From 8be7452f0e4fb163037fbfb87e0b686afe77aedd Mon Sep 17 00:00:00 2001 From: SBCrumb Date: Tue, 9 Sep 2025 17:04:59 -0400 Subject: [PATCH] iupdate --- Dockerfile.optimized | 33 --------------------- configure-docker-insecure.md | 40 -------------------------- fix-gitea-packages.md | 56 ------------------------------------ 3 files changed, 129 deletions(-) delete mode 100644 Dockerfile.optimized delete mode 100644 configure-docker-insecure.md delete mode 100644 fix-gitea-packages.md diff --git a/Dockerfile.optimized b/Dockerfile.optimized deleted file mode 100644 index 801c83f..0000000 --- a/Dockerfile.optimized +++ /dev/null @@ -1,33 +0,0 @@ -# Test image size optimization - -FROM python:3.11-slim - -WORKDIR /app - -# Single layer for all dependencies to reduce image size -RUN apt-get update && apt-get install -y --no-install-recommends \ - sqlite3 curl gosu \ - && rm -rf /var/lib/apt/lists/* \ - && apt-get clean \ - && groupadd -g 1000 appuser \ - && useradd -u 1000 -g appuser -m appuser - -# Install Python deps with cleanup -COPY requirements.txt . -RUN pip install --no-cache-dir -r requirements.txt && pip cache purge - -# Copy app files -COPY nfoguard.py core/ clients/ VERSION ./ - -# Set permissions and create entrypoint in single layer -RUN mkdir -p /app/data \ - && chown -R appuser:appuser /app \ - && echo '#!/bin/bash\nset -euo pipefail\nPUID=${PUID:-1000}\nPGID=${PGID:-1000}\nif [ "$(id -u)" -eq 0 ]; then\n groupmod -o -g "$PGID" appuser 2>/dev/null || groupadd -o -g "$PGID" appuser\n id appuser &>/dev/null || useradd -o -u "$PUID" -g "$PGID" -m appuser\n usermod -o -u "$PUID" -g "$PGID" appuser 2>/dev/null || true\n chown -R "$PUID:$PGID" /app || true\n exec gosu appuser "$@"\nelse\n exec "$@"\nfi' > /entrypoint.sh \ - && chmod +x /entrypoint.sh - -HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ - CMD curl -f http://localhost:8080/health || exit 1 - -EXPOSE 8080 -ENTRYPOINT ["/entrypoint.sh"] -CMD ["python", "nfoguard.py"] \ No newline at end of file diff --git a/configure-docker-insecure.md b/configure-docker-insecure.md deleted file mode 100644 index d411555..0000000 --- a/configure-docker-insecure.md +++ /dev/null @@ -1,40 +0,0 @@ -# Manual Docker daemon configuration for insecure registry - -## 1. Configure Docker daemon to allow HTTP registry - -```bash -# On your gitea-lxc host, run this once: -sudo mkdir -p /etc/docker - -# Create or update daemon.json -sudo tee /etc/docker/daemon.json > /dev/null << 'EOF' -{ - "insecure-registries": ["192.168.253.221:3000"] -} -EOF - -# Restart Docker daemon -sudo systemctl restart docker - -# Wait for Docker to restart -sleep 5 - -# Verify Docker is running -sudo systemctl status docker -``` - -## 2. Test local registry push manually - -```bash -# Test login to local registry -docker login 192.168.253.221:3000 - -# Test push -docker pull hello-world -docker tag hello-world 192.168.253.221:3000/jskala/test:latest -docker push 192.168.253.221:3000/jskala/test:latest -``` - -## 3. Then run your workflow - -After configuring the daemon manually, the workflow should work without needing to modify daemon.json. \ No newline at end of file diff --git a/fix-gitea-packages.md b/fix-gitea-packages.md deleted file mode 100644 index 5c80295..0000000 --- a/fix-gitea-packages.md +++ /dev/null @@ -1,56 +0,0 @@ -# Quick fix for Gitea packages - -## 1. Enable packages in Gitea configuration - -Edit your Gitea config file (usually `/etc/gitea/app.ini`): - -```ini -[packages] -ENABLED = true - -[storage.packages] -STORAGE_TYPE = local -PATH = /var/lib/gitea/data/packages -``` - -## 2. Restart Gitea service - -```bash -sudo systemctl restart gitea -# or if using docker -docker restart gitea -``` - -## 3. Verify packages are enabled - -Check admin panel: https://gitea.skalas.org/admin/config -Look for "Packages: Enabled" - -## 4. Test manually first - -```bash -# Test from your runner host -docker login gitea.skalas.org - -# Pull a small test image first -docker pull hello-world - -# Tag and push test -docker tag hello-world gitea.skalas.org/jskala/test:latest -docker push gitea.skalas.org/jskala/test:latest -``` - -After enabling packages, your workflow should work! - -## 5. Performance tip: Use local network for same-host setups - -If your runner and Gitea are on the same host, use the local IP to avoid Cloudflare tunnel overhead: - -```bash -# Much faster for same-host setups -docker login 192.168.253.221:3000 -docker tag hello-world 192.168.253.221:3000/jskala/test:latest -docker push 192.168.253.221:3000/jskala/test:latest -``` - -This bypasses the tunnel completely and should be very fast! \ No newline at end of file