switched build of jupyter-python to hostinger

updated wildfly to 37.0.1
- switched bee dashboard to my own branch
2025-09-30 15:25:36 +08:00 · 2025-09-12 17:56:53 +08:00 · 2025-09-10 13:41:22 +08:00 · 2025-09-08 05:43:23 +08:00 · 2025-09-02 06:27:06 +08:00 · 2025-08-26 12:12:15 +08:00
28 changed files with 495 additions and 47 deletions
--- a/.gitea/workflows/build-arch-builder.yaml
+++ b/.gitea/workflows/build-arch-builder.yaml
@@ -31,7 +31,8 @@ jobs:
          pull: true
          tags: |
            "gitea.woggioni.net/woggioni/arch-builder:base"
-          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:buildx
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:base-buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/arch-builder:base-buildx          
          target: base
      -
        name: Build and push arch-builder kernel images
@@ -43,7 +44,8 @@ jobs:
          pull: true
          tags: |
            "gitea.woggioni.net/woggioni/arch-builder:kernel"
-          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:buildx
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:kernel-buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/arch-builder:kernel-buildx          
          target: kernel
      -
        name: Build and push arch-builder rust images
@@ -55,7 +57,8 @@ jobs:
          pull: true
          tags: |
            "gitea.woggioni.net/woggioni/arch-builder:rust"
-          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:buildx
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:rust-buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/arch-builder:rust-buildx          
          target: rust
      -
        name: Build and push arch-builder rust full images
@@ -67,7 +70,8 @@ jobs:
          pull: true
          tags: |
            "gitea.woggioni.net/woggioni/arch-builder:rust-full"
-          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:buildx
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:rust-full-buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/arch-builder:rust-full-buildx          
          target: rust-full
      -
        name: Build and push arch-builder gitea_act_runner images
@@ -79,6 +83,6 @@ jobs:
          pull: true
          tags: |
            "gitea.woggioni.net/woggioni/arch-builder:gitea_act_runner"
-          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:buildx
-          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/arch-builder:buildx          
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/arch-builder:gitea-buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/arch-builder:gitea-buildx          
          target: gitea_act_runner
--- a/.gitea/workflows/build-bee-dashboard.yaml
+++ b/.gitea/workflows/build-bee-dashboard.yaml
@@ -0,0 +1,60 @@
+name: CI
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'bee-dashboard/**'
+      - '.gitea/workflows/build-bee-dashboard.yaml'      
+jobs:
+  "Build & deploy Cloudflare page":
+    runs-on: hostinger
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v4
+        with:
+          path: docker-images
+      - name: Checkout bee-dashboard sources
+        run: /usr/sbin/git clone -b add-redistribution-stats --depth 1 https://github.com/woggioni/bee-dashboard.git src
+      - name: Execute build
+        run: cd src && npm install
+      - name: Copy _headers file
+        run: cp docker-images/bee-dashboard/_headers src/build
+      - name: Deploy to Cloudflare
+        run: npx wrangler pages deploy --project-name bee-dashboard --branch main src/build
+        env:
+          CLOUDFLARE_ACCOUNT_ID: ${{ vars.CLOUDFLARE_ACCOUNT_ID }}
+          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+  "Build bee-dashboard docker images":
+    runs-on: hostinger
+    steps:
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3.4.0
+        with:
+          driver: docker-container
+          platforms: |
+            linux/amd64
+            linux/arm64
+      -
+        name: Login to Gitea container registry
+        uses: docker/login-action@v3
+        with:
+          registry: gitea.woggioni.net
+          username: woggioni
+          password: ${{ secrets.PUBLISHER_TOKEN }}
+      -
+        name: Build and push bee-dashboard images
+        uses: docker/build-push-action@v6
+        with:
+          platforms: |
+            linux/amd64
+            linux/arm64
+          context: "{{defaultContext}}:bee-dashboard"
+          push: true
+          pull: true
+          ssh: default=/home/luser/.ssh/id_ed25519
+          build-args: "VERSION=0.32.0"
+          tags: |
+            "gitea.woggioni.net/woggioni/bee-dashboard:0.32.0"
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/bee-dashboard:buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/bee-dashboard:buildx          
--- a/.gitea/workflows/build-dyndns.yaml
+++ b/.gitea/workflows/build-dyndns.yaml
@@ -0,0 +1,41 @@
+name: CI
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'dyndns/*'
+      - '.gitea/workflows/build-dyndns.yaml'      
+jobs:
+  "Build dyndns docker images":
+    runs-on: hostinger
+    steps:
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3.4.0
+        with:
+          driver: docker-container
+          platforms: |
+            linux/amd64
+            linux/arm64
+      -
+        name: Login to Gitea container registry
+        uses: docker/login-action@v3
+        with:
+          registry: gitea.woggioni.net
+          username: woggioni
+          password: ${{ secrets.PUBLISHER_TOKEN }}
+      -
+        name: Build and push dyndns images
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext}}:dyndns"
+          platforms: |
+            linux/amd64
+            linux/arm64
+          push: true
+          pull: true
+          tags: |
+            "gitea.woggioni.net/woggioni/dyndns:latest"
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/dyndns:buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/dyndns:buildx          
+
--- a/.gitea/workflows/build-jupyter-python.yaml
+++ b/.gitea/workflows/build-jupyter-python.yaml
@@ -7,7 +7,7 @@ on:
      - '.gitea/workflows/build-jupyter-python.yaml'      
 jobs:
  "Build Jupyter python Docker images":
-    runs-on: woryzen
+    runs-on: hostinger
    steps:
      -
        name: Set up QEMU
--- a/.gitea/workflows/build-nginx.yaml
+++ b/.gitea/workflows/build-nginx.yaml
@@ -7,7 +7,7 @@ on:
      - '.gitea/workflows/build-nginx.yaml'      
 jobs:
  "Build nginx docker images":
-    runs-on: woryzen
+    runs-on: hostinger
    steps:
      -
        name: Set up Docker Buildx
@@ -25,20 +25,44 @@ jobs:
          username: woggioni
          password: ${{ secrets.PUBLISHER_TOKEN }}
      -
-        name: Build and push nginx images
+        name: Build and push nginx vanilla images
        uses: docker/build-push-action@v6
        with:
          context: "{{defaultContext}}:nginx"
          platforms: |
            linux/amd64
+            linux/arm64
          push: true
          pull: true
+          ssh: default=/home/luser/.ssh/id_ed25519
          tags: |
            "gitea.woggioni.net/woggioni/nginx:latest"
-            "gitea.woggioni.net/woggioni/nginx:v1.28.0"
+            "gitea.woggioni.net/woggioni/nginx:v1.29.1"
          secrets: |
            GIT_AUTH_TOKEN.github.com=${{ secrets.GH_ACCESS_TOKEN }}
-          build-args: "NGINX_VERSION=1.28.0"
-          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/nginx:buildx
-          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/nginx:buildx
-
+          build-args: |
+            NGINX_VERSION=1.29.1
+            NGINX_BRANCH=vanilla
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/nginx:buildx-vanilla
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/nginx:buildx-vanilla
+      -
+        name: Build and push nginx custom images
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext}}:nginx"
+          platforms: |
+            linux/amd64
+            linux/arm64
+          push: true
+          pull: true
+          ssh: default=/home/luser/.ssh/id_ed25519
+          tags: |
+            "gitea.woggioni.net/woggioni/nginx:woggioni"
+            "gitea.woggioni.net/woggioni/nginx:v1.29.1-woggioni"
+          secrets: |
+            GIT_AUTH_TOKEN.github.com=${{ secrets.GH_ACCESS_TOKEN }}
+          build-args: |
+            NGINX_VERSION=1.29.1
+            NGINX_BRANCH=woggioni
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/nginx:buildx-woggioni
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/nginx:buildx-woggioni
--- a/.gitea/workflows/build-rlevtree.yaml
+++ b/.gitea/workflows/build-rlevtree.yaml
@@ -0,0 +1,43 @@
+name: CI
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'rlevtree/*'
+      - '.gitea/workflows/build-rlevtree.yaml'      
+jobs:
+  "Build rlevtree docker images":
+    runs-on: woryzen
+    steps:
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3.4.0
+        with:
+          driver: docker-container
+          platforms: |
+            wasm/wasm
+            linux/amd64
+            linux/arm64
+      -
+        name: Login to Gitea container registry
+        uses: docker/login-action@v3
+        with:
+          registry: gitea.woggioni.net
+          username: woggioni
+          password: ${{ secrets.PUBLISHER_TOKEN }}
+      -
+        name: Build and push sserver-rust images
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext}}:rlevtree"
+          platforms: |
+            wasm/wasm
+            linux/amd64
+            linux/arm64
+          push: true
+          pull: true
+          tags: |
+            "gitea.woggioni.net/woggioni/rlevtree:latest"
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/rlevtree:buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/rlevtree:buildx          
+
--- a/.gitea/workflows/build-swarm-cli.yaml
+++ b/.gitea/workflows/build-swarm-cli.yaml
@@ -0,0 +1,41 @@
+name: CI
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'swarm-cli/*'
+      - '.gitea/workflows/build-swarm-cli.yaml'      
+jobs:
+  "Build swarm-cli docker images":
+    runs-on: woryzen
+    steps:
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3.4.0
+        with:
+          driver: docker-container
+          platforms: |
+            linux/amd64
+            linux/arm64
+      -
+        name: Login to Gitea container registry
+        uses: docker/login-action@v3
+        with:
+          registry: gitea.woggioni.net
+          username: woggioni
+          password: ${{ secrets.PUBLISHER_TOKEN }}
+      -
+        name: Build and push swarm-cli images
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext}}:swarm-cli"
+          platforms: |
+            linux/amd64
+            linux/arm64
+          push: true
+          pull: true
+          tags: |
+            "gitea.woggioni.net/woggioni/swarm-cli:latest"
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/swarm-cli:buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/swarm-cli:buildx          
+
--- a/.gitea/workflows/build-wildfly.yaml
+++ b/.gitea/workflows/build-wildfly.yaml
@@ -7,7 +7,7 @@ on:
      - '.gitea/workflows/build-wildfly.yaml'      
 jobs:
  "Build wildfly docker images":
-    runs-on: woryzen
+    runs-on: hostinger
    steps:
      -
        name: Set up Docker Buildx
@@ -30,8 +30,8 @@ jobs:
          pull: true
          tags: |
            "gitea.woggioni.net/woggioni/wildfly:latest"
-            "gitea.woggioni.net/woggioni/wildfly:33.0.1"
-          build-args: "VERSION=33.0.1"
+            "gitea.woggioni.net/woggioni/wildfly:37.0.1"
+          build-args: "VERSION=37.0.1"
          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/wildfly:buildx
          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/wildfly:buildx          

--- a/.gitea/workflows/build-xmrig.yaml
+++ b/.gitea/workflows/build-xmrig.yaml
@@ -0,0 +1,38 @@
+name: CI
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'xmrig/**'
+      - '.gitea/workflows/build-xmrig.yaml'      
+jobs:
+  "Build xmrig docker images":
+    runs-on: woryzen
+    steps:
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3.4.0
+        with:
+          driver: docker-container
+      -
+        name: Login to Gitea container registry
+        uses: docker/login-action@v3
+        with:
+          registry: gitea.woggioni.net
