diff --git a/.github/workflows/build-dockers.yml b/.github/workflows/build-dockers.yml index 461a73c..8793516 100644 --- a/.github/workflows/build-dockers.yml +++ b/.github/workflows/build-dockers.yml @@ -6,9 +6,6 @@ on: - "**" tags: - "v*" - #pull_request: - # branches: - # - "**" workflow_dispatch: jobs: diff --git a/.github/workflows/build-standalone.yml b/.github/workflows/build-standalone.yml new file mode 100644 index 0000000..d917912 --- /dev/null +++ b/.github/workflows/build-standalone.yml @@ -0,0 +1,84 @@ +name: Build Standalone Docker Images + +on: + push: + branches: + - "**" + tags: + - "v*" + workflow_dispatch: + +jobs: + build-standalone: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + GO_VERSION: + - 1.23.1 + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + persist-credentials: false + fetch-depth: 0 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: ${{ matrix.GO_VERSION }} + + - name: APT Install + run: | + sudo dpkg --add-architecture arm64 + sudo apt-get -y install build-essential debhelper fakeroot crossbuild-essential-arm64 + + - name: Build Debian packages + run: | + make debian + make debian-arm64 + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/hakwerk/labca-standalone + annotations: | + org.opencontainers.image.description=Standalone version of LabCA GUI for use with other ACME servers + org.opencontainers.image.documentation=https://github.com/hakwerk/labca/blob/master/README_standalone.md + org.opencontainers.image.title=labca-standalone + labels: | + org.opencontainers.image.description=Standalone version of LabCA GUI for use with other ACME servers + org.opencontainers.image.documentation=https://github.com/hakwerk/labca/blob/master/README_standalone.md + org.opencontainers.image.title=labca-standalone + tags: | + type=schedule,pattern={{date 'YYYYMMDD'}} + type=match,pattern=v(.*),group=1 + type=edge,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} + type=ref,event=branch,enable=${{ github.ref != format('refs/heads/{0}', github.event.repository.default_branch) }} + type=ref,event=pr + + - name: Login to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.ACTION_PAT }} + + - name: Build and push docker images + uses: docker/build-push-action@v6 + with: + annotations: ${{ steps.meta.outputs.annotations }} + context: release + file: build/Dockerfile-standalone + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64,linux/arm64/v8 + push: true + tags: ${{ steps.meta.outputs.tags }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2adee87..054fa37 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,7 +7,7 @@ on: workflow_dispatch: jobs: - build-standalone: + create-release: runs-on: ubuntu-latest strategy: fail-fast: false diff --git a/README_standalone.md b/README_standalone.md index 235ff0a..cc34f51 100644 --- a/README_standalone.md +++ b/README_standalone.md @@ -6,16 +6,18 @@ Getting started with step-ca is much easier than starting with boulder. But Smal As the structure of the ACME data is pretty standard anyway, this standalone version of the LabCA GUI was created to work with step-ca (and potentially other ACME implementations in the future). It only works with their MySQL backend, as the BadgerDB backend has several limitations. -The standalone GUI is distributed as a single binary so that it can be easily installed and started. +The standalone GUI is distributed as a single binary so that it can be easily installed and started. There is also a docker image available. ## Usage -Download the latest .deb file from the latest [release](https://github.com/hakwerk/labca/releases) on GitHub. +### Install package + +Download the latest .deb file for your platform architecture from the latest [release](https://github.com/hakwerk/labca/releases) on GitHub. Install the .deb file: ``` -dpkg -i labca-gui__amd64.deb +dpkg -i labca-gui__.deb ``` The first time you can use the -init flag to create the config file. The location of the config file (default data/config.json), the IP address to listen on (default 0.0.0.0) and the port number (default 3000) can be specified, e.g.: @@ -30,6 +32,17 @@ labca-gui -config stepca.json The first time you connect to the application, you can create an admin account and specify the MySQL connection details for your step-ca database. +### Docker + +When running a docker container you can map local filesystem files or directories as volumes to have the config data outside of the image, e.g.: +``` +docker run -it --rm -v /home/username/acme/stepca_config.json:/usr/data/config.json ghcr.io/hakwerk/labca-standalone +``` +or +``` +docker run -it --rm -v /home/username/acme:/opt/acme ghcr.io/hakwerk/labca-standalone labca-gui -config /opt/acme/stepca.json +``` + ## systemd service diff --git a/build/Dockerfile-standalone b/build/Dockerfile-standalone new file mode 100644 index 0000000..e615e83 --- /dev/null +++ b/build/Dockerfile-standalone @@ -0,0 +1,9 @@ +FROM ubuntu:focal + +ARG TARGETARCH + +COPY labca-gui*.deb /tmp/ + +RUN dpkg -i /tmp/labca-gui_*_$TARGETARCH.deb + +CMD ["labca-gui", "-config", "/usr/data/config.json"] diff --git a/dev/versions b/dev/versions index b00ae82..e0e29df 100755 --- a/dev/versions +++ b/dev/versions @@ -103,6 +103,7 @@ goversion=$(grep GO_VERSION -A 3 ../boulder/.github/workflows/release.yml | egre echo "Boulder .github/workflows/release.yml" grep GO_VERSION -A 3 ../boulder/.github/workflows/release.yml | egrep "\- [\"0-9]+" | sed -e "s/yml-/yml/" colorGoVersion .github/workflows/release.yml $goversion +colorGoVersion .github/workflows/build-standalone.yml $goversion echo goversion=$(grep GO_VERSION ../boulder/docker-compose.yml | sed -e "s/\s*GO_VERSION://")