Automatically build a docker image to ghcr.io

.github/workflows/build-publish.yml

@@ -0,0 +1,80 @@
+name: Build and Publish
+
+on:
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build-publish:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          submodules: true # Fetch hugo themes
+          fetch-depth: 0 # Fetch all history for .GitInfo and .LastMod
+
+      - name: Setup node (NPM)
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+
+      - name: Install node dependencies
+        run: npm install
+
+      - name: Setup hugo
+        uses: peaceiris/actions-hugo@v2
+        with:
+          hugo-version: '0.105.0'
+          extended: true
+
+      # Will use the build.sh script to build the page using hugo.
+      # The resulting page will be in the ./public directory
+      - name: Build the hugo page
+        run: ./scripts/build.sh
+
+      # The current version (v2) of Docker's build-push action uses
+      # buildx, which comes with BuildKit features that help us speed
+      # up our builds using additional cache features. Buildx also
+      # has a lot of other features that are not as relevant to us.
+      #
+      # See https://github.com/docker/build-push-action
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to Github Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN  }}
+
+      # Create a commit SHA-based tag for the container repositories
+      - name: Create SHA Container Tag
+        id: sha_tag
+        run: |
+          tag=$(cut -c 1-7 <<< $GITHUB_SHA)
+          echo "::set-output name=tag::$tag"
+
+      # Build and push the container to the GitHub Container
+      # Repository. The container will be tagged as "latest"
+      # and with the short SHA of the commit.
+      - name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          cache-from: type=registry,ref=ghcr.io/itsdrike/web:latest
+          cache-to: type=inline
+          tags: |
+            ghcr.io/itsdrike/web:latest
+            ghcr.io/itsdrike/web:${{ steps.sha_tag.outputs.tag }}
+          build-args: |
+            git_sha=${{ github.sha }}

Dockerfile

@@ -0,0 +1,4 @@
+FROM nginx:alpine
+
+COPY ./nginx.conf /etc/nginx/nginx.conf
+COPY ./public/ /usr/share/nginx/html

nginx.conf

@@ -0,0 +1,38 @@
+user www-data;
+worker_processes auto;
+
+error_log stderr;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/ocet-stream;
+
+    access_log /dev/stdout;
+
+    sendfile on;
+    #tcp_nopush on;
+    #gzip on;
+    keepalive_timeout 65;
+
+    # Don't send nginx version in headers
+    server_tokens off;
+
+    # Trust X-Real-IP header from the reverse proxy
+    #set_real_ip_from 10.1.1.3;
+    #real_ip_header X-Real-IP;
+
+    server {
+        listen 80 default_server;
+        listen [::]:80 default_server;
+
+        root /usr/share/nginx/html;
+        index index.html;
+
+        error_page 401 403 404 405 407 410 429 451 /error/4xx.html
+    }
+}