commit 6321b7650c0d160b4bcfdffcb516eb93c740d6f1 Author: Ricard Bejarano Date: Mon Aug 27 22:29:36 2018 +0200 Added source files diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..e327c3b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,81 @@ +FROM debian:stretch AS build + +ARG PCRE_VERSION="8.42" +ARG PCRE_CHECKSUM="69acbc2fbdefb955d42a4c606dfde800c2885711d2979e356c0636efde9ec3b5" + +ARG OPENSSL_VERSION="1.1.0i" +ARG OPENSSL_CHECKSUM="ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99" + +ARG ZLIB_VERSION="1.2.11" +ARG ZLIB_CHECKSUM="c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1" + +ARG NGINX_NAME="engine x" +ARG NGINX_VERSION="1.15.2" +ARG NGINX_CHECKSUM="eeba09aecfbe8277ac33a5a2486ec2d6731739f3c1c701b42a0c3784af67ad90" +ARG NGINX_CONFIG="\ + --sbin-path=/nginx \ + --conf-path=/etc/nginx/nginx.conf \ + --pid-path=/etc/nginx/nginx.pid \ + --http-log-path=/etc/nginx/access.log \ + --error-log-path=/etc/nginx/error.log \ + --http-client-body-temp-path=/tmp/client_temp \ + --http-proxy-temp-path=/tmp/proxy_temp \ + --http-fastcgi-temp-path=/tmp/fastcgi_temp \ + --http-uwsgi-temp-path=/tmp/uwsgi_temp \ + --http-scgi-temp-path=/tmp/scgi_temp \ + --with-pcre=/tmp/pcre-$PCRE_VERSION \ + --with-openssl=/tmp/openssl-$OPENSSL_VERSION \ + --with-zlib=/tmp/zlib-$ZLIB_VERSION \ + --without-http_empty_gif_module \ + --without-http_geo_module \ + --without-http_map_module \ + --without-http_referer_module \ + --without-http_ssi_module \ + --without-http_split_clients_module \ + --with-file-aio \ + --with-http_ssl_module \ + --with-http_v2_module \ + --with-stream \ + --with-stream_ssl_module \ + --with-threads \ + --add-module=/tmp/ngx_brotli" + +WORKDIR /tmp + +ADD https://ftp.pcre.org/pub/pcre/pcre-$PCRE_VERSION.tar.gz /tmp/pcre.tar.gz +RUN if [ "$PCRE_CHECKSUM" != "$(sha256sum /tmp/pcre.tar.gz | awk '{print $1}')" ]; then exit 1; fi && \ + tar xf /tmp/pcre.tar.gz + +ADD https://www.openssl.org/source/openssl-$OPENSSL_VERSION.tar.gz /tmp/openssl.tar.gz +RUN if [ "$OPENSSL_CHECKSUM" != "$(sha256sum /tmp/openssl.tar.gz | awk '{print $1}')" ]; then exit 1; fi && \ + tar xf /tmp/openssl.tar.gz + +ADD https://zlib.net/zlib-$ZLIB_VERSION.tar.gz /tmp/zlib.tar.gz +RUN if [ "$ZLIB_CHECKSUM" != "$(sha256sum /tmp/zlib.tar.gz | awk '{print $1}')" ]; then exit 1; fi && \ + tar xf /tmp/zlib.tar.gz + +ADD https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz /tmp/nginx.tar.gz +RUN if [ "$NGINX_CHECKSUM" != "$(sha256sum /tmp/nginx.tar.gz | awk '{print $1}')" ]; then exit 1; fi && \ + tar xf /tmp/nginx.tar.gz && \ + mv /tmp/nginx-$NGINX_VERSION /tmp/nginx + +RUN apt update && \ + apt install -y git && \ + git clone --recurse-submodules https://github.com/google/ngx_brotli.git /tmp/ngx_brotli + +WORKDIR /tmp/nginx +RUN apt install -y gcc g++ make && \ + sed -i -E "s/\"Server: (.*) CRLF/\"Server: $NGINX_NAME\" CRLF/" src/http/ngx_http_header_filter_module.c && \ + ./configure $NGINX_CONFIG && \ + make && \ + make install + + +FROM gcr.io/distroless/base + +COPY --from=build /nginx /nginx +COPY --from=build /tmp/nginx/html /etc/nginx/html + +COPY conf /etc/nginx + +CMD ["/nginx", "-g", "daemon off;"] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..0be5de8 --- /dev/null +++ b/LICENSE @@ -0,0 +1,22 @@ +Copyright 2018 Ricard Bejarano + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this +list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation and/or +other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR +ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON +ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..d78c904 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +# Nginx (`ricardbejarano/nginx:latest`) + +Minimal multi-stage Docker image of the Nginx HTTP and proxy server. + +Built with [Distroless](https://github.com/GoogleContainerTools/distroless/tree/master/base) by Google and brotli compression support thanks to [ngx_brotli](https://github.com/google/ngx_brotli) by Google. diff --git a/conf/mime.types b/conf/mime.types new file mode 100644 index 0000000..1ac0dd5 --- /dev/null +++ b/conf/mime.types @@ -0,0 +1,86 @@ +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + font/woff woff; + font/woff2 woff2; + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..cc8c4bf --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,29 @@ +user root; +worker_processes 1; + +events { + worker_connections 1024; +} + +http { + + sendfile on; + keepalive_timeout 65; + + include mime.types; + default_type application/octet-stream; + + server { + listen 80; + server_name localhost; + error_page 500 502 503 504 /50x.html; + location / { + root /etc/nginx/html; + index index.html; + } + location = /50x.html { + root /etc/nginx/html; + } + } + +}