diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 312bd350..8853bdb0 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,11 +1,15 @@ FROM alpine:3.10 -LABEL maintainer="NGINX Docker Maintainers " +LABEL maintainer="Bernardo Donadio " ENV NGINX_VERSION 1.17.1 ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1 +EXPOSE 80 +STOPSIGNAL SIGTERM +CMD ["nginx", "-g", "daemon off;"] + RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup -g 101 -S nginx \ @@ -18,67 +22,40 @@ RUN set -x \ nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ - && case "$apkArch" in \ - x86_64) \ -# arches officially built by upstream - set -x \ - && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ - && apk add --no-cache --virtual .cert-deps \ - openssl \ - && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ - && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ - echo "key verification succeeded!"; \ - mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ - else \ - echo "key verification failed!"; \ - exit 1; \ - fi \ - && printf "%s%s%s\n" \ - "https://nginx.org/packages/mainline/alpine/v" \ - `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ - "/main" \ - | tee -a /etc/apk/repositories \ - && apk del .cert-deps \ - ;; \ - *) \ -# we're on an architecture upstream doesn't officially build for -# let's build binaries from the published packaging sources - set -x \ - && tempDir="$(mktemp -d)" \ - && chown nobody:nobody $tempDir \ - && apk add --no-cache --virtual .build-deps \ - gcc \ - libc-dev \ - make \ - openssl-dev \ - pcre-dev \ - zlib-dev \ - linux-headers \ - libxslt-dev \ - gd-dev \ - geoip-dev \ - perl-dev \ - libedit-dev \ - mercurial \ - bash \ - alpine-sdk \ - findutils \ - && su nobody -s /bin/sh -c " \ - export HOME=${tempDir} \ - && cd ${tempDir} \ - && hg clone https://hg.nginx.org/pkg-oss \ - && cd pkg-oss \ - && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ - && cd alpine \ - && make all \ - && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ - && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ - " \ - && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ - && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ - && apk del .build-deps \ - ;; \ - esac \ + && set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ && apk add --no-cache $nginxPackages \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ @@ -109,9 +86,3 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log - -EXPOSE 80 - -STOPSIGNAL SIGTERM - -CMD ["nginx", "-g", "daemon off;"]