diff options
author | Galen Guyer <galen@galenguyer.com> | 2022-12-07 16:14:29 -0500 |
---|---|---|
committer | Galen Guyer <galen@galenguyer.com> | 2022-12-07 16:14:29 -0500 |
commit | 21d1942383cbaa090b86edb65020a9a4bfac9f92 (patch) | |
tree | 1ba970fad5ff7abf8b8a0b58e54ac578a86945bf | |
parent | 9f4554ffd3b3eda1d16bcb06ea5a90293ea83153 (diff) |
-rw-r--r-- | README.md | 5 | ||||
-rwxr-xr-x | bake.sh | 6 | ||||
-rw-r--r-- | debian/base/Dockerfile | 73 | ||||
-rw-r--r-- | debian/base/conf/mime.types | 98 | ||||
-rw-r--r-- | debian/base/conf/nginx.conf | 31 | ||||
-rw-r--r-- | docker-bake.hcl | 48 |
6 files changed, 259 insertions, 2 deletions
@@ -8,9 +8,12 @@ automatic builds of nginx with multiple architectures and rootless support - **alpine-stable**: `stable`, `stable-alpine`, `stable-alpine3.17.0`, `1.22.1`, `1.22.1-alpine`, `1.22.1-alpine3.17.0` - **alpine-stable-autoindex**: `stable-autoindex`, `stable-alpine-autoindex`, `stable-alpine3.17.0-autoindex`, `1.22.1-autoindex`, `1.22.1-alpine-autoindex`, `1.22.1-alpine3.17.0-autoindex` - **alpine-stable-spa**: `stable-spa`, `stable-alpine-spa`, `stable-alpine3.17.0-spa`, `1.22.1-spa`, `1.22.1-alpine-spa`, `1.22.1-alpine3.17.0-spa` +- **debian-mainline**: `debian`, `debian11.5`, `mainline-debian`, `mainline-debian11.5`, `1.23.2-debian`, `1.23.2-debian11.5` +- **debian-stable**: `stable-debian`, `stable-debian11.5`, `1.22.1-debian`, `1.22.1-debian11.5` ## build options - **ALPINE**: `3.17.0` +- **DEBIAN**: `11.5` - **NGINX_MAINLINE**: `1.23.2` - **NGINX_STABLE**: `1.22.1` -- **PCRE2**: `PCRE2-10.41` +- **PCRE2**: `pcre2-10.41` @@ -28,6 +28,10 @@ echo "using registry $registry..." >&2 alpine="${ALPINE:-$(curl -sSL https://www.alpinelinux.org/downloads/ | grep -P 'Current Alpine Version' | grep -o -P '\d+\.\d+\.\d+')}" echo "using alpine version $alpine..." >&2 +# retrieve latest debian version +debian="${DEBIAN:-11.5}" +echo "using alpine version $debian..." >&2 + # retreive latest nginx stable version nginx_stable="${NGINX_STABLE:-$(curl -sSL https://nginx.org/en/download.html | grep -P '(\/download\/nginx-\d+\.\d+\.\d+\.tar\.gz)' -o | uniq | head -n2 | tail -n1 | grep -o -P '\d+\.\d+\.\d+')}" echo "using nginx stable version $nginx_stable..." >&2 @@ -46,6 +50,7 @@ echo "using $core_count cores..." >&2 # create docker images export ALPINE_VER="$alpine" +export DEBIAN_VER="$debian" export CORE_COUNT="$core_count" export REGISTRY="$registry" export NGINX_MAINLINE="$nginx_mainline" @@ -66,6 +71,7 @@ for target in $targets; do done echo -e "\n## build options" >> README.md echo "- **ALPINE**: "'`'"$ALPINE_VER"'`'"" >> README.md +echo "- **DEBIAN**: "'`'"$DEBIAN_VER"'`'"" >> README.md echo "- **NGINX_MAINLINE**: "'`'"$NGINX_MAINLINE"'`'"" >> README.md echo "- **NGINX_STABLE**: "'`'"$NGINX_STABLE"'`'"" >> README.md echo "- **PCRE2**: "'`'"$PCRE2_VER"'`'"" >> README.md diff --git a/debian/base/Dockerfile b/debian/base/Dockerfile new file mode 100644 index 0000000..6c0520f --- /dev/null +++ b/debian/base/Dockerfile @@ -0,0 +1,73 @@ +# allow multiarch builds +ARG TARGETOS +ARG TARGETARCH +ARG TARGETVARIANT="" + +ARG DEBIAN_VER="stable" +FROM docker.io/debian:"$DEBIAN_VER" AS builder +#RUN apk add gcc g++ git curl make linux-headers tar gzip geoip-dev gd-dev libxslt-dev pcre-dev perl-dev +RUN apt-get update -y && apt-get install -y build-essential gcc g++ cmake git gnupg curl + +WORKDIR /src/pcre2/ +ARG PCRE2_VER="pcre2-10.40" +RUN curl -L -O "https://github.com/PCRE2Project/pcre2/releases/download/$PCRE2_VER/$PCRE2_VER.tar.gz" +RUN tar xzf "/src/pcre2/$PCRE2_VER.tar.gz" + +WORKDIR /src/nginx +ARG NGINX_VER +RUN curl -L -O "http://nginx.org/download/nginx-$NGINX_VER.tar.gz" +RUN tar xzf "/src/nginx/nginx-$NGINX_VER.tar.gz" + +# configure and build nginx +WORKDIR /src/nginx/nginx-"$NGINX_VER" +RUN ./configure --prefix=/usr/share/nginx \ + --sbin-path=/usr/sbin/nginx \ + --conf-path=/etc/nginx/nginx.conf \ + --error-log-path=/var/log/nginx/error.log \ + --http-log-path=/var/log/nginx/access.log \ + --pid-path=/run/nginx.pid \ + --lock-path=/run/lock/subsys/nginx \ + --http-client-body-temp-path=/tmp/nginx/client \ + --http-proxy-temp-path=/tmp/nginx/proxy \ + --user=www-data \ + --group=www-data \ + --with-threads \ + --with-file-aio \ + --with-pcre="/src/pcre2/$PCRE2_VER" \ + --with-pcre-jit \ + --with-http_addition_module \ + --without-http_fastcgi_module \ + --without-http_uwsgi_module \ + --without-http_scgi_module \ + --without-http_gzip_module \ + --without-select_module \ + --without-poll_module \ + --without-mail_pop3_module \ + --without-mail_imap_module \ + --without-mail_smtp_module \ + --with-cc-opt="-Wl,--gc-sections -static -static-libgcc -O2 -ffunction-sections -fdata-sections -fPIE -fstack-protector-all -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security" +ARG CORE_COUNT="1" +RUN make -j"$CORE_COUNT" +RUN make install + +FROM docker.io/debian:"$DEBIAN_VER"-slim + +# setup nginx folders and files +RUN adduser www-data -D -H -G www-data \ + && mkdir -p /tmp/nginx/ \ + && mkdir -p /var/log/nginx \ + && mkdir -p /var/www/html \ + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ + && mkdir -p /etc/nginx \ + && chmod g+rwx /var/run /var/log/nginx /tmp/nginx + +# copy in default nginx configs +COPY conf/ etc/nginx/ + +# add nginx binary +COPY --from=builder /usr/sbin/nginx /usr/sbin/nginx + +EXPOSE 8080 +# configure CMD +CMD ["/usr/sbin/nginx","-g","daemon off;"] diff --git a/debian/base/conf/mime.types b/debian/base/conf/mime.types new file mode 100644 index 0000000..b53f7f7 --- /dev/null +++ b/debian/base/conf/mime.types @@ -0,0 +1,98 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/wasm wasm; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/debian/base/conf/nginx.conf b/debian/base/conf/nginx.conf new file mode 100644 index 0000000..f1346ba --- /dev/null +++ b/debian/base/conf/nginx.conf @@ -0,0 +1,31 @@ +#user nobody; +worker_processes 1; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + sendfile on; + keepalive_timeout 65; + + server { + listen 8080; + server_name _; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ $uri.html =404; + error_page 404 = /404.html; + } + error_page 404 /404.html; + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + } +} diff --git a/docker-bake.hcl b/docker-bake.hcl index 2ec4674..201863e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -1,4 +1,5 @@ variable "ALPINE_VER" { default = "UNSET" } +variable "DEBIAN_VER" { default = "UNSET" } variable "NGINX_MAINLINE" { default = "UNSET" } variable "NGINX_STABLE" { default = "UNSET" } variable "PCRE2_VER" { default = "UNSET" } @@ -6,7 +7,7 @@ variable "CORE_COUNT" { default = "1" } variable "REGISTRY" { default = "local" } group "default" { - targets = ["alpine"] + targets = ["alpine", "debian"] } group "alpine" { targets = ["alpine-base", "alpine-spa", "alpine-autoindex"] @@ -21,6 +22,14 @@ group "alpine-autoindex" { targets = ["alpine-mainline-autoindex", "alpine-stable-autoindex"] } +group "debian" { + targets = ["debian-base"] +} +group "debian-base" { + targets = ["debian-mainline", "debian-stable"] +} + + target "alpine-mainline" { context = "alpine/base/" args = { @@ -143,3 +152,40 @@ target "alpine-stable-autoindex" { "${REGISTRY}/nginx:${NGINX_STABLE}-alpine${ALPINE_VER}-autoindex", ] } + + +target "debian-mainline" { + context = "debian/base/" + args = { + DEBIAN_VER="${DEBIAN_VER}" + NGINX_VER="${NGINX_MAINLINE}" + PCRE2_VER="${PCRE2_VER}" + CORE_COUNT="${CORE_COUNT}" + } + platforms = ["linux/amd64", "linux/386", "linux/arm/v6", "linux/arm/v7", "linux/arm64"] + tags = [ + "${REGISTRY}/nginx:debian", + "${REGISTRY}/nginx:debian${DEBIAN_VER}", + "${REGISTRY}/nginx:mainline-debian", + "${REGISTRY}/nginx:mainline-debian${DEBIAN_VER}", + "${REGISTRY}/nginx:${NGINX_MAINLINE}-debian", + "${REGISTRY}/nginx:${NGINX_MAINLINE}-debian${DEBIAN_VER}", + ] +} + +target "debian-stable" { + context = "debian/base/" + args = { + DEBIAN_VER="${DEBIAN_VER}" + NGINX_VER="${NGINX_STABLE}" + PCRE2_VER="${PCRE2_VER}" + CORE_COUNT="${CORE_COUNT}" + } + platforms = ["linux/amd64", "linux/386", "linux/arm/v6", "linux/arm/v7", "linux/arm64"] + tags = [ + "${REGISTRY}/nginx:stable-debian", + "${REGISTRY}/nginx:stable-debian${DEBIAN_VER}", + "${REGISTRY}/nginx:${NGINX_STABLE}-debian", + "${REGISTRY}/nginx:${NGINX_STABLE}-debian${DEBIAN_VER}", + ] +} |