FROM nginx:mainline-alpine # default username and uid for nginx user ARG USER=www-docker ARG UID=8001 # create nginx user RUN addgroup --gid ${UID} ${USER} \ && adduser \ --disabled-password \ --gecos 'nginx docker system user' \ --home '/usr/share/nginx/html' \ --ingroup ${USER} \ --no-create-home \ --uid ${UID} \ ${USER} # add fun error pages & LetsEncrypt challenge directory outside webroot RUN apk --no-cache add git \ && cd /usr/share/nginx \ && rm -rf html/* \ && git clone https://git.asifbacchus.app/asif/fun-errorpages.git /tmp \ && apk del git \ && mv /tmp/errorpages/ ./ \ && rm -rf /tmp/* \ && rm -rf /tmp/.git* # health check HEALTHCHECK --interval=60s --timeout=5s --start-period=30s --retries=3 \ CMD curl --fail http://127.0.0.1:9000 || exit 1 # standardized labels LABEL author="Asif Bacchus " LABEL maintainer="Asif Bacchus " LABEL org.opencontainers.image.author="Asif Bacchus " LABEL org.opencontainers.image.url="https://git.asifbacchus.app/ab-docker/ab-nginx" LABEL org.opencontainers.image.documentation="https://git.asifbacchus.app/ab-docker/ab-nginx/wiki" LABEL org.opencontainers.image.source="https://git.asifbacchus.app/ab-docker/ab-nginx.git" LABEL org.opencontainers.image.vendor="NGINX" LABEL org.opencontainers.image.title="ab-nginx" LABEL org.opencontainers.image.description="NGINX-mainline-alpine with more logical file location layout and automatic SSL set up if certificates are provided." # copy configuration files COPY entrypoint.sh /entrypoint.sh COPY config /etc/nginx/ COPY sites /etc/nginx/sites/ COPY webroot /usr/share/nginx/html/ # expose ports EXPOSE 80 443 # clean-up permissions RUN chown -R ${USER}:${USER} /usr/share/nginx/html \ && find /usr/share/nginx/html -type d -exec chmod 775 {} \; \ && find /usr/share/nginx/html -type f -exec chmod 664 {} \; \ && chown -R ${USER}:${USER} /etc/nginx \ && find /etc/nginx -type d -exec chmod 770 {} \; \ && find /etc/nginx -type f -exec chmod 660 {} \; # default environment variables ENV TZ=Etc/UTC ENV SERVER_NAMES="_" ENV HTTP_PORT=80 ENV HTTPS_PORT=443 ENV ACCESS_LOG=OFF ENV HSTS=FALSE ENV TLS13_ONLY=FALSE # entrypoint script ENTRYPOINT [ "/entrypoint.sh" ] # run NGINX by default CMD [ "nginx", "-g", "daemon off;" ] # add build date and version labels ARG BUILD_DATE LABEL org.opencontainers.image.version="1.19.6" LABEL app.asifbacchus.docker.internalVersion="3.0" LABEL org.opencontainers.image.created=${BUILD_DATE} #EOF