diff --git a/.github/workflows/docker-build.yaml b/.github/workflows/docker-build.yaml index d1fe8d7d..8b7deef2 100644 --- a/.github/workflows/docker-build.yaml +++ b/.github/workflows/docker-build.yaml @@ -3,81 +3,197 @@ name: Build and Push Docker Image on: workflow_dispatch: inputs: - version: - description: 'Version' + build_type: + description: 'Build type' required: true type: choice options: + - stage-0 - dev - - latest + - release + version: + description: 'Version tag (for main image)' + required: false + default: 'latest' + type: string + platforms: + description: 'Target platforms' + required: false + default: 'linux/amd64,linux/arm64,linux/arm/v7' + type: string + enable_aliyun: + description: 'Push to Aliyun Registry' + required: false + default: true + type: boolean + +env: + DOCKERHUB_REGISTRY: docker.io + ALIYUN_REGISTRY: registry.cn-hangzhou.aliyuncs.com + STAGE0_IMAGE: kvmd-stage-0 + MAIN_IMAGE: kvmd jobs: - build: + build-stage-0: runs-on: ubuntu-22.04 - container: - image: node:18 - env: - TZ: Asia/Shanghai + if: github.event.inputs.build_type == 'stage-0' + permissions: + contents: read + packages: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 + with: + fetch-depth: 0 - - name: Install dependencies + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver: docker-container + platforms: ${{ github.event.inputs.platforms }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: all + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + registry: ${{ env.DOCKERHUB_REGISTRY }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Login to Aliyun Registry + if: github.event.inputs.enable_aliyun == 'true' + uses: docker/login-action@v3 + with: + registry: ${{ env.ALIYUN_REGISTRY }} + username: ${{ secrets.ALIYUN_USERNAME }} + password: ${{ secrets.ALIYUN_PASSWORD }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: | + silentwind0/${{ env.STAGE0_IMAGE }} + ${{ github.event.inputs.enable_aliyun == 'true' && format('{0}/silentwind/{1}', env.ALIYUN_REGISTRY, env.STAGE0_IMAGE) || '' }} + tags: | + type=raw,value=latest + type=raw,value=latest-{{date 'YYYYMMDD-HHmmss'}} + type=sha,prefix={{branch}}- + labels: | + org.opencontainers.image.title=One-KVM Stage-0 Base Image + org.opencontainers.image.description=Base image for One-KVM build environment + org.opencontainers.image.vendor=One-KVM Project + + - name: Build and push stage-0 image + uses: docker/build-push-action@v5 + with: + context: . + file: ./build/Dockerfile-stage-0 + platforms: ${{ github.event.inputs.platforms }} + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha,scope=stage-0 + cache-to: type=gha,mode=max,scope=stage-0 + provenance: false + sbom: false + allow: security.insecure + + build-main: + runs-on: ubuntu-22.04 + if: github.event.inputs.build_type != 'stage-0' + permissions: + contents: read + packages: write + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver: docker-container + platforms: ${{ github.event.inputs.platforms }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: all + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + registry: ${{ env.DOCKERHUB_REGISTRY }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Login to Aliyun Registry + if: github.event.inputs.enable_aliyun == 'true' + uses: docker/login-action@v3 + with: + registry: ${{ env.ALIYUN_REGISTRY }} + username: ${{ secrets.ALIYUN_USERNAME }} + password: ${{ secrets.ALIYUN_PASSWORD }} + + - name: Set