2019-10-16 23:44:47 -06:00
FROM nginx:mainline-alpine
2019-11-11 00:04:15 -07:00
# default username and uid for nginx user
ARG USER = www-docker
ARG UID = 8001
# create nginx user
RUN addgroup --gid ${ UID } ${ USER } \
&& adduser \
--disabled-password \
--gecos 'nginx docker system user' \
--home '/usr/share/nginx/html' \
--ingroup ${ USER } \
--no-create-home \
--uid ${ UID } \
${ USER }
2019-10-17 01:34:52 -06:00
# add fun error pages & LetsEncrypt challenge directory outside webroot
2019-10-17 00:13:42 -06:00
RUN apk --no-cache add git \
2019-10-17 23:27:50 -06:00
&& cd /usr/share/nginx \
&& rm -rf html/* \
2019-10-17 00:13:42 -06:00
&& git clone https://git.asifbacchus.app/asif/fun-errorpages.git /tmp \
&& apk del git \
&& mv /tmp/errorpages/ ./ \
&& rm -rf /tmp/* \
2019-10-17 23:27:50 -06:00
&& rm -rf /tmp/.git*
2019-10-17 00:13:42 -06:00
2019-10-16 23:44:47 -06:00
# standardized labels
LABEL maintainer = "Asif Bacchus <asif@bacchus.cloud>"
2019-10-18 02:07:14 -06:00
LABEL org.label-schema.cmd= "docker run -d --rm --name ab-nginx [--env-file ab-nginx.params] [-v /my_certs:/certs] [-v /my_nginx_config_files:/etc/nginx/config] [-v /my_nginx_server_blocks:/etc/nginx/sites] [-v /my_html_stuff:/usr/share/nginx/html] docker.asifbacchus.app/nginx/ab-nginx"
2019-10-17 01:01:09 -06:00
LABEL org.label-schema.description= "NGINX-mainline-alpine with more logical file location layout and automatic SSL set up if certificates are provided."
2019-10-16 23:44:47 -06:00
LABEL org.label-schema.name= "ab-nginx"
LABEL org.label-schema.schema-version= "1.0"
LABEL org.label-schema.url= "https://git.asifbacchus.app/ab-docker/ab-nginx"
LABEL org.label-schema.usage= "https://git.asifbacchus.app/ab-docker/ab-nginx/wiki"
LABEL org.label-schema.vcs-url= "https://git.asifbacchus.app/ab-docker/ab-nginx.git"
2019-11-11 00:04:15 -07:00
LABEL org.label-schema.version= "1.5"
2019-10-16 23:44:47 -06:00
# copy configuration files
COPY entrypoint.sh /entrypoint.sh
COPY config /etc/nginx/
COPY sites /etc/nginx/sites/
2019-10-17 01:01:20 -06:00
COPY webroot /usr/share/nginx/html/
2019-10-16 23:44:47 -06:00
# expose ports
EXPOSE 80 443
2019-11-09 20:01:29 -07:00
# clean-up permissions
2019-11-11 00:04:15 -07:00
RUN chown -R ${ USER } :${ USER } /usr/share/nginx/html \
2019-11-09 20:01:29 -07:00
&& find /usr/share/nginx/html -type d -exec chmod 775 { } \; \
&& find /usr/share/nginx/html -type f -exec chmod 664 { } \; \
2019-11-11 00:04:15 -07:00
&& chown -R ${ USER } :${ USER } /etc/nginx \
2019-11-09 20:01:29 -07:00
&& find /etc/nginx -type d -exec chmod 770 { } \; \
&& find /etc/nginx -type f -exec chmod 660 { } \;
2019-10-16 23:44:47 -06:00
# default environment variables
2019-10-18 01:32:48 -06:00
ENV TZ = Etc/UTC
2019-10-17 00:13:51 -06:00
ENV SERVER_NAMES = "_"
2019-10-17 21:26:18 -06:00
ENV HTTP_PORT = 80
ENV HTTPS_PORT = 443
2019-10-18 01:53:20 -06:00
ENV ACCESS_LOG = OFF
2019-10-17 00:13:51 -06:00
ENV HSTS = FALSE
ENV TLS13_ONLY = FALSE
2019-10-16 23:44:47 -06:00
# entrypoint script
ENTRYPOINT [ "/entrypoint.sh" ]
# run NGINX by default
CMD [ "nginx" , "-g" , "daemon off;" ]
# add build date label
ARG BUILD_DATE
LABEL org.label-schema.build-date= ${ BUILD_DATE }