woggioni/docker-images
1
0
Fork 0
Code Actions Packages Releases Activity
Files
e83cc743362eac501f756ae3abf4507cdcf8bec5
docker-images/nginx/Dockerfile
Walter Oggioni e83cc74336
Some checks failed
CI / Build nginx docker images (push) Failing after 6s
Details
test exposing ssh keys during docker build
2025-08-14 21:28:00 +08:00

109 lines
3.2 KiB
Docker
Raw Blame History

FROM alpine:latest AS base
ARG NGINX_VERSION LIBRESSL_VERSION=4.1.0 NGINX_BRANCH=vanilla
FROM alpine:latest AS build_stage_1
ENV NGINX_VERSION=${NGINX_VERSION}
RUN --mount=type=cache,target=/var/cache/apk apk update
RUN --mount=type=cache,target=/var/cache/apk apk add \
autoconf \
automake \
bind-tools \
binutils \
build-base \
ca-certificates \
cmake \
curl \
gcc \
gd-dev \
geoip-dev \
git \
gnupg \
go \
libc-dev \
libgcc \
libstdc++ \
libtool \
libxslt-dev \
linux-headers \
make \
ninja \
pcre \
pcre-dev \
perl-dev \
su-exec \
tar \
tzdata \
zlib \
zlib-dev \
mercurial
RUN adduser -D luser
USER luser
WORKDIR /home/luser
#RUN git clone --depth 1 --branch v4.0.0 https://github.com/libressl/portable.git libressl
#RUN git clone --depth 1 --branch v4.0.0 https://github.com/libressl/portable.git libressl
#ADD --chown=luser:luser git@github.com:libressl/portable.git#v${LIBRESSL_VERSION} libressl
ADD --chown=luser:luser https://cdn.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${LIBRESSL_VERSION}.tar.gz libressl.tgz
RUN tar -xzf libressl.tgz && mv libressl-${LIBRESSL_VERSION} libressl && rm libressl.tgz
RUN mkdir -p libressl/build
RUN cmake -G Ninja -B libressl/build -S libressl \
-DCMAKE_BUILD_TYPE=Release \
-DLIBRESSL_APPS=OFF \
-DLIBRESSL_SKIP_INSTALL=ON \
-DENABLE_ASM=OFF \
-DENABLE_NC=OFF \
-DLIBRESSL_TESTS=OFF \
-DBUILD_SHARED_LIBS=OFF
RUN cmake --build libressl/build
FROM build_stage_1 AS build_stage_2_vanilla
ADD --chown=luser:luser https://github.com/nginx/nginx.git#release-${NGINX_VERSION} /nginx
FROM build_stage_1 AS build_stage_2_woggioni
ADD --chown=luser:luser git@github.com:woggioni/nginx.git#release-${NGINX_VERSION} /nginx
FROM build_stage_2_${NGINX_BRANCH} AS build
ADD --chown=luser:luser https://github.com/openresty/headers-more-nginx-module.git /ngx_headers_more
ADD --chown=luser:luser https://github.com/google/ngx_brotli.git /ngx_brotli
USER root
WORKDIR /
RUN hg clone http://hg.nginx.org/njs /njs
RUN chown luser:luser -R /njs
USER luser
WORKDIR /home/luser
ADD --chown=luser:luser --chmod=755 ./build.sh ./build.sh
RUN ./build.sh
FROM base AS release
ARG VERSION
ENV NGINX_VERSION=${VERSION}
RUN addgroup -S nginx
RUN adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx
RUN --mount=type=cache,target=/var/cache/apk apk add --virtual .install_deps make perl-dev gettext binutils
RUN --mount=type=cache,target=/var/cache/apk \
--mount=type=bind,from=build,source=/nginx,target=/nginx \
--mount=type=bind,from=build,source=/ngx_headers_more,target=/ngx_headers_more \
--mount=type=bind,from=build,source=/ngx_brotli,target=/ngx_brotli \
--mount=type=bind,from=build,source=/njs,target=/njs \
--mount=type=bind,source=install.sh,target=/install.sh \
(cd nginx && sh /install.sh)
RUN --mount=type=cache,target=/var/cache/apk apk del .install_deps
COPY conf/nginx.conf /etc/nginx/nginx.conf
COPY conf/nginx.vh.no-default.conf /etc/nginx/conf.d/default.conf
LABEL description="NGINX Docker built top of LibreSSL" \
maintainer="Walter Oggioni <oggioni.walter@gmail.com>" \
openssl="LibreSSL" \
nginx="nginx ${NGINX_VERSION}"
EXPOSE 80 443 443/udp
STOPSIGNAL SIGTERM
CMD ["nginx", "-g", "daemon off;"]
View Git Blame Copy Permalink