From c69941be054042bd7cf219db0db21ce563955821 Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:38:13 +0100 Subject: [PATCH 01/14] chore(compose): remove deprecated version tag --- docker-compose.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 83d11dc..f63f610 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,3 @@ -version: '3.8' - services: ircd: build: @@ -93,7 +91,7 @@ services: container_name: gamja restart: unless-stopped ports: - - '8080:80' + - '8081:80' environment: - TZ=UTC depends_on: From 03b4626feaa3d94506279b8824d9ecd7b40e0502 Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:38:37 +0100 Subject: [PATCH 02/14] chore(compose): add comoose name tag --- docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index f63f610..15fbf10 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,3 +1,5 @@ +name: irc.atl.chat + services: ircd: build: From bcc814076ccaa20e6c06cd0bf21fb498a13b9ab6 Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:40:23 +0100 Subject: [PATCH 03/14] chore(compose): tidy up the ordering of the keys as per linter standards --- docker-compose.yml | 68 +++++++++++++++++++++++----------------------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 15fbf10..2a551a2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,11 +10,6 @@ services: UNREALIRCD_VERSION: "6.1.10" ATHEME_VERSION: "7.2.12" container_name: ircd - restart: unless-stopped - ports: - - '6667:6667' # Standard IRC port - - '6697:6697' # IRC over SSL/TLS - - '8600:8600' # JSON-RPC API for webpanel volumes: - ircd_data:/usr/local/unrealircd/data - ircd_logs:/usr/local/unrealircd/logs @@ -23,10 +18,15 @@ services: - ircd_contrib:/usr/local/unrealircd/contrib environment: - TZ=UTC + ports: + - '6667:6667' # Standard IRC port + - '6697:6697' # IRC over SSL/TLS + - '8600:8600' # JSON-RPC API for webpanel networks: - irc_network + restart: unless-stopped healthcheck: - test: ["CMD", "pgrep", "-f", "unrealircd"] + test: [ "CMD", "pgrep", "-f", "unrealircd" ] interval: 30s timeout: 10s retries: 3 @@ -41,7 +41,9 @@ services: UNREALIRCD_VERSION: "6.1.10" ATHEME_VERSION: "7.2.12" container_name: atheme - restart: unless-stopped + depends_on: + ircd: + condition: service_healthy volumes: - atheme_data:/usr/local/atheme/data - atheme_logs:/usr/local/atheme/logs @@ -52,19 +54,17 @@ services: - ATHEME_DATA=/usr/local/atheme/data networks: - irc_network - depends_on: - ircd: - condition: service_healthy - command: ["/usr/local/bin/start-services", "start"] + command: [ "/usr/local/bin/start-services", "start" ] + restart: unless-stopped webpanel: build: context: . dockerfile: web/webpanel/Dockerfile container_name: webpanel - restart: unless-stopped - ports: - - '8080:80' # Web interface + depends_on: + ircd: + condition: service_healthy volumes: - webpanel_data:/var/www/html/unrealircd-webpanel/data - webpanel_config:/var/www/html/unrealircd-webpanel/config @@ -74,13 +74,13 @@ services: - UNREALIRCD_PORT=8600 - UNREALIRCD_RPC_USER=adminpanel - UNREALIRCD_RPC_PASSWORD=webpanel_password_2024 + ports: + - '8080:80' # Web interface networks: - irc_network - depends_on: - ircd: - condition: service_healthy + restart: unless-stopped healthcheck: - test: ["CMD", "curl", "-f", "http://localhost/unrealircd-webpanel/"] + test: [ "CMD", "curl", "-f", "http://localhost/unrealircd-webpanel/" ] interval: 30s timeout: 10s retries: 3 @@ -91,16 +91,16 @@ services: context: . dockerfile: web/gamja/Dockerfile container_name: gamja - restart: unless-stopped - ports: - - '8081:80' - environment: - - TZ=UTC depends_on: ircd: condition: service_healthy + environment: + - TZ=UTC + ports: + - '8081:80' + restart: unless-stopped healthcheck: - test: ["CMD", "curl", "-f", "http://localhost/gamja/"] + test: [ "CMD", "curl", "-f", "http://localhost/gamja/" ] interval: 30s timeout: 10s retries: 3 @@ -111,11 +111,18 @@ services: depends_on: ircd: condition: service_healthy - ports: - - '9000:9000' - restart: always volumes: - /opt/thelounge:/var/opt/thelounge # bind lounge config from the host's file system + ports: + - '9000:9000' + restart: unless-stopped + +networks: + irc_network: + driver: bridge + ipam: + config: + - subnet: 172.20.0.0/16 volumes: ircd_data: driver: local @@ -133,10 +140,3 @@ volumes: driver: local webpanel_config: driver: local - -networks: - irc_network: - driver: bridge - ipam: - config: - - subnet: 172.20.0.0/16 From 0c21b5a7d54de3b0d78c3a6e34b0737c93bccedb Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:41:47 +0100 Subject: [PATCH 04/14] fix(compose): remove ipam subnet config to use docker container names for networking --- docker-compose.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 2a551a2..dec4c69 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -120,9 +120,7 @@ services: networks: irc_network: driver: bridge - ipam: - config: - - subnet: 172.20.0.0/16 + volumes: ircd_data: driver: local From fe31cf65c6a52a3c10b231f531acf99a3cd4e4a6 Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:43:55 +0100 Subject: [PATCH 05/14] chore(compose): switch to compose.yml from docker-compose.yml --- docker-compose.yml => compose.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename docker-compose.yml => compose.yml (100%) diff --git a/docker-compose.yml b/compose.yml similarity index 100% rename from docker-compose.yml rename to compose.yml From 7e2e9151a8f43d617c99111634027bda909ca4ba Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:47:27 +0100 Subject: [PATCH 06/14] chore(docker): switch to use containerfile as a name rather than dockerfile --- .dockerignore | 2 +- Dockerfile => Containerfile | 0 compose.yml | 8 ++++---- web/gamja/{Dockerfile => Containerfile} | 0 web/webpanel/{Dockerfile => Containerfile} | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) rename Dockerfile => Containerfile (100%) rename web/gamja/{Dockerfile => Containerfile} (100%) rename web/webpanel/{Dockerfile => Containerfile} (98%) diff --git a/.dockerignore b/.dockerignore index 81725f4..f81e07d 100644 --- a/.dockerignore +++ b/.dockerignore @@ -10,7 +10,7 @@ README* # Docker files docker-compose.yml -Dockerfile* +Containerfile* .dockerignore # Development and CI files diff --git a/Dockerfile b/Containerfile similarity index 100% rename from Dockerfile rename to Containerfile diff --git a/compose.yml b/compose.yml index dec4c69..cf7fb07 100644 --- a/compose.yml +++ b/compose.yml @@ -4,7 +4,7 @@ services: ircd: build: context: . - dockerfile: Dockerfile + dockerfile: Containerfile target: runtime args: UNREALIRCD_VERSION: "6.1.10" @@ -35,7 +35,7 @@ services: atheme: build: context: . - dockerfile: Dockerfile + dockerfile: Containerfile target: runtime args: UNREALIRCD_VERSION: "6.1.10" @@ -60,7 +60,7 @@ services: webpanel: build: context: . - dockerfile: web/webpanel/Dockerfile + dockerfile: web/webpanel/Containerfile container_name: webpanel depends_on: ircd: @@ -89,7 +89,7 @@ services: gamja: build: context: . - dockerfile: web/gamja/Dockerfile + dockerfile: web/gamja/Containerfile container_name: gamja depends_on: ircd: diff --git a/web/gamja/Dockerfile b/web/gamja/Containerfile similarity index 100% rename from web/gamja/Dockerfile rename to