embed nginx into rainloop image

mention binfmt on readme
minor change
2022-08-16 18:01:04 +02:00 · 2022-08-16 16:51:17 +02:00 · 2022-08-16 16:50:59 +02:00 · 2022-08-16 16:50:44 +02:00 · 2022-08-16 15:22:32 +02:00 · 2022-08-16 13:07:00 +02:00
76 changed files with 150 additions and 2186 deletions
--- a/84
+++ b/84
@ -1,75 +1,31 @@
-images=agate archivebox ansible backup buku ddclient git-daemon gitolite gitolite-pystagit rss-bridge pleroma sassc syncthing tasks tor transmission vdirsyncer xandikos nfs-server dendrite rainloop monero filite
+REGISTRY=registry.monotremata.xyz
 PLATFORMS=linux/amd64,linux/arm64
-.PHONY: all $(images)
+IMAGES=agate mpd pleroma rainloop tor transmission webdav
 all: $(images)
-BUILD = make -C $@
+.PHONY: all $(IMAGES)
 all: $(IMAGES)
 BUILDX=docker buildx build --platform $(PLATFORMS) --tag $(REGISTRY)/$@ --push $@
 agate:
-	$(BUILD)
+	$(BUILDX)
-archivebox:
+mpd:
-	$(BUILD)
+	$(BUILDX)
 ansible:
 	$(BUILD)
 backup:
 	$(BUILD)
 buku:
 	$(BUILD)
 ddclient:
 	$(BUILD)
 git-daemon:
 	$(BUILD)
 gitolite:
 	$(BUILD)
 gitolite-pystagit:
 	$(BUILD)
 nfs-server:
 	$(BUILD)
 rss-bridge:
 	$(BUILD)
 pleroma:
-	$(BUILD)
+	$(BUILDX)
 sassc:
 	$(BUILD)
 syncthing:
 	$(BUILD)
 tasks:
 	$(BUILD)
 tor:
 	$(BUILD)
 transmission:
 	$(BUILD)
 vdirsyncer:
 	$(BUILD)
 xandikos:
 	$(BUILD)
 dendrite:
 	$(BUILD)
 rainloop:
-	$(BUILD)
+	$(BUILDX)
-monero:
+tor:
-	$(BUILD)
+	$(BUILDX)
-filite:
+transmission:
-	$(BUILD)
+	$(BUILDX)
 webdav:
 	$(BUILDX)
--- a/README.md
+++ b/README.md
@ -6,39 +6,25 @@ developer of the software I intend to run. Or if the recommended one is too
 complex for my specific use case. Or if I don't like it for whatever reason. Or
 if I just feel like making my own image.
 Simply run `make $IMG_NAME` to build a specific image or run `make` to build them
 all.
 The created images are named as `rilla/$IMG_NAME`.
 All images are made to suit my specific needs and taste, not to be generally
 useful.
 I use simple Makefiles to build the images for the architectures I care about
 (linux/amd64 and linux/arm64) using `docker buildx` and push them to my private
 docker registry.
 ## Currently implemented images:
 (many are self-explanatory)
 * agate
-* archivebox
+* mpd
 * ansible
 * backup: simple image used in some of my backup daemons
 * buku: buku and bukuserver
 * ddclient
 * dendrite
 * filite
 * git-daemon: for git-daemon and git-http-backend
 * gitolite-pystagit: well, gitolite + pystagit
 * gitolite: gitolite + docker, so that I can mount the docker socket inside of
  it and have it do useful things through docker in response to triggers
 * monero
 * nfs-server
 * pleroma
 * rainloop
 * sassc
 * syncthing
 * tasks: intended to run a cron daemon to run arbitrary periodic tasks. I mount
  the docker socket inside of it to have it perform maintanance tasks outside
  of it's container.
 * tor
 * transmission
-* vdirsyncer
+* webdav (really simple nginx + `nginx-mod-http-dav-ext` image)
-* xandikos
+
 ## Enable multi-arch execution
 ```sh
 docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
 ```
--- a/ansible/Dockerfile
+++ b/ansible/Dockerfile
@ -1,24 +0,0 @@
 FROM alpine:3.12
 RUN apk add --no-cache openssh python3 py3-pip && \
    apk add --no-cache --virtual .build-deps \
        gcc \
        libffi-dev \
        musl-dev \
        openssl-dev \
        python3-dev && \
    pip install \
        ansible==2.9 \
        cryptography \
        mitogen && \
    apk del .build-deps
 RUN apk add --no-cache openssl
 COPY get_password.sh /usr/local/bin/get_password
 RUN chmod +x /usr/local/bin/get_password
 COPY ansible.cfg /etc/ansible/ansible.cfg
 RUN mkdir -p /srv
 WORKDIR /srv
--- a/ansible/Makefile
+++ b/ansible/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = ansible
 .PHONY: build build-nc
 build: Dockerfile
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@ -1,528 +0,0 @@
 # Example config file for ansible -- https://ansible.com/
 # =======================================================
 # Nearly all parameters can be overridden in ansible-playbook
 # or with command line flags. Ansible will read ANSIBLE_CONFIG,
 # ansible.cfg in the current working directory, .ansible.cfg in
 # the home directory, or /etc/ansible/ansible.cfg, whichever it
 # finds first
 # For a full list of available options, run ansible-config list or see the
 # documentation: https://docs.ansible.com/ansible/latest/reference_appendices/config.html.
 [defaults]
 inventory       = /etc/ansible/hosts.yml
 interpreter_python = auto_silent
 #library         = ~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
 #module_utils    = ~/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils
 #remote_tmp      = ~/.ansible/tmp
 #local_tmp       = ~/.ansible/tmp
 #forks           = 5
 #poll_interval   = 0.001
 #ask_pass        = False
 #transport       = smart
 strategy_plugins = /usr/lib/python3.8/site-packages/ansible_mitogen/plugins/strategy
