| Age | Commit message (Collapse) | Author |
|---|
|
* Better comments in our Docker images
* Make `cli/access-permissions.sh` compatible with other Apache groups such as `http` for Linux Arch
* Better `/Docker/entrypoint.sh` supporting various Apache configuration paths (and slightly faster).
* Add test image for Linux Arch (not sure we will keep it)
See
* https://github.com/FreshRSS/FreshRSS/pull/8279#issuecomment-3620674818
|
|
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/7772
fix https://github.com/FreshRSS/FreshRSS/issues/7860
fix https://github.com/FreshRSS/FreshRSS/issues/7798
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/7805
PHP 8.4.11, Apache 2.4.65
* https://wiki.debian.org/DebianTrixie
* https://www.debian.org/releases/testing/release-notes/whats-new.en.html
* https://downloads.apache.org/httpd/CHANGES_2.4
And thanks to @CrazyWolf13 for [the debugging](https://github.com/OpenIDC/mod_auth_openidc/discussions/1349#discussioncomment-14542930)!
Co-authored-by: Tobias <96661824+CrazyWolf13@users.noreply.github.com>
|
|
Some caller systems do not seem escape the CMD quotes correctly.
fix https://github.com/FreshRSS/FreshRSS/issues/7859#issuecomment-3225691432
fix https://github.com/FreshRSS/FreshRSS/discussions/5611
fix https://github.com/FreshRSS/FreshRSS/discussions/7267
|
|
Fix https://github.com/FreshRSS/FreshRSS/issues/7798
Revert https://github.com/FreshRSS/FreshRSS/pull/7772
Revert https://github.com/FreshRSS/FreshRSS/commit/af6f7f013ae5b908520aa0d9fb0e0b56247ff026
|
|
(#7793)
* Optimize how much data needs to be `chown`/`chmod`ed on container startup
This works around an issue where `chmod`/`chown` operations inside a
container can be extremely slow when using the `overlay2` storage
driver, resulting in 10min+ container startup times.
It modifies the owner of the webapp when building the container so that
only the `data` and `extensions` directories (which are commonly mapped
as volumes into the container) have to be modified by the
`access-permissions.sh` script at container startup.
When not running via docker the behaviour of the `access-permissions.sh`
script is unchanged.
* Take DATA_PATH environment variable into account when fixing permissions
* Revert change to using bash for arrays
(the alpine image doesn't include `bash`)
* A few more improvements
* Slightly tweak reapply permissions variable
- lowercase to indicate it's not an env variable
- use 0/1 to address potentially-irrational paranoia about unset variables
* Remove conditional logic to skip reapplying permissions
Also documents why in a comment so it's not missed in the future.
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
Help final testing of Debian 13 Trixie before the release (9 August)
https://lists.debian.org/debian-devel-announce/2025/07/msg00003.html
PHP 8.4.10, Apache 2.4.64
I will make another PR after the release to update to `debian:13-slim` when it gets available.
|
|
* Update .htaccess
Add check for Apache mod_filter to ensure "AddOutputFilterByType" works.
* Explicit enabling mod_filter in our Docker images
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Docker LegacyKeyValueFormat
https://docs.docker.com/reference/build-checks/legacy-key-value-format/
* Also for devcontainer
|
|
https://github.com/FreshRSS/FreshRSS/issues/5993
|
|
* Add multi arch container build
Co-authored-by: EdJoPaTo <rfc-conform-git-commit-email@funny-long-domain-label-everyone-hates-as-it-is-too-long.edjopato.de>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* using label from github action
* dont remove static labels and split docker readme in seperate action
* pin 3rd party action to a commit
* enable pushing to dockerhub
* Update .github/workflows/build-images.yml
Co-authored-by: EdJoPaTo <github@edjopato.de>
* remove not needed checkout
* set github token permissions
* Update .github/workflows/push-dockerhub-readme.yml
* update docker readme to match new tags
* Apply suggestions from code review
* fix suffix for alpine image
* fix suffix for alpine image
* push images only at upstream repo
* push images only at upstream repo
* push images only at upstream repo
* tag latest-alpine as alpine
* tag latest-alpine as alpine
* remove no needed falvor
* keep falvor for build
* Clean more things
* Rename action
To use same default name than https://github.com/actions/starter-workflows/blob/main/ci/docker-publish.yml
* Rename readme action
To use same default name than https://github.com/peter-evans/dockerhub-description/blob/main/.github/workflows/dockerhub-description.yml
* Use default name for dockerhub-description
https://github.com/peter-evans/dockerhub-description/blob/main/.github/workflows/dockerhub-description.yml
Plus minor wording
* Experiment with build-args
* Debug
* Add checkout back
* Revert back to metadata-action
* Remove quotes in version
* Try to fix variables
* Experiment with automatic label values again
* Delete last Docker Hub hooks
* Use only git SHA for org.opencontainers.image.revision
https://specs.opencontainers.org/image-spec/annotations/#pre-defined-annotation-keys
* Comment out semver for now
Might be enabled later if desired
* Enable major semver
---------
Co-authored-by: EdJoPaTo <rfc-conform-git-commit-email@funny-long-domain-label-everyone-hates-as-it-is-too-long.edjopato.de>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: EdJoPaTo <github@edjopato.de>
|
|
* Rework trusted proxies
Fix https://github.com/FreshRSS/FreshRSS/issues/5502
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/3226
New environment variable `TRUSTED_PROXY`: set to 0 to disable, or to a list of trusted IP ranges compatible with https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteiptrustedproxy
New internal environment variable `CONN_REMOTE_ADDR` to remember the true IP address of the connection (e.g. last proxy), even when using mod_remoteip.
