updates
This commit is contained in:
55
Dockerfile
55
Dockerfile
@@ -4,19 +4,6 @@ FROM debian:${IMAGE_BASE_TAG}
|
|||||||
|
|
||||||
ARG RESTY_VERSION="1.19.3.1"
|
ARG RESTY_VERSION="1.19.3.1"
|
||||||
|
|
||||||
RUN apt-get update && apt-get -y upgrade \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
|
|
||||||
# Install all required packages
|
|
||||||
RUN apt-get update && \
|
|
||||||
apt-get install -y \
|
|
||||||
build-essential \
|
|
||||||
wget \
|
|
||||||
curl \
|
|
||||||
unzip \
|
|
||||||
gzip \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
|
|
||||||
ARG RESTY_CONFIG_OPTIONS="\
|
ARG RESTY_CONFIG_OPTIONS="\
|
||||||
--with-compat \
|
--with-compat \
|
||||||
--with-file-aio \
|
--with-file-aio \
|
||||||
@@ -52,29 +39,33 @@ ARG RESTY_CONFIG_OPTIONS="\
|
|||||||
WORKDIR /tmp
|
WORKDIR /tmp
|
||||||
# Get the openresty /nginx source
|
# Get the openresty /nginx source
|
||||||
RUN cd /tmp
|
RUN cd /tmp
|
||||||
#RUN curl -fSL https://openresty.org/download/openresty-${RESTY_VERSION}.tar.gz -o openresty.tar.gz \
|
# Install all required packages
|
||||||
# && tar xvf openresty.tar.gz
|
RUN apt-get update \
|
||||||
|
&& apt-get -y upgrade \
|
||||||
RUN wget https://openresty.org/download/openresty-1.19.3.1.tar.gz -O openresty.tar.gz \
|
&& apt-get install -y \
|
||||||
&& tar xvf openresty.tar.gz && mv openresty-1.19.3.1 openresty
|
build-essential \
|
||||||
RUN ls
|
wget \
|
||||||
RUN wget https://github.com/kvspb/nginx-auth-ldap/archive/refs/heads/master.zip && unzip -o master.zip && rm master.zip
|
curl \
|
||||||
RUN apt-get update && \
|
unzip \
|
||||||
apt-get install -y libpcre3-dev \
|
gzip \
|
||||||
|
&& apt-get install -y libpcre3-dev \
|
||||||
libssl-dev zlib1g-dev libxslt-dev \
|
libssl-dev zlib1g-dev libxslt-dev \
|
||||||
libgd-dev libgeoip-dev libldap2-dev\
|
libgd-dev libgeoip-dev libldap2-dev\
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& apt-get install -y procps luarocks \
|
||||||
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
RUN cd openresty && \
|
&& wget https://openresty.org/download/openresty-1.19.3.1.tar.gz -O openresty.tar.gz \
|
||||||
./configure ${RESTY_CONFIG_OPTIONS} \
|
&& tar xvf openresty.tar.gz && mv openresty-1.19.3.1 openresty \
|
||||||
&& make && make install
|
&& wget https://github.com/kvspb/nginx-auth-ldap/archive/refs/heads/master.zip && unzip -o master.zip && rm master.zip \
|
||||||
RUN ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log \
|
\
|
||||||
|
&& cd openresty \
|
||||||
|
&& ./configure ${RESTY_CONFIG_OPTIONS} \
|
||||||
|
&& make && make install \
|
||||||
|
&& ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log \
|
||||||
&& ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log \
|
&& ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log \
|
||||||
&& mkdir -p /var/run/openresty
|
&& mkdir -p /var/run/openresty \
|
||||||
|
&& cd /usr/local \
|
||||||
|
&& rm -rf /tmp/*
|
||||||
|
|
||||||
RUN apt-get update && \
|
|
||||||
apt-get install -y procps luarocks \
|
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
|
||||||
COPY nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
|
COPY nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
|
||||||
#RUN apt-get install liblua5.3-dev
|
#RUN apt-get install liblua5.3-dev
|
||||||
WORKDIR /usr/local/openresty
|
WORKDIR /usr/local/openresty
|
||||||
|
|||||||
@@ -11,7 +11,6 @@ services:
|
|||||||
image: docker.triton2.fet.at/openrestyfet:latest
|
image: docker.triton2.fet.at/openrestyfet:latest
|
||||||
ports:
|
ports:
|
||||||
- "8081:8080"
|
- "8081:8080"
|
||||||
|
|
||||||
theiaconf:
|
theiaconf:
|
||||||
image: docker.triton2.fet.at/dev_theia
|
image: docker.triton2.fet.at/dev_theia
|
||||||
volumes:
|
volumes:
|
||||||
|
|||||||
14
snippets/add_auto_ssl.conf
Normal file
14
snippets/add_auto_ssl.conf
Normal file
@@ -0,0 +1,14 @@
|
|||||||
|
ssl_certificate_by_lua_block {
|
||||||
|
auto_ssl:ssl_certificate()
|
||||||
|
}
|
||||||
|
|
||||||
|
# You must still define a static ssl_certificate file for nginx to start.
|
||||||
|
#
|
||||||
|
# You may generate a self-signed fallback with:
|
||||||
|
#
|
||||||
|
# openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
|
||||||
|
# -subj '/CN=sni-support-required-for-valid-ssl' \
|
||||||
|
# -keyout /etc/ssl/resty-auto-ssl-fallback.key \
|
||||||
|
# -out /etc/ssl/resty-auto-ssl-fallback.crt
|
||||||
|
ssl_certificate /etc/ssl/resty-auto-ssl-fallback.crt;
|
||||||
|
ssl_certificate_key /etc/ssl/resty-auto-ssl-fallback.key;
|
||||||
@@ -1,14 +1,5 @@
|
|||||||
ssl_certificate_by_lua_block {
|
location /.well-known/acme-challenge/ {
|
||||||
auto_ssl:ssl_certificate()
|
content_by_lua_block {
|
||||||
|
auto_ssl:challenge_server()
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# You must still define a static ssl_certificate file for nginx to start.
|
|
||||||
#
|
|
||||||
# You may generate a self-signed fallback with:
|
|
||||||
#
|
|
||||||
# openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
|
|
||||||
# -subj '/CN=sni-support-required-for-valid-ssl' \
|
|
||||||
# -keyout /etc/ssl/resty-auto-ssl-fallback.key \
|
|
||||||
# -out /etc/ssl/resty-auto-ssl-fallback.crt
|
|
||||||
ssl_certificate /etc/ssl/resty-auto-ssl-fallback.crt;
|
|
||||||
ssl_certificate_key /etc/ssl/resty-auto-ssl-fallback.key;
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
location /.well-known/acme-challenge/ {
|
|
||||||
content_by_lua_block {
|
|
||||||
auto_ssl:challenge_server()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
1
snippets/private.conf
Normal file
1
snippets/private.conf
Normal file
@@ -0,0 +1 @@
|
|||||||
|
include ldap.conf;
|
||||||
1
snippets/secure.conf
Normal file
1
snippets/secure.conf
Normal file
@@ -0,0 +1 @@
|
|||||||
|
include add_auto_ssl.conf;
|
||||||
Reference in New Issue
Block a user