dcarrillo/docker-nginx
1
0
Fork 0
mirror of https://github.com/dcarrillo/docker-nginx.git synced 2025-01-04 22:56:48 +00:00
Code Issues Releases Wiki Activity

Bump nginx to 1.23.1, Alpine to 3.16 and remove geoip support (#23)

Browse Source
This commit is contained in:
Daniel Carrillo 2022-07-25 20:47:36 +02:00 committed by GitHub
parent fb1e810b54
commit 5f90de281b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 6 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
.github/workflows/automerge.yml vendored
View File

@ -1,30 +0,0 @@
name: automerge
on:
pull_request:
types:
- labeled
- unlabeled
- synchronize
- opened
- edited
- ready_for_review
- reopened
- unlocked
pull_request_review:
types:
- submitted
check_suite:
types:
- completed
status: {}
jobs:
automerge:
runs-on: ubuntu-latest
steps:
- name: automerge
uses: "pascalgn/automerge-action@4536e8847eb62fe2f0ee52c8fa92d17aa97f932f"
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
MERGE_RETRIES: 30
MERGE_RETRY_SLEEP: 10000
MERGE_METHOD: merge

11
Dockerfile
View File

@ -1,14 +1,11 @@
FROM alpine:3.13 FROM alpine:3.16
ARG ARG_NGINX_VERSION ARG ARG_NGINX_VERSION
ARG ARG_NGX_GEOIP2_VERSION
ENV NGINX_VERSION $ARG_NGINX_VERSION ENV NGINX_VERSION $ARG_NGINX_VERSION
ENV NGX_GEOIP2_VERSION $ARG_NGX_GEOIP2_VERSION
# hadolint ignore=DL3018,DL3003,SC2086 # hadolint ignore=DL3018,DL3003,SC2086
RUN CONFIG=" \ RUN CONFIG=" \
--add-module=/tmp/ngx_http_geoip2_module-$NGX_GEOIP2_VERSION \
--with-http_ssl_module \ --with-http_ssl_module \
--with-http_v2_module \ --with-http_v2_module \
--with-http_stub_status_module \ --with-http_stub_status_module \
@ -49,18 +46,12 @@ RUN CONFIG=" \
zlib-dev \ zlib-dev \
linux-headers \ linux-headers \
curl \ curl \
gnupg1 \
libxslt-dev \ libxslt-dev \
gd-dev \ gd-dev \
libmaxminddb-dev \
&& apk add --no-cache \ && apk add --no-cache \
libmaxminddb \
pcre \ pcre \
\ \
# installation # installation
&& curl -sL -o /tmp/ngx_http_geoip2_module.tar.gz https://github.com/leev/ngx_http_geoip2_module/archive/$NGX_GEOIP2_VERSION.tar.gz \
&& tar -zxC /tmp -f /tmp/ngx_http_geoip2_module.tar.gz \
\
&& curl -sL -o /tmp/nginx.tar.gz http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz \ && curl -sL -o /tmp/nginx.tar.gz http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz \
&& tar -zxC /tmp -f /tmp/nginx.tar.gz \ && tar -zxC /tmp -f /tmp/nginx.tar.gz \
&& cd /tmp/nginx-$NGINX_VERSION \ && cd /tmp/nginx-$NGINX_VERSION \

14
README.md
View File

@ -6,7 +6,6 @@ Nginx docker image with a minimal set of modules.
Current modules: Current modules:
- [geoip2](https://github.com/leev/ngx_http_geoip2_module)
- stream - stream
- http_ssl_module - http_ssl_module
- http_v2_module - http_v2_module
@ -18,7 +17,6 @@ Edit [conf.env](conf.env)
```bash ```bash
NGINX_VERSION=x.xx.x # Nginx version to build from NGINX_VERSION=x.xx.x # Nginx version to build from
NGX_GEOIP2_VERSION=x.x # Nginx geoip2 version to build from
DOCKER_IMAGE=dcarrillo/nginx # Docker image DOCKER_IMAGE=dcarrillo/nginx # Docker image
``` ```
@ -46,9 +44,9 @@ Build locally, tag image as latest and upload to a registry (you must be logged
Prerequisites: Prerequisites:
- docker - docker
- openssl - openssl
- curl - curl
```bash ```bash
# build local image # build local image
@ -57,9 +55,3 @@ Prerequisites:
# run tests # run tests
./tests/test.sh ./tests/test.sh
``` ```
## Who is using this image
[ifconfig.es](https://ifconfig.es) is a web service that displays information about your
connection, including IP address, geolocation and request http headers. You can easily get
your public ip address using curl, wget and other command-line http clients.

1
build.sh
View File

@ -22,7 +22,6 @@ while [ $# -gt 0 ]; do
done done
docker build --build-arg=ARG_NGINX_VERSION="$NGINX_VERSION" \ docker build --build-arg=ARG_NGINX_VERSION="$NGINX_VERSION" \
--build-arg=ARG_NGX_GEOIP2_VERSION="$NGX_GEOIP2_VERSION" \
-t "$DOCKER_IMAGE":"$NGINX_VERSION" . -t "$DOCKER_IMAGE":"$NGINX_VERSION" .
if [ x$PUSH = "xtrue" ]; then if [ x$PUSH = "xtrue" ]; then

3
conf.env
View File

@ -1,3 +1,2 @@
NGINX_VERSION=1.23.0 NGINX_VERSION=1.23.1
NGX_GEOIP2_VERSION=3.4
DOCKER_IMAGE=dcarrillo/nginx DOCKER_IMAGE=dcarrillo/nginx

BIN
tests/GeoLite2-Country.mmdb
View File

Binary file not shown.

23
tests/nginx.conf
View File

@ -41,22 +41,6 @@ http {
ssl_dhparam /tmp/dhparams.pem; ssl_dhparam /tmp/dhparams.pem;
ssl_ecdh_curve secp384r1; ssl_ecdh_curve secp384r1;
geoip2 /tmp/GeoLite2-Country.mmdb {
auto_reload 24h;
$geoip_country_iso_code country iso_code;
$geoip_country_name country names en;
}
# geoip2 /usr/local/nginx/conf/maxminddb/GeoLite2-City.mmdb {
# auto_reload 24h;
# $geoip_postal_code postal code;
# $geoip_latitude location latitude;
# $geoip_longitude location longitude;
# $geoip_city city names en;
# }
limit_req_zone $binary_remote_addr zone=limited4:10m rate=4r/s; limit_req_zone $binary_remote_addr zone=limited4:10m rate=4r/s;
limit_req_status 429; limit_req_status 429;
@ -69,13 +53,6 @@ http {
server_name _ ""; server_name _ "";
access_log /dev/fd/1; access_log /dev/fd/1;
location = /ip {
limit_req zone=limited4 burst=5 nodelay;
if ($http_user_agent ~* (?:curl|wget|libwww-perl|python|ansible-httpget|HTTPie|WindowsPowerShell|http_request|^$)) {
return 200 "$remote_addr\n";
}
}
location = /nginx_status { location = /nginx_status {
stub_status on; stub_status on;
} }

19
tests/test.sh
View File

@ -10,7 +10,7 @@ fi
trap _catch_err ERR trap _catch_err ERR
trap _cleanup EXIT trap _cleanup EXIT
ALPINE_VERSION="alpine:3.11" ALPINE_VERSION="alpine:3.16"
LOCAL_DIR="$(cd "$(dirname "$0")" ; pwd -P)" LOCAL_DIR="$(cd "$(dirname "$0")" ; pwd -P)"
# shellcheck disable=SC1090 # shellcheck disable=SC1090
. "$LOCAL_DIR"/../conf.env . "$LOCAL_DIR"/../conf.env
@ -50,16 +50,6 @@ _check_status_code()
fi fi
} }
_check_if_is_ip()
{
if echo "$1" | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" > /dev/null; then
echo "Test succeeded"
else
printf "Response: %s\nTest failed, response is not an IP\n" "$RESPONSE"
exit 1
fi
}
_setup_crypto_stuff _setup_crypto_stuff
echo "Preparing dcarrillo/php" echo "Preparing dcarrillo/php"
@ -71,7 +61,6 @@ docker exec -i php sh -c "echo 'pm.status_path = /phpfpm_status' \
echo "Running container to be tested..." echo "Running container to be tested..."
docker run --name "${NGINX_VERSION}"_test --rm --link php \ docker run --name "${NGINX_VERSION}"_test --rm --link php \
-v "$LOCAL_DIR"/nginx.conf:/usr/local/nginx/conf/nginx.conf:ro \ -v "$LOCAL_DIR"/nginx.conf:/usr/local/nginx/conf/nginx.conf:ro \
-v "$LOCAL_DIR"/GeoLite2-Country.mmdb:/tmp/GeoLite2-Country.mmdb:ro \
-v "$TMP_DIR"/cert.pem:/tmp/cert.pem:ro \ -v "$TMP_DIR"/cert.pem:/tmp/cert.pem:ro \
-v "$TMP_DIR"/cert.key:/tmp/cert.key:ro \ -v "$TMP_DIR"/cert.key:/tmp/cert.key:ro \
-v "$TMP_DIR"/dhparams.pem:/tmp/dhparams.pem:ro \ -v "$TMP_DIR"/dhparams.pem:/tmp/dhparams.pem:ro \
@ -96,10 +85,4 @@ for request in $requests; do
_check_status_code "$STATUS_CODE" _check_status_code "$STATUS_CODE"
done done
## Test 2 request my ip
request="http://${NGINX_VERSION}_test/ip"
printf "\nRequesting %s\n" "$request"
RESPONSE=$($exec_docker curl -s -m 5 "$request" | tr -d '\r')
_check_if_is_ip "$RESPONSE"
echo "All tests succeeded !" echo "All tests succeeded !"