Route all package mirrors through local Nexus

Point Docker, NuGet, and npm pulls at the Nexus group repos on 171.22.25.73:8081 for both CI/CD and local builds, so the pipeline and developers no longer depend on Docker Hub, MCR, nuget.org, or npmjs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-30 00:28:07 +03:30
parent 62bd7a12f5
commit e8cd6d3282
11 changed files with 70 additions and 61 deletions
@@ -17,13 +17,13 @@ concurrency:
 #   ubuntu-latest:docker://node:20-alpine   ← CI jobs run in real Docker containers
 #   self-hosted:host                        ← deploy runs directly on the server
 #
-# All images are pulled from local Nexus mirrors (fast, no internet):
+# All images/packages served from local Nexus at 171.22.25.73:8081:
-#   Docker Hub → http://171.22.25.73:5000   (docker-hub-proxy repo)
+#   Docker images → 171.22.25.73:8081           (docker-group: Docker Hub + MCR)
-#   MCR        → http://171.22.25.73:5002   (mcr-proxy repo)
+#   NuGet         → http://171.22.25.73:8081/repository/nuget-group/
 #   npm           → http://171.22.25.73:8081/repository/npm-group/
 #
-# mirror hostname → host-gateway (docker bridge IP 172.17.0.1) — used for:
+# The runner host is 171.22.25.73, so Nexus is always reachable directly.
-#   NuGet  → http://mirror:8081/repository/nuget-group/
+# Daemon must have: "insecure-registries": ["171.22.25.73:8081"]
 #   npm    → http://mirror:8081/repository/npm-group/
 # ─────────────────────────────────────────────────────────────────────────────
 jobs:
@@ -32,13 +32,12 @@ jobs:
    name: "CI · API (dotnet build + test)"
    runs-on: ubuntu-latest
    container:
-      image: 171.22.25.73:5002/dotnet/sdk:10.0
+      image: 171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0
      options: >-
        --add-host=gitea:host-gateway
        --add-host=mirror:host-gateway
    services:
      postgres:
-        image: docker-mirror.liara.ir/library/postgres:16-alpine
+        image: 171.22.25.73:8081/repository/docker-group/postgres:16-alpine
        env:
          POSTGRES_DB: meezi_test
          POSTGRES_USER: meezi
@@ -49,7 +48,7 @@ jobs:
          --health-timeout 5s
          --health-retries 10
      redis:
-        image: docker-mirror.liara.ir/library/redis:7-alpine
+        image: 171.22.25.73:8081/repository/docker-group/redis:7-alpine
        options: >-
          --health-cmd "redis-cli ping"
          --health-interval 5s
@@ -74,8 +73,10 @@ jobs:
          <configuration>
            <packageSources>
              <clear />
-              <add key="nexus" value="http://mirror:8081/repository/nuget-group/index.json"
+              <add key="nexus"
-                   protocolVersion="3" allowInsecureConnections="true" />
+                   value="http://171.22.25.73:8081/repository/nuget-group/index.json"
                   protocolVersion="3"
                   allowInsecureConnections="true" />
            </packageSources>
          </configuration>
          EOF
@@ -98,10 +99,9 @@ jobs:
    name: "CI · Admin API (dotnet build)"
    runs-on: ubuntu-latest
    container:
-      image: 171.22.25.73:5002/dotnet/sdk:10.0
+      image: 171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0
      options: >-
        --add-host=gitea:host-gateway
        --add-host=mirror:host-gateway
    steps:
      - name: Checkout
        env:
@@ -121,8 +121,10 @@ jobs:
          <configuration>
            <packageSources>
              <clear />
-              <add key="nexus" value="http://mirror:8081/repository/nuget-group/index.json"
+              <add key="nexus"
-                   protocolVersion="3" allowInsecureConnections="true" />
+                   value="http://171.22.25.73:8081/repository/nuget-group/index.json"
                   protocolVersion="3"
                   allowInsecureConnections="true" />
