Добавленение образа nginx slim

.github/workflows/alpine-nginx-slim.yml

@@ -0,0 +1,32 @@
+name: Build docker nginx images
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+    paths:
+      - packages/alpine-node-nginx/**
+
+jobs:
+  build:
+    strategy:
+      matrix:
+        versions: [
+          { alpine: 3.19, dockerfile: Dockerfile-nginx-slim, tag: nginx-1.24.0-slim },
+        ]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Build and push Docker images
+        uses: docker/build-push-action@v1
+        with:
+          path: packages/alpine-node-nginx/
+          dockerfile: packages/alpine-node-nginx/${{ matrix.versions.dockerfile }}
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+          repository: alfabankui/arui-scripts
+          build_args: ALPINE_VERSION=${{ matrix.versions.alpine }}
+          tags: ${{ matrix.versions.tag }}

packages/alpine-node-nginx/Dockerfile-nginx-slim

@@ -0,0 +1,130 @@
+ARG ALPINE_VERSION=3.19
+
+# Copied from https://github.com/fholzer/docker-nginx-brotli/blob/master/Dockerfile
+# this is a build container, target one is in the end
+# this one does not have a lot of unused nginx modules
+
+FROM alpine:${ALPINE_VERSION}
+ENV NGINX_VERSION 1.24.0
+ENV NGX_BROTLI_COMMIT 6e975bcb015f62e1f303054897783355e2a877dc
+ENV NGINX_CONFIG "\
+    --prefix=/etc/nginx \
+    --sbin-path=/usr/sbin/nginx \
+    --modules-path=/usr/lib/nginx/modules \
+    --conf-path=/etc/nginx/nginx.conf \
+    --error-log-path=/var/log/nginx/error.log \
+    --http-log-path=/var/log/nginx/access.log \
+    --pid-path=/var/run/nginx.pid \
+    --lock-path=/var/run/nginx.lock \
+    --http-client-body-temp-path=/var/cache/nginx/client_temp \
+    --http-proxy-temp-path=/var/cache/nginx/proxy_temp \
+    --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
+    --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
+    --http-scgi-temp-path=/var/cache/nginx/scgi_temp \
+    --user=nginx \
+    --group=nginx \
+    --with-http_gzip_static_module \
+    --with-threads \
+    --with-stream \
+    --with-compat \
+    --with-http_v2_module \
+    --add-module=/usr/src/ngx_brotli \
+    "
+
+RUN \
+    apk add --no-cache --virtual .build-deps \
+    gcc \
+    libc-dev \
+    make \
+    pcre-dev \
+    zlib-dev \
+    linux-headers \
+    curl \
+    gnupg
+RUN \
+    apk add --no-cache --virtual .brotli-build-deps \
+    tar \
+    autoconf \
+    libtool \
+    automake \
+    git \
+    g++ \
+    cmake \
+    bash
+
+SHELL ["/bin/bash", "-x", "-c"]
+
+COPY gpg/ /tmp/gpg
+
+RUN \
+    mkdir -p /usr/src/ngx_brotli \
+    && cd /usr/src/ngx_brotli \
+    && git init \
+    && git remote add origin https://github.com/google/ngx_brotli.git \
+    && git fetch --depth 1 origin $NGX_BROTLI_COMMIT \
+    && git checkout --recurse-submodules -q FETCH_HEAD \
+    && git submodule update --init --depth 1 \
+    && cd .. \
+    && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
+    && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc \
+    && sha512sum nginx.tar.gz nginx.tar.gz.asc \
+    && export GNUPGHOME="$(mktemp -d)" \
+    && gpg --import /tmp/gpg/* \
+    && gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
+    && mkdir -p /usr/src \
+    && tar -zxC /usr/src -f nginx.tar.gz
+
+RUN \
+    cd /usr/src/nginx-$NGINX_VERSION \
+    && ./configure $NGINX_CONFIG --with-debug \
+    && make -j$(getconf _NPROCESSORS_ONLN) \
+    && mv objs/nginx objs/nginx-debug \
+    && ./configure $NGINX_CONFIG \
+    && make -j$(getconf _NPROCESSORS_ONLN)
+
+RUN \
+    cd /usr/src/nginx-$NGINX_VERSION \
+    && make install \
+    && rm -rf /etc/nginx/html/ \
+    && mkdir /etc/nginx/conf.d/ \
+    && mkdir -p /usr/share/nginx/html/ \
+    && install -m644 html/index.html /usr/share/nginx/html/ \
+    && install -m644 html/50x.html /usr/share/nginx/html/ \
+    && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \
+    && strip /usr/sbin/nginx* \
+    && apk add --no-cache --virtual .gettext gettext \
+    && scanelf --needed --nobanner /usr/sbin/nginx /usr/bin/envsubst \
+    | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \
+    | sort -u \
+    | xargs -r apk info --installed \
+    | sort -u > /tmp/runDeps.txt
+
+## end copy
+
+FROM alpine:${ALPINE_VERSION}
+
+COPY --from=0 /tmp/runDeps.txt /tmp/runDeps.txt
+COPY --from=0 /etc/nginx /etc/nginx
+COPY --from=0 /usr/sbin/nginx /usr/sbin/nginx-debug /usr/sbin/
+COPY --from=0 /usr/share/nginx/html/* /usr/share/nginx/html/
+COPY --from=0 /usr/bin/envsubst /usr/local/bin/envsubst
+
+RUN \
+    addgroup -S nginx \
+    && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \
+    && apk add --no-cache --virtual .nginx-rundeps tzdata $(cat /tmp/runDeps.txt) \
+    && rm /tmp/runDeps.txt \
+    # forward request and error logs to docker log collector
+    && mkdir /var/log/nginx \
+    && touch /var/log/nginx/access.log /var/log/nginx/error.log \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log \
+    # update all packages to latest
+    && apk update \
+    && apk upgrade --no-cache
+
+COPY nginx.conf /etc/nginx/nginx.conf
+
+STOPSIGNAL SIGTERM
+
+EXPOSE 80 443

packages/alpine-node-nginx/README.md

@@ -16,6 +16,7 @@ alpine-node-nginx
 - 16.20.2, 16.20.2-slim
 - 18.20.0, 18.20.0-slim
 - 20.11.1, 20.11.1-slim
+- nginx-1.24.0-slim
 
 Наиболее актуальный список тегов можно найти на [dockerhub](https://hub.docker.com/r/alfabankui/arui-scripts/tags).
 
@@ -32,6 +33,10 @@ alpine-node-nginx
 Отказ от этих модулей позволяет так же убрать из образа лишние зависимости (openssl, libxslt, geoip), что уменьшает его размер и избавляет от
 необходимости обновлять эти зависимости из-за уязвимостей.
 
+### Образ без nodejs
+
+`Dockerfile-nginx-slim` - аналогичный образу `Dockerfile-slim`, но без nodejs.
+
 ### Локальная сборка контейнера
 Если вы хотите собрать локально, выполните