diff --git a/.gitignore b/.gitignore index 515df7b..257b2aa 100644 --- a/.gitignore +++ b/.gitignore @@ -32,5 +32,3 @@ node_modules # Optional REPL history .node_repl_history .DS_Store - -nginx-dbg_1.13.1-1~xenial_amd64.deb \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 765c393..7fcb031 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,39 +1,37 @@ -FROM hyperknot/baseimage16:1.0.6 AS buildstep -ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8 \ - TERM=xterm container=docker DEBIAN_FRONTEND=noninteractive \ - NGINX_DEVEL_KIT_VERSION=0.3.0 NGINX_SET_MISC_MODULE_VERSION=0.31 \ - NGINX_VERSION=1.14.2 +FROM ubuntu:18.04 AS buildstep +ENV TERM=xterm container=docker DEBIAN_FRONTEND=noninteractive \ + NGINX_DEVEL_KIT_VERSION=0.3.0 NGINX_SET_MISC_MODULE_VERSION=0.32 \ + NGINX_VERSION=1.16.0 ADD ./build/src/ /tmp/ RUN bash /tmp/ubuntu.sh -FROM hyperknot/baseimage16:1.0.6 - -MAINTAINER friends@niiknow.org - -ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8 \ - TERM=xterm container=docker DEBIAN_FRONTEND=noninteractive \ - NGINX_VERSION=_1.14.2-1~xenial_amd64.deb \ +FROM ubuntu:18.04 +LABEL maintainer="noogen " +ENV TERM=xterm container=docker DEBIAN_FRONTEND=noninteractive \ + NGINX_VERSION=_1.16.0-1~bionic_amd64.deb \ NGINX_DEBUG=-dbg${NGINX_VERSION} COPY --from=buildstep /usr/src/nginx/nginx${NGINX_VERSION} /tmp RUN cd /tmp \ && echo "\n\n* soft nofile 800000\n* hard nofile 800000\n\n" >> /etc/security/limits.conf \ - && curl -s https://nginx.org/keys/nginx_signing.key | apt-key add - \ - && cp /etc/apt/sources.list /etc/apt/sources.list.bak \ - && echo "deb http://nginx.org/packages/ubuntu/ xenial nginx" | tee -a /etc/apt/sources.list \ - && echo "deb-src http://nginx.org/packages/ubuntu/ xenial nginx" | tee -a /etc/apt/sources.list \ && apt-get update -y && apt-get upgrade -y --no-install-recommends --no-install-suggests \ && apt-get install -y --no-install-recommends --no-install-suggests \ - nano libgd3 gettext-base unzip rsync \ + curl gpg-agent nano libgd3 gettext-base unzip rsync cron \ + apt-transport-https software-properties-common \ + ca-certificates \ && dpkg --configure -a \ + && touch /var/log/cron.log \ + && curl -s https://nginx.org/keys/nginx_signing.key | apt-key add - \ + && cp /etc/apt/sources.list /etc/apt/sources.list.bak \ + && echo "deb http://nginx.org/packages/ubuntu/ bionic nginx" | tee -a /etc/apt/sources.list \ + && echo "deb-src http://nginx.org/packages/ubuntu/ bionic nginx" | tee -a /etc/apt/sources.list \ + && apt-get update -y \ && dpkg -i nginx${NGINX_VERSION} \ + && apt-get install --no-install-recommends --no-install-suggests -y nginx-module-njs gettext-base \ && rm -rf /etc/nginx/conf.d/default.conf \ - && rm -f /etc/service/syslog-forwarder/down \ - && rm -f /etc/service/cron/down \ - && rm -f /etc/service/syslog-ng/down \ - && rm -f /core \ + && mkdir -p /var/log/nginx \ && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ && service nginx stop && update-rc.d -f nginx disable \ diff --git a/build/src/ubuntu.sh b/build/src/ubuntu.sh index cb1ee2f..a1aa9f5 100644 --- a/build/src/ubuntu.sh +++ b/build/src/ubuntu.sh @@ -1,10 +1,17 @@ #!/bin/bash -export NGINX_BUILD_DIR=/usr/src/nginx/nginx-${NGINX_VERSION} +export NGINX_BUILD_DIR=/usr/src/nginx/nginx-${NGINX_VERSION} cd /tmp -curl -sL "https://github.com/simpl/ngx_devel_kit/archive/v$NGINX_DEVEL_KIT_VERSION.tar.gz" -o dev-kit.tar.gz -mkdir -p /usr/src/nginx/ngx_devel_kit +apt-get update && apt-get upgrade -y --no-install-recommends --no-install-suggests +apt-get install -y --no-install-recommends --no-install-suggests curl unzip apt-transport-https \ + apt-utils software-properties-common build-essential ca-certificates libssl-dev \ + zlib1g-dev dpkg-dev libpcre3 libpcre3-dev libgd-dev gpg-agent + +dpkg --configure -a + +curl -sL "https://github.com/simplresty/ngx_devel_kit/archive/v$NGINX_DEVEL_KIT_VERSION.tar.gz" -o dev-kit.tar.gz +mkdir -p /usr/src/nginx/ngx_devel_kit tar -xof dev-kit.tar.gz -C /usr/src/nginx/ngx_devel_kit --strip-components=1 rm dev-kit.tar.gz @@ -13,32 +20,27 @@ mkdir -p /usr/src/nginx/set-misc-nginx-module tar -xof ngx-misc.tar.gz -C /usr/src/nginx/set-misc-nginx-module --strip-components=1 rm ngx-misc.tar.gz -curl -s https://nginx.org/keys/nginx_signing.key | apt-key add - -cp /etc/apt/sources.list /etc/apt/sources.list.bak -echo "deb http://nginx.org/packages/ubuntu/ xenial nginx" | tee -a /etc/apt/sources.list -echo "deb-src http://nginx.org/packages/ubuntu/ xenial nginx" | tee -a /etc/apt/sources.list +curl -s https://nginx.org/keys/nginx_signing.key | apt-key add - +cp /etc/apt/sources.list /etc/apt/sources.list.bak +echo "deb http://nginx.org/packages/ubuntu/ bionic nginx" | tee -a /etc/apt/sources.list +echo "deb-src http://nginx.org/packages/ubuntu/ bionic nginx" | tee -a /etc/apt/sources.list -apt-get update && apt-get upgrade -y --no-install-recommends --no-install-suggests -apt-get install -y --no-install-recommends --no-install-suggests curl unzip apt-transport-https \ - apt-utils software-properties-common build-essential ca-certificates libssl-dev \ - zlib1g-dev dpkg-dev libpcre3 libpcre3-dev libgd-dev +apt-get update && apt-get upgrade -y --no-install-recommends --no-install-suggests -dpkg --configure -a - -mkdir -p /usr/src/nginx +mkdir -p /usr/src/nginx cd /usr/src/nginx -apt-get source nginx=${NGINX_VERSION} -y +apt-get source nginx=${NGINX_VERSION} -y pwd -ls -la +ls -la cd ${NGINX_BUILD_DIR}/src/http/modules/ -mv ngx_http_image_filter_module.c ngx_http_image_filter_module.bak -mv /tmp/ngx_http_image_filter_module.c ./ngx_http_image_filter_module.c +mv ngx_http_image_filter_module.c ngx_http_image_filter_module.bak +mv /tmp/ngx_http_image_filter_module.c ./ngx_http_image_filter_module.c sed -i "s/--with-http_ssl_module/--with-http_ssl_module --with-http_image_filter_module --add-module=\/usr\/src\/nginx\/ngx_devel_kit --add-module=\/usr\/src\/nginx\/set-misc-nginx-module /g" \ - ${NGINX_BUILD_DIR}/debian/rules + ${NGINX_BUILD_DIR}/debian/rules cd /usr/src/nginx apt-get build-dep nginx -y diff --git a/files/etc/service/nginx/run b/files/etc/service/nginx/run deleted file mode 100755 index f567bb5..0000000 --- a/files/etc/service/nginx/run +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -set -e -exec /usr/sbin/nginx -g "daemon off;" diff --git a/files/root/bin/my-startup.sh b/files/root/bin/my-startup.sh index b164f01..b3f244d 100755 --- a/files/root/bin/my-startup.sh +++ b/files/root/bin/my-startup.sh @@ -1,4 +1,6 @@ #!/bin/bash +set -e + function die { echo >&2 "$@" exit 1 @@ -23,4 +25,8 @@ if [ -n "$SERVER_CONF" ] ; then service nginx reload fi -nginx -t || true +echo "*** Running cron" +cron + +echo "*** Running nginx" +exec /usr/sbin/nginx -g "daemon off;" \ No newline at end of file diff --git a/files/root/bin/placeholder-ssl.sh b/files/root/bin/placeholder-ssl.sh index 753388a..ae8ab2b 100755 --- a/files/root/bin/placeholder-ssl.sh +++ b/files/root/bin/placeholder-ssl.sh @@ -14,12 +14,11 @@ PASSPHRASE="" # Set our CSR variables SUBJ=" C=US -ST=Minnesota -O= -localityName=MN -commonName=$DOMAIN -organizationalUnitName= -emailAddress= +ST=MINNESOTA +L=MINNEAPOLIS +O=NIIKNOW +EMAIL=somebody@somewhere.com +CN=$DOMAIN " # Create our SSL directory diff --git a/files/etc/my_init.d/startup.sh b/files/sbin/my_init similarity index 86% rename from files/etc/my_init.d/startup.sh rename to files/sbin/my_init index ec6b5ea..7d46ca3 100755 --- a/files/etc/my_init.d/startup.sh +++ b/files/sbin/my_init @@ -2,7 +2,7 @@ export TERM=xterm -# save environment variables for use later +# save environment variables for use later in cron, if required env > /root/env.txt if [ -z "`ls /app --hide='lost+found'`" ]