Extending

.github/workflows/publish-image.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - master
+      - "**"
     tags:
       - "**"
 
@@ -34,3 +35,5 @@ jobs:
           context: .
           push: true
           tags: ghcr.io/${{ github.repository_owner }}/ffdd-node:${{ github.ref_name }}
+          cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/ffdd-node:buildcache
+          cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/ffdd-node:buildcache,mode=max

Dockerfile

@@ -61,7 +61,79 @@ RUN npm install --no-audit --no-fund
 RUN npm run build
 
 
-FROM alpine:3.23 AS runtime-base
+FROM alpine:3.23 AS staging
+
+# Assemble the complete filesystem layout in /staging
+RUN mkdir -p \
+    /staging/data \
+    /staging/etc/nginx \
+    /staging/etc/service \
+    /staging/run/freifunk/fastd/peers \
+    /staging/run/freifunk/wireguard \
+    /staging/run/freifunk/bmxd \
+    /staging/run/freifunk/sysinfo \
+    /staging/run/freifunk/www \
+    /staging/usr/bin \
+    /staging/usr/lib/bmxd \
+    /staging/usr/lib/fastd \
+    /staging/usr/local/bin \
+    /staging/usr/local/lib \
+    /staging/usr/local/share/freifunk/ui
+
+# Binaries from builder (only what we need)
+COPY --from=builder /usr/local/bin/fastd /staging/usr/local/bin/
+COPY --from=builder /usr/local/lib/libuecc.so* /staging/usr/local/lib/
+COPY --from=builder /build/firmware/feeds/pool/bmxd/sources/bmxd /staging/usr/bin/
+
+# UI build output
+COPY --from=builder /build/ui/dist/ /staging/usr/local/share/freifunk/ui/
+
+# License texts
+COPY --from=builder /build/firmware/files/common/usr/lib/license/agreement-de.txt /staging/usr/local/share/freifunk/
+COPY --from=builder /build/firmware/files/common/usr/lib/license/pico-de.txt /staging/usr/local/share/freifunk/
+COPY --from=builder /build/firmware/license/gpl2-en.txt /staging/usr/local/share/freifunk/gpl2.txt
+COPY --from=builder /build/firmware/license/gpl3-en.txt /staging/usr/local/share/freifunk/gpl3.txt
+
+# Config files
+COPY config/defaults.yaml /staging/usr/local/share/freifunk/defaults.yaml
+COPY config/nginx.conf /staging/etc/nginx/nginx.conf
+
+# Scripts
+COPY scripts/backbone_runtime.py scripts/mesh-status.py scripts/node_config.py scripts/registrar.py scripts/sysinfo.py scripts/wireguard_status.py /staging/usr/local/bin/
+COPY scripts/fastd-backbone-cmd.sh /staging/usr/lib/fastd/backbone-cmd.sh
+COPY scripts/bmxd-launcher.sh /staging/usr/local/bin/bmxd-launcher.sh
+COPY scripts/bmxd-gateway.py /staging/usr/lib/bmxd/bmxd-gateway.py
+COPY scripts/docker-entrypoint.sh /staging/usr/local/bin/docker-entrypoint.sh
+COPY scripts/runit/ /staging/etc/service/
+
+RUN chmod +x \
+    /staging/usr/local/bin/docker-entrypoint.sh \
+    /staging/usr/local/bin/mesh-status.py \
+    /staging/usr/local/bin/registrar.py \
+    /staging/usr/local/bin/sysinfo.py \
+    /staging/usr/local/bin/wireguard_status.py \
+    /staging/usr/lib/fastd/backbone-cmd.sh \
+    /staging/usr/local/bin/bmxd-launcher.sh \
+    /staging/usr/lib/bmxd/bmxd-gateway.py \
+    /staging/etc/service/registrar/run \
+    /staging/etc/service/sysinfo/run \
+    /staging/etc/service/fastd/run \
+    /staging/etc/service/wireguard/run \
+    /staging/etc/service/bmxd/run \
+    /staging/etc/service/mesh-status/run \
+    /staging/etc/service/nginx/run
+
+
+FROM staging AS tests
+
+RUN apk add --no-cache py3-yaml python3
+COPY scripts/backbone_runtime.py scripts/bmxd-gateway.py scripts/mesh-status.py scripts/node_config.py scripts/registrar.py scripts/run_gateway_script.py scripts/sysinfo.py scripts/wireguard_status.py /opt/freifunk-tests/scripts/
+COPY tests/ /opt/freifunk-tests/tests/
+RUN cd /opt/freifunk-tests \
+ && python3 -m unittest discover -v -s tests -t .
+
+
+FROM alpine:3.23 AS final
 
 ENV TZ=Europe/Berlin
 
@@ -80,60 +152,14 @@ RUN apk add --no-cache \
     runit \
     tcpdump \
     tzdata \
-    wireguard-tools-wg
-
-RUN ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime \
+    wireguard-tools-wg \
+ && ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime \
  && echo "$TZ" > /etc/timezone
 
-COPY --from=builder /usr/local /usr/local
-COPY --from=builder /build/firmware/feeds/pool/bmxd/sources/bmxd /usr/bin/bmxd
-
-RUN mkdir -p /data /run/freifunk/fastd/peers /run/freifunk/wireguard /run/freifunk/bmxd /run/freifunk/sysinfo /run/freifunk/www /usr/local/share/freifunk /usr/lib/bmxd /etc/service
-
-COPY config/defaults.yaml /usr/local/share/freifunk/defaults.yaml
-COPY config/nginx.conf /etc/nginx/nginx.conf
-COPY --from=builder /build/ui/dist/ /usr/local/share/freifunk/ui/
-COPY --from=builder /build/firmware/files/common/usr/lib/license/agreement-de.txt /usr/local/share/freifunk/agreement-de.txt
-COPY --from=builder /build/firmware/files/common/usr/lib/license/pico-de.txt /usr/local/share/freifunk/pico-de.txt
-COPY --from=builder /build/firmware/license/gpl2-en.txt /usr/local/share/freifunk/gpl2.txt
-COPY --from=builder /build/firmware/license/gpl3-en.txt /usr/local/share/freifunk/gpl3.txt
-COPY scripts/backbone_runtime.py scripts/node_config.py scripts/registrar.py scripts/sysinfo.py scripts/wireguard_status.py /usr/local/bin/
-COPY scripts/fastd-backbone-cmd.sh /usr/lib/fastd/backbone-cmd.sh
-COPY scripts/bmxd-launcher.sh /usr/local/bin/bmxd-launcher.sh
-COPY scripts/bmxd-gateway.py /usr/lib/bmxd/bmxd-gateway.py
-COPY scripts/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
-COPY scripts/runit/ /etc/service/
-
-RUN chmod +x \
-    /usr/local/bin/docker-entrypoint.sh \
-    /usr/local/bin/registrar.py \
-    /usr/local/bin/sysinfo.py \
-    /usr/local/bin/wireguard_status.py \
-    /usr/lib/fastd/backbone-cmd.sh \
-    /usr/local/bin/bmxd-launcher.sh \
-    /usr/lib/bmxd/bmxd-gateway.py \
-    /etc/service/registrar/run \
-    /etc/service/sysinfo/run \
-    /etc/service/fastd/run \
-    /etc/service/wireguard/run \
-    /etc/service/bmxd/run \
-    /etc/service/nginx/run
+# Single COPY from staging: all freifunk files in one layer
+COPY --from=tests /staging/ /
 
 VOLUME ["/data"]
 
 ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 CMD []
-
-
-FROM runtime-base AS tests
-
-COPY scripts/backbone_runtime.py scripts/node_config.py scripts/registrar.py scripts/sysinfo.py scripts/wireguard_status.py scripts/run_gateway_script.py scripts/bmxd-gateway.py /opt/freifunk-tests/scripts/
-COPY tests/ /opt/freifunk-tests/tests/
-RUN cd /opt/freifunk-tests \
- && python3 -m unittest discover -v -s tests -t . \
- && touch /tmp/tests-passed
-
-
-FROM runtime-base AS final
-
-COPY --from=tests /tmp/tests-passed /tmp/tests-passed

config/nginx.conf

@@ -10,6 +10,7 @@ events {
 http {
     include /etc/nginx/mime.types;
     default_type application/octet-stream;
+    absolute_redirect off;
 
     access_log off;
     sendfile on;
@@ -35,6 +36,11 @@ http {
             try_files /nodes.json =404;
         }
 
+        location = /mesh-status.json {
+            default_type application/json;
+            try_files /mesh-status.json =404;
+        }
+
         location = / {
             return 302 /ui/;
         }

docker-compose.yaml

@@ -12,7 +12,6 @@ services:
       - /dev/net/tun:/dev/net/tun
     ports:
       - "${HTTP_PORT:-80}:80"
-      - "${FASTD_PORT:-5002}:${FASTD_PORT:-5002}/udp"
     volumes:
       - ./data:/data
     mem_limit: 200m