-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
98 lines (88 loc) · 3.45 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
FROM alpine:3.15 AS build-nginx
LABEL maintainer="kzmake <[email protected]>, hyperbola <[email protected]>"
ENV NGINX_VERSION=1.21.1
ENV PATCH_REPO=https://github.com/chobits/ngx_http_proxy_connect_module.git
ENV PATCH_FILE=https://raw.githubusercontent.com/chobits/ngx_http_proxy_connect_module/master/patch/proxy_connect_rewrite_102101.patch
ARG CONFIG=" \
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--with-perl_modules_path=/usr/lib/perl5/vendor_perl \
--user=nginx \
--group=nginx \
--with-compat \
--with-file-aio \
--with-threads \
--with-http_addition_module \
--with-http_auth_request_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_mp4_module \
--with-http_random_index_module \
--with-http_realip_module \
--with-http_secure_link_module \
--with-http_slice_module \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_sub_module \
--with-http_v2_module \
--with-mail \
--with-mail_ssl_module \
--with-stream \
--with-stream_realip_module \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-cc-opt='-Os' \
--with-ld-opt=-Wl,--as-needed"
# Add user and group and install essential utilities
WORKDIR /tmp
RUN set -x \
&& addgroup -g 101 -S nginx \
&& adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \
&& apk add --no-cache patch build-base pcre-dev openssl-dev zlib-dev git linux-headers
# Download nginx source
WORKDIR /tmp
RUN set -x \
&& wget -q http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz \
&& tar zxf nginx-${NGINX_VERSION}.tar.gz
# Download patch
WORKDIR /tmp
ADD ${PATCH_FILE} ./patch
RUN set -x \
&& git clone --depth 1 ${PATCH_REPO} ngx_http_proxy_connect_module
# Patch and install nginx
WORKDIR /tmp/nginx-${NGINX_VERSION}
RUN set -x \
&& patch -p1 -i ../patch \
&& ./configure ${CONFIG} --add-module=/tmp/ngx_http_proxy_connect_module \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install
FROM alpine:3.15
LABEL maintainer="kzmake <[email protected]>, hyperbola <[email protected]>"
RUN set -x \
&& addgroup -g 101 -S nginx \
&& adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \
&& apk add --no-cache ca-certificates openssl pcre tzdata openvpn tini \
&& mkdir -p /var/log/nginx /var/run/nginx /usr/lib/nginx/modules /etc/nginx /var/cache/nginx \
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log
COPY --from=build-nginx /usr/sbin/nginx /usr/sbin/nginx
COPY --from=build-nginx /etc/nginx /etc/nginx
COPY nginx.conf /etc/nginx/nginx.conf
COPY entrypoint.sh /entrypoint.sh
COPY run-proxy-server.sh /run-proxy-server.sh
EXPOSE 3128
STOPSIGNAL SIGTERM
ENTRYPOINT [ "tini", "--", "/entrypoint.sh" ]