API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 18th, 2019
133
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.06 KB | None | 0 0
raw download clone embed print report
  1. FROM alpine:3.10
  2.  
  3. ENV NGINX_VERSION 1.17.3
  4. ENV NJS_VERSION 0.3.5
  5. ENV PKG_RELEASE 1
  6.  
  7. RUN set -x \
  8. # create nginx user/group first, to be consistent throughout docker variants
  9. && addgroup -g 101 -S nginx \
  10. && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \
  11. && apkArch="$(cat /etc/apk/arch)" \
  12. && nginxPackages=" \
  13. nginx=${NGINX_VERSION}-r${PKG_RELEASE} \
  14. nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \
  15. nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \
  16. nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \
  17. nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \
  18. " \
  19. && case "$apkArch" in \
  20. x86_64) \
  21. # arches officially built by upstream
  22. set -x \
  23. && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \
  24. && apk add --no-cache --virtual .cert-deps \
  25. openssl \
  26. && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \
  27. && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \
  28. echo "key verification succeeded!"; \
  29. mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \
  30. else \
  31. echo "key verification failed!"; \
  32. exit 1; \
  33. fi \
  34. && printf "%s%s%s\n" \
  35. "https://nginx.org/packages/mainline/alpine/v" \
  36. `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
  37. "/main" \
  38. | tee -a /etc/apk/repositories \
  39. && apk del .cert-deps \
  40. ;; \
  41. *) \
  42. # we're on an architecture upstream doesn't officially build for
  43. # let's build binaries from the published packaging sources
  44. set -x \
  45. && tempDir="$(mktemp -d)" \
  46. && chown nobody:nobody $tempDir \
  47. && apk add --no-cache --virtual .build-deps \
  48. gcc \
  49. libc-dev \
  50. make \
  51. openssl-dev \
  52. pcre-dev \
  53. zlib-dev \
  54. linux-headers \
  55. libxslt-dev \
  56. gd-dev \
  57. geoip-dev \
  58. perl-dev \
  59. libedit-dev \
  60. mercurial \
  61. bash \
  62. alpine-sdk \
  63. findutils \
  64. && su nobody -s /bin/sh -c " \
  65. export HOME=${tempDir} \
  66. && cd ${tempDir} \
  67. && hg clone https://hg.nginx.org/pkg-oss \
  68. && cd pkg-oss \
  69. && hg up -r 428 \
  70. && cd alpine \
  71. && make all \
  72. && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \
  73. && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \
  74. " \
  75. && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \
  76. && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \
  77. && apk del .build-deps \
  78. ;; \
  79. esac \
  80. && apk add --no-cache $nginxPackages \
  81. # if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
  82. && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \
  83. && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \
  84. && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \
  85. # remove the last line with the packages repos in the repositories file
  86. && sed -i '$ d' /etc/apk/repositories \
  87. # Bring in gettext so we can get `envsubst`, then throw
  88. # the rest away. To do this, we need to install `gettext`
  89. # then move `envsubst` out of the way so `gettext` can
  90. # be deleted completely, then move `envsubst` back.
  91. && apk add --no-cache --virtual .gettext gettext \
  92. && mv /usr/bin/envsubst /tmp/ \
  93. \
  94. && runDeps="$( \
  95. scanelf --needed --nobanner /tmp/envsubst \
  96. | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \
  97. | sort -u \
  98. | xargs -r apk info --installed \
  99. | sort -u \
  100. )" \
  101. && apk add --no-cache $runDeps \
  102. && apk del .gettext \
  103. && mv /tmp/envsubst /usr/local/bin/ \
  104. # Bring in tzdata so users could set the timezones through the environment
  105. # variables
  106. && apk add --no-cache tzdata \
  107. # forward request and error logs to docker log collector
  108. && ln -sf /dev/stdout /var/log/nginx/access.log \
  109. && ln -sf /dev/stderr /var/log/nginx/error.log
  110.  
  111. EXPOSE 80
  112.  
  113. STOPSIGNAL SIGTERM
  114.  
  115. RUN apk add --no-cache \
  116. ca-certificates
  117.  
  118. # set up nsswitch.conf for Go's "netgo" implementation
  119. # - https://github.com/golang/go/blob/go1.9.1/src/net/conf.go#L194-L275
  120. # - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
  121. RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
  122.  
  123. ENV GOLANG_VERSION 1.13
  124.  
  125. RUN set -eux; \
  126. apk add --no-cache --virtual .build-deps \
  127. bash \
  128. gcc \
  129. musl-dev \
  130. openssl \
  131. go \
  132. ; \
  133. export \
  134. # set GOROOT_BOOTSTRAP such that we can acWORKDIR /workspace/syncMessage/WORKDIR /workspace/syncMessage/tually build Go
  135. GOROOT_BOOTSTRAP="$(go env GOROOT)WORKDIR /workspace/syncMessage/WORKDIR /workspace/syncMessage/" \
  136. # ... and set "cross-building" related vars to the installed system's values so that we create a build targeting the proper arch
  137. # (for example, if our build host is GOARCH=amd64, but our build env/image is GOARCH=386, our build needs GOARCH=386)
  138. GOOS="$(go env GOOS)" \
  139. GOARCH="$(go env GOARCH)" \
  140. GOHOSTOS="$(go env GOHOSTOS)" \
  141. GOHOSTARCH="$(go env GOHOSTARCH)" \
  142. ; \
  143. # also explicitly set GO386 and GOARM if appropriate
  144. # https://github.com/docker-library/golang/issues/184
  145. apkArch="$(apk --print-arch)"; \
  146. case "$apkArch" in \
  147. armhf) export GOARM='6' ;; \
  148. x86) export GO386='387' ;; \
  149. esac; \
  150. \
  151. wget -O go.tgz "https://golang.org/dl/go$GOLANG_VERSION.src.tar.gz"; \
  152. echo '3fc0b8b6101d42efd7da1da3029c0a13f22079c0c37ef9730209d8ec665bf122 *go.tgz' | sha256sum -c -; \
  153. tar -C /usr/local -xzf go.tgz; \
  154. rm go.tgz; \
  155. \
  156. cd /usr/local/go/src; \
  157. ./make.bash; \
  158. \
  159. rm -rf \
  160. # https://github.com/golang/go/blob/0b30cf534a03618162d3015c8705dd2231e34703/src/cmd/dist/buildtool.go#L121-L125
  161. /usr/local/go/pkg/bootstrap \
  162. # https://golang.org/cl/82095
  163. # https://github.com/golang/build/blob/e3fe1605c30f6a3fd136b561569933312ede8782/cmd/release/releaselet.go#L56
  164. /usr/local/go/pkg/obj \
  165. ; \
  166. apk del .build-deps; \
  167. \
  168. export PATH="/usr/local/go/bin:$PATH"; \
  169. go version
  170.  
  171. ENV GOPATH /go
  172. ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
  173.  
  174. RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH"
  175. RUN mkdir -p "/app"
  176. WORKDIR /app
  177. COPY . /app
  178. RUN go run main.go
  179. CMD ["nginx", "-g", "daemon off;"]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!