 strategy = mitogen_linear
 # Plays will gather facts by default, which contain information about
 # the remote system.
 #
 # smart - gather by default, but don't regather if already gathered
 # implicit - gather by default, turn off with gather_facts: False
 # explicit - do not gather by default, must say gather_facts: True
 #gathering = implicit
 # This only affects the gathering done by a play's gather_facts directive,
 # by default gathering retrieves all facts subsets
 # all - gather all subsets
 # network - gather min and network facts
 # hardware - gather hardware facts (longest facts to retrieve)
 # virtual - gather min and virtual facts
 # facter - import facts from facter
 # ohai - import facts from ohai
 # You can combine them using comma (ex: network,virtual)
 # You can negate them using ! (ex: !hardware,!facter,!ohai)
 # A minimal set of facts is always gathered.
 #
 #gather_subset = all
 # some hardware related facts are collected
 # with a maximum timeout of 10 seconds. This
 # option lets you increase or decrease that
 # timeout to something more suitable for the
 # environment.
 #
 #gather_timeout = 10
 # Ansible facts are available inside the ansible_facts.* dictionary
 # namespace. This setting maintains the behaviour which was the default prior
 # to 2.5, duplicating these variables into the main namespace, each with a
 # prefix of 'ansible_'.
 # This variable is set to True by default for backwards compatibility. It
 # will be changed to a default of 'False' in a future release.
 #
 #inject_facts_as_vars = True
 # Paths to search for collections, colon separated
 # collections_paths = ~/.ansible/collections:/usr/share/ansible/collections
 # Paths to search for roles, colon separated
 #roles_path = ~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
 # Host key checking is enabled by default
 #host_key_checking = True
 # You can only have one 'stdout' callback type enabled at a time. The default
 # is 'default'. The 'yaml' or 'debug' stdout callback plugins are easier to read.
 #
 #stdout_callback = default
 #stdout_callback = yaml
 #stdout_callback = debug
 # Ansible ships with some plugins that require whitelisting,
 # this is done to avoid running all of a type by default.
 # These setting lists those that you want enabled for your system.
 # Custom plugins should not need this unless plugin author disables them
 # by default.
 #
 # Enable callback plugins, they can output to stdout but cannot be 'stdout' type.
 #callback_whitelist = timer, mail
 # Determine whether includes in tasks and handlers are "static" by
 # default. As of 2.0, includes are dynamic by default. Setting these
 # values to True will make includes behave more like they did in the
 # 1.x versions.
 #
 #task_includes_static = False
 #handler_includes_static = False
 # Controls if a missing handler for a notification event is an error or a warning
 #error_on_missing_handler = True
 # Default timeout for connection plugins
 #timeout = 10
 # Default user to use for playbooks if user is not specified
 # Uses the connection plugin's default, normally the user currently executing Ansible,
 # unless a different user is specified here.
 #
 #remote_user = root
 # Logging is off by default unless this path is defined.
 #log_path = /var/log/ansible.log
 # Default module to use when running ad-hoc commands
 #module_name = command
 # Use this shell for commands executed under sudo.
 # you may need to change this to /bin/bash in rare instances
 # if sudo is constrained.
 #
 #executable = /bin/sh
 # By default, variables from roles will be visible in the global variable
 # scope. To prevent this, set the following option to True, and only
 # tasks and handlers within the role will see the variables there
 #
 #private_role_vars = False
 # List any Jinja2 extensions to enable here.
 #jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n
 # If set, always use this private key file for authentication, same as
 # if passing --private-key to ansible or ansible-playbook
 #
 #private_key_file = /path/to/file
 # If set, configures the path to the Vault password file as an alternative to
 # specifying --vault-password-file on the command line. This can also be
 # an executable script that returns the vault password to stdout.
 #
 vault_password_file = /usr/local/bin/get_password
 # Format of string {{ ansible_managed }} available within Jinja2
 # templates indicates to users editing templates files will be replaced.
 # replacing {file}, {host} and {uid} and strftime codes with proper values.
 #
 #ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}
 # {file}, {host}, {uid}, and the timestamp can all interfere with idempotence
 # in some situations so the default is a static string:
 #
 #ansible_managed = Ansible managed
 # By default, ansible-playbook will display "Skipping [host]" if it determines a task
 # should not be run on a host. Set this to "False" if you don't want to see these "Skipping"
 # messages. NOTE: the task header will still be shown regardless of whether or not the
 # task is skipped.
 #
 #display_skipped_hosts = True
 # By default, if a task in a playbook does not include a name: field then
 # ansible-playbook will construct a header that includes the task's action but
 # not the task's args. This is a security feature because ansible cannot know
 # if the *module* considers an argument to be no_log at the time that the
 # header is printed. If your environment doesn't have a problem securing
 # stdout from ansible-playbook (or you have manually specified no_log in your
 # playbook on all of the tasks where you have secret information) then you can
 # safely set this to True to get more informative messages.
 #
 #display_args_to_stdout = False
 # Ansible will raise errors when attempting to dereference
 # Jinja2 variables that are not set in templates or action lines. Uncomment this line
 # to change this behavior.
 #
 #error_on_undefined_vars = False
 # Ansible may display warnings based on the configuration of the
 # system running ansible itself. This may include warnings about 3rd party packages or
 # other conditions that should be resolved if possible.
 # To disable these warnings, set the following value to False:
 #
 #system_warnings = True
 # Ansible may display deprecation warnings for language
 # features that should no longer be used and will be removed in future versions.
 # To disable these warnings, set the following value to False:
 #
 #deprecation_warnings = True
 # Ansible can optionally warn when usage of the shell and
 # command module appear to be simplified by using a default Ansible module
 # instead. These warnings can be silenced by adjusting the following
 # setting or adding warn=yes or warn=no to the end of the command line
 # parameter string. This will for example suggest using the git module
 # instead of shelling out to the git command.
 #
 #command_warnings = False
 # set plugin path directories here, separate with colons
 #action_plugins     = /usr/share/ansible/plugins/action
 #become_plugins     = /usr/share/ansible/plugins/become
 #cache_plugins      = /usr/share/ansible/plugins/cache
 #callback_plugins   = /usr/share/ansible/plugins/callback
 #connection_plugins = /usr/share/ansible/plugins/connection
 #lookup_plugins     = /usr/share/ansible/plugins/lookup
 #inventory_plugins  = /usr/share/ansible/plugins/inventory
 #vars_plugins       = /usr/share/ansible/plugins/vars
 #filter_plugins     = /usr/share/ansible/plugins/filter
 #test_plugins       = /usr/share/ansible/plugins/test
 #terminal_plugins   = /usr/share/ansible/plugins/terminal
 #strategy_plugins   = /usr/share/ansible/plugins/strategy
 # Ansible will use the 'linear' strategy but you may want to try another one.
 #strategy = linear
 # By default, callbacks are not loaded for /bin/ansible. Enable this if you
 # want, for example, a notification or logging callback to also apply to
 # /bin/ansible runs
 #
 #bin_ansible_callbacks = False
 # Don't like cows?  that's unfortunate.
 # set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1
 #nocows = 1
 # Set which cowsay stencil you'd like to use by default. When set to 'random',
 # a random stencil will be selected for each task. The selection will be filtered
 # against the `cow_whitelist` option below.
 #
 #cow_selection = default
 #cow_selection = random
 # When using the 'random' option for cowsay, stencils will be restricted to this list.
 # it should be formatted as a comma-separated list with no spaces between names.
 # NOTE: line continuations here are for formatting purposes only, as the INI parser
 #       in python does not support them.
 #
 #cow_whitelist=bud-frogs,bunny,cheese,daemon,default,dragon,elephant-in-snake,elephant,eyes,\
 #              hellokitty,kitty,luke-koala,meow,milk,moofasa,moose,ren,sheep,small,stegosaurus,\
 #              stimpy,supermilker,three-eyes,turkey,turtle,tux,udder,vader-koala,vader,www
 # Don't like colors either?
 # set to 1 if you don't want colors, or export ANSIBLE_NOCOLOR=1
 #
 #nocolor = 1
 # If set to a persistent type (not 'memory', for example 'redis') fact values
 # from previous runs in Ansible will be stored. This may be useful when
 # wanting to use, for example, IP information from one group of servers
 # without having to talk to them in the same playbook run to get their
 # current IP information.
 #
 #fact_caching = memory
 # This option tells Ansible where to cache facts. The value is plugin dependent.
 # For the jsonfile plugin, it should be a path to a local directory.
 # For the redis plugin, the value is a host:port:database triplet: fact_caching_connection = localhost:6379:0
 #
 #fact_caching_connection=/tmp
 # retry files
 # When a playbook fails a .retry file can be created that will be placed in ~/
 # You can enable this feature by setting retry_files_enabled to True
 # and you can change the location of the files by setting retry_files_save_path
 #
 #retry_files_enabled = False
 #retry_files_save_path = ~/.ansible-retry
 # prevents logging of task data, off by default
 #no_log = False
 # prevents logging of tasks, but only on the targets, data is still logged on the master/controller
 #no_target_syslog = False
 # Controls whether Ansible will raise an error or warning if a task has no
 # choice but to create world readable temporary files to execute a module on
 # the remote machine. This option is False by default for security. Users may
 # turn this on to have behaviour more like Ansible prior to 2.1.x. See
 # https://docs.ansible.com/ansible/latest/user_guide/become.html#becoming-an-unprivileged-user
 # for more secure ways to fix this than enabling this option.
 #
 #allow_world_readable_tmpfiles = False
 # Controls what compression method is used for new-style ansible modules when
 # they are sent to the remote system. The compression types depend on having
 # support compiled into both the controller's python and the client's python.
 # The names should match with the python Zipfile compression types:
 # * ZIP_STORED (no compression. available everywhere)
 # * ZIP_DEFLATED (uses zlib, the default)
 # These values may be set per host via the ansible_module_compression inventory variable.
 #
 #module_compression = 'ZIP_DEFLATED'
 # This controls the cutoff point (in bytes) on --diff for files
 # set to 0 for unlimited (RAM may suffer!).
 #
 #max_diff_size = 104448
 # Controls showing custom stats at the end, off by default
 #show_custom_stats = False
 # Controls which files to ignore when using a directory as inventory with
 # possibly multiple sources (both static and dynamic)
 #
 #inventory_ignore_extensions = ~, .orig, .bak, .ini, .cfg, .retry, .pyc, .pyo
 # This family of modules use an alternative execution path optimized for network appliances
 # only update this setting if you know how this works, otherwise it can break module execution
 #
 #network_group_modules=eos, nxos, ios, iosxr, junos, vyos
 # When enabled, this option allows lookups (via variables like {{lookup('foo')}} or when used as
 # a loop with `with_foo`) to return data that is not marked "unsafe". This means the data may contain
 # jinja2 templating language which will be run through the templating engine.
 # ENABLING THIS COULD BE A SECURITY RISK
 #
 #allow_unsafe_lookups = False
 # set default errors for all plays
 #any_errors_fatal = False
 [inventory]
 # List of enabled inventory plugins and the order in which they are used.
 #enable_plugins = host_list, script, auto, yaml, ini, toml
 # Ignore these extensions when parsing a directory as inventory source
 #ignore_extensions = .pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, ~, .orig, .ini, .cfg, .retry
 # ignore files matching these patterns when parsing a directory as inventory source
 #ignore_patterns=
 # If 'True' unparsed inventory sources become fatal errors, otherwise they are warnings.
 #unparsed_is_failed = False
 [privilege_escalation]
 #become = False
 #become_method = sudo
 #become_ask_pass = False
 ## Connection Plugins ##
 # Settings for each connection plugin go under a section titled '[[plugin_name]_connection]'
 # To view available connection plugins, run ansible-doc -t connection -l
 # To view available options for a connection plugin, run ansible-doc -t connection [plugin_name]
 # https://docs.ansible.com/ansible/latest/plugins/connection.html
 [paramiko_connection]
 # uncomment this line to cause the paramiko connection plugin to not record new host
 # keys encountered. Increases performance on new host additions. Setting works independently of the
 # host key checking setting above.
 #record_host_keys=False
 # by default, Ansible requests a pseudo-terminal for commands executed under sudo. Uncomment this
 # line to disable this behaviour.
 #pty = False
 # paramiko will default to looking for SSH keys initially when trying to
 # authenticate to remote devices. This is a problem for some network devices
 # that close the connection after a key failure. Uncomment this line to
 # disable the Paramiko look for keys function
 #look_for_keys = False
 # When using persistent connections with Paramiko, the connection runs in a
 # background process. If the host doesn't already have a valid SSH key, by
 # default Ansible will prompt to add the host key. This will cause connections
 # running in background processes to fail. Uncomment this line to have
 # Paramiko automatically add host keys.
 #host_key_auto_add = True
 [ssh_connection]
 # ssh arguments to use
 # Leaving off ControlPersist will result in poor performance, so use
 # paramiko on older platforms rather than removing it, -C controls compression use
 ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s -o ForwardAgent=yes
 # The base directory for the ControlPath sockets.
 # This is the "%(directory)s" in the control_path option
 #
 # Example:
 # control_path_dir = /tmp/.ansible/cp
 #control_path_dir = ~/.ansible/cp
 # The path to use for the ControlPath sockets. This defaults to a hashed string of the hostname,
 # port and username (empty string in the config). The hash mitigates a common problem users
 # found with long hostnames and the conventional %(directory)s/ansible-ssh-%%h-%%p-%%r format.
 # In those cases, a "too long for Unix domain socket" ssh error would occur.
 #
 # Example:
 # control_path = %(directory)s/%%C
 #control_path =
 # Enabling pipelining reduces the number of SSH operations required to
 # execute a module on the remote server. This can result in a significant
 # performance improvement when enabled, however when using "sudo:" you must
 # first disable 'requiretty' in /etc/sudoers
 #
 # By default, this option is disabled to preserve compatibility with
 # sudoers configurations that have requiretty (the default on many distros).
 #
 pipelining = True
 # Control the mechanism for transferring files (old)
 #   * smart = try sftp and then try scp [default]
 #   * True = use scp only
 #   * False = use sftp only
 #scp_if_ssh = smart
 # Control the mechanism for transferring files (new)
 # If set, this will override the scp_if_ssh option
 #   * sftp  = use sftp to transfer files
 #   * scp   = use scp to transfer files
 #   * piped = use 'dd' over SSH to transfer files
 #   * smart = try sftp, scp, and piped, in that order [default]
 #transfer_method = smart
 # If False, sftp will not use batch mode to transfer files. This may cause some
 # types of file transfer failures impossible to catch however, and should
 # only be disabled if your sftp version has problems with batch mode
 #sftp_batch_mode = False
 # The -tt argument is passed to ssh when pipelining is not enabled because sudo
 # requires a tty by default.
 #usetty = True
 # Number of times to retry an SSH connection to a host, in case of UNREACHABLE.
 # For each retry attempt, there is an exponential backoff,
 # so after the first attempt there is 1s wait, then 2s, 4s etc. up to 30s (max).
 #retries = 3
 [persistent_connection]
 # Configures the persistent connection timeout value in seconds. This value is
 # how long the persistent connection will remain idle before it is destroyed.
 # If the connection doesn't receive a request before the timeout value
 # expires, the connection is shutdown. The default value is 30 seconds.
 #connect_timeout = 30
 # The command timeout value defines the amount of time to wait for a command
 # or RPC call before timing out. The value for the command timeout must
 # be less than the value of the persistent connection idle timeout (connect_timeout)
 # The default value is 30 second.
 #command_timeout = 30
 ## Become Plugins ##
 # Settings for become plugins go under a section named '[[plugin_name]_become_plugin]'
 # To view available become plugins, run ansible-doc -t become -l
 # To view available options for a specific plugin, run ansible-doc -t become [plugin_name]
 # https://docs.ansible.com/ansible/latest/plugins/become.html
 [sudo_become_plugin]
 #flags = -H -S -n
 #user = root
 [selinux]
 # file systems that require special treatment when dealing with security context
 # the default behaviour that copies the existing context or uses the user default
 # needs to be changed to use the file system dependent context.
 #special_context_filesystems=fuse,nfs,vboxsf,ramfs,9p,vfat
 # Set this to True to allow libvirt_lxc connections to work without SELinux.
 #libvirt_lxc_noseclabel = False
 [colors]
 #highlight = white
 #verbose = blue
 #warn = bright purple
 #error = red
 #debug = dark gray
 #deprecate = purple
 #skip = cyan
 #unreachable = red
 #ok = green
 #changed = yellow
 #diff_add = green
 #diff_remove = red
 #diff_lines = cyan
 [diff]
 # Always print diff when running ( same as always running with -D/--diff )
 #always = False
 # Set how many context lines to show in diff
 #context = 3
 [galaxy]
 # Controls whether the display wheel is shown or not
 #display_progress=
 # Validate TLS certificates for Galaxy server
 #ignore_certs = False
 # Role or collection skeleton directory to use as a template for
 # the init action in ansible-galaxy command
 #role_skeleton=
 # Patterns of files to ignore inside a Galaxy role or collection
 # skeleton directory
 #role_skeleton_ignore="^.git$", "^.*/.git_keep$"
 # Galaxy Server URL
 #server=https://galaxy.ansible.com
 # A list of Galaxy servers to use when installing a collection.
 #server_list=automation_hub, release_galaxy
 # Server specific details which are mentioned in server_list
 #[galaxy_server.automation_hub]
 #url=https://cloud.redhat.com/api/automation-hub/
 #auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
 #token=my_ah_token
 #
 #[galaxy_server.release_galaxy]
 #url=https://galaxy.ansible.com/
 #token=my_token
--- a/ansible/get_password.sh
+++ b/ansible/get_password.sh
@ -1,3 +0,0 @@
 #!/bin/sh
 [ -n "$VAULT_PASSWORD" ] && echo "$VAULT_PASSWORD"
--- a/archivebox/Dockerfile
+++ b/archivebox/Dockerfile
@ -1,56 +0,0 @@
 FROM alpine:3.13
 COPY entrypoint.sh /usr/local/bin/entrypoint
 RUN apk add --no-cache --virtual .build-deps \
        gcc \
        python3-dev \
        npm \
        musl-dev && \
    apk add --no-cache \
        py3-pip \
        python3 \
        curl \
        nodejs \
        git \
        chromium \
        youtube-dl \
        ripgrep \
        wget && \
    pip3 install --upgrade pip setuptools && \
    pip3 install --upgrade archivebox && \
    npm install -g 'git+https://github.com/ArchiveBox/ArchiveBox.git' && \
    apk del .build-deps && \
    addgroup --gid 10001 archivebox && \
    adduser \
        --uid 10000 \
        --home /var/lib/archivebox \
        --ingroup archivebox \
        --disabled-password \
        --shell /sbin/nologin \
        archivebox && \
    mkdir -p /data && \
    mkdir -p /var/lib/archivebox/chromium_data/Default && \
    touch /var/lib/archivebox/cookies.txt && \
    chown -R archivebox /data /var/lib/archivebox && \
    chmod +x /usr/local/bin/entrypoint
 ENV IN_DOCKER=True \
    CHROME_SANDBOX=False \
    CHROME_BINARY="/usr/bin/chromium-browser" \
    CHROME_USER_DATA_DIR="/var/lib/archivebox/chromium_data" \
    COOKIES_FILE="/var/lib/archivebox/cookies.txt" \
    USE_SINGLEFILE=True \
    SINGLEFILE_BINARY="/usr/bin/single-file" \
    USE_READABILITY=True \
    READABILITY_BINARY="/usr/bin/readability-extractor" \
    USE_MERCURY=True \
    MERCURY_BINARY="/usr/bin/mercury-parser"
 VOLUME /data
 EXPOSE 8000
 WORKDIR /data
 USER archivebox
 ENTRYPOINT ["/usr/local/bin/entrypoint"]
 CMD ["server", "0.0.0.0:8000"]
--- a/archivebox/Makefile
+++ b/archivebox/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = archivebox
 .PHONY: build build-nc
 build: Dockerfile
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/archivebox/entrypoint.sh
+++ b/archivebox/entrypoint.sh
@ -1,5 +0,0 @@
 #!/bin/sh
 archivebox init
 exec archivebox "$@"
--- a/backup/Dockerfile
+++ b/backup/Dockerfile
@ -1,6 +0,0 @@
 FROM alpine:3.11
 RUN apk --no-cache add squashfs-tools
 COPY make_backup.sh /bin/make_backup
 RUN chmod +x /bin/make_backup
 CMD "/bin/make_backup"
--- a/backup/Makefile
+++ b/backup/Makefile
@ -1,15 +0,0 @@
 IMG_NAME = backup
 REGISTRY=registry.monotremata.xyz:443
 IMG=$(REGISTRY)/$(IMG_NAME)
 .PHONY: build build-nc tag push
 build: Dockerfile make_backup.sh
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile docker-entrypoint.sh sshd_config
 	docker build --no-cache -t $(IMG)
--- a/backup/make_backup.sh
+++ b/backup/make_backup.sh
@ -1,32 +0,0 @@
 #!/bin/sh
 if [ -n "$EXCLUDE" ]; then
    dirs=$( \
    	echo "${EXCLUDE}" | \
 		tr " " "\n" |  \
 		awk -F' ' '{print "/src/"$0}' | \
 		tr "\n" " " \
    )
    exclude_opt="-e ${dirs}"
 else
    exclude_opt=""
 fi
 echo running:
 echo mksquashfs \
    /src \
    "/dest/$(date +%F).sfs" \
    -comp gzip \
    -xattrs \
    -progress \
    -mem 512M \
    ${exclude_opt}
 mksquashfs \
    /src \
    "/dest/$(date +%F).sfs" \
    -comp gzip \
    -xattrs \
    -progress \
    -mem 512M \
    ${exclude_opt}
--- a/buku/Dockerfile
+++ b/buku/Dockerfile
@ -1,34 +0,0 @@
 # buku
 FROM python:3.8-alpine3.11
 ENV BUKUSERVER_PORT=5001
 RUN apk add --no-cache --virtual .build-deps \
        gcc \
        openssl-dev \
        musl-dev \
        libffi-dev \
        git && \
    mkdir -p /usr/local/src && \
    git clone https://github.com/jarun/buku /usr/local/src/buku && \
    pip install -U --no-cache-dir \
        pip \
        gunicorn \
        "/usr/local/src/buku[server]" && \
    apk del .build-deps && \
    rm -r /usr/local/src
 RUN adduser -u 1006 -h /var/lib/buku -D buku && \
    adduser -u 1001 -D syncthing && addgroup syncthing buku && \
    mkdir -p /var/lib/buku/.local/share/buku && \
    chown -R buku:buku /var/lib/buku && \
    chown -R syncthing:buku /var/lib/buku/.local/share/buku && \
    chmod '2775' /var/lib/buku/.local/share/buku && \
    touch /var/lib/buku/.local/share/buku/bookmarks.db && chmod '664' /var/lib/buku/.local/share/buku/bookmarks.db
 VOLUME /var/lib/buku/.local/share/buku
 EXPOSE ${BUKUSERVER_PORT}
 USER buku
 ENTRYPOINT gunicorn --bind "0.0.0.0:${BUKUSERVER_PORT}" "bukuserver.server:create_app()"
--- a/buku/Makefile
+++ b/buku/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = buku
 .PHONY: build build-nc
 build: Dockerfile
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/ddclient/Dockerfile
+++ b/ddclient/Dockerfile
@ -1,19 +0,0 @@
 FROM alpine:3.12
 ENV VERSION 3.9.1
 ENV DL_URL https://github.com/ddclient/ddclient/archive/v${VERSION}.tar.gz
 #ENV PERL_MM_USE_DEFAULT 1
 RUN apk add --no-cache \
        curl make wget \
        perl perl-utils perl-test-taint perl-netaddr-ip perl-net-ip \
        perl-yaml perl-log-log4perl perl-io-socket-ssl && \
    curl -L http://cpanmin.us | perl - Data::Validate::IP && \
    tmp=$(mktemp -d) && \
    curl -L "${DL_URL}" --output "${tmp}/ddclient.tar.gz" && \
    tar -xzf "${tmp}/ddclient.tar.gz" -C "${tmp}" && \
    cp "${tmp}/ddclient-${VERSION}/ddclient" /usr/bin/ddclient && \
    rm -r "${tmp}" && \
    mkdir -p /etc/ddclient /var/cache/ddclient
 CMD ["/usr/bin/ddclient", "-foreground"]
--- a/ddclient/Makefile
+++ b/ddclient/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = ddclient
 .PHONY: build build-nc
 build: Dockerfile
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/dendrite/Dockerfile
+++ b/dendrite/Dockerfile
@ -1,33 +0,0 @@
 FROM golang:1.16.3-alpine3.13 AS builder
