Conduit

conduit/Dockerfile

@@ -0,0 +1,55 @@
+ARG REPO_ARCH=amd64
+
+# cross-build environment
+FROM asonix/rust-builder:$REPO_ARCH-latest AS builder
+
+ARG TAG=main
+ARG BINARY=conduit
+ARG PROJECT=conduit
+ARG GIT_REPOSITORY=https://gitlab.com/famedly/$PROJECT
+
+ENV\
+ BINARY=${BINARY}
+
+USER root
+RUN \
+ apt install git
+USER build
+
+RUN \
+ git clone $GIT_REPOSITORY $PROJECT
+
+WORKDIR /opt/build/$PROJECT
+
+RUN \
+ git checkout $TAG && \
+ rm rust-toolchain && \
+ build
+
+# production environment
+FROM asonix/rust-runner:$REPO_ARCH-latest
+
+ENV CONDUIT_CONFIG="/opt/app/conduit.toml"
+
+USER root
+
+RUN \
+ apk add --no-cache \
+     ca-certificates \
+     curl \
+     libgcc
+
+COPY --from=builder \
+ /opt/build/binary \
+ /usr/local/bin/conduit
+
+RUN \
+ chown -R app:app /mnt
+
+COPY root/ /
+
+VOLUME /mnt
+USER app
+EXPOSE 8080
+ENTRYPOINT ["/sbin/tini", "--"]
+CMD /usr/local/bin/conduit

conduit/build-image.sh

@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+
+function require() {
+    if [ "$1" = "" ]; then
+        echo "input '$2' required"
+        print_help
+        exit 1
+    fi
+}
+
+function print_help() {
+    echo "deploy.sh"
+    echo ""
+    echo "Usage:"
+    echo "	deploy.sh [repo] [tag] [arch]"
+    echo ""
+    echo "Args:"
+    echo "	repo: The docker repository to publish the image"
+    echo "	tag: The tag applied to the docker image"
+    echo "	arch: The architecuture of the doker image"
+}
+
+REPO=$1
+TAG=$2
+ARCH=$3
+
+require "$REPO" repo
+require "$TAG" tag
+require "$ARCH" arch
+
+sudo docker build \
+    --pull \
+    --build-arg TAG=$TAG \
+    --build-arg REPO_ARCH=$ARCH \
+    -t $REPO:$ARCH-$TAG \
+    -f Dockerfile \
+    .

conduit/deploy.sh

@@ -0,0 +1,67 @@
+#!/usr/bin/env bash
+
+function require() {
+    if [ "$1" = "" ]; then
+        echo "input '$2' required"
+        print_help
+        exit 1
+    fi
+}
+
+function print_help() {
+    echo "deploy.sh"
+    echo ""
+    echo "Usage:"
+    echo "	deploy.sh [tag] [push]"
+    echo ""
+    echo "Args:"
+    echo "	tag: The git tag to be applied to the repository and docker build"
+    echo "	push: Whether or not to push the image"
+    echo ""
+    echo "Examples:"
+    echo "	./deploy.sh v0.2.0-r0 main true"
+    echo "	./deploy.sh v0.2.0-r0 asonix/shell-out false"
+}
+
+function build_image() {
+    tag=$1
+    arch=$2
+    push=$3
+
+    ./build-image.sh asonix/conduit $tag $arch
+
+    sudo docker tag asonix/conduit:$arch-$tag asonix/conduit:$arch-latest
+
+    if [ "$push" == "true" ]; then
+        sudo docker push asonix/conduit:$arch-$tag
+        sudo docker push asonix/conduit:$arch-latest
+    fi
+}
+
+# Creating the new tag
+tag="$1"
+push=$2
+
+require "$tag" "tag"
+require "$push" "push"
+
+if ! sudo docker run --rm -it arm64v8/alpine:3.11 /bin/sh -c 'echo "docker is configured correctly"'
+then
+    echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
+    sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+fi
+
+set -xe
+
+# Build for arm64v8, arm32v7 and amd64
+build_image $tag arm64v8 $push
+# build_image $tag arm32v7 $push
+build_image $tag amd64 $push
+
+# Build for other archs
+# TODO
+
+if [ "$push" == "true" ]; then
+    ./manifest.sh conduit $tag
+    ./manifest.sh conduit latest
+fi

conduit/manifest.sh

@@ -0,0 +1,39 @@
+#!/usr/bin/env bash
+
+function require() {
+    if [ "$1" = "" ]; then
+        echo "input '$2' required"
+        print_help
+        exit 1
+    fi
+}
+function print_help() {
+    echo "deploy.sh"
+    echo ""
+    echo "Usage:"
+    echo "	manifest.sh [repo] [tag]"
+    echo ""
+    echo "Args:"
+    echo "	repo: The docker repository to update"
+    echo "	tag: The git tag to be applied to the image manifest"
+}
+
+REPO=$1
+TAG=$2
+
+require "$REPO" "repo"
+require "$TAG" "tag"
+
+set -xe
+
+sudo docker manifest create asonix/$REPO:$TAG \
+    -a asonix/$REPO:arm64v8-$TAG \
+    -a asonix/$REPO:amd64-$TAG
+
+sudo docker manifest annotate asonix/$REPO:$TAG \
+    asonix/$REPO:arm64v8-$TAG --os linux --arch arm64 --variant v8
+
+sudo docker manifest annotate asonix/$REPO:$TAG \
+    asonix/$REPO:amd64-$TAG --os linux --arch amd64
+
+sudo docker manifest push asonix/$REPO:$TAG --purge

conduit/root/opt/app/conduit.toml

@@ -0,0 +1,23 @@
+[global]
+# This is the only directory where Conduit will save its data
+database_path = "/mnt/conduit_db"
+
+# The port Conduit will be running on. You need to set up a reverse proxy in
+# your web server (e.g. apache or nginx), so all requests to /_matrix on port
+# 443 and 8448 will be forwarded to the Conduit instance running on this port
+port = 6167
+
+# Max size for uploads
+max_request_size = 40_000_000 # in bytes
+
+# Enables registration. If set to false, no users can register on this server.
+allow_registration = true
+
+# Disable encryption, so no new encrypted rooms can be created
+# Note: existing rooms will continue to work
+allow_encryption = true
+allow_federation = true
+
+trusted_servers = ["matrix.org"]
+
+address = "0.0.0.0"