web/gamja/Containerfile diff --git a/web/webpanel/Dockerfile b/web/webpanel/Containerfile similarity index 98% rename from web/webpanel/Dockerfile rename to web/webpanel/Containerfile index 10de14d..14e1849 100644 --- a/web/webpanel/Dockerfile +++ b/web/webpanel/Containerfile @@ -1,4 +1,4 @@ -# UnrealIRCd WebPanel Dockerfile +# UnrealIRCd WebPanel Containerfile # Provides web-based administration interface for UnrealIRCd # Based on official documentation: https://www.unrealircd.org/docs/UnrealIRCd_webpanel From 4613c9603b50309a16e162b0ccbc97a3504a0244 Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:47:53 +0100 Subject: [PATCH 07/14] chore(ci): update ci to use the new containerfile naming --- .github/workflows/ci.yml | 74 ++++++++++++++++++++-------------------- Makefile | 4 +-- scripts/test-ci.sh | 12 +++---- 3 files changed, 45 insertions(+), 45 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ab6e69a..85c9dea 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,13 +3,13 @@ # ============================================================================== # # This workflow handles Docker and infrastructure validation for the IRC server -# project. It runs comprehensive linting on Dockerfiles, Docker Compose files, +# project. It runs comprehensive linting on Containerfiles, Docker Compose files, # and performs security scanning to ensure infrastructure quality. # # WORKFLOW FEATURES: # ------------------ # 1. Smart file change detection to skip unnecessary jobs -# 2. Parallel execution for different linting categories +# 2. Parallel execution for different linting categories # 3. Comprehensive Docker linting with Hadolint # 4. Docker Compose syntax validation with modern docker compose # 5. Security vulnerability scanning with Trivy @@ -46,20 +46,20 @@ concurrency: jobs: # ============================================================================ - # DOCKERFILE LINTING - Static Analysis and Best Practices + # CONTAINERFILE LINTING - Static Analysis and Best Practices # ============================================================================ # Purpose: Ensures Docker best practices and security through Hadolint # Tools: Hadolint with SARIF output for GitHub Security integration # Optimization: Only runs when Docker files change or on manual trigger # ============================================================================ - dockerfile-lint: - name: Dockerfile Linting + containerfile-lint: + name: Containerfile Linting runs-on: ubuntu-latest permissions: contents: read # Required for checkout security-events: write # Required for SARIF upload actions: read # Required for GitHub token - + steps: # REPOSITORY CHECKOUT # Full history not needed for linting current state @@ -68,13 +68,13 @@ jobs: # SMART CHANGE DETECTION # Detects Docker file changes to skip unnecessary runs - # Includes all Dockerfile variants and related files + # Includes all Containerfile variants and related files - name: Detect Docker file changes uses: tj-actions/changed-files@v46 id: docker_changes with: files: | - **/Dockerfile* + **/Containerfile* **/.dockerignore docker-compose*.yml docker-compose*.yaml @@ -85,46 +85,46 @@ jobs: - name: Skip if no Docker changes if: steps.docker_changes.outputs.any_changed != 'true' && github.event_name != 'workflow_dispatch' run: | - echo "✅ No Docker files changed, skipping Dockerfile linting" + echo "✅ No Docker files changed, skipping Containerfile linting" echo "💡 To force run checks, use workflow_dispatch trigger" - # DOCKERFILE DISCOVERY - # Finds all Dockerfiles in the repository for