commit ebafae2adf7152207112ec26551540025bb88009
Author: Andre Challier <andre.challier@challier.org>
Date:   Thu Dec 11 11:39:49 2025 +0100

    initial commit

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..96b3be3
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,31 @@
+FROM jkaninda/nginx-php-fpm
+
+# Install git and ssh-keygen
+RUN apt-get update && \
+    apt-get install -y git openssh-client && \
+    rm -rf /var/lib/apt/lists/*
+
+# Set the path to the SSH key pair
+ENV SSH_KEY_PATH=/root/.ssh/id_ed25519
+
+# Check if the SSH key pair exists
+RUN if [ ! -f "$SSH_KEY_PATH" ]; then \
+        ssh-keygen -t ed25519 -N "" -f $SSH_KEY_PATH && \
+        echo "Generated SSH key pair:" && \
+        cat $SSH_KEY_PATH.pub; \
+    else \
+        echo "Using existing SSH key pair:" && \
+        cat $SSH_KEY_PATH.pub; \
+    fi
+
+# Nginx configuration
+COPY nginx.conf.dist /etc/nginx/nginx.conf
+COPY webhook.php /usr/share/nginx/html/webhook.php
+# Entrypoint.sh
+COPY 99-init-repos.sh /docker-entrypoint.d/99-init-repos.sh
+
+# Expose ports
+EXPOSE 80
+
+# Fetch repo
+CMD ["nginx","-g","daemon: off;"]
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..2b02cd6
--- /dev/null
+++ b/README.md
@@ -0,0 +1,8 @@
+# Docker Nginx Git
+
+This is a container to serve static pages from dadi staging repository.
+
+From the static sites repository all branches are initially loaded to `$HTML_FOLDER/branches/<branchname>`.
+
+On a push to some branch on the static sites repository, this branches folder is deleted and cloned again.
+
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..ce3dfbc
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,36 @@
+version: '3.8'
+
+services:
+  nginx:
+    image: nginx:latest
+    restart: always
+    volumes:
+      - static-files:/usr/share/nginx/html
+    networks:
+      - nginx-network
+
+  webhooks-git:
+    build:
+      context: ./webhooks-git
+      dockerfile: Dockerfile
+    restart: always
+    volumes:
+      - static-files:/html
+      - ${WEBHOOK_GIT_DATA_PATH}:/data
+    networks:
+      - webhooks-git-network
+    environment:
+      - GIT_SERVER_DADI_STAGING=${GIT_SERVER_DADI_STAGING}
+      - WEBHOOK_SECRET=${WEBHOOK_SECRET}
+
+volumes:
+  static-files:
+    name: ${STATIC_FILES_VOLUME_NAME}
+networks:
+  nginx-network:
+    name: ${NGINX_NETWORK}
+    external: true
+  webhooks-git-network:
+    name: ${WEBHOOK_GIT_NETWORK}
+    external: true
+
diff --git a/webhook-git-2.Dockerfile b/webhook-git-2.Dockerfile
new file mode 100644
index 0000000..c3b9633
--- /dev/null
+++ b/webhook-git-2.Dockerfile
@@ -0,0 +1,18 @@
+# Dockerfile for https://github.com/adnanh/webhook
+FROM        golang:alpine AS build
+MAINTAINER  Almir Dzinovic <almir@dzinovic.net>
+WORKDIR     /go/src/github.com/adnanh/webhook
+ENV         WEBHOOK_VERSION 2.8.1
+RUN         apk add --update -t build-deps curl libc-dev gcc libgcc git openssh-client bash nano
+RUN         curl -L --silent -o webhook.tar.gz https://github.com/adnanh/webhook/archive/${WEBHOOK_VERSION}.tar.gz && \
+            tar -xzf webhook.tar.gz --strip 1
+RUN         go get -d -v
+RUN         CGO_ENABLED=0 go build -ldflags="-s -w" -o /usr/local/bin/webhook
+
+FROM        alpine
+RUN         apk --no-cache add git openssh-client bash nano
+COPY        --from=build /usr/local/bin/webhook /usr/local/bin/webhook
+WORKDIR     /etc/webhook
+EXPOSE      9000
+ENTRYPOINT  ["/usr/local/bin/webhook"]
+CMD ["-verbose", "-hooks=/etc/webhook/hooks.yaml", "-hotreload"]
\ No newline at end of file
diff --git a/webhook-git.Dockerfile b/webhook-git.Dockerfile
new file mode 100644
index 0000000..b60e120
--- /dev/null
+++ b/webhook-git.Dockerfile
@@ -0,0 +1,11 @@
+# Dockerfile for https://github.com/adnanh/webhook
+FROM        almir/webhook
+COPY        hooks.json.example /etc/webhook/hooks.json
+
+FROM        alpine
+RUN         apk --no-cache add git openssh-client bash nano
+COPY        --from=build /usr/local/bin/webhook /usr/local/bin/webhook
+WORKDIR     /etc/webhook
+EXPOSE      9000
+ENTRYPOINT  ["/usr/local/bin/webhook"]
+CMD ["-verbose", "-hooks=/etc/webhook/hooks.json", "-hotreload"]
\ No newline at end of file
diff --git a/webhooks-git/Dockerfile b/webhooks-git/Dockerfile
new file mode 100644
index 0000000..5ad0834
--- /dev/null
+++ b/webhooks-git/Dockerfile
@@ -0,0 +1,41 @@
+FROM        almir/webhook:latest as build
+
+FROM        alpine:latest
+
+# install applications
+
+RUN         apk --no-cache add git openssh-client bash nano gettext
+
+# set environment
+
+ARG WEBHOOK_SECRET
+ENV WEBHOOK_SECRET=${WEBHOOK_SECRET}
+
+ARG GIT_SERVER_ASSETS
+ENV GIT_SERVER_ASSETS=${GIT_SERVER_ASSETS}
+
+ARG GIT_SERVER_PROGRAMM
+ENV GIT_SERVER_PROGRAMM=${GIT_SERVER_PROGRAMM}
+
+# copy binaries and scripts
+COPY        --from=build /usr/local/bin/webhook /usr/local/bin/webhook
+
+COPY        hooks.json.tmpl /etc/webhook/hooks.json.tmpl
+
+COPY        entrypoint.sh /etc/webhook/entrypoint.sh
+RUN         chmod +x /etc/webhook/entrypoint.sh
+
+COPY        programm-hook.sh /etc/webhook/dadi-staging-hook.sh
+RUN         chmod +x /etc/webhook/dadi-staging-hook.sh
+
+COPY        programm-init.sh /etc/webhook/dadi-staging-init.sh
+RUN         chmod +x /etc/webhook/dadi-staging-init.sh
+
+COPY        generate_index_html.sh /etc/webhook/generate_index_html.sh
+RUN         chmod +x /etc/webhook/generate_index_html.sh
+
+WORKDIR     /etc/webhook
+EXPOSE      9000
+
+ENTRYPOINT  ["/etc/webhook/entrypoint.sh"]
+CMD [""]
diff --git a/webhooks-git/dadi-staging-hook.sh b/webhooks-git/dadi-staging-hook.sh
new file mode 100644
index 0000000..66b680c
--- /dev/null
+++ b/webhooks-git/dadi-staging-hook.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+# Check if correct number of arguments are provided
+if [ "$#" -ne 2 ]; then
+	echo "Usage: $0 <repository_name> <branch_name>"
+	exit 1
+fi
+
+repository_name="$1"
+branch_name=$(basename "$2")
+
+BRANCHES_FOLDER="/html/branches"
+DADI_STAGING_REPOSITORY="git_dadi-staging:AG-IT/KlDaDiSeite.git"
+
+# Echo parameters
+echo "Webhook recieved for repository: $repository_name and branch: $branch_name"
+
+# Check if the branch directory exists
+branch_dir="$BRANCHES_FOLDER/$(basename "$branch_name")"
+if [ -d "$branch_dir" ]; then
+	echo "Directory $branch_dir exists, performing git pull..."
+	# Change directory to branch directory
+	cd "$branch_dir"
+	# Perform git pull
+	echo "Updating $branch_dir"
+	git pull origin "$(basename "$branch_name")"
+else
+	echo "Directory $branch_dir does not exist, cloning branch..."
+	# Create branches directory if it doesn't exist
+	mkdir -p branches
+	# Clone the branch
+	git clone --depth 1 --branch "$branch_name" --single-branch "$DADI_STAGING_REPOSITORY" "$branch_dir"
+	# reinitialize index.html
+	./generate_index_html.sh
+fi
diff --git a/webhooks-git/dadi-staging-init.sh b/webhooks-git/dadi-staging-init.sh
new file mode 100644
index 0000000..e5189c1
--- /dev/null
+++ b/webhooks-git/dadi-staging-init.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+#
+# Initialize dadi staging folder from repository
+#
+# - delete existing dadi staging folder
+#
+
+HTML_HOME="/html"
+BRANCHES_FOLDER="/html/branches"
+DADI_STAGING_REPOSITORY="git_dadi_staging:AG-IT/KlDaDiSeite.git"
+
+#
+# Remove all branch folders but assets
+#
+
+for dir in "$BRANCHES_FOLDER"/*/; do
+	dir_name=$(basename "$dir")
+
+	echo "Deleting directory: $dir"
+	rm -rf "$dir"
+done
+
+#
+# Fetch all branch names
+#
+branches=()
+while read -r ref; do
+	# Extract branch name from the reference
+	branch_name=$(echo "$ref" | awk '{print $2}' | sed 's/refs\/heads\///')
+
+	# put into array
+	branches+=("$branch_name")
+done < <(git ls-remote --heads "$DADI_STAGING_REPOSITORY")
+
+for branch in "${branches[@]}"; do
+	echo "cloning $branch"
+	git clone --depth 1 --branch "$branch" --single-branch "$DADI_STAGING_REPOSITORY" "$BRANCHES_FOLDER"/"$branch"
+done
diff --git a/webhooks-git/entrypoint.sh b/webhooks-git/entrypoint.sh
new file mode 100644
index 0000000..0c84643
--- /dev/null
+++ b/webhooks-git/entrypoint.sh
@@ -0,0 +1,86 @@
+#!/bin/sh
+
+#
+# Create hosts.json with by replacing environment variables in template file
+#
+
+# Define the template file path
+template_file="/etc/webhook/hooks.json.tmpl"
+
+# Define the output file path
+output_file="/etc/webhook/hooks.json"
+
+# Check if the template file exists
+if [ ! -f "$template_file" ]; then
+	echo "Template file $template_file not found."
