-
Notifications
You must be signed in to change notification settings - Fork 4
/
Dockerfile
63 lines (41 loc) · 1.73 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
FROM gliderlabs/alpine:3.3
RUN apk-install alpine-sdk \
pcre-dev \
openssl-dev
ENV nginx_home /var/tmp/nginx
# Lets do some best practises writing dockefile. :D
ENV RUN_USER proxy
ENV RUN_GROUP proxy
RUN adduser -u 1001 -S ${RUN_USER} && addgroup -S ${RUN_GROUP}
RUN mkdir -p ${nginx_home}
ENV nginx_version 1.9.7
ENV header_module_version 0.29
WORKDIR ${nginx_home}
#TODO need to remove the git clone lines and get from everything else from a trusted source.
RUN wget http://nginx.org/download/nginx-${nginx_version}.tar.gz \
&& git clone https://github.com/nginx-shib/nginx-http-shibboleth.git \
&& wget https://github.com/openresty/headers-more-nginx-module/archive/v${header_module_version}.tar.gz
RUN tar zxvf v${header_module_version}.tar.gz \
&& tar zxvf nginx-${nginx_version}.tar.gz \
&& cd ${nginx_home}/nginx-${nginx_version} \
&& ./configure --with-http_ssl_module \
--with-pcre-jit \
--with-http_auth_request_module \
--add-module=${nginx_home}/nginx-http-shibboleth \
--add-module=${nginx_home}/headers-more-nginx-module-${header_module_version} \
&& make \
&& make install
# Lets clean up
RUN rm -rf ${nginx_home} \
&& apk del alpine-sdk
RUN mkdir -p /usr/local/nginx/ \
&& mkdir -p /usr/local/nginx/sites-enabled/ \
&& mkdir -p /usr/local/nginx/includes.d
ADD servers/sites-enabled /usr/local/nginx/sites-enabled/
ADD servers/conf /usr/local/nginx/conf/
RUN chmod -R 700 /usr/local/nginx/ \
&& chown -R ${RUN_USER}:${RUN_GROUP} /usr/local/nginx/ \
&& rm -f /usr/local/nginx/conf/nginx.conf.default
EXPOSE 80 443
WORKDIR /usr/local/nginx
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]