mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
95 lines
3.8 KiB
Plaintext
95 lines
3.8 KiB
Plaintext
FROM fedora:39@sha256:06df381d697d14940c886fda8e94a4fdc838df74e93f65111ed3ea04f7a7d6e0
|
|
|
|
ENV OS=fedora
|
|
ENV NGINX_VERSION 1.24.0
|
|
|
|
# Install Nginx, fpm and dependencies
|
|
RUN dnf update -y && \
|
|
dnf install -y curl gnupg2 ca-certificates redhat-lsb-core \
|
|
ruby ruby-devel make gcc redhat-rpm-config rpm-build && \
|
|
gem install fpm && \
|
|
dnf install -y --setopt=install_weak_deps=False python3 python3-devel python3-pip brotli brotli-devel gperftools-devel perl libxslt-devel libxml2 yajl yajl-devel libxslt bash gd gd-devel gcc-c++ kernel-devel znc-modtcl libmpc-devel gmp-devel gawk mpfr-devel libtool pcre-devel automake autoconf readline-devel gcc make openssl-devel git zlib-devel libxml2-devel pkgconf libcurl-devel geoip-devel lmdb-devel && \
|
|
dnf install nginx-${NGINX_VERSION} -y
|
|
|
|
WORKDIR /tmp/bunkerweb/deps
|
|
|
|
# Copy dependencies sources folder
|
|
COPY src/deps/misc misc
|
|
COPY src/deps/src src
|
|
COPY src/deps/deps.json deps.json
|
|
COPY src/deps/install.sh install.sh
|
|
|
|
# Compile and install dependencies
|
|
RUN mkdir -p /usr/share/bunkerweb/deps/python && \
|
|
chmod +x install.sh && \
|
|
bash install.sh
|
|
|
|
# Copy dependencies sources folder
|
|
COPY src/deps/requirements.txt /tmp/requirements-deps.txt
|
|
COPY src/scheduler/requirements.txt /tmp/req/requirements.txt
|
|
COPY src/ui/requirements.txt /tmp/req/requirements.txt.1
|
|
COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.2
|
|
COPY src/common/db/requirements.txt /tmp/req/requirements.txt.3
|
|
|
|
WORKDIR /usr/share/bunkerweb
|
|
|
|
RUN mkdir -p deps/python && \
|
|
cat /tmp/req/requirements.txt* > deps/requirements.txt && \
|
|
rm -rf /tmp/req
|
|
|
|
# Compile and install dependencies
|
|
RUN export MAKEFLAGS="-j$(nproc)" && \
|
|
pip install --no-cache-dir --ignore-installed --require-hashes -r /tmp/requirements-deps.txt && \
|
|
pip install --no-cache-dir --require-hashes --target deps/python -r deps/requirements.txt
|
|
|
|
# Copy files
|
|
# can't exclude deps from . so we are copying everything by hand
|
|
COPY src/bw/loading loading
|
|
COPY src/bw/lua lua
|
|
COPY src/bw/misc misc
|
|
COPY src/common/api api
|
|
COPY src/common/cli cli
|
|
COPY src/common/confs confs
|
|
COPY src/common/core core
|
|
COPY src/common/db db
|
|
COPY src/common/gen gen
|
|
COPY src/common/helpers helpers
|
|
COPY src/common/settings.json settings.json
|
|
COPY src/common/utils utils
|
|
COPY src/scheduler scheduler
|
|
COPY src/ui ui
|
|
COPY src/VERSION VERSION
|
|
|
|
# Setup BW
|
|
RUN cp helpers/bwcli /usr/bin/ && \
|
|
chmod 755 /usr/bin/bwcli && \
|
|
mkdir -p /etc/bunkerweb/configs && \
|
|
mkdir -p /var/cache/bunkerweb/ && \
|
|
mkdir -p /etc/bunkerweb/plugins && \
|
|
mkdir -p /var/tmp/bunkerweb/ && \
|
|
mkdir -p /var/run/bunkerweb/ && \
|
|
mkdir -p /var/log/bunkerweb/ && \
|
|
mkdir -p /var/www/html && \
|
|
mkdir -p /var/lib/bunkerweb && \
|
|
echo "Linux" > INTEGRATION && \
|
|
mkdir -p /etc/bunkerweb/plugins && \
|
|
for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir -p "/etc/bunkerweb/${dir}" ; done && \
|
|
find /usr/share/bunkerweb -path deps -prune -o -type f -exec chmod 0740 {} \; && \
|
|
find /usr/share/bunkerweb -path deps -prune -o -type d -exec chmod 0750 {} \; && \
|
|
chmod -R 770 /var/cache/bunkerweb/ /var/lib/bunkerweb/ /etc/bunkerweb/ /var/tmp/bunkerweb/ /var/run/bunkerweb/ /var/log/bunkerweb/ && \
|
|
chmod 750 gen/*.py scheduler/*.py cli/*.py ui/*.py ui/src/*.py deps/python/bin/* helpers/*.sh /var/www/ && \
|
|
find core/*/jobs/* -type f -exec chmod 750 {} \; && \
|
|
chmod 755 /usr/share/bunkerweb
|
|
|
|
# Copy Linux files
|
|
COPY src/linux/scripts scripts
|
|
COPY src/linux/fpm.sh /usr/share/fpm.sh
|
|
RUN chmod +x scripts/*.sh /usr/share/fpm.sh
|
|
COPY src/linux/fpm-fedora /usr/share/.fpm
|
|
COPY src/linux/*.service /lib/systemd/system/
|
|
|
|
# Generate RPM at startup
|
|
VOLUME /data
|
|
WORKDIR /usr/share/
|
|
ENTRYPOINT [ "./fpm.sh", "rpm" ]
|