add a few containers i regularly use

Signed-off-by: Christopher Larivière <[email protected]>

.github/workflows/builder.yaml

@@ -8,7 +8,7 @@ on:
       appsToBuild:
         required: false
         type: string
-        default: ''
+        default: ""
       channelsToBuild:
         required: false
         type: string
@@ -85,7 +85,10 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        image: ["${{ fromJSON(needs.prepare-matrix.outputs.matrices).image_platforms }}"]
+        image:
+          [
+            "${{ fromJSON(needs.prepare-matrix.outputs.matrices).image_platforms }}",
+          ]
     permissions:
       contents: read
       packages: write
@@ -140,7 +143,7 @@ jobs:
           fetch-depth: 1
 
       - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
+        uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0
 
       - name: Prepare Build Outputs
         id: prepare-build-outputs
@@ -222,7 +225,7 @@ jobs:
           merge-multiple: true
 
       - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
+        uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0

.github/workflows/release-manual.yaml

@@ -13,12 +13,24 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - context: ./apps/protonmail-bridge-docker
-            image: ghcr.io/${{ github.repository_owner }}/protonmail-bridge-docker
           - context: ./apps/tf-runner
             image: ghcr.io/${{ github.repository_owner }}/tf-runner
           - context: ./apps/nut-client
             image: ghcr.io/${{ github.repository_owner }}/nut-client
+          - context: ./apps/postgres-init
+            image: ghcr.io/${{ github.repository_owner }}/postgres-init
+          - context: ./apps/tautulli
+            image: ghcr.io/${{ github.repository_owner }}/tautulli
+          - context: ./apps/plex
+            image: ghcr.io/${{ github.repository_owner }}/plex
+          - context: ./apps/prowlarr
+            image: ghcr.io/${{ github.repository_owner }}/prowlarr
+          - context: ./apps/lidarr
+            image: ghcr.io/${{ github.repository_owner }}/lidarr
+          - context: ./apps/radarr
+            image: ghcr.io/${{ github.repository_owner }}/radarr
+          - context: ./apps/sonarr
+            image: ghcr.io/${{ github.repository_owner }}/sonarr
 
     permissions:
       contents: read

.vscode/launch.json

@@ -1,20 +1,15 @@
 {
   "version": "0.2.0",
   "configurations": [
-      {
-          "name": "Launch Package",
-          "type": "go",
-          "request": "launch",
-          "mode": "debug",
-          "program": "cmd/main.go",
-          "cwd": "${workspaceFolder}",
-          "envFile": "${workspaceFolder}/.goenv",
-          "args": [
-              "tf-runner",
-              "true",
-              "true",
-              "v0.16.0-rc.4"
-          ]
-      }
+    {
+      "name": "Launch Package",
+      "type": "go",
+      "request": "launch",
+      "mode": "debug",
+      "program": "cmd/main.go",
+      "cwd": "${workspaceFolder}",
+      "envFile": "${workspaceFolder}/.goenv",
+      "args": ["all", "true", "true", "stable"]
+    }
   ]
-}
+}

apps/nut-client/Dockerfile

@@ -1,18 +1,17 @@
 FROM ubuntu:rolling
 
-# no choice to run as root, will powerdown computer
 USER root
 
 # hadolint ignore=DL3008,DL3015,SC2086
 RUN \
   apt-get -qq update \
   && apt-get -qq install -y --no-install-recommends \
-    nut-client \
+  nut-client \
   && apt-get clean \
   && rm -rf \
-    /tmp/* \
-    /var/lib/apt/lists/ \
-    /var/tmp/*
+  /tmp/* \
+  /var/lib/apt/lists/ \
+  /var/tmp/*
 
