ab-nginx/build/Dockerfile

88 lines
3.0 KiB
Docker
Raw Normal View History

2019-10-16 23:44:47 -06:00
FROM nginx:mainline-alpine
# default uid for nginx user
2021-01-07 11:25:12 -07:00
ARG UID=8080
# create nginx user
RUN addgroup --gid ${UID} www-docker \
&& adduser \
-S \
-h /home/www-docker \
-G www-docker \
--disabled-password \
--gecos 'nginx docker system user' \
--uid ${UID} \
www-docker
# add libcap, allow nginx to bind to ports <1024, extract fun error pages & create LetsEncrypt challenge directory outside webroot
RUN apk --no-cache add libcap \
&& setcap 'cap_net_bind_service=+ep' /usr/sbin/nginx \
&& cd /usr/share/nginx \
2019-10-17 23:27:50 -06:00
&& rm -rf html/* \
&& wget -O /tmp/errorpages.tar.gz https://git.asifbacchus.app/asif/fun-errorpages/archive/v1.0.tar.gz \
&& tar -xzf /tmp/errorpages.tar.gz -C /tmp \
&& mv /tmp/fun-errorpages/errorpages ./ \
&& rm -rf /tmp/* \
&& rm -rf /docker-entrypoint.d \
&& rm -f /docker-entrypoint.sh \
&& mkdir /usr/share/nginx/letsencrypt
2019-10-17 00:13:42 -06:00
2021-01-05 17:35:03 -07:00
# health check
HEALTHCHECK --interval=60s --timeout=5s --start-period=30s --retries=3 \
2021-01-05 18:24:58 -07:00
CMD curl --fail http://127.0.0.1:9000/nginx_status || exit 1
2021-01-05 17:35:03 -07:00
2019-10-16 23:44:47 -06:00
# standardized labels
LABEL author="Asif Bacchus <asif@bacchus.cloud>"
2019-10-16 23:44:47 -06:00
LABEL maintainer="Asif Bacchus <asif@bacchus.cloud>"
LABEL org.opencontainers.image.author="Asif Bacchus <asif@bacchus.cloud>"
LABEL org.opencontainers.image.url="https://git.asifbacchus.app/ab-docker/ab-nginx"
LABEL org.opencontainers.image.documentation="https://git.asifbacchus.app/ab-docker/ab-nginx/wiki"
LABEL org.opencontainers.image.source="https://git.asifbacchus.app/ab-docker/ab-nginx.git"
LABEL org.opencontainers.image.vendor="NGINX"
LABEL org.opencontainers.image.title="ab-nginx"
LABEL org.opencontainers.image.description="NGINX-mainline-alpine with more logical file location layout and automatic SSL set up if certificates are provided."
2019-10-16 23:44:47 -06:00
# copy configuration files
COPY entrypoint.sh /entrypoint.sh
COPY config /etc/nginx/
COPY sites /etc/nginx/sites/
2019-10-17 01:01:20 -06:00
COPY webroot /usr/share/nginx/html/
2019-10-16 23:44:47 -06:00
# expose ports
EXPOSE 80 443
2021-01-07 07:05:20 -07:00
# clean-up permissions and run as www-docker user
RUN chown -R www-docker:www-docker /usr/share/nginx \
&& find /usr/share/nginx -type d -exec chmod 755 {} \; \
&& find /usr/share/nginx -type f -exec chmod 644 {} \; \
&& chown -R www-docker:www-docker /etc/nginx \
&& find /etc/nginx -type d -exec chmod 750 {} \; \
&& find /etc/nginx -type f -exec chmod 640 {} \; \
&& chown www-docker:www-docker /var/cache/nginx \
&& chown www-docker:www-docker /var/log/nginx
USER www-docker
WORKDIR /usr/share/nginx/html
2019-11-09 20:01:29 -07:00
2019-10-16 23:44:47 -06:00
# default environment variables
ENV TZ=Etc/UTC
2019-10-17 00:13:51 -06:00
ENV SERVER_NAMES="_"
2019-10-17 21:26:18 -06:00
ENV HTTP_PORT=80
ENV HTTPS_PORT=443
2019-10-18 01:53:20 -06:00
ENV ACCESS_LOG=OFF
2019-10-17 00:13:51 -06:00
ENV HSTS=FALSE
ENV TLS13_ONLY=FALSE
2019-10-16 23:44:47 -06:00
# entrypoint script
ENTRYPOINT [ "/entrypoint.sh" ]
# run NGINX by default
STOPSIGNAL SIGQUIT
2019-10-16 23:44:47 -06:00
CMD [ "nginx", "-g", "daemon off;" ]
# add build date and version labels
2019-10-16 23:44:47 -06:00
ARG BUILD_DATE
LABEL org.opencontainers.image.version="1.19.6"
LABEL app.asifbacchus.docker.internalVersion="4.0"
LABEL org.opencontainers.image.created=${BUILD_DATE}
#EOF