From 0af06323042409f41ae69f781ba644ceba9c38ba Mon Sep 17 00:00:00 2001
From: Quentin McGaw <quentin.mcgaw@gmail.com>
Date: Sat, 23 Nov 2019 18:01:18 -0500
Subject: [PATCH] Building Docker images for all CPU architectures (#57)

* Created Travis config to build images for all CPU architectures
* Updated readme
---
 .dockerignore    |  9 +++++++--
 .travis.yml      | 25 +++++++++++++++++++++++++
 Dockerfile       |  4 +++-
 README.md        | 31 ++++++++++++-------------------
 ci.sh            | 21 +++++++++++++++++++++
 hooks/build      |  5 -----
 hooks/post_build |  3 ---
 7 files changed, 68 insertions(+), 30 deletions(-)
 create mode 100644 .travis.yml
 create mode 100644 ci.sh
 delete mode 100644 hooks/build
 delete mode 100644 hooks/post_build

diff --git a/.dockerignore b/.dockerignore
index d424e1ed..1727b566 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,4 +1,9 @@
 .git
+.vscode
 readme
-*.yml
-*.md
\ No newline at end of file
+.gitignore
+.travis.yml
+ci.sh
+docker-compose.yml
+LICENSE
+README.md
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 00000000..6dc1e10b
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,25 @@
+dist: xenial
+sudo: required
+git:
+  quiet: true
+  depth: 1
+branches:
+  only:
+  - master
+  - xbuild
+env:
+  global:
+    - IMAGE_PATH=qmcgaw/private-internet-access
+    - BASE_TAG=xbuild
+before_install:
+  - curl -fsSL https://get.docker.com | sh
+  - echo '{"experimental":"enabled"}' | sudo tee /etc/docker/daemon.json
+  - mkdir -p $HOME/.docker
+  - echo '{"experimental":"enabled"}' | sudo tee $HOME/.docker/config.json
+  - sudo service docker start
+install:
+  - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+  - docker buildx create --name xbuilder --use
+script: bash ci.sh $IMAGE_PATH
+after_success:
+  - curl -X POST https://hooks.microbadger.com/images/qmcgaw/private-internet-access/tQFy7AxtSUNANPe6aoVChYdsI_I= || exit 0
diff --git a/Dockerfile b/Dockerfile
index 027c50cd..503671ec 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,14 @@
 ARG ALPINE_VERSION=3.10
 
 FROM alpine:${ALPINE_VERSION}
+ARG VERSION
 ARG BUILD_DATE
 ARG VCS_REF
+ARG TAG=latest
 LABEL \
     org.opencontainers.image.authors="quentin.mcgaw@gmail.com" \
     org.opencontainers.image.created=$BUILD_DATE \
-    org.opencontainers.image.version="" \
+    org.opencontainers.image.version="$VERSION" \
     org.opencontainers.image.revision=$VCS_REF \
     org.opencontainers.image.url="https://github.com/qdm12/private-internet-access-docker" \
     org.opencontainers.image.documentation="https://github.com/qdm12/private-internet-access-docker" \
diff --git a/README.md b/README.md
index 8efb3026..48788a06 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,8 @@
-# Private Internet Access Client (OpenVPN+Iptables+DNS over TLS on Alpine Linux)
+# Private Internet Access Client
 
-*Lightweight VPN client to tunnel to private internet access servers*
+*Lightweight swiss-knife-like VPN client to tunnel to private internet access servers, using OpenVPN, iptables, DNS over TLS, ShadowSocks, Tinyproxy and more*
+
+**ANNOUCEMENT**: Supports all CPU architectures :art: just pull the image!
 
 [![PIA Docker OpenVPN](https://github.com/qdm12/private-internet-access-docker/raw/master/readme/title.png)](https://hub.docker.com/r/qmcgaw/private-internet-access/)
 
@@ -19,7 +21,7 @@
 [![Image size](https://images.microbadger.com/badges/image/qmcgaw/private-internet-access.svg)](https://microbadger.com/images/qmcgaw/private-internet-access)
 [![Image version](https://images.microbadger.com/badges/version/qmcgaw/private-internet-access.svg)](https://microbadger.com/images/qmcgaw/private-internet-access)
 
-| Image size | RAM usage | CPU usage |
+| Image size (amd64) | RAM usage | CPU usage |
 | --- | --- | --- |
 | 23.3MB | 14MB to 80MB | Low to Medium |
 
@@ -50,7 +52,7 @@
 
     </p></details>
 - Connect other containers to it, [see this](https://github.com/qdm12/private-internet-access-docker#connect-to-it)
-- **ARM** compatible
+- Compatible with amd64, i686 (32 bit), ARM 64 bit, ARM 32 bit v6 and v7, ppc64le and even that s390x 🎆
 - Port forwarding
 - The *iptables* firewall allows traffic only with needed PIA servers (IP addresses, port, protocol) combinations
 - OpenVPN reconnects automatically on failure
@@ -59,7 +61,7 @@
 - OpenVPN can run *without root* but this disallows OpenVPN reconnecting, it can be set with `NONROOT=yes`
 - Connect your LAN devices
   - HTTP Web proxy *tinyproxy*
-  - SOCKS5 proxy *shadowsocks*
+  - SOCKS5 proxy *shadowsocks* (better as it does UDP too)
 
 ## Setup
 
@@ -87,17 +89,6 @@
     modprobe tun
     ```
 
-1. <details><summary>If you have a non-amd64 device (**ARM** etc.), either...</summary><p>
-
-    - **IN PROGRESS** download the slightly slower and larger pre-built Docker image ([why?](https://www.reddit.com/r/docker/comments/c7vo7f/arm_buildx_on_amd64_vs_build_on_arm_device/esk3ejb))
-    - Build the image on your device:
-
-        ```sh
-        docker build -t qmcgaw/private-internet-access https://github.com/qdm12/private-internet-access-docker.git
-        ```
-
-    </p></details>
-
 1. Launch the container with:
 
     ```bash
@@ -118,6 +109,8 @@
     - Use `-p 8388:8388/tcp -p 8388:8388/udp` to access the SOCKS5 proxy (and put your LAN in `EXTRA_SUBNETS` environment variable)
     - Pass additional arguments to *openvpn* using Docker's command function (commands after the image name)
 
+You can update the image with `docker pull qmcgaw/private-internet-access:latest`
+
 ## Testing
 
 Check the PIA IP address matches your expectations
@@ -296,9 +289,9 @@ Note that not all regions support port forwarding.
 
 ## TODOs
 
-- Shadowsocks
-    - Get logs from file and merge with docker stdout
-- Mix Logs of Unbound
+- Golang binary to setup the container at start, and:
+  - Mix logs of unbound, tinyproxy, shadowsocks and openvpn together somehow
+  - support other VPN providers
 - Maybe use `--inactive 3600 --ping 10 --ping-exit 60` as default behavior
 - Try without tun
 
diff --git a/ci.sh b/ci.sh
new file mode 100644
index 00000000..be47cb0f
--- /dev/null
+++ b/ci.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+if [ "$TRAVIS_PULL_REQUEST" = "true" ]; then
+  docker buildx build --platform=$PLATFORMS  .
+  return $?
+fi
+echo $DOCKER_PASSWORD | docker login -u qmcgaw --password-stdin &> /dev/null
+IMAGE_PATH=$1
+TAG="$TRAVIS_BRANCH"
+if [ "$TAG" = "master" ]; then
+  TAG="${TRAVIS_TAG:-latest}"
+fi
+echo "Building Docker images for \"$IMAGE_PATH:$TAG\""
+docker buildx build \
+    --platform=linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6,linux/ppc64le,linux/s390x \
+    --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \
+    --build-arg VCS_REF=`git rev-parse --short HEAD` \
+    --build-arg VERSION=$TAG \
+    -t $IMAGE_PATH:$TAG \
+    --push \
+    .
diff --git a/hooks/build b/hooks/build
deleted file mode 100644
index 8e98dbe2..00000000
--- a/hooks/build
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-
-docker build --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \
-             --build-arg VCS_REF=`git rev-parse --short HEAD` \
-             -t $IMAGE_NAME .
diff --git a/hooks/post_build b/hooks/post_build
deleted file mode 100644
index 34c02f01..00000000
--- a/hooks/post_build
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-curl -X POST https://hooks.microbadger.com/images/qmcgaw/${DOCKER_REPO}/tQFy7AxtSUNANPe6aoVChYdsI_I= || exit 0
\ No newline at end of file