comprehensive linting - - name: Find Dockerfiles + # CONTAINERFILE DISCOVERY + # Finds all Containerfiles in the repository for comprehensive linting + - name: Find Containerfiles if: steps.docker_changes.outputs.any_changed == 'true' || github.event_name == 'workflow_dispatch' - id: dockerfiles + id: containerfiles run: | - # Find all Dockerfiles in the repository - dockerfiles=$(find . -name "Dockerfile*" -type f | grep -v ".git") - if [ -n "$dockerfiles" ]; then + # Find all Containerfiles in the repository + containerfiles=$(find . -name "Containerfile*" -type f | grep -v ".git") + if [ -n "$containerfiles" ]; then echo "found=true" >> $GITHUB_OUTPUT echo "files<> $GITHUB_OUTPUT - echo "$dockerfiles" >> $GITHUB_OUTPUT + echo "$containerfiles" >> $GITHUB_OUTPUT echo "EOF" >> $GITHUB_OUTPUT - echo "Found Dockerfiles:" - echo "$dockerfiles" + echo "Found Containerfiles:" + echo "$containerfiles" else echo "found=false" >> $GITHUB_OUTPUT - echo "No Dockerfiles found" + echo "No Containerfiles found" fi # HADOLINT SECURITY ANALYSIS # Comprehensive linting with SARIF output for GitHub Security # Ignores specific rules that may conflict with multi-stage builds - - name: Lint Dockerfiles with Hadolint (Security Report) - if: steps.dockerfiles.outputs.found == 'true' + - name: Lint Containerfiles with Hadolint (Security Report) + if: steps.containerfiles.outputs.found == 'true' uses: hadolint/hadolint-action@v3.1.0 with: - dockerfile: './Dockerfile' + dockerfile: './Containerfile' failure-threshold: warning format: sarif output-file: hadolint-results.sarif # SECURITY INTEGRATION # Uploads results to GitHub Security tab for centralized view - # Always runs if Dockerfiles found, even if linting fails + # Always runs if Containerfiles found, even if linting fails - name: Upload Hadolint results to GitHub Security - if: steps.dockerfiles.outputs.found == 'true' && always() + if: steps.containerfiles.outputs.found == 'true' && always() uses: github/codeql-action/upload-sarif@v3 with: sarif_file: hadolint-results.sarif @@ -132,11 +132,11 @@ jobs: # CONSOLE OUTPUT FOR IMMEDIATE FEEDBACK # Provides immediate feedback in workflow logs # Helps developers see issues without navigating to Security tab - - name: Lint Dockerfiles with Hadolint (Console Output) - if: steps.dockerfiles.outputs.found == 'true' + - name: Lint Containerfiles with Hadolint (Console Output) + if: steps.containerfiles.outputs.found == 'true' uses: hadolint/hadolint-action@v3.1.0 with: - dockerfile: './Dockerfile' + dockerfile: './Containerfile' failure-threshold: warning # ============================================================================ @@ -151,7 +151,7 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - + steps: # REPOSITORY CHECKOUT # Shallow clone sufficient for validation current state @@ -226,7 +226,7 @@ jobs: run: | # Install yamllint for YAML syntax validation sudo apt-get update && sudo apt-get install -y yamllint - + # Create yamllint config for Docker Compose specifics cat > .yamllint.yml << EOF extends: default @@ -237,7 +237,7 @@ jobs: truthy: allowed-values: ['true', 'false', 'yes', 'no'] # Docker Compose uses various boolean formats EOF - + # Validate each docker-compose file with yamllint echo "${{ steps.compose-files.outputs.files }}" | while IFS= read -r file; do if [ -n "$file" ]; then @@ -264,7 +264,7 @@ jobs: # Only run on pull requests to avoid resource waste on every push # Manual trigger available for security audits if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' - + steps: # REPOSITORY CHECKOUT # Full history not needed for security scanning @@ -278,7 +278,7 @@ jobs: id: security_changes with: files: | - **/Dockerfile* + **/Containerfile* docker-compose*.yml docker-compose*.yaml @@ -295,13 +295,13 @@ jobs: - name: Build Docker image for security scanning if: steps.security_changes.outputs.any_changed == 'true' || github.event_name == 'workflow_dispatch' run: | - if [ -f "Dockerfile" ]; then + if [ -f "Containerfile" ]; then echo "Building Docker image for security scanning..." docker build -t irc-security-scan:latest . echo "✅ Docker image built successfully" else - echo "❌ No Dockerfile found in root directory" - echo "Security scan requires a Dockerfile to analyze" + echo "❌ No Containerfile found in root directory" + echo "Security scan requires a Containerfile to analyze" exit 1 fi @@ -386,4 +386,4 @@ jobs: # View linting results: # Check Actions tab for detailed logs and console output # -# ============================================================================== \ No newline at end of file +# ============================================================================== diff --git a/Makefile b/Makefile index 8662a4c..dbfeebf 100644 --- a/Makefile +++ b/Makefile @@ -337,10 +337,10 @@ lint: fi @if command -v hadolint >/dev/null 2>&1; then \ echo -e "$(BLUE)[INFO]$(NC) Running hadolint..."; \ - hadolint Dockerfile web/webpanel/Dockerfile; \ + hadolint Containerfile web/webpanel/Containerfile; \ echo -e "$(GREEN)[SUCCESS]$(NC) Hadolint completed!"; \ else \ - echo -e "$(YELLOW)[WARNING]$(NC) hadolint not found. Install it for Dockerfile validation."; \ + echo -e "$(YELLOW)[WARNING]$(NC) hadolint not found. Install it for Containerfile validation."; \ fi # ============================================================================ diff --git a/scripts/test-ci.sh b/scripts/test-ci.sh index 4aa2925..13645d8 100755 --- a/scripts/test-ci.sh +++ b/scripts/test-ci.sh @@ -18,12 +18,12 @@ echo -e "${YELLOW}📋 Available jobs:${NC}" act --list echo "" -echo -e "${YELLOW}🐳 Testing Dockerfile Linting...${NC}" +echo -e "${YELLOW}🐳 Testing Containerfile Linting...${NC}" echo "----------------------------------------" -if act push -j dockerfile-lint --verbose; then - echo -e "${GREEN}✅ Dockerfile linting test PASSED${NC}" +if act push -j containerfile-lint --verbose; then + echo -e "${GREEN}✅ Containerfile linting test PASSED${NC}" else - echo -e "${RED}❌ Dockerfile linting test FAILED${NC}" + echo -e "${RED}❌ Containerfile linting test FAILED${NC}" fi echo "" @@ -56,7 +56,7 @@ fi echo "" echo -e "${GREEN}🎉 Testing complete!${NC}" echo "To run individual tests:" -echo " act push -j dockerfile-lint" +echo " act push -j containerfile-lint" echo " act push -j docker-compose-lint" echo " act pull_request -j docker-security-scan" -echo " act push # run all push jobs" \ No newline at end of file +echo " act push # run all push jobs" From d3bc5cde0d20c9a4403d6b0e237a8b5275aa834b Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:48:08 +0100 Subject: [PATCH 08/14] chore(readme): update readme to refer to containerfile over dockerfile --- web/webpanel/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/webpanel/README.md b/web/webpanel/README.md index c8cde94..130fa66 100644 --- a/web/webpanel/README.md +++ b/web/webpanel/README.md @@ -4,7 +4,7 @@ This directory contains the UnrealIRCd WebPanel - a web-based administration int ## Files -- **`Dockerfile`** - Container build configuration for the webpanel +- **`Containerfile`** - Container build configuration for the webpanel - **`config.php`** - PHP configuration file for the webpanel (template) ## What