forked from sclorg/nginx-container
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.c9s
98 lines (82 loc) · 4.32 KB
/
Dockerfile.c9s
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
FROM quay.io/centos/centos:stream9 AS build
RUN mkdir -p /mnt/rootfs
ADD https://copr.fedorainfracloud.org/coprs/hhorak/nginx-micro/repo/centos-stream-9/hhorak-nginx-micro-centos-stream-9.repo /etc/yum.repos.d/hhorak-nginx-micro-centos-stream-9.repo
RUN MICRO_PKGS="coreutils-single glibc-minimal-langpack" && \
INSTALL_PKGS="$MICRO_PKGS nginx-core findutils hostname nss_wrapper-libs envsubst bind-utils" && \
dnf install --installroot /mnt/rootfs $INSTALL_PKGS --releasever 9 --setopt install_weak_deps=false --nodocs -y && \
dnf -y --installroot /mnt/rootfs clean all && \
rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.*
FROM scratch
EXPOSE 8080
EXPOSE 8443
ENV NAME=nginx \
NGINX_VERSION=1.22 \
NGINX_SHORT_VER=122 \
VERSION=0
ENV SUMMARY="Platform for running a micro nginx $NGINX_VERSION or building nginx-based application" \
DESCRIPTION="Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP \
protocols, with a strong focus on high concurrency, performance and low memory usage. The container \
image provides a containerized packaging of the nginx $NGINX_VERSION daemon. The image can be used \
as a base image for other applications based on nginx $NGINX_VERSION web server. \
Nginx server image can be extended using source-to-image tool. \
This is a micro nginx container that does not include tools for installing RPMs, \
therefore options for extending this image are limited." \
# The following variables are usually available from parent s2i images \
STI_SCRIPTS_PATH=/usr/libexec/s2i \
APP_ROOT=/opt/app-root \
HOME=/opt/app-root/src \
PLATFORM="el9"
LABEL summary="${SUMMARY}" \
description="${DESCRIPTION}" \
io.k8s.description="${DESCRIPTION}" \
io.k8s.display-name="Nginx ${NGINX_VERSION}" \
io.openshift.expose-services="8080:http" \
io.openshift.expose-services="8443:https" \
io.openshift.tags="builder,${NAME},${NAME}-${NGINX_SHORT_VER}" \
com.redhat.component="${NAME}-${NGINX_SHORT_VER}-container" \
name="sclorg/${NAME}-${NGINX_SHORT_VER}-micro-c9s" \
version="1" \
com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI" \
maintainer="SoftwareCollections.org <[email protected]>" \
help="For more information visit https://github.com/sclorg/${NAME}-container" \
usage="s2i build <SOURCE-REPOSITORY> quay.io/sclorg/${NAME}-${NGINX_SHORT_VER}-c9s:latest <APP-NAME>"
COPY --from=build /mnt/rootfs/ /
ENV NGINX_CONFIGURATION_PATH=${APP_ROOT}/etc/nginx.d \
NGINX_CONF_PATH=/etc/nginx/nginx.conf \
NGINX_DEFAULT_CONF_PATH=${APP_ROOT}/etc/nginx.default.d \
NGINX_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/nginx \
NGINX_APP_ROOT=${APP_ROOT} \
NGINX_LOG_PATH=/var/log/nginx
# Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
COPY $NGINX_VERSION-micro/s2i/bin/ $STI_SCRIPTS_PATH
# Copy extra files to the image.
COPY $NGINX_VERSION-micro/root/ /
COPY $NGINX_VERSION-micro/core-scripts/usr /usr
WORKDIR ${HOME}
# In order to drop the root user, we have to make some directories world
# writable as OpenShift default security model is to run the container under
# random UID.
RUN sed -i -f ${NGINX_APP_ROOT}/nginxconf-fed.sed ${NGINX_CONF_PATH} && \
chmod a+rwx ${NGINX_CONF_PATH} && \
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.d/ && \
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.default.d/ && \
mkdir -p ${NGINX_APP_ROOT}/src/nginx-start/ && \
mkdir -p ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
mkdir -p ${NGINX_LOG_PATH} && \
chmod -R a+rwx ${NGINX_APP_ROOT}/etc && \
chmod -R a+rwx /var/lib/nginx && \
chmod -R a+rwx ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
chown -R 1001:0 ${NGINX_APP_ROOT} && \
chown -R 1001:0 /var/lib/nginx && \
chown -R 1001:0 ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
chmod -R a+rwx ${NGINX_LOG_PATH} && \
chown -R 1001:0 ${NGINX_LOG_PATH} && \
# FIXME: Not sure if this is safe to do, just a hack to make the image work
chmod -R a+rwx /var/run && \
chown -R 1001:0 /var/run
USER 1001
# Not using VOLUME statement since it's not working in OpenShift Online:
# https://github.com/sclorg/httpd-container/issues/30
# VOLUME ["/usr/share/nginx/html"]
# VOLUME ["/var/log/nginx/"]
CMD $STI_SCRIPTS_PATH/usage