ARG IMAGE_BASE_TAG=buster-slim

FROM debian:${IMAGE_BASE_TAG}

ARG RESTY_VERSION="1.19.3.1"
ARG RESTY_PCRE_VERSION="8.44"
ARG RESTY_OPENSSL_VERSION="1.1.1k"
ARG RESTY_OPENSSL_PATCH_VERSION="1.1.1f"
ARG RESTY_OPENSSL_URL_BASE="https://www.openssl.org/source"
ARG RESTY_LUAROCKS_VERSION="3.5.0"

RUN apt-get update && apt-get -y upgrade  \
&& rm -rf /var/lib/apt/lists/*

# Install all required packages
RUN apt-get update && \
    apt-get -y install \
    wget \
    curl \
    unzip \
    gzip \
    zlib1g-dev \ 
    libldap2-dev\
    libgd-dev \
    build-essential \
    && rm -rf /var/lib/apt/lists/*


WORKDIR /tmp
# Get the openresty /nginx source
RUN cd /tmp
#RUN curl -fSL https://openresty.org/download/openresty-${RESTY_VERSION}.tar.gz -o openresty.tar.gz \
#    && tar xvf openresty.tar.gz

RUN wget https://openresty.org/download/openresty-1.19.3.1.tar.gz -O openresty.tar.gz \
    && tar xvf openresty.tar.gz && mv openresty-1.19.3.1 openresty
RUN ls
RUN wget https://github.com/kvspb/nginx-auth-ldap/archive/refs/heads/master.zip && unzip -o master.zip && rm master.zip
RUN ls
RUN wget https://ftp.pcre.org/pub/pcre/pcre-${RESTY_PCRE_VERSION}.tar.gz -O pcre-${RESTY_PCRE_VERSION}.tar.gz \
    && tar xvf pcre-${RESTY_PCRE_VERSION}.tar.gz

RUN mv pcre-${RESTY_PCRE_VERSION} pcre && rm pcre-${RESTY_PCRE_VERSION}.tar.gz

RUN   cd /tmp/pcre && ./configure \
        --prefix=/usr/local/openresty/pcre \
        --disable-cpp \
        --enable-jit \
        --enable-utf \
        --enable-unicode-properties

RUN cd /tmp


#curl -fSL "${RESTY_OPENSSL_URL_BASE}/openssl-${RESTY_OPENSSL_VERSION}.tar.gz" -o openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
#    && tar xzf openssl-${RESTY_OPENSSL_VERSION}.tar.gz \

RUN ls /tmp
RUN ls /tmp/nginx-auth-ldap-master


RUN wget "${RESTY_OPENSSL_URL_BASE}/openssl-${RESTY_OPENSSL_VERSION}.tar.gz" -O openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
    && tar xzf openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
    &&  mv openssl-${RESTY_OPENSSL_VERSION} openssl
WORKDIR /tmp/openresty
RUN ./configure --with-pcre=/tmp/pcre --with-openssl=/tmp/openssl --add-module=/tmp/nginx-auth-ldap-master \
 --with-stream \
 --with-http_ssl_module \
 --with-http_image_filter_module \
 --with-http_realip_module \
 --with-http_v2_module \
 --with-http_sub_module \
 --with-mail \
 --with-stream_ssl_module \
 --with-pcre-jit 

RUN make && make install


# Copy nginx configuration files
COPY conf_nginx .
COPY ./conf/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
COPY ./conf/nginx.vh.default.conf /etc/nginx/conf.d/default.conf

COPY compile .
RUN ./compile


RUN mkdir -p /var/run/openresty \ 
  #&&  mkdir -p /usr/local/openresty/nginx/logs \
  && ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log \
  && ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log
# Add additional binaries into PATH for convenience
ENV PATH=$PATH:/usr/local/openresty/luajit/bin:/usr/local/openresty/nginx/sbin:/usr/local/openresty/bin

# install LuaRocks
RUN DEBIAN_FRONTEND=noninteractive apt-get update \
    && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
    && cd /tmp \
    && curl -fSL https://luarocks.github.io/luarocks/releases/luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -o luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \
    && tar xzf luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \
    && cd luarocks-${RESTY_LUAROCKS_VERSION} \
    && ./configure \
        --prefix=/usr/local/openresty/luajit \
        --with-lua=/usr/local/openresty/luajit \
        --lua-suffix=jit-2.1.0-beta3 \
        --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 \
    && make build \
    && make install \
    && cd /tmp \
    && rm -rf luarocks-${RESTY_LUAROCKS_VERSION} luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz

# Add LuaRocks paths
# If OpenResty changes, these may need updating:
#    /usr/local/openresty/bin/resty -e 'print(package.path)'
#    /usr/local/openresty/bin/resty -e 'print(package.cpath)'
ENV LUA_PATH = "/usr/local/openresty/site/lualib/?.ljbc;/usr/local/openresty/site/lualib/?/init.ljbc;/usr/local/openresty/lualib/?.ljbc;/usr/local/openresty/lualib/?/init.ljbc;/usr/local/openresty/site/lualib/?.lua;/usr/local/openresty/site/lualib/?/init.lua;/usr/local/openresty/lualib/?.lua;/usr/local/openresty/lualib/?/init.lua;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1.0-beta3/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua"
# "
ENV LUA_CPATH = "/usr/local/openresty/site/lualib/?.so;/usr/local/openresty/lualib/?.so;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so"
# install a rock
RUN /usr/local/openresty/luajit/bin/luarocks install ljsyscall
 

 RUN luarocks install lua-resty-auto-ssl \
 &&  mkdir /etc/resty-auto-ssl \ 
 &&  chown www-data /etc/resty-auto-ssl



CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"]

# Use SIGQUIT instead of default SIGTERM to cleanly drain requests
# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls
STOPSIGNAL SIGQUIT