From a081fdd5c80029c73265d52d45d0447293666b87 Mon Sep 17 00:00:00 2001 From: Ilia Shipitsin Date: Sun, 9 Feb 2025 23:32:26 +0100 Subject: [PATCH] CI: move docker build machinery to the main repo more details: https://github.com/SoftEtherVPN/SoftetherVPN-docker/issues/4 --- .github/workflows/docker-vpnbridge.yml | 59 ++++++++++++++++++++++++++ .github/workflows/docker-vpnclient.yml | 59 ++++++++++++++++++++++++++ .github/workflows/docker-vpnserver.yml | 59 ++++++++++++++++++++++++++ Dockerfile | 51 ++++++++++++++++++++++ docker-compose.vpnclient.yaml | 16 +++++++ docker-compose.yaml | 23 ++++++++++ 6 files changed, 267 insertions(+) create mode 100644 .github/workflows/docker-vpnbridge.yml create mode 100644 .github/workflows/docker-vpnclient.yml create mode 100644 .github/workflows/docker-vpnserver.yml create mode 100644 Dockerfile create mode 100644 docker-compose.vpnclient.yaml create mode 100644 docker-compose.yaml diff --git a/.github/workflows/docker-vpnbridge.yml b/.github/workflows/docker-vpnbridge.yml new file mode 100644 index 00000000..4dd09a50 --- /dev/null +++ b/.github/workflows/docker-vpnbridge.yml @@ -0,0 +1,59 @@ +name: docker-vpnbridge + +on: + push: + branches: + - 'master' + tags: + - '*' + pull_request: + workflow_dispatch: + +jobs: + docker-vpnbridge: + strategy: + matrix: + variant: [ + { name: amd64, platform: "linux/amd64", repo: "softethervpn/vpnbridge" }, + { name: arm64, platform: "linux/arm64", repo: "softethervpn/vpnbridge-arm64" } + ] + name: vpnbridge/${{ matrix.variant.name }} + runs-on: ubuntu-latest + if: ${{ github.repository_owner == 'SoftEtherVPN' }} + steps: + - + name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ matrix.variant.repo }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=ref,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + - + name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + image: tonistiigi/binfmt:qemu-v9.2.0 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Login to DockerHub + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Build and push + uses: docker/build-push-action@v6 + with: + file: ./Dockerfile + target: vpnbridge + platforms: ${{ matrix.variant.platform }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/docker-vpnclient.yml b/.github/workflows/docker-vpnclient.yml new file mode 100644 index 00000000..b8d5e07e --- /dev/null +++ b/.github/workflows/docker-vpnclient.yml @@ -0,0 +1,59 @@ +name: docker-vpnclient + +on: + push: + branches: + - 'master' + tags: + - '*' + pull_request: + workflow_dispatch: + +jobs: + docker-vpnclient: + strategy: + matrix: + variant: [ + { name: amd64, platform: "linux/amd64", repo: "softethervpn/vpnclient" }, + { name: arm64, platform: "linux/arm64", repo: "softethervpn/vpnclient-arm64" } + ] + name: vpnclient/${{ matrix.variant.name }} + runs-on: ubuntu-latest + if: ${{ github.repository_owner == 'SoftEtherVPN' }} + steps: + - + name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ matrix.variant.repo }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=ref,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + - + name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + image: tonistiigi/binfmt:qemu-v9.2.0 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Login to DockerHub + if: ${{ github.event_name != 'pull_request' }} + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Build and push + uses: docker/build-push-action@v6 + with: + file: ./Dockerfile + target: vpnclient + platforms: ${{ matrix.variant.platform }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/.github/workflows/docker-vpnserver.yml b/.github/workflows/docker-vpnserver.yml new file mode 100644 index 00000000..9e3a7343 --- /dev/null +++ b/.github/workflows/docker-vpnserver.yml @@ -0,0 +1,59 @@ +name: docker-vpnserver + +on: + push: + branches: + - 'master' + tags: + - '*' + pull_request: + workflow_dispatch: + +jobs: + docker: + strategy: + matrix: + variant: [ + { name: amd64, platform: "linux/amd64", repo: "softethervpn/vpnserver" }, + { name: arm64, platform: "linux/arm64", repo: "softethervpn/vpnserver-arm64" } + ] + name: vpnserver/${{ matrix.variant.name }} + runs-on: ubuntu-latest + if: ${{ github.repository_owner == 'SoftEtherVPN' }} + steps: + - + name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ matrix.variant.repo }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=ref,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + - + name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + image: tonistiigi/binfmt:qemu-v9.2.0 + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Login to DockerHub + if: ${{ github.event_name != 'pull_request' }} + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Build and push + uses: docker/build-push-action@v6 + with: + file: ./Dockerfile + target: vpnserver + push: ${{ github.event_name != 'pull_request' }} + platforms: ${{ matrix.variant.platform }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..a719097c --- /dev/null +++ b/Dockerfile @@ -0,0 +1,51 @@ +FROM alpine AS builder +RUN mkdir /usr/local/src && apk add binutils --no-cache\ + linux-headers \ + build-base \ + readline-dev \ + openssl-dev \ + ncurses-dev \ + git \ + cmake \ + zlib-dev \ + libsodium-dev \ + gnu-libiconv + +ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so +ADD ./ /usr/local/src/SoftEtherVPN/ +WORKDIR /usr/local/src +ENV USE_MUSL=YES +ENV CMAKE_FLAGS="-DSE_PIDDIR=/run/softether -DSE_LOGDIR=/var/log/softether -DSE_DBDIR=/var/lib/softether" +RUN cd SoftEtherVPN &&\ + ./configure &&\ + make -j $(getconf _NPROCESSORS_ONLN) -C build + +FROM alpine AS base +RUN apk add --no-cache readline \ + openssl \ + libsodium \ + gnu-libiconv \ + iptables +ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so +WORKDIR /usr/local/bin +VOLUME /var/log/softether +VOLUME /var/lib/softether +VOLUME /run/softether +COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpncmd /usr/local/src/SoftEtherVPN/build/hamcore.se2 ./ +COPY --from=builder /usr/local/src/SoftEtherVPN/build/libcedar.so /usr/local/src/SoftEtherVPN/build/libmayaqua.so /usr/local/lib/ + + +FROM base AS vpnserver +COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnserver ./ +EXPOSE 443/tcp 992/tcp 1194/tcp 1194/udp 5555/tcp 500/udp 4500/udp +CMD ["/usr/local/bin/vpnserver", "execsvc"] + + +FROM base AS vpnclient +COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnclient ./ +CMD ["/usr/local/bin/vpnclient", "execsvc"] + + +FROM base AS vpnbridge +COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnbridge ./ +CMD ["/usr/local/bin/vpnbridge", "execsvc"] \ No newline at end of file diff --git a/docker-compose.vpnclient.yaml b/docker-compose.vpnclient.yaml new file mode 100644 index 00000000..f56fd90d --- /dev/null +++ b/docker-compose.vpnclient.yaml @@ -0,0 +1,16 @@ +version: '3' + +services: + softether: + image: softethervpn/vpnclient:latest + devices: + - /dev/net/tun:/dev/net/tun + cap_add: + - NET_ADMIN + restart: always + volumes: + - "/etc/localtime:/etc/localtime:ro" + - "/etc/timezone:/etc/timezone:ro" + - "./softether_data:/var/lib/softether" + - "./softether_log:/var/log/softether" + # - "./adminip.txt:/var/lib/softether/adminip.txt:ro" diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 00000000..95544c5b --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,23 @@ +version: '3' + +services: + softether: + image: softethervpn/vpnserver:latest + cap_add: + - NET_ADMIN + restart: always + ports: + #- 53:53 #DNS tunneling + - 443:443 #Management and HTTPS tunneling + - 992:992 #HTTPS tunneling + #- 1194:1194/udp #OpenVPN + #- 5555:5555 #HTTPS tunneling + #- 500:500/udp #IPsec/L2TP + #- 4500:4500/udp #IPsec/L2TP + #- 1701:1701/udp #IPsec/L2TP + volumes: + - "/etc/localtime:/etc/localtime:ro" + - "/etc/timezone:/etc/timezone:ro" + - "./softether_data:/var/lib/softether" + - "./softether_log:/var/log/softether" + # - "./adminip.txt:/var/lib/softether/adminip.txt:ro"