diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d73fadbb..8b5c08ec 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,13 +14,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 - - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ secrets.DOCKER_USERNAME }}/moviepilot + uses: actions/checkout@v4 - name: Release version @@ -29,6 +23,16 @@ jobs: app_version=$(cat version.py |sed -ne "s/APP_VERSION\s=\s'v\(.*\)'/\1/gp") echo "app_version=$app_version" >> $GITHUB_ENV + - + name: Docker meta + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ secrets.DOCKER_USERNAME }}/moviepilot + tags: | + type=raw,value=${{ env.app_version }} + type=raw,value=latest + - name: Set Up QEMU uses: docker/setup-qemu-action@v2 @@ -52,11 +56,9 @@ jobs: file: Dockerfile platforms: | linux/amd64 - linux/arm64 + linux/arm64/v8 push: true build-args: | MOVIEPILOT_VERSION=${{ env.app_version }} - tags: | - ${{ secrets.DOCKER_USERNAME }}/moviepilot:latest - ${{ secrets.DOCKER_USERNAME }}/moviepilot:${{ env.app_version }} + tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ad6f9149..1e42c769 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Release Version diff --git a/Dockerfile b/Dockerfile index d245e254..64ea4ff1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -48,6 +48,7 @@ RUN apt-get update \ busybox \ dumb-init \ jq \ + haproxy \ && \ if [ "$(uname -m)" = "x86_64" ]; \ then ln -s /usr/lib/x86_64-linux-musl/libc.so /lib/libc.musl-x86_64.so.1; \ @@ -58,7 +59,7 @@ RUN apt-get update \ && cp -f /app/update /usr/local/bin/mp_update \ && cp -f /app/entrypoint /entrypoint \ && chmod +x /entrypoint /usr/local/bin/mp_update \ - && mkdir -p ${HOME} \ + && mkdir -p ${HOME} /var/lib/haproxy/server-state \ && groupadd -r moviepilot -g 911 \ && useradd -r moviepilot -g moviepilot -d ${HOME} -s /bin/bash -u 911 \ && apt-get install -y build-essential \ @@ -82,5 +83,5 @@ RUN apt-get update \ /var/lib/apt/lists/* \ /var/tmp/* EXPOSE 3000 -VOLUME ["/config", "/var/run/docker.sock"] +VOLUME [ "/config" ] ENTRYPOINT [ "/entrypoint" ] diff --git a/README.md b/README.md index d22f7d8a..b54d88f8 100644 --- a/README.md +++ b/README.md @@ -227,7 +227,7 @@ docker pull jxxghp/moviepilot:latest - 通过微信/Telegram/Slack远程管理,其中微信/Telegram将会自动添加操作菜单(微信菜单条数有限制,部分菜单不显示),微信需要在官方页面设置回调地址,地址相对路径为:`/api/v1/message/`。 - 设置媒体服务器Webhook,通过MoviePilot发送播放通知等。Webhook回调相对路径为`/api/v1/webhook?token=moviepilot`(`3001`端口),其中`moviepilot`为设置的`API_TOKEN`。 - 将MoviePilot做为Radarr或Sonarr服务器添加到Overseerr或Jellyseerr(`3001`端口),可使用Overseerr/Jellyseerr浏览订阅。 -- 映射宿主机docker.sock文件到容器`/var/run/docker.sock`,以支持内建重启操作(需要root权限)。 +- 映射宿主机docker.sock文件到容器`/var/run/docker.sock`,以支持内建重启操作。实例:`-v /var/run/docker.sock:/var/run/docker.sock:ro` **注意** diff --git a/app/utils/system.py b/app/utils/system.py index 72c96a39..86c54b1f 100644 --- a/app/utils/system.py +++ b/app/utils/system.py @@ -309,7 +309,7 @@ class SystemUtils: """ try: # 创建 Docker 客户端 - client = docker.from_env() + client = docker.DockerClient(base_url='tcp://127.0.0.1:2375') # 获取当前容器的 ID container_id = open("/proc/self/cgroup", "r").read().split("/")[-1] if not container_id: diff --git a/entrypoint b/entrypoint index 3e3e5975..0ef5a81b 100644 --- a/entrypoint +++ b/entrypoint @@ -26,6 +26,10 @@ chown moviepilot:moviepilot /etc/hosts /tmp gosu moviepilot:moviepilot playwright install chromium # 启动前端nginx服务 nginx +# 启动haproxy +if [ -S "/var/run/docker.sock" ]; then + haproxy -f /app/haproxy.cfg +fi # 设置后端服务权限掩码 umask ${UMASK} # 启动后端服务 diff --git a/haproxy.cfg b/haproxy.cfg new file mode 100644 index 00000000..5e01d837 --- /dev/null +++ b/haproxy.cfg @@ -0,0 +1,60 @@ +global + log stdout format raw daemon info + + user root + group root + + daemon + + pidfile /run/haproxy.pid + maxconn 4000 + + # Turn on stats unix socket + server-state-file /var/lib/haproxy/server-state + + setenv POST 1 + setenv ALLOW_RESTARTS 1 + setenv CONTAINERS 1 + setenv VERSION 1 + +defaults + mode http + log global + option httplog + option dontlognull + option http-server-close + option redispatch + retries 3 + timeout http-request 10s + timeout queue 1m + timeout connect 10s + timeout client 10m + timeout server 10m + timeout http-keep-alive 10s + timeout check 10s + maxconn 3000 + + # Allow seamless reloads + load-server-state-from-file global + + # Use provided example error pages + errorfile 400 /etc/haproxy/errors/400.http + errorfile 403 /etc/haproxy/errors/403.http + errorfile 408 /etc/haproxy/errors/408.http + errorfile 500 /etc/haproxy/errors/500.http + errorfile 502 /etc/haproxy/errors/502.http + errorfile 503 /etc/haproxy/errors/503.http + errorfile 504 /etc/haproxy/errors/504.http + +backend dockerbackend + server dockersocket /var/run/docker.sock + +frontend dockerfrontend + bind :2375 + http-request deny unless METH_GET || { env(POST) -m bool } + http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool } + http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers } { env(CONTAINERS) -m bool } + http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/version } { env(VERSION) -m bool } + http-request deny + default_backend dockerbackend +