1
- FROM debian:stretch -slim
1
+ FROM debian:buster -slim
2
2
3
3
LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
4
4
5
5
ARG NGINX_PLUS_VERSION
6
6
7
- # Download certificate and key from the customer portal (https://cs.nginx.com)
8
- # and copy to the build context
9
- COPY nginx-repo.crt /etc/ssl/nginx/
10
- COPY nginx-repo.key /etc/ssl/nginx/
11
-
12
- # Make sure the certificate and key have correct permissions
13
- RUN chmod 644 /etc/ssl/nginx/*
14
-
15
7
# Install NGINX Plus
16
- RUN set -x \
17
- && apt-get update \
18
- && apt-get install --no-install-recommends --no-install-suggests -y apt-transport-https ca-certificates gnupg1 \
19
- && \
20
- NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
21
- found='' ; \
22
- for server in \
23
- ha.pool.sks-keyservers.net \
24
- hkp://keyserver.ubuntu.com:80 \
25
- hkp://p80.pool.sks-keyservers.net:80 \
26
- pgp.mit.edu \
27
- ; do \
28
- echo "Fetching GPG key $NGINX_GPGKEY from $server" ; \
29
- apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \
30
- done; \
31
- test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \
32
- echo "Acquire::https::plus-pkgs.nginx.com::Verify-Peer \" true\" ;" >> /etc/apt/apt.conf.d/90nginx \
33
- && echo "Acquire::https::plus-pkgs.nginx.com::Verify-Host \" true\" ;" >> /etc/apt/apt.conf.d/90nginx \
34
- && echo "Acquire::https::plus-pkgs.nginx.com::SslCert \" /etc/ssl/nginx/nginx-repo.crt\" ;" >> /etc/apt/apt.conf.d/90nginx \
35
- && echo "Acquire::https::plus-pkgs.nginx.com::SslKey \" /etc/ssl/nginx/nginx-repo.key\" ;" >> /etc/apt/apt.conf.d/90nginx \
36
- && printf "deb https://plus-pkgs.nginx.com/debian stretch nginx-plus\n " > /etc/apt/sources.list.d/nginx-plus.list \
37
- && apt-get update && apt-get install -y nginx-plus=${NGINX_PLUS_VERSION} \
38
- && apt-get remove --purge --auto-remove -y gnupg1 \
39
- && rm -rf /var/lib/apt/lists/* \
40
- && rm -rf /etc/ssl/nginx \
41
- && rm /etc/apt/apt.conf.d/90nginx /etc/apt/sources.list.d/nginx-plus.list
8
+ # Download certificate and key from the customer portal (https://my.f5.com)
9
+ # and copy to the build context
10
+ RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
11
+ --mount=type=secret,id=nginx-repo.key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
12
+ apt-get update \
13
+ && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates gnupg curl apt-transport-https \
14
+ && curl -sSL https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor > /etc/apt/trusted.gpg.d/nginx_signing.gpg \
15
+ && curl -sSL -o /etc/apt/apt.conf.d/90pkgs-nginx https://cs.nginx.com/static/files/90pkgs-nginx \
16
+ && printf "%s\n " "deb https://pkgs.nginx.com/plus/debian buster nginx-plus" > /etc/apt/sources.list.d/nginx-plus.list \
17
+ && apt-get update && apt-get install -y nginx-plus-${NGINX_PLUS_VERSION} \
18
+ && apt-get remove --purge --auto-remove -y gnupg \
19
+ && rm -rf /var/lib/apt/lists/* \
20
+ && rm /etc/apt/apt.conf.d/90pkgs-nginx /etc/apt/sources.list.d/nginx-plus.list
42
21
43
22
44
23
# Forward request logs to Docker log collector
45
24
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
46
- && ln -sf /dev/stderr /var/log/nginx/error.log
25
+ && ln -sf /dev/stderr /var/log/nginx/error.log
47
26
48
27
EXPOSE 80
49
28
50
- STOPSIGNAL SIGTERM
29
+ STOPSIGNAL SIGQUIT
51
30
52
31
RUN rm -rf /etc/nginx/conf.d/*
53
32
COPY test.conf /etc/nginx/conf.d/
54
33
COPY nginx.conf /etc/nginx/
55
34
56
- CMD ["nginx" , "-g" , "daemon off;" ]
35
+ CMD ["nginx" , "-g" , "daemon off;" ]
0 commit comments