lyn/ClawSkills
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(git-hangman-lab): push docker images via SSH tunnel to bypass Cloudflare body limit

Browse Source 
Cloudflare's free plan limits request bodies to ~100MB, causing 413 on large
docker layer pushes. Push through an SSH tunnel directly to the Gitea origin
server on vps.git instead of through Cloudflare.
This commit is contained in:
orion
2026-04-15 01:34:52 +00:00
parent 8fc95aff22
commit 7745bc8bbc
1 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
git-hangman-lab/scripts/publish-package
View File

@@ -71,19 +71,39 @@ do_docker() {
LOCKFILE="$HOME/.openclaw/.docker" LOCKFILE="$HOME/.openclaw/.docker"
lock-mgr acquire "$LOCKFILE" "$KEY" lock-mgr acquire "$LOCKFILE" "$KEY"
trap 'docker logout "$REGISTRY" 2>/dev/null || true; lock-mgr release "$LOCKFILE" "$KEY" 2>/dev/null || true' EXIT # Push via SSH tunnel to bypass Cloudflare's 100MB request body limit.
# Tunnel forwards 127.0.0.1:$TUNNEL_PORT on this host to Gitea's HTTP port on vps.git.
TUNNEL_HOST="root@vps.git"
TUNNEL_PORT="5000"
TUNNEL_LOCAL="127.0.0.1:${TUNNEL_PORT}"
TUNNEL_CTL="$HOME/.openclaw/.docker-tunnel.sock"
rm -f "$TUNNEL_CTL"
ssh -fN -o ExitOnForwardFailure=yes -o ControlMaster=yes -o ControlPath="$TUNNEL_CTL" \
-L "${TUNNEL_LOCAL}:127.0.0.1:3000" "$TUNNEL_HOST"
echo "Logging in to $REGISTRY..." cleanup() {
docker login "$REGISTRY" -u "$OWNER" -p "$(secret-mgr get-secret --key git)" 2>/dev/null ssh -O exit -o ControlPath="$TUNNEL_CTL" "$TUNNEL_HOST" 2>/dev/null || true
rm -f "$TUNNEL_CTL"
docker logout "$REGISTRY" 2>/dev/null || true
docker logout "$TUNNEL_LOCAL" 2>/dev/null || true
lock-mgr release "$LOCKFILE" "$KEY" 2>/dev/null || true
}
trap cleanup EXIT
echo "Logging in to $REGISTRY (via tunnel $TUNNEL_LOCAL)..."
docker login "$TUNNEL_LOCAL" -u "$OWNER" -p "$(secret-mgr get-secret --key git)" 2>/dev/null
FULL_IMAGE="${REGISTRY}/${OWNER}/${IMAGE}:${TAG}" FULL_IMAGE="${REGISTRY}/${OWNER}/${IMAGE}:${TAG}"
TUNNEL_IMAGE="${TUNNEL_LOCAL}/${OWNER}/${IMAGE}:${TAG}"
echo "Building: $FULL_IMAGE" echo "Building: $FULL_IMAGE"
cd "$REPO" cd "$REPO"
docker build -t "$FULL_IMAGE" . docker build -t "$FULL_IMAGE" .
docker tag "$FULL_IMAGE" "$TUNNEL_IMAGE"
echo "Pushing: $FULL_IMAGE" echo "Pushing via tunnel: $TUNNEL_IMAGE"
docker push "$FULL_IMAGE" docker push "$TUNNEL_IMAGE"
docker rmi "$TUNNEL_IMAGE" 2>/dev/null || true
# Link package to repository # Link package to repository
TOKEN=$(secret-mgr get-secret --key git-access-token) TOKEN=$(secret-mgr get-secret --key git-access-token)
@@ -152,4 +172,4 @@ case "$COMMAND" in
nuget) do_nuget ;; nuget) do_nuget ;;
pypi) do_pypi ;; pypi) do_pypi ;;
npm) do_npm ;; npm) do_npm ;;
esac esac