added extended version

fabiocicerchia · fabiocicerchia · commit 58e7cdbf34be · 2020-06-28T09:01:01.000+02:00
diff --git a/Dockerfile.extra b/Dockerfile.extra
@@ -0,0 +1,369 @@
+ARG DOCKER_IMAGE=fabiocicerchia/nginx-lua
+ARG DOCKER_IMAGE_OS=alpine
+ARG DOCKER_IMAGE_TAG=3.12.0
+
+####################################
+# Build Nginx with support for LUA #
+####################################
+FROM $DOCKER_IMAGE_OS:$DOCKER_IMAGE_TAG AS builder
+
+# https://github.com/openresty/luajit2
+ARG VER_LUAJIT=2.1-20200102
+
+# https://github.com/openresty/lua-nginx-module
+# Production ready.
+ARG VER_LUA_NGINX_MODULE=0.10.15
+
+# https://github.com/openresty/lua-resty-core
+# This library is production ready.
+ARG VER_LUA_RESTY_CORE=0.1.17
+ARG LUA_LIB_DIR=/usr/local/share/lua/5.1
+
+# https://github.com/openresty/lua-resty-lrucache
+# This library is considered production ready.
+ARG VER_LUA_RESTY_LRUCACHE=0.09
+
+# https://github.com/vision5/ngx_devel_kit
+# The NDK is now considered to be stable.
+ARG VER_NGX_DEVEL_KIT=0.3.1
+
+# https://github.com/openresty/lua-resty-redis
+ARG VER_OPENRESTY_REDIS=0.27
+
+# https://github.com/openresty/lua-resty-mysql
+ARG VER_OPENRESTY_MYSQL=0.22
+
+#=https://github.com/openresty/lua-resty-websocket
+ARG VER_OPENRESTY_WEBSOCKET=0.07
+
+# https://github.com/openresty/lua-resty-dns
+ARG VER_OPENRESTY_DNS=0.21
+
+# https://github.com/openresty/lua-resty-memcached
+ARG VER_OPENRESTY_MEMCACHED=0.15
+
+#=https://github.com/openresty/lua-resty-shell
+ARG VER_OPENRESTY_SHELL=0.02
+
+#=https://github.com/openresty/headers-more-nginx-module
+ARG VER_OPENRESTY_HEADERS=743a4bb1a253325d17a4f4ce8ee61ea0d8e0cc19
+
+#=https://github.com/openresty/stream-lua-nginx-module
+ARG VER_OPENRESTY_STREAMLUA=0.0.8rc3
+
+#=https://github.com/cloudflare/lua-resty-cookie
+ARG VER_CLOUDFLARE_COOKIE=c54865bdcfc3c42cbd6dbbceb654ba73871d07f6
+
+#=https://github.com/cloudflare/raven-lua
+ARG VER_CLOUDFLARE_RAVENLUA=ec3614daffaab4e154dd0b70ce40de24de845477
+
+#=https://github.com/knyar/nginx-lua-prometheus
+ARG VER_PROMETHEUS=0.20200523
+
+#=https://github.com/google/ngx_brotli
+ARG VER_GOOGLE_BROTLI=1.0.0rc
+
+#=https://www.modsecurity.org
+
+#=https://www.ngxpagespeed.com
+ARG NPS_VERSION=1.13.35.2-stable
+ARG NPS_RELEASE_NUMBER=1.13.35.2
+
+# https://github.com/nginx/nginx
+ARG VER_NGINX=1.19.0
+ARG NGINX_BUILD_CONFIG="\
+         --prefix=/etc/nginx \
+         --sbin-path=/usr/sbin/nginx \
+         --modules-path=/usr/lib/nginx/modules \
+         --conf-path=/etc/nginx/nginx.conf \
+         --error-log-path=/var/log/nginx/error.log \
+         --http-log-path=/var/log/nginx/access.log \
+         --pid-path=/var/run/nginx.pid \
+         --lock-path=/var/run/nginx.lock \
+         --http-client-body-temp-path=/var/cache/nginx/client_temp \
+         --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
+         --http-proxy-temp-path=/var/cache/nginx/proxy_temp \
+         --http-scgi-temp-path=/var/cache/nginx/scgi_temp \
+         --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
+         --user=nginx \
+         --group=nginx \
+         --add-module=/lua-nginx-module-${VER_LUA_NGINX_MODULE} \
+         --add-module=/ngx_devel_kit-${VER_NGX_DEVEL_KIT} \
+         --with-compat \
+         --with-file-aio \
+         --with-http_addition_module \
+         --with-http_auth_request_module \
+         --with-http_dav_module \
+         --with-http_dav_module \
+         --with-http_flv_module \
+         --with-http_geoip_module \
+         --with-http_gunzip_module \
+         --with-http_gzip_static_module \
+         --with-http_mp4_module \
+         --with-http_random_index_module \
+         --with-http_realip_module \
+         --with-http_secure_link_module \
+         --with-http_slice_module \
+         --with-http_ssl_module \
+         --with-http_stub_status_module \
+         --with-http_sub_module \
+         --with-http_v2_module \
+         --with-mail \
+         --with-mail_ssl_module \
+         --with-stream \
+         --with-stream_realip_module \
+         --with-stream_ssl_module \
+         --with-stream_ssl_preread_module \
+         --with-threads \
+         --add-module=/headers-more-nginx-module-${VER_OPENRESTY_HEADERS} \
+         --add-module=/stream-lua-nginx-module-${VER_OPENRESTY_STREAMLUA} \
+    "
+#         --add-module=/ngx_brotli-${VER_GOOGLE_BROTLI} \
+#         --add-module=/incubator-pagespeed-ngx-${NPS_VERSION} \
+
+ARG LUAJIT_LIB=/usr/local/lib
+ARG LUAJIT_INC=/usr/local/include/luajit-2.1
+ARG LD_LIBRARY_PATH=/usr/local/lib/:$LD_LIBRARY_PATH
+
+ARG BUILD_DEPS="\
+      curl \
+      g++ \
+      geoip-dev \
+      gzip \
+      make \
+      openssl-dev \
+      pcre-dev \
+      tar \
+      zlib-dev"
+
+ARG NGINX_BUILD_DEPS="\
+      alpine-sdk \
+      bash \
+      findutils \
+      gcc \
+      gd-dev \
+      geoip-dev \
+      libc-dev \
+      libedit-dev \
+      libxslt-dev \
+      linux-headers \
+      make \
+      mercurial \
+      openssl-dev \
+      pcre-dev \
+      perl-dev \
+      zlib-dev"
+
+RUN set -eux \
+   && apk update \
+   && apk add --no-cache \
+      $BUILD_DEPS \
+      $NGINX_BUILD_DEPS
+
+RUN set -eux \
+# OpenResty LUAJIT2
+# ##############################################################################
+    && curl -Lo /luajit.tar.gz https://github.com/openresty/luajit2/archive/v${VER_LUAJIT}.tar.gz \
+    && tar -C / -xvzf /luajit.tar.gz && rm /luajit.tar.gz \
+    && cd /luajit2-${VER_LUAJIT} \
+    && make -j "$(nproc)" \
+    && make install \
+    \
+# LUA Resty Core
+# ##############################################################################
+    && curl -Lo /lua-resty-core.tar.gz https://github.com/openresty/lua-resty-core/archive/v${VER_LUA_RESTY_CORE}.tar.gz \
+    && tar -C / -xvzf /lua-resty-core.tar.gz && rm /lua-resty-core.tar.gz \
+    && cd /lua-resty-core-${VER_LUA_RESTY_CORE} \
+    && make -j "$(nproc)" \
+    && make install \
+    \
+# LUA Resty LRUCache
+# ##############################################################################
+    && curl -Lo /lua-resty-lrucache.tar.gz https://github.com/openresty/lua-resty-lrucache/archive/v${VER_LUA_RESTY_LRUCACHE}.tar.gz \
+    && tar -C / -xvzf /lua-resty-lrucache.tar.gz && rm /lua-resty-lrucache.tar.gz \
+    && cd /lua-resty-lrucache-${VER_LUA_RESTY_LRUCACHE} \
+    && make -j "$(nproc)" \
+    && make install \
+    \
+# NGX Devel Kit
+# ##############################################################################
+    && curl -Lo /ngx_devel_kit.tar.gz https://github.com/vision5/ngx_devel_kit/archive/v${VER_NGX_DEVEL_KIT}.tar.gz \
+    && tar -C / -xvzf /ngx_devel_kit.tar.gz && rm /ngx_devel_kit.tar.gz \
+    \
+# Lua Nginx Module
+# ##############################################################################
+    && curl -Lo /lua-nginx.tar.gz https://github.com/openresty/lua-nginx-module/archive/v${VER_LUA_NGINX_MODULE}.tar.gz \
+    && tar -C / -xvzf /lua-nginx.tar.gz && rm /lua-nginx.tar.gz \
+# OpenResty Redis
+# ##############################################################################
+   && curl -Lo /lua-openresty-redis.tar.gz https://github.com/openresty/lua-resty-redis/archive/v${VER_OPENRESTY_REDIS}.tar.gz \
+      && tar xvzf /lua-openresty-redis.tar.gz && rm /lua-openresty-redis.tar.gz \
+      && cd /lua-resty-redis-${VER_OPENRESTY_REDIS} \
+      && make -j "$(nproc)" \
+      && make install \
+      && cd / \
+# OpenResty Mysql
+# ##############################################################################
+   && curl -Lo /lua-openresty-mysql.tar.gz https://github.com/openresty/lua-resty-mysql/archive/v${VER_OPENRESTY_MYSQL}.tar.gz \
+      && tar xvzf /lua-openresty-mysql.tar.gz && rm /lua-openresty-mysql.tar.gz \
+      && cd /lua-resty-mysql-${VER_OPENRESTY_MYSQL} \
+      && make -j "$(nproc)" \
+      && make install \
+      && cd / \
+# OpenResty Websocket
+# ##############################################################################
+   && curl -Lo /lua-openresty-websocket.tar.gz https://github.com/openresty/lua-resty-websocket/archive/v${VER_OPENRESTY_WEBSOCKET}.tar.gz \
+      && tar xvzf /lua-openresty-websocket.tar.gz && rm /lua-openresty-websocket.tar.gz \
+      && cd /lua-resty-websocket-${VER_OPENRESTY_WEBSOCKET} \
+      && make -j "$(nproc)" \
+      && make install \
+      && cd / \
+# OpenResty Dns
+# ##############################################################################
+   && curl -Lo /lua-openresty-dns.tar.gz https://github.com/openresty/lua-resty-dns/archive/v${VER_OPENRESTY_DNS}.tar.gz \
+      && tar xvzf /lua-openresty-dns.tar.gz && rm /lua-openresty-dns.tar.gz \
+      && cd /lua-resty-dns-${VER_OPENRESTY_DNS} \
+      && make -j "$(nproc)" \
+      && make install \
+      && cd / \
+# OpenResty Memcached
+# ##############################################################################
+   && curl -Lo /lua-openresty-memcached.tar.gz https://github.com/openresty/lua-resty-memcached/archive/v${VER_OPENRESTY_MEMCACHED}.tar.gz \
+      && tar xvzf /lua-openresty-memcached.tar.gz && rm /lua-openresty-memcached.tar.gz \
+      && cd /lua-resty-memcached-${VER_OPENRESTY_MEMCACHED} \
+      && make -j "$(nproc)" \
+      && make install \
+      && cd / \
+# OpenResty Shell
+# ##############################################################################
+   && curl -Lo /lua-openresty-shell.tar.gz https://github.com/openresty/lua-resty-shell/archive/v${VER_OPENRESTY_SHELL}.tar.gz \
+      && tar xvzf /lua-openresty-shell.tar.gz && rm /lua-openresty-shell.tar.gz \
+      && cd /lua-resty-shell-${VER_OPENRESTY_SHELL} \
+      && make -j "$(nproc)" \
+      && make install \
+      && cd / \
+# OpenResty Headers
+# ##############################################################################
+   && curl -Lo /headers-more-nginx-module.zip https://github.com/openresty/headers-more-nginx-module/archive/${VER_OPENRESTY_HEADERS}.zip \
+      && unzip /headers-more-nginx-module.zip && rm /headers-more-nginx-module.zip \
+# OpenResty Stream Lua
+# ##############################################################################
+   && curl -Lo /stream-lua-nginx-module.zip https://github.com/openresty/stream-lua-nginx-module/archive/v${VER_OPENRESTY_STREAMLUA}.zip \
+      && unzip /stream-lua-nginx-module.zip && rm /stream-lua-nginx-module.zip \
+# Cloudflare Cookie
+# ##############################################################################
+   && curl -Lo /lua-resty-cookie.tar.gz https://github.com/cloudflare/lua-resty-cookie/archive/${VER_CLOUDFLARE_COOKIE}.tar.gz \
+      && tar xvzf /lua-resty-cookie.tar.gz && rm /lua-resty-cookie.tar.gz \
+      && cd /lua-resty-cookie-${VER_CLOUDFLARE_COOKIE} \
+      && make -j "$(nproc)" \
+      && make install \
+      && cd / \
+# Cloudflare Raven Lua
+# ##############################################################################
+#   && curl -Lo /raven-lua.tar.gz https://github.com/cloudflare/raven-lua/archive/${VER_CLOUDFLARE_RAVENLUA}.tar.gz \
+#      && tar xvzf /raven-lua.tar.gz && rm /raven-lua.tar.gz \
+#      && cd /raven-lua-${VER_CLOUDFLARE_RAVENLUA} \
+#      && make -j "$(nproc)" \
+#      && make install \
+#      && cd / \
+# Prometheus
+# ##############################################################################
+   && curl -Lo /nginx-lua-prometheus.tar.gz https://github.com/knyar/nginx-lua-prometheus/archive/${VER_PROMETHEUS}.tar.gz \
+      && tar xvzf /nginx-lua-prometheus.tar.gz && rm /nginx-lua-prometheus.tar.gz \
+      && mv nginx-lua-prometheus-${VER_PROM_LUA}/prometheus.lua nginx-lua-prometheus-${VER_PROM_LUA}/prometheus_keys.lua nginx-lua-prometheus-${VER_PROM_LUA}/prometheus_resty_counter.lua ${LUA_LIB_DIR}/ \
