Skip to content
Snippets Groups Projects
Commit 3823cc61 authored by Your Name's avatar Your Name
Browse files

init

parents
No related branches found
No related tags found
No related merge requests found
name: Docker
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
on:
push:
branches: [ master ]
# Publish semver tags as releases.
tags: [ 'v*.*.*' ]
pull_request:
branches: [ master ]
env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Install the cosign tool except on PR
# https://github.com/sigstore/cosign-installer
- name: Install cosign
if: github.event_name != 'pull_request'
uses: sigstore/cosign-installer@1e95c1de343b5b0c23352d6417ee3e48d5bcd422
with:
cosign-release: 'v1.4.0'
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
all.js
*.zip
from ubuntu:22.04
run apt update -y && DEBIAN_FRONTEND="noninteractive" apt install -y unzip curl nodejs nginx php php-fpm
copy . /src
run cd /src && \
./download-latest-zip.sh && \
unzip latest.zip && \
mv /src/jiangsu-health-code-offline/repo /repo
run mv /src/nginx.conf /etc/nginx/nginx.conf
run echo '<html><script>window.location.replace("jkmIndex.html?token=1")</script>redirecting...</html>' > /repo/index.html
workdir /repo
# cmd /src/go.sh
cmd ["bash","-c","/src/patch-repo.sh && /src/go.sh"]
# Healthcode in docker
I saw this great project on the Internet, so I put it into docker. Now it allows one-click deploy!
## Usage
For example, if you want to host the healthcode at `http://localhost:80`:
```bash
docker run -tid --restart=always --log-opt max-size=10M -p 80:80 --name healthcode ghcr.io/say-no-to-wechat/jiangsu-health-code-offline-docker:master
```
Further more, you can set some environment variables to modify personal information and prefix URL. Like this:
```
-e NAME=中华鲟 -e PHONE=15311112222 -e IDCARD="111******222" -e URL_PREFIX="https://my-reverse-proxy.com/my-path"
```
## Build
```bash
sudo docker build -f Dockerfile -t ghcr.io/say-no-to-wechat/jiangsu-health-code-offline-docker:master .
```
## FAQ
- I want to change the QR code from env
You have to modify api.php manually. I am lazy.
You can also add this feature into patch-repo.sh and raise a PR. I appreciate it.
- It is not working
Use F12 to see which request is failing, and test the request in cURL.
Carefully see what's wrong in your failed URL. 80% issue is caused by wrong URL PREFIX.
aes.js 0 → 100644
This diff is collapsed.
#!/bin/bash
# The idiot author is using a idiot site to host the file... crack it.
function get_cookie () {
echo 'var slowAES = require("./aes.js").slowAES;' > all.js
curl -s 'http://xvddpwiirgbw.byethost5.com/kkPH/' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:99.0) Gecko/20100101 Firefox/99.0' | sed 's/^.*<script>//g' | sed 's/document.cookie.*$//g' >> all.js || exit $?
echo 'console.log("__test=" + toHex(slowAES.decrypt(c, 2, a, b)));' >> all.js
node all.js || exit $?
rm -f all.js
}
function curl_ () {
ck=`get_cookie` || exit $?
curl -s -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:99.0) Gecko/20100101 Firefox/99.0' --cookie "$ck" "$@"
return $?
}
echo "Fetching file list..."
fname=`curl_ http://xvddpwiirgbw.byethost5.com/kkPH/ | grep -o '".*"' | grep zip | tr -d '"'` || exit $?
echo "Downloading $fname as latest.zip..."
curl_ "http://xvddpwiirgbw.byethost5.com/kkPH/$fname" -o latest.zip || exit $?
go.sh 0 → 100755
#!/bin/bash
function dothing () {
echo starting
nginx || return $? # auto fork
mkdir -p /run/php
php-fpm8.1 || return $? # auto fork
echo done
}
dothing &&
/bin/bash
exit $?
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
root /repo;
# Add index.php to the list if you are using PHP
index index.html index.htm index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~* \.php$ {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
}
}
#!/bin/bash
# Run this script while workdir is repo
# I need env:
# NAME, IDCARD, PHONE
# You can also set env:
# URL_PREFIX
[ -z "$NAME" ] && NAME='喜禁评' && echo "NAME not set. Using default val $NAME"
[ -z "$IDCARD" ] && IDCARD='323******307' && echo "IDCARD not set. Using default val $IDCARD"
[ -z "$PHONE" ] && PHONE='15327103751' && echo "PHONE not set. Using default val $PHONE"
echo "_api_addr = function (url) { return '$URL_PREFIX/api.php?api=' + url + '&more='; };" >> settings.js
echo "<?php
\$NAME='$NAME';
\$IDCARD='$IDCARD';
\$PHONE='$PHONE';
?>" > patched_api
cat api.php | grep -v '^\$[A-Z ]*=' >> patched_api
mv patched_api api.php
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment