From e8cd6d32821a4307d7530e4ed8f208da2dc871f2 Mon Sep 17 00:00:00 2001 From: "soroush.asadi" Date: Sat, 30 May 2026 00:28:07 +0330 Subject: [PATCH] Route all package mirrors through local Nexus Point Docker, NuGet, and npm pulls at the Nexus group repos on 171.22.25.73:8081 for both CI/CD and local builds, so the pipeline and developers no longer depend on Docker Hub, MCR, nuget.org, or npmjs. Co-Authored-By: Claude Sonnet 4.6 --- .gitea/workflows/ci-cd.yml | 54 +++++++++++----------- docker-compose.admin.yml | 8 ++-- docker-compose.yml | 27 +++++++---- docker/admin-api/Dockerfile | 6 +-- docker/admin-web/Dockerfile | 4 +- docker/api/Dockerfile | 6 +-- docker/daemon-registry-mirror.example.json | 6 ++- docker/koja/Dockerfile | 4 +- docker/web/Dockerfile | 4 +- docker/website/Dockerfile | 4 +- nuget.docker.config | 8 ++-- 11 files changed, 70 insertions(+), 61 deletions(-) diff --git a/.gitea/workflows/ci-cd.yml b/.gitea/workflows/ci-cd.yml index 945d6b9..71ab059 100644 --- a/.gitea/workflows/ci-cd.yml +++ b/.gitea/workflows/ci-cd.yml @@ -17,13 +17,13 @@ concurrency: # ubuntu-latest:docker://node:20-alpine ← CI jobs run in real Docker containers # self-hosted:host ← deploy runs directly on the server # -# All images are pulled from local Nexus mirrors (fast, no internet): -# Docker Hub → http://171.22.25.73:5000 (docker-hub-proxy repo) -# MCR → http://171.22.25.73:5002 (mcr-proxy repo) +# All images/packages served from local Nexus at 171.22.25.73:8081: +# Docker images → 171.22.25.73:8081 (docker-group: Docker Hub + MCR) +# NuGet → http://171.22.25.73:8081/repository/nuget-group/ +# npm → http://171.22.25.73:8081/repository/npm-group/ # -# mirror hostname → host-gateway (docker bridge IP 172.17.0.1) — used for: -# NuGet → http://mirror:8081/repository/nuget-group/ -# npm → http://mirror:8081/repository/npm-group/ +# The runner host is 171.22.25.73, so Nexus is always reachable directly. +# Daemon must have: "insecure-registries": ["171.22.25.73:8081"] # ───────────────────────────────────────────────────────────────────────────── jobs: @@ -32,13 +32,12 @@ jobs: name: "CI · API (dotnet build + test)" runs-on: ubuntu-latest container: - image: 171.22.25.73:5002/dotnet/sdk:10.0 + image: 171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0 options: >- --add-host=gitea:host-gateway - --add-host=mirror:host-gateway services: postgres: - image: docker-mirror.liara.ir/library/postgres:16-alpine + image: 171.22.25.73:8081/repository/docker-group/postgres:16-alpine env: POSTGRES_DB: meezi_test POSTGRES_USER: meezi @@ -49,7 +48,7 @@ jobs: --health-timeout 5s --health-retries 10 redis: - image: docker-mirror.liara.ir/library/redis:7-alpine + image: 171.22.25.73:8081/repository/docker-group/redis:7-alpine options: >- --health-cmd "redis-cli ping" --health-interval 5s @@ -74,8 +73,10 @@ jobs: - + EOF @@ -98,10 +99,9 @@ jobs: name: "CI · Admin API (dotnet build)" runs-on: ubuntu-latest container: - image: 171.22.25.73:5002/dotnet/sdk:10.0 + image: 171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0 options: >- --add-host=gitea:host-gateway - --add-host=mirror:host-gateway steps: - name: Checkout env: @@ -121,8 +121,10 @@ jobs: - + EOF @@ -139,10 +141,9 @@ jobs: name: "CI · Dashboard (tsc)" runs-on: ubuntu-latest container: - image: 171.22.25.73:5000/library/node:20-alpine + image: 171.22.25.73:8081/repository/docker-group/node:20-alpine options: >- --add-host=gitea:host-gateway - --add-host=mirror:host-gateway steps: - name: Checkout env: @@ -158,7 +159,7 @@ jobs: - name: Install dependencies working-directory: web/dashboard - run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/ + run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/ - name: TypeScript check working-directory: web/dashboard @@ -170,10 +171,9 @@ jobs: name: "CI · Admin Web (tsc)" runs-on: ubuntu-latest container: - image: 171.22.25.73:5000/library/node:20-alpine + image: 171.22.25.73:8081/repository/docker-group/node:20-alpine options: >- --add-host=gitea:host-gateway - --add-host=mirror:host-gateway steps: - name: Checkout env: @@ -189,7 +189,7 @@ jobs: - name: Install dependencies working-directory: web/admin - run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/ + run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/ - name: TypeScript check working-directory: web/admin @@ -201,10 +201,9 @@ jobs: name: "CI · Website (tsc)" runs-on: ubuntu-latest container: - image: 171.22.25.73:5000/library/node:20-alpine + image: 171.22.25.73:8081/repository/docker-group/node:20-alpine options: >- --add-host=gitea:host-gateway - --add-host=mirror:host-gateway steps: - name: Checkout env: @@ -220,7 +219,7 @@ jobs: - name: Install dependencies working-directory: web/website - run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/ + run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/ - name: TypeScript check working-directory: web/website @@ -232,10 +231,9 @@ jobs: name: "CI · Koja (tsc)" runs-on: ubuntu-latest container: - image: 171.22.25.73:5000/library/node:20-alpine + image: 171.22.25.73:8081/repository/docker-group/node:20-alpine options: >- --add-host=gitea:host-gateway - --add-host=mirror:host-gateway steps: - name: Checkout env: @@ -251,7 +249,7 @@ jobs: - name: Install dependencies working-directory: web/koja - run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/ + run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/ - name: TypeScript check working-directory: web/koja diff --git a/docker-compose.admin.yml b/docker-compose.admin.yml index aead233..fa0a301 100644 --- a/docker-compose.admin.yml +++ b/docker-compose.admin.yml @@ -16,8 +16,8 @@ services: extra_hosts: - "mirror:host-gateway" args: - DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-mcr-mirror.liara.ir/dotnet/sdk:10.0} - DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-mcr-mirror.liara.ir/dotnet/aspnet:10.0} + DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0} + DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0} container_name: meezi-admin-api restart: unless-stopped depends_on: @@ -52,8 +52,8 @@ services: extra_hosts: - "mirror:host-gateway" args: - NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine} - NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/} + NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine} + NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/} NEXT_PUBLIC_ADMIN_API_URL: ${NEXT_PUBLIC_ADMIN_API_URL:-http://localhost:5081} container_name: meezi-admin-web restart: unless-stopped diff --git a/docker-compose.yml b/docker-compose.yml index 046831c..e772c24 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,12 @@ # Meezi — main stack (Postgres, Redis, API, Dashboard, Website, Koja) # +# All images/packages served from local Nexus at 171.22.25.73:8081 +# Docker images → 171.22.25.73:8081 (docker-group: proxies Docker Hub + MCR) +# NuGet → http://171.22.25.73:8081/repository/nuget-group/ +# npm → http://171.22.25.73:8081/repository/npm-group/ +# +# Docker Desktop: add "insecure-registries": ["171.22.25.73:8081"] to daemon.json +# # Local dev: # cp .env.example .env # docker compose up -d --build @@ -18,7 +25,7 @@ services: postgres: - image: ${POSTGRES_IMAGE:-docker-mirror.liara.ir/library/postgres:16-alpine} + image: ${POSTGRES_IMAGE:-171.22.25.73:8081/repository/docker-group/postgres:16-alpine} container_name: meezi-db restart: unless-stopped environment: @@ -36,7 +43,7 @@ services: retries: 10 redis: - image: ${REDIS_IMAGE:-docker-mirror.liara.ir/library/redis:7-alpine} + image: ${REDIS_IMAGE:-171.22.25.73:8081/repository/docker-group/redis:7-alpine} container_name: meezi-redis restart: unless-stopped ports: @@ -57,8 +64,8 @@ services: extra_hosts: - "mirror:host-gateway" args: - DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-mcr-mirror.liara.ir/dotnet/sdk:10.0} - DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-mcr-mirror.liara.ir/dotnet/aspnet:10.0} + DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0} + DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0} container_name: meezi-api restart: unless-stopped depends_on: @@ -103,8 +110,8 @@ services: extra_hosts: - "mirror:host-gateway" args: - NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine} - NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/} + NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine} + NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/} NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-http://localhost:5080} container_name: meezi-web restart: unless-stopped @@ -124,8 +131,8 @@ services: extra_hosts: - "mirror:host-gateway" args: - NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine} - NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/} + NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine} + NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/} MEEZI_API_URL: http://api:8080 NEXT_PUBLIC_SITE_URL: ${NEXT_PUBLIC_SITE_URL:-http://localhost:3010} container_name: meezi-website @@ -148,8 +155,8 @@ services: extra_hosts: - "mirror:host-gateway" args: - NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine} - NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/} + NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine} + NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/} NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-http://localhost:5080} NEXT_PUBLIC_SITE_URL: ${NEXT_PUBLIC_KOJA_URL:-http://localhost:3103} container_name: meezi-koja diff --git a/docker/admin-api/Dockerfile b/docker/admin-api/Dockerfile index 3c017e7..0bf51a1 100644 --- a/docker/admin-api/Dockerfile +++ b/docker/admin-api/Dockerfile @@ -1,11 +1,11 @@ -ARG DOTNET_SDK_IMAGE=mcr.microsoft.com/dotnet/sdk:10.0 -ARG DOTNET_ASPNET_IMAGE=mcr.microsoft.com/dotnet/aspnet:10.0 +ARG DOTNET_SDK_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0 +ARG DOTNET_ASPNET_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0 FROM ${DOTNET_SDK_IMAGE} AS build WORKDIR /src COPY global.json Directory.Build.props Directory.Packages.props ./ -# nuget.docker.config points to local Nexus mirror (mirror:8081 via extra_hosts in compose) +# nuget.docker.config points to local Nexus mirror (171.22.25.73:8081) COPY nuget.docker.config ./nuget.config COPY src/Meezi.Shared/Meezi.Shared.csproj src/Meezi.Shared/ diff --git a/docker/admin-web/Dockerfile b/docker/admin-web/Dockerfile index 4cce145..8a0b960 100644 --- a/docker/admin-web/Dockerfile +++ b/docker/admin-web/Dockerfile @@ -1,9 +1,9 @@ -ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine +ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine FROM ${NODE_IMAGE} AS deps WORKDIR /app COPY web/admin/package*.json ./ -ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/ +ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/ # Install deps then ensure Alpine (musl) SWC binary is present RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY} \ && NEXT_VER=$(node -e "process.stdout.write(require('./node_modules/next/package.json').version)") \ diff --git a/docker/api/Dockerfile b/docker/api/Dockerfile index b36b1a8..d51858b 100644 --- a/docker/api/Dockerfile +++ b/docker/api/Dockerfile @@ -1,11 +1,11 @@ -ARG DOTNET_SDK_IMAGE=mcr.microsoft.com/dotnet/sdk:10.0 -ARG DOTNET_ASPNET_IMAGE=mcr.microsoft.com/dotnet/aspnet:10.0 +ARG DOTNET_SDK_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0 +ARG DOTNET_ASPNET_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0 FROM ${DOTNET_SDK_IMAGE} AS build WORKDIR /src COPY global.json Directory.Build.props Directory.Packages.props ./ -# nuget.docker.config points to local Nexus mirror (mirror:8081 via extra_hosts in compose) +# nuget.docker.config points to local Nexus mirror (171.22.25.73:8081) COPY nuget.docker.config ./nuget.config COPY src/Meezi.Shared/Meezi.Shared.csproj src/Meezi.Shared/ diff --git a/docker/daemon-registry-mirror.example.json b/docker/daemon-registry-mirror.example.json index 895e767..2d76f64 100644 --- a/docker/daemon-registry-mirror.example.json +++ b/docker/daemon-registry-mirror.example.json @@ -1,6 +1,8 @@ { + "insecure-registries": [ + "171.22.25.73:8081" + ], "registry-mirrors": [ - "https://docker.iranrepo.ir", - "https://registry.docker.ir" + "http://171.22.25.73:8081" ] } diff --git a/docker/koja/Dockerfile b/docker/koja/Dockerfile index 2d21d64..7c81560 100644 --- a/docker/koja/Dockerfile +++ b/docker/koja/Dockerfile @@ -1,9 +1,9 @@ -ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine +ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine FROM ${NODE_IMAGE} AS deps WORKDIR /app COPY web/koja/package*.json ./ -ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/ +ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/ RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY} FROM ${NODE_IMAGE} AS builder diff --git a/docker/web/Dockerfile b/docker/web/Dockerfile index 5e8372b..c5df3b9 100644 --- a/docker/web/Dockerfile +++ b/docker/web/Dockerfile @@ -1,9 +1,9 @@ -ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine +ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine FROM ${NODE_IMAGE} AS deps WORKDIR /app COPY web/dashboard/package*.json ./ -ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/ +ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/ RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY} FROM ${NODE_IMAGE} AS builder diff --git a/docker/website/Dockerfile b/docker/website/Dockerfile index 8df28c4..e29530e 100644 --- a/docker/website/Dockerfile +++ b/docker/website/Dockerfile @@ -1,9 +1,9 @@ -ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine +ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine FROM ${NODE_IMAGE} AS deps WORKDIR /app COPY web/website/package*.json ./ -ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/ +ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/ # Install deps then ensure Alpine (musl) SWC binary is present RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY} \ && NEXT_VER=$(node -e "process.stdout.write(require('./node_modules/next/package.json').version)") \ diff --git a/nuget.docker.config b/nuget.docker.config index 76f1e4a..fd102e9 100644 --- a/nuget.docker.config +++ b/nuget.docker.config @@ -1,10 +1,12 @@ - + - +