Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- FROM alpine:3.10
- ENV NGINX_VERSION 1.17.3
- ENV NJS_VERSION 0.3.5
- ENV PKG_RELEASE 1
- RUN set -x \
- # create nginx user/group first, to be consistent throughout docker variants
- && addgroup -g 101 -S nginx \
- && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \
- && apkArch="$(cat /etc/apk/arch)" \
- && nginxPackages=" \
- nginx=${NGINX_VERSION}-r${PKG_RELEASE} \
- nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \
- nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \
- nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \
- nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \
- " \
- && case "$apkArch" in \
- x86_64) \
- # arches officially built by upstream
- set -x \
- && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \
- && apk add --no-cache --virtual .cert-deps \
- openssl \
- && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \
- && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \
- echo "key verification succeeded!"; \
- mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \
- else \
- echo "key verification failed!"; \
- exit 1; \
- fi \
- && printf "%s%s%s\n" \
- "https://nginx.org/packages/mainline/alpine/v" \
- `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
- "/main" \
- | tee -a /etc/apk/repositories \
- && apk del .cert-deps \
- ;; \
- *) \
- # we're on an architecture upstream doesn't officially build for
- # let's build binaries from the published packaging sources
- set -x \
- && tempDir="$(mktemp -d)" \
- && chown nobody:nobody $tempDir \
- && apk add --no-cache --virtual .build-deps \
- gcc \
- libc-dev \
- make \
- openssl-dev \
- pcre-dev \
- zlib-dev \
- linux-headers \
- libxslt-dev \
- gd-dev \
- geoip-dev \
- perl-dev \
- libedit-dev \
- mercurial \
- bash \
- alpine-sdk \
- findutils \
- && su nobody -s /bin/sh -c " \
- export HOME=${tempDir} \
- && cd ${tempDir} \
- && hg clone https://hg.nginx.org/pkg-oss \
- && cd pkg-oss \
- && hg up -r 428 \
- && cd alpine \
- && make all \
- && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \
- && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \
- " \
- && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \
- && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \
- && apk del .build-deps \
- ;; \
- esac \
- && apk add --no-cache $nginxPackages \
- # if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
- && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \
- && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \
- && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \
- # remove the last line with the packages repos in the repositories file
- && sed -i '$ d' /etc/apk/repositories \
- # Bring in gettext so we can get `envsubst`, then throw
- # the rest away. To do this, we need to install `gettext`
- # then move `envsubst` out of the way so `gettext` can
- # be deleted completely, then move `envsubst` back.
- && apk add --no-cache --virtual .gettext gettext \
- && mv /usr/bin/envsubst /tmp/ \
- \
- && runDeps="$( \
- scanelf --needed --nobanner /tmp/envsubst \
- | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \
- | sort -u \
- | xargs -r apk info --installed \
- | sort -u \
- )" \
- && apk add --no-cache $runDeps \
- && apk del .gettext \
- && mv /tmp/envsubst /usr/local/bin/ \
- # Bring in tzdata so users could set the timezones through the environment
- # variables
- && apk add --no-cache tzdata \
- # forward request and error logs to docker log collector
- && ln -sf /dev/stdout /var/log/nginx/access.log \
- && ln -sf /dev/stderr /var/log/nginx/error.log
- EXPOSE 80
- STOPSIGNAL SIGTERM
- RUN apk add --no-cache \
- ca-certificates
- # set up nsswitch.conf for Go's "netgo" implementation
- # - https://github.com/golang/go/blob/go1.9.1/src/net/conf.go#L194-L275
- # - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
- RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf
- ENV GOLANG_VERSION 1.13
- RUN set -eux; \
- apk add --no-cache --virtual .build-deps \
- bash \
- gcc \
- musl-dev \
- openssl \
- go \
- ; \
- export \
- # set GOROOT_BOOTSTRAP such that we can acWORKDIR /workspace/syncMessage/WORKDIR /workspace/syncMessage/tually build Go
- GOROOT_BOOTSTRAP="$(go env GOROOT)WORKDIR /workspace/syncMessage/WORKDIR /workspace/syncMessage/" \
- # ... and set "cross-building" related vars to the installed system's values so that we create a build targeting the proper arch
- # (for example, if our build host is GOARCH=amd64, but our build env/image is GOARCH=386, our build needs GOARCH=386)
- GOOS="$(go env GOOS)" \
- GOARCH="$(go env GOARCH)" \
- GOHOSTOS="$(go env GOHOSTOS)" \
- GOHOSTARCH="$(go env GOHOSTARCH)" \
- ; \
- # also explicitly set GO386 and GOARM if appropriate
- # https://github.com/docker-library/golang/issues/184
- apkArch="$(apk --print-arch)"; \
- case "$apkArch" in \
- armhf) export GOARM='6' ;; \
- x86) export GO386='387' ;; \
- esac; \
- \
- wget -O go.tgz "https://golang.org/dl/go$GOLANG_VERSION.src.tar.gz"; \
- echo '3fc0b8b6101d42efd7da1da3029c0a13f22079c0c37ef9730209d8ec665bf122 *go.tgz' | sha256sum -c -; \
- tar -C /usr/local -xzf go.tgz; \
- rm go.tgz; \
- \
- cd /usr/local/go/src; \
- ./make.bash; \
- \
- rm -rf \
- # https://github.com/golang/go/blob/0b30cf534a03618162d3015c8705dd2231e34703/src/cmd/dist/buildtool.go#L121-L125
- /usr/local/go/pkg/bootstrap \
- # https://golang.org/cl/82095
- # https://github.com/golang/build/blob/e3fe1605c30f6a3fd136b561569933312ede8782/cmd/release/releaselet.go#L56
- /usr/local/go/pkg/obj \
- ; \
- apk del .build-deps; \
- \
- export PATH="/usr/local/go/bin:$PATH"; \
- go version
- ENV GOPATH /go
- ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
- RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH"
- RUN mkdir -p "/app"
- WORKDIR /app
- COPY . /app
- RUN go run main.go
- CMD ["nginx", "-g", "daemon off;"]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement