From fb74cfb7891a4a8670716f14d17610c696684d5b Mon Sep 17 00:00:00 2001 From: hhhhsc <1710496817@qq.com> Date: Fri, 13 Feb 2026 10:08:12 +0800 Subject: [PATCH 1/2] =?UTF-8?q?=E6=94=AF=E6=8C=81=E8=AF=81=E4=B9=A6?= =?UTF-8?q?=E8=87=AA=E7=AD=BE=E5=8F=91=E7=BB=AD=E8=AE=A2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- deployment/helm/datamate/values.yaml | 6 ++++++ scripts/images/frontend/Dockerfile | 6 +++++- scripts/images/frontend/start.sh | 11 ++++++++++- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/deployment/helm/datamate/values.yaml b/deployment/helm/datamate/values.yaml index 1044b809..a95bdf34 100644 --- a/deployment/helm/datamate/values.yaml +++ b/deployment/helm/datamate/values.yaml @@ -41,6 +41,7 @@ public: data: DB_PASSWORD: "password" CERT_PASS: "" + DOMAIN: "" datasetVolume: &datasetVolume name: dataset-volume @@ -177,6 +178,11 @@ frontend: secretKeyRef: name: datamate-conf key: CERT_PASS + - name: DOMAIN + valueFrom: + secretKeyRef: + name: datamate-conf + key: DOMAIN volumes: - *logVolume - name: cert-volume diff --git a/scripts/images/frontend/Dockerfile b/scripts/images/frontend/Dockerfile index 8f806b66..d9d83f69 100644 --- a/scripts/images/frontend/Dockerfile +++ b/scripts/images/frontend/Dockerfile @@ -12,7 +12,11 @@ FROM nginx:1.29 AS runner RUN --mount=type=cache,target=/var/cache/apt \ --mount=type=cache,target=/var/lib/apt \ apt update \ - && apt install -y dos2unix + && apt install -y dos2unix python3 python3-dev python3-venv libaugeas-dev gcc \ + && python3 -m venv /opt/certbot/ \ + && /opt/certbot/bin/pip install --upgrade pip \ + && /opt/certbot/bin/pip install certbot certbot-nginx \ + && ln -s /opt/certbot/bin/certbot /usr/local/bin/certbot COPY --from=builder /app/dist /opt/frontend/statics COPY scripts/images/frontend/routes.inc /opt/frontend/routes.inc diff --git a/scripts/images/frontend/start.sh b/scripts/images/frontend/start.sh index 05f8cdcf..fc3b4aed 100644 --- a/scripts/images/frontend/start.sh +++ b/scripts/images/frontend/start.sh @@ -21,7 +21,16 @@ if [ -f "/etc/nginx/cert/server.pem" ]; then else cp /opt/frontend/http_backend.conf /etc/nginx/conf.d/default.conf cp /opt/frontend/routes.inc /etc/nginx/conf.d/routes.inc - echo "Switching to HTTP config" + + if [ -n "$DOMAIN" ]; then + cron + certbot --nginx "-d ${DOMAIN//,/ -d }" + echo "Switching to HTTPS config, Domain: $DOMAIN" + echo "0 0 1 * * root /usr/local/bin/certbot renew --quiet" | tee /etc/cron.d/certbot-renew + chmod 0644 /etc/cron.d/certbot-renew + else + echo "Switching to HTTP config" + fi fi exec nginx -g "daemon off;" From 55493d144d973ca0cd67d72e6582d8abb54904b6 Mon Sep 17 00:00:00 2001 From: hhhhsc <1710496817@qq.com> Date: Fri, 13 Feb 2026 10:19:25 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E4=BF=AE=E5=A4=8Ddocker=20=E6=9E=84?= =?UTF-8?q?=E5=BB=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-images-reusable.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-images-reusable.yml b/.github/workflows/docker-images-reusable.yml index 9803ac42..66e041a1 100644 --- a/.github/workflows/docker-images-reusable.yml +++ b/.github/workflows/docker-images-reusable.yml @@ -153,7 +153,6 @@ jobs: - name: Manifest Docker Image run: | - docker manifest create ${{ steps.set-tag.outputs.TAGS }} \ + docker buildx imagetools create -t ${{ steps.set-tag.outputs.TAGS }} \ ${{ steps.set-tag.outputs.AMD_TAGS }} \ - ${{ steps.set-tag.outputs.ARM_TAGS }} - docker manifest push ${{ steps.set-tag.outputs.TAGS }} \ No newline at end of file + ${{ steps.set-tag.outputs.ARM_TAGS }} \ No newline at end of file