Current working setups should not observe any significant change.
* Minor whitespace
* Safer trusted sources during install
Rework of https://github.com/FreshRSS/FreshRSS/pull/5358
https://github.com/FreshRSS/FreshRSS/issues/5357
* Minor readme
|
|
Quiet output for a2enmod, a2dismod, a2disconf, a2dissite, a2ensite to avoid many messages the following, which are not even relevant because Apache is not yet started at this stage:
```
To activate the new configuration, you need to run:
systemctl restart apache2
```
Related to https://github.com/FreshRSS/FreshRSS/pull/5463
|
|
https://www.debian.org/releases/bookworm/
With PHP 8.2.5 and Apache 2.4.57
|
|
Only enable the Apache auth_openidc module when actually used
Fix https://github.com/FreshRSS/FreshRSS/issues/5460
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/5351
|
|
* Add OIDC
* Update documentation.
* Update apache conf adding IfModule
* Use IfDefine for OIDC in apache conf
* Fix non-oidc support
* Fix typing
* Use IfDefine to enable OIDC
* Add OIDC support to all dockerfiles
* Re add apache Require option
* Fixes and documentation
* A few more fixes
* A bit more doc
* Change type of environment variable
* Update readme
* Correct apache config for OIDC support.
* Fix README formatting
* Update oidc control path
* Fix oidc endpoint being cached
* A bit more review
* Simplify ExpiresActive
* Add session refresh and improve caching
* Allow more different setups
* A bit more documentation
* A bit more readme
---------
Co-authored-by: Aaron Schif <aschif@netdevgroup.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Co-authored-by: maTh <math-home@web.de>
|
|
* Improve Dev Container
PHPStan was failing in Dev Container
* Update Docker to Alpine Linux 3.18
* New DATA_PATH environment variable
* README
|
|
* Docker Alpine timezone for :newest and :oldest
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/4903
Forgot the development images Newest and Oldest
* Uniform timezone behaviour
* shellcheck
* A bit more documentation
|
|
Should be done during build and not during entrypoint, to avoid modifying a potential volume (e.g. mounting the source code as a volume is used during development).
|
|
#fix https://github.com/FreshRSS/FreshRSS/pull/3927/files#r735146297
The path `/var/www/FreshRSS/` might be a Docker volume, breaking files created there during Docker build
|
|
Adding the crontab as part of the image build makes it more complicated
to add custom entries to the crontab. Adjusting the image and entrypoint
to make it so that the crontab is only added when CRON_MIN is set
simplifies having a custom crontab.
|
|
PHP 7.4.21, Apache/2.4.48
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3341
New environment variable `LISTEN='0.0.0.0:8080'`
```
docker run -d --network host --uts host -e LISTEN='0.0.0.0:8080' -e
TZ=Europe/Paris --name freshrss freshrss/freshrss
```
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3224
Log the client remote IP instead of the local proxy IP
https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html
|
|
* Update Dockerfile
Remove heathcheck
* Update Dockerfile-Alpine
Remove heathcheck
* Update Dockerfile-QEMU-ARM
Remove heathcheck
|
|
#fix https://github.com/FreshRSS/FreshRSS/issues/3026
Ubuntu 19.10 has expired.
I still cannot get Ubuntu 20.04 to work on ARM (Raspberry Pi) https://github.com/FreshRSS/FreshRSS/pull/2943
Move to Debian 10 Buster instead of our current Ubuntu 19.10 (which was based on Debian 10 Buster).
|
|
* Revert to Ubuntu 19.10
#Fix https://github.com/FreshRSS/FreshRSS/issues/2939
Revert https://github.com/FreshRSS/FreshRSS/pull/2925
Will upgrade back to 20.04 when Ubuntu bugs are fixed, e.g.
