_release_notes: true diff --git a/.github/workflows/autotag.yml b/.github/workflows/autotag.yml new file mode 100644 index 0000000..d709b94 --- /dev/null +++ b/.github/workflows/autotag.yml @@ -0,0 +1,24 @@ +name: Auto-create new tag + +on: + push: + branches: + - main + paths: + - "Dockerfile" + - "tailscale.sh" + +jobs: + auto-tag: + runs-on: ubuntu-latest + steps: + - name: โคต๏ธ Check out code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + token: ${{ secrets.GH_PAT }} + + - name: ๐Ÿท Create new tag + uses: valitydev/action-autotag@v1 + env: + GITHUB_TOKEN: ${{ secrets.GH_PAT }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..9044359 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,53 @@ +name: Build + +on: + pull_request: + branches: + - "*" + push: + tags: + - "v[0-9].*.*" + +jobs: + build: + runs-on: ubuntu-latest + name: Build image + steps: + - name: ๐Ÿ“ฅ Checkout the repository + uses: actions/checkout@v3 + + - name: ๐Ÿ— Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: ๐Ÿ— Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: ๐Ÿช„ Extract metadata (tags, labels) + id: meta + uses: docker/metadata-action@v3 + with: + images: | + ghcr.io/${{ github.repository }} + tags: | + type=ref,event=pr + type=semver,pattern=v{{version}} + type=semver,pattern=v{{major}}.{{minor}} + type=semver,pattern=v{{major}} + + - name: ๐Ÿ”“ Registry login + if: github.event_name == 'push' + uses: docker/login-action@v1.14.1 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: ๐Ÿ› ๏ธ Build image + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64,linux/arm/v7 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + push: ${{ github.event_name == 'push' }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..7044602 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,44 @@ +name: Lint + +on: + pull_request: + branches: + - main + +jobs: + yamllint: + name: yamllint + runs-on: ubuntu-latest + steps: + - name: โคต๏ธ Check out code + uses: actions/checkout@v3 + + - name: ๐Ÿš€ Run yamllint + uses: reviewdog/action-yamllint@v1 + with: + filter_mode: added + yamllint_flags: ". --no-warnings" + + hadolint: + name: hadolint + runs-on: ubuntu-latest + steps: + - name: โคต๏ธ Check out code + uses: actions/checkout@v3 + + - name: ๐Ÿš€ Run hadolint + uses: reviewdog/action-hadolint@v1 + with: + filter_mode: added + + shellcheck: + name: shellcheck + runs-on: ubuntu-latest + steps: + - name: โคต๏ธ Check out code + uses: actions/checkout@v3 + + - name: ๐Ÿš€ Run shellcheck + uses: reviewdog/action-shellcheck@v1 + with: + filter_mode: added diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..810768b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,15 @@ +FROM weejewel/wg-easy:5 + +# hadolint ignore=DL3022,DL3023 +COPY --from=mindflavor/prometheus-wireguard-exporter:3.5.1 /usr/local/bin/prometheus_wireguard_exporter /usr/local/bin/ + +RUN apk add -U --no-cache \ + wireguard-tools=1.0.20210914-r0 + +COPY entrypoint.sh /app/entrypoint.sh +RUN chmod +x /app/entrypoint.sh + +EXPOSE 9586/tcp + +ENTRYPOINT ["/app/entrypoint.sh"] +CMD ["/usr/bin/dumb-init", "node", "server.js"] diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..c4ff122 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +/usr/local/bin/prometheus_wireguard_exporter -n /etc/wireguard/wg0.conf & + +exec "$@" & + +wait -n + +exit $?