175 lines
5.0 KiB
YAML
175 lines
5.0 KiB
YAML
name: Build NGINX on Ubuntu
|
|
|
|
on:
|
|
push:
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
|
|
env:
|
|
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
|
|
|
|
defaults:
|
|
run:
|
|
shell: 'bash -Eeo pipefail -x {0}'
|
|
|
|
jobs:
|
|
build-nginx:
|
|
runs-on: ubuntu-22.04
|
|
|
|
steps:
|
|
- name: 检出代码
|
|
uses: actions/checkout@v4
|
|
|
|
- name: 更新包管理器
|
|
run: sudo apt update
|
|
|
|
- name: 安装编译器和 make 工具
|
|
run: sudo apt install -y gcc make
|
|
|
|
- name: 安装依赖库
|
|
run: |
|
|
sudo apt install -y \
|
|
libpcre3-dev \
|
|
zlib1g-dev \
|
|
libssl-dev \
|
|
libxslt1-dev \
|
|
libgd-dev \
|
|
libgeoip-dev \
|
|
libxml2-dev \
|
|
uuid-dev
|
|
|
|
- name: 配置构建
|
|
run: |
|
|
echo "当前工作目录: $(pwd)"
|
|
echo "目录内容:"
|
|
chomd +x ./auto/configure
|
|
|
|
# 按照 README 步骤进行配置,使用 auto/configure 脚本
|
|
./auto/configure \
|
|
--prefix=/usr/local/nginx \
|
|
--with-http_ssl_module \
|
|
--with-http_realip_module \
|
|
--with-http_addition_module \
|
|
--with-http_sub_module \
|
|
--with-http_dav_module \
|
|
--with-http_flv_module \
|
|
--with-http_mp4_module \
|
|
--with-http_gunzip_module \
|
|
--with-http_gzip_static_module \
|
|
--with-http_random_index_module \
|
|
--with-http_secure_link_module \
|
|
--with-http_stub_status_module \
|
|
--with-http_auth_request_module \
|
|
--with-http_xslt_module=dynamic \
|
|
--with-http_image_filter_module=dynamic \
|
|
--with-http_geoip_module=dynamic \
|
|
--with-threads \
|
|
--with-stream \
|
|
--with-stream_ssl_module \
|
|
--with-stream_ssl_preread_module \
|
|
--with-stream_realip_module \
|
|
--with-stream_geoip_module=dynamic \
|
|
--with-http_slice_module \
|
|
--with-http_v2_module \
|
|
--with-file-aio
|
|
|
|
- name: 编译 NGINX
|
|
run: make
|
|
|
|
- name: 安装 NGINX
|
|
run: sudo make install
|
|
|
|
- name: 验证安装
|
|
run: |
|
|
echo "检查 NGINX 二进制文件..."
|
|
ls -la /usr/local/nginx/sbin/nginx
|
|
|
|
echo "检查 NGINX 版本..."
|
|
/usr/local/nginx/sbin/nginx -V
|
|
|
|
- name: 测试 NGINX
|
|
run: |
|
|
echo "启动 NGINX..."
|
|
sudo /usr/local/nginx/sbin/nginx
|
|
|
|
echo "等待服务启动..."
|
|
sleep 2
|
|
|
|
echo "检查 NGINX 进程..."
|
|
ps aux | grep nginx
|
|
|
|
echo "测试 HTTP 连接..."
|
|
curl -v localhost || echo "HTTP 测试失败,但继续执行"
|
|
|
|
echo "停止 NGINX..."
|
|
sudo /usr/local/nginx/sbin/nginx -s quit
|
|
|
|
- name: 设置 Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: 创建 Dockerfile
|
|
run: |
|
|
cat > Dockerfile << 'EOF'
|
|
FROM ubuntu:22.04
|
|
|
|
# 安装运行时依赖
|
|
RUN apt-get update && \
|
|
apt-get install -y --no-install-recommends \
|
|
libpcre3 \
|
|
zlib1g \
|
|
libssl3 \
|
|
libxslt1.1 \
|
|
libgd3 \
|
|
libgeoip1 \
|
|
libxml2 && \
|
|
apt-get clean && \
|
|
rm -rf /var/lib/apt/lists/*
|
|
|
|
# 复制编译好的 nginx
|
|
COPY /usr/local/nginx /usr/local/nginx
|
|
|
|
# 创建 nginx 用户
|
|
RUN useradd --system --home /var/cache/nginx --shell /sbin/nologin --comment "nginx user" --user-group nginx
|
|
|
|
# 创建必要的目录
|
|
RUN mkdir -p /var/log/nginx /var/cache/nginx && \
|
|
chown -R nginx:nginx /var/log/nginx /var/cache/nginx
|
|
|
|
# 暴露端口
|
|
EXPOSE 80 443
|
|
|
|
# 健康检查
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD curl -f http://localhost/ || exit 1
|
|
|
|
# 启动 nginx
|
|
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
|
|
EOF
|
|
|
|
- name: 登录到 Harbor
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ secrets.HARBOR_REGISTRY }}
|
|
username: ${{ secrets.HARBOR_USERNAME }}
|
|
password: ${{ secrets.HARBOR_PASSWORD }}
|
|
|
|
- name: 构建并推送 Docker 镜像
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: .
|
|
push: true
|
|
tags: |
|
|
${{ secrets.HARBOR_REGISTRY }}/nginx/nginx:${{ github.sha }}
|
|
${{ secrets.HARBOR_REGISTRY }}/nginx/nginx:latest
|
|
cache-from: type=gha
|
|
cache-to: type=gha,mode=max
|
|
|
|
- name: 上传构建产物
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: nginx-binary
|
|
path: |
|
|
/usr/local/nginx/sbin/nginx
|
|
/usr/local/nginx/conf/
|
|
retention-days: 7 |