feat: add apps images for PostgreSQL and Uptime Kuma 2

Greelan · Greelan · commit 6014e841ea42 · 2025-09-07T18:21:34.000+10:00
diff --git a/.github/workflows/apps.yml b/.github/workflows/apps.yml
@@ -0,0 +1,87 @@
+name: build apps
+on:
+  workflow_dispatch:
+  workflow_run:
+    workflows: [build base]
+    types: [completed]
+    branches:
+      - master
+  push:
+    branches:
+      - master
+    paths:
+      - apps/**
+      - scripts/apps/**
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  check_changes:
+    runs-on: ubuntu-latest
+    outputs:
+      postgresql_changed: ${{ steps.filter.outputs.postgresql_changed || 'false' }}
+      uptime_kuma_2_changed: ${{ steps.filter.outputs.uptime_kuma_2_changed || 'false' }}
+      base_changed: ${{ steps.filter.outputs.base_changed || 'false' }}
+    steps:
+      - if: ${{ github.event_name == 'push' }}
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - if: ${{ github.event_name == 'push' }}
+        id: filter
+        uses: dorny/paths-filter@v3
+        with:
+          filters: |
+            postgresql_changed:
+              - 'apps/postgresql/**'
+              - 'scripts/apps/postgresql/**'
+            uptime_kuma_2_changed:
+              - 'apps/uptime-kuma-2/**'
+              - 'scripts/apps/uptime-kuma-2/**'
+            base_changed:
+              - 'base/**'
+              - 'scripts/base/ampstart.sh'
+
+  build_and_push:
+    needs: [check_changes]
+    if: ${{ github.repository_owner == 'CubeCoders' && github.ref == 'refs/heads/master' && ((github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success') || (github.event_name == 'workflow_dispatch') || (github.event_name == 'push' && needs.check_changes.outputs.base_changed != 'true' && ((matrix.app == 'postgresql' && needs.check_changes.outputs.postgresql_changed  == 'true') || (matrix.app == 'uptime-kuma-2' && needs.check_changes.outputs.uptime_kuma_2_changed == 'true'))) }} 
+    name: 'amp:apps-${{ matrix.app }}'
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        app:
+          - postgresql
+          - uptime-kuma-2
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event_name == 'workflow_run' && github.event.workflow_run.head_sha || github.sha }}
+
+      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-buildx-action@v3
+
+      - uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./apps/${{ matrix.app }}/Dockerfile
+          platforms: linux/amd64,linux/arm64/v8
+          push: true
+          pull: true
+          tags: cubecoders/ampbase:${{ matrix.app }}
+          cache-from: type=gha,scope=${{ github.workflow }}-${{ matrix.app }}
+          cache-to: type=gha,mode=max,scope=${{ github.workflow }}-${{ matrix.app }}
+          provenance: mode=max
+          sbom: true
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
diff --git a/apps/uptime-kuma-2/Dockerfile b/apps/uptime-kuma-2/Dockerfile
@@ -0,0 +1,41 @@
+# Uptime Kuma 2 image for AMP containers
+# Based on https://github.com/louislam/uptime-kuma/blob/223cde831f09a49a317bc4e5926cc8a38a6fa3f2/docker/debian-base.dockerfile
+# cubecoders/ampbase:uptime-kuma-2
+
+FROM        cubecoders/ampbase:debian
+
+LABEL       org.opencontainers.image.licenses=MIT
+
+ENV         UPTIME_KUMA_ENABLE_EMBEDDED_MARIADB="1"
+ENV         AMP_ADDITIONAL_ENV_VARS="UPTIME_KUMA_ENABLE_EMBEDDED_MARIADB"
+ENV         DEBIAN_FRONTEND="noninteractive"
+
+# Install required packages
+RUN         set -eux; \
+            apt-get update; \
+            # Install base dependencies
+            apt-get install -o APT::Keep-Downloaded-Packages="false" -y --no-install-recommends \
+                sqlite3 ca-certificates iputils-ping util-linux; \
+            # Install Apprise for notifications
+            wget -qO- http://ftp.debian.org/debian/pool/main/a/apprise/ | grep -oP 'href="apprise_.*?all\.deb"' | sed 's/href="//;s/"//' | sort -V | tail -n 1 | xargs -I {} wget -qO apprise.deb http://ftp.debian.org/debian/pool/main/a/apprise/{}; \
+            apt-get install -o APT::Keep-Downloaded-Packages="false" -y --no-install-recommends \
+                ./apprise.deb python3-paho-mqtt; \
+            rm -f apprise.deb; \
+            # Install cloudflared
+            install -d -m 0755 /etc/apt/keyrings; \
+            wget -qO- https://pkg.cloudflare.com/cloudflare-main.gpg | gpg --dearmor -o /etc/apt/keyrings/cloudflare-main.gpg; \
+            printf 'Types: deb\nURIs: https://pkg.cloudflare.com/cloudflared\nSuites: any\nComponents: main\nSigned-By: /etc/apt/keyrings/cloudflare-main.gpg\n' | tee /etc/apt/sources.list.d/cloudflared.sources >/dev/null; \
+            apt update; \
+            apt-get install -o APT::Keep-Downloaded-Packages="false" -y --no-install-recommends -t stable \
+                cloudflared; \
+            # Install remaining dependencies
+            apt-get install -o APT::Keep-Downloaded-Packages="false" -y --no-install-recommends \
+                chromium fonts-indic fonts-noto fonts-noto-cjk mariadb-server; \
+            apt-get clean; \
+            rm -rf /var/lib/apt/lists/*
+ 
+COPY        ./scripts/apps/uptime-kuma-2/ampstart.sh /ampstart.sh
+RUN         chmod +x /ampstart.sh
+ENTRYPOINT  ["/usr/bin/tini", "-g", "--", "/ampstart.sh"]
+CMD         []
+            
diff --git a/scripts/apps/uptime-kuma-2/ampstart.sh b/scripts/apps/uptime-kuma-2/ampstart.sh
@@ -0,0 +1,114 @@
+#!/bin/bash
+
+set -eo pipefail
+
+echo "[Info] AMPStart for Docker"
+ARCH=$(uname -m)
+
+# Context check
+[ -z "${AMPUSERID}" ] && { echo "[Error] This docker image cannot be used directly by itself - it must be started by ampinstmgr"; exit 100; }
+
+# Create /etc/machine-id (addresses Proton/dbus issues)
+mkdir -p /var/lib/dbus
+rm -f /etc/machine-id /var/lib/dbus/machine-id
+dbus-uuidgen --ensure=/etc/machine-id
+ln -s /etc/machine-id /var/lib/dbus/machine-id
+
+# Set up amp user and group
+: "${AMPUSERID:?AMPUSERID not set}"
+: "${AMPGROUPID:?AMPGROUPID not set}"
+
+echo "[Info] Setting up amp user and group..."
+
+if ! getent group "${AMPGROUPID}" >/dev/null; then
+  if getent group amp >/dev/null; then
+    groupmod -o -g "${AMPGROUPID}" amp
+  else
+    groupadd -r -g "${AMPGROUPID}" amp
+  fi
+fi
+
+if id amp &>/dev/null; then
+  usermod -o -u "${AMPUSERID}" -g "${AMPGROUPID}" amp
+else
+  useradd -m -d /home/amp -s /bin/bash -c "AMP Process User" \
+    -u "${AMPUSERID}" -g "${AMPGROUPID}" amp
+fi
+
+getent group tty >/dev/null && usermod -aG tty amp
+
+install -d -m 0755 /home/amp
+touch /home/amp/.gitconfig
+chown -R amp:amp /home/amp
+
+# Make AMP binary executable
+AMP_BIN="/AMP/AMP_Linux_${ARCH}"
+chmod +x "${AMP_BIN}" || { echo "[Error] AMP binary not found or cannot be made executable"; exit 101; }
+
+# Install extra dependencies if needed (non-fatal)
+REQUIRED_DEPS=()
+if [[ -n "${AMP_CONTAINER_DEPS:-}" ]]; then
+  # shellcheck disable=SC2207
+  REQUIRED_DEPS=($(jq -r '.[]? | select(type=="string" and length>0)' <<<"${AMP_CONTAINER_DEPS}" 2>/dev/null || echo))
+fi
+
+if ((${#REQUIRED_DEPS[@]})); then
+  echo "[Info] Installing extra dependencies..."
