From bbefca2b2610215b7b3618b5aad9136756db34fb Mon Sep 17 00:00:00 2001 From: Laurent Goderre Date: Fri, 20 Dec 2024 13:18:33 -0500 Subject: [PATCH] Docker: Mount rust from image at build time instead of downloading it This ensures that rust is not left behind in the image --- pkg/docker/Dockerfile.base | 91 +++++++++++++++++++++++++++ pkg/docker/Dockerfile.go1.22 | 40 ++++-------- pkg/docker/Dockerfile.go1.23 | 40 ++++-------- pkg/docker/Dockerfile.jsc11 | 40 ++++-------- pkg/docker/Dockerfile.minimal | 40 ++++-------- pkg/docker/Dockerfile.node20 | 40 ++++-------- pkg/docker/Dockerfile.node22 | 40 ++++-------- pkg/docker/Dockerfile.perl5.38 | 40 ++++-------- pkg/docker/Dockerfile.perl5.40 | 40 ++++-------- pkg/docker/Dockerfile.php8.3 | 40 ++++-------- pkg/docker/Dockerfile.php8.4 | 40 ++++-------- pkg/docker/Dockerfile.python3.12 | 40 ++++-------- pkg/docker/Dockerfile.python3.12-slim | 40 ++++-------- pkg/docker/Dockerfile.python3.13 | 40 ++++-------- pkg/docker/Dockerfile.python3.13-slim | 40 ++++-------- pkg/docker/Dockerfile.ruby3.2 | 40 ++++-------- pkg/docker/Dockerfile.ruby3.3 | 40 ++++-------- pkg/docker/Dockerfile.wasm | 40 ++++-------- pkg/docker/Makefile | 10 ++- pkg/docker/template.Dockerfile | 40 ++++-------- pkg/docker/template.base.Dockerfile | 91 +++++++++++++++++++++++++++ 21 files changed, 388 insertions(+), 524 deletions(-) create mode 100644 pkg/docker/Dockerfile.base create mode 100644 pkg/docker/template.base.Dockerfile diff --git a/pkg/docker/Dockerfile.base b/pkg/docker/Dockerfile.base new file mode 100644 index 000000000..2e5f6868c --- /dev/null +++ b/pkg/docker/Dockerfile.base @@ -0,0 +1,91 @@ +FROM rust:1.83.0-bookworm AS build + +RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ + && mkdir -p /usr/src/unit \ + && cd /usr/src/unit \ + && git clone --depth 1 -b 1.34.0-1 https://github.com/nginx/unit \ + && cd unit \ + && NCPU="$(getconf _NPROCESSORS_ONLN)" \ + && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ + && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ + && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ + --control=unix:/var/run/control.unit.sock \ + --runstatedir=/var/run \ + --pid=/var/run/unit.pid \ + --logdir=/var/log \ + --log=/var/log/unit.log \ + --tmpdir=/var/tmp \ + --user=unit \ + --group=unit \ + --openssl \ + --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs \ + --otel" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ + && make clean \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ + && install -pm644 build/lib/libnxt.a /usr/lib/libnxt.a \ + && make clean \ + && cd \ + && rm -rf /usr/src/unit \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } + +FROM debian:bookworm-slim + +LABEL org.opencontainers.image.title="Unit (base)" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " +LABEL org.opencontainers.image.version="1.34.0" + +RUN set -ex \ + && mkdir -p /var/lib/unit/ \ + && mkdir -p /docker-entrypoint.d/ \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ + --no-create-home \ + --home /nonexistent \ + --comment "unit user" \ + --shell /bin/false \ + unit \ + && ln -sf /dev/stderr /var/log/unit.log + +COPY --from=build /usr/sbin/unitd* /usr/sbin/ +COPY --from=build /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN set -ex \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove build-essential \ + && rm -rf /var/lib/apt/lists/* \ + && rm -f /requirements.apt + +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + +STOPSIGNAL SIGTERM + +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +EXPOSE 80 +CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] \ No newline at end of file diff --git a/pkg/docker/Dockerfile.go1.22 b/pkg/docker/Dockerfile.go1.22 index 6059fc426..c4ca3e2cf 100644 --- a/pkg/docker/Dockerfile.go1.22 +++ b/pkg/docker/Dockerfile.go1.22 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM golang:1.22-bookworm LABEL org.opencontainers.image.title="Unit (go1.22)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure go --go-path=$GOPATH \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.go1.23 b/pkg/docker/Dockerfile.go1.23 index a1a64602f..33d2b463d 100644 --- a/pkg/docker/Dockerfile.go1.23 +++ b/pkg/docker/Dockerfile.go1.23 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM golang:1.23-bookworm LABEL org.opencontainers.image.title="Unit (go1.23)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure go --go-path=$GOPATH \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.jsc11 b/pkg/docker/Dockerfile.jsc11 index f97e0e781..f8a81c900 100644 --- a/pkg/docker/Dockerfile.jsc11 +++ b/pkg/docker/Dockerfile.jsc11 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM eclipse-temurin:11-jdk-jammy LABEL org.opencontainers.image.title="Unit (jsc11)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure java --jars=/usr/share/unit-jsc-common/ \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.minimal b/pkg/docker/Dockerfile.minimal index 9bff9d4b2..ba8291f81 100644 --- a/pkg/docker/Dockerfile.minimal +++ b/pkg/docker/Dockerfile.minimal @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM debian:bookworm-slim LABEL org.opencontainers.image.title="Unit (minimal)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.node20 b/pkg/docker/Dockerfile.node20 index 86c3a83b7..0b1c5daf9 100644 --- a/pkg/docker/Dockerfile.node20 +++ b/pkg/docker/Dockerfile.node20 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM node:20-bookworm LABEL org.opencontainers.image.title="Unit (node20)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && npm -g install node-gyp \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure nodejs --node-gyp=/usr/local/bin/node-gyp \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.node22 b/pkg/docker/Dockerfile.node22 index 208e59fc7..0faf3fe6f 100644 --- a/pkg/docker/Dockerfile.node22 +++ b/pkg/docker/Dockerfile.node22 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM node:22-bookworm LABEL org.opencontainers.image.title="Unit (node22)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && npm -g install node-gyp \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure nodejs --node-gyp=/usr/local/bin/node-gyp \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.perl5.38 b/pkg/docker/Dockerfile.perl5.38 index d5f340331..eac685a4f 100644 --- a/pkg/docker/Dockerfile.perl5.38 +++ b/pkg/docker/Dockerfile.perl5.38 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM perl:5.38-bookworm LABEL org.opencontainers.image.title="Unit (perl5.38)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure perl \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.perl5.40 b/pkg/docker/Dockerfile.perl5.40 index 6b88a29bb..fe75fcd25 100644 --- a/pkg/docker/Dockerfile.perl5.40 +++ b/pkg/docker/Dockerfile.perl5.40 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM perl:5.40-bookworm LABEL org.opencontainers.image.title="Unit (perl5.40)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure perl \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.php8.3 b/pkg/docker/Dockerfile.php8.3 index 3174c02d4..566e96501 100644 --- a/pkg/docker/Dockerfile.php8.3 +++ b/pkg/docker/Dockerfile.php8.3 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM php:8.3-cli-bookworm LABEL org.opencontainers.image.title="Unit (php8.3)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure php \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.php8.4 b/pkg/docker/Dockerfile.php8.4 index c6a36da79..0a203cdf8 100644 --- a/pkg/docker/Dockerfile.php8.4 +++ b/pkg/docker/Dockerfile.php8.4 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM php:8.4-cli-bookworm LABEL org.opencontainers.image.title="Unit (php8.4)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure php \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.python3.12 b/pkg/docker/Dockerfile.python3.12 index 8402dae7f..0969ad7dd 100644 --- a/pkg/docker/Dockerfile.python3.12 +++ b/pkg/docker/Dockerfile.python3.12 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM python:3.12-bookworm LABEL org.opencontainers.image.title="Unit (python3.12)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure python --config=/usr/local/bin/python3-config \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.python3.12-slim b/pkg/docker/Dockerfile.python3.12-slim index f4f957cfb..573073822 100644 --- a/pkg/docker/Dockerfile.python3.12-slim +++ b/pkg/docker/Dockerfile.python3.12-slim @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM python:3.12-slim-bookworm LABEL org.opencontainers.image.title="Unit (python3.12-slim)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure python --config=/usr/local/bin/python3-config \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.python3.13 b/pkg/docker/Dockerfile.python3.13 index dd6a91d43..243a9f9df 100644 --- a/pkg/docker/Dockerfile.python3.13 +++ b/pkg/docker/Dockerfile.python3.13 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM python:3.13-bookworm LABEL org.opencontainers.image.title="Unit (python3.13)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure python --config=/usr/local/bin/python3-config \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.python3.13-slim b/pkg/docker/Dockerfile.python3.13-slim index 6ca776163..0c1551b93 100644 --- a/pkg/docker/Dockerfile.python3.13-slim +++ b/pkg/docker/Dockerfile.python3.13-slim @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM python:3.13-slim-bookworm LABEL org.opencontainers.image.title="Unit (python3.13-slim)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure python --config=/usr/local/bin/python3-config \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.ruby3.2 b/pkg/docker/Dockerfile.ruby3.2 index 93302277c..9edcd9d62 100644 --- a/pkg/docker/Dockerfile.ruby3.2 +++ b/pkg/docker/Dockerfile.ruby3.2 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM ruby:3.2-bookworm LABEL org.opencontainers.image.title="Unit (ruby3.2)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure ruby \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.ruby3.3 b/pkg/docker/Dockerfile.ruby3.3 index 45fdc963c..79eb6f810 100644 --- a/pkg/docker/Dockerfile.ruby3.3 +++ b/pkg/docker/Dockerfile.ruby3.3 @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM ruby:3.3-bookworm LABEL org.opencontainers.image.title="Unit (ruby3.3)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && /bin/true \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure ruby \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Dockerfile.wasm b/pkg/docker/Dockerfile.wasm index cb6c51a95..f1d4576ec 100644 --- a/pkg/docker/Dockerfile.wasm +++ b/pkg/docker/Dockerfile.wasm @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM debian:bookworm-slim LABEL org.opencontainers.image.title="Unit (wasm)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="1.34.0" -RUN set -ex \ +COPY --from=unit:1.34.0-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:1.34.0-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && make -C pkg/contrib .wasmtime \ && install -pm 755 pkg/contrib/wasmtime/artifacts/lib/libwasmtime.so /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/ \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ @@ -96,7 +78,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/Makefile b/pkg/docker/Makefile index 23401e7ee..a0e9eef43 100644 --- a/pkg/docker/Makefile +++ b/pkg/docker/Makefile @@ -13,6 +13,12 @@ MODULES_SLIM ?= python VARIANT ?= bookworm +TEMPLATE ?= template.Dockerfile + +VERSIONS_base ?= +TEMPLATE_base ?= template.base.Dockerfile +CONTAINER_base ?= debian:$(VARIANT)-slim + VERSIONS_minimal ?= CONTAINER_minimal ?= debian:$(VARIANT)-slim CONFIGURE_minimal ?= @@ -93,7 +99,7 @@ default: MODVERSIONS = $(foreach module, $(MODULES), $(foreach modversion, $(shell for v in $(VERSIONS_$(module)); do echo $$v; done | sort -r), $(module)$(modversion))) MODVERSIONS += $(foreach module, $(MODULES_SLIM), $(foreach modversion, $(shell for v in $(VERSIONS_$(module)); do echo $$v; done | sort -r), $(module)$(modversion)-slim)) -MODVERSIONS += wasm minimal +MODVERSIONS += wasm base minimal modname = $(shell echo $1 | /usr/bin/tr -d '.01234567890-' | sed 's/slim//') @@ -102,7 +108,7 @@ build: $(addprefix build-, $(MODVERSIONS)) Dockerfile.%: ../../version template.Dockerfile @echo "===> Building $@" - cat template.Dockerfile | sed \ + cat $(or $(TEMPLATE_$*),$(TEMPLATE)) | sed \ -e 's,@@VERSION@@,$(VERSION),g' \ -e 's,@@PATCHLEVEL@@,$(PATCHLEVEL),g' \ -e 's,@@CONTAINER@@,$(CONTAINER_$*),g' \ diff --git a/pkg/docker/template.Dockerfile b/pkg/docker/template.Dockerfile index 3d2c38849..9dc28ee2a 100644 --- a/pkg/docker/template.Dockerfile +++ b/pkg/docker/template.Dockerfile @@ -1,3 +1,5 @@ +FROM rust:1.83.0-bookworm AS rust-build + FROM @@CONTAINER@@ LABEL org.opencontainers.image.title="Unit (@@MODULE@@)" @@ -8,30 +10,18 @@ LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installatio LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " LABEL org.opencontainers.image.version="@@VERSION@@" -RUN set -ex \ +COPY --from=unit:@@VERSION@@-base /usr/sbin/unitd* /usr/sbin/ +COPY --from=unit:@@VERSION@@-base /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN --mount=type=bind,target=/rust,from=rust-build,rw \ + set -ex \ && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ - && export RUST_VERSION=1.83.0 \ - && export RUSTUP_HOME=/usr/src/unit/rustup \ - && export CARGO_HOME=/usr/src/unit/cargo \ - && export PATH=/usr/src/unit/cargo/bin:$PATH \ - && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) rustArch="x86_64-unknown-linux-gnu"; rustupSha256="6aeece6993e902708983b209d04c0d1dbb14ebb405ddb87def578d41f920f56d" ;; \ - arm64) rustArch="aarch64-unknown-linux-gnu"; rustupSha256="1cffbf51e63e634c746f741de50649bbbcbd9dbe1de363c9ecef64e278dba2b2" ;; \ - *) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \ - esac \ - && url="https://static.rust-lang.org/rustup/archive/1.27.1/${rustArch}/rustup-init" \ - && curl -L -O "$url" \ - && echo "${rustupSha256} *rustup-init" | sha256sum -c - \ - && chmod +x rustup-init \ - && ./rustup-init -y --no-modify-path --profile minimal --default-toolchain $RUST_VERSION --default-host ${rustArch} \ - && rm rustup-init \ - && rustup --version \ - && cargo --version \ - && rustc --version \ + && export RUSTUP_HOME=/rust/usr/src/unit/rustup \ + && export CARGO_HOME=/rust/usr/src/unit/cargo \ + && export PATH=/rust/usr/local/cargo/bin/:$PATH \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ && mkdir -p /usr/src/unit \ && cd /usr/src/unit \ @@ -58,14 +48,6 @@ RUN set -ex \ --otel" \ && make -j $NCPU -C pkg/contrib .njs \ && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/sbin/unitd /usr/sbin/unitd \ - && make clean \ && @@MODULE_PREBUILD@@ \ && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure @@CONFIGURE@@ \ @@ -95,7 +77,7 @@ RUN set -ex \ unit \ && apt-get update \ && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get purge -y --auto-remove build-essential \ + && apt-get purge -y --auto-remove git build-essential libssl-dev libpcre2-dev libclang-dev cmake \ && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stderr /var/log/unit.log diff --git a/pkg/docker/template.base.Dockerfile b/pkg/docker/template.base.Dockerfile new file mode 100644 index 000000000..94bfd7972 --- /dev/null +++ b/pkg/docker/template.base.Dockerfile @@ -0,0 +1,91 @@ +FROM rust:1.83.0-bookworm AS build + +RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config libclang-dev cmake \ + && mkdir -p /usr/src/unit \ + && cd /usr/src/unit \ + && git clone --depth 1 -b @@VERSION@@-@@PATCHLEVEL@@ https://github.com/nginx/unit \ + && cd unit \ + && NCPU="$(getconf _NPROCESSORS_ONLN)" \ + && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ + && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ + && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ + --control=unix:/var/run/control.unit.sock \ + --runstatedir=/var/run \ + --pid=/var/run/unit.pid \ + --logdir=/var/log \ + --log=/var/log/unit.log \ + --tmpdir=/var/tmp \ + --user=unit \ + --group=unit \ + --openssl \ + --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs \ + --otel" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ + && make clean \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ + && install -pm644 build/lib/libnxt.a /usr/lib/libnxt.a \ + && make clean \ + && cd \ + && rm -rf /usr/src/unit \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } + +FROM @@CONTAINER@@ + +LABEL org.opencontainers.image.title="Unit (@@MODULE@@)" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers " +LABEL org.opencontainers.image.version="@@VERSION@@" + +RUN set -ex \ + && mkdir -p /var/lib/unit/ \ + && mkdir -p /docker-entrypoint.d/ \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ + --no-create-home \ + --home /nonexistent \ + --comment "unit user" \ + --shell /bin/false \ + unit \ + && ln -sf /dev/stderr /var/log/unit.log + +COPY --from=build /usr/sbin/unitd* /usr/sbin/ +COPY --from=build /usr/lib/libnxt.a /usr/lib/libnxt.a + +RUN set -ex \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove build-essential \ + && rm -rf /var/lib/apt/lists/* \ + && rm -f /requirements.apt + +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + +STOPSIGNAL SIGTERM + +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +EXPOSE 80 +CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] \ No newline at end of file