mirror of
https://github.com/SpudGunMan/meshing-around.git
synced 2026-07-06 01:41:45 +02:00
Merge pull request #158 from pcs3rd/create-docker-image
Create docker image and push to packages on new release
This commit is contained in:
@@ -0,0 +1,61 @@
|
||||
#
|
||||
name: Create and publish a Docker image on new release
|
||||
|
||||
# Configures this workflow to run every time a change is pushed to the branch called `release`.
|
||||
on:
|
||||
release:
|
||||
types: [released]
|
||||
workflow_dispatch:
|
||||
|
||||
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
|
||||
env:
|
||||
REGISTRY: ghcr.io
|
||||
IMAGE_NAME: ${{ github.repository }}
|
||||
|
||||
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu.
|
||||
jobs:
|
||||
build-and-push-image:
|
||||
runs-on: ubuntu-latest
|
||||
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
attestations: write
|
||||
id-token: write
|
||||
#
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
|
||||
- name: Log in to the Container registry
|
||||
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
|
||||
- name: Extract metadata (tags, labels) for Docker
|
||||
id: meta
|
||||
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
|
||||
with:
|
||||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
# This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
|
||||
# It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see [Usage](https://github.com/docker/build-push-action#usage) in the README of the `docker/build-push-action` repository.
|
||||
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
|
||||
- name: Build and push Docker image
|
||||
id: push
|
||||
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
|
||||
# This step generates an artifact attestation for the image, which is an unforgeable statement about where and how it was built. It increases supply chain security for people who consume the image. For more information, see [Using artifact attestations to establish provenance for builds](/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).
|
||||
- name: Generate artifact attestation
|
||||
uses: actions/attest-build-provenance@v2
|
||||
with:
|
||||
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
|
||||
subject-digest: ${{ steps.push.outputs.digest }}
|
||||
push-to-registry: true
|
||||
|
||||
+20
-9
@@ -1,21 +1,32 @@
|
||||
FROM python:3.14-slim
|
||||
ENV PYTHONUNBUFFERED=1
|
||||
|
||||
RUN apt-get update && apt-get install -y gettext tzdata locales nano && rm -rf /var/lib/apt/lists/*
|
||||
ENV PYTHONUNBUFFERED=1 \
|
||||
LANG=en_US.UTF-8 \
|
||||
LANGUAGE=en_US:en \
|
||||
LC_ALL=en_US.UTF-8 \
|
||||
TZ=America/Los_Angeles
|
||||
|
||||
# Set the locale default to en_US.UTF-8
|
||||
RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
|
||||
dpkg-reconfigure --frontend=noninteractive locales && \
|
||||
update-locale LANG=en_US.UTF-8
|
||||
ENV LANG="en_US.UTF-8"
|
||||
ENV TZ="America/Los_Angeles"
|
||||
RUN apt-get update && \
|
||||
apt-get install -y gettext tzdata locales nano && \
|
||||
sed -i 's/^# *\(en_US.UTF-8 UTF-8\)/\1/' /etc/locale.gen && \
|
||||
locale-gen en_US.UTF-8 && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
# Install dependencies first for better caching
|
||||
COPY requirements.txt /app/
|
||||
RUN pip install --no-cache-dir -r requirements.txt
|
||||
|
||||
# Copy the rest of the application
|
||||
COPY . /app
|
||||
COPY config.template /app/config.ini
|
||||
|
||||
RUN pip install -r requirements.txt
|
||||
|
||||
RUN chmod +x /app/script/docker/entrypoint.sh
|
||||
|
||||
# Add a non-root user and switch to it
|
||||
RUN useradd -m appuser
|
||||
USER appuser
|
||||
|
||||
ENTRYPOINT ["/bin/bash", "/app/script/docker/entrypoint.sh"]
|
||||
|
||||
@@ -0,0 +1,43 @@
|
||||
# Docker Compose configuration for Meshing Around.
|
||||
# This setup includes the main Meshing Around service, with optional Ollama and Prometheus Node Exporter services.
|
||||
# Adjust device mappings, ports, and configurations as needed for your environment.
|
||||
services:
|
||||
meshing-around:
|
||||
stdin_open: true
|
||||
tty: true
|
||||
ports:
|
||||
- 8420:8420
|
||||
devices: # Optional if using meshtasticd. Pass through radio device.
|
||||
- /dev/ttyUSB0 # Replace this with your actual device!
|
||||
#- /dev/ttyAMA0 # Example
|
||||
volumes:
|
||||
- /data/meshing-around/config.ini:/app/config.ini:rw
|
||||
image: ghcr.io/SpudGunMan/meshing-around:test-all-changes
|
||||
container_name: meshing-around
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- OLLAMA_API_URL=http://ollama:11434
|
||||
extra_hosts:
|
||||
#- "host.docker.internal:host-gateway" # Enables access to host services from within the container.
|
||||
user: "1000:1000" # run as non-root user for better security
|
||||
|
||||
meshtasticd: # Runs a virtual node. Optional, but can be used to link meshing-around directly to mqtt.