 WORKDIR /config
 

apps/plex/Dockerfile

@@ -0,0 +1,57 @@
+FROM docker.io/library/ubuntu:25.04
+
+ARG TARGETARCH
+ARG VERSION
+ARG CHANNEL
+
+ENV UMASK="0002" \
+  TZ="Etc/UTC"
+
+ENV DEBCONF_NONINTERACTIVE_SEEN="true" \
+  DEBIAN_FRONTEND="noninteractive" \
+  APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE="DontWarn"
+
+ENV NVIDIA_DRIVER_CAPABILITIES="compute,video,utility" \
+  PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR="/config/Library/Application Support" \
+  PLEX_MEDIA_SERVER_HOME="/usr/lib/plexmediaserver" \
+  PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6" \
+  PLEX_MEDIA_SERVER_INFO_VENDOR="Docker" \
+  PLEX_MEDIA_SERVER_INFO_DEVICE="Docker Container (larivierec)"
+
+USER root
+WORKDIR /app
+
+# hadolint ignore=DL3008,DL3015,SC2039,SC2086
+RUN \
+  apt-get update \
+  && \
+  apt-get install -y --no-install-recommends --no-install-suggests \
+  bash \
+  ca-certificates \
+  catatonit \
+  coreutils \
+  curl \
+  jo \
+  jq \
+  nano \
+  tzdata \
+  uuid-runtime \
+  xmlstarlet \
+  && \
+  curl -fsSL -o /tmp/plex.deb \
+  "https://downloads.plex.tv/plex-media-server-new/${VERSION}/debian/plexmediaserver_${VERSION}_${TARGETARCH}.deb" \
+  && \
+  dpkg -i --force-confold /tmp/plex.deb \
+  && chmod -R 755 "${PLEX_MEDIA_SERVER_HOME}" \
+  && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
+  && apt-get autoremove -y \
+  && apt-get clean \
+  && rm -rf /etc/default/plexmediaserver /tmp/* /var/lib/apt/lists/* /var/tmp/
+
+COPY ./entrypoint.sh /entrypoint.sh
+
+USER nobody:nogroup
+WORKDIR /config
+VOLUME ["/config"]
+
+ENTRYPOINT ["/usr/bin/catatonit", "--", "/entrypoint.sh"]

apps/plex/ci/latest.sh

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+channel=$1
+
+if [[ "${channel}" == "beta" ]]; then
+    git clone --quiet --depth=1 https://aur.archlinux.org/plex-media-server-plexpass.git /tmp/plex-media-server-plexpass
+    pushd /tmp/plex-media-server-plexpass > /dev/null || exit
+    version="$(grep -oP "(?<=pkgver=).*" PKGBUILD)"
+    version="${version}-$(grep -oP "(?<=_pkgsum=).*" PKGBUILD)"
+    popd > /dev/null || exit
+    rm -rf /tmp/plex-media-server-plexpass
+fi
+
+if [[ "${channel}" == "stable" ]]; then
+    version=$(curl -sX GET 'https://plex.tv/api/downloads/5.json' | jq -r '.computer.Linux.version')
+fi
+
+version="${version#*v}"
+version="${version#*release-}"
+printf "%s" "${version}"

apps/plex/ci/metadata.yaml

@@ -0,0 +1,6 @@
+---
+app: plex
+channels:
+  - name: stable
+    platforms: ["linux/amd64", "linux/arm64"]
+    stable: true

