diff --git a/Dockerfile b/Dockerfile index cdc9af2..157f775 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.21 # Initially was based on work of Christian Lück . LABEL description="A complete, self-hosted Tiny Tiny RSS (TTRSS) environment." \ - maintainer="Andreas Löffler " + maintainer="Andreas Löffler " RUN set -xe && \ apk update && apk upgrade && \ @@ -44,4 +44,16 @@ ENV DB_PASS=ttrss # Clean up. RUN set -xe && apk del --progress --purge && rm -rf /var/cache/apk/* && rm -rf /var/lib/apt/lists/* +RUN chown -R www-data:www-data /var/www + +USER www-data + +RUN git clone "https://git.tt-rss.org/fox/tt-rss.git/" "/var/www/ttrss" && \ + git clone --depth=1 https://github.com/sepich/tt-rss-mobilize.git /var/www/ttrss/plugins.local/mobilize && \ + git clone --depth=1 https://github.com/feediron/ttrss_plugin-feediron.git /var/www/ttrss/plugins.local/feediron && \ + git clone --depth=1 https://github.com/levito/tt-rss-feedly-theme.git /var/www/ttrss/themes.local/levito-feedly-git && \ + git clone --depth=1 https://github.com/Gravemind/tt-rss-feedlish-theme.git /var/www/ttrss/themes.local/gravemind-feedly-git + +USER root + ENTRYPOINT ["/init"] diff --git a/root/etc/cont-init.d/50-php b/root/etc/cont-init.d/50-php deleted file mode 100755 index d433d71..0000000 --- a/root/etc/cont-init.d/50-php +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/with-contenv sh - -# Make sure to have a defined set of PHP binaries, -# regardless of how the package maintainer(s) named those. - -rm -f /usr/bin/php -ln -s /usr/bin/php83 /usr/bin/php - -rm -f /usr/sbin/php-fpm -ln -s /usr/sbin/php-fpm83 /usr/sbin/php-fpm diff --git a/root/etc/nginx/nginx.conf b/root/etc/nginx/nginx.conf index 4d6d274..b8e444a 100644 --- a/root/etc/nginx/nginx.conf +++ b/root/etc/nginx/nginx.conf @@ -33,15 +33,9 @@ http { server { - listen 4443 ssl; + listen 8080; root /var/www/ttrss; - ssl_certificate /etc/ssl/certs/ttrss.crt; - ssl_certificate_key /etc/ssl/private/ttrss.key; - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; - ssl_prefer_server_ciphers on; - ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"; - index index.php index.html; client_max_body_size 100M; diff --git a/root/srv/setup-ttrss.sh b/root/srv/setup-ttrss.sh index d78895a..79430b9 100755 --- a/root/srv/setup-ttrss.sh +++ b/root/srv/setup-ttrss.sh @@ -1,46 +1,5 @@ #!/bin/sh -setup_nginx() -{ - if [ -z "$TTRSS_HOST" ]; then - TTRSS_HOST=ttrss - fi - - NGINX_CONF=/etc/nginx/nginx.conf - - if [ "$TTRSS_WITH_SELFSIGNED_CERT" = "1" ]; then - # Install OpenSSL. - apk update && apk add openssl - - if [ ! -f "/etc/ssl/private/ttrss.key" ]; then - echo "Setup: Generating self-signed certificate ..." - # Generate the TLS certificate for our Tiny Tiny RSS server instance. - openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 \ - -subj "/C=US/ST=World/L=World/O=$TTRSS_HOST/CN=$TTRSS_HOST" \ - -keyout "/etc/ssl/private/ttrss.key" \ - -out "/etc/ssl/certs/ttrss.crt" - fi - - # Turn on SSL. - sed -i -e "s/listen\s*8080\s*;/listen 4443;/g" ${NGINX_CONF} - sed -i -e "s/ssl\s*off\s*;/ssl on;/g" ${NGINX_CONF} - sed -i -e "s/#ssl_/ssl_/g" ${NGINX_CONF} - - # Set permissions. - chmod 600 "/etc/ssl/private/ttrss.key" - chmod 600 "/etc/ssl/certs/ttrss.crt" - else - echo "Setup: !!! WARNING - No encryption (TLS) used - WARNING !!!" - echo "Setup: !!! This is not recommended for a production server !!!" - echo "Setup: You have been warned." - - # Turn off SSL. - sed -i -e "s/listen\s*4443\s*;/listen 8080;/g" ${NGINX_CONF} - sed -i -e "s/ssl\s*on\s*;/ssl off;/g" ${NGINX_CONF} - sed -i -e "s/ssl_/#ssl_/g" ${NGINX_CONF} - fi -} - setup_ttrss() { if [ -z "$TTRSS_REPO_URL" ]; then @@ -54,28 +13,6 @@ setup_ttrss() TTRSS_PATH_THEMES=${TTRSS_PATH}/themes.local TTRSS_PATH_PLUGINS=${TTRSS_PATH}/plugins.local - if [ ! -d ${TTRSS_PATH} ]; then - mkdir -p ${TTRSS_PATH} - if [ -n "$TTRSS_GIT_TAG" ]; then - echo "Setup: Setting up Tiny Tiny RSS '$TTRSS_GIT_TAG' ..." - cd ${TTRSS_PATH} - git init . - git fetch --depth=1 ${TTRSS_REPO_URL} refs/tags/${TTRSS_GIT_TAG}:refs/tags/${TTRSS_GIT_TAG} - git checkout tags/${TTRSS_GIT_TAG} - else - echo "Setup: Setting up Tiny Tiny RSS (latest revision) ..." - git clone --depth=1 ${TTRSS_REPO_URL} ${TTRSS_PATH} - fi - - mkdir -p ${TTRSS_PATH_PLUGINS} - git clone --depth=1 https://github.com/sepich/tt-rss-mobilize.git ${TTRSS_PATH_PLUGINS}/mobilize - git clone --depth=1 https://github.com/feediron/ttrss_plugin-feediron.git ${TTRSS_PATH_PLUGINS}/feediron - - mkdir -p ${TTRSS_PATH_THEMES} - git clone --depth=1 https://github.com/levito/tt-rss-feedly-theme.git ${TTRSS_PATH_THEMES}/levito-feedly-git - git clone --depth=1 https://github.com/Gravemind/tt-rss-feedlish-theme.git ${TTRSS_PATH_THEMES}/gravemind-feedly-git - fi - # Add initial config. cp ${TTRSS_PATH}/config.php-dist ${TTRSS_PATH}/config.php @@ -150,7 +87,6 @@ setup_db() php -f /srv/ttrss-configure-plugin-mobilize.php } -setup_nginx setup_ttrss setup_db diff --git a/root/srv/update-ttrss.sh b/root/srv/update-ttrss.sh index 961396e..b7a55cf 100755 --- a/root/srv/update-ttrss.sh +++ b/root/srv/update-ttrss.sh @@ -4,38 +4,21 @@ TTRSS_PATH=/var/www/ttrss TTRSS_PATH_THEMES=${TTRSS_PATH}/themes.local TTRSS_PATH_PLUGINS=${TTRSS_PATH}/plugins.local -update_ttrss() -{ - if [ -n "$TTRSS_GIT_TAG" ]; then - echo "Updating Tiny Tiny RSS disabled (using tag '$TTRSS_GIT_TAG')" - return - fi - - echo "Updating: Tiny Tiny RSS" - ( cd ${TTRSS_PATH} && git pull origin HEAD ) -} - update_plugin_mobilize() { echo "Updating: Mobilize plugin" - ( cd ${TTRSS_PATH_PLUGINS}/mobilize && git pull origin HEAD ) + #( cd ${TTRSS_PATH_PLUGINS}/mobilize && git pull origin HEAD ) # Patch ttrss-mobilize plugin for getting it to work. sed -i -e "s/