|
||||
ports:
|
||||
- 4403:4403
|
||||
restart: unless-stopped
|
||||
container_name: meshtasticd
|
||||
image: meshtastic/meshtasticd:beta
|
||||
|
||||
ollama: # Used for enabling LLM interactions.
|
||||
ports:
|
||||
- 11434:11434 # Ollama API port
|
||||
volumes:
|
||||
- /data/ollama:/root/.ollama
|
||||
container_name: ollama
|
||||
image: ollama/ollama:latest
|
||||
restart: unless-stopped
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:11434/api/tags"]
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 5
|
||||
+42
-43
@@ -1,52 +1,51 @@
|
||||
# OLD Docker Compose configuration for Meshing Around application with optional services.
|
||||
# This setup includes the main Meshing Around service, with optional Ollama and Prometheus Node Exporter services.
|
||||
# Adjust device mappings, ports, and configurations as needed for your environment.
|
||||
|
||||
configs:
|
||||
me_config:
|
||||
file: ./config.ini # Path to the configuration file for Meshing Around.
|
||||
# Windows users may need to adjust the path format, e.g., C:/path/to/config.ini
|
||||
|
||||
services:
|
||||
meshing-around:
|
||||
build:
|
||||
context: ../..
|
||||
depends_on:
|
||||
ollama:
|
||||
condition: service_healthy
|
||||
devices:
|
||||
- /dev/ttyAMA10 # Replace this with your actual device!
|
||||
configs:
|
||||
- source: me_config
|
||||
target: /app/config.ini
|
||||
devices: # Optional if using meshtasticd. Pass through radio device.
|
||||
- /dev/ttyAMA10 # Replace this with your actual device!
|
||||
#- /dev/ttyUSB0 # Example for USB device
|
||||
user: 1000:1000 # run as non-root user for better security.
|
||||
extra_hosts:
|
||||
- "host.docker.internal:host-gateway" # Used to access a local linux meshtasticd device via tcp
|
||||
ollama:
|
||||
image: ollama/ollama:0.5.1
|
||||
volumes:
|
||||
- ./ollama:/root/.ollama
|
||||
- ./ollama-entrypoint.sh:./entrypoint.sh
|
||||
container_name: ollama
|
||||
pull_policy: always
|
||||
tty: true
|
||||
restart: always
|
||||
entrypoint:
|
||||
- /usr/bin/bash
|
||||
- /script/docker/entrypoint.sh
|
||||
expose:
|
||||
- 11434
|
||||
healthcheck:
|
||||
test: "apt update && apt install curl -y && curl -f http://localhost:11434/api/tags | grep -q llama3.2:3b"
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 20
|
||||
node-exporter:
|
||||
image: quay.io/prometheus/node-exporter:latest
|
||||
volumes:
|
||||
- /proc:/host/proc:ro
|
||||
- /sys:/host/sys:ro
|
||||
- /:/rootfs:ro
|
||||
command:
|
||||
- --path.procfs=/host/proc
|
||||
- --path.rootfs=/rootfs
|
||||
- --path.sysfs=/host/sys
|
||||
- --collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)
|
||||
# - "host.docker.internal:host-gateway" # Enables access to host services from within the container.
|
||||
container_name: meshing-around
|
||||
restart: unless-stopped
|
||||
expose:
|
||||
- 9100
|
||||
network_mode: host
|
||||
pid: host
|
||||
configs:
|
||||
me_config:
|
||||
file: ./config.ini
|
||||
#tty: true # Enable only if interactive terminal is needed.
|
||||
ports:
|
||||
#- "8420:8420" # web report interface
|
||||
#- "443:443" # HTTPS interface meshtasticD
|
||||
environment:
|
||||
- OLLAMA_API_URL=http://ollama:11434
|
||||
|
||||
# Uncomment the following service if you want to enable Ollama for local LLM API access.
|
||||
# ollama:
|
||||
# image: ollama/ollama:0.5.1
|
||||
# volumes:
|
||||
# - ./ollama:/root/.ollama
|
||||
# - ./ollama-entrypoint.sh:./entrypoint.sh
|
||||
# container_name: ollama
|
||||
# pull_policy: always
|
||||
# tty: true
|
||||
# restart: always
|
||||
# entrypoint:
|
||||
# - /usr/bin/bash
|
||||
# - /script/docker/entrypoint.sh
|
||||
# ports:
|
||||
# - "11434:11434"
|
||||
# healthcheck:
|
||||
# test: "curl -f http://localhost:11434/api/tags | grep -q llama3.2:3b"
|
||||
# interval: 30s
|
||||
# timeout: 10s
|
||||
# retries: 20
|
||||
@@ -8,8 +8,8 @@ pid=$!
|
||||
# Pause for Ollama to start.
|
||||
sleep 5
|
||||
|
||||
echo "🔴 Retrieve llama3.2:3b model..."
|
||||
ollama pull llama3.2:3b
|
||||
echo "🔴 Retrieve gemma3:270m model..."
|
||||
ollama pull gemma3:270m
|
||||
echo "🟢 Done!"
|
||||
|
||||
# Wait for Ollama process to finish.
|
||||
|
||||
Reference in New Issue
Block a user