skobkin/phanpy-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
6 commits 1 branch 0 tags 40 KiB
  • Shell 86.2%
  • Dockerfile 13.8%
Find a file
Exact
Alexey Skobkin 94e8ea10a0
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/manual/ci Pipeline was successful
Details
ci/woodpecker/cron/ci Pipeline was successful
Details
Document Docker Hub and GHCR image name formats
2026-03-15 06:53:07 +03:00
.woodpecker Use Woodpecker secrets for all repository-specific pipeline config 2026-03-15 06:23:50 +03:00
ci Escape buildx secret spec for Woodpecker plugin parsing 2026-03-15 06:26:49 +03:00
nginx initial 2026-03-15 05:45:16 +03:00
.dockerignore initial 2026-03-15 05:45:16 +03:00
.gitignore initial 2026-03-15 05:45:16 +03:00
Dockerfile initial 2026-03-15 05:45:16 +03:00
README.md Document Docker Hub and GHCR image name formats 2026-03-15 06:53:07 +03:00

README.md

phanpy-docker status-badge

Builds and publishes a self-hosted Docker image for Phanpy with Woodpecker CI.

The repository is designed for scheduled and manual Woodpecker runs:

  • On every eligible run, CI checks the latest upstream GitHub release from cheeaun/phanpy.
  • If that release tag is already published to both configured registries, the pipeline exits successfully and does not build a new image.
  • If the release is missing from at least one target registry, CI builds the static Phanpy bundle and publishes two tags to each registry: the upstream release version and latest.

The produced image is intentionally simple:

  • Multi-stage build to keep the final image small.
  • nginx:stable-alpine runtime image.
  • Plain HTTP only on port 80.
  • No TLS or certificate management inside the container.

Woodpecker setup

Create a cron job in the Woodpecker repository settings with:

  • Name: daily-release-check
  • Schedule: @daily

The pipeline also supports manual Woodpecker triggers.

woodpeckerci/plugin-docker-buildx:6 needs privileged execution. In Woodpecker, make sure this repository is trusted and that the plugin image is allowed in WOODPECKER_PLUGINS_PRIVILEGED on the server or agent side.

Required secrets

Configure these Woodpecker secrets:

  • DOCKERHUB_IMAGE_REPO
  • GHCR_IMAGE_REPO
  • DOCKERHUB_LOGIN
  • DOCKERHUB_TOKEN
  • GHCR_LOGIN
  • GHCR_TOKEN
  • PHANPY_BUILD_ENV

This repository intentionally uses Woodpecker secrets for all repository-specific inputs, including the image repository names. That keeps manual and cron runs on the same config path and avoids depending on cron-only environment overrides.

DOCKERHUB_IMAGE_REPO is the target repository on Docker Hub, for example skobkin/phanpy.

GHCR_IMAGE_REPO is the target repository on GHCR, for example ghcr.io/skobkin/phanpy-docker.

Repository name format matters:

  • DOCKERHUB_IMAGE_REPO must be in Docker Hub format: <namespace>/<repository>
  • GHCR_IMAGE_REPO must be in GHCR format: ghcr.io/<namespace>/<repository>

PHANPY_BUILD_ENV should contain the Phanpy build-time environment in .env format. CI passes it into the Docker build as a BuildKit secret so the values are not committed to this repository.

Example:

PHANPY_CLIENT_NAME=My Phanpy
PHANPY_WEBSITE=https://phanpy.example.com
PHANPY_DEFAULT_INSTANCE=mastodon.social
PHANPY_DEFAULT_INSTANCE_REGISTRATION_URL=https://mastodon.social/auth/sign_up
PHANPY_PRIVACY_POLICY_URL=https://example.com/privacy
PHANPY_TRANSLANG_INSTANCES=translate.example.com
PHANPY_DISALLOW_ROBOTS=1

Only include the variables you actually need. Upstream Phanpy supports build-time customization; see the upstream README for the full list.

Image behavior

The image serves the already-built static application from Nginx.

  • Container port: 80
  • TLS termination: out of scope
  • Reverse proxy / ingress: expected to be handled externally

Example:

docker run --rm -p 8080:80 ghcr.io/example/phanpy-docker:latest

Then put your own reverse proxy, ingress, or load balancer in front of it if you need HTTPS.