-
Notifications
You must be signed in to change notification settings - Fork 129
/
Dockerfile.oss
46 lines (38 loc) · 1.72 KB
/
Dockerfile.oss
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
FROM nginx:1.27.2@sha256:28402db69fec7c17e179ea87882667f1e054391138f77ffaf0c3eb388efc3ffb
# NJS env vars
ENV NJS_VERSION=0.8.7
ENV NJS_RELEASE=1~bookworm
# Proxy cache env vars
ENV PROXY_CACHE_MAX_SIZE=10g
ENV PROXY_CACHE_INACTIVE=60m
ENV PROXY_CACHE_SLICE_SIZE=1m
ENV PROXY_CACHE_VALID_OK=1h
ENV PROXY_CACHE_VALID_NOTFOUND=1m
ENV PROXY_CACHE_VALID_FORBIDDEN=30s
# CORS env vars
ENV CORS_ENABLED=0
ENV CORS_ALLOW_PRIVATE_NETWORK_ACCESS=""
# S3 proxy env vars
ENV DIRECTORY_LISTING_PATH_PREFIX=""
ENV STRIP_LEADING_DIRECTORY_PATH=""
ENV PREFIX_LEADING_DIRECTORY_PATH=""
# We modify the NGINX base image by:
# 1. Explicitly installing the version of njs coded in the environment variable above.
# 2. Adding configuration files needed for proxying private S3 buckets.
# 3. Adding a directory for proxied objects to be stored.
# 4. Replacing the entrypoint script with a modified version that explicitly sets resolvers.
RUN set -x \
&& echo "deb [signed-by=/etc/apt/keyrings/nginx-archive-keyring.gpg] https://nginx.org/packages/mainline/debian/ $(echo $PKG_RELEASE | cut -f2 -d~) nginx" >> /etc/apt/sources.list.d/nginx.list; \
apt-get update \
&& apt-get install --no-install-recommends --no-install-suggests -y \
libedit2 \
nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${NJS_RELEASE} \
&& apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list
COPY oss/etc /etc
COPY common/etc /etc
COPY common/docker-entrypoint.sh /docker-entrypoint.sh
COPY common/docker-entrypoint.d /docker-entrypoint.d/
RUN set -x \
&& mkdir -p /var/cache/nginx/s3_proxy \
&& chown nginx:nginx /var/cache/nginx/s3_proxy \
&& chmod -R -v +x /docker-entrypoint.sh /docker-entrypoint.d/*.sh;