166 lines
5.6 KiB
Docker
166 lines
5.6 KiB
Docker
ARG ALPINE_VERSION=3.15
|
|
ARG NGINX_VERSION=1.20.2
|
|
ARG NGX_BROTLI_COMMIT=9aec15e2aa6feea2113119ba06460af70ab3ea62
|
|
ARG CONFIG="\
|
|
--prefix=/etc/nginx \
|
|
--sbin-path=/usr/sbin/nginx \
|
|
--modules-path=/usr/lib/nginx/modules \
|
|
--conf-path=/etc/nginx/nginx.conf \
|
|
--error-log-path=/var/log/nginx/error.log \
|
|
--http-log-path=/var/log/nginx/access.log \
|
|
--pid-path=/var/run/nginx.pid \
|
|
--lock-path=/var/run/nginx.lock \
|
|
--http-client-body-temp-path=/var/cache/nginx/client_temp \
|
|
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
|
|
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
|
|
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
|
|
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
|
|
--user=nginx \
|
|
--group=nginx \
|
|
--with-http_ssl_module \
|
|
--with-http_realip_module \
|
|
--with-http_addition_module \
|
|
--with-http_sub_module \
|
|
--with-http_dav_module \
|
|
--with-http_flv_module \
|
|
--with-http_mp4_module \
|
|
--with-http_gunzip_module \
|
|
--with-http_gzip_static_module \
|
|
--with-http_random_index_module \
|
|
--with-http_secure_link_module \
|
|
--with-http_stub_status_module \
|
|
--with-http_auth_request_module \
|
|
--with-http_xslt_module=dynamic \
|
|
--with-http_image_filter_module=dynamic \
|
|
--with-http_geoip_module=dynamic \
|
|
--with-threads \
|
|
--with-stream \
|
|
--with-stream_ssl_module \
|
|
--with-stream_ssl_preread_module \
|
|
--with-stream_realip_module \
|
|
--with-stream_geoip_module=dynamic \
|
|
--with-http_slice_module \
|
|
--with-mail \
|
|
--with-mail_ssl_module \
|
|
--with-compat \
|
|
--with-file-aio \
|
|
--with-http_v2_module \
|
|
--add-module=/usr/src/ngx_brotli \
|
|
"
|
|
|
|
FROM registry.odit.services/hub/library/alpine:3.15
|
|
LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
|
|
|
|
ARG NGINX_VERSION
|
|
ARG NGX_BROTLI_COMMIT
|
|
ARG CONFIG
|
|
|
|
RUN \
|
|
apk add --no-cache --virtual .build-deps \
|
|
gcc \
|
|
libc-dev \
|
|
make \
|
|
openssl-dev \
|
|
pcre-dev \
|
|
zlib-dev \
|
|
linux-headers \
|
|
curl \
|
|
# gnupg \
|
|
libxslt-dev \
|
|
gd-dev \
|
|
geoip-dev \
|
|
&& apk add --no-cache --virtual .brotli-build-deps \
|
|
autoconf \
|
|
libtool \
|
|
automake \
|
|
git \
|
|
g++ \
|
|
cmake
|
|
|
|
COPY nginx.pub /tmp/nginx.pub
|
|
|
|
RUN \
|
|
mkdir -p /usr/src/ngx_brotli \
|
|
&& cd /usr/src/ngx_brotli \
|
|
&& git init \
|
|
&& git remote add origin https://github.com/google/ngx_brotli.git \
|
|
&& git fetch --depth 1 origin $NGX_BROTLI_COMMIT \
|
|
&& git checkout --recurse-submodules -q FETCH_HEAD \
|
|
&& git submodule update --init --depth 1 \
|
|
&& cd .. \
|
|
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
|
|
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \
|
|
&& sha512sum nginx.tar.gz nginx.tar.gz.asc \
|
|
&& export GNUPGHOME="$(mktemp -d)" \
|
|
# && gpg --import /tmp/nginx.pub \
|
|
# && gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
|
|
&& mkdir -p /usr/src \
|
|
&& tar -zxC /usr/src -f nginx.tar.gz
|
|
|
|
RUN \
|
|
cd /usr/src/nginx-$NGINX_VERSION \
|
|
&& ./configure $CONFIG --with-debug \
|
|
&& make -j$(getconf _NPROCESSORS_ONLN) \
|
|
&& mv objs/nginx objs/nginx-debug \
|
|
&& mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \
|
|
&& mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \
|
|
&& mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \
|
|
&& mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \
|
|
&& ./configure $CONFIG \
|
|
&& make -j$(getconf _NPROCESSORS_ONLN)
|
|
|
|
RUN \
|
|
cd /usr/src/nginx-$NGINX_VERSION \
|
|
&& make install \
|
|
&& rm -rf /etc/nginx/html/ \
|
|
&& mkdir /etc/nginx/conf.d/ \
|
|
&& mkdir -p /usr/share/nginx/html/ \
|
|
&& install -m644 html/index.html /usr/share/nginx/html/ \
|
|
&& install -m644 html/50x.html /usr/share/nginx/html/ \
|
|
&& install -m755 objs/nginx-debug /usr/sbin/nginx-debug \
|
|
&& install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \
|
|
&& install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \
|
|
&& install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \
|
|
&& install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \
|
|
&& strip /usr/sbin/nginx* \
|
|
&& strip /usr/lib/nginx/modules/*.so \
|
|
\
|
|
&& apk add --no-cache --virtual .gettext gettext \
|
|
\
|
|
&& scanelf --needed --nobanner /usr/sbin/nginx /usr/lib/nginx/modules/*.so /usr/bin/envsubst \
|
|
| awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \
|
|
| sort -u \
|
|
| xargs -r apk info --installed \
|
|
| sort -u > /tmp/runDeps.txt
|
|
|
|
FROM registry.odit.services/hub/library/alpine:3.15
|
|
ARG NGINX_VERSION
|
|
|
|
COPY --from=0 /tmp/runDeps.txt /tmp/runDeps.txt
|
|
COPY --from=0 /etc/nginx /etc/nginx
|
|
COPY --from=0 /usr/lib/nginx/modules/*.so /usr/lib/nginx/modules/
|
|
COPY --from=0 /usr/sbin/nginx /usr/sbin/nginx-debug /usr/sbin/
|
|
COPY --from=0 /usr/share/nginx/html/* /usr/share/nginx/html/
|
|
COPY --from=0 /usr/bin/envsubst /usr/local/bin/envsubst
|
|
|
|
RUN \
|
|
addgroup -S nginx \
|
|
&& adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \
|
|
&& apk add --no-cache --virtual .nginx-rundeps tzdata $(cat /tmp/runDeps.txt) \
|
|
&& rm /tmp/runDeps.txt \
|
|
&& ln -s /usr/lib/nginx/modules /etc/nginx/modules \
|
|
# forward request and error logs to docker log collector
|
|
&& mkdir /var/log/nginx \
|
|
&& touch /var/log/nginx/access.log /var/log/nginx/error.log \
|
|
&& ln -sf /dev/stdout /var/log/nginx/access.log \
|
|
&& ln -sf /dev/stderr /var/log/nginx/error.log
|
|
|
|
COPY nginx.conf /etc/nginx/nginx.conf
|
|
COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf
|
|
|
|
EXPOSE 80 443
|
|
|
|
STOPSIGNAL SIGQUIT
|
|
|
|
ENTRYPOINT ["nginx"]
|
|
CMD ["-g", "daemon off;"] |