Merge branch 'master' of https://github.com/11notes/docker-kms-gui

.dockerignore

@@ -1,5 +1,5 @@
 .git*
 *.md
-LICENSE
+img/
 maintain/
 project*

.gitattributes

@@ -1,2 +1 @@
-# Auto detect text files and perform LF normalization
-* text=auto
+* text=auto

.github/workflows/docker.yml

@@ -1,18 +1,50 @@
-name: create and publish docker image
+name: docker
+run-name: ${{ inputs.run-name }}
 
 on:
   workflow_dispatch:
-  push:
-    tags:
-      - 'v*'
+    inputs:
+      run-name:
+        description: 'set run-name for workflow (multiple calls)'
+        type: string
+        required: false
+        default: 'docker'
 
-env:
-  DOCKER_USERNAME: 11notes
+      release:
+        description: 'set WORKFLOW_GITHUB_RELEASE'
+        required: false
+        default: 'false'
+
+      readme:
+        description: 'set WORKFLOW_GITHUB_README'
+        required: false
+        default: 'false'
+
+      image:
+        description: 'set IMAGE'
+        required: false
+
+      uid:
+        description: 'set IMAGE_UID'
+        required: false
+
+      gid:
+        description: 'set IMAGE_GID'
+        required: false
+
+      semverprefix:
+        description: 'prefix for semver tags'
+        required: false
+
+      semversuffix:
+        description: 'suffix for semver tags'
+        required: false
 
 jobs:
-  build-and-push-image:
-    runs-on: ubuntu-latest
+  docker:
+    runs-on: ubuntu-22.04
     permissions:
+      actions: read
       contents: write
       packages: write
       security-events: write
@@ -20,6 +52,17 @@ jobs:
     steps:   
       - name: init / checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          ref: ${{ github.ref_name }}
+          fetch-depth: 0
+
+      - name: init / inputs to env
+        if: github.event_name == 'workflow_dispatch'
+        run: |
+          cat << 'EOF' > .inputs
+          ${{ toJSON(github.event.inputs) }}
+          EOF
+          for KEY in $(cat .inputs | jq --raw-output 'keys[]' | tr '\n' ' '); do echo "input_$(echo ${KEY} | tr '[:upper:]' '[:lower:]')=$(cat .inputs | jq --raw-output '.'${KEY}'')" >> $GITHUB_ENV; done
 
       - name: init / .json to env
         uses: rgarcia-phi/json-to-variables@9835d537368468c4e4de5254dc3efeadda183793
@@ -28,31 +71,51 @@ jobs:
 
       - name: init / setup environment
         run: |
-          : # set default arch if not set
+          : # set image
+          LOCAL_IMAGE=${json_image}
+          if [ ! -z ${input_image} ]; then LOCAL_IMAGE=${input_image}; fi
+          echo "IMAGE=${LOCAL_IMAGE}" >> $GITHUB_ENV
+
+          : # set defaults
           echo "IMAGE_ARCH=${json_arch:-linux/amd64,linux/arm64}" >> $GITHUB_ENV
+          echo "WORKFLOW_GITHUB_RELEASE=${input_release:-true}" >> $GITHUB_ENV;
+          echo "WORKFLOW_GITHUB_README=${input_readme:-true}" >> $GITHUB_ENV;
+          echo "WORKFLOW_GRYPE_SCAN=${json_grype_scan:-true}" >> $GITHUB_ENV;
+          echo "WORKFLOW_GRYPE_SEVERITY_CUTOFF=${json_grype_severity:-high}" >> $GITHUB_ENV;
 
           : # create tags for semver, stable and other shenanigans
-          export LOCAL_SHA=$(git rev-parse --short HEAD)
-          export LOCAL_SEMVER_MAJOR=$(awk -F. '{ print $1 }' <<< ${json_version})
-          export LOCAL_SEMVER_MINOR=$(awk -F. '{ print $2 }' <<< ${json_version})
-          export LOCAL_SEMVER_PATCH=$(awk -F. '{ print $3 }' <<< ${json_version})
-          export LOCAL_TAGS="${json_image}:latest"
-          if [ ! -z ${LOCAL_SEMVER_MAJOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}"; fi
-          if [ ! -z ${LOCAL_SEMVER_MINOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}"; fi
-          if [ ! -z ${LOCAL_SEMVER_PATCH} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}.${LOCAL_SEMVER_PATCH}"; fi
-          if echo "${LOCAL_TAGS}" | grep -q "${json_stable}" ; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:stable"; fi
-          if [ ! -z ${json_tags} ]; then SPECIAL_LOCAL_TAGS=$(echo ${json_tags} | sed 's/,/ /g'); for LOCAL_TAG in ${json_tags}; do LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_TAG}"; done; fi
-          LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SHA}"
+          LOCAL_SHA=$(git rev-parse --short HEAD)
+          LOCAL_SEMVER_MAJOR=$(awk -F. '{ print $1 }' <<< ${json_semver_version})
+          LOCAL_SEMVER_MINOR=$(awk -F. '{ print $2 }' <<< ${json_semver_version})
+          LOCAL_SEMVER_PATCH=$(awk -F. '{ print $3 }' <<< ${json_semver_version})
+          LOCAL_SEMVER_PREFIX=""
+          LOCAL_SEMVER_SUFFIX=""
+          LOCAL_SEMVER_RC=""
+          LOCAL_TAGS="${LOCAL_IMAGE}:${LOCAL_SHA}"
+          if [ ! -z ${input_semverprefix} ]; then LOCAL_SEMVER_PREFIX="${input_semverprefix}-"; fi
+          if [ ! -z ${input_semversuffix} ]; then LOCAL_SEMVER_SUFFIX="-${input_semversuffix}"; fi
+          if [ ! -z ${json_semver_rc} ]; then LOCAL_SEMVER_RC="${json_semver_rc}"; fi
+          if [ ! -z ${LOCAL_SEMVER_MAJOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}${LOCAL_SEMVER_MAJOR}${LOCAL_SEMVER_SUFFIX}"; fi
+          if [ ! -z ${LOCAL_SEMVER_MINOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}${LOCAL_SEMVER_SUFFIX}"; fi
+          if [ ! -z ${LOCAL_SEMVER_PATCH} ]; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}.${LOCAL_SEMVER_PATCH}${LOCAL_SEMVER_SUFFIX}"; fi
+          if echo "${LOCAL_TAGS}" | grep -q "${json_semver_stable}" ; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}stable${LOCAL_SEMVER_SUFFIX}"; fi
+          if echo "${LOCAL_TAGS}" | grep -q "${json_semver_latest}" ; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}latest${LOCAL_SEMVER_SUFFIX}"; fi
+          if [ ! -z ${json_semver_tags} ]; then SPECIAL_LOCAL_TAGS=$(echo ${json_semver_tags} | sed 's/,/ /g'); for LOCAL_TAG in ${json_semver_tags}; do LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}${LOCAL_TAG}${LOCAL_SEMVER_SUFFIX}"; done; fi
           echo "IMAGE_TAGS=${LOCAL_TAGS}" >> $GITHUB_ENV
 
           : # if for whatever reason UID/GID must be changed at build time
-          echo "IMAGE_UID=${json_uid:-1000}" >> $GITHUB_ENV
-          echo "IMAGE_GID=${json_gid:-1000}" >> $GITHUB_ENV
+          if [ ! -z ${input_uid} ]; then echo "IMAGE_UID=${input_uid}" >> $GITHUB_ENV; else echo "IMAGE_UID=${json_uid:-1000}" >> $GITHUB_ENV; fi
+          if [ ! -z ${input_gid} ]; then echo "IMAGE_GID=${input_gid}" >> $GITHUB_ENV; else echo "IMAGE_GID=${json_gid:-1000}" >> $GITHUB_ENV; fi
+
+          : # set rc, prefix or suffix globally for semver and version
+          echo "IMAGE_SEMVER_PREFIX=${LOCAL_SEMVER_PREFIX}" >> $GITHUB_ENV
+          echo "IMAGE_SEMVER_SUFFIX=${LOCAL_SEMVER_SUFFIX}" >> $GITHUB_ENV
+          echo "IMAGE_VERSION_RC=${LOCAL_SEMVER_RC}" >> $GITHUB_ENV
 
       - name: docker / login to hub
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
         with:
-          username: ${{ env.DOCKER_USERNAME }}
+          username: 11notes
           password: ${{ secrets.DOCKER_TOKEN }}
 
       - name: docker / setup qemu
@@ -61,48 +124,57 @@ jobs:
       - name: docker / setup buildx
         uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5
 
-      - name: grype / build & push
+      - name: grype / build & push & tag
+        id: grype-tag
         uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d
         with:
           context: .
           file: arch.dockerfile
           push: true
           platforms: ${{ env.IMAGE_ARCH }}
-          cache-from: type=registry,ref=${{ env.json_image }}:buildcache
-          cache-to: type=registry,ref=${{ env.json_image }}:buildcache,mode=max,compression=zstd,force-compression=true
+          cache-from: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }}
+          cache-to: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }},mode=max,compression=zstd,force-compression=true
           build-args: |
-            APP_IMAGE=${{ env.json_image }}
+            APP_IMAGE=${{ env.IMAGE }}
             APP_NAME=${{ env.json_name }}
-            APP_VERSION=${{ env.json_version }}
+            APP_VERSION=${{ env.json_semver_version }}
             APP_ROOT=${{ env.json_root }}
             APP_UID=${{ env.IMAGE_UID }}
             APP_GID=${{ env.IMAGE_GID }}
+            APP_VERSION_PREFIX=${{ env.IMAGE_SEMVER_PREFIX }}
+            APP_VERSION_SUFFIX=${{ env.IMAGE_SEMVER_SUFFIX }}
+            APP_VERSION_RC=${{ env.IMAGE_VERSION_RC }}
+            APP_NO_CACHE=$(date +%s)
           tags: |
-            ${{ env.json_image }}:grype
+            ${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}grype${{ env.IMAGE_SEMVER_SUFFIX }}
 
       - name: grype / scan
-        id: scan
+        if: env.WORKFLOW_GRYPE_SCAN == 'true'
+        id: grype-scan
         uses: anchore/scan-action@abae793926ec39a78ab18002bc7fc45bbbd94342
         with:
-          image: ${{ env.json_image }}:grype
-          severity-cutoff: high
+          image: ${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}grype${{ env.IMAGE_SEMVER_SUFFIX }}
+          severity-cutoff: ${{ env.WORKFLOW_GRYPE_SEVERITY_CUTOFF }}
+          by-cve: true
+          output-format: 'sarif'
 
       - name: grype / delete tag
-        if: success() || failure()
+        if: steps.grype-tag.outcome == 'success'
         run: |
           curl --request DELETE \
-            --url https://hub.docker.com/v2/repositories/${{ env.json_image }}/tags/grype/ \
+            --url https://hub.docker.com/v2/repositories/${{ env.IMAGE }}/tags/${{ env.IMAGE_SEMVER_PREFIX }}grype${{ env.IMAGE_SEMVER_SUFFIX }}/ \
             --header 'authorization: jwt ${{ secrets.DOCKER_TOKEN }}' \
             --header 'content-type: application/json' \
             --fail
 
-      - name: grype / report / upload
+      - name: codeql / upload
+        id: codeql-upload
+        if: steps.grype-scan.outcome == 'success'
         uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169
         with:
-          sarif_file: ${{ steps.scan.outputs.sarif }}
-
-      - name: grype / report / print
-        run: cat ${{ steps.scan.outputs.sarif }}
+          sarif_file: ${{ steps.grype-scan.outputs.sarif }}
+          wait-for-processing: false
+          category: grype
 
       - name: docker / build & push
         uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d
@@ -113,22 +185,52 @@ jobs:
           sbom: true
           provenance: mode=max
           platforms: ${{ env.IMAGE_ARCH }}
-          cache-from: type=registry,ref=${{ env.json_image }}:buildcache
-          cache-to: type=registry,ref=${{ env.json_image }}:buildcache,mode=max,compression=zstd,force-compression=true
+          cache-from: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }}
+          cache-to: type=registry,ref=${{ env.IMAGE }}:${{ env.IMAGE_SEMVER_PREFIX }}buildcache${{ env.IMAGE_SEMVER_SUFFIX }},mode=max,compression=zstd,force-compression=true
           build-args: |
-            APP_IMAGE=${{ env.json_image }}
+            APP_IMAGE=${{ env.IMAGE }}
             APP_NAME=${{ env.json_name }}
-            APP_VERSION=${{ env.json_version }}
+            APP_VERSION=${{ env.json_semver_version }}
             APP_ROOT=${{ env.json_root }}
             APP_UID=${{ env.IMAGE_UID }}
             APP_GID=${{ env.IMAGE_GID }}
+            APP_VERSION_PREFIX=${{ env.IMAGE_SEMVER_PREFIX }}
+            APP_VERSION_SUFFIX=${{ env.IMAGE_SEMVER_SUFFIX }}
+            APP_VERSION_RC=${{ env.IMAGE_VERSION_RC }}
+            APP_NO_CACHE=$(date +%s)
           tags: |
             ${{ env.IMAGE_TAGS }}
 
-      - name: github / create release notes
+      - name: github / release / log
+        id: git-log
+        run: |
+          LOCAL_LAST_TAG=$(git describe --abbrev=0 --tags `git rev-list --tags --skip=1 --max-count=1`)
+          echo "using last tag: ${LOCAL_LAST_TAG}"
+          LOCAL_COMMITS=$(git log ${LOCAL_LAST_TAG}..HEAD --oneline)
+
+          EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
+          echo "commits<<${EOF}" >> ${GITHUB_OUTPUT}
+          echo "${LOCAL_COMMITS}" >> ${GITHUB_OUTPUT}
+          echo "${EOF}" >> ${GITHUB_OUTPUT}
+
+      - name: github / release / markdown
+        if: env.WORKFLOW_GITHUB_RELEASE == 'true'
+        id: git-release
+        uses: 11notes/action-docker-release@v1
+        with:
+          git_log: ${{ steps.git-log.outputs.commits }}
+
+      - name: github / release / create
+        if: env.WORKFLOW_GITHUB_RELEASE == 'true' && steps.git-release.outcome == 'success'
+        uses: actions/create-release@4c11c9fe1dcd9636620a16455165783b20fc7ea0
         env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: gh release create ${{ github.ref_name }} -F RELEASE.md
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: ${{ github.ref }}
+          body: ${{ steps.git-release.outputs.release }}
+          draft: false
+          prerelease: false
 
       - name: github / update description and set repo defaults
         run: |
@@ -137,7 +239,7 @@ jobs:
             --header 'authorization: Bearer ${{ secrets.REPOSITORY_TOKEN }}' \
             --header 'content-type: application/json' \
             --data '{
-              "description":"${{ env.json_description }}",
+              "description":"${{ env.json_readme_description }}",
               "homepage":"",
               "has_issues":true,
               "has_discussions":true,
@@ -146,13 +248,37 @@ jobs:
             }' \
             --fail
 
+      - name: github / create README.md
+        continue-on-error: true
+        if: env.WORKFLOW_GITHUB_README == 'true'
+        id: github-readme
+        uses: 11notes/action-docker-readme@v1
+        with:
+          sarif_file: ${{ steps.grype-scan.outputs.sarif }}
+
+      - name: github / commit & push
+        continue-on-error: true
+        if: steps.github-readme.outcome == 'success'
+        run: |
+          echo "commit: $(git rev-parse --short HEAD)"
+          echo "ref_name: ${{ github.ref_name }}"
+          echo "base_ref: ${{ github.base_ref }}"
+          echo "head_ref: ${{ github.head_ref }}"
+          
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git add .
+          git commit -m "auto update README.md"
+          git push origin master
+
       - name: docker / push README.md to docker hub
+        if: hashFiles('README.md') != ''
         uses: christian-korneck/update-container-description-action@d36005551adeaba9698d8d67a296bd16fa91f8e8
         env:
-          DOCKER_USER: ${{ env.DOCKER_USERNAME }}
+          DOCKER_USER: 11notes
           DOCKER_PASS: ${{ secrets.DOCKER_TOKEN }}
         with:
-          destination_container_repo: ${{ env.json_image }}
+          destination_container_repo: ${{ env.IMAGE }}
           provider: dockerhub
-          short_description: ${{ env.json_description }}
+          short_description: ${{ env.json_readme_description }}
           readme_file: 'README.md'

.github/workflows/tags.yml

@@ -0,0 +1,25 @@
+name: tags
+on:
+  push:
+    tags:
+      - 'v*'
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:   
+      - name: build docker image
+        uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
+        with:
+          workflow: docker.yml
+          token: "${{ secrets.REPOSITORY_TOKEN }}"
+          inputs: '{ "release":"true", "readme":"true" }'
+
+  docker-unraid:
+    runs-on: ubuntu-latest
+    steps:   
+      - name: build docker image for unraid community
+        uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
+        with:
+          workflow: docker.yml
+          token: "${{ secrets.REPOSITORY_TOKEN }}"
+          inputs: '{ "release":"false", "readme":"false", "uid":"99", "gid":"100", "semversuffix":"unraid", "run-name":"docker-unraid" }'

.gitignore

@@ -1,2 +1 @@
-maintain/
-project*
+maintain/

.inputs

@@ -0,0 +1,5 @@
+{
+  "readme": "true",
+  "release": "false",
+  "run-name": "docker"
+}

.json

@@ -1,10 +1,22 @@
 {
   "image":"11notes/kms-gui",
-  "description":"Activate any version of Windows and Office, forever",
   "name":"kms-gui",
-  "version":"646f476",
   "root":"/kms",
   
-  "stable":"646f476",
-  "parent":"11notes/alpine:stable"
+  "semver":{
+    "version":"465f4d1",
+    "stable":"465f4d1",
+    "latest":"465f4d1"
+  },
+
+  "readme":{
+    "description":"Activate any version of Windows and Office, forever",
+    "parent":{
+      "image":"11notes/kms:465f4d1"
+    },
+    "built":{
+      "py-kms":"https://github.com/Py-KMS-Organization/py-kms",
+      "CustomIcon/pykms-frontend":"https://github.com/CustomIcon/pykms-frontend"
+    }
+  }
 }

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 11notes
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,11 +1,24 @@
-![Banner](https://github.com/11notes/defaults/blob/main/static/img/banner.png?raw=true)
+![banner](https://github.com/11notes/defaults/blob/main/static/img/banner.png?raw=true)
 
-# 🏔️ kms-gui on Alpine
-[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-kms-gui)![size](https://img.shields.io/docker/image-size/11notes/kms-gui/646f476?color=0eb305)![version](https://img.shields.io/docker/v/11notes/kms-gui/646f476?color=eb7a09)![pulls](https://img.shields.io/docker/pulls/11notes/kms-gui?color=2b75d6)[<img src="https://img.shields.io/github/issues/11notes/docker-kms-gui?color=7842f5">](https://github.com/11notes/docker-kms-gui/issues)
+# ⛰️ kms-gui
+[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-kms-gui)![size](https://img.shields.io/docker/image-size/11notes/kms-gui/465f4d1?color=0eb305)![version](https://img.shields.io/docker/v/11notes/kms-gui/465f4d1?color=eb7a09)![pulls](https://img.shields.io/docker/pulls/11notes/kms-gui?color=2b75d6)[<img src="https://img.shields.io/github/issues/11notes/docker-kms-gui?color=7842f5">](https://github.com/11notes/docker-kms-gui/issues)
 
-**Activate any version of Windows and Office, forever**
+Activate any version of Windows and Office, forever
 
-![slmgr](https://github.com/11notes/docker-kms-gui/blob/main/GUI.png?raw=true)
+# MAIN TAGS 🏷️
+These are the main tags for the image. There is also a tag for each commit and its shorthand sha256 value.
+
+* [465f4d1](https://hub.docker.com/r/11notes/kms-gui/tags?name=465f4d1)
+* [stable](https://hub.docker.com/r/11notes/kms-gui/tags?name=stable)
+* [latest](https://hub.docker.com/r/11notes/kms-gui/tags?name=latest)
+* [465f4d1-unraid](https://hub.docker.com/r/11notes/kms-gui/tags?name=465f4d1-unraid)
+* [stable-unraid](https://hub.docker.com/r/11notes/kms-gui/tags?name=stable-unraid)
+* [latest-unraid](https://hub.docker.com/r/11notes/kms-gui/tags?name=latest-unraid)
+
+# UNRAID VERSION 🟠
+This image supports unraid by default. Simply add **-unraid** to any tag and the image will run as 99:100 instead of 1000:1000 causing no issues on unraid. Enjoy.
+
+![Web GUI](https://github.com/11notes/docker-kms-gui/blob/master/img/webGUICustomIcon.png?raw=true)
 
