init

.woodpecker.yml

@@ -0,0 +1,88 @@
+variables:
+  &vars
+    - REGISTRY=code.balsillie.net
+    - REGISTRY_USER=michael
+    - DOCKERFILE=Dockerfile
+    - CONTEXT=.
+    - MATRIX_HOST=matrix.balsillie.net
+    - MATRIX_PORT=443
+    - MATRIX_ROOM=!HdSXmuHcBMaYExEfkh:balsillie.net
+
+workspace:
+  base: /git
+  path: pipeline
+
+clone:
+  git:
+    image: woodpeckerci/plugin-git
+
+pipeline:
+
+  docker-build:
+    image: docker:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      *vars
+    secrets:
+      - source: REGISTRY_PASSWORD
+        target: REGISTRY_PASSWORD
+    commands:
+      - echo $REGISTRY_PASSWORD | docker login $REGISTRY -u $REGISTRY_USER --password-stdin
+      - docker build
+        -t $REGISTRY/$${CI_REPO}:$${CI_COMMIT_TAG}
+        -t $REGISTRY/$${CI_REPO}:$(date +%F_%H-%M)
+        -t $REGISTRY/$${CI_REPO}:latest
+        --pull
+        -f $${DOCKERFILE}
+        $${CONTEXT}
+      - docker push -a $REGISTRY/$${CI_REPO}
+    when:
+      event: tag
+      tag: v*
+
+  trigger-watchtower:
+    image: code.balsillie.net/containers/woodpecker-util
+    pull: false
+    environment:
+      *vars
+    secrets:
+      - source: WATCHTOWER_HTTP_API_TOKEN
+        target: WATCHTOWER_HTTP_API_TOKEN
+    commands:
+      - HEADER='Authorization:'
+      - HEADER=$HEADER" Bearer $${WATCHTOWER_HTTP_API_TOKEN}"
+      - curl -H "$${HEADER}" -i "https://$${WATCHTOWER_HOST}/v1/update"
+
+
+  notify-matrix-success:
+    image: code.balsillie.net/containers/woodpecker-util
+    pull: false
+    environment:
+      *vars
+    secrets:
+      - source: MATRIX_ACCESS_TOKEN
+        target: MATRIX_ACCESS_TOKEN
+    commands:
+      - sleep 60
+      - shoutrrr send
+        --url matrix://:$${MATRIX_ACCESS_TOKEN}@$${MATRIX_HOST}:$${MATRIX_PORT}/?rooms=$${MATRIX_ROOM}
+        --message "New image build of $${CI_REPO}, $${CI_COMMIT_TAG}, has been completed and pushed."
+    when:
+      status: [ success ]
+
+  notify-matrix-failure:
+    image: code.balsillie.net/containers/woodpecker-util
+    pull: false
+    environment:
+      *vars
+    secrets:
+      - source: MATRIX_ACCESS_TOKEN
+        target: MATRIX_ACCESS_TOKEN
+    commands:
+      - shoutrrr send
+        --url matrix://$${MATRIX_ACCESS_TOKEN}@$${MATRIX_HOST}:$${MATRIX_PORT}/?rooms=$${MATRIX_ROOM}
+        --message "New image build of $${CI_REPO}, $${CI_COMMIT_TAG}, has failed."
+    when:
+      status: [ failure ]

Dockerfile

@@ -0,0 +1,3 @@
+FROM docker.io/library/nginx:latest
+RUN groupmod -g 1000 nginx \
+    && usermod -u 1000 nginx

README.md

@@ -0,0 +1,3 @@
+Pulls the official Nginx container, and modifies the nginx user to UID=1000 and GID=1000.
+
+This avoids file permission conflicts when statically serving files owned by other services.