 RUN apk --no-cache add git build-base && \
    mkdir -p /build && \
    git clone https://github.com/matrix-org/dendrite /build/dendrite && \
    mkdir -p /build/bin && \
    cd /build/dendrite && \
    go build -trimpath -o /build/bin/ ./cmd/dendrite-monolith-server && \
    go build -trimpath -o /build/bin/ ./cmd/goose && \
    go build -trimpath -o /build/bin/ ./cmd/create-account && \
    go build -trimpath -o /build/bin/ ./cmd/generate-keys
 FROM alpine:3.13
 COPY --from=builder /build/bin/* /usr/local/bin/
 COPY entrypoint.sh /usr/local/bin/entrypoint
 RUN chmod +x /usr/local/bin/entrypoint && \
    addgroup --gid 10001 dendrite && \
    adduser \
        --uid 10000 \
        --home /var/lib/dendrite \
        --ingroup dendrite \
        --disabled-password \
        --shell /sbin/nologin \
        dendrite && \
    mkdir -p /var/log/dendrite /var/dendrite/media && \
    chown -R dendrite:dendrite /var/log/dendrite /var/dendrite
 WORKDIR /etc/dendrite
 USER dendrite
 ENTRYPOINT ["/usr/local/bin/entrypoint"]
--- a/dendrite/Makefile
+++ b/dendrite/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = dendrite
 .PHONY: build build-nc
 build: Dockerfile entrypoint.sh
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile entrypoint.sh
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/dendrite/entrypoint.sh
+++ b/dendrite/entrypoint.sh
@ -1,4 +0,0 @@
 #!/bin/sh
 sleep 5
 exec /usr/local/bin/dendrite-monolith-server -config /etc/dendrite/dendrite.yaml "$@"
--- a/filite/Dockerfile
+++ b/filite/Dockerfile
@ -1,22 +0,0 @@
 FROM alpine:3.13
 RUN apk add --no-cache --virtual .build-deps cargo && \
    apk add --no-cache libgcc && \
    cargo install filite && \
    apk del .build-deps && \
    mv /root/.cargo/bin/filite /usr/local/bin/filite && \
    rm -r /root/.cargo && \
    addgroup \
        --gid 10001 \
        filite && \
    adduser \
        --uid 10000 \
        --home /var/lib/filite \
        --ingroup filite \
        --disabled-password \
        --shell /sbin/nologin \
        filite
 WORKDIR /var/lib/filite
 USER filite
 ENTRYPOINT ["/usr/local/bin/filite"]
--- a/filite/Makefile
+++ b/filite/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = filite
 .PHONY: build build-nc
 build: Dockerfile
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/git-daemon/Dockerfile
+++ b/git-daemon/Dockerfile
@ -1,12 +0,0 @@
 FROM alpine:3.12
 RUN apk --no-cache add \
    fcgiwrap \
    spawn-fcgi \
    git-daemon
 COPY entrypoint /usr/local/bin/entrypoint
 RUN chmod +x /usr/local/bin/entrypoint
 ENTRYPOINT ["/usr/local/bin/entrypoint"]
 CMD "daemon"
--- a/git-daemon/Makefile
+++ b/git-daemon/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = git-daemon
 .PHONY: build build-nc
 build: Dockerfile entrypoint
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile entrypoint
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/git-daemon/entrypoint
+++ b/git-daemon/entrypoint
@ -1,17 +0,0 @@
 #!/bin/sh
 case $1 in
    daemon)
        [ -n "$REPOS_DIR" ] && [ -d "$REPOS_DIR" ] && \
            exec git daemon \
                --reuseaddr \
                --base-path=/var/lib/git/repositories \
                /var/lib/git/repositories
        ;;
    fcgi)
        FCGI_PORT=${FCGI_PORT:-9000}
        exec spawn-fcgi -p "${FCGI_PORT}" -n /usr/bin/fcgiwrap
        ;;
    *)
        exec "$@"
 esac
--- a/gitolite-pystagit/Dockerfile
+++ b/gitolite-pystagit/Dockerfile
@ -1,41 +0,0 @@
 FROM alpine:3.13
 RUN apk add --no-cache \
        gitolite \
        libgit2 \
        openssh-server \
        python3 \
        su-exec && \
    apk add --no-cache --virtual .build-deps \
        gcc \
        libffi-dev \
        libgit2-dev \
        musl-dev \
        py3-pip \
        python3-dev && \
    git clone https://github.com/gthar/pystagit.git /tmp/pystagit && \
    pip install /tmp/pystagit && \
    rm -r /tmp/pystagit && \
    apk del .build-deps && \
    passwd -u git && \
    mkdir -p /opt/gitolite-local/hooks/common
 COPY sshd_config /etc/ssh/sshd_config
 COPY gitolite.rc /var/lib/git/.gitolite.rc
 COPY bin/. /usr/local/bin/
 COPY local_code/. /opt/gitolite-local/
 RUN chown -R git:git /var/lib/git && \
    chmod +x \
        /usr/local/bin/entrypoint \
        /usr/local/bin/build-pystagit-index \
        /usr/local/bin/build-pystagit-repo \
        /usr/local/bin/build-pystagit-repos \
        /opt/gitolite-local/hooks/common/post-receive \
        /opt/gitolite-local/triggers/build-pystagit-index \
        /opt/gitolite-local/triggers/build-pystagit-repo \
        /opt/gitolite-local/triggers/build-pystagit-repos
 ENTRYPOINT ["/usr/local/bin/entrypoint"]
 CMD ["/usr/sbin/sshd", "-D", "-e"]
--- a/gitolite-pystagit/Makefile
+++ b/gitolite-pystagit/Makefile
@ -1,16 +0,0 @@
 USERNAME = rilla
 IMG_NAME = gitolite-pystagit
 .PHONY: build build-nc
 BIN=$(wildcard bin/*)
 HOOKS=$(wildcard local_code/hooks/*)
 TRIGGERS=$(wildcard local_code/triggers/*)
 DEPS=Dockerfile $(BIN) $(HOOKS) $(TRIGGERS) gitolite.rc sshd_config
 build: $(DEPS)
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: $(DEPS)
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/gitolite-pystagit/bin/build-pystagit-index
+++ b/gitolite-pystagit/bin/build-pystagit-index
@ -1,29 +0,0 @@
 #!/bin/sh
 set -e
 PYSTAGIT_BASE="${PYSTAGIT_BASE:-/var/lib/git/pystagit}"
 GL_REPO_BASE="${GL_REPO_BASE:-/var/lib/git/repositories}"
 mk_index () {
    gitolite list-phy-repos | \
        gitolite access % pystagit R any | \
        awk \
            -F'\t' \
            -v d="${GL_REPO_BASE}" \
            '{if ($3 !~ "DENIED") print d"/"$1".git"}' | \
        xargs -r /usr/bin/pystagit-index > \
            "${1}/index.html" && \
 	chmod 644 "${1}/index.html"
 }
 # shellcheck disable=SC1091
 [ -f /etc/env ] && . /etc/env
 if [ -n "${SITES}" ]; then
    for site in ${SITES}; do
        mk_index "${PYSTAGIT_BASE}-${site}"
    done
 else
    mk_index "${PYSTAGIT_BASE}"
 fi
--- a/gitolite-pystagit/bin/build-pystagit-repo
+++ b/gitolite-pystagit/bin/build-pystagit-repo
@ -1,75 +0,0 @@
 #!/bin/sh
 set -e
 [ -z "${1}" ] && exit
 PYSTAGIT_BASE="${PYSTAGIT_BASE:-/var/lib/git/pystagit}"
 GL_REPO_BASE="${GL_REPO_BASE:-/var/lib/git/repositories}"
 # shellcheck disable=SC1091
 [ -f /etc/env ] && . /etc/env
 run_pystagit () {
    repo_dir="${GL_REPO_BASE}/${1}.git"
    if [ -n "${2}" ]; then
        out_dir="${PYSTAGIT_BASE}-${2}/${1}"
    else
        out_dir="${PYSTAGIT_BASE}/${1}"
    fi
    mkdir -p "${out_dir}" && \
 	chmod 755 "${out_dir}" && \
        cd "${out_dir}" && \
        /usr/bin/pystagit "${repo_dir}" && \
        if [ -f about.html ]; then
            ln -sf about.html index.html
        else
            ln -sf log.html index.html
        fi
 }
 set_url () {
    url_file="${GL_REPO_BASE}/${1}.git/url"
    if [ -n "${2}" ]; then
        echo "${2}/${1}" > "${url_file}"
    else
        echo "url not set"
        rm -f "${url_file}"
    fi
 }
 set_owner () {
    owner_file="${GL_REPO_BASE}/${1}.git/owner"
    if owner=$(gitolite git-config "${1}" gitweb.owner); then
        echo "setting owner for '${1}'"
        echo "${owner}" > "${owner_file}"
    else
        echo "usetting owner for '${1}'"
        rm -f "${owner_file}"
    fi
 }
 echo "running pystagit for '${1}'"
 if gitolite access "${1}" pystagit R any; then
    set_owner "${1}"
    if [ -n "${SITES}" ]; then
        _i=1
        for site in ${SITES}; do
            url=$(printf "%s" "${URLS}" | cut -d " " -f "$_i")
            set_url "${1}" "${url}"
            run_pystagit "${1}" "${site}"
            _i=$((_i+1))
        done
    else
        url=$(printf "%s" "${URLS}" | cut -d " " -f 1)
        set_url "${1}" "${url}"
        run_pystagit "${1}" ""
    fi
 else
    rm -rf "${PYSTAGIT_BASE}"*"/${1}.git"
 fi
--- a/gitolite-pystagit/bin/build-pystagit-repos
+++ b/gitolite-pystagit/bin/build-pystagit-repos
@ -1,7 +0,0 @@
 #!/bin/sh
 set -e
 for repo in $(gitolite list-phy-repos); do
    /usr/local/bin/build-pystagit-repo "${repo}"
 done
--- a/gitolite-pystagit/bin/entrypoint
+++ b/gitolite-pystagit/bin/entrypoint
@ -1,49 +0,0 @@
 #!/bin/sh
 set -e
 su-exec git env | awk -F"=" '{ print $1"=\""$2"\"" }' > /etc/env
 for algorithm in rsa dsa ecdsa ed25519; do
    keyfile="/etc/ssh/keys/ssh_host_${algorithm}_key"
    [ -f "$keyfile" ] || \
        ssh-keygen -q -N '' -f "$keyfile" -t "$algorithm"
 done
 BASE_DIR=/var/lib/git
 echo "fixing permissions..."
