Merge pull request #2101 from chipitsine/master

CI: move docker build machinery to the main repo

.github/workflows/docker-vpnbridge.yml

@@ -0,0 +1,59 @@
+name: docker-vpnbridge
+
+on:
+  push:
+    branches: 
+      - 'master'
+    tags:
+      - '*'
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  docker-vpnbridge:
+    strategy:
+      matrix:
+        variant: [
+          { name: amd64, platform: "linux/amd64", repo: "softethervpn/vpnbridge" },
+          { name: arm64, platform: "linux/arm64", repo: "softethervpn/vpnbridge-arm64" }
+        ]
+    name: vpnbridge/${{ matrix.variant.name }}
+    runs-on: ubuntu-latest
+    if: ${{ github.repository_owner == 'SoftEtherVPN' }}
+    steps:
+      -
+        name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ matrix.variant.repo }}
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          image: tonistiigi/binfmt:qemu-v9.2.0
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          file: ./Dockerfile
+          target: vpnbridge
+          platforms: ${{ matrix.variant.platform }}
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/docker-vpnclient.yml

@@ -0,0 +1,59 @@
+name: docker-vpnclient
+
+on:
+  push:
+    branches: 
+      - 'master'
+    tags:
+      - '*'
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  docker-vpnclient:
+    strategy:
+      matrix:
+        variant: [
+          { name: amd64, platform: "linux/amd64", repo: "softethervpn/vpnclient" },
+          { name: arm64, platform: "linux/arm64", repo: "softethervpn/vpnclient-arm64" }
+        ]
+    name: vpnclient/${{ matrix.variant.name }}
+    runs-on: ubuntu-latest
+    if: ${{ github.repository_owner == 'SoftEtherVPN' }}
+    steps:
+      -
+        name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ matrix.variant.repo }}
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          image: tonistiigi/binfmt:qemu-v9.2.0
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to DockerHub
+        if: ${{ github.event_name != 'pull_request' }}
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          file: ./Dockerfile
+          target: vpnclient
+          platforms: ${{ matrix.variant.platform }}
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/docker-vpnserver.yml

@@ -0,0 +1,59 @@
+name: docker-vpnserver
+
+on:
+  push:
+    branches: 
+      - 'master'
+    tags:
+      - '*'
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  docker:
+    strategy:
+      matrix:
+        variant: [
+          { name: amd64, platform: "linux/amd64", repo: "softethervpn/vpnserver" },
+          { name: arm64, platform: "linux/arm64", repo: "softethervpn/vpnserver-arm64" }
+        ]
+    name: vpnserver/${{ matrix.variant.name }}
+    runs-on: ubuntu-latest
+    if: ${{ github.repository_owner == 'SoftEtherVPN' }}
+    steps:
+      -
+        name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ matrix.variant.repo }}
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          image: tonistiigi/binfmt:qemu-v9.2.0
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to DockerHub
+        if: ${{ github.event_name != 'pull_request' }}
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          file: ./Dockerfile
+          target: vpnserver
+          push: ${{ github.event_name != 'pull_request' }}
+          platforms: ${{ matrix.variant.platform }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -0,0 +1,51 @@
+FROM alpine AS builder
+RUN mkdir /usr/local/src && apk add binutils --no-cache\
+        linux-headers \
+	build-base \
+        readline-dev \
+        openssl-dev \
+        ncurses-dev \
+        git \
+        cmake \
+        zlib-dev \
+        libsodium-dev \
+        gnu-libiconv 
+
+ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so
+ADD ./ /usr/local/src/SoftEtherVPN/
+WORKDIR /usr/local/src
+ENV USE_MUSL=YES
+ENV CMAKE_FLAGS="-DSE_PIDDIR=/run/softether -DSE_LOGDIR=/var/log/softether -DSE_DBDIR=/var/lib/softether"
+RUN cd SoftEtherVPN &&\
+        ./configure &&\
+	make -j $(getconf _NPROCESSORS_ONLN) -C build
+
+FROM alpine AS base
+RUN apk add --no-cache readline \
+        openssl \
+        libsodium \
+        gnu-libiconv \
+        iptables
+ENV LD_PRELOAD=/usr/lib/preloadable_libiconv.so
+WORKDIR /usr/local/bin
+VOLUME /var/log/softether
+VOLUME /var/lib/softether
+VOLUME /run/softether
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpncmd /usr/local/src/SoftEtherVPN/build/hamcore.se2 ./
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/libcedar.so /usr/local/src/SoftEtherVPN/build/libmayaqua.so /usr/local/lib/
+
+
+FROM base AS vpnserver
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnserver ./
+EXPOSE 443/tcp 992/tcp 1194/tcp 1194/udp 5555/tcp 500/udp 4500/udp
+CMD ["/usr/local/bin/vpnserver", "execsvc"]
+
+
+FROM base AS vpnclient
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnclient ./
+CMD ["/usr/local/bin/vpnclient", "execsvc"]
+
+
+FROM base AS vpnbridge
+COPY --from=builder /usr/local/src/SoftEtherVPN/build/vpnbridge ./
+CMD ["/usr/local/bin/vpnbridge", "execsvc"]

docker-compose.vpnclient.yaml

@@ -0,0 +1,16 @@
+version: '3'
+
+services:
+  softether:
+    image: softethervpn/vpnclient:latest
+    devices:
+      - /dev/net/tun:/dev/net/tun
+    cap_add:
+      - NET_ADMIN
+    restart: always
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/etc/timezone:/etc/timezone:ro"
+      - "./softether_data:/var/lib/softether"
+      - "./softether_log:/var/log/softether"
+      # - "./adminip.txt:/var/lib/softether/adminip.txt:ro"

docker-compose.yaml

@@ -0,0 +1,23 @@
+version: '3'
+
+services:
+  softether:
+    image: softethervpn/vpnserver:latest
+    cap_add:
+      - NET_ADMIN
+    restart: always
+    ports:
+      #- 53:53         #DNS tunneling
+      - 443:443         #Management and HTTPS tunneling
+      - 992:992         #HTTPS tunneling
+      #- 1194:1194/udp #OpenVPN 
+      #- 5555:5555       #HTTPS tunneling
+      #- 500:500/udp   #IPsec/L2TP
+      #- 4500:4500/udp #IPsec/L2TP
+      #- 1701:1701/udp #IPsec/L2TP
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/etc/timezone:/etc/timezone:ro"
+      - "./softether_data:/var/lib/softether"
+      - "./softether_log:/var/log/softether"
+      # - "./adminip.txt:/var/lib/softether/adminip.txt:ro"