From 3b108b59619655e3bd4597a059f544afa374b7fb Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 28 Aug 2018 19:34:10 +0300 Subject: [PATCH 001/113] Updated mainline nginx to 1.15.3 and njs to 0.2.3. --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index efeebbf6..f201b0c2 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.7 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.2 +ENV NGINX_VERSION 1.15.3 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index c1b42a5c..2afc41fd 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.7 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.2 +ENV NGINX_VERSION 1.15.3 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 7c34189d..31528e9f 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.2-1~stretch -ENV NJS_VERSION 1.15.2.0.2.2-1~stretch +ENV NGINX_VERSION 1.15.3-1~stretch +ENV NJS_VERSION 1.15.3.0.2.3-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index a7b5ce89..2aa0975c 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.2-1~stretch -ENV NJS_VERSION 1.15.2.0.2.2-1~stretch +ENV NGINX_VERSION 1.15.3-1~stretch +ENV NJS_VERSION 1.15.3.0.2.3-1~stretch RUN set -x \ && apt-get update \ From f3fc4d5753f0ebb9107738183b9c5cea1bf3f618 Mon Sep 17 00:00:00 2001 From: Clemens Buchacher Date: Fri, 14 Sep 2018 09:08:32 +0200 Subject: [PATCH 002/113] downgrade to gnupg1 The build sometimes fails to remove the `S.gpg-agent.extra` unix domain socket when it deletes the temporary GNUPGHOME directory after running gpg commands. rm: can't remove '/tmp/tmp.hBDCKF/S.gpg-agent.extra': No such file or directory The previous gpg --recv-keys command starts the gpg-agent. The gpg-agent connects to the following sockets and does not terminate on its own. / # netstat -x -a -p Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 8627378 17/dirmngr /root/.gnupg/S.dirmngr unix 2 [ ACC ] STREAM LISTENING 8625135 21/gpg-agent /root/.gnupg/S.gpg-agent unix 2 [ ACC ] STREAM LISTENING 8625136 21/gpg-agent /root/.gnupg/S.gpg-agent.extra unix 2 [ ACC ] STREAM LISTENING 8625137 21/gpg-agent /root/.gnupg/S.gpg-agent.browser unix 2 [ ACC ] STREAM LISTENING 8625138 21/gpg-agent /root/.gnupg/S.gpg-agent.ssh If one of the sockets is removed, then the agent terminates and removes the other sockets as well. This causes a race condition between `rm -rf $GNUPGHOME` and gpg-agent. If gpg-agent manages to remove the sockets first, then `rm` fails while trying to remove the same socket. Move to gnupg1 in alpine just like we do for stretch. Gnupg version 1 does not launch a GPG agent. It is not possible to disable gpg-agent in gnupg version 2. (cherry picked from commit 684e1c634b56694633402c34e73b0cbc500b8d0e) Signed-off-by: Konstantin Pavlov --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index f201b0c2..30997c4f 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -62,7 +62,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ zlib-dev \ linux-headers \ curl \ - gnupg \ + gnupg1 \ libxslt-dev \ gd-dev \ geoip-dev \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 2afc41fd..a3dcbbd1 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -61,7 +61,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ zlib-dev \ linux-headers \ curl \ - gnupg \ + gnupg1 \ libxslt-dev \ gd-dev \ geoip-dev \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index f5a2d014..efa664e1 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -62,7 +62,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ zlib-dev \ linux-headers \ curl \ - gnupg \ + gnupg1 \ libxslt-dev \ gd-dev \ geoip-dev \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 83de7060..9dc45b6d 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -61,7 +61,7 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ zlib-dev \ linux-headers \ curl \ - gnupg \ + gnupg1 \ libxslt-dev \ gd-dev \ geoip-dev \ From 866b071f099f96898563f9a003c2dbb03bb90339 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 25 Sep 2018 19:18:17 +0300 Subject: [PATCH 003/113] Updated mainline nginx to 1.15.4 and njs to 0.2.4. --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 30997c4f..0f5e43f8 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.7 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.3 +ENV NGINX_VERSION 1.15.4 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index a3dcbbd1..41bf64ac 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.7 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.3 +ENV NGINX_VERSION 1.15.4 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 31528e9f..cc0f9f84 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.3-1~stretch -ENV NJS_VERSION 1.15.3.0.2.3-1~stretch +ENV NGINX_VERSION 1.15.4-1~stretch +ENV