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1867675
* Revert changelog
|
|
https://ubuntu.com/blog/ubuntu-20-04-lts-arrives
PHP 7.4.3, Apache 2.4.41
https://php.net/migration74
We have already addressed PHP 7.4 issues in FreshRSS 1.16
|
|
* New environment variable COPY_LOG_TO_SYSLOG
False by default.
Makes it easy to monitor all logs from Syslog or STDERR (e.g. docker
logs).
* Suggestion of native constants
|
|
Released today with PHP 7.3.8, Apache 2.4.41
http://releases.ubuntu.com/eoan/
|
|
* New environment variable to control development mode
Suggestion of new enviromnent variable, as discussed
https://github.com/FreshRSS/FreshRSS/pull/2492#issuecomment-523613920
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Update Docker/README.md
Co-Authored-By: Frans de Jonge <fransdejonge@gmail.com>
* Declare ENV in Dockerfile
Tested
|
|
|
|
Closes #2453
|
|
And adjust slightly the HEALTHCHECK parameters for faster start in
Træfik
|
|
* Add Docker labels
And try to fix the platform metadata for ARM, and add health check
* Execution rights
* Remove experimental features not supported by Docker Hub
"--squash" is only supported on a Docker daemon with experimental
features enabled. build hook failed! (1)
* Fix paths
|
|
|
|
|
|
Fix environment variable bug
|
|
Misc. from https://github.com/FreshRSS/FreshRSS/pull/2325
https://github.com/FreshRSS/FreshRSS/issues/2319
|
|
https://github.com/FreshRSS/FreshRSS/issues/2319
|
|
https://github.com/FreshRSS/FreshRSS/issues/2319
|
|
|
|
https://github.com/FreshRSS/FreshRSS/pull/2205
(And removed proxy_fcgi forgotten from php-fpm)
|
|
* Docker image alternative using Ubuntu
Ubuntu seems to be faster, cf. e.g. PHPBench.
It is quite usual for Docker images to offer both a Debian/Ubuntu and an
Alpine version, so we could also do the same if there is any need.
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/2202
* Only explicit use of Apache confs
Fix double-logging issue
* Explicit ServerTokens OS
Default Apache configuration in Ubuntu, which was removed when disabling all confs.
It is also the default Apache configuration in Alpine.
* Take advantage of syslog for actualization
Same than for Alpine
https://github.com/FreshRSS/FreshRSS/pull/2208/commits/43ab629e27799cb28ec28ad409a512e128d11e97
* COPY_SYSLOG_TO_STDERR
Same as https://github.com/FreshRSS/FreshRSS/pull/2213
* Update to libapache2-mod-php instead of php-fpm
* Default to Ubuntu
Ubuntu mod-php wins, being ~14% faster than Ubuntu php-fpm (which was ~300% faster than Alpine mod-php)
|
|
PHP 7.2.14, Apache 2.4.38
https://alpinelinux.org/posts/Alpine-3.9.0-released.html
|
|
https://github.com/FreshRSS/FreshRSS/issues/2153
|
|
Update of https://github.com/FreshRSS/FreshRSS/pull/2208
Fixes https://github.com/FreshRSS/FreshRSS/issues/2212
|
|
* GMP is needed because Alpine on e.g. ARM runs 32-bit
https://github.com/FreshRSS/FreshRSS/pull/2202
* Remove documentation for Træfik HTTP authentication as it is not
compatible with API
https://github.com/FreshRSS/FreshRSS/pull/2204
https://github.com/FreshRSS/FreshRSS/pull/2208
https://github.com/FreshRSS/FreshRSS/pull/2207
|
|
* Use openlog before syslog
In order to have a copy on stderr when syslog is not available.
* Take advantage of syslog for actualization
Pipe cron job STDERR and syslog to Docker log
Cf. https://github.com/FreshRSS/FreshRSS/pull/2202/commits/00bd467655b7c060cdae388519b2413d12d8cb0f
|
|
* Apache performance
API: Use SetEnvIf if available and fallback to RewriteRule
Docker: Disable unused modules.
Docker: Hard-include .htaccess to avoid having to scan for changes in
that file.
Docker: Disable security check of symlinks, which we do not use ayway.
* Apache readme
* Docker/Apache tuning
Run cron job with correct www-data user instead of root
Remove PHP GMP module uneeded for 64-bit Docker image
Add option to mount custom .htaccess for HTTP authentication
Re-add Apache module for HTTP authentication
Move Alpine-specific instructions to Docker file (instead of Apache
conf) to make it easier to have other base images than Alpine
|
|
PHP 7.2 http://php.net/manual/migration72.incompatible.php
TODO: create_function() is deprecated (used by lib_phpQuery.php)
|
Alexandre Alapetite
Carey Metcalfe
Dezponia
Benjamin Reich
Aaron Schif
Chris Francy
Jucgshu
Sandro Jäckel
