From a2a67dcd0b9c893052f27a8de177481b030a110c Mon Sep 17 00:00:00 2001 From: saibotk Date: Wed, 8 Jan 2020 10:49:54 +0100 Subject: [PATCH] Add Docker files, .spelling & .gitlab-ci.yml --- .dockerignore | 3 + .gitlab-ci.yml | 109 ++++++++++++++++++++++++++++++++++++ .spelling | 6 ++ _docker/Dockerfile | 7 +++ _docker/default.conf | 71 +++++++++++++++++++++++ _docker/redirect.conf | 7 +++ content/posts/first-post.md | 8 +-- 7 files changed, 207 insertions(+), 4 deletions(-) create mode 100644 .dockerignore create mode 100644 .gitlab-ci.yml create mode 100644 .spelling create mode 100644 _docker/Dockerfile create mode 100644 _docker/default.conf create mode 100644 _docker/redirect.conf diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..9efe961 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +* +!public +!_docker \ No newline at end of file diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..9fb8175 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,109 @@ +image: node:13.5-buster + +stages: + - orthography + - build + - package + - test + #- deploy + +spellcheck: + stage: orthography + image: node:10 + before_script: + - npm i -g markdown-spellcheck + script: + - mdspell -r -n -a --en-gb "content/posts/*.md" "content/posts/*.markdown" + tags: + - docker + +build: + image: docker.io/cibuilds/hugo + stage: build + variables: + HUGO_ENV: production + LANG: C.UTF-8 + before_script: + - hugo --minify --enableGitInfo + script: + - htmlproofer ./public --allow-hash-href --check-html --empty-alt-ignore --disable-external + artifacts: + untracked: true + paths: + - public + expire_in: 1 week + +package-deploy: + stage: package + services: + - docker:dind + variables: + DOCKER_HOST: "tcp://docker:2375" + LANG: C.UTF-8 + before_script: + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY + script: + - docker build --pull -f _docker/Dockerfile -t "$CI_REGISTRY_IMAGE" . + - docker push "$CI_REGISTRY_IMAGE" + only: + - deploy + tags: + - docker + +package: + stage: package + services: + - docker:dind + variables: + DOCKER_HOST: "tcp://docker:2375" + LANG: C.UTF-8 + before_script: + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY + script: + - docker build --pull -f _docker/Dockerfile -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" . + - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" + except: + - deploy + tags: + - docker + +test: + stage: test + services: + - docker:dind + variables: + DOCKER_HOST: "tcp://docker:2375" + LANG: C.UTF-8 + before_script: + - apt-get install curl + script: + - docker run -d -p 80:80 --name testing $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG + - sleep 5 + - docker exec testing nginx -c /etc/nginx/nginx.conf -t + - curl http://docker/status.txt | grep -q 'OK' + - docker stop testing + - docker rm testing + except: + - deploy + tags: + - docker + +test-deploy: + stage: test + services: + - docker:dind + variables: + DOCKER_HOST: "tcp://docker:2375" + LANG: C.UTF-8 + before_script: + - apt-get install curl + script: + - docker run -d -p 80:80 --name testing $CI_REGISTRY_IMAGE + - sleep 5 + - curl http://docker/status.txt | grep -q 'OK' + - docker stop testing + - docker rm testing + only: + - deploy + tags: + - docker diff --git a/.spelling b/.spelling new file mode 100644 index 0000000..1cb1226 --- /dev/null +++ b/.spelling @@ -0,0 +1,6 @@ +# markdown-spellcheck spelling configuration file +# Format - lines begining # are comments +# global dictionary is at the start, file overrides afterwards +# one word per line, to define a file override use ' - filename' +# where filename is relative to this configuration file +saibotk \ No newline at end of file diff --git a/_docker/Dockerfile b/_docker/Dockerfile new file mode 100644 index 0000000..56e55d4 --- /dev/null +++ b/_docker/Dockerfile @@ -0,0 +1,7 @@ +FROM nginx:1.17-alpine + +COPY ./public/ /usr/share/nginx/html/ + +COPY ./_docker/default.conf ./_docker/redirect.conf /etc/nginx/conf.d/ + +HEALTHCHECK CMD wget -O- http://127.0.0.1/status.txt | grep -q 'OK' \ No newline at end of file diff --git a/_docker/default.conf b/_docker/default.conf new file mode 100644 index 0000000..6807111 --- /dev/null +++ b/_docker/default.conf @@ -0,0 +1,71 @@ +# Nginx config +# Inspired by https://git.shivering-isles.com/shivering-isles/blog/blob/deploy/_docker/default.conf + +# Expires map +map $sent_http_content_type $expires { + default off; + text/html epoch; + text/css max; + application/javascript max; + ~image/ max; + ~font/ max; +} + +proxy_cache_path /tmp/nginx-cache levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=1g; + +server { + + root /usr/share/nginx/html; + listen 80; + server_name saibotk.de; + + expires $expires; + charset UTF-8; + + set_real_ip_from 172.16.0.0/12; + add_header X-Frame-Options "DENY"; + add_header Referrer-Policy "no-referrer"; + add_header Content-Security-Policy "default-src 'none'; script-src 'self'; img-src data: 'self'; style-src 'self' 'unsafe-inline'; font-src data: 'self'; object-src data:; base-uri 'none'; form-action 'none'; worker-src 'self'; connect-src 'self'"; + add_header Feature-Policy "geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'self'; payment 'none'; usb 'none';"; + add_header Allow "GET, HEAD" always; + + if ( $request_method !~ ^(GET|HEAD)$ ) { + return 405; + } + + location /rss { + rewrite ^/rss /feed.xml redirect; + } + + rewrite ^/(.*)/$ /$1 redirect; + + location ~ /\.well-known { + allow all; + } + + # make sure we provide the right content type + location ^~ /.well-known/openpgpkey/hu { + default_type application/octet-stream; + add_header Access-Control-Allow-Origin * always; + } + + # general wkd should be available everywhere + location ^~ /.well-known/openpgpkey { + add_header Access-Control-Allow-Origin * always; + } + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/index.html $uri.html =404; + } + + error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } +} diff --git a/_docker/redirect.conf b/_docker/redirect.conf new file mode 100644 index 0000000..f6080b1 --- /dev/null +++ b/_docker/redirect.conf @@ -0,0 +1,7 @@ +server { + listen 80; + server_name www.saibotk.de; + + return 301 https://saibotk.de$request_uri; +} + diff --git a/content/posts/first-post.md b/content/posts/first-post.md index 335575b..2a0c6e5 100644 --- a/content/posts/first-post.md +++ b/content/posts/first-post.md @@ -12,12 +12,12 @@ tags: ## Hello and welcome on my blog -So i wanted to start a blog for a long time, +So I wanted to start a blog for a long time, not only to just have a random website floating around of course :) -The purpose will be to present solutions / things i encounter during my -daily work and to hopefully give back some knowledge to people like i was/am, -who are looking for this exact same problem. +The purpose will be to present solutions / things I encounter during my +daily work and to hopefully give back some knowledge to other people, +who are looking for the same problems or are just generally interested in reading about it. Thank you, saibotk \ No newline at end of file