+          username: woggioni
+          password: ${{ secrets.PUBLISHER_TOKEN }}
+      -
+        name: Build and push xmrig images
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext}}:xmrig"
+          push: true
+          pull: true
+          ssh: default=/home/luser/.ssh/id_ed25519
+          tags: |
+            "gitea.woggioni.net/woggioni/xmrig:latest"
+            "gitea.woggioni.net/woggioni/xmrig:6.24.0"
+          build-args: "VERSION=6.24.0"
+          cache-from: type=registry,ref=gitea.woggioni.net/woggioni/xmrig:buildx
+          cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/xmrig:buildx          
+
--- a/arch-builder/Dockerfile
+++ b/arch-builder/Dockerfile
@@ -95,6 +95,7 @@ RUN --mount=type=cache,target=/var/cache/pacman pacman -S --noconfirm --needed \
    protobuf     
 USER luser
 WORKDIR /home/luser
+RUN rustup update
 RUN rustup toolchain install stable-x86_64-unknown-linux-gnu --profile minimal
 RUN rustup component add rustfmt
 RUN rustup target add \
@@ -106,16 +107,20 @@ RUN rustup target add \
    aarch64-unknown-linux-gnu \
    wasm32-unknown-unknown \
    wasm32-wasip2
-RUN rustup update

 FROM base AS gitea_act_runner
-RUN --mount=type=cache,target=/var/cache/pacman pacman -S --noconfirm --needed nodejs npm docker docker-buildx btrfs-progs hidapi protobuf rustup llvm clang trunk emscripten
-RUN --mount=type=cache,target=/var/cache/pacman pacman -S --noconfirm --needed gitea-act-runner jdk21-graalvm-bin jdk23-graalvm-bin jdk21-graalvm-ce-bin jdk23-graalvm-ce-bin
 RUN --mount=type=bind,source=woggioni.net.ca.pem,target=/root.pem trust anchor root.pem
+RUN --mount=type=cache,target=/var/cache/pacman pacman -S --noconfirm --needed nodejs npm docker docker-buildx btrfs-progs hidapi protobuf rustup llvm clang trunk emscripten sccache
+RUN --mount=type=cache,target=/var/cache/pacman pacman -S --noconfirm --needed gitea-act-runner jdk21-graalvm-bin jdk23-graalvm-bin jdk21-graalvm-ce-bin jdk23-graalvm-ce-bin
 RUN usermod -a luser -G docker
 USER luser
+WORKDIR /home/luser
+COPY --chown=1000:1000 config.toml /home/luser/.cargo/config.toml
+COPY --chown=1000:1000 sccache_config.toml /home/luser/.config/sccache/config
+RUN rustup update
 RUN rustup toolchain install stable-x86_64-unknown-linux-gnu --profile minimal
 RUN rustup component add rustfmt
+RUN rustup component add clippy
 RUN rustup target add \
    x86_64-unknown-linux-musl \
    x86_64-unknown-linux-gnu \
@@ -125,7 +130,8 @@ RUN rustup target add \
    aarch64-unknown-linux-gnu \
    wasm32-unknown-unknown \
    wasm32-wasip2
-RUN npm install wrangler
+RUN cargo install worker-build
+RUN cargo install wasm-bindgen-cli
+RUN npm install -D wrangler
 ENV PATH="/home/luser/.local/bin:/home/luser/.cargo/bin:${PATH}"
-WORKDIR /home/luser
 CMD ["/usr/lib/gitea/act_runner/act_runner", "daemon", "--config", "/var/lib/gitea/act_runner.yaml"]
--- a/arch-builder/config.toml
+++ b/arch-builder/config.toml
@@ -19,5 +19,5 @@ opt-level = 3
 lto = true
 strip = true

-#[build]
-#rustc-wrapper = "/usr/sbin/sccache"
+[build]
+rustc-wrapper = "/usr/bin/sccache"
--- a/bee-dashboard/Dockerfile
+++ b/bee-dashboard/Dockerfile
@@ -0,0 +1,14 @@
+FROM alpine:3.22 AS base
+RUN --mount=type=cache,target=/var/cache/apk apk add nodejs npm
+
+FROM base AS build
+ARG VERSION
+RUN --mount=type=cache,target=/var/cache/apk apk add chromium
+WORKDIR /src
+#ADD git@github.com:ethersphere/bee-dashboard.git#v${VERSION} .
+ADD git@github.com:woggioni/bee-dashboard.git#add-redistribution-stats .
+RUN PUPPETEER_SKIP_DOWNLOAD=1 npm install
+
+FROM gitea.woggioni.net/woggioni/nginx:v1.29.1 AS final
+COPY --from=build /src/build /srv/http
+COPY bee-dashboard.conf /etc/nginx/conf.d/bee-dashboard.conf
--- a/bee-dashboard/_headers
+++ b/bee-dashboard/_headers
@@ -0,0 +1,2 @@
+/*
+  Content-Security-Policy: default-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self' http://localhost:1633 https://xdai.fairdatasociety.org https://rpc.gnosis.gateway.fm https://rpc.gnosischain.com https://rpc.ankr.com;
--- a/bee-dashboard/bee-dashboard.conf
+++ b/bee-dashboard/bee-dashboard.conf
@@ -0,0 +1,7 @@
+server {
+    listen 8080;
+    root   /srv/http;    
+    location / {
+    }
+}
+
--- a/dyndns/Dockerfile
+++ b/dyndns/Dockerfile
@@ -0,0 +1,12 @@
+FROM alpine:3.22
+
+RUN --mount=type=cache,target=/var/cache/apk apk add python3 pipx
+RUN addgroup -S dyndns
+RUN adduser -D -S -h /var/lib/dyndns -G dyndns dyndns
+
+ADD --chown=dyndns:dyndns pip.conf /var/lib/dyndns/.pip/pip.conf
+
+USER dyndns
+WORKDIR /var/lib/dyndns
+RUN pipx install wdyndns
+ENV PATH="/var/lib/dyndns/.local/bin:$PATH"
--- a/dyndns/pip.conf
+++ b/dyndns/pip.conf
@@ -0,0 +1,3 @@
+[global]
+index-url = https://gitea.woggioni.net/api/packages/woggioni/pypi/simple
+extra-index-url = https://pypi.org/simple
--- a/jupyter-python/Dockerfile
+++ b/jupyter-python/Dockerfile
@@ -2,7 +2,7 @@ FROM debian:stable AS build
 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
    --mount=type=cache,target=/var/lib/apt,sharing=locked \
    apt update &&\
-    apt install -y python3 python3-dev pipx gcc g++ libffi-dev cargo cmake autoconf swig ninja-build patchelf meson python3-faiss
+    apt install -y python3 python3-dev pipx gcc g++ libffi-dev cargo cmake autoconf swig ninja-build patchelf meson python3-faiss adduser
 RUN adduser -u 1000 --system --shell /bin/sh --home /home/jovyan jovyan
 USER jovyan
 WORKDIR /home/jovyan
@@ -29,7 +29,7 @@ FROM debian:stable
 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
    --mount=type=cache,target=/var/lib/apt,sharing=locked \
    apt update &&\
-    apt install -y python3
+    apt install -y python3 adduser
 RUN adduser -u 1000 --system --shell /bin/sh --home /home/jovyan jovyan
 USER jovyan
 COPY --from=build /home/jovyan /home/jovyan
--- a/nginx/Dockerfile
+++ b/nginx/Dockerfile
@@ -1,8 +1,8 @@
-
+ARG NGINX_BRANCH=vanilla
 FROM alpine:latest AS base

-FROM alpine:latest AS build
-ARG NGINX_VERSION LIBRESSL_VERSION=4.0.0
+FROM alpine:latest AS build_stage_1
+ARG NGINX_VERSION LIBRESSL_VERSION=4.1.0
 ENV NGINX_VERSION=${NGINX_VERSION}
 RUN --mount=type=cache,target=/var/cache/apk apk update
 RUN --mount=type=cache,target=/var/cache/apk apk add \
@@ -40,14 +40,10 @@ RUN --mount=type=cache,target=/var/cache/apk apk add \
 RUN adduser -D luser
 USER luser
 WORKDIR /home/luser
-# ADD --chown=luser:luser https://boringssl.googlesource.com/boringssl.git boringssl
-# RUN grep -qxF 'SET_TARGET_PROPERTIES(crypto PROPERTIES SOVERSION 1)' boringssl/crypto/CMakeLists.txt || echo -e '\nSET_TARGET_PROPERTIES(crypto PROPERTIES SOVERSION 1)' >> boringssl/crypto/CMakeLists.txt
-# RUN grep -qxF 'SET_TARGET_PROPERTIES(ssl PROPERTIES SOVERSION 1)' boringssl/ssl/CMakeLists.txt || echo -e '\nSET_TARGET_PROPERTIES(ssl PROPERTIES SOVERSION 1)' >> boringssl/ssl/CMakeLists.txt
-# RUN mkdir -p boringssl/build
-# RUN cmake -G Ninja -B boringssl/build -S boringssl -DCMAKE_BUILD_TYPE=Release
-# RUN cmake --build boringssl/build

 #RUN git clone --depth 1 --branch v4.0.0 https://github.com/libressl/portable.git libressl
+#RUN git clone --depth 1 --branch v4.0.0 https://github.com/libressl/portable.git libressl
+#ADD --chown=luser:luser git@github.com:libressl/portable.git#v${LIBRESSL_VERSION} libressl
 ADD --chown=luser:luser https://cdn.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz libressl.tgz
 RUN tar -xzf libressl.tgz && mv libressl-${LIBRESSL_VERSION} libressl && rm libressl.tgz
 RUN mkdir -p libressl/build
@@ -61,7 +57,15 @@ RUN cmake -G Ninja -B libressl/build -S libressl \
 	-DBUILD_SHARED_LIBS=OFF
 RUN cmake --build libressl/build

+FROM build_stage_1 AS build_stage_2_vanilla
+ARG NGINX_VERSION
 ADD --chown=luser:luser https://github.com/nginx/nginx.git#release-${NGINX_VERSION} /nginx
+
+FROM build_stage_1 AS build_stage_2_woggioni
+ARG NGINX_VERSION
+ADD --chown=luser:luser git@github.com:woggioni/nginx.git#release-${NGINX_VERSION} /nginx
+
+FROM build_stage_2_${NGINX_BRANCH} AS build
 ADD --chown=luser:luser https://github.com/openresty/headers-more-nginx-module.git /ngx_headers_more
 ADD --chown=luser:luser https://github.com/google/ngx_brotli.git /ngx_brotli
 USER root
@@ -87,12 +91,14 @@ RUN --mount=type=cache,target=/var/cache/apk \
    --mount=type=bind,from=build,source=/ngx_headers_more,target=/ngx_headers_more \
    --mount=type=bind,from=build,source=/ngx_brotli,target=/ngx_brotli \
    --mount=type=bind,from=build,source=/njs,target=/njs \
-	--mount=type=bind,source=install.sh,target=/install.sh \
+    --mount=type=bind,source=install.sh,target=/install.sh \
 	 (cd nginx && sh /install.sh)
 RUN --mount=type=cache,target=/var/cache/apk apk del .install_deps

+COPY --from=build /home/luser/libressl/openssl.cnf /etc/ssl/openssl.cnf
 COPY conf/nginx.conf /etc/nginx/nginx.conf
 COPY conf/nginx.vh.no-default.conf /etc/nginx/conf.d/default.conf
+COPY conf/dhparam /etc/nginx/dhparam

 LABEL description="NGINX Docker built top of LibreSSL" \
      maintainer="Walter Oggioni <oggioni.walter@gmail.com>" \
--- a/nginx/conf/dhparam
+++ b/nginx/conf/dhparam
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
+-----END DH PARAMETERS-----
--- a/nginx/conf/nginx.conf
+++ b/nginx/conf/nginx.conf
@@ -40,13 +40,15 @@ http {

    keepalive_disable  msie6;

-    ssl_protocols TLSv1.3;
-    ssl_ecdh_curve X25519:P-521:P-384;
-    ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-CAMELLIA256-SHA256:DHE-RSA-CAMELLIA256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA256:CAMELLIA128-SHA;
-    ssl_prefer_server_ciphers on;
-    ssl_session_cache shared:SSL:1m;
-    ssl_session_timeout 1h;
-    
+    # intermediate configuration
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ecdh_curve X25519:prime256v1:secp384r1;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+
+    # see also ssl_session_ticket_key alternative to stateful session cache
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
    ssl_session_tickets off;

    http2 on;
--- a/rlevtree/Dockerfile
+++ b/rlevtree/Dockerfile
@@ -0,0 +1,3 @@
+FROM scratch
+ADD benchmark.wasm /benchmark.wasm
+CMD ["/benchmark.wasm"]
--- a/rlevtree/benchmark.wasm
+++ b/rlevtree/benchmark.wasm
--- a/swarm-cli/Dockerfile
+++ b/swarm-cli/Dockerfile
@@ -0,0 +1,14 @@
+FROM alpine:3.22
+
+RUN --mount=type=cache,target=/var/cache/apk apk update
+RUN --mount=type=cache,target=/var/cache/apk apk add nodejs npm nushell curl
+RUN npm install --global @ethersphere/swarm-cli
+RUN addgroup -S ethswarm
+RUN adduser -D -S -h /var/lib/ethswarm -s /usr/bin/nu -G ethswarm ethswarm
+ADD --chown=ethswarm:ethswarm config.nu /var/lib/ethswarm/.config/nushell/config.nu
+
+USER ethswarm
+WORKDIR /var/lib/ethswarm
+ENTRYPOINT ["/usr/bin/nu"]
+
+
--- a/swarm-cli/config.nu
+++ b/swarm-cli/config.nu
@@ -0,0 +1,40 @@
+# config.nu
+#
+# Installed by:
+# version = "0.104.1"
+#
+# This file is used to override default Nushell settings, define
+# (or import) custom commands, or run any other startup tasks.
+# See https://www.nushell.sh/book/configuration.html
+#
+# This file is loaded after env.nu and before login.nu
+#
+# You can open this file in your default editor using:
+# config nu
+#
+# See `help config nu` for more options
+#
+# You can remove these comments if you want or leave
+# them for future reference.
+
+use std/util "path add"
+
+path add ($env.HOME | path join "bin")
+path add ($env.HOME | path join ".local/bin")
+path add ($env.HOME | path join ".cargo/bin")
+
+$env.config.show_banner = false
+$env.config.history.max_size = 10000
+
+$env.PROMPT_COMMAND = { ||
+    let username = id -u -n
+    let hostname = sys host | get hostname
+    let current_dir = (pwd)
+    
+    $"($username)@($hostname) ($current_dir)"
+}
+
+def --env mkcd [p: string] {
+    mkdir $p
+    cd $p
+}
--- a/wildfly/Dockerfile
+++ b/wildfly/Dockerfile
@@ -7,6 +7,7 @@ RUN echo "   -> Removing unneeded .bat and .ps1 files..." &&\
    install -d -m 755 "/opt/" &&\
    tar -xf wildfly-${VERSION}.Final.tar.gz &&\
    cp -R "wildfly-${VERSION}.Final" "/opt/wildfly" &&\
+    rm /opt/wildfly/bin/standalone.conf &&\
    cd "wildfly-${VERSION}.Final/docs/contrib/scripts/systemd" &&\
    echo "   -> Creating wildfly.conf (environment settings)..." &&\
    install -D -t "/opt/wildfly/etc/wildfly" -m 644 wildfly.conf &&\
@@ -14,18 +15,27 @@ RUN echo "   -> Removing unneeded .bat and .ps1 files..." &&\
    install -D -t "/opt/wildfly/bin" -m 755 launch.sh &&\
    chmod -R u=rwX,g=rwX,o=rX "/opt/wildfly"

-FROM eclipse-temurin:23-jre-alpine AS release
-RUN adduser wildfly -u 1000 --system -s /bin/sh -h /opt/wildfly
+FROM archlinux:latest AS release
+RUN pacman-key --init
+RUN pacman-key --refresh-keys
+RUN curl --retry 3 -OJ https://gitea.woggioni.net/api/packages/woggioni/arch/repository.key
+RUN pacman-key --add repository.key
+RUN pacman-key --lsign-key 0D28BF66FDB45D18D8EBEE5D4C91DADCD00B3F77
+
+RUN --mount=type=bind,source=pacman-gitea-repository.conf,target=pacman-gitea-repository.conf cat pacman-gitea-repository.conf  >> /etc/pacman.conf
+RUN --mount=type=cache,target=/var/cache/pacman pacman -Syu --noconfirm
+RUN --mount=type=cache,target=/var/cache/pacman pacman -S --noconfirm jre21-openjdk
+RUN useradd wildfly -u 1000 --system -s /bin/sh -d /opt/wildfly
 COPY --from=build /opt/wildfly /opt/wildfly
 RUN install -d -m 755 -o wildfly /opt/wildfly/standalone/log
 RUN install -d -m 755 -o wildfly /opt/wildfly/standalone/data
 RUN install -d -m 755 -o wildfly /opt/wildfly/standalone/tmp
 RUN install -d -m 755 -o wildfly /opt/wildfly/standalone/deployments
 RUN chown -R wildfly /opt/wildfly/standalone/configuration
-VOLUME ["/opt/wildfly/standalone/deployments", "/opt/wildfly/standalone/tmp", "/opt/wildfly/standalone/data", "/opt/wildfly/standalone/log"]
+VOLUME ["/opt/wildfly/standalone/tmp", "/opt/wildfly/standalone/data", "/opt/wildfly/standalone/log"]
 USER wildfly
 WORKDIR /opt/wildfly
 ENV LAUNCH_JBOSS_IN_BACKGROUND=true
 EXPOSE 8080/tcp
 EXPOSE 9990/tcp
-ENTRYPOINT ["/opt/wildfly/bin/standalone.sh", "-c", "standalone.xml", "-b", "0.0.0.0"]
+ENTRYPOINT ["/opt/wildfly/bin/standalone.sh", "-c", "standalone.xml", "-b", "0.0.0.0"]
--- a/wildfly/pacman-gitea-repository.conf
+++ b/wildfly/pacman-gitea-repository.conf
@@ -0,0 +1,4 @@
+
+[woggioni.gitea.woggioni.net]
+SigLevel = Required
+Server = https://gitea.woggioni.net/api/packages/woggioni/arch/default/x86_64
--- a/xmrig/001-remove-donation.patch
+++ b/xmrig/001-remove-donation.patch
@@ -0,0 +1,15 @@
+diff --git a/src/donate.h b/src/donate.h
+index 206b1b8f..14cdf9ea 100644
+--- a/src/donate.h
+++ b/src/donate.h
+@@ -37,8 +37,8 @@
+  * If you plan on changing donations to 0%, please consider making a one-off donation to my wallet:
+  * XMR: 48edfHu7V9Z84YzzMa6fUueoELZ9ZRXq9VetWzYGzKt52XU5xvqgzYnDK9URnRoJMk1j8nLwEVsaSWJ4fhdUyZijBGUicoD
+  */
+-constexpr const int kDefaultDonateLevel = 1;
+-constexpr const int kMinimumDonateLevel = 1;
+constexpr const int kDefaultDonateLevel = 0;
+constexpr const int kMinimumDonateLevel = 0;
+ 
+ 
+ #endif // XMRIG_DONATE_H
--- a/xmrig/Dockerfile
+++ b/xmrig/Dockerfile
@@ -0,0 +1,51 @@
+FROM alpine:3.22 AS base
+
+FROM base AS build
+ARG VERSION
+RUN --mount=type=cache,target=/var/cache/apk apk add gcc g++ musl-dev cmake ninja hwloc-dev libuv-dev openssl-dev git upx
+RUN adduser -D -S -h /home/luser luser
+WORKDIR /home/luser
+USER luser
+ADD --chown=luser:luser git@github.com:xmrig/xmrig.git#v${VERSION} xmrig
+ADD 001-remove-donation.patch .
+RUN mkdir build
+WORKDIR xmrig
+RUN git apply /home/luser/001-remove-donation.patch
+WORKDIR /home/luser
+RUN cmake -G Ninja -S xmrig -B build -DCMAKE_BUILD_TYPE=Release \ 
+  -DWITH_VAES=TRUE \
+  -DWITH_RANDOMX=ON \
+  -DWITH_OPENCL=OFF \
+  -DWITH_MSR=ON \
+  -DWITH_CUDA=OFF \
+  -DWITH_BENCHMARK=OFF \
+  -DWITH_HWLOC=ON \
+  -DWITH_HTTP=ON \
+  -DWITH_SSE41=ON \
+  -DWITH_AVX2=ON \
+  -DWITH_ASM=ON \
+  -DWITH_ARGON2=ON \
+  -DWITH_ADL=ON \
+  -DWITH_CN_PICO=ON \
+  -DWITH_CN_LITE=ON \
+  -DWITH_CN_HEAVY=ON \
+  -DWITH_CN_FEMTO=ON \
+  -DWITH_GHOSTRIDER=ON \
+  -DWITH_KAWPOW=ON \
+  -DWITH_ENV_VARS=ON \
+  -DWITH_RANDOMX=ON
+
+WORKDIR build
+RUN ninja
+RUN strip -s xmrig
+RUN upx -6 xmrig
+
+
+
+FROM base AS release
+RUN --mount=type=cache,target=/var/cache/apk apk add hwloc libuv openssl
+COPY --from=build /home/luser/build/xmrig /usr/local/bin/xmrig
+RUN adduser -D -S -h /var/lib/xmrig xmrig
+WORKDIR /var/lib/xmrig
+USER xmrig
+ENTRYPOINT ["/usr/local/bin/xmrig"]
Author	SHA1	Message	Date