is the WebPanel? From bb19dc424866f46d3ce0cd27f7b2761ae399e4bb Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:49:17 +0100 Subject: [PATCH 09/14] chore(ci): update ci to use the new compose.yml naming --- .github/workflows/ci.yml | 22 +++++++++++----------- scripts/test-ci.sh | 4 ++-- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 85c9dea..e4cf195 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -76,8 +76,8 @@ jobs: files: | **/Containerfile* **/.dockerignore - docker-compose*.yml - docker-compose*.yaml + compose*.yml + compose*.yaml # EARLY TERMINATION FOR UNCHANGED FILES # Skips Hadolint setup if no relevant files changed @@ -146,7 +146,7 @@ jobs: # Tools: Docker Compose config validation and yamllint for YAML syntax # Optimization: Only runs when Compose files change or on manual trigger # ============================================================================ - docker-compose-lint: + compose-lint: name: Docker Compose Linting runs-on: ubuntu-latest permissions: @@ -166,8 +166,8 @@ jobs: id: compose_changes with: files: | - docker-compose*.yml - docker-compose*.yaml + compose*.yml + compose*.yaml compose*.yml compose*.yaml @@ -185,8 +185,8 @@ jobs: if: steps.compose_changes.outputs.any_changed == 'true' || github.event_name == 'workflow_dispatch' id: compose-files run: | - # Find all docker-compose files in the repository - compose_files=$(find . -name "docker-compose*.yml" -o -name "docker-compose*.yaml" -o -name "compose*.yml" -o -name "compose*.yaml" | grep -v ".git") + # Find all compose files in the repository + compose_files=$(find . -name "compose*.yml" -o -name "compose*.yaml" -o -name "compose*.yml" -o -name "compose*.yaml" | grep -v ".git") if [ -n "$compose_files" ]; then echo "found=true" >> $GITHUB_OUTPUT echo "files<> $GITHUB_OUTPUT @@ -205,7 +205,7 @@ jobs: - name: Validate Docker Compose syntax if: steps.compose-files.outputs.found == 'true' run: | - # Validate each docker-compose file using modern docker compose + # Validate each compose file using modern docker compose echo "${{ steps.compose-files.outputs.files }}" | while IFS= read -r file; do if [ -n "$file" ]; then echo "Validating $file..." @@ -238,7 +238,7 @@ jobs: allowed-values: ['true', 'false', 'yes', 'no'] # Docker Compose uses various boolean formats EOF - # Validate each docker-compose file with yamllint + # Validate each compose file with yamllint echo "${{ steps.compose-files.outputs.files }}" | while IFS= read -r file; do if [ -n "$file" ]; then echo "Running yamllint on $file..." @@ -279,8 +279,8 @@ jobs: with: files: | **/Containerfile* - docker-compose*.yml - docker-compose*.yaml + compose*.yml + compose*.yaml # EARLY TERMINATION FOR UNCHANGED DOCKER FILES # Skip security scan if no Docker files changed (unless manual trigger) diff --git a/scripts/test-ci.sh b/scripts/test-ci.sh index 13645d8..b593517 100755 --- a/scripts/test-ci.sh +++ b/scripts/test-ci.sh @@ -29,7 +29,7 @@ fi echo "" echo -e "${YELLOW}📦 Testing Docker Compose Linting...${NC}" echo "----------------------------------------" -if act push -j docker-compose-lint --verbose; then +if act push -j compose-lint --verbose; then echo -e "${GREEN}✅ Docker Compose linting test PASSED${NC}" else echo -e "${RED}❌ Docker Compose linting test FAILED${NC}" @@ -57,6 +57,6 @@ echo "" echo -e "${GREEN}🎉 Testing complete!