+	# exit 1
+else
+	envsubst <"$template_file" >"$output_file"
+	echo "Generated $output_file"
+fi
+
+#
+# Copy ssh keys and config
+#
+
+path_ssh="/root/.ssh"
+path_dadi_staging_key="/data/ssh/dadi-staging-webhook.deploy.ed25519"
+path_dadi_staging_pub="/data/ssh/dadi-staging-webhook.deploy.ed25519.pub"
+path_ssh_config="/data/ssh/config"
+
+# Create .ssh folder if not present
+if [ ! -d "$path_ssh" ]; then
+	# Create the folder
+	mkdir -p "$path_ssh"
+	echo "Folder created: $path_ssh"
+fi
+
+# Copy dadi staging key
+if [ ! -f "$path_dadi_staging_key" ]; then
+	echo "Error: repository key $path_dadi_staging_key does not exist"
+else
+	cp "$path_dadi_staging_key" "${path_ssh}/"
+fi
+
+# Copy dadi staging public key
+if [ ! -f "$path_dadi_staging_pub" ]; then
+	echo "Error: repository public key $path_dadi_staging_pub does not exist"
+else
+	cp "$path_dadi_staging_pub" "${path_ssh}/"
+fi
+
+# Copy ssh config
+if [ ! -f "$path_ssh_config" ]; then
+	echo "Error: ssh config $path_ssh_config does not exist"
+else
+	cp "$path_ssh_config" "${path_ssh}/"
+fi
+
+# Create or append known_hosts
+
+echo "Validating: $GIT_SERVER_DADI_STAGING"
+ssh-keyscan -H "$GIT_SERVER_DADI_STAGING" >>"${path_ssh}"/known_hosts
+
+echo "git and ssh configured."
+echo "|--- dadi staging webhook public key (deploy key): --------------------|"
+cat "${path_ssh}"/dadi-staging-webhook.deploy.ed25519.pub
+echo "|---- Config ------------------------------------------------------|"
+cat "${path_ssh}"/config
+echo "|---- known_hosts -------------------------------------------------|"
+cat "${path_ssh}"/known_hosts
+echo "|------------------------------------------------------------------|"
+
+# Initialize branches
+
+echo "Initialize branches of dadi staging"
+./dadi-staging-init.sh
+
+# Generate index.html
+./generate_index_html.sh
+
+#
+# Start webhooks
+#
+
+echo "Starting webhooks service"
+exec /usr/local/bin/webhook -verbose -hooks=/etc/webhook/hooks.json -hotreload
diff --git a/webhooks-git/generate_index_html.sh b/webhooks-git/generate_index_html.sh
new file mode 100644
index 0000000..b4bdcab
--- /dev/null
+++ b/webhooks-git/generate_index_html.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+# Directory where branches are stored
+BRANCHES_DIR="/html/branches"
+
+# Generate index.html file
+generate_index_html() {
+	cat <<EOF
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>List of Branches</title>
+</head>
+<body>
+    <h1>List of Branches</h1>
+    <ul>
+EOF
+
+	# Loop through folders in ./branches/
+	for branch_folder in "$BRANCHES_DIR"/*; do
+		branch_name=$(basename "$branch_folder")
+		echo "        <li><a href=\"branches/$branch_name/index.html\">$branch_name</a></li>"
+	done
+
+	cat <<EOF
+    </ul>
+</body>
+</html>
+EOF
+}
+
+generate_index_html >/html/index.html
diff --git a/webhooks-git/hooks.json.tmpl b/webhooks-git/hooks.json.tmpl
new file mode 100644
index 0000000..a97113b
--- /dev/null
+++ b/webhooks-git/hooks.json.tmpl
@@ -0,0 +1,45 @@
+[
+  {
+    "id": "dadi-staging-webhook",
+    "http-methods": ["POST"],
+    "execute-command": "/etc/webhook/dadi-staging-hook.sh",
+    "command-working-directory": "/etc/webhook/",
+    "response-message": "I got the payload!",
+    "response-headers":
+    [
+      {
+        "name": "Access-Control-Allow-Origin",
+        "value": "*"
+      }
+    ],
+    "pass-arguments-to-command":
+    [
+      {
+        "source": "payload",
+        "name": "repository.name"
+      },
+      {
+        "source": "payload",
+        "name": "ref"
+      }
+    ],
+    "trigger-rule":
+    {
+      "and":
+      [
+        {
+          "match":
+          {
+            "type": "payload-hmac-sha1",
+            "secret": "${WEBHOOK_SECRET}",
+            "parameter":
+            {
+              "source": "header",
+              "name": "X-Hub-Signature"
+            }
+          }
+        }
+      ]
+    }
+  },
+]