            </packageSources>
          </configuration>
          EOF
@@ -139,10 +141,9 @@ jobs:
    name: "CI · Dashboard (tsc)"
    runs-on: ubuntu-latest
    container:
-      image: 171.22.25.73:5000/library/node:20-alpine
+      image: 171.22.25.73:8081/repository/docker-group/node:20-alpine
      options: >-
        --add-host=gitea:host-gateway
        --add-host=mirror:host-gateway
    steps:
      - name: Checkout
        env:
@@ -158,7 +159,7 @@ jobs:
      - name: Install dependencies
        working-directory: web/dashboard
-        run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/
+        run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/
      - name: TypeScript check
        working-directory: web/dashboard
@@ -170,10 +171,9 @@ jobs:
    name: "CI · Admin Web (tsc)"
    runs-on: ubuntu-latest
    container:
-      image: 171.22.25.73:5000/library/node:20-alpine
+      image: 171.22.25.73:8081/repository/docker-group/node:20-alpine
      options: >-
        --add-host=gitea:host-gateway
        --add-host=mirror:host-gateway
    steps:
      - name: Checkout
        env:
@@ -189,7 +189,7 @@ jobs:
      - name: Install dependencies
        working-directory: web/admin
-        run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/
+        run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/
      - name: TypeScript check
        working-directory: web/admin
@@ -201,10 +201,9 @@ jobs:
    name: "CI · Website (tsc)"
    runs-on: ubuntu-latest
    container:
-      image: 171.22.25.73:5000/library/node:20-alpine
+      image: 171.22.25.73:8081/repository/docker-group/node:20-alpine
      options: >-
        --add-host=gitea:host-gateway
        --add-host=mirror:host-gateway
    steps:
      - name: Checkout
        env:
@@ -220,7 +219,7 @@ jobs:
      - name: Install dependencies
        working-directory: web/website
-        run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/
+        run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/
      - name: TypeScript check
        working-directory: web/website
@@ -232,10 +231,9 @@ jobs:
    name: "CI · Koja (tsc)"
    runs-on: ubuntu-latest
    container:
-      image: 171.22.25.73:5000/library/node:20-alpine
+      image: 171.22.25.73:8081/repository/docker-group/node:20-alpine
      options: >-
        --add-host=gitea:host-gateway
        --add-host=mirror:host-gateway
    steps:
      - name: Checkout
        env:
@@ -251,7 +249,7 @@ jobs:
      - name: Install dependencies
        working-directory: web/koja
-        run: npm install --legacy-peer-deps --ignore-scripts --registry http://mirror:8081/repository/npm-group/
+        run: npm install --legacy-peer-deps --ignore-scripts --registry http://171.22.25.73:8081/repository/npm-group/
      - name: TypeScript check
        working-directory: web/koja
@@ -16,8 +16,8 @@ services:
      extra_hosts:
        - "mirror:host-gateway"
      args:
-        DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-mcr-mirror.liara.ir/dotnet/sdk:10.0}
+        DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0}
-        DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-mcr-mirror.liara.ir/dotnet/aspnet:10.0}
+        DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0}
    container_name: meezi-admin-api
    restart: unless-stopped
    depends_on:
@@ -52,8 +52,8 @@ services:
      extra_hosts:
        - "mirror:host-gateway"
      args:
-        NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine}
+        NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine}
-        NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/}
+        NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/}
        NEXT_PUBLIC_ADMIN_API_URL: ${NEXT_PUBLIC_ADMIN_API_URL:-http://localhost:5081}
    container_name: meezi-admin-web
    restart: unless-stopped
@@ -1,5 +1,12 @@
 # Meezi — main stack (Postgres, Redis, API, Dashboard, Website, Koja)
 #
 # All images/packages served from local Nexus at 171.22.25.73:8081
 #   Docker images → 171.22.25.73:8081  (docker-group: proxies Docker Hub + MCR)
 #   NuGet          → http://171.22.25.73:8081/repository/nuget-group/
 #   npm            → http://171.22.25.73:8081/repository/npm-group/
 #
 # Docker Desktop: add "insecure-registries": ["171.22.25.73:8081"] to daemon.json
 #
 # Local dev:
 #   cp .env.example .env
 #   docker compose up -d --build
@@ -18,7 +25,7 @@
 services:
  postgres:
-    image: ${POSTGRES_IMAGE:-docker-mirror.liara.ir/library/postgres:16-alpine}
+    image: ${POSTGRES_IMAGE:-171.22.25.73:8081/repository/docker-group/postgres:16-alpine}
    container_name: meezi-db
    restart: unless-stopped
    environment:
@@ -36,7 +43,7 @@ services:
      retries: 10
  redis:
-    image: ${REDIS_IMAGE:-docker-mirror.liara.ir/library/redis:7-alpine}
+    image: ${REDIS_IMAGE:-171.22.25.73:8081/repository/docker-group/redis:7-alpine}
    container_name: meezi-redis
    restart: unless-stopped
    ports:
@@ -57,8 +64,8 @@ services:
      extra_hosts:
        - "mirror:host-gateway"
      args:
-        DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-mcr-mirror.liara.ir/dotnet/sdk:10.0}
+        DOTNET_SDK_IMAGE: ${DOTNET_SDK_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0}
-        DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-mcr-mirror.liara.ir/dotnet/aspnet:10.0}
+        DOTNET_ASPNET_IMAGE: ${DOTNET_ASPNET_IMAGE:-171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0}
    container_name: meezi-api
    restart: unless-stopped
    depends_on:
@@ -103,8 +110,8 @@ services:
      extra_hosts:
        - "mirror:host-gateway"
      args:
-        NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine}
+        NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine}
-        NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/}
+        NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/}
        NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-http://localhost:5080}
    container_name: meezi-web
    restart: unless-stopped
@@ -124,8 +131,8 @@ services:
      extra_hosts:
        - "mirror:host-gateway"
      args:
-        NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine}
+        NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine}
-        NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/}
+        NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/}
        MEEZI_API_URL: http://api:8080
        NEXT_PUBLIC_SITE_URL: ${NEXT_PUBLIC_SITE_URL:-http://localhost:3010}
    container_name: meezi-website
@@ -148,8 +155,8 @@ services:
      extra_hosts:
        - "mirror:host-gateway"
      args:
-        NODE_IMAGE: ${NODE_IMAGE:-docker-mirror.liara.ir/library/node:20-alpine}
+        NODE_IMAGE: ${NODE_IMAGE:-171.22.25.73:8081/repository/docker-group/node:20-alpine}
-        NPM_REGISTRY: ${NPM_REGISTRY:-https://package-mirror.liara.ir/repository/npm/}
+        NPM_REGISTRY: ${NPM_REGISTRY:-http://171.22.25.73:8081/repository/npm-group/}
        NEXT_PUBLIC_API_URL: ${NEXT_PUBLIC_API_URL:-http://localhost:5080}
        NEXT_PUBLIC_SITE_URL: ${NEXT_PUBLIC_KOJA_URL:-http://localhost:3103}
    container_name: meezi-koja
@@ -1,11 +1,11 @@
-ARG DOTNET_SDK_IMAGE=mcr.microsoft.com/dotnet/sdk:10.0
+ARG DOTNET_SDK_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0
-ARG DOTNET_ASPNET_IMAGE=mcr.microsoft.com/dotnet/aspnet:10.0
+ARG DOTNET_ASPNET_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0
 FROM ${DOTNET_SDK_IMAGE} AS build
 WORKDIR /src
 COPY global.json Directory.Build.props Directory.Packages.props ./
