Use latest openssl version, enable ktls, add optimization compiler flags
Some checks failed
Build and push container image / main (push) Has been cancelled
Some checks failed
Build and push container image / main (push) Has been cancelled
This commit is contained in:
parent
b0ff8f1151
commit
e965dfdea9
GPG key ID:
32C1DDF333EDA6A4
1 changed files with 12 additions and 8 deletions
20
Dockerfile
20
Dockerfile
|
|
@ -3,8 +3,8 @@ FROM alpine:3 AS build
|
|||
ARG VERSION="1.27.4"
|
||||
ARG CHECKSUM="294816f879b300e621fa4edd5353dd1ec00badb056399eceb30de7db64b753b2"
|
||||
|
||||
ARG OPENSSL_VERSION="3.3.3"
|
||||
ARG OPENSSL_CHECKSUM="712590fd20aaa60ec75d778fe5b810d6b829ca7fb1e530577917a131f9105539"
|
||||
ARG OPENSSL_VERSION="3.4.1"
|
||||
ARG OPENSSL_CHECKSUM="002a2d6b30b58bf4bea46c43bdd96365aaf8daa6c428782aa4feee06da197df3"
|
||||
|
||||
ARG ZLIB_VERSION="1.3.1"
|
||||
ARG ZLIB_CHECKSUM="9a93b2b7dfdac77ceba5a558a580e74667dd6fede4585b91eefb60f03b72df23"
|
||||
|
|
@ -22,8 +22,8 @@ RUN [ "$(sha256sum /tmp/nginx.tar.gz | awk '{print $1}')" = "$CHECKSUM" ] && \
|
|||
tar -C /tmp -xf /tmp/zlib.tar.gz && \
|
||||
cd /tmp/nginx-$VERSION && \
|
||||
./configure \
|
||||
--with-cc-opt="-static" \
|
||||
--with-ld-opt="-static" \
|
||||
--with-cc-opt="-static -march=x86-64-v2 -O2 -flto=auto -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC" \
|
||||
--with-ld-opt="-static -Wl,-O1 -Wl,--sort-common -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -Wl,-z,pack-relative-relocs -flto=auto" \
|
||||
--with-cpu-opt="generic" \
|
||||
--sbin-path="/bin/nginx" \
|
||||
--conf-path="/etc/nginx/nginx.conf" \
|
||||
|
|
@ -68,7 +68,8 @@ RUN [ "$(sha256sum /tmp/nginx.tar.gz | awk '{print $1}')" = "$CHECKSUM" ] && \
|
|||
--with-stream_ssl_preread_module \
|
||||
--with-compat \
|
||||
--with-openssl="/tmp/openssl-$OPENSSL_VERSION" \
|
||||
--with-zlib="/tmp/zlib-$ZLIB_VERSION" && \
|
||||
--with-zlib="/tmp/zlib-$ZLIB_VERSION" \
|
||||
--with-openssl-opt=enable-ktls && \
|
||||
make
|
||||
|
||||
RUN mkdir -p /rootfs/bin && \
|
||||
|
|
@ -82,10 +83,13 @@ RUN mkdir -p /rootfs/bin && \
|
|||
mkdir -p /rootfs/tmp
|
||||
|
||||
|
||||
FROM scratch
|
||||
FROM alpine:3
|
||||
|
||||
RUN apk add envsubst
|
||||
|
||||
COPY --from=build --chown=10000:10000 /rootfs /
|
||||
|
||||
USER 10000:10000
|
||||
ENTRYPOINT ["/bin/nginx"]
|
||||
CMD ["-g", "daemon off;"]
|
||||
# ENTRYPOINT ["/bin/nginx"]
|
||||
CMD ["/bin/sh" , "-c" , "envsubst < /nginx.conf.template > /etc/nginx/nginx.conf && exec nginx -g 'daemon off;'"]
|
||||
# CMD ["-g", "daemon off;"]
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue