commit 30710ed22033e4b9a0dd2182bb1fd9bb7402c6e3
Author: ytshih <ytshih@konchin.com>
Date:   Fri Oct 18 15:39:58 2024 +0000

    initial commit

diff --git a/.gitea/workflows/image.yml b/.gitea/workflows/image.yml
new file mode 100644
index 0000000..4c79d59
--- /dev/null
+++ b/.gitea/workflows/image.yml
@@ -0,0 +1,53 @@
+name: Build image
+
+on:
+  push
+
+jobs:
+  release-image:
+    runs-on: imgbuilder
+    env:
+      CONTAINER_REGISTRY: gitea.konchin.com
+      GITEA_TAG: latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Root CA
+        run: |
+          echo "${{ vars.ROOTCA }}" | tee rootca.pem          
+
+      - name: Set up Docker BuildX
+        uses: docker/setup-buildx-action@v3
+        with:
+          config-inline: |
+            debug = true
+            [registry."${{ env.CONTAINER_REGISTRY }}"]
+              ca = ["rootca.pem"]            
+
+      - name: Login
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.CONTAINER_REGISTRY }}
+          username: ${{ secrets.REGISTRY_USERNAME }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
+          
+      - name: Setup env
+        run: |
+          echo "GITEA_REPO=${GITHUB_REPOSITORY}" | tr '[:upper:]' '[:lower:]' >> $GITHUB_ENV
+          echo "GITEA_REF_NAME=${GITHUB_REF_NAME}" | tr '[:upper:]' '[:lower:]' >> $GITHUB_ENV          
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: |
+            linux/amd64            
+          push: true
+          tags: |
+            ${{ env.CONTAINER_REGISTRY }}/${{ env.GITEA_REPO }}:${{ env.GITEA_REF_NAME }}
+            ${{ env.CONTAINER_REGISTRY }}/${{ env.GITEA_REPO }}:${{ env.GITEA_TAG }}            
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..ce1450c
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,19 @@
+FROM node:22-alpine
+
+RUN apk add ansible ansible-lint bash git openssh py3-dnspython
+ADD rootca.pem /usr/local/share/ca-certificates/cacert.crt
+RUN apk --no-cache add --no-check-certificate ca-certificates \
+                        && update-ca-certificates --fresh
+
+RUN adduser ansible --disabled-password --gecos ''
+WORKDIR /home/ansible
+
+ARG ANSIBLE_ED25519
+RUN mkdir -p /home/ansible/.ssh/ && \
+    echo 'StrictHostKeyChecking no' >> /home/ansible/.ssh/config
+RUN chown -R ansible:ansible /home/ansible/
+
+USER ansible
+SHELL ["/bin/bash", "-c"]
+ENTRYPOINT ["/usr/bin/env"]
+CMD ["ansible-playbook", "playbook.yml"]