Skip to content

Commit

Permalink
Updated to debian bookworm and nginx 1.25
Browse files Browse the repository at this point in the history
  • Loading branch information
@netskol
netskol authored Nov 2, 2023
1 parent 03b62d7 commit a001e82
Showing 1 changed file with 9 additions and 17 deletions.
26 changes: 9 additions & 17 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,34 +1,26 @@
FROM nginx:1.21.6
FROM nginx:1.25-bookworm

RUN set -eux \
&& apt-get update \
&& apt-get install openssl wget -y \
&& export ARCH=$(uname -m) \
&& if [ "$ARCH" = "aarch64" ] ; then export SUFFIX="arm64"; else export SUFFIX="amd64"; fi \
&& export OPENSSL_CONF=/etc/ssl/openssl.cnf \
&& export GOST_PACKAGE=libengine-gost-openssl1.1_1.1.0.3-1_"${SUFFIX}".deb \
# get Gost engine deb packet
&& cd /tmp && wget http://ftp.ru.debian.org/debian/pool/main/libe/libengine-gost-openssl1.1/"${GOST_PACKAGE}" \
&& dpkg -i /tmp/"${GOST_PACKAGE}" \
&& apt-get update \
&& apt-get install openssl curl libengine-gost-openssl -y \
# enable GOST engine
&& sed -i '/\[default_conf\]/ a engines = engine_section' "${OPENSSL_CONF}" \
&& echo "" >> "${OPENSSL_CONF}" \
&& echo "# OpenSSL default section" >> "${OPENSSL_CONF}" \
&& echo "[openssl_def]" >> "${OPENSSL_CONF}" \
&& sed -i '/\[openssl_init\]/ a engines = engine_section' "${OPENSSL_CONF}" \
&& echo "engines = engine_section" >> "${OPENSSL_CONF}" \
&& echo "" >> "${OPENSSL_CONF}" \
&& echo "# Engine scetion" >> "${OPENSSL_CONF}" \
&& echo "# Engine section" >> "${OPENSSL_CONF}" \
&& echo "[engine_section]" >> "${OPENSSL_CONF}" \
&& echo "gost = gost_section" >> "${OPENSSL_CONF}" \
&& echo "" >> "${OPENSSL_CONF}" \
&& echo "# Engine gost section" >> "${OPENSSL_CONF}" \
&& echo "[gost_section]" >> "${OPENSSL_CONF}" \
&& echo "engine_id = gost" >> "${OPENSSL_CONF}" \
&& echo "dynamic_path = /usr/lib/"${ARCH}"-linux-gnu/engines-1.1/gost.so" >> "${OPENSSL_CONF}" \
&& echo "dynamic_path = /usr/lib/$(uname -m)-linux-gnu/engines-3/gost.so" >> "${OPENSSL_CONF}" \
&& echo "default_algorithms = ALL" >> "${OPENSSL_CONF}" \
&& echo "CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet" >> "${OPENSSL_CONF}" \
# clean up
&& unset OPENSSL_CONF \
# clean up
&& unset OPENSSL_CONF \
&& apt-get purge -y --auto-remove \
&& rm -rf /var/lib/apt/lists/*

RUN ln -sf /dev/stdout /var/log/nginx/access.log \
Expand Down

0 comments on commit a001e82

Please sign in to comment.