 mkdir -p \
    "${BASE_DIR}/.gitolite/conf" \
    "${BASE_DIR}/.gitolite/hooks" \
    "${BASE_DIR}/.gitolite/keydir" \
    "${BASE_DIR}/.gitolite/logs"
 chown -R git:git \
    "${BASE_DIR}/.gitolite" \
    "${BASE_DIR}/.ssh" \
    "${BASE_DIR}/pystagit"* \
    "${BASE_DIR}/repositories"
 if [ ! -f "${BASE_DIR}/.ssh/authorized_keys" ]; then
    if [ -z "$SSH_KEY" ]; then
        echo "SSH_KEY needs to be set"
        exit 1
    fi
    SSH_KEY_NAME=${SSH_KEY_NAME:-admin}
    echo "$SSH_KEY" > "/tmp/${SSH_KEY_NAME}.pub"
    echo "gitolite's initial setup"
    su-exec git gitolite setup -pk "/tmp/${SSH_KEY_NAME}.pub"
    rm "/tmp/${SSH_KEY_NAME}.pub"
 else
    # stuff is already set up, but check the setup anyway
    echo "gitolite's sanity setup"
    su-exec git gitolite setup
 fi
 echo "building static site"
 su-exec git build-pystagit-repos
 su-exec git build-pystagit-index
 echo "gitolite is ready,starting sshd"
 exec "$@"
--- a/gitolite-pystagit/gitolite.rc
+++ b/gitolite-pystagit/gitolite.rc
@ -1,214 +0,0 @@
 # configuration variables for gitolite
 # This file is in perl syntax.  But you do NOT need to know perl to edit it --
 # just mind the commas, use single quotes unless you know what you're doing,
 # and make sure the brackets and braces stay matched up!
 # (Tip: perl allows a comma after the last item in a list also!)
 # HELP for commands can be had by running the command with "-h".
 # HELP for all the other FEATURES can be found in the documentation (look for
 # "list of non-core programs shipped with gitolite" in the master index) or
 # directly in the corresponding source file.
 %RC = (
    # ------------------------------------------------------------------
    # default umask gives you perms of '0700'; see the rc file docs for
    # how/why you might change this
    UMASK                           =>  0077,
    # look for "git-config" in the documentation
    GIT_CONFIG_KEYS                 =>  'gitweb.description gitweb.owner',
    # comment out if you don't need all the extra detail in the logfile
    LOG_EXTRA                       =>  1,
    # logging options
    # 1. leave this section as is for 'normal' gitolite logging (default)
    # 2. uncomment this line to log ONLY to syslog:
    # LOG_DEST                      => 'syslog',
    # 3. uncomment this line to log to syslog and the normal gitolite log:
    # LOG_DEST                      => 'syslog,normal',
    # 4. prefixing "repo-log," to any of the above will **also** log just the
    #    update records to "gl-log" in the bare repo directory:
    # LOG_DEST                      => 'repo-log,normal',
    # LOG_DEST                      => 'repo-log,syslog',
    # LOG_DEST                      => 'repo-log,syslog,normal',
    # syslog 'facility': defaults to 'local0', uncomment if needed.  For example:
    # LOG_FACILITY                  => 'local4',
    # roles.  add more roles (like MANAGER, TESTER, ...) here.
    #   WARNING: if you make changes to this hash, you MUST run 'gitolite
    #   compile' afterward, and possibly also 'gitolite trigger POST_COMPILE'
    ROLES => {
        READERS                     =>  1,
        WRITERS                     =>  1,
    },
    # enable caching (currently only Redis).  PLEASE RTFM BEFORE USING!!!
    # CACHE                         =>  'Redis',
    # ------------------------------------------------------------------
    # rc variables used by various features
    # the 'info' command prints this as additional info, if it is set
        # SITE_INFO                 =>  'Please see http://blahblah/gitolite for more help',
    # the CpuTime feature uses these
        # display user, system, and elapsed times to user after each git operation
        # DISPLAY_CPU_TIME          =>  1,
        # display a warning if total CPU times (u, s, cu, cs) crosses this limit
        # CPU_TIME_WARN_LIMIT       =>  0.1,
    # the Mirroring feature needs this
        # HOSTNAME                  =>  "foo",
    # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING!
        # CACHE_TTL                 =>  600,
    # ------------------------------------------------------------------
    # suggested locations for site-local gitolite code (see cust.html)
        # this one is managed directly on the server
        LOCAL_CODE => "/opt/gitolite-local",
        #LOCAL_CODE => "$ENV{HOME}/local",
        # or you can use this, which lets you put everything in a subdirectory
        # called "local" in your gitolite-admin repo.  For a SECURITY WARNING
        # on this, see http://gitolite.com/gitolite/non-core.html#pushcode
        # LOCAL_CODE                =>  "$rc{GL_ADMIN_BASE}/local",
    # ------------------------------------------------------------------
    #POST_COMPILE => [],
    POST_COMPILE => [
        'build-pystagit-repos',
        'build-pystagit-index'
    ],
    POST_CREATE => [
        'build-pystagit-repo',
        'build-pystagit-index'
    ],
    # List of commands and features to enable
    ENABLE => [
        # COMMANDS
            # These are the commands enabled by default
            'help',
            'desc',
            'info',
            'perms',
            'writable',
            # Uncomment or add new commands here.
            # 'create',
            # 'fork',
            # 'mirror',
            # 'readme',
            # 'sskm',
            # 'D',
        # These FEATURES are enabled by default.
            # essential (unless you're using smart-http mode)
            'ssh-authkeys',
            # creates git-config entries from gitolite.conf file entries like 'config foo.bar = baz'
            'git-config',
            # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
            'daemon',
            # creates projects.list file; if you don't use gitweb, comment this out
            #'gitweb',
        # These FEATURES are disabled by default; uncomment to enable.  If you
        # need to add new ones, ask on the mailing list :-)
        # user-visible behaviour
            # prevent wild repos auto-create on fetch/clone
            # 'no-create-on-read',
            # no auto-create at all (don't forget to enable the 'create' command!)
            # 'no-auto-create',
            # access a repo by another (possibly legacy) name
            # 'Alias',
            # give some users direct shell access.  See documentation in
            # sts.html for details on the following two choices.
            # "Shell $ENV{HOME}/.gitolite.shell-users",
            # 'Shell alice bob',
            # set default roles from lines like 'option default.roles-1 = ...', etc.
            # 'set-default-roles',
            # show more detailed messages on deny
            # 'expand-deny-messages',
            # show a message of the day
            # 'Motd',
        # system admin stuff
            # enable mirroring (don't forget to set the HOSTNAME too!)
            # 'Mirroring',
            # allow people to submit pub files with more than one key in them
            # 'ssh-authkeys-split',
            # selective read control hack
            # 'partial-copy',
            # manage local, gitolite-controlled, copies of read-only upstream repos
            # 'upstream',
            # updates 'description' file instead of 'gitweb.description' config item
            'cgit',
            # allow repo-specific hooks to be added
            #'repo-specific-hooks',
        # performance, logging, monitoring...
            # be nice
            # 'renice 10',
            # log CPU times (user, system, cumulative user, cumulative system)
            # 'CpuTime',
        # syntactic_sugar for gitolite.conf and included files
            # allow backslash-escaped continuation lines in gitolite.conf
            # 'continuation-lines',
            # create implicit user groups from directory names in keydir/
            # 'keysubdirs-as-groups',
            # allow simple line-oriented macros
            'macros',
        # Kindergarten mode
            # disallow various things that sensible people shouldn't be doing anyway
            # 'Kindergarten',
    ],
 );
 # ------------------------------------------------------------------------------
 # per perl rules, this should be the last line in such a file:
 1;
 # Local variables:
 # mode: perl
 # End:
 # vi: ft=perl
--- a/gitolite-pystagit/local_code/hooks/common/post-receive
+++ b/gitolite-pystagit/local_code/hooks/common/post-receive
@ -1,7 +0,0 @@
 #!/bin/sh
 set -e
 [ -n "${GL_REPO}" ] && \
    /usr/local/bin/build-pystagit-repo "${GL_REPO}" &&
    /usr/local/bin/build-pystagit-index
--- a/gitolite-pystagit/local_code/triggers/build-pystagit-index
+++ b/gitolite-pystagit/local_code/triggers/build-pystagit-index
@ -1,3 +0,0 @@
 #!/bin/sh
 /usr/local/bin/build-pystagit-index
--- a/gitolite-pystagit/local_code/triggers/build-pystagit-repo
+++ b/gitolite-pystagit/local_code/triggers/build-pystagit-repo
@ -1,5 +0,0 @@
 #!/bin/sh
 set -e
 [ -n "$2" ] && /usr/local/bin/build-pystagit-repo "$2"
--- a/gitolite-pystagit/local_code/triggers/build-pystagit-repos
+++ b/gitolite-pystagit/local_code/triggers/build-pystagit-repos
@ -1,3 +0,0 @@
 #!/bin/sh
 /usr/local/bin/build-pystagit-repos
--- a/gitolite-pystagit/sshd_config
+++ b/gitolite-pystagit/sshd_config
@ -1,23 +0,0 @@
 Port 22
 Protocol 2
 PermitRootLogin no
 AllowUsers git
 PasswordAuthentication no
 PermitEmptyPasswords no
 PubkeyAuthentication yes
 HostKey /etc/ssh/keys/ssh_host_rsa_key
 HostKey /etc/ssh/keys/ssh_host_dsa_key
 HostKey /etc/ssh/keys/ssh_host_ecdsa_key
 HostKey /etc/ssh/keys/ssh_host_ed25519_key
 X11Forwarding no
 PrintMotd no
 ClientAliveInterval 300
 ClientAliveCountMax 2
 KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group18-sha512
 MACs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
 HostKeyAlgorithms ssh-rsa,rsa-sha2-256,rsa-sha2-512
--- a/gitolite/Dockerfile
+++ b/gitolite/Dockerfile
@ -1,36 +0,0 @@
 FROM alpine:3.14
 RUN apk add --update --no-cache \
        docker-compose \
        docker \
        git \
        openssh-server \
        perl  \
        shadow \
        su-exec
 RUN adduser -h /var/lib/git -D git && \
    adduser git docker && \
    mkdir -p /var/lib/git/local/hooks && \
    chown -R git:git /var/lib/git && \
    usermod -p '*' git && \
    passwd -u git
 RUN mkdir -p /usr/local/src && \
    git clone https://github.com/sitaramc/gitolite /usr/local/src/gitolite && \
    /usr/local/src/gitolite/install -ln /usr/local/bin
 RUN mkdir -p /opt/docker-services
 COPY sshd_config /etc/ssh/sshd_config
 VOLUME /etc/ssh/keys
 VOLUME /var/lib/git
 COPY docker-entrypoint.sh /entrypoint
 RUN chmod +x /entrypoint
 ENTRYPOINT ["/entrypoint"]
 EXPOSE 22
 CMD ["/usr/sbin/sshd", "-D", "-e"]
--- a/gitolite/Makefile
+++ b/gitolite/Makefile
@ -1,14 +0,0 @@
 IMG_NAME = gitolite
 REGISTRY=registry.monotremata.xyz:443
 IMG=$(REGISTRY)/$(IMG_NAME)
 .PHONY: build build-nc push
 build: Dockerfile docker-entrypoint.sh sshd_config
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile docker-entrypoint.sh sshd_config
 	docker build --no-cache -t $(IMG) .
--- a/gitolite/docker-entrypoint.sh
+++ b/gitolite/docker-entrypoint.sh
@ -1,41 +0,0 @@
 #!/bin/sh
 set -xe
 [ -n "$DOCKER_GID" ] && groupmod -g "${DOCKER_GID}" docker
 for algorithm in rsa dsa ecdsa ed25519
 do
    keyfile="/etc/ssh/keys/ssh_host_${algorithm}_key"
    [ -f "$keyfile" ] || ssh-keygen -q -N '' -f "$keyfile" -t "$algorithm"
 done
 BASE_DIR=/var/lib/git
 echo "fixing gitolite's permissions..."
 find "${BASE_DIR}" \
    -not -path "${BASE_DIR}/.gitolite.rc" \
    -and -not -path "${BASE_DIR}/local/hooks/repo-specific*" \
    -exec chown git:git {} \;
 if [ ! -f "${BASE_DIR}/.ssh/authorized_keys" ]
 then
    if [ -n "$SSH_KEY" ]
    then
        [ -n "$SSH_KEY_NAME" ] || SSH_KEY_NAME="admin"
 	echo "$SSH_KEY" > "/tmp/${SSH_KEY_NAME}.pub"
 	echo "gitolite's initial setup"
        su-exec git gitolite setup -pk "/tmp/${SSH_KEY_NAME}.pub"
 	rm "/tmp/${SSH_KEY_NAME}.pub"
    else
        echo "SSH_KEY needs to be set"
 	exit 1
    fi
 else
    # stuff is already set up, but check the setup anyway
    echo "gitolite's sanity setup"
    su-exec git gitolite setup
 fi
 echo "gitolite is ready,starting sshd"
 exec "$@"
--- a/gitolite/sshd_config
+++ b/gitolite/sshd_config
@ -1,23 +0,0 @@
 Port 22
 Protocol 2
 PermitRootLogin no
 AllowUsers git
 PasswordAuthentication no
 PermitEmptyPasswords no
 PubkeyAuthentication yes
 HostKey /etc/ssh/keys/ssh_host_rsa_key
 HostKey /etc/ssh/keys/ssh_host_dsa_key
 HostKey /etc/ssh/keys/ssh_host_ecdsa_key
 HostKey /etc/ssh/keys/ssh_host_ed25519_key
 X11Forwarding no
 PrintMotd no
 ClientAliveInterval 300
 ClientAliveCountMax 2
 KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group18-sha512
 MACs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
 HostKeyAlgorithms ssh-rsa,rsa-sha2-256,rsa-sha2-512
--- a/monero/Dockerfile
+++ b/monero/Dockerfile
@ -1,26 +0,0 @@
 FROM debian:bullseye-slim
 ARG ARCH
 ENV VER v0.17.2.3
 ENV URL "https://downloads.getmonero.org/cli/monero-linux-${ARCH}-${VER}.tar.bz2"
 RUN apt-get update && \
    apt-get install -y curl bzip2 && \
    rm -rf /var/lib/apt/lists/* && \
    curl -o /root/monero.tar.bz2 "${URL}" && \
    bzip2 -d /root/monero.tar.bz2 && \
    tar -C /root -xf /root/monero.tar && \
    find /root -type f -executable -exec cp {} /usr/local/bin \; && \
    rm -r /root/monero*
 RUN groupadd --gid 10001 monero && \
    useradd \
        --uid 10000 \
        --gid 10001 \
        --shell /sbin/nologin \
        --create-home \
        --home-dir /var/lib/monero \
        monero
 USER monero
 WORKDIR /var/lib/monero
--- a/monero/Makefile
+++ b/monero/Makefile
@ -1,23 +0,0 @@
 IMG_NAME = monero
 REGISTRY=registry.monotremata.xyz:443
 IMG=$(REGISTRY)/$(IMG_NAME)
 .PHONY: build build-nc push
 hw=$(shell uname -m)
 ifeq ($(hw), x86_64)
 	ARCH=x64
 else ifeq ($(hw), aarch64)
 	ARCH=armv8
 else
 	ARCH=$(hw)
 endif
 build: Dockerfile
 	docker build -t $(IMG) --build-arg ARCH=$(ARCH) .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile
 	docker build --no-cache -t $(IMG) --build-arg ARCH=$(ARCH) .
--- a/mpd/Dockerfile
+++ b/mpd/Dockerfile
@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 RUN mkdir -p /var/lib/mpd && \
    addgroup --gid 10001 mpd && \
@ -14,54 +14,3 @@ RUN mkdir -p /var/lib/mpd && \
 USER mpd
 CMD ["/usr/bin/mpd", "--no-daemon"]
 #RUN apk add --no-cache --virtual .build-deps \
 #        curl \
 #        cmake \
 #        make \
 #        gcc \
 #        g++ \
 #        musl-dev \
 #        curl-dev \
 #        automake \
 #        autoconf \
 #        libtool && \
 #    mkdir -p /usr/local/src && \
 #    curl -L \
 #        --output "/usr/local/src/transmission-${VER}.tar.xz" \
 #        "https://github.com/transmission/transmission-releases/raw/master/transmission-${VER}.tar.xz" && \
 #    tar -xf "/usr/local/src/tranmission-${VER}.tar.xz" -C /usr/local/src && \
 #    mkdir -p /usr/local/src/transmission/build && \
 #    cd /usr/local/src/transmission/build && \
 #    cmake .. && \
 #    make && \
 #    make install && \
 #    cd / && \
 #    rm -r /usr/local/src && \
 #    apk del .build-deps && \
 #    apk add --no-cache curl
 #RUN addgroup \
 #        --gid 10001 \
 #        transmission && \
 #    adduser \
 #        --uid 10000 \
 #        --home /var/lib/transmission \
 #        --ingroup transmission \
 #        --disabled-password \
 #        --shell /sbin/nologin \
 #        transmission && \
 #    mkdir -p \
 #        /var/lib/transmission/blocklists \
 #        /var/lib/transmission/downloads \
 #        /var/lib/transmission/incomplete \
 #        /var/lib/transmission/resume \
 #        /var/lib/transmission/torrents && \
 #    chown -R transmission:transmission /var/lib/transmission
 #ENV TRANSMISSION_HOME /var/lib/transmission
 #USER transmission
 #WORKDIR /var/lib/transmission
 #CMD ["/usr/local/bin/transmission-daemon", "--foreground"]
--- a/mpd/Makefile
+++ b/mpd/Makefile
@ -1,22 +1,19 @@
 IMG_NAME = mpd
 REGISTRY=registry.monotremata.xyz
 IMG=$(REGISTRY)/$(IMG_NAME)
-PLATFORMS=linux/amd64,linux/arm64
+PLATFORMS=linux/arm64
-.PHONY: build build-nc push
+.PHONY: build push buildx
 build: Dockerfile
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
 buildx: Dockerfile
 	docker buildx build \
 	    --platform $(PLATFORMS) \
 	    --tag $(IMG) \
 	    --push \
 	    .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile
 	docker build --no-cache -t $(IMG) .
--- a/nfs-server/Dockerfile
+++ b/nfs-server/Dockerfile
@ -1,15 +0,0 @@
 FROM alpine:3.13
 COPY entrypoint.sh /usr/local/bin/entrypoint
 RUN apk add --no-cache nfs-utils && \
    rm /etc/idmapd.conf /etc/exports && \
    mkdir -p /var/lib/nfs/rpc_pipefs /var/lib/nfs/v4recovery && \
    echo "rpc_pipefs  /var/lib/nfs/rpc_pipefs  rpc_pipefs  defaults  0  0" >> /etc/fstab && \
    echo "nfsd        /proc/fs/nfsd            nfsd        defaults  0  0" >> /etc/fstab && \
    chmod +x /usr/local/bin/entrypoint
 EXPOSE 2049
 ENTRYPOINT ["/usr/local/bin/entrypoint"]
--- a/nfs-server/Makefile
+++ b/nfs-server/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = nfs-server
 .PHONY: build build-nc
 build: Dockerfile entrypoint.sh
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile entrypoint.sh
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/nfs-server/entrypoint.sh
+++ b/nfs-server/entrypoint.sh
@ -1,72 +0,0 @@
 #!/bin/sh
 NTHREADS=${NTHREADS:=1}
 stop () {
    echo "un-exporting filesystems"
    /usr/sbin/exportfs -uav
    echo "terminating nfsd"
    /usr/sbin/rpc.nfsd 0
    echo "killing pids"
    pid1=$(pidof rpc.nfsd)
    pid2=$(pidof rpc.mountd)
    pid3=$(pidof rpc.rpcbind)
    kill -TERM "$pid1" "$pid2" "$pid3"
    echo "un-mounting /var/lib/nfs/rpc_pipefs"
    umount /var/lib/nfs/rpc_pipefs
    echo "un-mounting /proc/nfs/nfsd"
    umount /proc/fs/nfsd
    exit 0
 }
 boot () {
    echo "mounting /var/lib/nfs/rpc_pipefs"
    /bin/mount -t rpc_pipefs /var/lib/nfs/rpc_pipefs
    echo "mounting /proc/fs/nfsd"
    /bin/mount -t nfsd /proc/fs/nfsd
    echo "starting rpcbind"
    /sbin/rpcbind -sw
    /sbin/rpcinfo
    echo "exporting filesystems"
    /usr/sbin/exportfs -ar
    cat /etc/exports
    echo "starting mountd"
    /usr/sbin/rpc.mountd \
        --port 32767 \
        --nfs-version 4 \
        --no-nfs-version 2 \
        --no-nfs-version 3
    echo "starting nfsd"
    /usr/sbin/rpc.nfsd \
        --tcp \
        --udp \
        --port 2049 \
        --nfs-version 4 \
        --no-nfs-version 2 \
        --no-nfs-version 3 \
        "${NTHREADS}"
    echo "terminating rpcbind"
    pid=$(pidof rpcbind)
    [ -n "$pid" ] && kill "$pid"
    echo "ready"
 }
 trap stop TERM INT
 boot
 while :; do
    sleep 2073600 &
    wait
 done
--- a/opensmtpd/Dockerfile
+++ b/opensmtpd/Dockerfile
@ -1,15 +0,0 @@
 FROM alpine:3.14
 RUN apk add --update --no-cache \
        opensmtpd \
        opensmtpd-extras \
        rspamd \
        opensmtpd-filter-rspamd && \
    adduser \
        -h /var/vmail \
        -s /sbin/nologin \
        -u 2000 \
        -S -D \
        vmail
 CMD ["smtpd", "-d"]
--- a/opensmtpd/Makefile
+++ b/opensmtpd/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = opensmtpd
 .PHONY: build build-nc
 build: Dockerfile
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/pleroma/Makefile
+++ b/pleroma/Makefile
@ -3,7 +3,7 @@ REGISTRY=registry.monotremata.xyz
 IMG=$(REGISTRY)/$(IMG_NAME)
 PLATFORMS=linux/amd64
-.PHONY: build buildx push
+.PHONY: build push buildx
 build: Dockerfile entrypoint.sh
 	docker build -t $(IMG) .
--- a/rainloop/Dockerfile
+++ b/rainloop/Dockerfile
@ -1,20 +1,8 @@
-FROM alpine:3.14
+FROM php:7.4-fpm-alpine
-RUN apk add --no-cache \
+RUN apk add --no-cache nginx
-        nginx \
+
-        curl \
+RUN addgroup \
        php7-fpm \
        php7 \
        php7-curl \
        php7-iconv \
        php7-json \
 	php7-openssl \
        php7-dom && \
    mkdir -p /var/www/rainloop && \
    cd /var/www/rainloop && \
    curl -sL https://repository.rainloop.net/installer.php | php && \
    sed -i.bak 's/^listen = 127.0.0.1:9000/listen = 9000/' /etc/php7/php-fpm.d/www.conf && \
    addgroup \
        --gid 10001 \
        rainloop && \
    adduser \
@ -23,16 +11,23 @@ RUN apk add --no-cache \
        --ingroup rainloop \
        --disabled-password \
        --shell /sbin/nologin \
-        rainloop && \
+        rainloop
 RUN mkdir -p /var/www/rainloop && \
    cd /var/www/rainloop && \
    curl -sL https://repository.rainloop.net/installer.php | php && \
    mkdir -p /run/nginx /var/run && \
    touch /var/run/nginx.pid && \
-    chown -R rainloop:rainloop \
+    chown -R rainloop:rainloop /var/www/rainloop
-        /var/www/rainloop \
+
-        /var/log/php7 \
+RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini" && \
-        /var/lib/nginx \
+    echo "user=rainloop" >> /usr/local/etc/php-fpm.conf
-        /var/log/nginx \
+
-        /run/nginx \
+COPY nginx.conf /etc/nginx/nginx.conf
-	/var/run/nginx.pid
+
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 USER rainloop
 WORKDIR /var/www/rainloop
 ENTRYPOINT ["/entrypoint.sh"]
--- a/rainloop/Makefile
+++ b/rainloop/Makefile
@ -1,15 +1,19 @@
-IMG_NAME = rainloop
+IMG_NAME=rainloop
-REGISTRY=registry.monotremata.xyz:443
+REGISTRY=registry.monotremata.xyz
 IMG=$(REGISTRY)/$(IMG_NAME)
 PLATFORMS=linux/arm64
-.PHONY: build build-nc push
+.PHONY: build push buildx
-build: Dockerfile
+build: Dockerfile entrypoint.sh nginx.conf
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
-build-nc: Dockerfile
+buildx: Dockerfile entrypoint.sh nginx.conf
-	docker build --no-cache -t $(IMG) .
+	docker buildx build \
 		--platform $(PLATFORMS) \
 		--tag $(IMG) \
 		--push \
 		.
--- a/rainloop/entrypoint.sh
+++ b/rainloop/entrypoint.sh
@ -0,0 +1,7 @@
 #!/bin/sh
 echo "starting daemonized nginx"
 nginx
 echo "starting php-fpm"
 php-fpm
--- a/rainloop/nginx.conf
+++ b/rainloop/nginx.conf
@ -0,0 +1,51 @@
 worker_processes auto;
 pid /var/run/nginx.pid;
 events {
    worker_connections  1024;
 }
 http {
    include /etc/nginx/mime.types;
    default_type  application/octet-stream;
    error_log /dev/stdout info;
    error_log /dev/stderr warn;
    sendfile on;
    index index.php;
    server {
        listen 80;
        root /var/www/rainloop;
        location ^~ /data {
            deny all;
        }
        location ~ \.php$ {
            # regex to split $uri to $fastcgi_script_name and $fastcgi_path
            fastcgi_split_path_info ^(.+?\.php)(/.*)$;
            # Check that the PHP script exists before passing it
            # try_files $fastcgi_script_name =404;
            # Bypass the fact that try_files resets $fastcgi_path_info
            # see: http://trac.nginx.org/nginx/ticket/321
            set $path_info $fastcgi_path_info;
            fastcgi_param PATH_INFO $path_info;
            fastcgi_index index.php;
            include fastcgi.conf;
            fastcgi_pass 127.0.0.1:9000;
        }
        location / {
            try_files $uri $uri/ =404;
        }
    }
 }
 # vi: ft=nginx.conf
--- a/rss-bridge/Dockerfile
+++ b/rss-bridge/Dockerfile
@ -1,20 +0,0 @@
 FROM alpine:3.14
 RUN apk add --no-cache \
        git su-exec nginx php7 php7-fpm \
        php7-curl php7-json php7-mbstring php7-openssl php7-pecl-memcached \
        php7-simplexml php7-sqlite3 php7-xml && \
    sed -i.bak 's/^listen = 127.0.0.1:9000/listen = 9000/' /etc/php7/php-fpm.d/www.conf && \
    mkdir -p /var/www && \
    git clone https://github.com/RSS-Bridge/rss-bridge /var/www/rss-bridge  && \
    adduser -D -h /var/www/rss-bridge rssbridge && \
    chown -R rssbridge:rssbridge \
        /var/www/rss-bridge \
        /var/log/php7
 WORKDIR /var/www/rss-bridge
 COPY entrypoint.sh /entrypoint
 RUN chmod 700 /entrypoint
 ENTRYPOINT ["/entrypoint"]
 CMD ["rss-bridge"]
--- a/rss-bridge/Makefile
+++ b/rss-bridge/Makefile
@ -1,15 +0,0 @@
 IMG_NAME = rss-bridge
 REGISTRY=registry.monotremata.xyz:443
 IMG=$(REGISTRY)/$(IMG_NAME)
 .PHONY: build build-nc push
 build: Dockerfile
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile
 	docker build --no-cache -t $(IMG) .
--- a/rss-bridge/entrypoint.sh
+++ b/rss-bridge/entrypoint.sh
@ -1,14 +0,0 @@
 #!/bin/sh
 set -ex
 case $1 in
    rss-bridge)
        exec su-exec rssbridge php-fpm7 -F
        ;;
    nginx)
        exec nginx -g 'daemon off;'
        ;;
    *)
        exec su-exec rssbridge "$@"
 esac
--- a/sassc/Dockerfile
+++ b/sassc/Dockerfile
@ -1,17 +0,0 @@
 FROM alpine:3.13
 RUN apk add --update --no-cache sassc && \
    addgroup \
        --gid 10001 \
        sassc && \
    adduser \
        --uid 10000 \
        --home /data \
        --ingroup sassc \
        --disabled-password \
        --shell /sbin/nologin \
        sassc
 WORKDIR /data
 USER sassc
 ENTRYPOINT ["sassc"]
--- a/sassc/Makefile
+++ b/sassc/Makefile
@ -1,10 +0,0 @@
 USERNAME = rilla
 IMG_NAME = sassc
 .PHONY: build build-nc
 build: Dockerfile
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 build-nc: Dockerfile
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/syncthing/Dockerfile
+++ b/syncthing/Dockerfile
@ -1,29 +0,0 @@
 # syncthing
 FROM alpine:3.15
 ARG TARGETPLATFORM
 ENV VERSION v1.20.1
 RUN addgroup --gid 10001 syncthing && \
    adduser \
        --uid 10000 \
        --home /var/lib/syncthing \
        --ingroup syncthing \
        --disabled-password \
        --shell /sbin/nologin \
        syncthing && \
    mkdir -p /data && chown -R syncthing:syncthing /data && \
    cd /tmp && \
    ARCH=$(echo "$TARGETPLATFORM" | sed 's/\//-/') && \
    RELEASE="syncthing-${ARCH}-${VERSION}" && \
    URI="https://github.com/syncthing/syncthing/releases/download/${VERSION}/${RELEASE}.tar.gz" && \
    echo "$URI" && \
    wget "${URI}" && \
    tar -xzf "${RELEASE}.tar.gz" && \
    cp "/tmp/${RELEASE}/syncthing" /usr/local/bin/syncthing && \
    rm -r "/tmp/${RELEASE}" "/tmp/${RELEASE}.tar.gz"
 VOLUME /data /var/lib/syncthing
 USER syncthing
 CMD ["/usr/local/bin/syncthing", "-home=/var/lib/syncthing"]
--- a/syncthing/Makefile
+++ b/syncthing/Makefile
@ -1,31 +0,0 @@
 IMG_NAME = syncthing
 REGISTRY=registry.monotremata.xyz
 IMG=$(REGISTRY)/$(IMG_NAME)
 PLATFORMS=linux/amd64,linux/arm64
 .PHONY: build build-nc buildx push
 hw=$(shell uname -m)
 ifeq ($(hw), x86_64)
 	TARGETPLATFORM=linux/amd64
 else ifeq ($(hw), aarch64)
 	TARGETPLATFORM=linux/arm64
 else
 	TARGETPLATFORM=linux/$(hw)
 endif
 build: Dockerfile
 	docker build -t $(IMG) --build-arg TARGETPLATFORM=$(TARGETPLATFORM) .
 buildx: Dockerfile
 	docker buildx build \
 		--platform $(PLATFORMS) \
 		--tag $(IMG) \
 		--push \
 		.
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile
 	docker build --no-cache -t $(IMG) --build-arg ARCH=$(ARCH) .
--- a/tasks/Dockerfile
+++ b/tasks/Dockerfile
@ -1,10 +0,0 @@
 FROM alpine:3.14
 RUN apk add --update --no-cache \
        docker-compose \
        docker
 COPY entrypoint.sh /entrypoint
 RUN chmod +x /entrypoint
 ENTRYPOINT ["/entrypoint"]
--- a/tasks/Makefile
+++ b/tasks/Makefile
@ -1,15 +0,0 @@
 IMG_NAME = tasks
 REGISTRY=registry.monotremata.xyz:443
 IMG=$(REGISTRY)/$(IMG_NAME)
 .PHONY: build build-nc push
 build: Dockerfile entrypoint.sh
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile entrypoint.sh
 	docker build --no-cache -t $(IMG)
--- a/tasks/entrypoint.sh
+++ b/tasks/entrypoint.sh
@ -1,11 +0,0 @@
 #!/bin/sh
 set -e
 [ -f /tasks/tasks.cron ] && crontab /tasks/tasks.cron
 if [ -n "$*" ]; then
    exec "$@"
 else
    exec crond -f -L /dev/stdout
 fi
--- a/transmission/Dockerfile
+++ b/transmission/Dockerfile
@ -1,32 +1,4 @@
-FROM alpine:3.14
+FROM alpine:3.16
 ENV VER 3.00
 RUN apk add --no-cache --virtual .build-deps \
        curl \
        cmake \
        make \
        gcc \
        g++ \
        musl-dev \
        curl-dev \
        automake \
        autoconf \
        libtool && \
    mkdir -p /usr/local/src && \
    curl -L \
        --output "/usr/local/src/transmission-${VER}.tar.xz" \
        "https://github.com/transmission/transmission-releases/raw/master/transmission-${VER}.tar.xz" && \
    tar -xf "/usr/local/src/tranmission-${VER}.tar.xz" -C /usr/local/src && \
    mkdir -p /usr/local/src/transmission/build && \
    cd /usr/local/src/transmission/build && \
    cmake .. && \
    make && \
    make install && \
    cd / && \
    rm -r /usr/local/src && \
    apk del .build-deps && \
    apk add --no-cache curl
 RUN addgroup \
        --gid 10001 \
@ -37,8 +9,11 @@ RUN addgroup \
        --ingroup transmission \
        --disabled-password \
        --shell /sbin/nologin \
-        transmission && \
+        transmission
-    mkdir -p \
+
 RUN apk add --no-cache transmission-daemon
 RUN mkdir -p \
        /var/lib/transmission/blocklists \
        /var/lib/transmission/downloads \
        /var/lib/transmission/incomplete \
@ -50,4 +25,4 @@ ENV TRANSMISSION_HOME /var/lib/transmission
 USER transmission
 WORKDIR /var/lib/transmission
-CMD ["/usr/local/bin/transmission-daemon", "--foreground"]
+CMD ["/usr/bin/transmission-daemon", "--foreground"]
--- a/transmission/Makefile
+++ b/transmission/Makefile
@ -1,8 +1,9 @@
-IMG_NAME = transmission
+IMG_NAME=transmission
-REGISTRY=registry.monotremata.xyz:443
+REGISTRY=registry.monotremata.xyz
 IMG=$(REGISTRY)/$(IMG_NAME)
 PLATFORMS=linux/arm64
-.PHONY: build build-nc push
+.PHONY: build push buildx
 build: Dockerfile
 	docker build -t $(IMG) .
@ -10,5 +11,9 @@ build: Dockerfile
 push: build
 	docker image push $(IMG)
-build-nc: Dockerfile
+buildx: Dockerfile
-	docker build --no-cache -t $(IMG) .
+	docker buildx build \
 		--platform $(PLATFORMS) \
 		--tag $(IMG) \
 		--push \
 		.
--- a/vdirsyncer/Dockerfile
+++ b/vdirsyncer/Dockerfile
@ -1,25 +0,0 @@
 FROM alpine:3.14
 RUN apk add --no-cache python3 py3-pip su-exec && \
    pip3 install --upgrade pip && \
    pip3 install vdirsyncer vdirsyncer[google] requests_oauthlib && \
    addgroup --gid 10001 vdirsyncer && \
    adduser \
        --empty-password \
        --home /var/lib/vdirsyncer \
        --uid 10000 \
        --ingroup vdirsyncer \
        vdirsyncer && \
    mkdir -p /var/lib/vdirsyncer/status /var/lib/vdirsyncer/tokens && \
    touch /var/lib/vdirsyncer/config && \
    chown -R vdirsyncer:vdirsyncer /var/lib/vdirsyncer
 COPY crontab /crontab
 COPY entrypoint.sh /entrypoint
 COPY do_sync.sh /do_sync
 RUN chmod +x /entrypoint /do_sync
 ENTRYPOINT ["/entrypoint"]
 CMD ["task"]
 ENV VDIRSYNCER_CONFIG /var/lib/vdirsyncer/config
--- a/vdirsyncer/Makefile
+++ b/vdirsyncer/Makefile
@ -1,20 +0,0 @@
 IMG_NAME = vdirsyncer
 USERNAME = rilla
 REGISTRY=registry.monotremata.xyz:443
 LOCAL_IMG=$(USERNAME)/$(IMG_NAME)
 REGISTRY_IMG=$(REGISTRY)/$(IMG_NAME)
 .PHONY: build build-nc tag push
 build: Dockerfile entrypoint.sh crontab do_sync.sh
 	docker build -t $(USERNAME)/$(IMG_NAME) .
 tag: build
 	docker image tag $(LOCAL_IMG) $(REGISTRY_IMG)
 push: tag
 	docker image push $(REGISTRY_IMG)
 build-nc: Dockerfile entrypoint.sh crontab do_sync.sh
 	docker build --no-cache -t $(USERNAME)/$(IMG_NAME) .
--- a/vdirsyncer/crontab
+++ b/vdirsyncer/crontab
@ -1 +0,0 @@
 */15 * * * * /do_sync
--- a/vdirsyncer/do_sync.sh
+++ b/vdirsyncer/do_sync.sh
@ -1,4 +0,0 @@
 #!/bin/sh
 export VDIRSYNCER_CONFIG=/var/lib/vdirsyncer/config
 vdirsyncer discover && vdirsyncer sync
--- a/vdirsyncer/entrypoint.sh
+++ b/vdirsyncer/entrypoint.sh
@ -1,25 +0,0 @@
 #!/bin/sh
 mkdir -p /var/lib/vdirsyncer/tokens /var/lib/vdirsyncer/status
 chown -R vdirsyncer:vdirsyncer \
    /var/lib/vdirsyncer/tokens \
    /var/lib/vdirsyncer/status
 export VDIRSYNCER_CONFIG=/var/lib/vdirsyncer/config
 case $1 in
    discover)
        exec su-exec vdirsyncer vdirsyncer "$@"
        ;;
    sync)
        exec su-exec vdirsyncer vdirsyncer "$@"
        ;;
    task)
        su-exec vdirsyncer vdirsyncer discover && \
            /usr/bin/crontab -u vdirsyncer /crontab && \
            exec /usr/sbin/crond -f -L /dev/stdout
        ;;
    *)
        exec "$@"
        ;;
 esac
--- a/webdav/Dockerfile
+++ b/webdav/Dockerfile
@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 RUN apk add --no-cache nginx nginx-mod-http-dav-ext
 COPY nginx.conf /etc/nginx/nginx.conf
--- a/webdav/Makefile
+++ b/webdav/Makefile
@ -3,20 +3,17 @@ REGISTRY=registry.monotremata.xyz
 IMG=$(REGISTRY)/$(IMG_NAME)
 PLATFORMS=linux/amd64,linux/arm64
-.PHONY: build build-nc push
+.PHONY: build push buildx
 build: Dockerfile
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
 buildx: Dockerfile
 	docker buildx build \
 	    --platform $(PLATFORMS) \
 	    --tag $(IMG) \
 	    --push \
 	    .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile
 	docker build --no-cache -t $(IMG) .
--- a/xandikos/Dockerfile
+++ b/xandikos/Dockerfile
@ -1,31 +0,0 @@
 FROM alpine:3.14
 RUN apk add --no-cache \
        git \
        python3 \
        su-exec && \
    apk add --no-cache --virtual .build-deps \
        gcc \
        musl-dev \
        py3-pip \
        python3-dev && \
    pip3 install --upgrade pip && \
    pip3 install \
        aiohttp \
        icalendar \
        dulwich>=0.19.1 \
        defusedxml \
        jinja2 \
        multidict \
        prometheus-client && \
    # apk del .build-deps && \
    mkdir -p /opt && \
    git clone https://github.com/jelmer/xandikos /opt/xandikos && \
    adduser -D -h /var/lib/xandikos xandikos && \
    mkdir -p /var/lib/xandikos/data && \
    chown -R xandikos:xandikos /var/lib/xandikos
 COPY entrypoint.sh /entrypoint
 RUN chmod +x /entrypoint
 ENTRYPOINT ["/entrypoint"]
 CMD ["xandikos"]
--- a/xandikos/Makefile
+++ b/xandikos/Makefile
@ -1,15 +0,0 @@
 IMG_NAME = xandikos
 REGISTRY=registry.monotremata.xyz:443
 IMG=$(REGISTRY)/$(IMG_NAME)
 .PHONY: build build-nc push
 build: Dockerfile entrypoint.sh
 	docker build -t $(IMG) .
 push: build
 	docker image push $(IMG)
 build-nc: Dockerfile entrypoint.sh
 	docker build --no-cache -t $(IMG) .
--- a/xandikos/entrypoint.sh
+++ b/xandikos/entrypoint.sh
@ -1,28 +0,0 @@
 #!/bin/sh
 set -xe
 PORT=${PORT:-8000}
 ROUTE_PREFIX=${ROUTE_PREFIX:-/}
 current_user_principal="/user"
 chown -R xandikos:xandikos /var/lib/xandikos
 case $1 in
    xandikos)
        cd /opt/xandikos
        exec su-exec xandikos python3 -m xandikos.web \
                --port="${PORT}" \
                --listen-address='0.0.0.0' \
                -d /var/lib/xandikos/data \
                --current-user-principal="${current_user_principal}" \
                --route-prefix "${ROUTE_PREFIX}" \
                --autocreate \
                --defaults
        ;;
    *)
        exec "$@"
        ;;
 esac
Author	SHA1	Message	Date
Ricard Illa	981ae49aa0	embed nginx into rainloop image	2022-08-16 18:01:04 +02:00
Ricard Illa	413711a3a8	mention binfmt on readme	2022-08-16 16:51:17 +02:00
Ricard Illa	e6400fbd06	minor change	2022-08-16 16:50:59 +02:00
Ricard Illa	50d961d833	upgrade alpine image versions	2022-08-16 16:50:44 +02:00
Ricard Illa	47360839bc	use transmission packaged by alpine	2022-08-16 15:22:32 +02:00
Ricard Illa	e19c29924f	makefile cleanups	2022-08-16 13:07:00 +02:00
Ricard Illa	d7f6afed8e	updated readme file	2022-08-16 12:47:24 +02:00
Ricard Illa	cf492ec307	removed unused image	2022-08-16 12:45:56 +02:00
Ricard Illa	5b1126933e	updated readme file	2022-08-16 12:43:32 +02:00
Ricard Illa	b26d0d8b71	removed unused images	2022-08-16 11:50:01 +02:00
Ricard Illa	23020b8398	removed unused images	2022-08-16 11:44:14 +02:00
		`@ -1,3 +0,0 @@`
			`#!/bin/sh`

			`[ -n "$VAULT_PASSWORD" ] && echo "$VAULT_PASSWORD"`
		`@ -1,3 +0,0 @@`
			`#!/bin/sh`

			`/usr/local/bin/build-pystagit-index`
		`@ -1,3 +0,0 @@`
			`#!/bin/sh`

			`/usr/local/bin/build-pystagit-repos`