134 lines
5.1 KiB
Docker
134 lines
5.1 KiB
Docker
ARG IMAGE_BASE_TAG=buster-slim
|
|
|
|
FROM debian:${IMAGE_BASE_TAG}
|
|
|
|
ARG RESTY_VERSION="1.19.3.1"
|
|
ARG RESTY_PCRE_VERSION="8.44"
|
|
ARG RESTY_OPENSSL_VERSION="1.1.1k"
|
|
ARG RESTY_OPENSSL_PATCH_VERSION="1.1.1f"
|
|
ARG RESTY_OPENSSL_URL_BASE="https://www.openssl.org/source"
|
|
ARG RESTY_LUAROCKS_VERSION="3.5.0"
|
|
|
|
RUN apt-get update && apt-get -y upgrade \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install all required packages
|
|
RUN apt-get update && \
|
|
apt-get -y install \
|
|
wget \
|
|
curl \
|
|
unzip \
|
|
gzip \
|
|
zlib1g-dev \
|
|
libldap2-dev\
|
|
libgd-dev \
|
|
build-essential \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
WORKDIR /tmp
|
|
# Get the openresty /nginx source
|
|
RUN cd /tmp
|
|
#RUN curl -fSL https://openresty.org/download/openresty-${RESTY_VERSION}.tar.gz -o openresty.tar.gz \
|
|
# && tar xvf openresty.tar.gz
|
|
|
|
RUN wget https://openresty.org/download/openresty-1.19.3.1.tar.gz -O openresty.tar.gz \
|
|
&& tar xvf openresty.tar.gz && mv openresty-1.19.3.1 openresty
|
|
RUN ls
|
|
RUN wget https://github.com/kvspb/nginx-auth-ldap/archive/refs/heads/master.zip && unzip -o master.zip && rm master.zip
|
|
RUN ls
|
|
RUN wget https://ftp.pcre.org/pub/pcre/pcre-${RESTY_PCRE_VERSION}.tar.gz -O pcre-${RESTY_PCRE_VERSION}.tar.gz \
|
|
&& tar xvf pcre-${RESTY_PCRE_VERSION}.tar.gz
|
|
|
|
RUN mv pcre-${RESTY_PCRE_VERSION} pcre && rm pcre-${RESTY_PCRE_VERSION}.tar.gz
|
|
|
|
RUN cd /tmp/pcre && ./configure \
|
|
--prefix=/usr/local/openresty/pcre \
|
|
--disable-cpp \
|
|
--enable-jit \
|
|
--enable-utf \
|
|
--enable-unicode-properties
|
|
|
|
RUN cd /tmp
|
|
|
|
|
|
#curl -fSL "${RESTY_OPENSSL_URL_BASE}/openssl-${RESTY_OPENSSL_VERSION}.tar.gz" -o openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
|
|
# && tar xzf openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
|
|
|
|
RUN ls /tmp
|
|
RUN ls /tmp/nginx-auth-ldap-master
|
|
|
|
|
|
RUN wget "${RESTY_OPENSSL_URL_BASE}/openssl-${RESTY_OPENSSL_VERSION}.tar.gz" -O openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
|
|
&& tar xzf openssl-${RESTY_OPENSSL_VERSION}.tar.gz \
|
|
&& mv openssl-${RESTY_OPENSSL_VERSION} openssl
|
|
WORKDIR /tmp/openresty
|
|
RUN ./configure --with-pcre=/tmp/pcre --with-openssl=/tmp/openssl --add-module=/tmp/nginx-auth-ldap-master \
|
|
--with-stream \
|
|
--with-http_ssl_module \
|
|
--with-http_image_filter_module \
|
|
--with-http_realip_module \
|
|
--with-http_v2_module \
|
|
--with-http_sub_module \
|
|
--with-mail \
|
|
--with-stream_ssl_module \
|
|
--with-pcre-jit
|
|
|
|
RUN make && make install
|
|
|
|
|
|
# Copy nginx configuration files
|
|
COPY conf_nginx .
|
|
COPY ./conf/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
|
|
COPY ./conf/nginx.vh.default.conf /etc/nginx/conf.d/default.conf
|
|
|
|
COPY compile .
|
|
RUN ./compile
|
|
|
|
|
|
RUN mkdir -p /var/run/openresty \
|
|
#&& mkdir -p /usr/local/openresty/nginx/logs \
|
|
&& ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log \
|
|
&& ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log
|
|
# Add additional binaries into PATH for convenience
|
|
ENV PATH=$PATH:/usr/local/openresty/luajit/bin:/usr/local/openresty/nginx/sbin:/usr/local/openresty/bin
|
|
|
|
# install LuaRocks
|
|
RUN DEBIAN_FRONTEND=noninteractive apt-get update \
|
|
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
|
&& cd /tmp \
|
|
&& curl -fSL https://luarocks.github.io/luarocks/releases/luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -o luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \
|
|
&& tar xzf luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \
|
|
&& cd luarocks-${RESTY_LUAROCKS_VERSION} \
|
|
&& ./configure \
|
|
--prefix=/usr/local/openresty/luajit \
|
|
--with-lua=/usr/local/openresty/luajit \
|
|
--lua-suffix=jit-2.1.0-beta3 \
|
|
--with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 \
|
|
&& make build \
|
|
&& make install \
|
|
&& cd /tmp \
|
|
&& rm -rf luarocks-${RESTY_LUAROCKS_VERSION} luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz
|
|
|
|
# Add LuaRocks paths
|
|
# If OpenResty changes, these may need updating:
|
|
# /usr/local/openresty/bin/resty -e 'print(package.path)'
|
|
# /usr/local/openresty/bin/resty -e 'print(package.cpath)'
|
|
ENV LUA_PATH = "/usr/local/openresty/site/lualib/?.ljbc;/usr/local/openresty/site/lualib/?/init.ljbc;/usr/local/openresty/lualib/?.ljbc;/usr/local/openresty/lualib/?/init.ljbc;/usr/local/openresty/site/lualib/?.lua;/usr/local/openresty/site/lualib/?/init.lua;/usr/local/openresty/lualib/?.lua;/usr/local/openresty/lualib/?/init.lua;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1.0-beta3/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua"
|
|
# "
|
|
ENV LUA_CPATH = "/usr/local/openresty/site/lualib/?.so;/usr/local/openresty/lualib/?.so;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so"
|
|
# install a rock
|
|
RUN /usr/local/openresty/luajit/bin/luarocks install ljsyscall
|
|
|
|
|
|
RUN luarocks install lua-resty-auto-ssl \
|
|
&& mkdir /etc/resty-auto-ssl \
|
|
&& chown www-data /etc/resty-auto-ssl
|
|
|
|
|
|
|
|
CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"]
|
|
|
|
# Use SIGQUIT instead of default SIGTERM to cleanly drain requests
|
|
# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls
|
|
STOPSIGNAL SIGQUIT |