version tag + id: version run: | - apt-get update - export DEBIAN_FRONTEND=noninteractive - apt-get install -y --no-install-recommends \ - sudo tzdata docker.io qemu-utils qemu-user-static binfmt-support parted e2fsprogs \ - curl tar python3 python3-pip rsync git android-sdk-libsparse-utils coreutils zerofree - apt-get clean - rm -rf /var/lib/apt/lists/* - ln -snf /usr/share/zoneinfo/$TZ /etc/localtime - echo $TZ > /etc/timezone - update-binfmts --enable - env: - DEBIAN_FRONTEND: noninteractive + if [[ "${{ github.event.inputs.build_type }}" == "dev" ]]; then + echo "tag=dev" >> $GITHUB_OUTPUT + echo "cachebust=$(date +%s)" >> $GITHUB_OUTPUT + elif [[ "${{ github.event.inputs.build_type }}" == "release" ]]; then + echo "tag=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT + echo "cachebust=$(date +%s)" >> $GITHUB_OUTPUT + fi - - name: Install Docker Buildx + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: | + silentwind0/${{ env.MAIN_IMAGE }} + ${{ github.event.inputs.enable_aliyun == 'true' && format('{0}/silentwind/{1}', env.ALIYUN_REGISTRY, env.MAIN_IMAGE) || '' }} + tags: | + type=raw,value=${{ steps.version.outputs.tag }} + type=raw,value=${{ steps.version.outputs.tag }}-{{date 'YYYYMMDD-HHmmss'}} + type=sha,prefix={{branch}}- + labels: | + org.opencontainers.image.title=One-KVM + org.opencontainers.image.description=DIY IP-KVM solution based on PiKVM + org.opencontainers.image.vendor=One-KVM Project + org.opencontainers.image.version=${{ steps.version.outputs.tag }} + + - name: Build and push main image + uses: docker/build-push-action@v5 + with: + context: . + file: ./build/Dockerfile + platforms: ${{ github.event.inputs.platforms }} + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha,scope=main + cache-to: type=gha,mode=max,scope=main + provenance: false + sbom: false + build-args: | + CACHEBUST=${{ steps.version.outputs.cachebust }} + + - name: Build summary run: | - # 创建插件目录 - mkdir -p ~/.docker/cli-plugins - # 下载 buildx 二进制文件 - BUILDX_VERSION="v0.11.2" - curl -L "https://github.com/docker/buildx/releases/download/${BUILDX_VERSION}/buildx-${BUILDX_VERSION}.linux-amd64" -o ~/.docker/cli-plugins/docker-buildx - chmod +x ~/.docker/cli-plugins/docker-buildx - # 验证安装 - docker buildx version - - #- name: Install QEMU - # run: | - # 安装 QEMU 模拟器 - #docker run --privileged --rm tonistiigi/binfmt --install all - # 验证 QEMU 安装 - #docker buildx inspect --bootstrap - - - name: Create and use new builder instance - run: | - # 创建新的 builder 实例 - docker buildx create --name mybuilder --driver docker-container --bootstrap - # 使用新创建的 builder - docker buildx use mybuilder - # 验证支持的平台 - docker buildx inspect --bootstrap - - - name: Build multi-arch image - run: | - # 构建多架构镜像 - docker buildx build \ - --platform linux/amd64,linux/arm64,linux/arm/v7 \ - --file ./build/Dockerfile \ - --tag silentwind/kvmd:${{ github.event.inputs.version }} \ - . - - #- name: Login to DockerHub - # uses: docker/login-action@v2 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN }} - - \ No newline at end of file + echo "## Build Summary" >> $GITHUB_STEP_SUMMARY + echo "- **Build Type**: ${{ github.event.inputs.build_type }}" >> $GITHUB_STEP_SUMMARY + echo "- **Version Tag**: ${{ steps.version.outputs.tag }}" >> $GITHUB_STEP_SUMMARY + echo "- **Platforms**: ${{ github.event.inputs.platforms }}" >> $GITHUB_STEP_SUMMARY + echo "- **Aliyun Enabled**: ${{ github.event.inputs.enable_aliyun }}" >> $GITHUB_STEP_SUMMARY + echo "- **Cache Bust**: ${{ steps.version.outputs.cachebust }}" >> $GITHUB_STEP_SUMMARY + echo "- **Tags**:" >> $GITHUB_STEP_SUMMARY + echo "${{ steps.meta.outputs.tags }}" | sed 's/^/ - /' >> $GITHUB_STEP_SUMMARY \ No newline at end of file diff --git a/build/Dockerfile b/build/Dockerfile index f40af840..8d920536 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -42,6 +42,7 @@ RUN sed -i 's/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.lis libnss3 \ libasound2 \ nano \ + unzip \ && cp /tmp/lib/* /lib/*-linux-*/ \ && pip install --no-cache-dir --root-user-action=ignore --disable-pip-version-check /tmp/wheel/*.whl \ && pip install --no-cache-dir --root-user-action=ignore --disable-pip-version-check pyfatfs \ diff --git a/build/Dockerfile-stage-0 b/build/Dockerfile-stage-0 index e1296e98..b05b5adf 100644 --- a/build/Dockerfile-stage-0 +++ b/build/Dockerfile-stage-0 @@ -47,6 +47,8 @@ RUN sed -i 's/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.lis libspeex-dev \ libspeexdsp-dev \ libusb-1.0-0-dev \ + libldap2-dev \ + libsasl2-dev \ && apt clean \ && rm -rf /var/lib/apt/lists/* @@ -70,7 +72,15 @@ RUN --security=insecure pip config set global.index-url https://pypi.tuna.tsingh more-itertools multidict netifaces packaging passlib pillow ply psutil \ pycparser pyelftools pyghmi pygments pyparsing pyotp qrcode requests \ semantic-version setproctitle six spidev tabulate urllib3 wrapt xlib \ - yarl pyserial pyyaml zstandard supervisor pyfatfs + yarl pyserial pyyaml zstandard supervisor pyfatfs pyserial python-periphery \ + python-ldap python-pam pyrad pyudev pyusb luma.oled pyserial-asyncio + +# 编译 python vedev库 +# && wget https://raw.githubusercontent.com/torvalds/linux/refs/heads/master/include/uapi/linux/input.h \ +# && wget https://raw.githubusercontent.com/torvalds/linux/refs/heads/master/include/uapi/linux/input-event-codes.h \ +RUN git clone --depth=1 https://github.com/gvalkov/python-evdev.git /tmp/python-evdev \ + && cd /tmp/python-evdev \ + && python3 setup.py bdist_wheel --dist-dir /tmp/wheel/ # 编译安装 libnice、libsrtp、libwebsockets 和 janus-gateway RUN git clone --depth=1 https://gitlab.freedesktop.org/libnice/libnice /tmp/libnice \ @@ -113,7 +123,8 @@ RUN sed --in-place --expression 's|^#include "refcount.h"$|#include "../refcount # 复制必要的库文件 RUN mkdir /tmp/lib \ && cd /lib/*-linux-*/ \ - && cp libevent_core-*.so.7 libbsd.so.0 libevent_pthreads-*.so.7 libspeexdsp.so.1 \ - libevent-*.so.7 libjpeg.so.62 libx264.so.164 libyuv.so.0 libnice.so.10 \ - /usr/lib/libsrtp2.so.1 /usr/lib/libwebsockets.so.19 \ - /tmp/lib/ + && cp libevent_core-*.so.* libbsd.so.* libevent_pthreads-*.so.* libspeexdsp.so.* \ + libevent-*.so.* libjpeg.so.* libx264.so.* libyuv.so.* libnice.so.* \ + /tmp/lib/ \ + && find /usr/lib -name "libsrtp2.so.*" -exec cp {} /tmp/lib/ \; \ + && find /usr/lib -name "libwebsockets.so.*" -exec cp {} /tmp/lib/ \; diff --git a/build/init.sh b/build/init.sh index 00331471..24030275 100755 --- a/build/init.sh +++ b/build/init.sh @@ -214,7 +214,8 @@ EOF log_info "视频输入格式已设置为 $VIDFORMAT" fi fi - + + touch /etc/kvmd/.init_flag log_info "初始化配置完成" fi diff --git a/configs/kvmd/override.yaml b/configs/kvmd/override.yaml index ba02fce6..f58d5385 100644 --- a/configs/kvmd/override.yaml +++ b/configs/kvmd/override.yaml @@ -168,6 +168,9 @@ otgnet: - "/bin/true" pre_stop_cmd: - "/bin/true" + sysctl_cmd: + #- "/usr/sbin/sysctl" + - "/bin/true" nginx: http: