diff --git a/.editorconfig b/.editorconfig index a92f7df..5f150f3 100755 --- a/.editorconfig +++ b/.editorconfig @@ -15,6 +15,6 @@ trim_trailing_whitespace = false indent_style = space indent_size = 2 -[{**.sh,root/etc/cont-init.d/**,root/etc/services.d/**}] +[{**.sh,root/etc/s6-overlay/s6-rc.d/**,root/etc/cont-init.d/**,root/etc/services.d/**}] indent_style = space indent_size = 4 diff --git a/.forgejo/workflows/build.yml b/.forgejo/workflows/build.yml new file mode 100644 index 0000000..7152c11 --- /dev/null +++ b/.forgejo/workflows/build.yml @@ -0,0 +1,49 @@ +name: Build and push image + +on: + push: + branches: [master] + schedule: + - cron: '0 4 * * *' # daily, picks up LSIO base image updates + workflow_dispatch: + +jobs: + build: + runs-on: docker + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: master + fetch-depth: 0 + token: ${{ secrets.PUSH_TOKEN }} + + - name: Merge upstream + run: | + git config user.name "forgejo-runner" + git config user.email "runner@forge.jannis.wtf" + git fetch origin master + git reset --hard origin/master + git remote add upstream https://github.com/linuxserver/docker-plex + git fetch upstream + git merge upstream/master --no-edit + git push origin master + + - name: Set up Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Forgejo registry + uses: docker/login-action@v3 + with: + registry: forge.jannis.wtf + username: ${{ secrets.REGISTRY_USER }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: | + forge.jannis.wtf/fej/plex-wireguard:latest + forge.jannis.wtf/fej/plex-wireguard:${{ github.sha }} \ No newline at end of file diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 4245cd8..7892606 100755 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -6,7 +6,7 @@ * Read, and fill the Pull Request template * If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR * If the PR is addressing an existing issue include, closes #\, in the body of the PR commit message -* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://discord.gg/YWrKVTn) +* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://linuxserver.io/discord) ## Common files @@ -105,10 +105,10 @@ docker build \ -t linuxserver/plex:latest . ``` -The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static` +The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static` ```bash -docker run --rm --privileged multiarch/qemu-user-static:register --reset +docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset ``` Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`. diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 404ea59..d0e43ea 100755 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,7 +1,7 @@ blank_issues_enabled: false contact_links: - name: Discord chat support - url: https://discord.gg/YWrKVTn + url: https://linuxserver.io/discord about: Realtime support / chat with the community and the team. - name: Discourse discussion forum diff --git a/.github/ISSUE_TEMPLATE/issue.bug.md b/.github/ISSUE_TEMPLATE/issue.bug.md deleted file mode 100755 index 0130f86..0000000 --- a/.github/ISSUE_TEMPLATE/issue.bug.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve - ---- -[linuxserverurl]: https://linuxserver.io -[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] - - - - - ------------------------------- - -## Expected Behavior - - -## Current Behavior - - -## Steps to Reproduce - - -1. -2. -3. -4. - -## Environment -**OS:** -**CPU architecture:** x86_64/arm32/arm64 -**How docker service was installed:** - - - -## Command used to create docker container (run/create/compose/screenshot) - - -## Docker logs - diff --git a/.github/ISSUE_TEMPLATE/issue.bug.yml b/.github/ISSUE_TEMPLATE/issue.bug.yml new file mode 100755 index 0000000..6c6659a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/issue.bug.yml @@ -0,0 +1,76 @@ +# Based on the issue template +name: Bug report +description: Create a report to help us improve +title: "[BUG] " +labels: [Bug] +body: + - type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues + required: true + - type: textarea + attributes: + label: Current Behavior + description: Tell us what happens instead of the expected behavior. + validations: + required: true + - type: textarea + attributes: + label: Expected Behavior + description: Tell us what should happen. + validations: + required: false + - type: textarea + attributes: + label: Steps To Reproduce + description: Steps to reproduce the behavior. + placeholder: | + 1. In this environment... + 2. With this config... + 3. Run '...' + 4. See error... + validations: + required: true + - type: textarea + attributes: + label: Environment + description: | + examples: + - **OS**: Ubuntu 20.04 + - **How docker service was installed**: distro's packagemanager + value: | + - OS: + - How docker service was installed: + render: markdown + validations: + required: false + - type: dropdown + attributes: + label: CPU architecture + options: + - x86-64 + - arm64 + validations: + required: true + - type: textarea + attributes: + label: Docker creation + description: | + Command used to create docker container + Provide your docker create/run command or compose yaml snippet, or a screenshot of settings if using a gui to create the container + render: bash + validations: + required: true + - type: textarea + attributes: + description: | + Provide a full docker log, output of "docker logs plex" + label: Container logs + placeholder: | + Output of `docker logs plex` + render: bash + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/issue.feature.md b/.github/ISSUE_TEMPLATE/issue.feature.md deleted file mode 100755 index 20a91fd..0000000 --- a/.github/ISSUE_TEMPLATE/issue.feature.md +++ /dev/null @@ -1,25 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project - ---- -[linuxserverurl]: https://linuxserver.io -[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] - -<!--- If you are new to Docker or this application our issue tracker is **ONLY** used for reporting bugs or requesting features. Please use [our discord server](https://discord.gg/YWrKVTn) for general support. ---> - -<!--- If this acts as a feature request please ask yourself if this modification is something the whole userbase will benefit from ---> -<!--- If this is a specific change for corner case functionality or plugins please look at making a Docker Mod or local script https://blog.linuxserver.io/2019/09/14/customizing-our-containers/ --> - -<!--- Provide a general summary of the request in the Title above --> - ------------------------------- - -## Desired Behavior -<!--- Tell us what should happen --> - -## Current Behavior -<!--- Tell us what happens instead of the expected behavior --> - -## Alternatives Considered -<!--- Tell us what other options you have tried or considered --> diff --git a/.github/ISSUE_TEMPLATE/issue.feature.yml b/.github/ISSUE_TEMPLATE/issue.feature.yml new file mode 100755 index 0000000..099dcdb --- /dev/null +++ b/.github/ISSUE_TEMPLATE/issue.feature.yml @@ -0,0 +1,31 @@ +# Based on the issue template +name: Feature request +description: Suggest an idea for this project +title: "[FEAT] <title>" +labels: [enhancement] +body: + - type: checkboxes + attributes: + label: Is this a new feature request? + description: Please search to see if a feature request already exists. + options: + - label: I have searched the existing issues + required: true + - type: textarea + attributes: + label: Wanted change + description: Tell us what you want to happen. + validations: + required: true + - type: textarea + attributes: + label: Reason for change + description: Justify your request, why do you want it, what is the benefit. + validations: + required: true + - type: textarea + attributes: + label: Proposed code change + description: Do you have a potential code change in mind? + validations: + required: false diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml new file mode 100755 index 0000000..d07cf12 --- /dev/null +++ b/.github/workflows/call_issue_pr_tracker.yml @@ -0,0 +1,19 @@ +name: Issue & PR Tracker + +on: + issues: + types: [opened,reopened,labeled,unlabeled,closed] + pull_request_target: + types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed] + pull_request_review: + types: [submitted,edited,dismissed] + +permissions: + contents: read + +jobs: + manage-project: + permissions: + issues: write + uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1 + secrets: inherit diff --git a/.github/workflows/call_issues_cron.yml b/.github/workflows/call_issues_cron.yml new file mode 100755 index 0000000..7763722 --- /dev/null +++ b/.github/workflows/call_issues_cron.yml @@ -0,0 +1,16 @@ +name: Mark stale issues and pull requests +on: + schedule: + - cron: '33 12 * * *' + workflow_dispatch: + +permissions: + contents: read + +jobs: + stale: + permissions: + issues: write + pull-requests: write + uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1 + secrets: inherit diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml index 2a84271..5cadde5 100644 --- a/.github/workflows/external_trigger.yml +++ b/.github/workflows/external_trigger.yml @@ -3,24 +3,42 @@ name: External Trigger Main on: workflow_dispatch: +permissions: + contents: read + jobs: external-trigger-master: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.3 + - uses: actions/checkout@v4.1.1 - name: External Trigger if: github.ref == 'refs/heads/master' + env: + SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }} run: | - if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_PLEX_MASTER }}" ]; then - echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_PLEX_MASTER is set; skipping trigger. ****" + printf "# External trigger for docker-plex\n\n" >> $GITHUB_STEP_SUMMARY + if grep -q "^plex_master_" <<< "${SKIP_EXTERNAL_TRIGGER}"; then + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`plex_master_\`; will skip trigger if version matches." >> $GITHUB_STEP_SUMMARY + elif grep -q "^plex_master" <<< "${SKIP_EXTERNAL_TRIGGER}"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` contains \`plex_master\`; skipping trigger." >> $GITHUB_STEP_SUMMARY exit 0 fi - echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_PLEX_MASTER\". ****" - echo "**** Retrieving external version ****" + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> External trigger running off of master branch. To disable this trigger, add \`plex_master\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY + printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY EXT_RELEASE=$(curl -s "https://plex.tv/api/downloads/5.json" | jq -r '. | .computer.Linux.version') + echo "Type is \`custom_json\`" >> $GITHUB_STEP_SUMMARY + if grep -q "^plex_master_${EXT_RELEASE}" <<< "${SKIP_EXTERNAL_TRIGGER}"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` matches current external release; skipping trigger." >> $GITHUB_STEP_SUMMARY + exit 0 + fi if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then - echo "**** Can't retrieve external version, exiting ****" + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY FAILURE_REASON="Can't retrieve external version for plex branch master" GHA_TRIGGER_URL="https://github.com/linuxserver/docker-plex/actions/runs/${{ github.run_id }}" curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, @@ -28,65 +46,102 @@ jobs: "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} exit 1 fi - EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') - echo "**** External version: ${EXT_RELEASE} ****" - echo "**** Retrieving last pushed version ****" + EXT_RELEASE_SANITIZED=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') + echo "Sanitized external version: \`${EXT_RELEASE_SANITIZED}\`" >> $GITHUB_STEP_SUMMARY + echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY image="linuxserver/plex" tag="latest" token=$(curl -sX GET \ "https://ghcr.io/token?scope=repository%3Alinuxserver%2Fplex%3Apull" \ | jq -r '.token') - multidigest=$(curl -s \ + multidigest=$(curl -s \ + --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ + --header "Accept: application/vnd.oci.image.index.v1+json" \ + --header "Authorization: Bearer ${token}" \ + "https://ghcr.io/v2/${image}/manifests/${tag}") + if jq -e '.layers // empty' <<< "${multidigest}" >/dev/null 2>&1; then + # If there's a layer element it's a single-arch manifest so just get that digest + digest=$(jq -r '.config.digest' <<< "${multidigest}") + else + # Otherwise it's multi-arch or has manifest annotations + if jq -e '.manifests[]?.annotations // empty' <<< "${multidigest}" >/dev/null 2>&1; then + # Check for manifest annotations and delete if found + multidigest=$(jq 'del(.manifests[] | select(.annotations))' <<< "${multidigest}") + fi + if [[ $(jq '.manifests | length' <<< "${multidigest}") -gt 1 ]]; then + # If there's still more than one digest, it's multi-arch + multidigest=$(jq -r ".manifests[] | select(.platform.architecture == \"amd64\").digest?" <<< "${multidigest}") + else + # Otherwise it's single arch + multidigest=$(jq -r ".manifests[].digest?" <<< "${multidigest}") + fi + if digest=$(curl -s \ --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ + --header "Accept: application/vnd.oci.image.manifest.v1+json" \ --header "Authorization: Bearer ${token}" \ - "https://ghcr.io/v2/${image}/manifests/${tag}" \ - | jq -r 'first(.manifests[].digest)') - digest=$(curl -s \ - --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ - --header "Authorization: Bearer ${token}" \ - "https://ghcr.io/v2/${image}/manifests/${multidigest}" \ - | jq -r '.config.digest') + "https://ghcr.io/v2/${image}/manifests/${multidigest}"); then + digest=$(jq -r '.config.digest' <<< "${digest}"); + fi + fi image_info=$(curl -sL \ --header "Authorization: Bearer ${token}" \ - "https://ghcr.io/v2/${image}/blobs/${digest}" \ - | jq -r '.container_config') + "https://ghcr.io/v2/${image}/blobs/${digest}") + if [[ $(echo $image_info | jq -r '.container_config') == "null" ]]; then + image_info=$(echo $image_info | jq -r '.config') + else + image_info=$(echo $image_info | jq -r '.container_config') + fi IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}') if [ -z "${IMAGE_VERSION}" ]; then - echo "**** Can't retrieve last pushed version, exiting ****" + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "Can't retrieve last pushed version, exiting" >> $GITHUB_STEP_SUMMARY FAILURE_REASON="Can't retrieve last pushed version for plex tag latest" curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} exit 1 fi - echo "**** Last pushed version: ${IMAGE_VERSION} ****" - if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then - echo "**** Version ${EXT_RELEASE} already pushed, exiting ****" + echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY + if [ "${EXT_RELEASE_SANITIZED}" == "${IMAGE_VERSION}" ]; then + echo "Sanitized version \`${EXT_RELEASE_SANITIZED}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY exit 0 elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then - echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****" + echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY exit 0 else - echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****" - response=$(curl -iX POST \ - https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/master/buildWithParameters?PACKAGE_CHECK=false \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") - echo "**** Jenkins job queue url: ${response%$'\r'} ****" - echo "**** Sleeping 10 seconds until job starts ****" - sleep 10 - buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') - buildurl="${buildurl%$'\r'}" - echo "**** Jenkins job build url: ${buildurl} ****" - echo "**** Attempting to change the Jenkins job description ****" - curl -iX POST \ - "${buildurl}submitDescription" \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ - --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ - --data-urlencode "Submit=Submit" - echo "**** Notifying Discord ****" - TRIGGER_REASON="A version change was detected for plex tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}" - curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, - "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], - "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + if [[ "${artifacts_found}" == "false" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> New version detected, but not all artifacts are published yet; skipping trigger" >> $GITHUB_STEP_SUMMARY + FAILURE_REASON="New version ${EXT_RELEASE} for plex tag latest is detected, however not all artifacts are uploaded to upstream release yet. Will try again later." + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, + "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + else + printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY + echo "New sanitized version \`${EXT_RELEASE_SANITIZED}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY + if [[ "${artifacts_found}" == "true" ]]; then + echo "All artifacts seem to be uploaded." >> $GITHUB_STEP_SUMMARY + fi + response=$(curl -iX POST \ + https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/master/buildWithParameters?PACKAGE_CHECK=false \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") + echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY + echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY + sleep 10 + buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') + buildurl="${buildurl%$'\r'}" + echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY + echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY + curl -iX POST \ + "${buildurl}submitDescription" \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ + --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ + --data-urlencode "Submit=Submit" + echo "**** Notifying Discord ****" + TRIGGER_REASON="A version change was detected for plex tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE_SANITIZED}" + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, + "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + fi fi diff --git a/.github/workflows/external_trigger_scheduler.yml b/.github/workflows/external_trigger_scheduler.yml index ca37175..b3649f8 100644 --- a/.github/workflows/external_trigger_scheduler.yml +++ b/.github/workflows/external_trigger_scheduler.yml @@ -2,42 +2,47 @@ name: External Trigger Scheduler on: schedule: - - cron: '45 * * * *' + - cron: '14 * * * *' workflow_dispatch: +permissions: + contents: read + jobs: external-trigger-scheduler: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.3 + - uses: actions/checkout@v4.1.1 with: fetch-depth: '0' - name: External Trigger Scheduler run: | - echo "**** Branches found: ****" - git for-each-ref --format='%(refname:short)' refs/remotes - echo "**** Pulling the yq docker image ****" - docker pull ghcr.io/linuxserver/yq - for br in $(git for-each-ref --format='%(refname:short)' refs/remotes) + printf "# External trigger scheduler for docker-plex\n\n" >> $GITHUB_STEP_SUMMARY + printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY + for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) do - br=$(echo "$br" | sed 's|origin/||g') - echo "**** Evaluating branch ${br} ****" - ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/jenkins-vars.yml \ - | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch) - if [ "$br" == "$ls_branch" ]; then - echo "**** Branch ${br} appears to be live; checking workflow. ****" + if [[ "${br}" == "HEAD" ]]; then + printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY + continue + fi + printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY + ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/jenkins-vars.yml) + ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch') + ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type') + if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then + echo "Branch appears to be live and trigger is not os; checking workflow." >> $GITHUB_STEP_SUMMARY if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then - echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****." + echo "Triggering external trigger workflow for branch." >> $GITHUB_STEP_SUMMARY curl -iX POST \ -H "Authorization: token ${{ secrets.CR_PAT }}" \ -H "Accept: application/vnd.github.v3+json" \ -d "{\"ref\":\"refs/heads/${br}\"}" \ https://api.github.com/repos/linuxserver/docker-plex/actions/workflows/external_trigger.yml/dispatches else - echo "**** Workflow doesn't exist; skipping trigger. ****" + echo "Skipping branch due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY fi else - echo "**** ${br} appears to be a dev branch; skipping trigger. ****" + echo "Skipping branch due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY fi done diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index 468e09a..9f32b52 100755 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -2,12 +2,18 @@ name: Greetings on: [pull_request_target, issues] +permissions: + contents: read + jobs: greeting: + permissions: + issues: write + pull-requests: write runs-on: ubuntu-latest steps: - uses: actions/first-interaction@v1 with: - issue-message: 'Thanks for opening your first issue here! Be sure to follow the [bug](https://github.com/linuxserver/docker-plex/blob/master/.github/ISSUE_TEMPLATE/issue.bug.md) or [feature](https://github.com/linuxserver/docker-plex/blob/master/.github/ISSUE_TEMPLATE/issue.feature.md) issue templates!' + issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.' pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-plex/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!' repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/package_trigger.yml b/.github/workflows/package_trigger.yml deleted file mode 100644 index 41b039b..0000000 --- a/.github/workflows/package_trigger.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: Package Trigger Main - -on: - workflow_dispatch: - -jobs: - package-trigger-master: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2.3.3 - - - name: Package Trigger - if: github.ref == 'refs/heads/master' - run: | - if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_PLEX_MASTER }}" ]; then - echo "**** Github secret PAUSE_PACKAGE_TRIGGER_PLEX_MASTER is set; skipping trigger. ****" - exit 0 - fi - if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then - echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****" - exit 0 - fi - echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_PLEX_MASTER\". ****" - response=$(curl -iX POST \ - https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/master/buildWithParameters?PACKAGE_CHECK=true \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") - echo "**** Jenkins job queue url: ${response%$'\r'} ****" - echo "**** Sleeping 10 seconds until job starts ****" - sleep 10 - buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') - buildurl="${buildurl%$'\r'}" - echo "**** Jenkins job build url: ${buildurl} ****" - echo "**** Attempting to change the Jenkins job description ****" - curl -iX POST \ - "${buildurl}submitDescription" \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ - --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ - --data-urlencode "Submit=Submit" diff --git a/.github/workflows/package_trigger_scheduler.yml b/.github/workflows/package_trigger_scheduler.yml index 651ca0c..be3abba 100644 --- a/.github/workflows/package_trigger_scheduler.yml +++ b/.github/workflows/package_trigger_scheduler.yml @@ -2,49 +2,102 @@ name: Package Trigger Scheduler on: schedule: - - cron: '51 3 * * 2' + - cron: '0 9 * * 1' workflow_dispatch: +permissions: + contents: read + jobs: package-trigger-scheduler: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.3 + - uses: actions/checkout@v4.1.1 with: fetch-depth: '0' - name: Package Trigger Scheduler + env: + SKIP_PACKAGE_TRIGGER: ${{ vars.SKIP_PACKAGE_TRIGGER }} run: | - echo "**** Branches found: ****" - git for-each-ref --format='%(refname:short)' refs/remotes - echo "**** Pulling the yq docker image ****" - docker pull ghcr.io/linuxserver/yq - for br in $(git for-each-ref --format='%(refname:short)' refs/remotes) + printf "# Package trigger scheduler for docker-plex\n\n" >> $GITHUB_STEP_SUMMARY + printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY + for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) do - br=$(echo "$br" | sed 's|origin/||g') - echo "**** Evaluating branch ${br} ****" - ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/jenkins-vars.yml \ - | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch) - if [ "${br}" == "${ls_branch}" ]; then - echo "**** Branch ${br} appears to be live; checking workflow. ****" - if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then - echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****" - triggered_branches="${triggered_branches}${br} " - curl -iX POST \ - -H "Authorization: token ${{ secrets.CR_PAT }}" \ - -H "Accept: application/vnd.github.v3+json" \ - -d "{\"ref\":\"refs/heads/${br}\"}" \ - https://api.github.com/repos/linuxserver/docker-plex/actions/workflows/package_trigger.yml/dispatches - sleep 30 + if [[ "${br}" == "HEAD" ]]; then + printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY + continue + fi + printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY + JENKINS_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/jenkins-vars.yml) + if ! curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/Jenkinsfile >/dev/null 2>&1; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> No Jenkinsfile found. Branch is either deprecated or is an early dev branch." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif [[ "${br}" == $(yq -r '.ls_branch' <<< "${JENKINS_VARS}") ]]; then + echo "Branch appears to be live; checking workflow." >> $GITHUB_STEP_SUMMARY + README_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-plex/${br}/readme-vars.yml) + if [[ $(yq -r '.project_deprecation_status' <<< "${README_VARS}") == "true" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Branch appears to be deprecated; skipping trigger." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif [[ $(yq -r '.skip_package_check' <<< "${JENKINS_VARS}") == "true" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Skipping branch ${br} due to \`skip_package_check\` being set in \`jenkins-vars.yml\`." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif grep -q "^plex_${br}" <<< "${SKIP_PACKAGE_TRIGGER}"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github organizational variable \`SKIP_PACKAGE_TRIGGER\` contains \`plex_${br}\`; skipping trigger." >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " + elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/${br}/lastBuild/api/json | jq -r '.building' 2>/dev/null) == "true" ]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> There already seems to be an active build on Jenkins; skipping package trigger for ${br}" >> $GITHUB_STEP_SUMMARY + skipped_branches="${skipped_branches}${br} " else - echo "**** Workflow doesn't exist; skipping trigger. ****" + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> Triggering package trigger for branch ${br}" >> $GITHUB_STEP_SUMMARY + printf "> To disable, add \`plex_%s\` into the Github organizational variable \`SKIP_PACKAGE_TRIGGER\`.\n\n" "${br}" >> $GITHUB_STEP_SUMMARY + triggered_branches="${triggered_branches}${br} " + response=$(curl -iX POST \ + https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/${br}/buildWithParameters?PACKAGE_CHECK=true \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") + if [[ -z "${response}" ]]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Jenkins build could not be triggered. Skipping branch." + continue + fi + echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY + echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY + sleep 10 + buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') + buildurl="${buildurl%$'\r'}" + echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY + echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY + if ! curl -ifX POST \ + "${buildurl}submitDescription" \ + --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ + --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ + --data-urlencode "Submit=Submit"; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Unable to change the Jenkins job description." + fi + sleep 20 fi else - echo "**** ${br} appears to be a dev branch; skipping trigger. ****" + echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY fi done - echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****" - echo "**** Notifying Discord ****" - curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, - "description": "**Package Check Build(s) Triggered for plex** \n**Branch(es):** '"${triggered_branches}"' \n**Build URL:** '"https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-plex/activity/"' \n"}], - "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + if [[ -n "${triggered_branches}" ]] || [[ -n "${skipped_branches}" ]]; then + if [[ -n "${triggered_branches}" ]]; then + NOTIFY_BRANCHES="**Triggered:** ${triggered_branches} \n" + NOTIFY_BUILD_URL="**Build URL:** https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-plex/activity/ \n" + echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****" + fi + if [[ -n "${skipped_branches}" ]]; then + NOTIFY_BRANCHES="${NOTIFY_BRANCHES}**Skipped:** ${skipped_branches} \n" + fi + echo "**** Notifying Discord ****" + curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, + "description": "**Package Check Build(s) for plex** \n'"${NOTIFY_BRANCHES}"''"${NOTIFY_BUILD_URL}"'"}], + "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} + fi diff --git a/.github/workflows/permissions.yml b/.github/workflows/permissions.yml new file mode 100755 index 0000000..02e1bdb --- /dev/null +++ b/.github/workflows/permissions.yml @@ -0,0 +1,12 @@ +name: Permission check +on: + pull_request_target: + paths: + - '**/run' + - '**/finish' + - '**/check' + - 'root/migrations/*' + +jobs: + permission_check: + uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1 diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml deleted file mode 100755 index 3b3846e..0000000 --- a/.github/workflows/stale.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Mark stale issues and pull requests - -on: - schedule: - - cron: "30 1 * * *" - -jobs: - stale: - - runs-on: ubuntu-latest - - steps: - - uses: actions/stale@v3 - with: - stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions." - stale-pr-message: "This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions." - stale-issue-label: 'no-issue-activity' - stale-pr-label: 'no-pr-activity' - days-before-stale: 30 - days-before-close: 365 - exempt-issue-labels: 'awaiting-approval,work-in-progress' - exempt-pr-labels: 'awaiting-approval,work-in-progress' - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index 6e8ad97..b733b8b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ +# Wireguard configs, you never know +wg*.conf # Windows image file caches Thumbs.db ehthumbs.db diff --git a/Dockerfile b/Dockerfile index b2ef6ce..9bd89c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,8 @@ -FROM ghcr.io/linuxserver/baseimage-ubuntu:focal +# syntax=docker/dockerfile:1 + +FROM ghcr.io/linuxserver/unrar:latest AS unrar + +FROM ghcr.io/linuxserver/baseimage-ubuntu:noble # set version label ARG BUILD_DATE @@ -8,53 +12,56 @@ LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DA LABEL maintainer="thelamer" #Add needed nvidia environment variables for https://github.com/NVIDIA/nvidia-docker -ENV NVIDIA_DRIVER_CAPABILITIES="compute,video,utility" +ENV NVIDIA_DRIVER_CAPABILITIES="compute,video,utility,graphics" # global environment settings ENV DEBIAN_FRONTEND="noninteractive" \ -PLEX_DOWNLOAD="https://downloads.plex.tv/plex-media-server-new" \ -PLEX_ARCH="amd64" \ -PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="/config/Library/Application Support" \ -PLEX_MEDIA_SERVER_HOME="/usr/lib/plexmediaserver" \ -PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6" \ -PLEX_MEDIA_SERVER_USER="abc" \ -PLEX_MEDIA_SERVER_INFO_VENDOR="Docker" \ -PLEX_MEDIA_SERVER_INFO_DEVICE="Docker Container (LinuxServer.io)" + PLEX_DOWNLOAD="https://downloads.plex.tv/plex-media-server-new" \ + PLEX_ARCH="amd64" \ + PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="/config/Library/Application Support" \ + PLEX_MEDIA_SERVER_HOME="/usr/lib/plexmediaserver" \ + PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6" \ + PLEX_MEDIA_SERVER_USER="abc" \ + PLEX_MEDIA_SERVER_INFO_VENDOR="Docker" \ + PLEX_MEDIA_SERVER_INFO_DEVICE="Docker Container (LinuxServer.io)" \ + TMPDIR=/run/plex-temp \ + ATTACHED_DEVICES_PERMS="/dev/dri /dev/dvb -type c" RUN \ - echo "**** add Intel repo ****" && \ - curl -sL https://repositories.intel.com/graphics/intel-graphics.key | apt-key add - && \ - echo 'deb [arch=amd64] https://repositories.intel.com/graphics/ubuntu focal main' > /etc/apt/sources.list.d/intel.list && \ - echo "**** install runtime packages ****" && \ - apt-get update && \ - apt-get install -y \ - jq \ - intel-opencl-icd=21.49.21786+i643~u20.04 \ - udev \ - unrar \ - wget && \ - echo "**** install plex ****" && \ - if [ -z ${PLEX_RELEASE+x} ]; then \ - PLEX_RELEASE=$(curl -sX GET 'https://plex.tv/api/downloads/5.json' \ - | jq -r '.computer.Linux.version'); \ - fi && \ - curl -o \ - /tmp/plexmediaserver.deb -L \ - "${PLEX_DOWNLOAD}/${PLEX_RELEASE}/debian/plexmediaserver_${PLEX_RELEASE}_${PLEX_ARCH}.deb" && \ - dpkg -i /tmp/plexmediaserver.deb && \ - echo "**** ensure abc user's home folder is /app ****" && \ - usermod -d /app abc && \ - echo "**** cleanup ****" && \ - apt-get clean && \ - rm -rf \ - /etc/default/plexmediaserver \ - /tmp/* \ - /var/lib/apt/lists/* \ - /var/tmp/* + echo "**** install runtime packages & wireguard ****" && \ + apt-get update && \ + apt-get install -y \ + udev \ + wget \ + iproute2 \ + wireguard-tools &&\ + echo "**** install plex ****" && \ + if [ -z ${PLEX_RELEASE+x} ]; then \ + PLEX_RELEASE=$(curl -sX GET 'https://plex.tv/api/downloads/5.json' \ + | jq -r '.computer.Linux.version'); \ + fi && \ + curl -o \ + /tmp/plexmediaserver.deb -L \ + "${PLEX_DOWNLOAD}/${PLEX_RELEASE}/debian/plexmediaserver_${PLEX_RELEASE}_${PLEX_ARCH}.deb" && \ + dpkg -i /tmp/plexmediaserver.deb && \ + echo "**** ensure abc user's home folder is /app ****" && \ + usermod -d /app abc && \ + printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \ + echo "**** cleanup ****" && \ + apt-get clean && \ + rm -rf \ + /etc/default/plexmediaserver \ + /tmp/* \ + /var/lib/apt/lists/* \ + /var/tmp/* # add local files COPY root/ / + +# add unrar +COPY --from=unrar /usr/bin/unrar-ubuntu /usr/bin/unrar + # ports and volumes -EXPOSE 32400/tcp 1900/udp 3005/tcp 5353/udp 8324/tcp 32410/udp 32412/udp 32413/udp 32414/udp 32469/tcp +EXPOSE 32400/tcp 1900/udp 5353/udp 8324/tcp 32410/udp 32412/udp 32413/udp 32414/udp 32469/tcp VOLUME /config diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 1fe09cb..50d9455 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -1,4 +1,8 @@ -FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-focal +# syntax=docker/dockerfile:1 + +FROM ghcr.io/linuxserver/unrar:arm64v8-latest AS unrar + +FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-noble # set version label ARG BUILD_DATE @@ -9,45 +13,49 @@ LABEL maintainer="thelamer" # global environment settings ENV DEBIAN_FRONTEND="noninteractive" \ -PLEX_DOWNLOAD="https://downloads.plex.tv/plex-media-server-new" \ -PLEX_ARCH="arm64" \ -PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="/config/Library/Application Support" \ -PLEX_MEDIA_SERVER_HOME="/usr/lib/plexmediaserver" \ -PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6" \ -PLEX_MEDIA_SERVER_USER="abc" \ -PLEX_MEDIA_SERVER_INFO_VENDOR="Docker" \ -PLEX_MEDIA_SERVER_INFO_DEVICE="Docker Container (LinuxServer.io)" + PLEX_DOWNLOAD="https://downloads.plex.tv/plex-media-server-new" \ + PLEX_ARCH="arm64" \ + PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="/config/Library/Application Support" \ + PLEX_MEDIA_SERVER_HOME="/usr/lib/plexmediaserver" \ + PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6" \ + PLEX_MEDIA_SERVER_USER="abc" \ + PLEX_MEDIA_SERVER_INFO_VENDOR="Docker" \ + PLEX_MEDIA_SERVER_INFO_DEVICE="Docker Container (LinuxServer.io)" \ + TMPDIR=/run/plex-temp \ + ATTACHED_DEVICES_PERMS="/dev/dri /dev/dvb -type c" RUN \ - echo "**** install runtime packages ****" && \ - apt-get update && \ - apt-get install -y \ - jq \ - udev \ - unrar \ - wget && \ - echo "**** install plex ****" && \ - if [ -z ${PLEX_RELEASE+x} ]; then \ - PLEX_RELEASE=$(curl -sX GET 'https://plex.tv/api/downloads/5.json' \ - | jq -r '.computer.Linux.version'); \ - fi && \ - curl -o \ - /tmp/plexmediaserver.deb -L \ - "${PLEX_DOWNLOAD}/${PLEX_RELEASE}/debian/plexmediaserver_${PLEX_RELEASE}_${PLEX_ARCH}.deb" && \ - dpkg -i /tmp/plexmediaserver.deb && \ - echo "**** ensure abc user's home folder is /app ****" && \ - usermod -d /app abc && \ - echo "**** cleanup ****" && \ - apt-get clean && \ - rm -rf \ - /etc/default/plexmediaserver \ - /tmp/* \ - /var/lib/apt/lists/* \ - /var/tmp/* + echo "**** install runtime packages ****" && \ + apt-get update && \ + apt-get install -y \ + udev \ + wget && \ + echo "**** install plex ****" && \ + if [ -z ${PLEX_RELEASE+x} ]; then \ + PLEX_RELEASE=$(curl -sX GET 'https://plex.tv/api/downloads/5.json' \ + | jq -r '.computer.Linux.version'); \ + fi && \ + curl -o \ + /tmp/plexmediaserver.deb -L \ + "${PLEX_DOWNLOAD}/${PLEX_RELEASE}/debian/plexmediaserver_${PLEX_RELEASE}_${PLEX_ARCH}.deb" && \ + dpkg -i /tmp/plexmediaserver.deb && \ + echo "**** ensure abc user's home folder is /app ****" && \ + usermod -d /app abc && \ + printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \ + echo "**** cleanup ****" && \ + apt-get clean && \ + rm -rf \ + /etc/default/plexmediaserver \ + /tmp/* \ + /var/lib/apt/lists/* \ + /var/tmp/* # add local files COPY root/ / +# add unrar +COPY --from=unrar /usr/bin/unrar-ubuntu /usr/bin/unrar + # ports and volumes -EXPOSE 32400/tcp 1900/udp 3005/tcp 5353/udp 8324/tcp 32410/udp 32412/udp 32413/udp 32414/udp 32469/tcp +EXPOSE 32400/tcp 1900/udp 5353/udp 8324/tcp 32410/udp 32412/udp 32413/udp 32414/udp 32469/tcp VOLUME /config diff --git a/Dockerfile.armhf b/Dockerfile.armhf deleted file mode 100644 index 2c56acb..0000000 --- a/Dockerfile.armhf +++ /dev/null @@ -1,53 +0,0 @@ -FROM ghcr.io/linuxserver/baseimage-ubuntu:arm32v7-focal - -# set version label -ARG BUILD_DATE -ARG VERSION -ARG PLEX_RELEASE -LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" -LABEL maintainer="thelamer" - -# global environment settings -ENV DEBIAN_FRONTEND="noninteractive" \ -PLEX_DOWNLOAD="https://downloads.plex.tv/plex-media-server-new" \ -PLEX_ARCH="armhf" \ -PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="/config/Library/Application Support" \ -PLEX_MEDIA_SERVER_HOME="/usr/lib/plexmediaserver" \ -PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6" \ -PLEX_MEDIA_SERVER_USER="abc" \ -PLEX_MEDIA_SERVER_INFO_VENDOR="Docker" \ -PLEX_MEDIA_SERVER_INFO_DEVICE="Docker Container (LinuxServer.io)" - -RUN \ - echo "**** install runtime packages ****" && \ - apt-get update && \ - apt-get install -y \ - jq \ - udev \ - unrar \ - wget && \ - echo "**** install plex ****" && \ - if [ -z ${PLEX_RELEASE+x} ]; then \ - PLEX_RELEASE=$(curl -sX GET 'https://plex.tv/api/downloads/5.json' \ - | jq -r '.computer.Linux.version'); \ - fi && \ - curl -o \ - /tmp/plexmediaserver.deb -L \ - "${PLEX_DOWNLOAD}/${PLEX_RELEASE}/debian/plexmediaserver_${PLEX_RELEASE}_${PLEX_ARCH}.deb" && \ - dpkg -i /tmp/plexmediaserver.deb && \ - echo "**** ensure abc user's home folder is /app ****" && \ - usermod -d /app abc && \ - echo "**** cleanup ****" && \ - apt-get clean && \ - rm -rf \ - /etc/default/plexmediaserver \ - /tmp/* \ - /var/lib/apt/lists/* \ - /var/tmp/* - -# add local files -COPY root/ / - -# ports and volumes -EXPOSE 32400/tcp 1900/udp 3005/tcp 5353/udp 8324/tcp 32410/udp 32412/udp 32413/udp 32414/udp 32469/tcp -VOLUME /config diff --git a/Jenkinsfile b/Jenkinsfile index 73d8893..f0e1f0d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -8,7 +8,7 @@ pipeline { } // Input to determine if this is a package check parameters { - string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK') + string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK') } // Configuration for the variables used for this specific repo environment { @@ -16,7 +16,9 @@ pipeline { GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab') GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0') GITLAB_NAMESPACE=credentials('gitlab-namespace-id') - SCARF_TOKEN=credentials('scarf_api_key') + DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat') + QUAYIO_API_TOKEN=credentials('quayio-repo-api-token') + GIT_SIGNING_KEY=credentials('484fbca6-9a4f-455e-b9e3-97ac98785f5f') JSON_URL = 'https://plex.tv/api/downloads/5.json' JSON_PATH = '.computer.Linux.version' BUILD_VERSION_ARG = 'PLEX_RELEASE' @@ -33,18 +35,51 @@ pipeline { CI_PORT='32400' CI_SSL='false' CI_DELAY='120' - CI_DOCKERENV='TZ=US/Pacific' - CI_AUTH='user:password' + CI_DOCKERENV='' + CI_AUTH='' CI_WEBPATH='/web/index.html' } stages { + stage("Set git config"){ + steps{ + sh '''#!/bin/bash + cat ${GIT_SIGNING_KEY} > /config/.ssh/id_sign + chmod 600 /config/.ssh/id_sign + ssh-keygen -y -f /config/.ssh/id_sign > /config/.ssh/id_sign.pub + echo "Using $(ssh-keygen -lf /config/.ssh/id_sign) to sign commits" + git config --global gpg.format ssh + git config --global user.signingkey /config/.ssh/id_sign + git config --global commit.gpgsign true + ''' + } + } // Setup all the basic environment variables needed for the build stage("Set ENV Variables base"){ steps{ + echo "Running on node: ${NODE_NAME}" + sh '''#! /bin/bash + echo "Pruning builder" + docker builder prune -f --builder container || : + containers=$(docker ps -q) + if [[ -n "${containers}" ]]; then + BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') + for container in ${containers}; do + if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then + echo "skipping buildx container in docker stop" + else + echo "Stopping container ${container}" + docker stop ${container} + fi + done + fi + docker system prune -f --volumes || : + docker image prune -af || : + ''' script{ env.EXIT_STATUS = '' + env.CI_TEST_ATTEMPTED = '' env.LS_RELEASE = sh( - script: '''docker run --rm ghcr.io/linuxserver/alexeiled-skopeo sh -c 'skopeo inspect docker://docker.io/'${DOCKERHUB_IMAGE}':latest 2>/dev/null' | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', + script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:latest 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', returnStdout: true).trim() env.LS_RELEASE_NOTES = sh( script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''', @@ -55,11 +90,20 @@ pipeline { env.COMMIT_SHA = sh( script: '''git rev-parse HEAD''', returnStdout: true).trim() + env.GH_DEFAULT_BRANCH = sh( + script: '''git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||' ''', + returnStdout: true).trim() env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/' env.PULL_REQUEST = env.CHANGE_ID - env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.md ./.github/ISSUE_TEMPLATE/issue.feature.md ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/stale.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml' + env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml' + if ( env.SYFT_IMAGE_TAG == null ) { + env.SYFT_IMAGE_TAG = 'latest' + } } + echo "Using syft image tag ${SYFT_IMAGE_TAG}" + sh '''#! /bin/bash + echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" ''' script{ env.LS_RELEASE_NUMBER = sh( script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''', @@ -117,7 +161,7 @@ pipeline { steps{ script{ env.EXT_RELEASE_CLEAN = sh( - script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g' ''', + script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/ ]//g' ''', returnStdout: true).trim() def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/ @@ -135,7 +179,7 @@ pipeline { } if (env.SEMVER != null) { - if (BRANCH_NAME != "master" && BRANCH_NAME != "main") { + if (BRANCH_NAME != "${env.GH_DEFAULT_BRANCH}") { env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}" } println("SEMVER: ${env.SEMVER}") @@ -159,13 +203,15 @@ pipeline { env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER } else { env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER } env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER env.META_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN + env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' + env.CITEST_IMAGETAG = 'latest' } } } @@ -182,7 +228,7 @@ pipeline { env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA } else { env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA } @@ -190,6 +236,8 @@ pipeline { env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/' + env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' + env.CITEST_IMAGETAG = 'develop' } } } @@ -205,15 +253,17 @@ pipeline { env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST } else { - env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST } - env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST - env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/' + env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' + env.CITEST_IMAGETAG = 'develop' } } } @@ -230,19 +280,18 @@ pipeline { script{ env.SHELLCHECK_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml' } - sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-shellcheck/master/checkrun.sh | /bin/bash''' + sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-jenkins-builder/master/checkrun.sh | /bin/bash''' sh '''#! /bin/bash - set -e - docker pull ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest docker run --rm \ - -e DESTINATION=\"${IMAGE}/${META_TAG}/shellcheck-result.xml\" \ - -e FILE_NAME="shellcheck-result.xml" \ - -e MIMETYPE="text/xml" \ - -v ${WORKSPACE}:/mnt \ - -e SECRET_KEY=\"${S3_SECRET}\" \ - -e ACCESS_KEY=\"${S3_KEY}\" \ - -t ghcr.io/linuxserver/lsiodev-spaces-file-upload:latest \ - python /upload.py''' + -v ${WORKSPACE}:/mnt \ + -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \ + -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \ + ghcr.io/linuxserver/baseimage-alpine:3.23 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\ + apk add --no-cache python3 && \ + python3 -m venv /lsiopy && \ + pip install --no-cache-dir -U pip && \ + pip install --no-cache-dir s3cmd && \ + s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :''' } } } @@ -260,8 +309,15 @@ pipeline { set -e TEMPDIR=$(mktemp -d) docker pull ghcr.io/linuxserver/jenkins-builder:latest - docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest - # Stage 1 - Jenkinsfile update + # Cloned repo paths for templating: + # ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch master of ${LS_USER}/${LS_REPO} for running the jenkins builder on + # ${TEMPDIR}/repo/${LS_REPO}: Cloned branch master of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github + # ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github + # ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos + # ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github + git clone --branch master --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME} + docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest + echo "Starting Stage 1 - Jenkinsfile update" if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then mkdir -p ${TEMPDIR}/repo git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} @@ -270,16 +326,17 @@ pipeline { cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/ git add Jenkinsfile git commit -m 'Bot Updating Templated Files' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Updating Jenkinsfile" + echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit" rm -Rf ${TEMPDIR} exit 0 else echo "Jenkinsfile is up to date." fi - # Stage 2 - Delete old templates - OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md" + echo "Starting Stage 2 - Delete old templates" + OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml .github/workflows/package_trigger.yml" for i in ${OLD_TEMPLATES}; do if [[ -f "${i}" ]]; then TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}" @@ -294,15 +351,45 @@ pipeline { git rm "${i}" done git commit -m 'Bot Updating Templated Files' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Deleting old templates" + echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit" rm -Rf ${TEMPDIR} exit 0 else echo "No templates to delete" fi - # Stage 3 - Update templates + echo "Starting Stage 2.5 - Update init diagram" + if ! grep -q 'init_diagram:' readme-vars.yml; then + echo "Adding the key 'init_diagram' to readme-vars.yml" + sed -i '\\|^#.*changelog.*$|d' readme-vars.yml + sed -i 's|^changelogs:|# init diagram\\ninit_diagram:\\n\\n# changelog\\nchangelogs:|' readme-vars.yml + fi + mkdir -p ${TEMPDIR}/d2 + docker run --rm -v ${TEMPDIR}/d2:/output -e PUID=$(id -u) -e PGID=$(id -g) -e RAW="true" ghcr.io/linuxserver/d2-builder:latest ${CONTAINER_NAME}:latest + ls -al ${TEMPDIR}/d2 + yq -ei ".init_diagram |= load_str(\\"${TEMPDIR}/d2/${CONTAINER_NAME}-latest.d2\\")" readme-vars.yml + if [[ $(md5sum readme-vars.yml | cut -c1-8) != $(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/readme-vars.yml | cut -c1-8) ]]; then + echo "'init_diagram' has been updated. Updating repo and exiting build, new one will trigger based on commit." + mkdir -p ${TEMPDIR}/repo + git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} + cd ${TEMPDIR}/repo/${LS_REPO} + git checkout -f master + cp ${WORKSPACE}/readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/readme-vars.yml + git add readme-vars.yml + git commit -m 'Bot Updating Templated Files' + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Updating templates and exiting build, new one will trigger based on commit" + rm -Rf ${TEMPDIR} + exit 0 + else + echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Init diagram is unchanged" + fi + echo "Starting Stage 3 - Update templates" CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) cd ${TEMPDIR}/docker-${CONTAINER_NAME} NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) @@ -315,36 +402,58 @@ pipeline { mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || : + cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || : cd ${TEMPDIR}/repo/${LS_REPO}/ if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then echo ".jenkins-external" >> .gitignore git add .gitignore fi - git add ${TEMPLATED_FILES} + git add readme-vars.yml ${TEMPLATED_FILES} git commit -m 'Bot Updating Templated Files' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "Updating templates and exiting build, new one will trigger based on commit" + rm -Rf ${TEMPDIR} + exit 0 else echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} + echo "No templates to update" fi - mkdir -p ${TEMPDIR}/gitbook - git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/gitbook/docker-documentation - if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/gitbook/docker-documentation/images/ - cd ${TEMPDIR}/gitbook/docker-documentation/ - git add images/docker-${CONTAINER_NAME}.md + echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub" + mkdir -p ${TEMPDIR}/docs + git clone --depth=1 https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then + cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/ + cd ${TEMPDIR}/docs/docker-documentation + GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') + git add docs/images/docker-${CONTAINER_NAME}.md + echo "Updating docs repo" git commit -m 'Bot Updating Documentation' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} || \ + (MAXWAIT="10" && echo "Push to docs failed, trying again in ${MAXWAIT} seconds" && \ + sleep $((RANDOM % MAXWAIT)) && \ + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase && \ + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH}) + else + echo "Docs update not needed, skipping" fi mkdir -p ${TEMPDIR}/unraid - git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates - git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates + git clone --depth=1 https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates + git clone --depth=1 https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml + elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then + sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml fi - if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then + echo "Updating Unraid template" cd ${TEMPDIR}/unraid/templates/ - if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then + GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') + if grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list && [[ -f ${TEMPDIR}/unraid/templates/unraid/deprecated/${CONTAINER_NAME}.xml ]]; then + echo "Image is on the ignore list, and already in the deprecation folder." + elif grep -wq "^${CONTAINER_NAME}$" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then echo "Image is on the ignore list, marking Unraid template as deprecated" cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/ git add -u unraid/${CONTAINER_NAME}.xml @@ -355,7 +464,42 @@ pipeline { git add unraid/${CONTAINER_NAME}.xml git commit -m 'Bot Updating Unraid Template' fi - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} || \ + (MAXWAIT="10" && echo "Push to unraid templates failed, trying again in ${MAXWAIT} seconds" && \ + sleep $((RANDOM % MAXWAIT)) && \ + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase && \ + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH}) + else + echo "No updates to Unraid template needed, skipping" + fi + if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then + if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then + echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub" + DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite" + else + echo "Syncing readme to Docker Hub" + DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md" + fi + if curl -s https://hub.docker.com/v2/namespaces/${DOCKERHUB_IMAGE%%/*}/repositories/${DOCKERHUB_IMAGE##*/}/tags | jq -r '.message' | grep -q 404; then + echo "Docker Hub endpoint doesn't exist. Creating endpoint first." + DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') + curl -s \ + -H "Authorization: JWT ${DH_TOKEN}" \ + -H "Content-Type: application/json" \ + -X POST \ + -d '{"name":"'${DOCKERHUB_IMAGE##*/}'", "namespace":"'${DOCKERHUB_IMAGE%%/*}'"}' \ + https://hub.docker.com/v2/repositories/ || : + fi + DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') + curl -s \ + -H "Authorization: JWT ${DH_TOKEN}" \ + -H "Content-Type: application/json" \ + -X PATCH \ + -d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \ + https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || : + else + echo "Not the default Github branch. Skipping readme sync to Docker Hub." fi rm -Rf ${TEMPDIR}''' script{ @@ -381,54 +525,48 @@ pipeline { } } } + // If this is a master build check the S6 service file perms + stage("Check S6 Service file Permissions"){ + when { + branch "master" + environment name: 'CHANGE_ID', value: '' + environment name: 'EXIT_STATUS', value: '' + } + steps { + script{ + sh '''#! /bin/bash + WRONG_PERM=$(find ./ -path "./.git" -prune -o \\( -name "run" -o -name "finish" -o -name "check" \\) -not -perm -u=x,g=x,o=x -print) + if [[ -n "${WRONG_PERM}" ]]; then + echo "The following S6 service files are missing the executable bit; canceling the faulty build: ${WRONG_PERM}" + exit 1 + else + echo "S6 service file perms look good." + fi ''' + } + } + } /* ####################### - GitLab Mirroring + GitLab Mirroring and Quay.io Repo Visibility ####################### */ - // Ping into Gitlab to mirror this repo and have a registry endpoint - stage("GitLab Mirror"){ + // Ping into Gitlab to mirror this repo and have a registry endpoint & mark this repo on Quay.io as public + stage("GitLab Mirror and Quay.io Visibility"){ when { environment name: 'EXIT_STATUS', value: '' } steps{ sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \ - -d '{"namespace_id":'${GITLAB_NAMESPACE}',\ - "name":"'${LS_REPO}'", - "mirror":true,\ - "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\ - "issues_access_level":"disabled",\ - "merge_requests_access_level":"disabled",\ - "repository_access_level":"enabled",\ - "visibility":"public"}' ''' - } - } - /* ####################### - Scarf.sh package registry - ####################### */ - // Add package to Scarf.sh and set permissions - stage("Scarf.sh package registry"){ - when { - branch "master" - environment name: 'EXIT_STATUS', value: '' - } - steps{ - sh '''#! /bin/bash - set -e - PACKAGE_UUID=$(curl -X GET -H "Authorization: Bearer ${SCARF_TOKEN}" https://scarf.sh/api/v1/organizations/linuxserver-ci/packages | jq -r '.[] | select(.name=="linuxserver/plex") | .uuid') - if [ -z "${PACKAGE_UUID}" ]; then - echo "Adding package to Scarf.sh" - curl -sX POST https://scarf.sh/api/v1/organizations/linuxserver-ci/packages \ - -H "Authorization: Bearer ${SCARF_TOKEN}" \ - -H "Content-Type: application/json" \ - -d '{"name":"linuxserver/plex",\ - "shortDescription":"example description",\ - "libraryType":"docker",\ - "website":"https://github.com/linuxserver/docker-plex",\ - "backendUrl":"https://ghcr.io/linuxserver/plex",\ - "publicUrl":"https://lscr.io/linuxserver/plex"}' || : - else - echo "Package already exists on Scarf.sh" - fi - ''' + -d '{"namespace_id":'${GITLAB_NAMESPACE}',\ + "name":"'${LS_REPO}'", + "mirror":true,\ + "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\ + "issues_access_level":"disabled",\ + "merge_requests_access_level":"disabled",\ + "repository_access_level":"enabled",\ + "visibility":"public"}' ''' + sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \ + -d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" ''' + sh '''curl -H "Content-Type: application/json" -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" -X POST "https://quay.io/api/v1/repository${QUAYIMAGE/quay.io/}/changevisibility" \ + -d '{"visibility":"public"}' ||: ''' } } /* ############### @@ -444,7 +582,8 @@ pipeline { } steps { echo "Running on node: ${NODE_NAME}" - sh "docker build \ + sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile" + sh "docker buildx build \ --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ --label \"org.opencontainers.image.authors=linuxserver.io\" \ --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-plex/packages\" \ @@ -456,9 +595,47 @@ pipeline { --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ --label \"org.opencontainers.image.title=Plex\" \ - --label \"org.opencontainers.image.description=[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. has always been a top priority. Straightforward design and bulk actions mean getting things done faster.\" \ - --no-cache --pull -t ${IMAGE}:${META_TAG} \ + --label \"org.opencontainers.image.description=[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. Straightforward design and bulk actions mean getting things done faster.\" \ + --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \ + --provenance=true --sbom=true --builder=container --load \ --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." + sh '''#! /bin/bash + set -e + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker tag ${IMAGE}:${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + done + ''' + withCredentials([ + [ + $class: 'UsernamePasswordMultiBinding', + credentialsId: 'Quay.io-Robot', + usernameVariable: 'QUAYUSER', + passwordVariable: 'QUAYPASS' + ] + ]) { + retry_backoff(5,5) { + sh '''#! /bin/bash + set -e + echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin + echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin + echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin + echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin + + if [[ "${PACKAGE_CHECK}" != "true" ]]; then + declare -A pids + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & + pids[$!]="$i" + done + for p in "${!pids[@]}"; do + wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; } + done + fi + ''' + } + } } } // Build MultiArch Docker containers for push to LS Repo @@ -474,7 +651,8 @@ pipeline { stage('Build X86') { steps { echo "Running on node: ${NODE_NAME}" - sh "docker build \ + sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile" + sh "docker buildx build \ --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ --label \"org.opencontainers.image.authors=linuxserver.io\" \ --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-plex/packages\" \ @@ -486,43 +664,47 @@ pipeline { --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ --label \"org.opencontainers.image.title=Plex\" \ - --label \"org.opencontainers.image.description=[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. has always been a top priority. Straightforward design and bulk actions mean getting things done faster.\" \ - --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} \ + --label \"org.opencontainers.image.description=[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. Straightforward design and bulk actions mean getting things done faster.\" \ + --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \ + --provenance=true --sbom=true --builder=container --load \ --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - } - } - stage('Build ARMHF') { - agent { - label 'ARMHF' - } - steps { - echo "Running on node: ${NODE_NAME}" - echo 'Logging into Github' sh '''#! /bin/bash - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin + set -e + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker tag ${IMAGE}:amd64-${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} + done ''' - sh "docker build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-plex/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-plex\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-plex\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Plex\" \ - --label \"org.opencontainers.image.description=[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. has always been a top priority. Straightforward design and bulk actions mean getting things done faster.\" \ - --no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}" - retry(5) { - sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}" + withCredentials([ + [ + $class: 'UsernamePasswordMultiBinding', + credentialsId: 'Quay.io-Robot', + usernameVariable: 'QUAYUSER', + passwordVariable: 'QUAYPASS' + ] + ]) { + retry_backoff(5,5) { + sh '''#! /bin/bash + set -e + echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin + echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin + echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin + echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin + + if [[ "${PACKAGE_CHECK}" != "true" ]]; then + declare -A pids + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & + pids[$!]="$i" + done + for p in "${!pids[@]}"; do + wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; } + done + fi + ''' + } } - sh '''docker rmi \ - ${IMAGE}:arm32v7-${META_TAG} \ - ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :''' } } stage('Build ARM64') { @@ -531,11 +713,8 @@ pipeline { } steps { echo "Running on node: ${NODE_NAME}" - echo 'Logging into Github' - sh '''#! /bin/bash - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - ''' - sh "docker build \ + sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.aarch64" + sh "docker buildx build \ --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ --label \"org.opencontainers.image.authors=linuxserver.io\" \ --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-plex/packages\" \ @@ -547,16 +726,54 @@ pipeline { --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ --label \"org.opencontainers.image.title=Plex\" \ - --label \"org.opencontainers.image.description=[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. has always been a top priority. Straightforward design and bulk actions mean getting things done faster.\" \ - --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} \ + --label \"org.opencontainers.image.description=[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. Straightforward design and bulk actions mean getting things done faster.\" \ + --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \ + --provenance=true --sbom=true --builder=container --load \ --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}" - retry(5) { - sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}" + sh '''#! /bin/bash + set -e + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker tag ${IMAGE}:arm64v8-${META_TAG} ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} + done + ''' + withCredentials([ + [ + $class: 'UsernamePasswordMultiBinding', + credentialsId: 'Quay.io-Robot', + usernameVariable: 'QUAYUSER', + passwordVariable: 'QUAYPASS' + ] + ]) { + retry_backoff(5,5) { + sh '''#! /bin/bash + set -e + echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin + echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin + echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin + echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin + if [[ "${PACKAGE_CHECK}" != "true" ]]; then + declare -A pids + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} & + pids[$!]="$i" + done + for p in "${!pids[@]}"; do + wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; } + done + fi + ''' + } } - sh '''docker rmi \ - ${IMAGE}:arm64v8-${META_TAG} \ - ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :''' + sh '''#! /bin/bash + containers=$(docker ps -aq) + if [[ -n "${containers}" ]]; then + docker stop ${containers} + fi + docker system prune -f --volumes || : + docker image prune -af || : + ''' } } } @@ -572,31 +789,17 @@ pipeline { sh '''#! /bin/bash set -e TEMPDIR=$(mktemp -d) - if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then + if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" != "true" ]; then LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG} else LOCAL_CONTAINER=${IMAGE}:${META_TAG} fi - if [ "${DIST_IMAGE}" == "alpine" ]; then - docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\ - apk info -v > /tmp/package_versions.txt && \ - sort -o /tmp/package_versions.txt /tmp/package_versions.txt && \ - chmod 777 /tmp/package_versions.txt' - elif [ "${DIST_IMAGE}" == "ubuntu" ]; then - docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\ - apt list -qq --installed | sed "s#/.*now ##g" | cut -d" " -f1 > /tmp/package_versions.txt && \ - sort -o /tmp/package_versions.txt /tmp/package_versions.txt && \ - chmod 777 /tmp/package_versions.txt' - elif [ "${DIST_IMAGE}" == "fedora" ]; then - docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\ - rpm -qa > /tmp/package_versions.txt && \ - sort -o /tmp/package_versions.txt /tmp/package_versions.txt && \ - chmod 777 /tmp/package_versions.txt' - elif [ "${DIST_IMAGE}" == "arch" ]; then - docker run --rm --entrypoint '/bin/sh' -v ${TEMPDIR}:/tmp ${LOCAL_CONTAINER} -c '\ - pacman -Q > /tmp/package_versions.txt && \ - chmod 777 /tmp/package_versions.txt' - fi + touch ${TEMPDIR}/package_versions.txt + docker run --rm \ + -v /var/run/docker.sock:/var/run/docker.sock:ro \ + -v ${TEMPDIR}:/tmp \ + ghcr.io/anchore/syft:${SYFT_IMAGE_TAG} \ + ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 ) echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github" if [ "${NEW_PACKAGE_TAG}" != "${PACKAGE_TAG}" ]; then @@ -607,7 +810,8 @@ pipeline { wait git add package_versions.txt git commit -m 'Bot Updating Package Versions' - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git master echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER} echo "Package tag updated, stopping build process" else @@ -631,13 +835,6 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { - sh '''#! /bin/bash - echo "Packages were updated. Cleaning up the image and exiting." - if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then - docker rmi ${IMAGE}:amd64-${META_TAG} - else - docker rmi ${IMAGE}:${META_TAG} - fi''' script{ env.EXIT_STATUS = 'ABORTED' } @@ -655,13 +852,6 @@ pipeline { } } steps { - sh '''#! /bin/bash - echo "There are no package updates. Cleaning up the image and exiting." - if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then - docker rmi ${IMAGE}:amd64-${META_TAG} - else - docker rmi ${IMAGE}:${META_TAG} - fi''' script{ env.EXIT_STATUS = 'ABORTED' } @@ -683,23 +873,32 @@ pipeline { ]) { script{ env.CI_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/index.html' + env.CI_JSON_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/report.json' + env.CI_TEST_ATTEMPTED = 'true' } sh '''#! /bin/bash set -e - docker pull ghcr.io/linuxserver/ci:latest + if grep -q 'docker-baseimage' <<< "${LS_REPO}"; then + echo "Detected baseimage, setting LSIO_FIRST_PARTY=true" + if [ -n "${CI_DOCKERENV}" ]; then + CI_DOCKERENV="LSIO_FIRST_PARTY=true|${CI_DOCKERENV}" + else + CI_DOCKERENV="LSIO_FIRST_PARTY=true" + fi + fi + docker pull ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} if [ "${MULTIARCH}" == "true" ]; then - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG} + docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64 docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} fi docker run --rm \ --shm-size=1gb \ -v /var/run/docker.sock:/var/run/docker.sock \ -e IMAGE=\"${IMAGE}\" \ - -e DELAY_START=\"${CI_DELAY}\" \ + -e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \ -e TAGS=\"${CI_TAGS}\" \ -e META_TAG=\"${META_TAG}\" \ + -e RELEASE_TAG=\"latest\" \ -e PORT=\"${CI_PORT}\" \ -e SSL=\"${CI_SSL}\" \ -e BASE=\"${DIST_IMAGE}\" \ @@ -709,10 +908,12 @@ pipeline { -e WEB_SCREENSHOT=\"${CI_WEB}\" \ -e WEB_AUTH=\"${CI_AUTH}\" \ -e WEB_PATH=\"${CI_WEBPATH}\" \ - -e DO_REGION="ams3" \ - -e DO_BUCKET="lsio-ci" \ - -t ghcr.io/linuxserver/ci:latest \ - python /ci/ci.py''' + -e NODE_NAME=\"${NODE_NAME}\" \ + -e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \ + -e COMMIT_SHA=\"${COMMIT_SHA}\" \ + -e BUILD_NUMBER=\"${BUILD_NUMBER}\" \ + -t ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} \ + python3 test_build.py''' } } } @@ -726,54 +927,25 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' - ], - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry(5) { - sh '''#! /bin/bash - set -e - echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - for PUSHIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do - docker tag ${IMAGE}:${META_TAG} ${PUSHIMAGE}:${META_TAG} - docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:latest - docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${EXT_RELEASE_TAG} - if [ -n "${SEMVER}" ]; then - docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${SEMVER} - fi - docker push ${PUSHIMAGE}:latest - docker push ${PUSHIMAGE}:${META_TAG} - docker push ${PUSHIMAGE}:${EXT_RELEASE_TAG} - if [ -n "${SEMVER}" ]; then - docker push ${PUSHIMAGE}:${SEMVER} - fi - done - ''' - } + retry_backoff(5,5) { sh '''#! /bin/bash - for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do - docker rmi \ - ${DELETEIMAGE}:${META_TAG} \ - ${DELETEIMAGE}:${EXT_RELEASE_TAG} \ - ${DELETEIMAGE}:latest || : + set -e + for PUSHIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do + [[ ${PUSHIMAGE%%/*} =~ \\. ]] && PUSHIMAGEPLUS="${PUSHIMAGE}" || PUSHIMAGEPLUS="docker.io/${PUSHIMAGE}" + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + if [[ "${PUSHIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then + CACHEIMAGE=${i} + fi + done + docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ + { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } if [ -n "${SEMVER}" ]; then - docker rmi ${DELETEIMAGE}:${SEMVER} || : + docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ + { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } fi done - ''' + ''' } } } @@ -784,112 +956,41 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' - ], - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry(5) { - sh '''#! /bin/bash - set -e - echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - if [ "${CI}" == "false" ]; then - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG} - docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} - fi - for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} - docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} - docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} - docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest - docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest - docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest - docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} - docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} - docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} - if [ -n "${SEMVER}" ]; then - docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER} - docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${SEMVER} - docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER} - fi - docker push ${MANIFESTIMAGE}:amd64-${META_TAG} - docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG} - docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG} - docker push ${MANIFESTIMAGE}:amd64-latest - docker push ${MANIFESTIMAGE}:arm32v7-latest - docker push ${MANIFESTIMAGE}:arm64v8-latest - docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} - docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} - docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} - if [ -n "${SEMVER}" ]; then - docker push ${MANIFESTIMAGE}:amd64-${SEMVER} - docker push ${MANIFESTIMAGE}:arm32v7-${SEMVER} - docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER} - fi - docker manifest push --purge ${MANIFESTIMAGE}:latest || : - docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest - docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm - docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8 - docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || : - docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} - docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm - docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8 - docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || : - docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} - docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} --os linux --arch arm - docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8 - if [ -n "${SEMVER}" ]; then - docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || : - docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} - docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} --os linux --arch arm - docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8 - fi - docker manifest push --purge ${MANIFESTIMAGE}:latest - docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} - docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} - if [ -n "${SEMVER}" ]; then - docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} - fi - done - ''' - } + retry_backoff(5,5) { sh '''#! /bin/bash - for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do - docker rmi \ - ${DELETEIMAGE}:amd64-${META_TAG} \ - ${DELETEIMAGE}:amd64-latest \ - ${DELETEIMAGE}:amd64-${EXT_RELEASE_TAG} \ - ${DELETEIMAGE}:arm32v7-${META_TAG} \ - ${DELETEIMAGE}:arm32v7-latest \ - ${DELETEIMAGE}:arm32v7-${EXT_RELEASE_TAG} \ - ${DELETEIMAGE}:arm64v8-${META_TAG} \ - ${DELETEIMAGE}:arm64v8-latest \ - ${DELETEIMAGE}:arm64v8-${EXT_RELEASE_TAG} || : + set -e + for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do + [[ ${MANIFESTIMAGE%%/*} =~ \\. ]] && MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" || MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" + IFS=',' read -ra CACHE <<< "$BUILDCACHE" + for i in "${CACHE[@]}"; do + if [[ "${MANIFESTIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then + CACHEIMAGE=${i} + fi + done + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } if [ -n "${SEMVER}" ]; then - docker rmi \ - ${DELETEIMAGE}:amd64-${SEMVER} \ - ${DELETEIMAGE}:arm32v7-${SEMVER} \ - ${DELETEIMAGE}:arm64v8-${SEMVER} || : + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } + docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } fi done - docker rmi \ - ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \ - ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || : - ''' + for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do + docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } + docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } + docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } + if [ -n "${SEMVER}" ]; then + docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \ + { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } + fi + done + ''' } } } @@ -904,94 +1005,246 @@ pipeline { environment name: 'EXIT_STATUS', value: '' } steps { - echo "Pushing New tag for current commit ${META_TAG}" - sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \ - -d '{"tag":"'${META_TAG}'",\ - "object": "'${COMMIT_SHA}'",\ - "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\ - "type": "commit",\ - "tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' ''' - echo "Pushing New release for Tag" sh '''#! /bin/bash + echo "Auto-generating release notes" + if [ "$(git tag --points-at HEAD)" != "" ]; then + echo "Existing tag points to current commit, suggesting no new LS changes" + AUTO_RELEASE_NOTES="No changes" + else + AUTO_RELEASE_NOTES=$(curl -fsL -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github+json" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases/generate-notes \ + -d '{"tag_name":"'${META_TAG}'",\ + "target_commitish": "master"}' \ + | jq -r '.body' | sed 's|## What.s Changed||') + fi + echo "Pushing New tag for current commit ${META_TAG}" + curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \ + -d '{"tag":"'${META_TAG}'",\ + "object": "'${COMMIT_SHA}'",\ + "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\ + "type": "commit",\ + "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' + echo "Pushing New release for Tag" echo "Data change at JSON endpoint ${JSON_URL}" > releasebody.json - echo '{"tag_name":"'${META_TAG}'",\ - "target_commitish": "master",\ - "name": "'${META_TAG}'",\ - "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start - printf '","draft": false,"prerelease": false}' >> releasebody.json - paste -d'\\0' start releasebody.json > releasebody.json.done - curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done''' + jq -n \ + --arg tag_name "$META_TAG" \ + --arg target_commitish "master" \ + --arg ci_url "${CI_URL:-N/A}" \ + --arg ls_notes "$AUTO_RELEASE_NOTES" \ + --arg remote_notes "$(cat releasebody.json)" \ + '{ + "tag_name": $tag_name, + "target_commitish": $target_commitish, + "name": $tag_name, + "body": ("**CI Report:**\\n\\n" + $ci_url + "\\n\\n**LinuxServer Changes:**\\n\\n" + $ls_notes + "\\n\\n**Remote Changes:**\\n\\n" + $remote_notes), + "draft": false, + "prerelease": false }' > releasebody.json.done + curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done + ''' } } - // Use helper container to sync the current README on master to the dockerhub endpoint - stage('Sync-README') { + // Add protection to the release branch + stage('Github-Release-Branch-Protection') { when { + branch "master" environment name: 'CHANGE_ID', value: '' environment name: 'EXIT_STATUS', value: '' } steps { - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207', - usernameVariable: 'DOCKERUSER', - passwordVariable: 'DOCKERPASS' - ] - ]) { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - docker pull ghcr.io/linuxserver/jenkins-builder:latest - docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH="${BRANCH_NAME}" -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest - docker pull ghcr.io/linuxserver/readme-sync - docker run --rm=true \ - -e DOCKERHUB_USERNAME=$DOCKERUSER \ - -e DOCKERHUB_PASSWORD=$DOCKERPASS \ - -e GIT_REPOSITORY=${LS_USER}/${LS_REPO} \ - -e DOCKER_REPOSITORY=${IMAGE} \ - -e GIT_BRANCH=master \ - -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/mnt \ - ghcr.io/linuxserver/readme-sync bash -c 'node sync' - rm -Rf ${TEMPDIR} ''' - } - } - } - // If this is a Pull request send the CI link as a comment on it - stage('Pull Request Comment') { - when { - not {environment name: 'CHANGE_ID', value: ''} - environment name: 'CI', value: 'true' - environment name: 'EXIT_STATUS', value: '' - } - steps { - sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/issues/${PULL_REQUEST}/comments \ - -d '{"body": "I am a bot, here are the test results for this PR: \\n'${CI_URL}' \\n'${SHELLCHECK_URL}'"}' ''' + echo "Setting up protection for release branch master" + sh '''#! /bin/bash + curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/master/protection \ + -d $(jq -c . << EOF + { + "required_status_checks": null, + "enforce_admins": false, + "required_pull_request_reviews": { + "dismiss_stale_reviews": false, + "require_code_owner_reviews": false, + "require_last_push_approval": false, + "required_approving_review_count": 1 + }, + "restrictions": null, + "required_linear_history": false, + "allow_force_pushes": false, + "allow_deletions": false, + "block_creations": false, + "required_conversation_resolution": true, + "lock_branch": false, + "allow_fork_syncing": false, + "required_signatures": false + } +EOF + ) ''' } } } /* ###################### - Send status to Discord + Comment on PR and Send status to Discord ###################### */ post { always { - script{ + script { + env.JOB_DATE = sh( + script: '''date '+%Y-%m-%dT%H:%M:%S%:z' ''', + returnStdout: true).trim() if (env.EXIT_STATUS == "ABORTED"){ sh 'echo "build aborted"' - } - else if (currentBuild.currentResult == "SUCCESS"){ - sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 1681177,\ - "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** Success\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ - "username": "Jenkins"}' ${BUILDS_DISCORD} ''' - } - else { - sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 16711680,\ - "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** failure\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ + }else{ + if (currentBuild.currentResult == "SUCCESS"){ + if (env.GITHUBIMAGE =~ /lspipepr/){ + env.JOB_WEBHOOK_STATUS='Success' + env.JOB_WEBHOOK_COLOUR=3957028 + env.JOB_WEBHOOK_FOOTER='PR Build' + }else if (env.GITHUBIMAGE =~ /lsiodev/){ + env.JOB_WEBHOOK_STATUS='Success' + env.JOB_WEBHOOK_COLOUR=3957028 + env.JOB_WEBHOOK_FOOTER='Dev Build' + }else{ + env.JOB_WEBHOOK_STATUS='Success' + env.JOB_WEBHOOK_COLOUR=1681177 + env.JOB_WEBHOOK_FOOTER='Live Build' + } + }else{ + if (env.GITHUBIMAGE =~ /lspipepr/){ + env.JOB_WEBHOOK_STATUS='Failure' + env.JOB_WEBHOOK_COLOUR=12669523 + env.JOB_WEBHOOK_FOOTER='PR Build' + }else if (env.GITHUBIMAGE =~ /lsiodev/){ + env.JOB_WEBHOOK_STATUS='Failure' + env.JOB_WEBHOOK_COLOUR=12669523 + env.JOB_WEBHOOK_FOOTER='Dev Build' + }else{ + env.JOB_WEBHOOK_STATUS='Failure' + env.JOB_WEBHOOK_COLOUR=16711680 + env.JOB_WEBHOOK_FOOTER='Live Build' + } + } + sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"'color'": '${JOB_WEBHOOK_COLOUR}',\ + "footer": {"text" : "'"${JOB_WEBHOOK_FOOTER}"'"},\ + "timestamp": "'${JOB_DATE}'",\ + "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** '${JOB_WEBHOOK_STATUS}'\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ "username": "Jenkins"}' ${BUILDS_DISCORD} ''' } } + script { + if (env.GITHUBIMAGE =~ /lspipepr/){ + if (env.CI_TEST_ATTEMPTED == "true"){ + sh '''#! /bin/bash + # Function to retrieve JSON data from URL + get_json() { + local url="$1" + local response=$(curl -s "$url") + if [ $? -ne 0 ]; then + echo "Failed to retrieve JSON data from $url" + return 1 + fi + local json=$(echo "$response" | jq .) + if [ $? -ne 0 ]; then + echo "Failed to parse JSON data from $url" + return 1 + fi + echo "$json" + } + + build_table() { + local data="$1" + + # Get the keys in the JSON data + local keys=$(echo "$data" | jq -r 'to_entries | map(.key) | .[]') + + # Check if keys are empty + if [ -z "$keys" ]; then + echo "JSON report data does not contain any keys or the report does not exist." + return 1 + fi + + # Build table header + local header="| Tag | Passed |\\n| --- | --- |\\n" + + # Loop through the JSON data to build the table rows + local rows="" + for build in $keys; do + local status=$(echo "$data" | jq -r ".[\\"$build\\"].test_success") + if [ "$status" = "true" ]; then + status="✅" + else + status="❌" + fi + local row="| "$build" | "$status" |\\n" + rows="${rows}${row}" + done + + local table="${header}${rows}" + local escaped_table=$(echo "$table" | sed 's/\"/\\\\"/g') + echo "$escaped_table" + } + + if [[ "${CI}" = "true" ]]; then + # Retrieve JSON data from URL + data=$(get_json "$CI_JSON_URL") + # Create table from JSON data + table=$(build_table "$data") + echo -e "$table" + + curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github.v3+json" \ + "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ + -d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" + else + curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ + -H "Accept: application/vnd.github.v3+json" \ + "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ + -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" + fi + ''' + } + } + } + sh '''#!/bin/bash + rm -rf /config/.ssh/id_sign + rm -rf /config/.ssh/id_sign.pub + git config --global --unset gpg.format + git config --global --unset user.signingkey + git config --global --unset commit.gpgsign + ''' } cleanup { + sh '''#! /bin/bash + echo "Pruning builder!!" + docker builder prune -f --builder container || : + containers=$(docker ps -q) + if [[ -n "${containers}" ]]; then + BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') + for container in ${containers}; do + if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then + echo "skipping buildx container in docker stop" + else + echo "Stopping container ${container}" + docker stop ${container} + fi + done + fi + docker system prune -f --volumes || : + docker image prune -af || : + ''' cleanWs() } } } + +def retry_backoff(int max_attempts, int power_base, Closure c) { + int n = 0 + while (n < max_attempts) { + try { + c() + return + } catch (err) { + if ((n + 1) >= max_attempts) { + throw err + } + sleep(power_base ** n) + n++ + } + } + return +} diff --git a/README.md b/README.md index 295f394..e30016f 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,24 @@ +<<<<<<< HEAD +<!-- DO NOT EDIT THIS FILE MANUALLY --> +<!-- Please read https://github.com/linuxserver/docker-plex/blob/master/.github/CONTRIBUTING.md --> +======= +due to the recent purge of Hosters by plex, this fork adds wireguard functionallity to the plex container as a quick workaround. all traffic gets tunneled. + +wireguard onfig file has to be mounted in /etc/wireguard/wg0.conf. e.g.: +``` + volumes: + - ./wg0.conf:/etc/wireguard/wg0.conf +``` + <!-- DO NOT EDIT THIS FILE MANUALLY --> <!-- Please read the https://github.com/linuxserver/docker-plex/blob/master/.github/CONTRIBUTING.md --> +>>>>>>> 72bdfaa (Update README.md) [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io) [![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!") -[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://discord.gg/YWrKVTn "realtime support / chat with the community and the team.") +[![Discord](https://img.shields.io/discord/354974912613449730.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Discord&logo=discord)](https://linuxserver.io/discord "realtime support / chat with the community and the team.") [![Discourse](https://img.shields.io/discourse/https/discourse.linuxserver.io/topics.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=discourse)](https://discourse.linuxserver.io "post on our community forum.") -[![Fleet](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Fleet)](https://fleet.linuxserver.io "an online web interface which displays all of our maintained images.") [![GitHub](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub&logo=github)](https://github.com/linuxserver "view the source for all of our repositories.") [![Open Collective](https://img.shields.io/opencollective/all/linuxserver.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=Supporters&logo=open%20collective)](https://opencollective.com/linuxserver "please consider helping us by either donating or contributing to our budget") @@ -21,15 +33,14 @@ The [LinuxServer.io](https://linuxserver.io) team brings you another container r Find us at: * [Blog](https://blog.linuxserver.io) - all the things you can do with our containers including How-To guides, opinions and much more! -* [Discord](https://discord.gg/YWrKVTn) - realtime support / chat with the community and the team. +* [Discord](https://linuxserver.io/discord) - realtime support / chat with the community and the team. * [Discourse](https://discourse.linuxserver.io) - post on our community forum. -* [Fleet](https://fleet.linuxserver.io) - an online web interface which displays all of our maintained images. * [GitHub](https://github.com/linuxserver) - view the source for all of our repositories. * [Open Collective](https://opencollective.com/linuxserver) - please consider helping us by either donating or contributing to our budget # [linuxserver/plex](https://github.com/linuxserver/docker-plex) -[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Fplex?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh/gateway/linuxserver-ci/docker/linuxserver%2Fplex) +[![Scarf.io pulls](https://scarf.sh/installs-badge/linuxserver-ci/linuxserver%2Fplex?color=94398d&label-color=555555&logo-color=ffffff&style=for-the-badge&package-type=docker)](https://scarf.sh) [![GitHub Stars](https://img.shields.io/github/stars/linuxserver/docker-plex.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-plex) [![GitHub Release](https://img.shields.io/github/release/linuxserver/docker-plex.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&logo=github)](https://github.com/linuxserver/docker-plex/releases) [![GitHub Package Repository](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=GitHub%20Package&logo=github)](https://github.com/linuxserver/docker-plex/packages) @@ -40,13 +51,13 @@ Find us at: [![Jenkins Build](https://img.shields.io/jenkins/build?labelColor=555555&logoColor=ffffff&style=for-the-badge&jobUrl=https%3A%2F%2Fci.linuxserver.io%2Fjob%2FDocker-Pipeline-Builders%2Fjob%2Fdocker-plex%2Fjob%2Fmaster%2F&logo=jenkins)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-plex/job/master/) [![LSIO CI](https://img.shields.io/badge/dynamic/yaml?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=CI&query=CI&url=https%3A%2F%2Fci-tests.linuxserver.io%2Flinuxserver%2Fplex%2Flatest%2Fci-status.yml)](https://ci-tests.linuxserver.io/linuxserver/plex/latest/index.html) -[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. has always been a top priority. Straightforward design and bulk actions mean getting things done faster. +[Plex](https://plex.tv) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. Straightforward design and bulk actions mean getting things done faster. -[![plex](http://the-gadgeteer.com/wp-content/uploads/2015/10/plex-logo-e1446990678679.png)](https://plex.tv) +[![plex](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/plex-logo.png)](https://plex.tv) ## Supported Architectures -We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/). +We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://distribution.github.io/distribution/spec/manifest-v2-2/#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/). Simply pulling `lscr.io/linuxserver/plex:latest` should retrieve the correct image for your arch, but you can also pull specific arch images via tags. @@ -56,63 +67,81 @@ The architectures supported by this image are: | :----: | :----: | ---- | | x86-64 | ✅ | amd64-\<version tag\> | | arm64 | ✅ | arm64v8-\<version tag\> | -| armhf| ✅ | arm32v7-\<version tag\> | - -## Version Tags - -This image provides various versions that are available via tags. Please read the descriptions carefully and exercise caution when using unstable or development tags. - -| Tag | Available | Description | -| :----: | :----: |--- | -| latest | ✅ | Stable releases with Focal baseimage | -| bionic | ✅ | DEPRECATED - Stable releases with Bionic baseimage | ## Application Setup Webui can be found at `<your-ip>:32400/web` -** Note about updates, if there is no value set for the VERSION variable, then no updates will take place.** +>[!NOTE] +>If there is no value set for the VERSION variable, then no updates will take place. -** For new users, no updates will take place on the first run of the container as there is no preferences file to read your token from, to update restart the Docker container after logging in through the webui** +>[!NOTE] +>For new users, no updates will take place on the first run of the container as there is no preferences file to read your token from, to update restart the Docker container after logging in through the webui. Valid settings for VERSION are:- -`IMPORTANT NOTE:- YOU CANNOT UPDATE TO A PLEXPASS ONLY (BETA) VERSION IF YOU ARE NOT LOGGED IN WITH A PLEXPASS ACCOUNT` +>[!NOTE] +>YOU CANNOT UPDATE TO A PLEXPASS ONLY (BETA) VERSION IF YOU ARE NOT LOGGED IN WITH A PLEXPASS ACCOUNT. + **`docker`**: Let Docker handle the Plex Version, we keep our Dockerhub Endpoint up to date with the latest public builds. This is the same as leaving this setting out of your create command. + **`latest`**: will update plex to the latest version available that you are entitled to. + **`public`**: will update plexpass users to the latest public version, useful for plexpass users that don't want to be on the bleeding edge but still want the latest public updates. + **`<specific-version>`**: will select a specific version (eg 0.9.12.4.1192-9a47d21) of plex to install, note you cannot use this to access plexpass versions if you do not have plexpass. -## Hardware Acceleration +### Hardware Acceleration -### Intel +Many desktop applications need access to a GPU to function properly and even some Desktop Environments have compositor effects that will not function without a GPU. However this is not a hard requirement and all base images will function without a video device mounted into the container. -Hardware acceleration users for Intel Quicksync will need to mount their /dev/dri video device inside of the container by passing the following command when running or creating the container: +#### Intel/ATI/AMD -``` +To leverage hardware acceleration you will need to mount /dev/dri video device inside of the container. + +```text --device=/dev/dri:/dev/dri ``` We will automatically ensure the abc user inside of the container has the proper permissions to access this device. -### Nvidia +#### Nvidia Hardware acceleration users for Nvidia will need to install the container runtime provided by Nvidia on their host, instructions can be found here: +https://github.com/NVIDIA/nvidia-container-toolkit -https://github.com/NVIDIA/nvidia-docker +We automatically add the necessary environment variable that will utilise all the features available on a GPU on the host. Once nvidia-container-toolkit is installed on your host you will need to re/create the docker container with the nvidia container runtime `--runtime=nvidia` and add an environment variable `-e NVIDIA_VISIBLE_DEVICES=all` (can also be set to a specific gpu's UUID, this can be discovered by running `nvidia-smi --query-gpu=gpu_name,gpu_uuid --format=csv` ). NVIDIA automatically mounts the GPU and drivers from your host into the container. -We automatically add the necessary environment variable that will utilise all the features available on a GPU on the host. Once nvidia-docker is installed on your host you will need to re/create the docker container with the nvidia container runtime `--runtime=nvidia` and add an environment variable `-e NVIDIA_VISIBLE_DEVICES=all` (can also be set to a specific gpu's UUID, this can be discovered by running `nvidia-smi --query-gpu=gpu_name,gpu_uuid --format=csv` ). NVIDIA automatically mounts the GPU and drivers from your host into the plex docker. +#### Arm Devices + +Best effort is made to install tools to allow mounting in /dev/dri on Arm devices. In most cases if /dev/dri exists on the host it should just work. If running a Raspberry Pi 4 be sure to enable `dtoverlay=vc4-fkms-v3d` in your usercfg.txt. + +## Read-Only Operation + +This image can be run with a read-only container filesystem. For details please [read the docs](https://docs.linuxserver.io/misc/read-only/). + +### Caveats + +* Runtime update of Plex (and thus Plexpass builds) is not supported. +* Transcode directory must be mounted to a host path or tmpfs. + +## Non-Root Operation + +This image can be run with a non-root user. For details please [read the docs](https://docs.linuxserver.io/misc/non-root/). + +### Caveats + +* Runtime update of Plex (and thus Plexpass builds) is not supported. +* Transcode directory must be mounted to a host path or tmpfs. ## Usage -Here are some example snippets to help you get started creating a container. +To help you get started creating a container from this image you can either use docker-compose or the docker cli. + +>[!NOTE] +>Unless a parameter is flagged as 'optional', it is *mandatory* and a value must be provided. ### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose)) ```yaml --- -version: "2.1" services: plex: image: lscr.io/linuxserver/plex:latest @@ -121,10 +150,11 @@ services: environment: - PUID=1000 - PGID=1000 + - TZ=Etc/UTC - VERSION=docker - PLEX_CLAIM= #optional volumes: - - /path/to/library:/config + - /path/to/plex/library:/config - /path/to/tvseries:/tv - /path/to/movies:/movies restart: unless-stopped @@ -138,9 +168,10 @@ docker run -d \ --net=host \ -e PUID=1000 \ -e PGID=1000 \ + -e TZ=Etc/UTC \ -e VERSION=docker \ -e PLEX_CLAIM= `#optional` \ - -v /path/to/library:/config \ + -v /path/to/plex/library:/config \ -v /path/to/tvseries:/tv \ -v /path/to/movies:/movies \ --restart unless-stopped \ @@ -149,18 +180,21 @@ docker run -d \ ## Parameters -Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container. +Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container. | Parameter | Function | | :----: | --- | | `--net=host` | Use Host Networking | | `-e PUID=1000` | for UserID - see below for explanation | | `-e PGID=1000` | for GroupID - see below for explanation | +| `-e TZ=Etc/UTC` | specify a timezone to use, see this [list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List). | | `-e VERSION=docker` | Set whether to update plex or not - see Application Setup section. | | `-e PLEX_CLAIM=` | Optionally you can obtain a claim token from https://plex.tv/claim and input here. Keep in mind that the claim tokens expire within 4 minutes. | | `-v /config` | Plex library location. *This can grow very large, 50gb+ is likely for a large collection.* | | `-v /tv` | Media goes here. Add as many as needed e.g. `/movies`, `/tv`, etc. | | `-v /movies` | Media goes here. Add as many as needed e.g. `/movies`, `/tv`, etc. | +| `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). | +| `--user=1000:1000` | Run container with a non-root user. Please [read the docs](https://docs.linuxserver.io/misc/non-root/). | ## Environment variables from files (Docker secrets) @@ -169,10 +203,10 @@ You can set any environment variable from a file by using a special prepend `FIL As an example: ```bash --e FILE__PASSWORD=/run/secrets/mysecretpassword +-e FILE__MYVAR=/run/secrets/mysecretvariable ``` -Will set the environment variable `PASSWORD` based on the contents of the `/run/secrets/mysecretpassword` file. +Will set the environment variable `MYVAR` based on the contents of the `/run/secrets/mysecretvariable` file. ## Umask for running applications @@ -189,7 +223,6 @@ If you have not already claimed your server (first time setup) you need to set ` ``` -p 32400:32400 \ -p 1900:1900/udp \ - -p 3005:3005 \ -p 5353:5353/udp \ -p 8324:8324 \ -p 32410:32410/udp \ @@ -209,15 +242,20 @@ The application accepts a series of environment variables to further customize i ## User / Group Identifiers -When using volumes (`-v` flags) permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`. +When using volumes (`-v` flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`. Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic. -In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as below: +In this instance `PUID=1000` and `PGID=1000`, to find yours use `id your_user` as below: ```bash - $ id username - uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup) +id your_user +``` + +Example output: + +```text +uid=1000(your_user) gid=1000(your_user) groups=1000(your_user) ``` ## Docker Mods @@ -228,53 +266,101 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to ## Support Info -* Shell access whilst the container is running: `docker exec -it plex /bin/bash` -* To monitor the logs of the container in realtime: `docker logs -f plex` -* container version number - * `docker inspect -f '{{ index .Config.Labels "build_version" }}' plex` -* image version number - * `docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/plex:latest` +* Shell access whilst the container is running: + + ```bash + docker exec -it plex /bin/bash + ``` + +* To monitor the logs of the container in realtime: + + ```bash + docker logs -f plex + ``` + +* Container version number: + + ```bash + docker inspect -f '{{ index .Config.Labels "build_version" }}' plex + ``` + +* Image version number: + + ```bash + docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/plex:latest + ``` ## Updating Info -Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (ie. nextcloud, plex), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image. +Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image. Below are the instructions for updating containers: ### Via Docker Compose -* Update all images: `docker-compose pull` - * or update a single image: `docker-compose pull plex` -* Let compose update all containers as necessary: `docker-compose up -d` - * or update a single container: `docker-compose up -d plex` -* You can also remove the old dangling images: `docker image prune` +* Update images: + * All images: + + ```bash + docker-compose pull + ``` + + * Single image: + + ```bash + docker-compose pull plex + ``` + +* Update containers: + * All containers: + + ```bash + docker-compose up -d + ``` + + * Single container: + + ```bash + docker-compose up -d plex + ``` + +* You can also remove the old dangling images: + + ```bash + docker image prune + ``` ### Via Docker Run -* Update the image: `docker pull lscr.io/linuxserver/plex:latest` -* Stop the running container: `docker stop plex` -* Delete the container: `docker rm plex` +* Update the image: + + ```bash + docker pull lscr.io/linuxserver/plex:latest + ``` + +* Stop the running container: + + ```bash + docker stop plex + ``` + +* Delete the container: + + ```bash + docker rm plex + ``` + * Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved) -* You can also remove the old dangling images: `docker image prune` +* You can also remove the old dangling images: -### Via Watchtower auto-updater (only use if you don't remember the original parameters) - -* Pull the latest image at its tag and replace it with the same env variables in one run: - - ```bash - docker run --rm \ - -v /var/run/docker.sock:/var/run/docker.sock \ - containrrr/watchtower \ - --run-once plex - ``` - -* You can also remove the old dangling images: `docker image prune` - -**Note:** We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose). + ```bash + docker image prune + ``` ### Image Update Notifications - Diun (Docker Image Update Notifier) -* We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported. +>[!TIP] +>We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported. ## Building locally @@ -289,16 +375,26 @@ docker build \ -t lscr.io/linuxserver/plex:latest . ``` -The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static` +The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static` ```bash -docker run --rm --privileged multiarch/qemu-user-static:register --reset +docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset ``` Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`. ## Versions +* **15.03.26:** - Allow TMPDIR to be changed to better support read-only containers +* **15.03.26:** - Fix initial claim setup on non-root containers +* **04.11.24:** - Add Nvidia capability needed for h265 +* **18.07.24:** - Rebase to Ubuntu Noble. +* **12.02.24:** - Use universal hardware acceleration blurb +* **09.01.24:** - Set ownership on TranscoderTempDirectory when it's been saved in Preferences. +* **16.08.23:** - Install unrar from [linuxserver repo](https://github.com/linuxserver/docker-unrar). +* **03.07.23:** - Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf) +* **16.10.22:** - Rebase to jammy. Update to s6v3. Remove opencl packages (bundled with plex). +* **18.07.22:** - Pin all opencl related driver packages. * **16.05.22:** - Pin opencl version. * **04.03.22:** - Increase verbosity of video device permissions fix, attempt to fix missing group rw. * **25.12.21:** - Install Intel drivers from the official repo. diff --git a/jenkins-vars.yml b/jenkins-vars.yml index 8ec8648..81f23f8 100644 --- a/jenkins-vars.yml +++ b/jenkins-vars.yml @@ -23,6 +23,6 @@ repo_vars: - CI_PORT='32400' - CI_SSL='false' - CI_DELAY='120' - - CI_DOCKERENV='TZ=US/Pacific' - - CI_AUTH='user:password' + - CI_DOCKERENV='' + - CI_AUTH='' - CI_WEBPATH='/web/index.html' diff --git a/package_versions.txt b/package_versions.txt index f87b432..d36b5b4 100755 --- a/package_versions.txt +++ b/package_versions.txt @@ -1,158 +1,148 @@ -adduser3.118ubuntu2 -apt2.0.9 -apt-utils2.0.9 -base-files11ubuntu5.5 -base-passwd3.5.47 -bash5.0-6ubuntu1.1 -bsdutils1:2.34-0.1ubuntu9.3 -bzip21.0.8-2 -ca-certificates20211016~20.04.1 -coreutils8.30-3ubuntu2 -curl7.68.0-1ubuntu2.11 -dash0.5.10.2-6 -debconf1.5.73 -debianutils4.9.1 -diffutils1:3.7-3 -dirmngr2.2.19-3ubuntu2.1 -dpkg1.19.7ubuntu3 -e2fsprogs1.45.5-2ubuntu1 -fdisk2.34-0.1ubuntu9.3 -findutils4.7.0-1ubuntu1 -gcc-10-base10.3.0-1ubuntu1~20.04 -gnupg2.2.19-3ubuntu2.1 -gnupg-l10n2.2.19-3ubuntu2.1 -gnupg-utils2.2.19-3ubuntu2.1 -gpg2.2.19-3ubuntu2.1 -gpg-agent2.2.19-3ubuntu2.1 -gpgconf2.2.19-3ubuntu2.1 -gpgsm2.2.19-3ubuntu2.1 -gpgv2.2.19-3ubuntu2.1 -gpg-wks-client2.2.19-3ubuntu2.1 -gpg-wks-server2.2.19-3ubuntu2.1 -grep3.4-1 -gzip1.10-0ubuntu4 -hostname3.23 -init-system-helpers1.57 -intel-igc-cm1.0.128+i699.3~u20.04 -intel-opencl-icd21.49.21786+i643~u20.04 -jq1.6-1ubuntu0.20.04.1 -krb5-locales1.17-6ubuntu4.1 -libacl12.2.53-6 -libapt-pkg6.02.0.9 -libasn1-8-heimdal7.7.0+dfsg-1ubuntu1 -libassuan02.5.3-7ubuntu2 -libattr11:2.4.48-5 -libaudit11:2.8.5-2ubuntu6 -libaudit-common1:2.8.5-2ubuntu6 -libblkid12.34-0.1ubuntu9.3 -libbrotli11.0.7-6ubuntu0.1 -libbz2-1.01.0.8-2 -libc62.31-0ubuntu9.7 -libcap-ng00.7.9-2.1build1 -libc-bin2.31-0ubuntu9.7 -libcom-err21.45.5-2ubuntu1 -libcrypt11:4.4.10-10ubuntu4 -libcurl47.68.0-1ubuntu2.11 -libdb5.35.3.28+dfsg1-0.6ubuntu2 -libdebconfclient00.251ubuntu1 -libext2fs21.45.5-2ubuntu1 -libfdisk12.34-0.1ubuntu9.3 -libffi73.3-4 -libgcc-s110.3.0-1ubuntu1~20.04 -libgcrypt201.8.5-5ubuntu1.1 -libgmp102:6.2.0+dfsg-4 -libgnutls303.6.13-2ubuntu1.6 -libgpg-error01.37-1 -libgssapi3-heimdal7.7.0+dfsg-1ubuntu1 -libgssapi-krb5-21.17-6ubuntu4.1 -libhcrypto4-heimdal7.7.0+dfsg-1ubuntu1 -libheimbase1-heimdal7.7.0+dfsg-1ubuntu1 -libheimntlm0-heimdal7.7.0+dfsg-1ubuntu1 -libhogweed53.5.1+really3.5.1-2ubuntu0.2 -libhx509-5-heimdal7.7.0+dfsg-1ubuntu1 -libidn2-02.2.0-2 -libigc11.0.10409+i699.3~u20.04 -libigdfcl11.0.10409+i699.3~u20.04 -libigdgmm1121.3.3+i643~u20.04 -libjq11.6-1ubuntu0.20.04.1 -libk5crypto31.17-6ubuntu4.1 -libkeyutils11.6-6ubuntu1.1 -libkmod227-1ubuntu2.1 -libkrb5-26-heimdal7.7.0+dfsg-1ubuntu1 -libkrb5-31.17-6ubuntu4.1 -libkrb5support01.17-6ubuntu4.1 -libksba81.3.5-2 -libldap-2.4-22.4.49+dfsg-2ubuntu1.9 -libldap-common2.4.49+dfsg-2ubuntu1.9 -liblz4-11.9.2-2ubuntu0.20.04.1 -liblzma55.2.4-1ubuntu1 -libmount12.34-0.1ubuntu9.3 -libncurses66.2-0ubuntu2 -libncursesw66.2-0ubuntu2 -libnettle73.5.1+really3.5.1-2ubuntu0.2 -libnghttp2-141.40.0-1build1 -libnpth01.6-1 -libonig56.9.4-1 -libp11-kit00.23.20-1ubuntu0.1 -libpam0g1.3.1-5ubuntu4.3 -libpam-modules1.3.1-5ubuntu4.3 -libpam-modules-bin1.3.1-5ubuntu4.3 -libpam-runtime1.3.1-5ubuntu4.3 -libpcre2-8-010.34-7 -libpcre32:8.39-12build1 -libprocps82:3.3.16-1ubuntu2.3 -libpsl50.21.0-1ubuntu1 -libreadline88.0-4 -libroken18-heimdal7.7.0+dfsg-1ubuntu1 -librtmp12.4+20151223.gitfa8646d.1-2build1 -libsasl2-22.1.27+dfsg-2ubuntu0.1 -libsasl2-modules2.1.27+dfsg-2ubuntu0.1 -libsasl2-modules-db2.1.27+dfsg-2ubuntu0.1 -libseccomp22.5.1-1ubuntu1~20.04.2 -libselinux13.0-1build2 -libsemanage13.0-1build2 -libsemanage-common3.0-1build2 -libsepol13.0-1 -libsmartcols12.34-0.1ubuntu9.3 -libsqlite3-03.31.1-4ubuntu0.3 -libss21.45.5-2ubuntu1 -libssh-40.9.3-2ubuntu2.2 -libssl1.11.1.1f-1ubuntu2.13 -libstdc++610.3.0-1ubuntu1~20.04 -libsystemd0245.4-4ubuntu3.15 -libtasn1-64.16.0-2 -libtinfo66.2-0ubuntu2 -libudev1245.4-4ubuntu3.17 -libunistring20.9.10-2 -libuuid12.34-0.1ubuntu9.3 -libwind0-heimdal7.7.0+dfsg-1ubuntu1 -libz3-44.8.7-4build1 -libzstd11.4.4+dfsg-3ubuntu0.1 -locales2.31-0ubuntu9.9 -login1:4.8.1-1ubuntu5.20.04.1 -logsave1.45.5-2ubuntu1 -lsb-base11.1.0ubuntu2 -mawk1.3.4.20200120-2 -mount2.34-0.1ubuntu9.3 -ncurses-base6.2-0ubuntu2 -ncurses-bin6.2-0ubuntu2 -ocl-icd-libopencl12.2.11-1ubuntu1 -openssl1.1.1f-1ubuntu2.13 -passwd1:4.8.1-1ubuntu5.20.04.1 -perl-base5.30.0-9ubuntu0.2 -pinentry-curses1.1.0-3build1 -plexmediaserver1.27.1.5916-6b0e31a64 -procps2:3.3.16-1ubuntu2.3 -publicsuffix20200303.0012-1 -readline-common8.0-4 -sed4.7-1 -sensible-utils0.0.12+nmu1 -sysvinit-utils2.96-2.1ubuntu1 -tar1.30+dfsg-7ubuntu0.20.04.2 -tzdata2022a-0ubuntu0.20.04 -ubuntu-keyring2020.02.11.4 -udev245.4-4ubuntu3.17 -unrar1:5.6.6-2build1 -util-linux2.34-0.1ubuntu9.3 -wget1.20.3-1ubuntu2 -zlib1g1:1.2.11.dfsg-2ubuntu1.2 +NAME VERSION TYPE +adduser 3.137ubuntu1 deb +apt 2.8.3 deb +apt-utils 2.8.3 deb +base-files 13ubuntu10.4 deb +base-passwd 3.6.3build1 deb +bash 5.2.21-2ubuntu4 deb +bsdutils 1:2.39.3-9ubuntu6.5 deb +ca-certificates 20240203 deb +catatonit 0.1.7-1 deb +coreutils 9.4-3ubuntu6.2 deb +cron 3.0pl1-184ubuntu2 deb +cron-daemon-common 3.0pl1-184ubuntu2 deb +curl 8.5.0-2ubuntu10.8 deb +dash 0.5.12-6ubuntu5 deb +debconf 1.5.86ubuntu1 deb +debianutils 5.17build1 deb +diffutils 1:3.10-1build1 deb +dirmngr 2.4.4-2ubuntu17.4 deb +dpkg 1.22.6ubuntu6.5 deb +e2fsprogs 1.47.0-2.4~exp1ubuntu4.1 deb +findutils 4.9.0-5build1 deb +gcc-14-base 14.2.0-4ubuntu2~24.04.1 deb +gnupg 2.4.4-2ubuntu17.4 deb +gnupg-l10n 2.4.4-2ubuntu17.4 deb +gnupg-utils 2.4.4-2ubuntu17.4 deb +gpg 2.4.4-2ubuntu17.4 deb +gpg-agent 2.4.4-2ubuntu17.4 deb +gpg-wks-client 2.4.4-2ubuntu17.4 deb +gpgconf 2.4.4-2ubuntu17.4 deb +gpgsm 2.4.4-2ubuntu17.4 deb +gpgv 2.4.4-2ubuntu17.4 deb +grep 3.11-4build1 deb +gzip 1.12-1ubuntu3.1 deb +hostname 3.23+nmu2ubuntu2 deb +init-system-helpers 1.66ubuntu1 deb +jq 1.7.1-3ubuntu0.24.04.2 deb +keyboxd 2.4.4-2ubuntu17.4 deb +krb5-locales 1.20.1-6ubuntu2.6 deb +libacl1 2.3.2-1build1.1 deb +libapt-pkg6.0t64 2.8.3 deb +libassuan0 2.5.6-1build1 deb +libattr1 1:2.5.2-1build1.1 deb +libaudit-common 1:3.1.2-2.1build1.1 deb +libaudit1 1:3.1.2-2.1build1.1 deb +libblkid1 2.39.3-9ubuntu6.5 deb +libbrotli1 1.1.0-2build2 deb +libbsd0 0.12.1-1build1.1 deb +libbz2-1.0 1.0.8-5.1build0.1 deb +libc-bin 2.39-0ubuntu8.7 deb +libc6 2.39-0ubuntu8.7 deb +libcap-ng0 0.8.4-2build2 deb +libcap2 1:2.66-5ubuntu2.4 deb +libcom-err2 1.47.0-2.4~exp1ubuntu4.1 deb +libcrypt1 1:4.4.36-4build1 deb +libcurl4t64 8.5.0-2ubuntu10.8 deb +libdb5.3t64 5.3.28+dfsg2-7 deb +libdebconfclient0 0.271ubuntu3 deb +libext2fs2t64 1.47.0-2.4~exp1ubuntu4.1 deb +libffi8 3.4.6-1build1 deb +libgcc-s1 14.2.0-4ubuntu2~24.04.1 deb +libgcrypt20 1.10.3-2build1 deb +libgmp10 2:6.3.0+dfsg-2ubuntu6.1 deb +libgnutls30t64 3.8.3-1.1ubuntu3.5 deb +libgpg-error0 1.47-3build2.1 deb +libgssapi-krb5-2 1.20.1-6ubuntu2.6 deb +libhogweed6t64 3.9.1-2.2build1.1 deb +libidn2-0 2.3.7-2build1.1 deb +libjq1 1.7.1-3ubuntu0.24.04.2 deb +libk5crypto3 1.20.1-6ubuntu2.6 deb +libkeyutils1 1.6.3-3build1 deb +libkmod2 31+20240202-2ubuntu7.2 deb +libkrb5-3 1.20.1-6ubuntu2.6 deb +libkrb5support0 1.20.1-6ubuntu2.6 deb +libksba8 1.6.6-1build1 deb +libldap-common 2.6.10+dfsg-0ubuntu0.24.04.1 deb +libldap2 2.6.10+dfsg-0ubuntu0.24.04.1 deb +liblz4-1 1.9.4-1build1.1 deb +liblzma5 5.6.1+really5.4.5-1ubuntu0.2 deb +libmd0 1.1.0-2build1.1 deb +libmount1 2.39.3-9ubuntu6.5 deb +libncursesw6 6.4+20240113-1ubuntu2 deb +libnettle8t64 3.9.1-2.2build1.1 deb +libnghttp2-14 1.59.0-1ubuntu0.2 deb +libnpth0t64 1.6-3.1build1 deb +libonig5 6.9.9-1build1 deb +libp11-kit0 0.25.3-4ubuntu2.1 deb +libpam-modules 1.5.3-5ubuntu5.5 deb +libpam-modules-bin 1.5.3-5ubuntu5.5 deb +libpam-runtime 1.5.3-5ubuntu5.5 deb +libpam0g 1.5.3-5ubuntu5.5 deb +libpcre2-8-0 10.42-4ubuntu2.1 deb +libproc2-0 2:4.0.4-4ubuntu3.2 deb +libpsl5t64 0.21.2-1.1build1 deb +libreadline8t64 8.2-4build1 deb +librtmp1 2.4+20151223.gitfa8646d.1-2build7 deb +libsasl2-2 2.1.28+dfsg1-5ubuntu3.1 deb +libsasl2-modules 2.1.28+dfsg1-5ubuntu3.1 deb +libsasl2-modules-db 2.1.28+dfsg1-5ubuntu3.1 deb +libseccomp2 2.5.5-1ubuntu3.1 deb +libselinux1 3.5-2ubuntu2.1 deb +libsemanage-common 3.5-1build5 deb +libsemanage2 3.5-1build5 deb +libsepol2 3.5-2build1 deb +libsmartcols1 2.39.3-9ubuntu6.5 deb +libsqlite3-0 3.45.1-1ubuntu2.5 deb +libss2 1.47.0-2.4~exp1ubuntu4.1 deb +libssh-4 0.10.6-2ubuntu0.4 deb +libssl3t64 3.0.13-0ubuntu3.9 deb +libstdc++6 14.2.0-4ubuntu2~24.04.1 deb +libsystemd0 255.4-1ubuntu8.15 deb +libtasn1-6 4.19.0-3ubuntu0.24.04.2 deb +libtinfo6 6.4+20240113-1ubuntu2 deb +libudev1 255.4-1ubuntu8.15 deb +libunistring5 1.1-2build1.1 deb +libuuid1 2.39.3-9ubuntu6.5 deb +libxxhash0 0.8.2-2build1 deb +libzstd1 1.5.5+dfsg2-2build1.1 deb +locales 2.39-0ubuntu8.7 deb +login 1:4.13+dfsg1-4ubuntu3.2 deb +logsave 1.47.0-2.4~exp1ubuntu4.1 deb +mawk 1.3.4.20240123-1build1 deb +mount 2.39.3-9ubuntu6.5 deb +ncurses-base 6.4+20240113-1ubuntu2 deb +ncurses-bin 6.4+20240113-1ubuntu2 deb +netcat-openbsd 1.226-1ubuntu2 deb +openssl 3.0.13-0ubuntu3.9 deb +passwd 1:4.13+dfsg1-4ubuntu3.2 deb +perl-base 5.38.2-3.2ubuntu0.2 deb +pinentry-curses 1.2.1-3ubuntu5 deb +plexmediaserver 1.43.1.10611-1e34174b1 deb +procps 2:4.0.4-4ubuntu3.2 deb +publicsuffix 20231001.0357-0.1 deb +readline-common 8.2-4build1 deb +sed 4.9-2build1 deb +sensible-utils 0.0.22 deb +systemd-dev 255.4-1ubuntu8.15 deb +systemd-hwe-hwdb 255.1.7 deb +systemd-standalone-sysusers 255.4-1ubuntu8.15 deb +sysvinit-utils 3.08-6ubuntu3 deb +tar 1.35+dfsg-3build1 deb +tzdata 2026a-0ubuntu0.24.04.1 deb +ubuntu-keyring 2023.11.28.1 deb +udev 255.4-1ubuntu8.15 deb +unminimize 0.2.1 deb +util-linux 2.39.3-9ubuntu6.5 deb +wget 1.21.4-1ubuntu4.1 deb +zlib1g 1:1.3.dfsg-3.1ubuntu2.1 deb diff --git a/readme-vars.yml b/readme-vars.yml index 5bf8d14..9f7a516 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -3,43 +3,32 @@ # project information project_name: plex project_url: "https://plex.tv" -project_logo: "http://the-gadgeteer.com/wp-content/uploads/2015/10/plex-logo-e1446990678679.png" -project_blurb: "[{{ project_name|capitalize }}]({{ project_url }}) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. has always been a top priority. Straightforward design and bulk actions mean getting things done faster." - +project_logo: "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/plex-logo.png" +project_blurb: "[{{ project_name|capitalize }}]({{ project_url }}) organizes video, music and photos from personal media libraries and streams them to smart TVs, streaming boxes and mobile devices. This container is packaged as a standalone Plex Media Server. Straightforward design and bulk actions mean getting things done faster." project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_name }}" - +project_categories: "Media Servers,Music,Audiobooks" # supported architectures available_architectures: - - { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"} - - { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"} - - { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"} - -# development version -development_versions: true -development_versions_items: - - { tag: "latest", desc: "Stable releases with Focal baseimage" } - - { tag: "bionic", desc: "DEPRECATED - Stable releases with Bionic baseimage" } - + - {arch: "{{ arch_x86_64 }}", tag: "amd64-latest"} + - {arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"} # container parameters common_param_env_vars_enabled: true #PGID, PUID, etc param_container_name: "{{ project_name }}" param_usage_include_vols: true param_volumes: - - { vol_path: "/config", vol_host_path: "/path/to/library", desc: "Plex library location. *This can grow very large, 50gb+ is likely for a large collection.*" } - - { vol_path: "/tv", vol_host_path: "/path/to/tvseries", desc: "Media goes here. Add as many as needed e.g. `/movies`, `/tv`, etc." } - - { vol_path: "/movies", vol_host_path: "/path/to/movies", desc: "Media goes here. Add as many as needed e.g. `/movies`, `/tv`, etc." } -param_usage_include_ports: false + - {vol_path: "/config", vol_host_path: "/path/to/{{ project_name }}/library", desc: "Plex library location. *This can grow very large, 50gb+ is likely for a large collection.*"} + - {vol_path: "/tv", vol_host_path: "/path/to/tvseries", desc: "Media goes here. Add as many as needed e.g. `/movies`, `/tv`, etc."} + - {vol_path: "/movies", vol_host_path: "/path/to/movies", desc: "Media goes here. Add as many as needed e.g. `/movies`, `/tv`, etc."} param_usage_include_net: true param_net: "host" param_net_desc: "Use Host Networking" param_usage_include_env: true param_env_vars: - - { env_var: "VERSION", env_value: "docker", desc: "Set whether to update plex or not - see Application Setup section."} + - {env_var: "VERSION", env_value: "docker", desc: "Set whether to update plex or not - see Application Setup section."} # optional env variables opt_param_usage_include_env: true opt_param_env_vars: - - { env_var: "PLEX_CLAIM", env_value: "", desc: "Optionally you can obtain a claim token from https://plex.tv/claim and input here. Keep in mind that the claim tokens expire within 4 minutes."} - + - {env_var: "PLEX_CLAIM", env_value: "", desc: "Optionally you can obtain a claim token from https://plex.tv/claim and input here. Keep in mind that the claim tokens expire within 4 minutes."} optional_parameters: | If you want to run the container in bridge network mode (instead of the recommended host network mode) you will need to specify ports. The [official documentation for ports](https://support.plex.tv/articles/201543147-what-network-ports-do-i-need-to-allow-through-my-firewall/) lists 32400 as the only required port. @@ -49,7 +38,6 @@ optional_parameters: | ``` -p 32400:32400 \ -p 1900:1900/udp \ - -p 3005:3005 \ -p 5353:5353/udp \ -p 8324:8324 \ -p 32410:32410/udp \ @@ -66,83 +54,122 @@ optional_parameters: | | :---: | --- | | `--device=/dev/dri:/dev/dri` | Add this option to your run command if you plan on using Quicksync hardware acceleration - see Application Setup section.| | `--device=/dev/dvb:/dev/dvb` | Add this option to your run command if you plan on using dvb devices.| - # application setup block app_setup_block_enabled: true app_setup_block: | Webui can be found at `<your-ip>:32400/web` - ** Note about updates, if there is no value set for the VERSION variable, then no updates will take place.** + ?+note[Updates](|If there is no value set for the VERSION variable, then no updates will take place.|) - ** For new users, no updates will take place on the first run of the container as there is no preferences file to read your token from, to update restart the Docker container after logging in through the webui** + ?+note[New users](|For new users, no updates will take place on the first run of the container as there is no preferences file to read your token from, to update restart the Docker container after logging in through the webui.|) Valid settings for VERSION are:- - `IMPORTANT NOTE:- YOU CANNOT UPDATE TO A PLEXPASS ONLY (BETA) VERSION IF YOU ARE NOT LOGGED IN WITH A PLEXPASS ACCOUNT` + ?+info[Plexpass](|YOU CANNOT UPDATE TO A PLEXPASS ONLY (BETA) VERSION IF YOU ARE NOT LOGGED IN WITH A PLEXPASS ACCOUNT.|) + **`docker`**: Let Docker handle the Plex Version, we keep our Dockerhub Endpoint up to date with the latest public builds. This is the same as leaving this setting out of your create command. + **`latest`**: will update plex to the latest version available that you are entitled to. + **`public`**: will update plexpass users to the latest public version, useful for plexpass users that don't want to be on the bleeding edge but still want the latest public updates. + **`<specific-version>`**: will select a specific version (eg 0.9.12.4.1192-9a47d21) of plex to install, note you cannot use this to access plexpass versions if you do not have plexpass. - - ## Hardware Acceleration - - ### Intel - - Hardware acceleration users for Intel Quicksync will need to mount their /dev/dri video device inside of the container by passing the following command when running or creating the container: - - ``` - --device=/dev/dri:/dev/dri - ``` - - We will automatically ensure the abc user inside of the container has the proper permissions to access this device. - - ### Nvidia - - Hardware acceleration users for Nvidia will need to install the container runtime provided by Nvidia on their host, instructions can be found here: - - https://github.com/NVIDIA/nvidia-docker - - We automatically add the necessary environment variable that will utilise all the features available on a GPU on the host. Once nvidia-docker is installed on your host you will need to re/create the docker container with the nvidia container runtime `--runtime=nvidia` and add an environment variable `-e NVIDIA_VISIBLE_DEVICES=all` (can also be set to a specific gpu's UUID, this can be discovered by running `nvidia-smi --query-gpu=gpu_name,gpu_uuid --format=csv` ). NVIDIA automatically mounts the GPU and drivers from your host into the plex docker. - +readme_hwaccel: true +readonly_supported: true +readonly_message: | + * Runtime update of Plex (and thus Plexpass builds) is not supported. + * Transcode directory must be mounted to a host path or tmpfs. +nonroot_supported: true +nonroot_message: | + * Runtime update of Plex (and thus Plexpass builds) is not supported. + * Transcode directory must be mounted to a host path or tmpfs. +# init diagram +init_diagram: | + "plex:latest": { + docker-mods + base { + fix-attr +\nlegacy cont-init + } + docker-mods -> base + legacy-services + custom services + init-services -> legacy-services + init-services -> custom services + custom services -> legacy-services + legacy-services -> ci-service-check + init-migrations -> init-adduser + init-os-end -> init-config + init-config -> init-config-end + init-crontab-config -> init-config-end + init-plex-update -> init-config-end + init-config -> init-crontab-config + init-mods-end -> init-custom-files + init-adduser -> init-device-perms + base -> init-envfile + base -> init-migrations + init-config-end -> init-mods + init-mods-package-install -> init-mods-end + init-mods -> init-mods-package-install + init-adduser -> init-os-end + init-device-perms -> init-os-end + init-envfile -> init-os-end + init-config -> init-plex-chown + init-plex-chown -> init-plex-claim + init-plex-claim -> init-plex-update + init-custom-files -> init-services + init-services -> svc-cron + svc-cron -> legacy-services + init-services -> svc-plex + svc-plex -> legacy-services + } + Base Images: { + "baseimage-ubuntu:noble" + } + "plex:latest" <- Base Images # changelog changelogs: - - { date: "16.05.22:", desc: "Pin opencl version." } - - { date: "04.03.22:", desc: "Increase verbosity of video device permissions fix, attempt to fix missing group rw." } - - { date: "25.12.21:", desc: "Install Intel drivers from the official repo." } - - { date: "20.01.21:", desc: "Deprecate `UMASK_SET` in favor of UMASK in baseimage, see above for more information." } - - { date: "10.12.20:", desc: "Add latest Intel Compute packages from github repo for opencl support on latest gen igpu." } - - { date: "23.11.20:", desc: "Add Bionic branch make Focal default." } - - { date: "03.05.20:", desc: "Update exposed ports and example docs for bridge mode." } - - { date: "23.03.20:", desc: "Remove udev hack (no longer needed), suppress uuid error in log during first start." } - - { date: "04.12.19:", desc: "Add variable for setting PLEX_CLAIM. Remove `/transcode` volume mapping as it is now set via plex gui and defaults to a location under `/config`." } - - { date: "06.08.19:", desc: "Add variable for setting UMASK." } - - { date: "10.07.19:", desc: "Fix permissions for tuner (/dev/dvb) devices." } - - { date: "20.05.19:", desc: "Bugfix do not allow Root group for Intel QuickSync ownership rules." } - - { date: "23.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag." } - - { date: "22.03.19:", desc: "Fix update logic for `VERSION=public`." } - - { date: "14.03.19:", desc: "Switch to new api endpoints, enable beta (plex pass) updates for armhf and aarch64." } - - { date: "15.02.19:", desc: "Clean up plex pid after unclean stop." } - - { date: "11.02.19:", desc: "Fix nvidia variables, add device variables." } - - { date: "16.01.19:", desc: "Add pipeline logic, multi arch, and HW transcoding configuration; remove avahi service." } - - { date: "07.09.18:", desc: "Rebase to ubuntu bionic, add udev package." } - - { date: "09.12.17:", desc: "Fix continuation lines." } - - { date: "12.07.17:", desc: "Add inspect commands to README, move to jenkins build and push." } - - { date: "28.05.17:", desc: "Add unrar package as per requests, for subzero plugin." } - - { date: "11.01.17:", desc: "Use Plex environment variables from pms docker, - change abc home folder to /app to alleviate usermod chowning library" } - - { date: "03.01.17:", desc: "Use case insensitive version variable matching rather than export and make lowercase." } - - { date: "17.10.16:", desc: "Allow use of uppercase version variable" } - - { date: "01.10.16:", desc: "Add TZ info to README." } - - { date: "09.09.16:", desc: "Add layer badges to README." } - - { date: "27.08.16:", desc: "Add badges to README." } - - { date: "22.08.16:", desc: "Rebased to xenial and s6 overlay" } - - { date: "07.04.16:", desc: "removed `/transcode` volume support (upstream Plex change) and modified PlexPass download method to prevent unauthorised usage of paid PMS" } - - { date: "24.09.15:", desc: "added optional support for volume transcoding (/transcode), and various typo fixes." } - - { date: "17.09.15:", desc: "Changed to run chmod only once" } - - { date: "19.09.15:", desc: "Plex updated their download servers from http to https" } - - { date: "28.08.15:", desc: "Removed plexpass from routine, and now uses VERSION as a combination fix." } - - { date: "18.07.15:", desc: "Moved autoupdate to be hosted by linuxserver.io and implemented bugfix thanks to ljm42." } - - { date: "09.07.15:", desc: "Now with ability to pick static version number." } - - { date: "08.07.15:", desc: "Now with autoupdates. (Hosted by fanart.tv)" } - - { date: "03.07.15:", desc: "Fixed a mistake that allowed plex to run as user plex rather than abc (99:100). Thanks to double16 for spotting this." } + - {date: "15.03.26:", desc: "Allow TMPDIR to be changed to better support read-only containers"} + - {date: "15.03.26:", desc: "Fix initial claim setup on non-root containers"} + - {date: "04.11.24:", desc: "Add Nvidia capability needed for h265"} + - {date: "18.07.24:", desc: "Rebase to Ubuntu Noble."} + - {date: "12.02.24:", desc: "Use universal hardware acceleration blurb"} + - {date: "09.01.24:", desc: "Set ownership on TranscoderTempDirectory when it's been saved in Preferences."} + - {date: "16.08.23:", desc: "Install unrar from [linuxserver repo](https://github.com/linuxserver/docker-unrar)."} + - {date: "03.07.23:", desc: "Deprecate armhf. As announced [here](https://www.linuxserver.io/blog/a-farewell-to-arm-hf)"} + - {date: "16.10.22:", desc: "Rebase to jammy. Update to s6v3. Remove opencl packages (bundled with plex)."} + - {date: "18.07.22:", desc: "Pin all opencl related driver packages."} + - {date: "16.05.22:", desc: "Pin opencl version."} + - {date: "04.03.22:", desc: "Increase verbosity of video device permissions fix, attempt to fix missing group rw."} + - {date: "25.12.21:", desc: "Install Intel drivers from the official repo."} + - {date: "20.01.21:", desc: "Deprecate `UMASK_SET` in favor of UMASK in baseimage, see above for more information."} + - {date: "10.12.20:", desc: "Add latest Intel Compute packages from github repo for opencl support on latest gen igpu."} + - {date: "23.11.20:", desc: "Add Bionic branch make Focal default."} + - {date: "03.05.20:", desc: "Update exposed ports and example docs for bridge mode."} + - {date: "23.03.20:", desc: "Remove udev hack (no longer needed), suppress uuid error in log during first start."} + - {date: "04.12.19:", desc: "Add variable for setting PLEX_CLAIM. Remove `/transcode` volume mapping as it is now set via plex gui and defaults to a location under `/config`."} + - {date: "06.08.19:", desc: "Add variable for setting UMASK."} + - {date: "10.07.19:", desc: "Fix permissions for tuner (/dev/dvb) devices."} + - {date: "20.05.19:", desc: "Bugfix do not allow Root group for Intel QuickSync ownership rules."} + - {date: "23.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag."} + - {date: "22.03.19:", desc: "Fix update logic for `VERSION=public`."} + - {date: "14.03.19:", desc: "Switch to new api endpoints, enable beta (plex pass) updates for armhf and aarch64."} + - {date: "15.02.19:", desc: "Clean up plex pid after unclean stop."} + - {date: "11.02.19:", desc: "Fix nvidia variables, add device variables."} + - {date: "16.01.19:", desc: "Add pipeline logic, multi arch, and HW transcoding configuration; remove avahi service."} + - {date: "07.09.18:", desc: "Rebase to ubuntu bionic, add udev package."} + - {date: "09.12.17:", desc: "Fix continuation lines."} + - {date: "12.07.17:", desc: "Add inspect commands to README, move to jenkins build and push."} + - {date: "28.05.17:", desc: "Add unrar package as per requests, for subzero plugin."} + - {date: "11.01.17:", desc: "Use Plex environment variables from pms docker, change abc home folder to /app to alleviate usermod chowning library"} + - {date: "03.01.17:", desc: "Use case insensitive version variable matching rather than export and make lowercase."} + - {date: "17.10.16:", desc: "Allow use of uppercase version variable"} + - {date: "01.10.16:", desc: "Add TZ info to README."} + - {date: "09.09.16:", desc: "Add layer badges to README."} + - {date: "27.08.16:", desc: "Add badges to README."} + - {date: "22.08.16:", desc: "Rebased to xenial and s6 overlay"} + - {date: "07.04.16:", desc: "removed `/transcode` volume support (upstream Plex change) and modified PlexPass download method to prevent unauthorised usage of paid PMS"} + - {date: "24.09.15:", desc: "added optional support for volume transcoding (/transcode), and various typo fixes."} + - {date: "17.09.15:", desc: "Changed to run chmod only once"} + - {date: "19.09.15:", desc: "Plex updated their download servers from http to https"} + - {date: "28.08.15:", desc: "Removed plexpass from routine, and now uses VERSION as a combination fix."} + - {date: "18.07.15:", desc: "Moved autoupdate to be hosted by linuxserver.io and implemented bugfix thanks to ljm42."} + - {date: "09.07.15:", desc: "Now with ability to pick static version number."} + - {date: "08.07.15:", desc: "Now with autoupdates. (Hosted by fanart.tv)"} + - {date: "03.07.15:", desc: "Fixed a mistake that allowed plex to run as user plex rather than abc (99:100). Thanks to double16 for spotting this."} diff --git a/root/defaults/plexmediaserver b/root/defaults/plexmediaserver deleted file mode 100644 index 071c896..0000000 --- a/root/defaults/plexmediaserver +++ /dev/null @@ -1,16 +0,0 @@ -# default script for Plex Media Server - -# the number of plugins that can run at the same time -PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS=6 - -# ulimit -s $PLEX_MEDIA_SERVER_MAX_STACK_SIZE -PLEX_MEDIA_SERVER_MAX_STACK_SIZE=3000 - -# uncomment to set it to something else -PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="/config/Library/Application Support" - -# the user that PMS should run as, defaults to 'plex' -# note that if you change this you might need to move -# the Application Support directory to not lose your -# media library -PLEX_MEDIA_SERVER_USER=abc diff --git a/root/etc/cont-init.d/40-chown-files b/root/etc/cont-init.d/40-chown-files deleted file mode 100644 index 12b63b4..0000000 --- a/root/etc/cont-init.d/40-chown-files +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/with-contenv bash - -# create folders -if [ ! -d "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" ]; then \ -mkdir -p "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" -chown -R abc:abc /config -fi - -# check Library permissions -PUID=${PUID:-911} -if [ ! "$(stat -c %u /config/Library)" = "$PUID" ]; then - echo "Change in ownership detected, please be patient while we chown existing files" - echo "This could take some time" - chown abc:abc -R \ - /config/Library -fi - -# remove plex pid after unclean stop -[[ -f "/config/Library/Application Support/Plex Media Server/plexmediaserver.pid" ]] && \ - rm -f "/config/Library/Application Support/Plex Media Server/plexmediaserver.pid" - -# permissions (non-recursive) on config root and folders -chown abc:abc \ - /config \ - /config/* diff --git a/root/etc/cont-init.d/45-plex-claim b/root/etc/cont-init.d/45-plex-claim deleted file mode 100644 index 6c546bf..0000000 --- a/root/etc/cont-init.d/45-plex-claim +++ /dev/null @@ -1,79 +0,0 @@ -#!/usr/bin/with-contenv bash - -if grep -qs "PlexOnlineToken" "/config/Library/Application Support/Plex Media Server/Preferences.xml" || [ -z "$PLEX_CLAIM" ]; then - exit 0 -fi -PREFNAME="/config/Library/Application Support/Plex Media Server/Preferences.xml" -if [ ! -f "${PREFNAME}" ]; then - UMASK_SET="${UMASK_SET:-022}" - umask "$UMASK_SET" - echo "Temporarily starting Plex Media Server." - export PLEX_MEDIA_SERVER_INFO_MODEL=$(uname -m) - export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION=$(uname -r) - s6-setuidgid abc /bin/bash -c \ - 'LD_LIBRARY_PATH=/usr/lib/plexmediaserver:/usr/lib/plexmediaserver/lib /usr/lib/plexmediaserver/Plex\ Media\ Server' & PID=$! - echo "Waiting for Plex to generate its config" - DBNAME="/config/Library/Application Support/Plex Media Server/Plug-in Support/Databases/com.plexapp.plugins.library.db-wal" - until [ -f "${DBNAME}" ]; do - sleep 1 - done - while true; do - echo "Waiting for database creation to complete..." - if [ -z "${COMPARE_MD5+x}" ]; then - COMPARE_MD5=$(md5sum "${DBNAME}"| cut -c1-8) - sleep 3 - else - sleep 3 - CURRENT_MD5=$(md5sum "${DBNAME}"| cut -c1-8) - if [ "${CURRENT_MD5}" == "${COMPARE_MD5}" ]; then - break - else - COMPARE_MD5=$(md5sum "${DBNAME}"| cut -c1-8) - fi - fi - done - until grep -qs "ProcessedMachineIdentifier" "${PREFNAME}"; do - sleep 1 - done - while true; do - echo "Waiting for pref file creation to complete..." - if [ -z "${PREF_COMPARE_MD5+x}" ]; then - PREF_COMPARE_MD5=$(md5sum "${PREFNAME}"| cut -c1-8) - sleep 3 - else - sleep 3 - PREF_CURRENT_MD5=$(md5sum "${PREFNAME}"| cut -c1-8) - if [ "${PREF_CURRENT_MD5}" == "${PREF_COMPARE_MD5}" ]; then - break - else - PREF_COMPARE_MD5=$(md5sum "${PREFNAME}"| cut -c1-8) - fi - fi - done - echo "Stopping Plex to claim server" - while ps -p $PID > /dev/null; do - kill $PID - sleep 1 - done - echo "Plex stopped" -fi - -ProcessedMachineIdentifier=$(sed -n "s/^.*ProcessedMachineIdentifier=\"\([^\"]*\)\".*$/\1/p" "${PREFNAME}") -PlexOnlineToken="$(curl -X POST \ - -H 'X-Plex-Client-Identifier: '"${ProcessedMachineIdentifier}" \ - -H 'X-Plex-Product: Plex Media Server'\ - -H 'X-Plex-Version: 1.1' \ - -H 'X-Plex-Provides: server' \ - -H 'X-Plex-Platform: Linux' \ - -H 'X-Plex-Platform-Version: 1.0' \ - -H 'X-Plex-Device-Name: PlexMediaServer' \ - -H 'X-Plex-Device: Linux' \ - "https://plex.tv/api/claim/exchange?token=${PLEX_CLAIM}" \ - | sed -n 's/.*<authentication-token>\(.*\)<\/authentication-token>.*/\1/p')" - -if [ -n "$PlexOnlineToken" ]; then - echo "Server claimed successfully, navigate to http://serverip:32400/web to complete plex setup." - sed -i "s/\/>/ PlexOnlineToken=\"${PlexOnlineToken}\"\/>/g" "${PREFNAME}" -else - echo "Unable to claim Plex server. Either manually claim by connecting to http://serverip:32400/web from the same network subnet, or recreate container with a new claim token." -fi \ No newline at end of file diff --git a/root/etc/cont-init.d/50-gid-video b/root/etc/cont-init.d/50-gid-video deleted file mode 100755 index c07fe60..0000000 --- a/root/etc/cont-init.d/50-gid-video +++ /dev/null @@ -1,35 +0,0 @@ -#!/usr/bin/with-contenv bash - -FILES=$(find /dev/dri /dev/dvb -type c -print 2>/dev/null) - -for i in $FILES -do - VIDEO_GID=$(stat -c '%g' "${i}") - VIDEO_UID=$(stat -c '%u' "${i}") - # check if user matches device - if id -u abc | grep -qw "${VIDEO_UID}"; then - echo "**** permissions for ${i} are good ****" - else - # check if group matches and that device has group rw - if id -G abc | grep -qw "${VIDEO_GID}" && [ $(stat -c '%A' "${i}" | cut -b 5,6) = "rw" ]; then - echo "**** permissions for ${i} are good ****" - # check if device needs to be added to video group - elif ! id -G abc | grep -qw "${VIDEO_GID}"; then - # check if video group needs to be created - VIDEO_NAME=$(getent group "${VIDEO_GID}" | awk -F: '{print $1}') - if [ -z "${VIDEO_NAME}" ]; then - VIDEO_NAME="video$(head /dev/urandom | tr -dc 'a-z0-9' | head -c4)" - groupadd "${VIDEO_NAME}" - groupmod -g "${VIDEO_GID}" "${VIDEO_NAME}" - echo "**** creating video group ${VIDEO_NAME} with id ${VIDEO_GID} ****" - fi - echo "**** adding ${i} to video group ${VIDEO_NAME} with id ${VIDEO_GID} ****" - usermod -a -G "${VIDEO_NAME}" abc - fi - # check if device has group rw - if [ $(stat -c '%A' "${i}" | cut -b 5,6) != "rw" ]; then - echo -e "**** The device ${i} does not have group read/write permissions, attempting to fix inside the container. ****" - chmod g+rw "${i}" - fi - fi -done diff --git a/root/etc/cont-init.d/60-plex-update b/root/etc/cont-init.d/60-plex-update deleted file mode 100755 index 8df3bb5..0000000 --- a/root/etc/cont-init.d/60-plex-update +++ /dev/null @@ -1,127 +0,0 @@ -#!/usr/bin/with-contenv bash - -# If docker manages versioning exit -if [ "${VERSION}" ] && [ "${VERSION}" == 'docker' ]; then - echo "Docker is used for versioning skip update check" - exit 0 -fi - -# test if plex is installed and try re-pulling latest if not -if (dpkg --get-selections plexmediaserver | grep -wq "install"); then -: -else -echo "for some reason plex doesn't appear to be installed, pulling a new copy and exiting out of update script" -curl -o /tmp/plexmediaserver.deb -L \ - "${PLEX_DOWNLOAD}/${REMOTE_VERSION}/debian/plexmediaserver_${REMOTE_VERSION}_${PLEX_ARCH}.deb" && \ -dpkg -i --force-confold /tmp/plexmediaserver.deb -rm -f /tmp/plexmediaserver.deb -exit 0 -fi - -# set no update message -[[ -e /tmp/no-version.nfo ]] && \ - rm /tmp/no-version.nfo -NOVERSION_SET='/tmp/no-version.nfo' -cat > "${NOVERSION_SET}" <<-EOFVERSION -####################################################### -# Update routine will not run because you havent set # -# the VERSION variable or you opted out of updates. # -# For more information checkout :- # -# https://github.com/linuxserver/docker-plex # -####################################################### -EOFVERSION - -# set update failed message -[[ -e /tmp/update_fail.nfo ]] && \ - rm /tmp/update_fail.nfo -UPGRADE_FAIL='/tmp/update_fail.nfo' -cat > "${UPGRADE_FAIL}" <<-EOFFAIL -######################################################## -# Upgrade attempt failed, this could be because either # -# plex update site is down, local network issues, or # -# you were trying to get a version that simply doesn't # -# exist, check over the VERSION variable thoroughly & # -# correct it or try again later. # -######################################################## -EOFFAIL - -# test for no version set or opt out for autoupdates -if [[ -z "$VERSION" ]] || [[ "$VERSION" == "0" ]] || [[ -n "$ADVANCED_DISABLEUPDATES" ]]; then -printf '\n\n\n%s\n\n\n' "$(</tmp/no-version.nfo)" -exit 0 -fi - -# set header for no preferences/token message -[[ -e /tmp/no-token.nfo ]] && \ - rm /tmp/no-token.nfo -NOTOKEN_SET='/tmp/no-token.nfo' -cat > "${NOTOKEN_SET}" <<-EOFTOKEN -##################################################### -# Login via the webui at http://<ip>:32400/web # -# and restart the docker, because there was no # -EOFTOKEN - -# if preferences files doesn't exist, exit out -if [ ! -e "/config/Library/Application Support/Plex Media Server/Preferences.xml" ]; then -cat >> "${NOTOKEN_SET}" <<-EOFTOKEN -# preference file found, possibly first startup. # -##################################################### -EOFTOKEN -printf '\n\n\n%s\n\n\n' "$(</tmp/no-token.nfo)" -exit 0 -fi - -# attempt to read plex token -PLEX_TOKEN=$( sed -n 's/.*PlexOnlineToken="//p' \ - "/config/Library/Application Support/Plex Media Server/Preferences.xml" \ - | sed "s/\".*//") - -# if plex token isn't found, exit out -if [ -z "$PLEX_TOKEN" ]; then -cat >> "${NOTOKEN_SET}" <<-EOFTOKEN -# plex token found in the preference file # -##################################################### -EOFTOKEN -printf '\n\n\n%s\n\n\n' "$(</tmp/no-token.nfo)" -exit 0 -fi - -# determine installed version of plex -INSTALLED_VERSION=$(dpkg-query -W -f='${Version}' plexmediaserver) - -# start update routine -if [[ "${VERSION,,}" = latest ]] || [[ "${VERSION,,}" = plexpass ]] || [[ "$PLEXPASS" == "1" ]]; then - if [[ "${PLEX_ARCH}" = amd64 ]]; then - PLEX_URL_ARCH="x86_64" - elif [[ "${PLEX_ARCH}" = armhf ]]; then - PLEX_URL_ARCH="armv7hf_neon" - elif [[ "${PLEX_ARCH}" = arm64 ]]; then - PLEX_URL_ARCH="aarch64" - fi -REMOTE_VERSION=$(curl -s "https://plex.tv/downloads/details/5?distro=debian&build=linux-${PLEX_URL_ARCH}&channel=8&X-Plex-Token=$PLEX_TOKEN"| grep -oP 'version="\K[^"]+' | tail -n 1 ) -elif [[ "${VERSION,,}" = public ]]; then -REMOTE_VERSION=$(curl -sX GET 'https://plex.tv/api/downloads/5.json' | jq -r '.computer.Linux.version') -else -REMOTE_VERSION="${VERSION}" -fi - -if [[ "$REMOTE_VERSION" == "$INSTALLED_VERSION" ]]; then -echo "No update required" -exit 0 -fi - -echo "Atempting to upgrade to: $REMOTE_VERSION" -rm -f /tmp/plexmediaserver_*.deb -wget -nv -P /tmp \ -"${PLEX_DOWNLOAD}/${REMOTE_VERSION}/debian/plexmediaserver_${REMOTE_VERSION}_${PLEX_ARCH}.deb" -last=$? - -# test if deb file size is ok, or if download failed -if [[ "$last" -gt "0" ]] || [[ $(stat -c %s /tmp/plexmediaserver_"${REMOTE_VERSION}"_${PLEX_ARCH}.deb) -lt 10000 ]]; then -printf '\n\n\n%s\n\n\n' "$(</tmp/update_fail.nfo)" -exit 0 -# if ok, try to install it. -else -dpkg -i --force-confold /tmp/plexmediaserver_"${REMOTE_VERSION}"_${PLEX_ARCH}.deb -rm -f /tmp/plexmediaserver_*.deb -fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-plex-update b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-plex-update new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-chown/dependencies.d/init-config b/root/etc/s6-overlay/s6-rc.d/init-plex-chown/dependencies.d/init-config new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-chown/run b/root/etc/s6-overlay/s6-rc.d/init-plex-chown/run new file mode 100755 index 0000000..47b1c1e --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-chown/run @@ -0,0 +1,50 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +# remove plex temporary directory after unclean stop +if [[ -d "${TMPDIR}" ]]; then + rm -rf "${TMPDIR}" +fi +mkdir -p ${TMPDIR} + +# create folders +if [[ ! -d "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" ]]; then + mkdir -p "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" + if [[ -z ${LSIO_NON_ROOT_USER} ]]; then + lsiown -R abc:abc /config + fi +fi + +# remove plex pid after unclean stop +if [[ -f "/config/Library/Application Support/Plex Media Server/plexmediaserver.pid" ]]; then + rm -f "/config/Library/Application Support/Plex Media Server/plexmediaserver.pid" +fi + +if [[ -z ${LSIO_NON_ROOT_USER} ]]; then + # check Library permissions + PUID=${PUID:-911} + if [[ ! "$(stat -c %u /config/Library)" == "${PUID}" ]]; then + echo "Change in ownership detected, please be patient while we chown existing files" + echo "This could take some time" + lsiown -R abc:abc \ + /config/Library + fi + + # set permissions on Plex Transcoder Temp Directory + PLEX_MEDIA_SERVER_PREFERENCES="${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}/Plex Media Server/Preferences.xml" + if [[ -f "${PLEX_MEDIA_SERVER_PREFERENCES}" ]]; then + TranscoderTempDirectory='\bTranscoderTempDirectory="([^"]+)"' + while IFS= read -r line; do + if [[ ${line} =~ ${TranscoderTempDirectory} ]] && [[ -d "${BASH_REMATCH[1]}" ]]; then + echo "Setting permissions on ${BASH_REMATCH[1]}" + lsiown -R abc:abc "${BASH_REMATCH[1]}" + fi + done <"${PLEX_MEDIA_SERVER_PREFERENCES}" + fi + + # permissions (non-recursive) on config root and folders + lsiown abc:abc \ + "${TMPDIR}" \ + /config \ + /config/* +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-chown/type b/root/etc/s6-overlay/s6-rc.d/init-plex-chown/type new file mode 100644 index 0000000..3d92b15 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-chown/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-chown/up b/root/etc/s6-overlay/s6-rc.d/init-plex-chown/up new file mode 100644 index 0000000..2d5ad2f --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-chown/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-plex-chown/run \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-claim/dependencies.d/init-plex-chown b/root/etc/s6-overlay/s6-rc.d/init-plex-claim/dependencies.d/init-plex-chown new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-claim/run b/root/etc/s6-overlay/s6-rc.d/init-plex-claim/run new file mode 100755 index 0000000..700b1c0 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-claim/run @@ -0,0 +1,96 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +PLEX_MEDIA_SERVER_PREFERENCES="${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}/Plex Media Server/Preferences.xml" + +if grep -qs "PlexOnlineToken" "${PLEX_MEDIA_SERVER_PREFERENCES}"; then + echo "**** Server already claimed ****" + exit 0 +elif [[ -z "$PLEX_CLAIM" ]]; then + echo "**** Server is unclaimed, but no claim token has been set ****" + exit 0 +fi + +if [[ ! -f "${PLEX_MEDIA_SERVER_PREFERENCES}" ]]; then + UMASK_SET="${UMASK_SET:-022}" + umask "$UMASK_SET" + echo "Temporarily starting Plex Media Server." + PLEX_MEDIA_SERVER_INFO_MODEL=$(uname -m) + export PLEX_MEDIA_SERVER_INFO_MODEL + PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION=$(uname -r) + export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION + + if [[ -z ${LSIO_NON_ROOT_USER} ]]; then + s6-setuidgid abc /bin/bash -c \ + 'LD_LIBRARY_PATH=/usr/lib/plexmediaserver:/usr/lib/plexmediaserver/lib /usr/lib/plexmediaserver/Plex\ Media\ Server' & + else + /bin/bash -c \ + 'LD_LIBRARY_PATH=/usr/lib/plexmediaserver:/usr/lib/plexmediaserver/lib /usr/lib/plexmediaserver/Plex\ Media\ Server' & + fi + + PID=$! + echo "Waiting for Plex to generate its config" + DBNAME="/config/Library/Application Support/Plex Media Server/Plug-in Support/Databases/com.plexapp.plugins.library.db-wal" + until [[ -f "${DBNAME}" ]]; do + sleep 1 + done + while true; do + echo "Waiting for database creation to complete..." + if [[ -z "${COMPARE_MD5+x}" ]]; then + COMPARE_MD5=$(md5sum "${DBNAME}" | cut -c1-8) + sleep 3 + else + sleep 3 + CURRENT_MD5=$(md5sum "${DBNAME}" | cut -c1-8) + if [[ "${CURRENT_MD5}" == "${COMPARE_MD5}" ]]; then + break + else + COMPARE_MD5=$(md5sum "${DBNAME}" | cut -c1-8) + fi + fi + done + until grep -qs "ProcessedMachineIdentifier" "${PLEX_MEDIA_SERVER_PREFERENCES}"; do + sleep 1 + done + while true; do + echo "Waiting for pref file creation to complete..." + if [[ -z "${PREF_COMPARE_MD5+x}" ]]; then + PREF_COMPARE_MD5=$(md5sum "${PLEX_MEDIA_SERVER_PREFERENCES}" | cut -c1-8) + sleep 3 + else + sleep 3 + PREF_CURRENT_MD5=$(md5sum "${PLEX_MEDIA_SERVER_PREFERENCES}" | cut -c1-8) + if [[ "${PREF_CURRENT_MD5}" == "${PREF_COMPARE_MD5}" ]]; then + break + else + PREF_COMPARE_MD5=$(md5sum "${PLEX_MEDIA_SERVER_PREFERENCES}" | cut -c1-8) + fi + fi + done + echo "Stopping Plex to claim server" + while ps -p $PID >/dev/null; do + kill $PID + sleep 1 + done + echo "Plex stopped" +fi + +ProcessedMachineIdentifier=$(sed -n "s/^.*ProcessedMachineIdentifier=\"\([^\"]*\)\".*$/\1/p" "${PLEX_MEDIA_SERVER_PREFERENCES}") +PlexOnlineToken="$(curl -X POST \ + -H 'X-Plex-Client-Identifier: '"${ProcessedMachineIdentifier}" \ + -H 'X-Plex-Product: Plex Media Server' \ + -H 'X-Plex-Version: 1.1' \ + -H 'X-Plex-Provides: server' \ + -H 'X-Plex-Platform: Linux' \ + -H 'X-Plex-Platform-Version: 1.0' \ + -H 'X-Plex-Device-Name: PlexMediaServer' \ + -H 'X-Plex-Device: Linux' \ + "https://plex.tv/api/claim/exchange?token=${PLEX_CLAIM}" | + sed -n 's/.*<authentication-token>\(.*\)<\/authentication-token>.*/\1/p')" + +if [[ -n "$PlexOnlineToken" ]]; then + echo "Server claimed successfully, navigate to http://serverip:32400/web to complete plex setup." + sed -i "s/\/>/ PlexOnlineToken=\"${PlexOnlineToken}\"\/>/g" "${PLEX_MEDIA_SERVER_PREFERENCES}" +else + echo "Unable to claim Plex server. Either manually claim by connecting to http://serverip:32400/web from the same network subnet, or recreate container with a new claim token." +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-claim/type b/root/etc/s6-overlay/s6-rc.d/init-plex-claim/type new file mode 100644 index 0000000..3d92b15 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-claim/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-claim/up b/root/etc/s6-overlay/s6-rc.d/init-plex-claim/up new file mode 100644 index 0000000..56750b8 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-claim/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-plex-claim/run \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-update/dependencies.d/init-plex-claim b/root/etc/s6-overlay/s6-rc.d/init-plex-update/dependencies.d/init-plex-claim new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-update/run b/root/etc/s6-overlay/s6-rc.d/init-plex-update/run new file mode 100755 index 0000000..44bab80 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-update/run @@ -0,0 +1,142 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +if [[ -n ${LSIO_READ_ONLY_FS} ]] || [[ -n ${LSIO_NON_ROOT_USER} ]]; then + echo "Runtime update not supported with read-only or non-root operation, skipping." + exit 0 +fi + +# If docker manages versioning exit +if [[ -n "${VERSION}" ]] && [[ "${VERSION}" == "docker" ]]; then + echo "Docker is used for versioning skip update check" + exit 0 +fi + +# test if plex is installed and try re-pulling latest if not +if (dpkg --get-selections plexmediaserver | grep -wq "install"); then + : +else + echo "for some reason plex doesn't appear to be installed, pulling a new copy and exiting out of update script" + curl -o /tmp/plexmediaserver.deb -L \ + "${PLEX_DOWNLOAD}/${REMOTE_VERSION}/debian/plexmediaserver_${REMOTE_VERSION}_${PLEX_ARCH}.deb" + dpkg -i --force-confold /tmp/plexmediaserver.deb + rm -f /tmp/plexmediaserver.deb + exit 0 +fi + +# set no update message +if [[ -e /tmp/no-version.nfo ]]; then + rm /tmp/no-version.nfo +fi +NOVERSION_SET='/tmp/no-version.nfo' +cat >"${NOVERSION_SET}" <<-EOFVERSION +####################################################### +# Update routine will not run because you haven't set # +# the VERSION variable or you opted out of updates. # +# For more information checkout :- # +# https://github.com/linuxserver/docker-plex # +####################################################### +EOFVERSION + +# set update failed message +if [[ -e /tmp/update_fail.nfo ]]; then + rm /tmp/update_fail.nfo +fi +UPGRADE_FAIL='/tmp/update_fail.nfo' +cat >"${UPGRADE_FAIL}" <<-EOFFAIL +######################################################## +# Upgrade attempt failed, this could be because either # +# plex update site is down, local network issues, or # +# you were trying to get a version that simply doesn't # +# exist, check over the VERSION variable thoroughly & # +# correct it or try again later. # +######################################################## +EOFFAIL + +# test for no version set or opt out for auto updates +if [[ -z "${VERSION}" ]] || [[ "${VERSION}" == "0" ]] || [[ -n "${ADVANCED_DISABLEUPDATES}" ]]; then + printf '\n\n\n%s\n\n\n' "$(</tmp/no-version.nfo)" + exit 0 +fi + +# set header for no preferences/token message +if [[ -e /tmp/no-token.nfo ]]; then + rm /tmp/no-token.nfo +fi +NOTOKEN_SET='/tmp/no-token.nfo' +cat >"${NOTOKEN_SET}" <<-EOFTOKEN +##################################################### +# Login via the webui at http://<ip>:32400/web # +# and restart the container, because there was no # +EOFTOKEN + +# if preferences files doesn't exist, exit out +PLEX_MEDIA_SERVER_PREFERENCES="${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}/Plex Media Server/Preferences.xml" +if [[ ! -e "${PLEX_MEDIA_SERVER_PREFERENCES}" ]]; then + cat >>"${NOTOKEN_SET}" <<-EOFTOKEN +# preference file found, possibly first startup. # +##################################################### +EOFTOKEN + printf '\n\n\n%s\n\n\n' "$(</tmp/no-token.nfo)" + exit 0 +fi + +# attempt to read plex token +PLEX_TOKEN=$(sed -n 's/.*PlexOnlineToken="//p' \ + "${PLEX_MEDIA_SERVER_PREFERENCES}" | + sed "s/\".*//") + +# if plex token isn't found, exit out +if [[ -z "${PLEX_TOKEN}" ]]; then + cat >>"${NOTOKEN_SET}" <<-EOFTOKEN +# plex token found in the preference file # +##################################################### +EOFTOKEN + printf '\n\n\n%s\n\n\n' "$(</tmp/no-token.nfo)" + exit 0 +fi + +# determine installed version of plex +INSTALLED_VERSION=$(dpkg-query -W -f='${Version}' plexmediaserver) + +# start update routine +if [[ "${VERSION,,}" == "latest" ]] || [[ "${VERSION,,}" == "plexpass" ]] || [[ "${PLEXPASS}" == "1" ]]; then + if [[ "${PLEX_ARCH}" == "amd64" ]]; then + PLEX_URL_ARCH="x86_64" + elif [[ "${PLEX_ARCH}" == "armhf" ]]; then + PLEX_URL_ARCH="armv7hf_neon" + elif [[ "${PLEX_ARCH}" == "arm64" ]]; then + PLEX_URL_ARCH="aarch64" + fi + REMOTE_VERSION=$(curl -s "https://plex.tv/downloads/details/5?distro=debian&build=linux-${PLEX_URL_ARCH}&channel=8&X-Plex-Token=${PLEX_TOKEN}" | grep -oP 'version="\K[^"]+' | tail -n 1) +elif [[ "${VERSION,,}" == "public" ]]; then + REMOTE_VERSION=$(curl -s 'https://plex.tv/api/downloads/5.json' | jq -r '.computer.Linux.version') +else + REMOTE_VERSION="${VERSION}" +fi + +if [[ "${REMOTE_VERSION}" == "${INSTALLED_VERSION}" ]]; then + echo "No update required" + exit 0 +fi + +if [[ -z "${REMOTE_VERSION}" ]]; then + echo "*** Unable to fetch version from Plex remote endpoint or empty VERSION supplied, please check your configuration ***" + exit 0 +fi + +echo "Attempting to upgrade to: ${REMOTE_VERSION}" +rm -f /tmp/plexmediaserver_*.deb +wget -nv -P /tmp \ + "${PLEX_DOWNLOAD}/${REMOTE_VERSION}/debian/plexmediaserver_${REMOTE_VERSION}_${PLEX_ARCH}.deb" +last=$? + +# test if deb file size is ok, or if download failed +if [[ "${last}" -gt "0" ]] || [[ $(stat -c %s "/tmp/plexmediaserver_${REMOTE_VERSION}_${PLEX_ARCH}.deb") -lt 10000 ]]; then + printf '\n\n\n%s\n\n\n' "$(</tmp/update_fail.nfo)" + exit 0 +# if ok, try to install it. +else + dpkg -i --force-confold "/tmp/plexmediaserver_${REMOTE_VERSION}_${PLEX_ARCH}.deb" + rm -f /tmp/plexmediaserver_*.deb +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-update/type b/root/etc/s6-overlay/s6-rc.d/init-plex-update/type new file mode 100644 index 0000000..3d92b15 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-update/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-plex-update/up b/root/etc/s6-overlay/s6-rc.d/init-plex-update/up new file mode 100644 index 0000000..6b6b164 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-plex-update/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-plex-update/run \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/init-wireguard/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard/run b/root/etc/s6-overlay/s6-rc.d/init-wireguard/run new file mode 100755 index 0000000..85ad6c3 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard/run @@ -0,0 +1,14 @@ +#!/usr/bin/with-contenv bash + +# Bring up WireGuard if not already up +if ! ip link show dev wg0 > /dev/null 2>&1; then + wg-quick up wg0 +fi + +# Monitor wireguard status +while true; do + if ! ip link show dev wg0 | grep -q "UP"; then + wg-quick up wg0 + fi + sleep 60 +done diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard/type b/root/etc/s6-overlay/s6-rc.d/init-wireguard/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard/type @@ -0,0 +1 @@ +longrun diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard/up b/root/etc/s6-overlay/s6-rc.d/init-wireguard/up new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-plex/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/svc-plex/dependencies.d/init-services new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-plex/dependencies.d/init-wireguard b/root/etc/s6-overlay/s6-rc.d/svc-plex/dependencies.d/init-wireguard new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-plex/notification-fd b/root/etc/s6-overlay/s6-rc.d/svc-plex/notification-fd new file mode 100644 index 0000000..e440e5c --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-plex/notification-fd @@ -0,0 +1 @@ +3 \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/svc-plex/run b/root/etc/s6-overlay/s6-rc.d/svc-plex/run new file mode 100755 index 0000000..c029d4d --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-plex/run @@ -0,0 +1,20 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +# Wait for WireGuard to be up + +echo "Starting Plex Media Server. . . (you can ignore the libusb_init error)" +PLEX_MEDIA_SERVER_INFO_MODEL=$(uname -m) +export PLEX_MEDIA_SERVER_INFO_MODEL +PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION=$(uname -r) +export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION + +if [[ -z ${LSIO_NON_ROOT_USER} ]]; then + exec \ + s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 32400" \ + s6-setuidgid abc "/usr/lib/plexmediaserver/Plex Media Server" +else + exec \ + s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost 32400" \ + "/usr/lib/plexmediaserver/Plex Media Server" +fi diff --git a/root/etc/s6-overlay/s6-rc.d/svc-plex/type b/root/etc/s6-overlay/s6-rc.d/svc-plex/type new file mode 100644 index 0000000..1780f9f --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-plex/type @@ -0,0 +1 @@ +longrun \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-plex-chown b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-plex-chown new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-plex-claim b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-plex-claim new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-plex-update b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-plex-update new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-wireguard b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-wireguard new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-plex b/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-plex new file mode 100644 index 0000000..e69de29 diff --git a/root/etc/services.d/plex/run b/root/etc/services.d/plex/run deleted file mode 100644 index 9845f09..0000000 --- a/root/etc/services.d/plex/run +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/with-contenv bash - - -if [ -n "${UMASK_SET}" ] && [ -z "${UMASK}" ]; then - echo -e "You are using a legacy method of defining umask\nplease update your environment variable from UMASK_SET to UMASK\nto keep the functionality after July 2021" - umask ${UMASK_SET} -fi - -echo "Starting Plex Media Server." -export PLEX_MEDIA_SERVER_INFO_MODEL=$(uname -m) -export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION=$(uname -r) -exec \ - s6-setuidgid abc \ - /usr/lib/plexmediaserver/Plex\ Media\ Server