From ff5dbec9d8d682c5c5a89cea502dab303aea80d4 Mon Sep 17 00:00:00 2001 From: huangzhiqiang Date: Sat, 7 Jun 2025 15:14:50 +0800 Subject: [PATCH] add action: update build-ubuntu.yaml --- .gitea/workflows/build-ubuntu.yaml | 170 +++++------------------------ 1 file changed, 28 insertions(+), 142 deletions(-) diff --git a/.gitea/workflows/build-ubuntu.yaml b/.gitea/workflows/build-ubuntu.yaml index b20cb25..4394652 100644 --- a/.gitea/workflows/build-ubuntu.yaml +++ b/.gitea/workflows/build-ubuntu.yaml @@ -22,182 +22,73 @@ jobs: - name: 检出代码 uses: actions/checkout@v4 - - name: 设置构建环境 + - name: 更新包管理器 + run: sudo apt update + + - name: 安装编译器和 make 工具 + run: sudo apt install -y gcc make + + - name: 安装依赖库 run: | - # 设置编译选项 - CC_OPT="$(DEB_BUILD_MAINT_OPTIONS=hardening=+all DEB_CFLAGS_MAINT_APPEND=-fPIC DEB_LDFLAGS_MAINT_APPEND=-Wl,--as-needed dpkg-buildflags --get CFLAGS)" - LD_OPT="$(DEB_BUILD_MAINT_OPTIONS=hardening=+all DEB_CFLAGS_MAINT_APPEND=-fPIC DEB_LDFLAGS_MAINT_APPEND=-Wl,--as-needed dpkg-buildflags --get LDFLAGS)" - - # 基础配置选项 - CONFIGURE_OPTS="--prefix=/usr/local/nginx \ - --with-http_ssl_module \ - --with-http_realip_module \ - --with-http_addition_module \ - --with-http_sub_module \ - --with-http_dav_module \ - --with-http_flv_module \ - --with-http_mp4_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_random_index_module \ - --with-http_secure_link_module \ - --with-http_stub_status_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-select_module \ - --with-poll_module \ - --with-http_auth_request_module \ - --with-http_v2_module \ - --with-http_slice_module \ - --with-stream \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-stream_realip_module \ - --with-threads \ - --with-compat \ - --with-http_perl_module \ - --with-http_xslt_module \ - --with-http_image_filter_module \ - --with-http_degradation_module \ - --with-http_v3_module" - - # 导出环境变量 - { - echo "CC_OPT=$CC_OPT" - echo "LD_OPT=$LD_OPT" - echo "CONFIGURE_OPTS=$CONFIGURE_OPTS" - } >> $GITHUB_ENV - - # 创建必要目录 - mkdir -p t/ - # 启用 coredumps - ulimit -c unlimited - - - name: 安装依赖包 - run: | - sudo apt update sudo apt install -y \ - gcc \ - make \ libpcre3-dev \ zlib1g-dev \ - libssl-dev \ - libxml2-dev \ - libxslt1-dev \ - libgd-dev \ - libperl-dev \ - jq \ - dpkg-dev \ - --no-install-recommends - sudo apt clean + libssl-dev - - name: 配置和编译 NGINX + - name: 配置构建 run: | echo "当前工作目录: $(pwd)" echo "目录内容:" ls -la - # 检查是否存在 auto/configure 文件 - if [ ! -f "auto/configure" ]; then - echo "错误:找不到 auto/configure 文件" - echo "可能的 configure 文件位置:" - find . -name "configure" -type f 2>/dev/null || true - find . -name "auto" -type d 2>/dev/null || true - exit 1 - fi - - echo "开始配置 NGINX..." - ./auto/configure \ - $CONFIGURE_OPTS \ - --with-cc-opt="$CC_OPT" \ - --with-ld-opt="$LD_OPT" \ - || { - echo "配置失败,查看错误日志:" - if [ -f "objs/autoconf.err" ]; then - cat objs/autoconf.err - else - echo "错误日志文件 objs/autoconf.err 不存在" - fi - exit 1 - } - - echo "开始编译 NGINX..." - make -j$(nproc) || { - echo "并行编译失败,尝试单线程编译..." - make - } + # 按照 README 步骤进行配置 + auto/configure \ + --prefix=/usr/local/nginx \ + --with-http_ssl_module + + - name: 编译 NGINX + run: make - name: 安装 NGINX run: sudo make install - name: 测试 NGINX run: | - echo "启动 NGINX 服务..." + echo "启动 NGINX..." sudo /usr/local/nginx/sbin/nginx echo "等待服务启动..." sleep 2 echo "测试 HTTP 连接..." - curl -f http://localhost || { - echo "HTTP 测试失败,查看 NGINX 状态..." - sudo /usr/local/nginx/sbin/nginx -t - sudo /usr/local/nginx/sbin/nginx -V - exit 1 - } + curl localhost - echo "停止 NGINX 服务..." - sudo /usr/local/nginx/sbin/nginx -s quit || sudo /usr/local/nginx/sbin/nginx -s stop + echo "停止 NGINX..." + sudo /usr/local/nginx/sbin/nginx -s quit - name: 设置 Docker Buildx uses: docker/setup-buildx-action@v3 - - name: 创建优化的 Dockerfile + - name: 创建 Dockerfile run: | cat > Dockerfile << 'EOF' FROM ubuntu:22.04 - - # 设置非交互模式和时区 - ENV DEBIAN_FRONTEND=noninteractive - ENV TZ=Asia/Shanghai - + # 安装运行时依赖 RUN apt-get update && \ apt-get install -y --no-install-recommends \ libpcre3 \ zlib1g \ - libssl3 \ - libxml2 \ - libxslt1.1 \ - libgd3 \ - ca-certificates \ - curl && \ + libssl3 && \ apt-get clean && \ - rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - - # 创建 nginx 用户 - RUN groupadd -r nginx && useradd -r -g nginx nginx - + rm -rf /var/lib/apt/lists/* + # 复制编译好的 nginx COPY /usr/local/nginx /usr/local/nginx - - # 创建必要的目录 - RUN mkdir -p /var/log/nginx /var/cache/nginx && \ - chown -R nginx:nginx /var/log/nginx /var/cache/nginx /usr/local/nginx - + # 暴露端口 EXPOSE 80 443 - - # 健康检查 - HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ - CMD curl -f http://localhost/ || exit 1 - - # 设置工作目录 - WORKDIR /usr/local/nginx - - # 使用非 root 用户运行 - USER nginx - + # 启动 nginx CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"] EOF @@ -216,9 +107,4 @@ jobs: push: true tags: | ${{ secrets.HARBOR_REGISTRY }}/nginx/nginx:${{ github.sha }} - ${{ secrets.HARBOR_REGISTRY }}/nginx/nginx:latest - cache-from: type=gha - cache-to: type=gha,mode=max - platforms: linux/amd64 - username: ${{ secrets.HARBOR_USERNAME }} - password: ${{ secrets.HARBOR_PASSWORD }} \ No newline at end of file + ${{ secrets.HARBOR_REGISTRY }}/nginx/nginx:latest \ No newline at end of file