Walter Oggioni	b7800f5f0a	switched build of jupyter-python to hostinger All checks were successful CI / Build Jupyter python Docker images (push) Successful in 1h8m3s Details	2025-09-30 15:25:36 +08:00
Walter Oggioni	558591b3d8	updated wildfly to 37.0.1 All checks were successful CI / Build wildfly docker images (push) Successful in 6m4s Details	2025-09-12 17:56:53 +08:00
Walter Oggioni	d633e64180	- switched bee dashboard to my own branch All checks were successful CI / Build & deploy Cloudflare page (push) Successful in 2m33s Details CI / Build bee-dashboard docker images (push) Successful in 26m48s Details - added beed dashboard deployment to Cloudflare Pages	2025-09-10 13:41:22 +08:00
Walter Oggioni	9e7b5c1657	fixed nginx imageTLS configuration All checks were successful CI / Build nginx docker images (push) Successful in 21m54s Details	2025-09-08 05:43:23 +08:00
Walter Oggioni	5dad514ef4	added dyndns Docker image All checks were successful CI / Build dyndns docker images (push) Successful in 1m53s Details	2025-09-02 06:27:06 +08:00
Walter Oggioni	93b67958b9	moved bee-dashboard image to nginx All checks were successful CI / Build bee-dashboard docker images (push) Successful in 9m50s Details	2025-08-26 12:12:15 +08:00
Walter Oggioni	69abf17453	added bee-dashboard image All checks were successful CI / Build bee-dashboard docker images (push) Successful in 39m25s Details	2025-08-26 09:04:00 +08:00
Walter Oggioni	75a2d71eab	added xmrig image All checks were successful CI / Build xmrig docker images (push) Successful in 14s Details	2025-08-19 16:47:58 +08:00
Walter Oggioni	94e2d4ee85	removed standalone.conf from Wildfly image All checks were successful CI / Build wildfly docker images (push) Successful in 2m35s Details	2025-08-15 14:28:56 +08:00
Walter Oggioni	e6e2cd331f	test exposing ssh keys during docker build All checks were successful CI / Build nginx docker images (push) Successful in 12m19s Details	2025-08-14 21:36:24 +08:00
Walter Oggioni	aaefd685c0	updated nginx to 1.29.1 All checks were successful CI / Build nginx docker images (push) Successful in 7m55s Details	2025-08-14 20:06:40 +08:00
Walter Oggioni	e1234495f1	updated wildfly image to 37.0.0 All checks were successful CI / Build wildfly docker images (push) Successful in 2m24s Details	2025-08-14 18:19:52 +08:00
Walter Oggioni	28dbece797	switched Wildfly image to archlinux All checks were successful CI / Build wildfly docker images (push) Successful in 8m28s Details	2025-08-14 18:01:57 +08:00
Walter Oggioni	08952e074e	added `adduser` command to Jupyter Python image All checks were successful CI / Build Jupyter python Docker images (push) Successful in 38m18s Details	2025-08-14 14:11:35 +08:00
Walter Oggioni	a3e83bf911	added swarm-cli image All checks were successful CI / Build swarm-cli docker images (push) Successful in 17s Details	2025-08-11 20:59:04 +08:00
Walter Oggioni	41a803e4c0	added rlevtree docker image All checks were successful CI / Build rlevtree docker images (push) Successful in 7s Details	2025-08-06 17:05:10 +08:00
Walter Oggioni	ab0ceb2fd7	added wasm-bindgen to gitea image All checks were successful CI / Build arch-builder docker images (push) Successful in 4m40s Details	2025-08-04 17:45:44 +08:00
Walter Oggioni	30614158c4	add worker-build executable to gitea image All checks were successful CI / Build arch-builder docker images (push) Successful in 23m7s Details	2025-08-04 15:58:06 +08:00
Walter Oggioni	4149f86d63	attempt to build nginx image for arm64 All checks were successful CI / Build nginx docker images (push) Successful in 6m36s Details	2025-07-25 11:51:23 +08:00
Walter Oggioni	34dd0c63e8	updated nginx to 1.29.0 All checks were successful CI / Build nginx docker images (push) Successful in 1m50s Details	2025-07-18 21:44:56 +08:00
Walter Oggioni	263d267ac9	added sccache to gitea image All checks were successful CI / Build arch-builder docker images (push) Successful in 7m12s Details CI / Build nginx docker images (push) Successful in 1m57s Details	2025-07-18 21:20:49 +08:00
Walter Oggioni	721923a0ca	added rustup update command	2025-07-18 16:37:10 +08:00
Walter Oggioni	14948a13e1	fixed docker build cache for arch-builder image	2025-07-18 16:26:15 +08:00