forked from UKHomeOffice/docker-nginx-proxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
50 lines (39 loc) · 1.59 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
FROM quay.io/ukhomeofficedigital/centos-base:latest
MAINTAINER Lewis Marshall <lewis@technoplusit.co.uk>
WORKDIR /root
ADD ./build.sh /root/
RUN ./build.sh
RUN yum install -y openssl && \
yum clean all && \
mkdir -p /etc/keys && \
openssl req -x509 -newkey rsa:2048 -keyout /etc/keys/key -out /etc/keys/crt -days 360 -nodes -subj '/CN=test'
# This takes a while so best to do it during build
RUN openssl dhparam -out /usr/local/openresty/nginx/conf/dhparam.pem 2048
RUN yum install -y bind-utils dnsmasq && \
yum clean all
ADD ./naxsi/location.rules /usr/local/openresty/naxsi/location.template
ADD ./nginx*.conf /usr/local/openresty/nginx/conf/
RUN mkdir -p /usr/local/openresty/nginx/conf/locations /usr/local/openresty/nginx/lua
ADD ./lua/* /usr/local/openresty/nginx/lua/
RUN md5sum /usr/local/openresty/nginx/conf/nginx.conf | cut -d' ' -f 1 > /container_default_ngx
ADD ./defaults.sh /
ADD ./go.sh /
ADD ./enable_location.sh /
ADD ./location_template.conf /
ADD ./logging.conf /usr/local/openresty/nginx/conf/
ADD ./security_defaults.conf /usr/local/openresty/nginx/conf/
ADD ./html/ /usr/local/openresty/nginx/html/
ADD ./readyness.sh /
ADD ./helper.sh /
ADD ./refresh_geoip.sh /
RUN yum remove -y kernel-headers && \
yum clean all
RUN useradd -u 1000 nginx && \
install -o nginx -g nginx -d \
/usr/local/openresty/naxsi/locations \
/usr/local/openresty/nginx/{client_body,fastcgi,proxy,scgi,uwsgi}_temp && \
chown -R nginx:nginx /usr/local/openresty/nginx/{conf,logs} /usr/share/GeoIP
WORKDIR /usr/local/openresty
EXPOSE 10080 10443
USER 1000
ENTRYPOINT [ "/go.sh" ]