diff --git a/.gitea/workflows/gateway-build.yml b/.gitea/workflows/gateway-build.yml index 8e63985..e9fb479 100644 --- a/.gitea/workflows/gateway-build.yml +++ b/.gitea/workflows/gateway-build.yml @@ -8,6 +8,7 @@ on: env: DEPLOY_PATH: /opt/vpn-proxy BASE_IMAGE: vpn-proxy-runtime-base:bookworm-slim + RUNTIME_BASE_SOURCE_IMAGE: mirror.gcr.io/library/debian:bookworm-slim SINGBOX_VERSION: 1.12.13 jobs: @@ -34,6 +35,7 @@ jobs: DEPLOY_HOST=111 \ DEPLOY_PATH="${{ env.DEPLOY_PATH }}" \ BASE_IMAGE="${{ env.BASE_IMAGE }}" \ + RUNTIME_BASE_SOURCE_IMAGE="${{ env.RUNTIME_BASE_SOURCE_IMAGE }}" \ SINGBOX_VERSION="${{ env.SINGBOX_VERSION }}" \ IMAGE_TAG="${{ gitea.sha }}" \ bash scripts/build-on-107-deploy-111.sh diff --git a/Dockerfile.runtime-base b/Dockerfile.runtime-base index a32a12a..5a08b53 100644 --- a/Dockerfile.runtime-base +++ b/Dockerfile.runtime-base @@ -1,12 +1,24 @@ ARG BASE_IMAGE=mirror.gcr.io/library/debian:bookworm-slim FROM ${BASE_IMAGE} ARG SINGBOX_VERSION=1.12.13 +ARG HTTP_PROXY +ARG HTTPS_PROXY +ARG NO_PROXY +ARG http_proxy +ARG https_proxy +ARG no_proxy -RUN apt-get update \ +RUN export http_proxy="${http_proxy:-${HTTP_PROXY:-}}" \ + && export https_proxy="${https_proxy:-${HTTPS_PROXY:-}}" \ + && export no_proxy="${no_proxy:-${NO_PROXY:-}}" \ + && apt-get update \ && apt-get install -y --no-install-recommends ca-certificates curl iptables ipset iproute2 nodejs dumb-init \ && rm -rf /var/lib/apt/lists/* RUN set -eux; \ + export http_proxy="${http_proxy:-${HTTP_PROXY:-}}"; \ + export https_proxy="${https_proxy:-${HTTPS_PROXY:-}}"; \ + export no_proxy="${no_proxy:-${NO_PROXY:-}}"; \ arch="$(dpkg --print-architecture)"; \ case "$arch" in \ amd64) sb_arch="amd64" ;; \ diff --git a/scripts/build-on-107-deploy-111.sh b/scripts/build-on-107-deploy-111.sh index 794e848..91f6191 100755 --- a/scripts/build-on-107-deploy-111.sh +++ b/scripts/build-on-107-deploy-111.sh @@ -10,15 +10,18 @@ GIT_REF="$(git rev-parse --short HEAD 2>/dev/null || echo manual)" IMAGE_TAG="${IMAGE_TAG:-${GIT_REF}-$(date +%Y%m%d%H%M%S)}" GATEWAY_IMAGE="${GATEWAY_IMAGE:-${IMAGE_NAME}:${IMAGE_TAG}}" BASE_IMAGE="${BASE_IMAGE:-vpn-proxy-runtime-base:bookworm-slim}" +RUNTIME_BASE_SOURCE_IMAGE="${RUNTIME_BASE_SOURCE_IMAGE:-mirror.gcr.io/library/debian:bookworm-slim}" SINGBOX_VERSION="${SINGBOX_VERSION:-1.12.13}" DOCKER_BUILD_PULL="${DOCKER_BUILD_PULL:-false}" INSTALL_RUNTIME_DEPS="${INSTALL_RUNTIME_DEPS:-false}" INSTALL_SINGBOX="${INSTALL_SINGBOX:-false}" +AUTO_BUILD_RUNTIME_BASE="${AUTO_BUILD_RUNTIME_BASE:-true}" echo "Build host: ${BUILD_HOST}" echo "Deploy host: ${DEPLOY_HOST}" echo "Image: ${GATEWAY_IMAGE}" echo "Base image: ${BASE_IMAGE}" +echo "Runtime base source: ${RUNTIME_BASE_SOURCE_IMAGE}" echo "Syncing source to ${BUILD_HOST}:${BUILD_PATH}" if [ "${BUILD_HOST}" = "local" ]; then @@ -35,7 +38,7 @@ else fi echo "Building image on ${BUILD_HOST}" -BUILD_COMMAND="set -e; echo 'Docker context:' \$(docker context show 2>/dev/null || true); docker info 2>/dev/null | sed -n '/HTTP Proxy:/p;/HTTPS Proxy:/p;/Name:/p'; docker image inspect '${BASE_IMAGE}' >/dev/null || { echo 'Runtime base image ${BASE_IMAGE} is missing on ${BUILD_HOST}.'; echo 'Seed it once with: ./scripts/build-runtime-base.sh'; exit 1; }; cd '${BUILD_PATH}' && npm ci && npm run build && docker build --pull='${DOCKER_BUILD_PULL}' --build-arg BASE_IMAGE='${BASE_IMAGE}' --build-arg SINGBOX_VERSION='${SINGBOX_VERSION}' --build-arg INSTALL_RUNTIME_DEPS='${INSTALL_RUNTIME_DEPS}' --build-arg INSTALL_SINGBOX='${INSTALL_SINGBOX}' -t '${GATEWAY_IMAGE}' ." +BUILD_COMMAND="set -e; echo 'Docker context:' \$(docker context show 2>/dev/null || true); docker info 2>/dev/null | sed -n '/HTTP Proxy:/p;/HTTPS Proxy:/p;/Name:/p'; cd '${BUILD_PATH}'; if ! docker image inspect '${BASE_IMAGE}' >/dev/null 2>&1; then if [ '${AUTO_BUILD_RUNTIME_BASE}' = 'true' ]; then echo 'Runtime base image ${BASE_IMAGE} is missing on ${BUILD_HOST}; building it now.'; BASE_IMAGE='${RUNTIME_BASE_SOURCE_IMAGE}' RUNTIME_BASE_IMAGE='${BASE_IMAGE}' SINGBOX_VERSION='${SINGBOX_VERSION}' ./scripts/build-runtime-base.sh; else echo 'Runtime base image ${BASE_IMAGE} is missing on ${BUILD_HOST}.'; echo 'Seed it once with: ./scripts/build-runtime-base.sh'; exit 1; fi; fi; npm ci && npm run build && docker build --pull='${DOCKER_BUILD_PULL}' --build-arg BASE_IMAGE='${BASE_IMAGE}' --build-arg SINGBOX_VERSION='${SINGBOX_VERSION}' --build-arg INSTALL_RUNTIME_DEPS='${INSTALL_RUNTIME_DEPS}' --build-arg INSTALL_SINGBOX='${INSTALL_SINGBOX}' -t '${GATEWAY_IMAGE}' ." if [ "${BUILD_HOST}" = "local" ]; then bash -lc "${BUILD_COMMAND}" else diff --git a/scripts/build-runtime-base.sh b/scripts/build-runtime-base.sh index bf0ea78..b8a2754 100755 --- a/scripts/build-runtime-base.sh +++ b/scripts/build-runtime-base.sh @@ -4,13 +4,24 @@ set -euo pipefail BASE_IMAGE="${BASE_IMAGE:-mirror.gcr.io/library/debian:bookworm-slim}" RUNTIME_BASE_IMAGE="${RUNTIME_BASE_IMAGE:-vpn-proxy-runtime-base:bookworm-slim}" SINGBOX_VERSION="${SINGBOX_VERSION:-1.12.13}" +HTTP_PROXY="${HTTP_PROXY:-$(docker info 2>/dev/null | awk -F': ' '/HTTP Proxy:/ {print $2; exit}')}" +HTTPS_PROXY="${HTTPS_PROXY:-$(docker info 2>/dev/null | awk -F': ' '/HTTPS Proxy:/ {print $2; exit}')}" +NO_PROXY="${NO_PROXY:-$(docker info 2>/dev/null | awk -F': ' '/No Proxy:/ {print $2; exit}')}" echo "Building runtime base: ${RUNTIME_BASE_IMAGE}" echo "Source base image: ${BASE_IMAGE}" +if [ -n "${HTTP_PROXY}" ]; then echo "HTTP proxy: ${HTTP_PROXY}"; fi +if [ -n "${HTTPS_PROXY}" ]; then echo "HTTPS proxy: ${HTTPS_PROXY}"; fi docker build \ --build-arg BASE_IMAGE="${BASE_IMAGE}" \ --build-arg SINGBOX_VERSION="${SINGBOX_VERSION}" \ + --build-arg HTTP_PROXY="${HTTP_PROXY}" \ + --build-arg HTTPS_PROXY="${HTTPS_PROXY}" \ + --build-arg NO_PROXY="${NO_PROXY}" \ + --build-arg http_proxy="${HTTP_PROXY}" \ + --build-arg https_proxy="${HTTPS_PROXY}" \ + --build-arg no_proxy="${NO_PROXY}" \ -f Dockerfile.runtime-base \ -t "${RUNTIME_BASE_IMAGE}" \ .