-# nuget.docker.config points to local Nexus mirror (mirror:8081 via extra_hosts in compose)
+# nuget.docker.config points to local Nexus mirror (171.22.25.73:8081)
 COPY nuget.docker.config ./nuget.config
 COPY src/Meezi.Shared/Meezi.Shared.csproj src/Meezi.Shared/
@@ -1,9 +1,9 @@
-ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine
+ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine
 FROM ${NODE_IMAGE} AS deps
 WORKDIR /app
 COPY web/admin/package*.json ./
-ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/
+ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/
 # Install deps then ensure Alpine (musl) SWC binary is present
 RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY} \
    && NEXT_VER=$(node -e "process.stdout.write(require('./node_modules/next/package.json').version)") \
@@ -1,11 +1,11 @@
-ARG DOTNET_SDK_IMAGE=mcr.microsoft.com/dotnet/sdk:10.0
+ARG DOTNET_SDK_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/sdk:10.0
-ARG DOTNET_ASPNET_IMAGE=mcr.microsoft.com/dotnet/aspnet:10.0
+ARG DOTNET_ASPNET_IMAGE=171.22.25.73:8081/repository/docker-group/dotnet/aspnet:10.0
 FROM ${DOTNET_SDK_IMAGE} AS build
 WORKDIR /src
 COPY global.json Directory.Build.props Directory.Packages.props ./
-# nuget.docker.config points to local Nexus mirror (mirror:8081 via extra_hosts in compose)
+# nuget.docker.config points to local Nexus mirror (171.22.25.73:8081)
 COPY nuget.docker.config ./nuget.config
 COPY src/Meezi.Shared/Meezi.Shared.csproj src/Meezi.Shared/
@@ -1,6 +1,8 @@
 {
  "insecure-registries": [
    "171.22.25.73:8081"
  ],
  "registry-mirrors": [
-    "https://docker.iranrepo.ir",
+    "http://171.22.25.73:8081"
    "https://registry.docker.ir"
  ]
 }
@@ -1,9 +1,9 @@
-ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine
+ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine
 FROM ${NODE_IMAGE} AS deps
 WORKDIR /app
 COPY web/koja/package*.json ./
-ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/
+ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/
 RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY}
 FROM ${NODE_IMAGE} AS builder
@@ -1,9 +1,9 @@
-ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine
+ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine
 FROM ${NODE_IMAGE} AS deps
 WORKDIR /app
 COPY web/dashboard/package*.json ./
-ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/
+ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/
 RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY}
 FROM ${NODE_IMAGE} AS builder
@@ -1,9 +1,9 @@
-ARG NODE_IMAGE=docker-mirror.liara.ir/library/node:20-alpine
+ARG NODE_IMAGE=171.22.25.73:8081/repository/docker-group/node:20-alpine
 FROM ${NODE_IMAGE} AS deps
 WORKDIR /app
 COPY web/website/package*.json ./
-ARG NPM_REGISTRY=https://package-mirror.liara.ir/repository/npm/
+ARG NPM_REGISTRY=http://171.22.25.73:8081/repository/npm-group/
 # Install deps then ensure Alpine (musl) SWC binary is present
 RUN npm install --legacy-peer-deps --ignore-scripts --registry ${NPM_REGISTRY} \
    && NEXT_VER=$(node -e "process.stdout.write(require('./node_modules/next/package.json').version)") \
@@ -1,10 +1,12 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- NuGet config for Docker builds — routes restores through Liara NuGet mirror. -->
+<!-- NuGet config for Docker builds — routes restores through local Nexus mirror. -->
 <configuration>
  <packageSources>
    <clear />
-    <add key="liara-nuget" value="https://package-mirror.liara.ir/repository/nuget/index.json"
+    <add key="nexus"
-         protocolVersion="3" />
+         value="http://171.22.25.73:8081/repository/nuget-group/index.json"
         protocolVersion="3"
         allowInsecureConnections="true" />
  </packageSources>
  <config>
    <add key="http_retry_count" value="8" />