forked from sclorg/nginx-container
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.rhel8
82 lines (69 loc) · 3.42 KB
/
Dockerfile.rhel8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
FROM ubi8/s2i-core:1
# RHSCL rh-nginx116 image.
EXPOSE 8080
EXPOSE 8443
ENV NAME=nginx \
NGINX_VERSION=1.16 \
NGINX_SHORT_VER=116 \
VERSION=0
ENV SUMMARY="Platform for running nginx $NGINX_VERSION or building nginx-based application" \
DESCRIPTION="Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP \
protocols, with a strong focus on high concurrency, performance and low memory usage. The container \
image provides a containerized packaging of the nginx $NGINX_VERSION daemon. The image can be used \
as a base image for other applications based on nginx $NGINX_VERSION web server. \
Nginx server image can be extended using source-to-image tool."
LABEL summary="${SUMMARY}" \
description="${DESCRIPTION}" \
io.k8s.description="${DESCRIPTION}" \
io.k8s.display-name="Nginx ${NGINX_VERSION}" \
io.openshift.expose-services="8080:http" \
io.openshift.expose-services="8443:https" \
io.openshift.tags="builder,${NAME},${NAME}-${NGINX_SHORT_VER}" \
com.redhat.component="${NAME}-${NGINX_SHORT_VER}-container" \
name="rhel8/${NAME}-${NGINX_SHORT_VER}" \
version="1" \
com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \
maintainer="SoftwareCollections.org <[email protected]>" \
help="For more information visit https://github.com/sclorg/${NAME}-container" \
usage="s2i build <SOURCE-REPOSITORY> rhel8/${NAME}-${NGINX_SHORT_VER}:latest <APP-NAME>"
ENV NGINX_CONFIGURATION_PATH=${APP_ROOT}/etc/nginx.d \
NGINX_CONF_PATH=/etc/nginx/nginx.conf \
NGINX_DEFAULT_CONF_PATH=${APP_ROOT}/etc/nginx.default.d \
NGINX_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/nginx \
NGINX_APP_ROOT=${APP_ROOT} \
NGINX_LOG_PATH=/var/log/nginx
RUN yum -y module enable nginx:$NGINX_VERSION && \
INSTALL_PKGS="nss_wrapper bind-utils gettext hostname nginx nginx-mod-stream" && \
yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
rpm -V $INSTALL_PKGS && \
yum -y clean all --enablerepo='*'
# Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
COPY ./s2i/bin/ $STI_SCRIPTS_PATH
# Copy extra files to the image.
COPY ./root/ /
# In order to drop the root user, we have to make some directories world
# writeable as OpenShift default security model is to run the container under
# random UID.
RUN sed -i -f ${NGINX_APP_ROOT}/nginxconf-fed.sed ${NGINX_CONF_PATH} && \
chmod a+rwx ${NGINX_CONF_PATH} && \
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.d/ && \
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.default.d/ && \
mkdir -p ${NGINX_APP_ROOT}/src/nginx-start/ && \
mkdir -p ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
mkdir -p ${NGINX_LOG_PATH} && \
chmod -R a+rwx ${NGINX_APP_ROOT}/etc && \
chmod -R a+rwx /var/lib/nginx && \
chmod -R a+rwx ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
chown -R 1001:0 ${NGINX_APP_ROOT} && \
chown -R 1001:0 /var/lib/nginx && \
chown -R 1001:0 ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
# FIXME: Not sure if this is safe to do, just a hack to make the image work
chmod -R a+rwx /var/run && \
chown -R 1001:0 /var/run && \
rpm-file-permissions
USER 1001
# Not using VOLUME statement since it's not working in OpenShift Online:
# https://github.com/sclorg/httpd-container/issues/30
# VOLUME ["/usr/share/nginx/html"]
# VOLUME ["/var/log/nginx/"]
CMD $STI_SCRIPTS_PATH/usage