 # SYNOPSIS 📖
 **What can I do with this?** This image will run a web GUI for your [11notes/kms](https://hub.docker.com/r/11notes/kms) server.
@@ -15,7 +28,7 @@
 name: "kms"
 services:
   kms:
-    image: "11notes/kms:latest"
+    image: "11notes/kms:stable"
     container_name: "kms"
     environment:
       TZ: Europe/Zurich
@@ -25,7 +38,7 @@ services:
       - "1688:1688/tcp"
     restart: always
   kms-gui:
-    image: "11notes/kms-gui:646f476"
+    image: "11notes/kms-gui:465f4d1"
     container_name: "kms-gui"
     environment:
       TZ: Europe/Zurich
@@ -38,25 +51,42 @@ volumes:
   var:
 ```
 
+# DEFAULT SETTINGS 🗃️
+| Parameter | Value | Description |
+| --- | --- | --- |
+| `user` | docker | user name |
+| `uid` | 1000 | [user identifier](https://en.wikipedia.org/wiki/User_identifier) |
+| `gid` | 1000 | [group identifier](https://en.wikipedia.org/wiki/Group_identifier) |
+| `home` | /kms | home directory of user docker |
+
 # ENVIRONMENT 📝
 | Parameter | Value | Default |
 | --- | --- | --- |
 | `TZ` | [Time Zone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) | |
-| `DEBUG` | Show debug messages from image **not** app | |
+| `DEBUG` | Will activate debug option for container image and app (if available) | |
+| `KMS_GUI_STYLE` | switch the UI style of the webinterface (py-kms, custom-icon) | custom-icon |
 
 # SOURCE 💾
 * [11notes/kms-gui](https://github.com/11notes/docker-kms-gui)
 
 # PARENT IMAGE 🏛️
-* [11notes/alpine:stable](https://hub.docker.com/r/11notes/alpine)
+* [11notes/kms:465f4d1](https://hub.docker.com/r/11notes/kms)
 
 # BUILT WITH 🧰
 * [py-kms](https://github.com/Py-KMS-Organization/py-kms)
-* [alpine](https://alpinelinux.org)
+* [CustomIcon/pykms-frontend](https://github.com/CustomIcon/pykms-frontend)
+
+# GENERAL TIPS 📌
+* Use a reverse proxy like Traefik, Nginx, HAproxy to terminate TLS and to protect your endpoints
+* Use Let’s Encrypt DNS-01 challenge to obtain valid SSL certificates for your services
+
+# SECURITY VULNERABILITIES REPORT ⚡
+| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |
+| --- | --- | --- | --- | --- | --- | --- | --- |
+| 4.7 (Medium) | linux-pam  | 1.6.1-r1  |   | apk  | /lib/apk/db/installed  | nvd:cpe  | [CVE-2024-10041](https://nvd.nist.gov/vuln/detail/CVE-2024-10041)  |
+
 
-# TIPS 📌
-* Use a reverse proxy like Traefik, Nginx, HAproxy to terminate TLS with a valid certificate
-* Use Let’s Encrypt certificates to protect your SSL endpoints
-  
 # ElevenNotes™️
-This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-kms-gui/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-kms-gui/issues), thanks . You can find all my repositories on [github](https://github.com/11notes?tab=repositories).
+This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-kms-gui/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-kms-gui/issues), thanks. If you have a question or inputs please create a new [discussion](https://github.com/11notes/docker-kms-gui/discussions) instead of an issue. You can find all my other repositories on [github](https://github.com/11notes?tab=repositories).
+
+*created Thu, 20 Feb 2025 05:57:37 GMT*

RELEASE.md

@@ -1,2 +0,0 @@
-### 🪄 Features
-* switch to new github workflow and build process

arch.dockerfile

@@ -1,31 +1,16 @@
-# :: Util
-  FROM alpine AS util
+ARG APP_VERSION=stable
+ARG APP_VERSION_PREFIX=""
+ARG APP_VERSION_SUFFIX=""
 
+# :: Build / templates
+  FROM alpine/git AS templates
   RUN set -ex; \
-    apk --no-cache --update add \
-      git; \
-    git clone https://github.com/11notes/docker-util.git;
-
-# :: Build / redis
-  FROM python:3.12-alpine AS build
-
-  ARG TARGETARCH
-  ARG APP_VERSION
-
-  USER root
-
-  RUN set -ex; \
-    apk --update --no-cache add \
-      git; \
-    mkdir -p /opt/py-kms-gui; \
-    git clone https://github.com/Py-KMS-Organization/py-kms.git; \
-    cd /py-kms/py-kms; \
-    git checkout ${APP_VERSION}; \
-    cp -R /py-kms/py-kms/* /opt/py-kms-gui; \
-    cp -R /py-kms/docker/docker-py3-kms/requirements.txt /opt/py-kms-gui;
+    git clone https://github.com/11notes/pykms-frontend.git; \
+    cd /git/pykms-frontend; \
+    git reset --hard 33777b8;
 
 # :: Header
-  FROM 11notes/alpine:stable
+  FROM 11notes/kms:${APP_VERSION_PREFIX}${APP_VERSION}${APP_VERSION_SUFFIX}
 
   # :: arguments
     ARG TARGETARCH
@@ -33,6 +18,8 @@
     ARG APP_NAME
     ARG APP_VERSION
     ARG APP_ROOT
+    ARG APP_UID
+    ARG APP_GID
 
   # :: environment
     ENV APP_IMAGE=${APP_IMAGE}
@@ -40,41 +27,58 @@
     ENV APP_VERSION=${APP_VERSION}
     ENV APP_ROOT=${APP_ROOT}
 
+    ENV KMS_GUI_STYLE="custom-icon"
+
     ENV PYKMS_SQLITE_DB_PATH=/kms/var/kms.db
+    ENV PYKMS_LICENSE_PATH=/opt/py-kms/LICENSE
+    ENV PYKMS_VERSION_PATH=/opt/py-kms/VERSION
     ENV PORT=8080
+    ENV LOG_LEVEL=INFO
 
   # :: multi-stage
-    COPY --from=util /docker-util/src/ /usr/local/bin
-    COPY --from=build /opt/py-kms-gui/ /opt/py-kms-gui
+    COPY ./LICENSE /opt/py-kms
 
   # :: Run
   USER root
+  RUN eleven printenv;
 
   # :: install application
     RUN set -ex; \
-      apk --no-cache --update add \
-        python3=3.12.8-r1; \
       apk --no-cache --update --virtual .build add \
         py3-pip;
 
     RUN set -ex; \
       mkdir -p ${APP_ROOT}/var; \
-      cd /opt/py-kms-gui; \
-      pip3 install --no-cache-dir -r /opt/py-kms-gui/requirements.txt --break-system-packages; \
+      cd /opt/py-kms; \
+      echo "${APP_VERSION}" > VERSION; \
+      echo "master" >> VERSION; \
+      pip3 install --no-cache-dir -r /opt/py-kms/requirements.gui.txt --break-system-packages; \
       apk del --no-network .build;
 
-  # :: copy filesystem changes and set correct permissions
-    COPY ./rootfs /
+  # :: copy filesystem changes
+    COPY ./rootfs /      
+
+  # :: add multi template option
+    RUN set -ex; \
+      mkdir -p ${APP_ROOT}/.default/styles/py-kms/templates; \
+      mkdir -p ${APP_ROOT}/.default/styles/custom-icon/templates; \
+      cp -R /opt/py-kms/templates/* ${APP_ROOT}/.default/styles/py-kms/templates; \
+      cp -R /opt/py-kms/static/* ${APP_ROOT}/.default/styles/py-kms/static; \
+      rm -rf /opt/py-kms/templates; \
+      rm -rf /opt/py-kms/static;
+    
+    COPY --from=templates /git/pykms-frontend/templates ${APP_ROOT}/.default/styles/custom-icon/templates
+    COPY --from=templates /git/pykms-frontend/static ${APP_ROOT}/.default/styles/custom-icon/static
+
+  # :: set correct permissions
     RUN set -ex; \
       chmod +x -R /usr/local/bin; \
-      chown -R 1000:1000 \
-        ${APP_ROOT};
-
-# :: Volumes
-  VOLUME ["${APP_ROOT}/var"]
+      chown -R ${APP_UID}:${APP_GID} \
+        ${APP_ROOT} \
+        /opt/py-kms;
 
 # :: Monitor
-  HEALTHCHECK --interval=5s --timeout=2s CMD curl -X GET -kILs --fail http://localhost:${PORT} || exit 1
+  HEALTHCHECK --interval=5s --timeout=2s CMD curl -X GET -kILs --fail http://localhost:${PORT}/livez || exit 1
 
 # :: Start
   USER docker

compose.yaml

@@ -1,7 +1,7 @@
 name: "kms"
 services:
   kms:
-    image: "11notes/kms:latest"
+    image: "11notes/kms:stable"
     container_name: "kms"
     environment:
       TZ: Europe/Zurich
@@ -11,7 +11,7 @@ services:
       - "1688:1688/tcp"
     restart: always
   kms-gui:
-    image: "11notes/kms-gui:646f476"
+    image: "11notes/kms-gui:465f4d1"
     container_name: "kms-gui"
     environment:
       TZ: Europe/Zurich

project.md

@@ -0,0 +1,18 @@
+![Web GUI](https://github.com/11notes/docker-${{ json_name }}/blob/master/img/webGUICustomIcon.png?raw=true)
+
+${{ content_synopsis }} This image will run a web GUI for your [11notes/kms](https://hub.docker.com/r/11notes/kms) server.
+
+${{ content_compose }}
+
+${{ content_defaults }}
+
+${{ content_environment }}
+| `KMS_GUI_STYLE` | switch the UI style of the webinterface (py-kms, custom-icon) | custom-icon |
+
+${{ content_source }}
+
+${{ content_parent }}
+
+${{ content_built }}
+
+${{ content_tips }}

rootfs/opt/py-kms/templates/clients.html

@@ -0,0 +1,93 @@
+{% extends 'base.html' %}
+
+{% block title %}clients{% endblock %}
+
+{% block style %}
+th {
+    white-space: nowrap;
+}
+{% endblock %}
+
+{% block content %}
+{% if error %}
+<article class="message is-danger">
+    <div class="message-header">
+        Whoops! Something went wrong...
+    </div>
+    <div class="message-body">
+        {{ error }}
+    </div>
+</article>
+{% else %}
+<nav class="level">
+    <div class="level-item has-text-centered">
+        <div>
+            <p class="heading">Clients</p>
+            <p class="title">{{ count_clients }}</p>
+        </div>
+    </div>
+    <div class="level-item has-text-centered">
+        <div>
+            <p class="heading">Windows</p>
+            <p class="title">{{ count_clients_windows }}</p>
+        </div>
+    </div>
+    <div class="level-item has-text-centered">
+        <div>
+            <p class="heading">Office</p>
+            <p class="title">{{ count_clients_office }}</p>
+        </div>
+    </div>
+    <div class="level-item has-text-centered">
+        <div>
+            <p class="heading">Products</p>
+            <p class="title"><a href="/products">{{ count_projects }}</a></p>
+        </div>
+    </div>
+</nav>
+
+<hr>
+
+{% if clients %}
+<table class="table is-striped is-hoverable is-fullwidth">
+    <thead>
+        <tr>
+            <th>Client ID</th>
+            <th>Machine Name</th>
+            <th>Machine IP</th>
+            <th>Application ID</th>
+            <th><abbr title="Stock Keeping Unit">SKU</abbr> ID</th>
+            <th>License Status</th>
+            <th>Last Seen</th>
+            <th>KMS <abbr title="Enhanced Privacy ID">EPID</abbr></th>
+            <th>Seen Count</th>
+        </tr>
+    </thead>
+    <tbody>
+        {% for client in clients %}
+        <tr>
+            <th><pre class="clientMachineId">{{ client.clientMachineId }}</pre></th>
+            <td class="machineName">{{ client.machineName }}</td>
+            <td>{{ client.machineIp }}</td>
+            <td>{{ client.applicationId }}</td>
+            <td>{{ client.skuId }}</td>
+            <td>{{ client.licenseStatus }}</td>
+            <td class="convert_timestamp">{{ client.lastRequestTime }}</td>
+            <td>{{ client.kmsEpid }}</td>
+            <td>{{ client.requestCount }}</td>
+        </tr>
+        {% endfor %}
+    </tbody>
+</table>
+{% else %}
+<article class="message is-warning">
+    <div class="message-header">
+        <p>Whoops?</p>
+    </div>
+    <div class="message-body">
+        This page seems to be empty, because no clients are available. Try to use the server with a compartible client to add it to the database.
+    </div>
+</article>
+{% endif %}
+{% endif %}
+{% endblock %}

rootfs/usr/local/bin/entrypoint.sh

@@ -1,10 +1,33 @@
 #!/bin/ash
   if [ -z "${1}" ]; then
-    cd /opt/py-kms-gui
-    ls -lah
+
+    if [ ! -z "${DEBUG}" ]; then
+      LOG_LEVEL="DEBUG"
+      eleven log debug "setting kms-gui log level to DEBUG"
+    fi
+
+    # apply correct style
+    rm -rf /opt/py-kms/templates
+    rm -rf /opt/py-kms/static
+    TEMPLATE_DIR=${APP_ROOT}/.default/styles
+    case ${KMS_GUI_STYLE} in
+      py-kms)
+        ln -s ${TEMPLATE_DIR}/py-kms/templates /opt/py-kms/templates
+        ln -s ${TEMPLATE_DIR}/py-kms/static /opt/py-kms/static
+        eleven log info "using ${KMS_GUI_STYLE} GUI style"
+      ;;
+      *)
+        ln -s ${TEMPLATE_DIR}/custom-icon/templates /opt/py-kms/templates
+        ln -s ${TEMPLATE_DIR}/custom-icon/static /opt/py-kms/static
+        eleven log info "using default GUI style"
+      ;;
+    esac
+
+    cd /opt/py-kms
     set -- "gunicorn" \
-      --log-level INFO \
+      --log-level ${LOG_LEVEL} \
       pykms_WebUI:app
+
     eleven log start
   fi