From d0b8059aa729e826498ef122f57a76a992a081d8 Mon Sep 17 00:00:00 2001 From: Walter Oggioni Date: Fri, 24 Oct 2025 13:19:54 +0800 Subject: [PATCH] updated nginx to 1.29.2 --- .gitea/workflows/build-nginx.yaml | 10 ++++++---- nginx/Dockerfile | 8 +++----- nginx/conf/nginx.conf | 6 +++++- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/.gitea/workflows/build-nginx.yaml b/.gitea/workflows/build-nginx.yaml index 0c0536f..7de005a 100644 --- a/.gitea/workflows/build-nginx.yaml +++ b/.gitea/workflows/build-nginx.yaml @@ -37,11 +37,12 @@ jobs: ssh: default=/home/luser/.ssh/id_ed25519 tags: | "gitea.woggioni.net/woggioni/nginx:latest" - "gitea.woggioni.net/woggioni/nginx:v1.29.1" + "gitea.woggioni.net/woggioni/nginx:v1.29.2" secrets: | GIT_AUTH_TOKEN.github.com=${{ secrets.GH_ACCESS_TOKEN }} build-args: | - NGINX_VERSION=1.29.1 + LIBRESSL_VERSION=4.2.0 + NGINX_VERSION=1.29.2 NGINX_BRANCH=vanilla cache-from: type=registry,ref=gitea.woggioni.net/woggioni/nginx:buildx-vanilla cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/nginx:buildx-vanilla @@ -58,11 +59,12 @@ jobs: ssh: default=/home/luser/.ssh/id_ed25519 tags: | "gitea.woggioni.net/woggioni/nginx:woggioni" - "gitea.woggioni.net/woggioni/nginx:v1.29.1-woggioni" + "gitea.woggioni.net/woggioni/nginx:v1.29.2-woggioni" secrets: | GIT_AUTH_TOKEN.github.com=${{ secrets.GH_ACCESS_TOKEN }} build-args: | - NGINX_VERSION=1.29.1 + LIBRESSL_VERSION=4.2.0 + NGINX_VERSION=1.29.2 NGINX_BRANCH=woggioni cache-from: type=registry,ref=gitea.woggioni.net/woggioni/nginx:buildx-woggioni cache-to: type=registry,mode=max,compression=zstd,image-manifest=true,oci-mediatypes=true,ref=gitea.woggioni.net/woggioni/nginx:buildx-woggioni diff --git a/nginx/Dockerfile b/nginx/Dockerfile index 0c7e519..bb50aa6 100644 --- a/nginx/Dockerfile +++ b/nginx/Dockerfile @@ -2,8 +2,7 @@ ARG NGINX_BRANCH=vanilla FROM alpine:latest AS base FROM alpine:latest AS build_stage_1 -ARG NGINX_VERSION LIBRESSL_VERSION=4.1.0 -ENV NGINX_VERSION=${NGINX_VERSION} +ARG NGINX_VERSION LIBRESSL_VERSION RUN --mount=type=cache,target=/var/cache/apk apk update RUN --mount=type=cache,target=/var/cache/apk apk add \ autoconf \ @@ -41,8 +40,7 @@ RUN adduser -D luser USER luser WORKDIR /home/luser -#RUN git clone --depth 1 --branch v4.0.0 https://github.com/libressl/portable.git libressl -#RUN git clone --depth 1 --branch v4.0.0 https://github.com/libressl/portable.git libressl +#RUN git clone --depth 1 --branch v4.2.0 https://github.com/libressl/portable.git libressl #ADD --chown=luser:luser git@github.com:libressl/portable.git#v${LIBRESSL_VERSION} libressl ADD --chown=luser:luser https://cdn.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz libressl.tgz RUN tar -xzf libressl.tgz && mv libressl-${LIBRESSL_VERSION} libressl && rm libressl.tgz @@ -97,7 +95,7 @@ RUN --mount=type=cache,target=/var/cache/apk apk del .install_deps COPY --from=build /home/luser/libressl/openssl.cnf /etc/ssl/openssl.cnf COPY conf/nginx.conf /etc/nginx/nginx.conf -COPY conf/nginx.vh.no-default.conf /etc/nginx/conf.d/default.conf +COPY conf/nginx.vh.no-default.conf /etc/nginx/conf.d/http/default.conf COPY conf/dhparam /etc/nginx/dhparam LABEL description="NGINX Docker built top of LibreSSL" \ diff --git a/nginx/conf/nginx.conf b/nginx/conf/nginx.conf index e9f7c32..6596981 100644 --- a/nginx/conf/nginx.conf +++ b/nginx/conf/nginx.conf @@ -124,5 +124,9 @@ http { application/wasm; - include /etc/nginx/conf.d/*.conf; + include /etc/nginx/conf.d/http/*.conf; +} + +stream { + include /etc/nginx/conf.d/stream/*.conf; }