From c7d6fee50c660630295111e2f763d0feb174a6fb Mon Sep 17 00:00:00 2001 From: ElevenNotes Date: Mon, 13 May 2024 23:02:29 +0200 Subject: [PATCH] 1.26.0 --- README.md | 34 ++++++++++++++++++++++-------- amd64.dockerfile | 12 ++++++++++- arm64v8.dockerfile | 11 +++++++++- compose.yaml | 22 +++++++++++++++++++ multi-arch-manifest-version.yaml | 4 ++-- rootfs/usr/local/bin/entrypoint.sh | 2 ++ 6 files changed, 72 insertions(+), 13 deletions(-) create mode 100644 compose.yaml diff --git a/README.md b/README.md index 2af313f..48e17ad 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ ![Banner](https://github.com/11notes/defaults/blob/main/static/img/banner.png?raw=true) # 🏔️ Alpine - Nginx -![size](https://img.shields.io/docker/image-size/11notes/nginx/1.24.0?color=0eb305) ![version](https://img.shields.io/docker/v/11notes/nginx/1.24.0?color=eb7a09) ![pulls](https://img.shields.io/docker/pulls/11notes/nginx?color=2b75d6) ![activity](https://img.shields.io/github/commit-activity/m/11notes/docker-nginx?color=c91cb8) ![commit-last](https://img.shields.io/github/last-commit/11notes/docker-nginx?color=c91cb8) ![stars](https://img.shields.io/docker/stars/11notes/nginx?color=e6a50e) +![size](https://img.shields.io/docker/image-size/11notes/nginx/1.26.0?color=0eb305) ![version](https://img.shields.io/docker/v/11notes/nginx/1.26.0?color=eb7a09) ![pulls](https://img.shields.io/docker/pulls/11notes/nginx?color=2b75d6) ![activity](https://img.shields.io/github/commit-activity/m/11notes/docker-nginx?color=c91cb8) ![commit-last](https://img.shields.io/github/last-commit/11notes/docker-nginx?color=c91cb8) ![stars](https://img.shields.io/docker/stars/11notes/nginx?color=e6a50e) **Nginx base image with additional plugins and custom compiled** @@ -13,13 +13,30 @@ What can I do with this? This image will serve as a base for nginx related image * **/nginx/www** - Directory of webroot for vHost * **/nginx/ssl** - Directory of SSL certificates -# RUN -```shell -docker run --name nginx \ - -v .../etc:/nginx/etc \ - -v .../www:/nginx/www \ - -v .../ssl:/nginx/ssl \ - -d 11notes/nginx:[tag] +# COMPOSE +```yaml +version: "3.8" +services: + nginx: + image: "11notes/nginx:stable" + container_name: "nginx" + environment: + TZ: Europe/Zurich + ports: + - "8443:8443/tcp" + volumes: + - "etc:/nginx/etc" + - "www:/nginx/www" + - "ssl:/nginx/ssl" + networks: + - nginx + restart: always +volumes: + etc: + www: + ssl: +networks: + nginx: ``` # DEFAULT SETTINGS @@ -44,7 +61,6 @@ docker run --name nginx \ * [alpine](https://alpinelinux.org) # TIPS -* Only use rootless container runtime (podman, rootless docker) * Allow non-root ports < 1024 via `echo "net.ipv4.ip_unprivileged_port_start=53" > /etc/sysctl.d/ports.conf` * Use a reverse proxy like Traefik, Nginx to terminate TLS with a valid certificate * Use Let’s Encrypt certificates to protect your SSL endpoints diff --git a/amd64.dockerfile b/amd64.dockerfile index c22cdac..2a88a4d 100644 --- a/amd64.dockerfile +++ b/amd64.dockerfile @@ -1,6 +1,15 @@ +# :: Util + FROM alpine as util + + RUN set -ex; \ + apk add --no-cache \ + git; \ + git clone https://github.com/11notes/util.git; + + # :: Build FROM alpine:latest as build - ENV BUILD_VERSION=1.24.0 + ENV BUILD_VERSION=1.26.0 ENV MODULE_HEADERS_MORE_NGINX_VERSION=0.34 RUN set -ex; \ @@ -93,6 +102,7 @@ # :: Header FROM 11notes/alpine:stable + COPY --from=util /util/linux/shell/elevenLogJSON /usr/local/bin COPY --from=build /usr/sbin/nginx /usr/sbin COPY --from=build /etc/nginx/ /etc/nginx COPY --from=build /usr/lib/nginx/modules/ /etc/nginx/modules diff --git a/arm64v8.dockerfile b/arm64v8.dockerfile index 952c29d..93f08a9 100644 --- a/arm64v8.dockerfile +++ b/arm64v8.dockerfile @@ -1,10 +1,18 @@ # :: QEMU FROM multiarch/qemu-user-static:x86_64-aarch64 as qemu +# :: Util + FROM alpine as util + + RUN set -ex; \ + apk add --no-cache \ + git; \ + git clone https://github.com/11notes/util.git; + # :: Build FROM arm64v8/alpine as build COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin - ENV BUILD_VERSION=1.24.0 + ENV BUILD_VERSION=1.26.0 ENV MODULE_HEADERS_MORE_NGINX_VERSION=0.34 RUN set -ex; \ @@ -98,6 +106,7 @@ # :: Header FROM 11notes/alpine:arm64v8-stable COPY --from=qemu /usr/bin/qemu-aarch64-static /usr/bin + COPY --from=util /util/linux/shell/elevenLogJSON /usr/local/bin COPY --from=build /usr/sbin/nginx /usr/sbin COPY --from=build /etc/nginx/ /etc/nginx COPY --from=build /usr/lib/nginx/modules/ /etc/nginx/modules diff --git a/compose.yaml b/compose.yaml new file mode 100644 index 0000000..9210ba6 --- /dev/null +++ b/compose.yaml @@ -0,0 +1,22 @@ +version: "3.8" +services: + nginx: + image: "11notes/nginx:1.26.0" + container_name: "nginx" + environment: + TZ: Europe/Zurich + ports: + - "8443:8443/tcp" + volumes: + - "etc:/nginx/etc" + - "www:/nginx/www" + - "ssl:/nginx/ssl" + networks: + - nginx + restart: always +volumes: + etc: + www: + ssl: +networks: + nginx: \ No newline at end of file diff --git a/multi-arch-manifest-version.yaml b/multi-arch-manifest-version.yaml index d8c3443..8a6d861 100644 --- a/multi-arch-manifest-version.yaml +++ b/multi-arch-manifest-version.yaml @@ -1,10 +1,10 @@ image: 11notes/nginx:1.24.0 manifests: - - image: 11notes/nginx:amd64-1.24.0 + - image: 11notes/nginx:1.24.0 platform: architecture: amd64 os: linux - - image: 11notes/nginx:arm64v8-1.24.0 + - image: 11notes/nginx:1.24.0 platform: architecture: arm64 os: linux diff --git a/rootfs/usr/local/bin/entrypoint.sh b/rootfs/usr/local/bin/entrypoint.sh index 0502ad6..36d871c 100644 --- a/rootfs/usr/local/bin/entrypoint.sh +++ b/rootfs/usr/local/bin/entrypoint.sh @@ -1,5 +1,6 @@ #!/bin/ash if [ ! -f "${APP_ROOT}/ssl/default.crt" ]; then + elevenLogJSON info "creating default certificate" openssl req -x509 -newkey rsa:4096 -subj "/C=XX/ST=XX/L=XX/O=XX/OU=XX/CN=${APP_NAME}" \ -keyout "${APP_ROOT}/ssl/default.key" \ -out "${APP_ROOT}/ssl/default.crt" \ @@ -7,6 +8,7 @@ fi if [ -z "${1}" ]; then + elevenLogJSON info "starting ${APP_NAME}" set -- "nginx" \ -g \ 'daemon off;'