From fa7e30f6b661d87c0a7998ddb5ea0daeb71ddab6 Mon Sep 17 00:00:00 2001 From: "j.boesl" Date: Tue, 14 Jun 2016 19:03:28 +0200 Subject: [PATCH 1/3] Added HEADERS_MORE module. --- .gitignore | 1 + mainline/alpine/Dockerfile | 13 ++++++++++--- 2 files changed, 11 insertions(+), 3 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..723ef36f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.idea \ No newline at end of file diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 9b4fc8ea..d9c70920 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,9 +1,11 @@ FROM alpine:3.4 -MAINTAINER NGINX Docker Maintainers "docker-maint@nginx.com" ENV NGINX_VERSION 1.11.1 +ENV HEADERS_MORE=0.30 +ENV SOURCE_DIR=/tmp/src + ENV GPG_KEYS B0F4253373F8F6F510D42178520A9993A1C052F8 ENV CONFIG "\ --prefix=/etc/nginx \ @@ -47,10 +49,11 @@ ENV CONFIG "\ --with-file-aio \ --with-http_v2_module \ --with-ipv6 \ + --add-module=${SOURCE_DIR}/headers-more-nginx-module-"$HEADERS_MORE" \ " RUN \ - addgroup -S nginx \ + addgroup -S nginx \ && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ && apk add --no-cache --virtual .build-deps \ gcc \ @@ -66,6 +69,9 @@ RUN \ gd-dev \ geoip-dev \ perl-dev \ + && mkdir -p "$SOURCE_DIR" \ + && cd "$SOURCE_DIR" \ + && curl -L https://github.com/openresty/headers-more-nginx-module/archive/v"$HEADERS_MORE".tar.gz | tar -xz \ && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ && export GNUPGHOME="$(mktemp -d)" \ @@ -113,7 +119,8 @@ RUN \ \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log \ + && rm -rf "$SOURCE_DIR" COPY nginx.conf /etc/nginx/nginx.conf COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf From 9114936aa05b730e879fe019ce30a7113bfd6b96 Mon Sep 17 00:00:00 2001 From: "j.boesl" Date: Tue, 4 Oct 2016 09:10:16 +0200 Subject: [PATCH 2/3] Updated HEADERS_MORE: 0.30 -> 0.31 --- mainline/alpine/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 8e5a5806..c099a50d 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -4,7 +4,7 @@ MAINTAINER Johannes Boesl "j.boesl@adito.de" ENV NGINX_VERSION 1.11.4 -ENV HEADERS_MORE=0.30 +ENV HEADERS_MORE=0.31 ENV SOURCE_DIR=/tmp/src RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ From 6a01680137cf333d20a99abc7d25446993856b18 Mon Sep 17 00:00:00 2001 From: Marco Nicotra Date: Mon, 11 Feb 2019 17:09:27 +0100 Subject: [PATCH 3/3] Use latest nginx and header-more versions --- mainline/alpine/Dockerfile | 274 +++++++++++++++++++------------------ 1 file changed, 144 insertions(+), 130 deletions(-) diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index c099a50d..cecd6885 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,142 +1,156 @@ -FROM alpine:3.4 +FROM alpine:3.9 -MAINTAINER Johannes Boesl "j.boesl@adito.de" +LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.11.4 +ENV NGINX_VERSION 1.15.8 -ENV HEADERS_MORE=0.31 +ENV HEADERS_MORE=0.33 ENV SOURCE_DIR=/tmp/src RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ - && CONFIG="\ - --prefix=/etc/nginx \ - --sbin-path=/usr/sbin/nginx \ - --modules-path=/usr/lib/nginx/modules \ - --conf-path=/etc/nginx/nginx.conf \ - --error-log-path=/var/log/nginx/error.log \ - --http-log-path=/var/log/nginx/access.log \ - --pid-path=/var/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ - --http-client-body-temp-path=/var/cache/nginx/client_temp \ - --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ - --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ - --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ - --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ - --user=nginx \ - --group=nginx \ - --with-http_ssl_module \ - --with-http_realip_module \ - --with-http_addition_module \ - --with-http_sub_module \ - --with-http_dav_module \ - --with-http_flv_module \ - --with-http_mp4_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_random_index_module \ - --with-http_secure_link_module \ - --with-http_stub_status_module \ - --with-http_auth_request_module \ - --with-http_xslt_module=dynamic \ - --with-http_image_filter_module=dynamic \ - --with-http_geoip_module=dynamic \ - --with-http_perl_module=dynamic \ - --with-threads \ - --with-stream \ - --with-stream_ssl_module \ - --with-stream_realip_module \ - --with-stream_geoip_module=dynamic \ - --with-http_slice_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-file-aio \ - --with-http_v2_module \ - --with-ipv6 \ - --add-module=${SOURCE_DIR}/headers-more-nginx-module-"$HEADERS_MORE" \ - " \ - && addgroup -S nginx \ - && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ - && apk add --no-cache --virtual .build-deps \ - gcc \ - libc-dev \ - make \ - openssl-dev \ - pcre-dev \ - zlib-dev \ - linux-headers \ - curl \ - gnupg \ - libxslt-dev \ - gd-dev \ - geoip-dev \ - perl-dev \ - && mkdir -p "$SOURCE_DIR" \ - && cd "$SOURCE_DIR" \ - && curl -L https://github.com/openresty/headers-more-nginx-module/archive/v"$HEADERS_MORE".tar.gz | tar -xz \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ - && export GNUPGHOME="$(mktemp -d)" \ - && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$GPG_KEYS" \ - && gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ - && rm -r "$GNUPGHOME" nginx.tar.gz.asc \ - && mkdir -p /usr/src \ - && tar -zxC /usr/src -f nginx.tar.gz \ - && rm nginx.tar.gz \ - && cd /usr/src/nginx-$NGINX_VERSION \ - && ./configure $CONFIG --with-debug \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && mv objs/nginx objs/nginx-debug \ - && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ - && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ - && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ - && mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \ - && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ - && ./configure $CONFIG \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && make install \ - && rm -rf /etc/nginx/html/ \ - && mkdir /etc/nginx/conf.d/ \ - && mkdir -p /usr/share/nginx/html/ \ - && install -m644 html/index.html /usr/share/nginx/html/ \ - && install -m644 html/50x.html /usr/share/nginx/html/ \ - && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ - && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ - && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ - && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ - && install -m755 objs/ngx_http_perl_module-debug.so /usr/lib/nginx/modules/ngx_http_perl_module-debug.so \ - && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ - && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ - && strip /usr/sbin/nginx* \ - && strip /usr/lib/nginx/modules/*.so \ - && rm -rf /usr/src/nginx-$NGINX_VERSION \ - \ - # Bring in gettext so we can get `envsubst`, then throw - # the rest away. To do this, we need to install `gettext` - # then move `envsubst` out of the way so `gettext` can - # be deleted completely, then move `envsubst` back. - && apk add --no-cache --virtual .gettext gettext \ - && mv /usr/bin/envsubst /tmp/ \ - \ - && runDeps="$( \ - scanelf --needed --nobanner /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | sort -u \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk add --no-cache --virtual .nginx-rundeps $runDeps \ - && apk del .build-deps \ - && apk del .gettext \ - && mv /tmp/envsubst /usr/local/bin/ \ - \ - # forward request and error logs to docker log collector - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log \ - && rm -rf "$SOURCE_DIR" +&& CONFIG="\ +--prefix=/etc/nginx \ +--sbin-path=/usr/sbin/nginx \ +--modules-path=/usr/lib/nginx/modules \ +--conf-path=/etc/nginx/nginx.conf \ +--error-log-path=/var/log/nginx/error.log \ +--http-log-path=/var/log/nginx/access.log \ +--pid-path=/var/run/nginx.pid \ +--lock-path=/var/run/nginx.lock \ +--http-client-body-temp-path=/var/cache/nginx/client_temp \ +--http-proxy-temp-path=/var/cache/nginx/proxy_temp \ +--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ +--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ +--http-scgi-temp-path=/var/cache/nginx/scgi_temp \ +--user=nginx \ +--group=nginx \ +--with-http_ssl_module \ +--with-http_realip_module \ +--with-http_addition_module \ +--with-http_sub_module \ +--with-http_dav_module \ +--with-http_flv_module \ +--with-http_mp4_module \ +--with-http_gunzip_module \ +--with-http_gzip_static_module \ +--with-http_random_index_module \ +--with-http_secure_link_module \ +--with-http_stub_status_module \ +--with-http_auth_request_module \ +--with-http_xslt_module=dynamic \ +--with-http_image_filter_module=dynamic \ +--with-http_geoip_module=dynamic \ +--with-threads \ +--with-stream \ +--with-stream_ssl_module \ +--with-stream_ssl_preread_module \ +--with-stream_realip_module \ +--with-stream_geoip_module=dynamic \ +--with-http_slice_module \ +--with-mail \ +--with-mail_ssl_module \ +--with-compat \ +--with-file-aio \ +--with-http_v2_module \ +--add-module=${SOURCE_DIR}/headers-more-nginx-module-"$HEADERS_MORE" \ +" \ +&& addgroup -S nginx \ +&& adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ +&& apk add --no-cache --virtual .build-deps \ +gcc \ +libc-dev \ +make \ +openssl-dev \ +pcre-dev \ +zlib-dev \ +linux-headers \ +curl \ +gnupg1 \ +libxslt-dev \ +gd-dev \ +geoip-dev \ +perl-dev \ + +&& mkdir -p "$SOURCE_DIR" \ +&& cd "$SOURCE_DIR" \ +&& curl -L https://github.com/openresty/headers-more-nginx-module/archive/v"$HEADERS_MORE".tar.gz | tar -xz \ +&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ +&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ +&& export GNUPGHOME="$(mktemp -d)" \ +&& found=''; \ +for server in \ +ha.pool.sks-keyservers.net \ +hkp://keyserver.ubuntu.com:80 \ +hkp://p80.pool.sks-keyservers.net:80 \ +pgp.mit.edu \ +; do \ +echo "Fetching GPG key $GPG_KEYS from $server"; \ +gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \ +done; \ +test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \ +gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ +&& rm -rf "$GNUPGHOME" nginx.tar.gz.asc \ +&& mkdir -p /usr/src \ +&& tar -zxC /usr/src -f nginx.tar.gz \ +&& rm nginx.tar.gz \ +&& cd /usr/src/nginx-$NGINX_VERSION \ +&& ./configure $CONFIG --with-debug \ +&& make -j$(getconf _NPROCESSORS_ONLN) \ +&& mv objs/nginx objs/nginx-debug \ +&& mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ +&& mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ +&& mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ +&& mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ +&& ./configure $CONFIG \ +&& make -j$(getconf _NPROCESSORS_ONLN) \ +&& make install \ +&& rm -rf /etc/nginx/html/ \ +&& mkdir /etc/nginx/conf.d/ \ +&& mkdir -p /usr/share/nginx/html/ \ +&& install -m644 html/index.html /usr/share/nginx/html/ \ +&& install -m644 html/50x.html /usr/share/nginx/html/ \ +&& install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ +&& install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ +&& install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ +&& install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ +&& install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ +&& ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ +&& strip /usr/sbin/nginx* \ +&& strip /usr/lib/nginx/modules/*.so \ +&& rm -rf /usr/src/nginx-$NGINX_VERSION \ +\ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. +&& apk add --no-cache --virtual .gettext gettext \ +&& mv /usr/bin/envsubst /tmp/ \ +\ +&& runDeps="$( \ +scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ +| tr ',' '\n' \ +| sort -u \ +| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ +)" \ +&& apk add --no-cache --virtual .nginx-rundeps $runDeps \ +&& apk del .build-deps \ +&& apk del .gettext \ +&& mv /tmp/envsubst /usr/local/bin/ \ +\ +# Bring in tzdata so users could set the timezones through the environment +# variables +&& apk add --no-cache tzdata \ +\ +# forward request and error logs to docker log collector +&& ln -sf /dev/stdout /var/log/nginx/access.log \ +&& ln -sf /dev/stderr /var/log/nginx/error.log \ +&& rm -rf "$SOURCE_DIR" COPY nginx.conf /etc/nginx/nginx.conf COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf -EXPOSE 80 443 +EXPOSE 80 + +STOPSIGNAL SIGTERM CMD ["nginx", "-g", "daemon off;"]