apps/plex/entrypoint.sh

@@ -0,0 +1,114 @@
+#!/usr/bin/env bash
+#shellcheck disable=SC2086,SC2155
+
+export PLEX_MEDIA_SERVER_INFO_MODEL=$(uname -m)
+export PLEX_MEDIA_SERVER_INFO_PLATFORM_VERSION=$(uname -r)
+
+function getPref {
+    local key="$1"
+    xmlstarlet sel -T -t -m "/Preferences" -v "@${key}" -n "${prefFile}"
+}
+
+function setPref {
+    local key="$1"
+    local value="$2"
+    count="$(xmlstarlet sel -t -v "count(/Preferences/@${key})" "${prefFile}")"
+    count=$((count + 0))
+    if [[ $count -gt 0 ]]; then
+        xmlstarlet ed --inplace --update "/Preferences/@${key}" -v "${value}" "${prefFile}"
+    else
+        xmlstarlet ed --inplace --insert "/Preferences"  --type attr -n "${key}" -v "${value}" "${prefFile}"
+    fi
+}
+
+prefFile="${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}/Plex Media Server/Preferences.xml"
+
+# Create empty Preferences.xml file if it doesn't exist already
+if [ ! -e "${prefFile}" ]; then
+    echo "Creating pref shell"
+    mkdir -p "$(dirname "${prefFile}")"
+    cat > "${prefFile}" <<-EOF
+<?xml version="1.0" encoding="utf-8"?>
+<Preferences/>
+EOF
+fi
+
+# Setup Server's client identifier
+serial="$(getPref "MachineIdentifier")"
+if [[ -z "${serial}" ]]; then
+    serial="$(cat /proc/sys/kernel/random/uuid)"
+    setPref "MachineIdentifier" "${serial}"
+fi
+clientId="$(getPref "ProcessedMachineIdentifier")"
+if [[ -z "${clientId}" ]]; then
+    clientId="$(echo -n "${serial}- Plex Media Server" | sha1sum | cut -b 1-40)"
+    setPref "ProcessedMachineIdentifier" "${clientId}"
+fi
+
+# Get server token and only turn claim token into server token if we have former but not latter.
+token="$(getPref "PlexOnlineToken")"
+if [[ -n "${PLEX_CLAIM_TOKEN}" ]] && [[ -z "${token}" ]]; then
+    echo "Attempting to obtain server token from claim token..."
+    loginInfo="$(curl -fsSL -X POST \
+        -H 'X-Plex-Client-Identifier: '"${clientId}" \
+        -H 'X-Plex-Product: Plex Media Server'\
+        -H 'X-Plex-Version: 1.1' \
+        -H 'X-Plex-Provides: server' \
+        -H 'X-Plex-Platform: Linux' \
+        -H 'X-Plex-Platform-Version: 1.0' \
+        -H 'X-Plex-Device-Name: PlexMediaServer' \
+        -H 'X-Plex-Device: Linux' \
+        "https://plex.tv/api/claim/exchange?token=${PLEX_CLAIM_TOKEN}")"
+    token="$(echo "$loginInfo" | sed -n 's/.*<authentication-token>\(.*\)<\/authentication-token>.*/\1/p')"
+
+    if [[ "$token" ]]; then
+        echo "Token obtained successfully!"
+        setPref "PlexOnlineToken" "${token}"
+    fi
+fi
+
+# Set other preferences
+[[ -n "${ADVERTISE_IP}" ]] && PLEX_ADVERTISE_URL=${ADVERTISE_IP}
+if [[ -n "${PLEX_ADVERTISE_URL}" ]]; then
+    echo "Setting customConnections to: ${PLEX_ADVERTISE_URL}"
+    setPref "customConnections" "${PLEX_ADVERTISE_URL}"
+fi
+
+[[ -n "${ALLOWED_NETWORKS}" ]] && PLEX_NO_AUTH_NETWORKS=${ALLOWED_NETWORKS}
+if [[ -n "${PLEX_NO_AUTH_NETWORKS}" ]]; then
+    echo "Setting allowedNetworks to: ${PLEX_NO_AUTH_NETWORKS}"
+    setPref "allowedNetworks" "${PLEX_NO_AUTH_NETWORKS}"
+fi
+
+# Set transcoder directory if not yet set
+if [[ -z "$(getPref "TranscoderTempDirectory")" ]]; then
+    echo "Setting TranscoderTempDirectory to: /transcode"
+    setPref "TranscoderTempDirectory" "/transcode"
+fi
+
+# Parse list of all exported variables that start with PLEX_PREFERENCE_
+# The format of which is PLEX_PREFERENCE_<SOMETHING>="Key=Value"
+# Where Key is the EXACT key to use in the Plex Preference file
+# And Value is the EXACT value to use in the Plex Preference file for that key.
+# Please note it looks like many of the key's are camelCase in some fashion.
+# Additionally there are likely some preferences where environment variable injection
+# doesn't really work for.
+for var in "${!PLEX_PREFERENCE_@}"; do
+    value="${!var}"
+    PreferenceValue="${value#*=}"
+    PreferenceKey="${value%=*}"
+    setPref "${PreferenceKey}" "${PreferenceValue}"
+done
+
+# Remove pid file
+rm -f "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}/Plex Media Server/plexmediaserver.pid"
+
+# Purge Codecs folder
+if [[ "${PLEX_PURGE_CODECS}" == "true" ]]; then
+    echo "Purging Codecs folder..."
+    find "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}/Plex Media Server/Codecs" -mindepth 1 -not -name '.device-id' -print -delete
+fi
+
+exec \
+    /usr/lib/plexmediaserver/Plex\ Media\ Server \
+    "$@"

apps/postgres-init/Dockerfile

@@ -0,0 +1,24 @@
+FROM docker.io/library/alpine:3.21
+
+ARG TARGETPLATFORM
+ARG VERSION
+ARG CHANNEL
+
+USER root
+WORKDIR /app
+
+#hadolint ignore=DL3018
+RUN \
+  apk add --no-cache \
+  bash \
+  ca-certificates \
+  catatonit \
+  postgresql17-client~"${VERSION}"
+
+COPY ./entrypoint.sh /entrypoint.sh
+
+USER nobody:nogroup
+
+ENTRYPOINT ["/usr/bin/catatonit", "--", "/entrypoint.sh"]
+
+LABEL org.opencontainers.image.source="https://github.com/postgres/postgres"

apps/postgres-init/ci/latest.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+version=$(curl -sX GET "https://pkgs.alpinelinux.org/package/v3.21/main/x86_64/postgresql17-client" | grep -oP '(?<=<strong>).*?(?=</strong>)' 2>/dev/null)
+version="${version%%_*}"
+version="${version%%-*}"
+printf "%s" "${version}"

apps/postgres-init/ci/metadata.yaml

@@ -0,0 +1,6 @@
+---
+app: postgres-init
+channels:
+  - name: stable
+    platforms: ["linux/amd64", "linux/arm64"]
+    stable: true