add Dockerfile
All checks were successful
Docker Image CI / test (push) Successful in 4m10s
Docker Image CI / push (push) Successful in 11m15s

This commit is contained in:
Dmitry Belyaev 2024-10-20 00:13:57 +03:00
parent 783ea59226
commit 59043dcca4
Signed by: b4tman
GPG Key ID: 41A00BF15EA7E5F3
4 changed files with 132 additions and 18 deletions

1
.dockerignore Normal file
View File

@ -0,0 +1 @@
/target

View File

@ -0,0 +1,77 @@
name: Docker Image CI
on:
push:
branches:
- master
tags:
- v*
pull_request:
branches:
- master
workflow_dispatch:
permissions:
packages: write
contents: read
jobs:
test:
runs-on: cth-ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build image
uses: docker/build-push-action@v4
with:
context: .
push: false
tags: gitea.b4tman.ru/${{ gitea.repository }}:test
push:
needs: test
runs-on: cth-ubuntu-latest
if: github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v4
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
gitea.b4tman.ru/${{ gitea.repository }}
flavor: |
latest=${{ github.ref == 'refs/heads/master' }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to gitea
uses: docker/login-action@v3
with:
registry: gitea.b4tman.ru
username: ${{ gitea.repository_owner }}
password: ${{ secrets.PKGS_TOKEN }}
- name: Build and push image
uses: docker/build-push-action@v4
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

20
Dockerfile Normal file
View File

@ -0,0 +1,20 @@
FROM lukemathwalker/cargo-chef:latest-rust-1 AS chef
WORKDIR /app
FROM chef AS planner
COPY . .
RUN cargo chef prepare --recipe-path recipe.json
FROM chef AS builder
COPY --from=planner /app/recipe.json recipe.json
RUN cargo chef cook --release --recipe-path recipe.json
COPY . .
RUN cargo build --release
FROM debian:12-slim AS runtime
ARG SSL_PKG="openssl"
RUN apt update && apt install -y $SSL_PKG
WORKDIR /app
COPY --from=builder /app/target/release/peazyrsa /usr/local/bin
ENTRYPOINT ["/usr/local/bin/peazyrsa"]

View File

@ -2,7 +2,11 @@ use anyhow::{anyhow, Context, Result};
use clap::Parser;
use encoding::{label::encoding_from_whatwg_label, EncoderTrap};
use regex::Regex;
use std::{collections::BTreeMap, path::{Path, PathBuf}, pin::Pin};
use std::{
collections::BTreeMap,
path::{Path, PathBuf},
pin::Pin,
};
use tokio::{
fs::{self, File},
io::{AsyncBufReadExt, BufReader},
@ -80,8 +84,11 @@ async fn is_file_exist(filepath: &PathBuf) -> bool {
true
}
async fn read_file<'a, S, P>(filepath: P, encoding: S) -> Result<String>
where S: AsRef<str> + std::cmp::PartialEq<&'a str>, P: AsRef<Path> {
async fn read_file<'a, S, P>(filepath: P, encoding: S) -> Result<String>
where
S: AsRef<str> + std::cmp::PartialEq<&'a str>,
P: AsRef<Path>,
{
let filepath = PathBuf::from(filepath.as_ref());
if encoding == "utf8" {
return Ok(fs::read_to_string(filepath).await?);
@ -283,12 +290,18 @@ impl Certs {
}
let status = Command::new("openssl")
.raw_arg(format!(
"req -nodes -new -keyout {} -out {} -config {} -batch",
.args(&[
"req",
"-nodes",
"-new",
"-keyout",
&self.key_file.to_str().unwrap(),
"-out",
&self.req_file.to_str().unwrap(),
&self.openssl_cnf.to_str().unwrap()
))
"-config",
&self.openssl_cnf.to_str().unwrap(),
"-batch",
])
.current_dir(&self.base_dir)
.envs(&self.vars)
.status()
@ -313,13 +326,18 @@ impl Certs {
}
let status = Command::new("openssl")
.raw_arg(format!(
"ca -days {} -out {} -in {} -config {} -batch",
self.req_days,
.args(&[
"ca",
"-days",
format!("{}", self.req_days).as_str(),
"-out",
&self.cert_file.to_str().unwrap(),
"-in",
&self.req_file.to_str().unwrap(),
&self.openssl_cnf.to_str().unwrap()
))
"-config",
&self.openssl_cnf.to_str().unwrap(),
"-batch",
])
.current_dir(&self.base_dir)
.envs(&self.vars)
.status()
@ -327,7 +345,7 @@ impl Certs {
match status.success() {
true => Ok(()),
false => Err(anyhow!("openssl ca execution failed")),
false => Err(anyhow!("ssl ca execution failed")),
}
}
@ -343,12 +361,10 @@ impl Certs {
self.template_file.clone(),
self.ca_file.clone(),
self.cert_file.clone(),
self.key_file.clone()
self.key_file.clone(),
);
let enc = self.encoding.clone();
let (enc1, enc2, enc3, enc4) = (
enc.clone(), enc.clone(), enc.clone(), enc.clone()
);
let (enc1, enc2, enc3, enc4) = (enc.clone(), enc.clone(), enc.clone(), enc.clone());
if let (Ok(Ok(template)), Ok(Ok(ca)), Ok(Ok(cert)), Ok(Ok(key))) = tokio::join!(
tokio::spawn(read_file(template_file, enc1)),
@ -370,7 +386,7 @@ impl Certs {
}
}
#[tokio::main(flavor="current_thread")]
#[tokio::main(flavor = "current_thread")]
async fn main() -> Result<()> {
let args = Args::parse();
let default_directory = ".".to_string();