${NC}" echo "To run individual tests:" echo " act push -j containerfile-lint" -echo " act push -j docker-compose-lint" +echo " act push -j compose-lint" echo " act pull_request -j docker-security-scan" echo " act push # run all push jobs" From 56b8f53dd8040671e0a263980589d18a0a5b8833 Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:49:29 +0100 Subject: [PATCH 10/14] chore(docker): update dockerignore to use the new compose.yml naming --- .dockerignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.dockerignore b/.dockerignore index f81e07d..74aeadd 100644 --- a/.dockerignore +++ b/.dockerignore @@ -9,7 +9,7 @@ docs/ README* # Docker files -docker-compose.yml +compose.yml Containerfile* .dockerignore From dde3d6eef41b493412ca4e805bc1401d1195ce9c Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:51:01 +0100 Subject: [PATCH 11/14] fix(compose): use intenral networking for json-rpc api --- compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compose.yml b/compose.yml index cf7fb07..c65aeb3 100644 --- a/compose.yml +++ b/compose.yml @@ -21,7 +21,7 @@ services: ports: - '6667:6667' # Standard IRC port - '6697:6697' # IRC over SSL/TLS - - '8600:8600' # JSON-RPC API for webpanel + - '8600' # JSON-RPC API for webpanel networks: - irc_network restart: unless-stopped From 77a855c24faee28f23108cdcc5219d24c1cc33b0 Mon Sep 17 00:00:00 2001 From: Atmois Date: Sat, 30 Aug 2025 10:57:32 +0100 Subject: [PATCH 12/14] chore(compose): update to use yaml over yml --- .dockerignore | 2 +- .gitattributes | 2 +- .github/workflows/ci.yml | 14 +++++++------- Containerfile | 4 ++-- compose.yml => compose.yaml | 0 5 files changed, 11 insertions(+), 11 deletions(-) rename compose.yml => compose.yaml (100%) diff --git a/.dockerignore b/.dockerignore index 74aeadd..71f87d0 100644 --- a/.dockerignore +++ b/.dockerignore @@ -9,7 +9,7 @@ docs/ README* # Docker files -compose.yml +compose.yaml Containerfile* .dockerignore diff --git a/.gitattributes b/.gitattributes index 096fbde..f215f64 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,2 @@ -*.yml linguist-detectable +*.yaml linguist-detectable *.yaml linguist-detectable diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e4cf195..623ee88 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -76,7 +76,7 @@ jobs: files: | **/Containerfile* **/.dockerignore - compose*.yml + compose*.yaml compose*.yaml # EARLY TERMINATION FOR UNCHANGED FILES @@ -166,9 +166,9 @@ jobs: id: compose_changes with: files: | - compose*.yml compose*.yaml - compose*.yml + compose*.yaml + compose*.yaml compose*.yaml # EARLY TERMINATION FOR UNCHANGED FILES @@ -186,7 +186,7 @@ jobs: id: compose-files run: | # Find all compose files in the repository - compose_files=$(find . -name "compose*.yml" -o -name "compose*.yaml" -o -name "compose*.yml" -o -name "compose*.yaml" | grep -v ".git") + compose_files=$(find . -name "compose*.yaml" -o -name "compose*.yaml" -o -name "compose*.yaml" -o -name "compose*.yaml" | grep -v ".git") if [ -n "$compose_files" ]; then echo "found=true" >> $GITHUB_OUTPUT echo "files<> $GITHUB_OUTPUT @@ -228,7 +228,7 @@ jobs: sudo apt-get update && sudo apt-get install -y yamllint # Create yamllint config for Docker Compose specifics - cat > .yamllint.yml << EOF + cat > .yamllint.yaml << EOF extends: default rules: line-length: @@ -242,7 +242,7 @@ jobs: echo "${{ steps.compose-files.outputs.files }}" | while IFS= read -r file; do if [ -n "$file" ]; then echo "Running yamllint on $file..." - yamllint -c .yamllint.yml "$file" + yamllint -c .yamllint.yaml "$file" fi done @@ -279,7 +279,7 @@ jobs: with: files: | **/Containerfile* - compose*.yml + compose*.yaml compose*.yaml # EARLY TERMINATION FOR UNCHANGED DOCKER FILES diff --git a/Containerfile b/Containerfile index 5b1c6da..0df6445 100644 --- a/Containerfile +++ b/Containerfile @@ -146,10 +146,10 @@ COPY --chown=ircd:ircd scripts/manage-modules.sh /usr/local/bin/manage-modules COPY --chown=ircd:ircd scripts/module-config.sh /usr/local/bin/module-config COPY --chown=ircd:ircd scripts/start-webpanel.sh /usr/local/bin/start-webpanel -# Set proper permissions and create necessary symlinks +# Set proper permissions and create necessary syamlinks RUN chmod 755 /usr/local/atheme/bin/* /usr/local/unrealircd/bin/* && \ chown -R ircd:ircd /var/log /var/run && \ - # Create symlinks for easier access + # Create syamlinks for easier access ln -sf /usr/local/atheme/bin/atheme-services /usr/local/bin/atheme-services && \ ln -sf /usr/local/unrealircd/bin/unrealircd /usr/local/bin/unrealircd && \ # Ensure proper ownership of configuration directories diff --git a/compose.yml b/compose.yaml similarity index 100% rename from compose.yml rename to compose.yaml From fbf402c0fc8358eedf8d19a17b5b34689fec55c5 Mon Sep 17 00:00:00 2001 From: Artur Manuel Date: Sat, 30 Aug 2025 15:50:07 +0100 Subject: [PATCH 13/14] fix(yaml): lint yaml according to yamllint --- compose.yaml | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/compose.yaml b/compose.yaml index c65aeb3..8414e46 100644 --- a/compose.yaml +++ b/compose.yaml @@ -1,3 +1,5 @@ +--- + name: irc.atl.chat services: @@ -19,14 +21,14 @@ services: environment: - TZ=UTC ports: - - '6667:6667' # Standard IRC port - - '6697:6697' # IRC over SSL/TLS - - '8600' # JSON-RPC API for webpanel + - '6667:6667' # Standard IRC port + - '6697:6697' # IRC over SSL/TLS + - '8600' # JSON-RPC API for webpanel networks: - irc_network restart: unless-stopped healthcheck: - test: [ "CMD", "pgrep", "-f", "unrealircd" ] + test: ["CMD", "pgrep", "-f", "unrealircd"] interval: 30s timeout: 10s retries: 3 @@ -54,7 +56,7 @@ services: - ATHEME_DATA=/usr/local/atheme/data networks: - irc_network - command: [ "/usr/local/bin/start-services", "start" ] + command: ["/usr/local/bin/start-services", "start"] restart: unless-stopped webpanel: @@ -75,12 +77,12 @@ services: - UNREALIRCD_RPC_USER=adminpanel - UNREALIRCD_RPC_PASSWORD=webpanel_password_2024 ports: - - '8080:80' # Web interface + - '8080:80' # Web interface networks: - irc_network restart: unless-stopped healthcheck: - test: [ "CMD", "curl", "-f", "http://localhost/unrealircd-webpanel/" ] + test: ["CMD", "curl", "-f", "http://localhost/unrealircd-webpanel/"] interval: 30s timeout: 10s retries: 3 @@ -100,7 +102,7 @@ services: - '8081:80' restart: unless-stopped healthcheck: - test: [ "CMD", "curl", "-f", "http://localhost/gamja/" ] + test: ["CMD", "curl", "-f", "http://localhost/gamja/"] interval: 30s timeout: 10s retries: 3 @@ -112,7 +114,7 @@ services: ircd: condition: service_healthy volumes: - - /opt/thelounge:/var/opt/thelounge # bind lounge config from the host's file system + - /opt/thelounge:/var/opt/thelounge # bind lounge config from the host's file system ports: - '9000:9000' restart: unless-stopped From 0da191cc340994f3c70dd9777f2acc6067fdb26b Mon Sep 17 00:00:00 2001 From: Artur Manuel Date: Sat, 30 Aug 2025 15:53:07 +0100 Subject: [PATCH 14/14] fix(ci): specify Containerfile in security scanning --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 623ee88..0cfee1c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -297,7 +297,7 @@ jobs: run: | if [ -f "Containerfile" ]; then echo "Building Docker image for security scanning..." - docker build -t irc-security-scan:latest . + docker build -t irc-security-scan:latest -f=Containerfile . echo "✅ Docker image built successfully" else echo "❌ No Containerfile found in root directory"