+  (
+    set +e
+    apt-get update || echo "[Warn] apt-get update failed; continuing"
+    apt-get install -y --no-install-recommends --allow-downgrades \
+      -o APT::Keep-Downloaded-Packages="false" "${REQUIRED_DEPS[@]}" \
+      || echo "[Warn] apt-get install failed (bad package name?); continuing"
+    apt-get clean >/dev/null 2>&1 || true
+    rm -rf /var/lib/apt/lists/* || true
+  )
+fi
+
+# Set custom mountpoint permissions if needed (non-fatal)
+if [[ -n "${AMP_MOUNTPOINTS:-}" ]]; then
+  echo "[Info] Updating custom mountpoint permissions..."
+  IFS=':' read -r -a dirs <<< "${AMP_MOUNTPOINTS}"
+  for dir in "${dirs[@]}"; do
+    [[ -n "${dir}" ]] || continue
+    if [[ -e "${dir}" ]]; then
+      chown -R amp:"${AMPGROUPID}" "${dir}" 2>/dev/null || echo "[Warn] chown failed for ${dir}; continuing"
+    else
+      echo "[Warn] Mountpoint not found: ${dir}; skipping"
+    fi
+  done
+fi
+
+# Run custom start script if it exists (non-fatal)
+if [[ -f "/AMP/customstart.sh" ]]; then
+  echo "[Info] Running customstart.sh..."
+  chmod +x /AMP/customstart.sh 2>/dev/null || true
+  ( set +e; /AMP/customstart.sh; rc=$?; ((rc==0)) || echo "[Warn] customstart.sh exited with $rc; continuing" )
+fi
+
+# Addition for Uptime Kuma 2 (for embedded MySQL)
+chown -R amp:amp /var/lib/mysql
+
+# Handoff
+echo "[Info] Starting AMP..."
+ARGS=$@
+keep_env=(
+  HOME=/home/amp
+  USER=amp LOGNAME=amp SHELL=/bin/bash
+  LANG="${LANG:-en_US.UTF-8}" LANGUAGE="${LANGUAGE:-en_US:en}" LC_ALL="${LC_ALL:-en_US.UTF-8}"
+  PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+  MAIL=/var/mail/amp
+)
+# Always keep these AMP_ env vars if set
+for v in AMPHOSTPLATFORM AMP_CONTAINER AMP_CONTAINER_HOST_NETWORK AMPMEMORYLIMIT AMPSWAPLIMIT AMPCONTAINERCPUS; do
+  if [[ -n "${!v-}" ]]; then keep_env+=("$v=${!v}"); fi
+done
+# Extra passthrough of env vars listed in AMP_ADDITIONAL_ENV_VARS in the Dockerfile
+if [[ -n "${AMP_ADDITIONAL_ENV_VARS-}" ]]; then
+  for v in ${AMP_ADDITIONAL_ENV_VARS}; do
+    if [[ -n "${!v-}" ]]; then keep_env+=("$v=${!v}"); fi
+  done
+fi
+
+exec gosu amp:amp env -i "${keep_env[@]}" \
+  bash -c "cd /AMP && exec ${AMP_BIN} ${ARGS}"
