UnbalancedCat/hexo-deploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dca4f11e0d96577808f21a6d75fdb557d33ee045
hexo-deploy/arch/origin/Dockerfile.working
UnbalancedCat dca4f11e0d v0.0.3 published
2025-06-02 11:27:10 +08:00

99 lines
4.2 KiB
Docker
Raw Blame History

FROM ubuntu:22.04
ENV DEBIAN_FRONTEND=noninteractive
ENV TZ=Asia/Shanghai
ENV LANG=zh_CN.UTF-8
# Set timezone and locale
RUN ln -sf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone
# Install packages
RUN apt-get update && \
apt-get install -y --no-install-recommends \
openssh-server \
git \
nginx-full \
gettext-base \
curl \
locales && \
sed -i 's/# zh_CN.UTF-8 UTF-8/zh_CN.UTF-8 UTF-8/' /etc/locale.gen && \
locale-gen && \
update-locale LANG=zh_CN.UTF-8 && \
rm -rf /var/lib/apt/lists/*
# Create hexo user for security
RUN groupadd -r hexo && \
useradd -r -g hexo -d /home/hexo -s /bin/bash hexo
# Create directories
RUN mkdir -p /home/hexo/.ssh && \
mkdir -p /home/www/hexo && \
mkdir -p /home/www/ssl && \
mkdir -p /var/run/sshd && \
mkdir -p /var/log/container && \
mkdir -p /var/log/nginx && \
mkdir -p /etc/container/templates
# Setup Git repository for deployment
RUN git init --bare /home/hexo/hexo.git && \
echo '#!/bin/bash' > /home/hexo/hexo.git/hooks/post-receive && \
echo 'git --work-tree=/home/www/hexo --git-dir=/home/hexo/hexo.git checkout -f' >> /home/hexo/hexo.git/hooks/post-receive && \
echo 'chown -R hexo:hexo /home/www/hexo' >> /home/hexo/hexo.git/hooks/post-receive && \
chmod +x /home/hexo/hexo.git/hooks/post-receive
# Create SSH config template
RUN echo 'Port 22' > /etc/container/templates/sshd_config.template && \
echo 'PermitRootLogin no' >> /etc/container/templates/sshd_config.template && \
echo 'PubkeyAuthentication yes' >> /etc/container/templates/sshd_config.template && \
echo 'AuthorizedKeysFile .ssh/authorized_keys' >> /etc/container/templates/sshd_config.template && \
echo 'PasswordAuthentication no' >> /etc/container/templates/sshd_config.template && \
echo 'AllowUsers hexo' >> /etc/container/templates/sshd_config.template
# Create Nginx config template
RUN echo 'user hexo;' > /etc/container/templates/nginx.conf.template && \
echo 'worker_processes auto;' >> /etc/container/templates/nginx.conf.template && \
echo 'events { worker_connections 1024; }' >> /etc/container/templates/nginx.conf.template && \
echo 'http {' >> /etc/container/templates/nginx.conf.template && \
echo ' include /etc/nginx/mime.types;' >> /etc/container/templates/nginx.conf.template && \
echo ' server_tokens off;' >> /etc/container/templates/nginx.conf.template && \
echo ' add_header X-Frame-Options DENY;' >> /etc/container/templates/nginx.conf.template && \
echo ' server {' >> /etc/container/templates/nginx.conf.template && \
echo ' listen 80;' >> /etc/container/templates/nginx.conf.template && \
echo ' root /home/www/hexo;' >> /etc/container/templates/nginx.conf.template && \
echo ' index index.html;' >> /etc/container/templates/nginx.conf.template && \
echo ' location / { try_files $uri $uri/ =404; }' >> /etc/container/templates/nginx.conf.template && \
echo ' }' >> /etc/container/templates/nginx.conf.template && \
echo '}' >> /etc/container/templates/nginx.conf.template
# Create startup script
RUN echo '#!/bin/bash' > /root/start.sh && \
echo 'set -e' >> /root/start.sh && \
echo 'echo "Starting container..."' >> /root/start.sh && \
echo 'cp /etc/container/templates/sshd_config.template /etc/ssh/sshd_config' >> /root/start.sh && \
echo 'cp /etc/container/templates/nginx.conf.template /etc/nginx/nginx.conf' >> /root/start.sh && \
echo 'if [ ! -f "/etc/ssh/ssh_host_rsa_key" ]; then ssh-keygen -A; fi' >> /root/start.sh && \
echo '/usr/sbin/sshd -D &' >> /root/start.sh && \
echo 'nginx -g "daemon off;" &' >> /root/start.sh && \
echo 'wait' >> /root/start.sh && \
chmod +x /root/start.sh
# Set proper permissions
RUN chown -R hexo:hexo /home/hexo && \
chown -R hexo:hexo /home/www/hexo && \
chmod 700 /home/hexo/.ssh && \
chmod -R 755 /home/www/hexo
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD curl -f http://localhost/ || exit 1
# Volumes
VOLUME ["/home/www/hexo", "/home/hexo/.ssh", "/home/www/ssl", "/home/hexo/hexo.git"]
# Expose ports
EXPOSE 22 80 443
# Start services
CMD ["/root/start.sh"]
Reference in New Issue View Git Blame Copy Permalink