+      && rm -rf /prom-lua* \
+# Google Brotli
+# ##############################################################################
+   && curl -Lo /ngx_brotli.tar.gz https://github.com/google/ngx_brotli/archive/v${VER_GOOGLE_BROTLI}.tar.gz \
+      && tar xvzf /ngx_brotli.tar.gz && rm /ngx_brotli.tar.gz \
+
+RUN set -eux \
+# NGINX
+# ##############################################################################
+# we're on an architecture upstream doesn't officially build for
+# let's build binaries from the published packaging sources
+    && curl -Lo /nginx.tar.gz https://nginx.org/download/nginx-${VER_NGINX}.tar.gz \
+    && tar -C / -xvzf /nginx.tar.gz && rm /nginx.tar.gz \
+    && cd /nginx-${VER_NGINX} \
+    && mkdir -p /var/cache/nginx/client_temp \
+       /var/cache/nginx/proxy_temp \
+       /var/cache/nginx/fastcgi_temp \
+       /var/cache/nginx/uwsgi_temp \
+       /var/cache/nginx/scgi_temp \
+    && ./configure \
+       ${NGINX_BUILD_CONFIG} \
+       --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' \
+       --with-ld-opt='-Wl,-rpath,/usr/local/lib -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' \
+    && make -j "$(nproc)" build \
+    && make install
+
+##########################################
+# Combine everything with minimal layers #
+##########################################
+FROM $DOCKER_IMAGE_OS:$DOCKER_IMAGE_TAG
+
+ARG DOCKER_IMAGE=fabiocicerchia/nginx-lua
+ARG DOCKER_IMAGE_OS=alpine
+ARG DOCKER_IMAGE_TAG=3.12.0
+ARG VER_NGINX=1.19.0
+ARG BUILD_DATE
+ARG VCS_REF
+
+# http://label-schema.org/rc1/
+LABEL maintainer="Fabio Cicerchia <info@fabiocicerchia.it>" \
+      org.label-schema.build-date=$BUILD_DATE \
+      org.label-schema.description="Nginx $VER_NGINX with LUA support based on $DOCKER_IMAGE_OS $DOCKER_IMAGE_TAG." \
+      org.label-schema.docker.cmd="docker run -p 80:80 -d $DOCKER_IMAGE:$VER_NGINX-$DOCKER_IMAGE_OS$DOCKER_IMAGE_TAG" \
+      org.label-schema.name="$DOCKER_IMAGE" \
+      org.label-schema.schema-version="1.0" \
+      org.label-schema.url="https://github.com/$DOCKER_IMAGE" \
+      org.label-schema.vcs-ref=$VCS_REF \
+      org.label-schema.vcs-url="https://github.com/$DOCKER_IMAGE" \
+      org.label-schema.version="$VER_NGINX-$DOCKER_IMAGE_OS$DOCKER_IMAGE_TAG"
+
+# https://github.com/Yelp/dumb-init
+ARG VER_DUMBINIT=1.2.2
+
+ARG PKG_DEPS="\
+      geoip-dev \
+      openssl-dev \
+      pcre-dev \
+      zlib-dev"
+
+COPY --from=builder /etc/nginx /etc/nginx
+COPY --from=builder /usr/local/lib /usr/local/lib
+COPY --from=builder /usr/local/share/lua /usr/local/share/lua
+COPY --from=builder /usr/sbin/nginx /usr/sbin/nginx
+COPY --from=builder /var/cache/nginx /var/cache/nginx
+
+RUN set -eux \
+    && apk update \
+    && apk add --no-cache \
+       $PKG_DEPS \
+# Bring in tzdata so users could set the timezones through the environment
+# variables
+    && apk add --no-cache tzdata \
+# Bring in curl and ca-certificates to make registering on DNS SD easier
+    && apk add --no-cache curl ca-certificates \
+# forward request and error logs to docker log collector
+    && mkdir -p /var/log/nginx \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log \
+# dumb-init
+# ##############################################################################
+    && curl -Lo /usr/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v${VER_DUMBINIT}/dumb-init_${VER_DUMBINIT}_x86_64 \
+    && chmod +x /usr/bin/dumb-init \
+# create nginx user/group first, to be consistent throughout docker variants
+    && addgroup -g 32548 -S nginx \
+    && adduser -S -D -H -u 32548 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx
+
+HEALTHCHECK --interval=30s --timeout=3s CMD curl --fail http://localhost/ || exit 1
+
+EXPOSE 80
+EXPOSE 443
+
+STOPSIGNAL SIGTERM
+
+ENTRYPOINT ["dumb-init"]
+
+CMD ["nginx", "-g", "daemon off;"]