NJS_VERSION 1.15.4.0.2.4-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 2aa0975c..66793262 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.3-1~stretch -ENV NJS_VERSION 1.15.3.0.2.3-1~stretch +ENV NGINX_VERSION 1.15.4-1~stretch +ENV NJS_VERSION 1.15.4.0.2.4-1~stretch RUN set -x \ && apt-get update \ From 3c446adddf7b04e877d5c5191b151c794c74bb58 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 25 Sep 2018 19:19:07 +0300 Subject: [PATCH 004/113] Update Alpine to 3.8. --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 0f5e43f8..f739e899 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.7 +FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 41bf64ac..42450325 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.7 +FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index efa664e1..647d9891 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.7 +FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 9dc45b6d..579707f2 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.7 +FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " From a22b9f46fe3a586b02d974f64441a4c07215dc5d Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 2 Oct 2018 19:17:50 +0300 Subject: [PATCH 005/113] Updated mainline nginx to 1.15.5. --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index f739e899..2ee0e5af 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.4 +ENV NGINX_VERSION 1.15.5 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 42450325..112b81d2 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.4 +ENV NGINX_VERSION 1.15.5 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index cc0f9f84..b51915cb 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.4-1~stretch -ENV NJS_VERSION 1.15.4.0.2.4-1~stretch +ENV NGINX_VERSION 1.15.5-1~stretch +ENV NJS_VERSION 1.15.5.0.2.4-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 66793262..f21be866 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.4-1~stretch -ENV NJS_VERSION 1.15.4.0.2.4-1~stretch +ENV NGINX_VERSION 1.15.5-1~stretch +ENV NJS_VERSION 1.15.5.0.2.4-1~stretch RUN set -x \ && apt-get update \ From f4d30145c60c433966df96f618d78513fee9d322 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 6 Nov 2018 18:37:40 +0300 Subject: [PATCH 006/113] Updated mainline nginx to 1.15.6, stable to 1.14.1 and njs to 0.2.5. --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- stable/stretch-perl/Dockerfile | 4 ++-- stable/stretch/Dockerfile | 4 ++-- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 2ee0e5af..8ee95288 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.5 +ENV NGINX_VERSION 1.15.6 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 112b81d2..6082f139 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.5 +ENV NGINX_VERSION 1.15.6 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index b51915cb..df976345 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.5-1~stretch -ENV NJS_VERSION 1.15.5.0.2.4-1~stretch +ENV NGINX_VERSION 1.15.6-1~stretch +ENV NJS_VERSION 1.15.6.0.2.5-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index f21be866..dfe575ec 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.5-1~stretch -ENV NJS_VERSION 1.15.5.0.2.4-1~stretch +ENV NGINX_VERSION 1.15.6-1~stretch +ENV NJS_VERSION 1.15.6.0.2.5-1~stretch RUN set -x \ && apt-get update \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 647d9891..cdbfb6e5 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.0 +ENV NGINX_VERSION 1.14.1 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 579707f2..488980b3 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.0 +ENV NGINX_VERSION 1.14.1 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/stable/stretch-perl/Dockerfile b/stable/stretch-perl/Dockerfile index 2e262ece..7895437d 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.0-1~stretch -ENV NJS_VERSION 1.14.0.0.2.0-1~stretch +ENV NGINX_VERSION 1.14.1-1~stretch +ENV NJS_VERSION 1.14.1.0.2.5-1~stretch RUN set -x \ && apt-get update \ diff --git a/stable/stretch/Dockerfile b/stable/stretch/Dockerfile index a436cf47..3a0ceb3b 100644 --- a/stable/stretch/Dockerfile +++ b/stable/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.0-1~stretch -ENV NJS_VERSION 1.14.0.0.2.0-1~stretch +ENV NGINX_VERSION 1.14.1-1~stretch +ENV NJS_VERSION 1.14.1.0.2.5-1~stretch RUN set -x \ && apt-get update \ From 1fe92b86a3c3a6482c54a0858d1fcb22e591279f Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 27 Nov 2018 19:20:17 +0300 Subject: [PATCH 007/113] Updated mainline nginx to 1.15.7 and njs to 0.2.6. --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 8ee95288..e2e73e51 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.6 +ENV NGINX_VERSION 1.15.7 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 6082f139..614ef3de 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.6 +ENV NGINX_VERSION 1.15.7 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index df976345..edc26c05 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.6-1~stretch -ENV NJS_VERSION 1.15.6.0.2.5-1~stretch +ENV NGINX_VERSION 1.15.7-1~stretch +ENV NJS_VERSION 1.15.7.0.2.6-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index dfe575ec..4be26e81 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.6-1~stretch -ENV NJS_VERSION 1.15.6.0.2.5-1~stretch +ENV NGINX_VERSION 1.15.7-1~stretch +ENV NJS_VERSION 1.15.7.0.2.6-1~stretch RUN set -x \ && apt-get update \ From b71469ab815f580ba0ad658a32e91c86f8565ed4 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 5 Dec 2018 13:02:50 +0300 Subject: [PATCH 008/113] Updated stable nginx to 1.14.2 and njs to 0.2.6. --- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- stable/stretch-perl/Dockerfile | 4 ++-- stable/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index cdbfb6e5..17cf6e0a 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.1 +ENV NGINX_VERSION 1.14.2 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 488980b3..5945a4a7 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.1 +ENV NGINX_VERSION 1.14.2 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/stable/stretch-perl/Dockerfile b/stable/stretch-perl/Dockerfile index 7895437d..05cf5697 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.1-1~stretch -ENV NJS_VERSION 1.14.1.0.2.5-1~stretch +ENV NGINX_VERSION 1.14.2-1~stretch +ENV NJS_VERSION 1.14.2.0.2.6-1~stretch RUN set -x \ && apt-get update \ diff --git a/stable/stretch/Dockerfile b/stable/stretch/Dockerfile index 3a0ceb3b..097b04b9 100644 --- a/stable/stretch/Dockerfile +++ b/stable/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.1-1~stretch -ENV NJS_VERSION 1.14.1.0.2.5-1~stretch +ENV NGINX_VERSION 1.14.2-1~stretch +ENV NJS_VERSION 1.14.2.0.2.6-1~stretch RUN set -x \ && apt-get update \ From baa050df601b5e798431a9db458e16f53b1031f6 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 25 Dec 2018 20:47:18 +0300 Subject: [PATCH 009/113] Updated mainline nginx to 1.15.8 and njs to 0.2.7. --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index e2e73e51..58c62c0f 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.7 +ENV NGINX_VERSION 1.15.8 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 614ef3de..771d5b0c 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.8 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.7 +ENV NGINX_VERSION 1.15.8 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index edc26c05..156f343f 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.7-1~stretch -ENV NJS_VERSION 1.15.7.0.2.6-1~stretch +ENV NGINX_VERSION 1.15.8-1~stretch +ENV NJS_VERSION 1.15.8.0.2.7-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 4be26e81..09e2d842 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.7-1~stretch -ENV NJS_VERSION 1.15.7.0.2.6-1~stretch +ENV NGINX_VERSION 1.15.8-1~stretch +ENV NJS_VERSION 1.15.8.0.2.7-1~stretch RUN set -x \ && apt-get update \ From 2364fdc54af554d28ef95b7be381677d10987986 Mon Sep 17 00:00:00 2001 From: J0WI Date: Wed, 30 Jan 2019 00:49:37 +0100 Subject: [PATCH 010/113] Update to Alpine 3.9 (cherry picked from commit 420928130ec092ae5ccef16863813604b1b1eb37) Signed-off-by: Konstantin Pavlov --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 58c62c0f..1e675dff 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.8 +FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 771d5b0c..4b008278 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.8 +FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 17cf6e0a..c952e56c 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.8 +FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 5945a4a7..7a7ded45 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.8 +FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " From 7890fc2342613e6669ad83ceead9c81136d2cc0a Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 27 Feb 2019 13:45:42 +0300 Subject: [PATCH 011/113] Updated mainline nginx to 1.15.9 and njs to 0.2.8 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 1e675dff..4c299989 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.8 +ENV NGINX_VERSION 1.15.9 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 4b008278..ea42632a 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.8 +ENV NGINX_VERSION 1.15.9 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 156f343f..a5f77e77 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.8-1~stretch -ENV NJS_VERSION 1.15.8.0.2.7-1~stretch +ENV NGINX_VERSION 1.15.9-1~stretch +ENV NJS_VERSION 1.15.9.0.2.8-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 09e2d842..1fbd3f82 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.8-1~stretch -ENV NJS_VERSION 1.15.8.0.2.7-1~stretch +ENV NGINX_VERSION 1.15.9-1~stretch +ENV NJS_VERSION 1.15.9.0.2.8-1~stretch RUN set -x \ && apt-get update \ From 97b65112180e0c7764465aa47a974fc7af3c99ae Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 26 Mar 2019 18:57:47 +0300 Subject: [PATCH 012/113] Updated mainline nginx to 1.15.10 and njs to 0.3.0 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 4c299989..b57cdebe 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.9 +ENV NGINX_VERSION 1.15.10 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index ea42632a..cb254b51 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.9 +ENV NGINX_VERSION 1.15.10 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index a5f77e77..de02aceb 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.9-1~stretch -ENV NJS_VERSION 1.15.9.0.2.8-1~stretch +ENV NGINX_VERSION 1.15.10-1~stretch +ENV NJS_VERSION 1.15.10.0.3.0-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 1fbd3f82..01b69df9 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.9-1~stretch -ENV NJS_VERSION 1.15.9.0.2.8-1~stretch +ENV NGINX_VERSION 1.15.10-1~stretch +ENV NJS_VERSION 1.15.10.0.3.0-1~stretch RUN set -x \ && apt-get update \ From 7d7c67f2eaa6b2b32c718ba9d93f152870513c7c Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 9 Apr 2019 17:54:11 +0300 Subject: [PATCH 013/113] Updated mainline nginx to 1.15.11 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index b57cdebe..5c1731dd 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.10 +ENV NGINX_VERSION 1.15.11 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index cb254b51..956b0004 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.10 +ENV NGINX_VERSION 1.15.11 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index de02aceb..5fca7ddd 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.10-1~stretch -ENV NJS_VERSION 1.15.10.0.3.0-1~stretch +ENV NGINX_VERSION 1.15.11-1~stretch +ENV NJS_VERSION 1.15.11.0.3.0-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 01b69df9..b7002d8b 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.10-1~stretch -ENV NJS_VERSION 1.15.10.0.3.0-1~stretch +ENV NGINX_VERSION 1.15.11-1~stretch +ENV NJS_VERSION 1.15.11.0.3.0-1~stretch RUN set -x \ && apt-get update \ From e5123eea0d29c8d13df17d782f15679458ff899e Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 16 Apr 2019 19:25:41 +0300 Subject: [PATCH 014/113] Updated mainline nginx to 1.15.12 and njs to 0.3.1 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 5c1731dd..24b56bf3 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.11 +ENV NGINX_VERSION 1.15.12 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 956b0004..7b9f3a3e 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.11 +ENV NGINX_VERSION 1.15.12 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ && CONFIG="\ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 5fca7ddd..07270881 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.11-1~stretch -ENV NJS_VERSION 1.15.11.0.3.0-1~stretch +ENV NGINX_VERSION 1.15.12-1~stretch +ENV NJS_VERSION 1.15.12.0.3.1-1~stretch RUN set -x \ && apt-get update \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index b7002d8b..9c54b75e 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.11-1~stretch -ENV NJS_VERSION 1.15.11.0.3.0-1~stretch +ENV NGINX_VERSION 1.15.12-1~stretch +ENV NJS_VERSION 1.15.12.0.3.1-1~stretch RUN set -x \ && apt-get update \ From 0501f0b73fd7fbfb139d1e98a7fd3b63426b16a1 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Mon, 11 Mar 2019 17:46:56 +0300 Subject: [PATCH 015/113] alpine: use nginx.org-provided packages. For the architectures unavailable on nginx.org, build from the official packaging sources. Also adds njs. --- mainline/alpine-perl/Dockerfile | 242 +++++++++----------- mainline/alpine-perl/nginx.conf | 32 --- mainline/alpine-perl/nginx.vh.default.conf | 45 ---- mainline/alpine/Dockerfile | 236 +++++++++----------- mainline/alpine/nginx.conf | 32 --- mainline/alpine/nginx.vh.default.conf | 45 ---- stable/alpine-perl/Dockerfile | 244 +++++++++------------ stable/alpine-perl/nginx.conf | 32 --- stable/alpine-perl/nginx.vh.default.conf | 45 ---- stable/alpine/Dockerfile | 238 +++++++++----------- stable/alpine/nginx.conf | 32 --- stable/alpine/nginx.vh.default.conf | 45 ---- 12 files changed, 414 insertions(+), 854 deletions(-) delete mode 100644 mainline/alpine-perl/nginx.conf delete mode 100644 mainline/alpine-perl/nginx.vh.default.conf delete mode 100644 mainline/alpine/nginx.conf delete mode 100644 mainline/alpine/nginx.vh.default.conf delete mode 100644 stable/alpine-perl/nginx.conf delete mode 100644 stable/alpine-perl/nginx.vh.default.conf delete mode 100644 stable/alpine/nginx.conf delete mode 100644 stable/alpine/nginx.vh.default.conf diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 24b56bf3..3d577de3 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -3,146 +3,110 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.15.12 +ENV NJS_VERSION 1.15.12.0.3.1 +ENV PKG_RELEASE 1 -RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ - && CONFIG="\ - --prefix=/etc/nginx \ - --sbin-path=/usr/sbin/nginx \ - --modules-path=/usr/lib/nginx/modules \ - --conf-path=/etc/nginx/nginx.conf \ - --error-log-path=/var/log/nginx/error.log \ - --http-log-path=/var/log/nginx/access.log \ - --pid-path=/var/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ - --http-client-body-temp-path=/var/cache/nginx/client_temp \ - --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ - --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ - --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ - --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ - --user=nginx \ - --group=nginx \ - --with-http_ssl_module \ - --with-http_realip_module \ - --with-http_addition_module \ - --with-http_sub_module \ - --with-http_dav_module \ - --with-http_flv_module \ - --with-http_mp4_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_random_index_module \ - --with-http_secure_link_module \ - --with-http_stub_status_module \ - --with-http_auth_request_module \ - --with-http_xslt_module=dynamic \ - --with-http_image_filter_module=dynamic \ - --with-http_geoip_module=dynamic \ - --with-http_perl_module=dynamic \ - --with-threads \ - --with-stream \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-stream_realip_module \ - --with-stream_geoip_module=dynamic \ - --with-http_slice_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-compat \ - --with-file-aio \ - --with-http_v2_module \ - " \ - && addgroup -S nginx \ - && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ - && apk add --no-cache --virtual .build-deps \ - gcc \ - libc-dev \ - make \ - openssl-dev \ - pcre-dev \ - zlib-dev \ - linux-headers \ - curl \ - gnupg1 \ - libxslt-dev \ - gd-dev \ - geoip-dev \ - perl-dev \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ - && export GNUPGHOME="$(mktemp -d)" \ - && found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $GPG_KEYS from $server"; \ - gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \ - gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ - && rm -rf "$GNUPGHOME" nginx.tar.gz.asc \ - && mkdir -p /usr/src \ - && tar -zxC /usr/src -f nginx.tar.gz \ - && rm nginx.tar.gz \ - && cd /usr/src/nginx-$NGINX_VERSION \ - && ./configure $CONFIG --with-debug \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && mv objs/nginx objs/nginx-debug \ - && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ - && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ - && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ - && mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \ - && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ - && ./configure $CONFIG \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && make install \ - && rm -rf /etc/nginx/html/ \ - && mkdir /etc/nginx/conf.d/ \ - && mkdir -p /usr/share/nginx/html/ \ - && install -m644 html/index.html /usr/share/nginx/html/ \ - && install -m644 html/50x.html /usr/share/nginx/html/ \ - && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ - && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ - && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ - && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ - && install -m755 objs/ngx_http_perl_module-debug.so /usr/lib/nginx/modules/ngx_http_perl_module-debug.so \ - && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ - && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ - && strip /usr/sbin/nginx* \ - && strip /usr/lib/nginx/modules/*.so \ - && rm -rf /usr/src/nginx-$NGINX_VERSION \ - \ - # Bring in gettext so we can get `envsubst`, then throw - # the rest away. To do this, we need to install `gettext` - # then move `envsubst` out of the way so `gettext` can - # be deleted completely, then move `envsubst` back. - && apk add --no-cache --virtual .gettext gettext \ - && mv /usr/bin/envsubst /tmp/ \ - \ - && runDeps="$( \ - scanelf --needed --nobanner /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | sort -u \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk add --no-cache --virtual .nginx-rundeps $runDeps \ - && apk del .build-deps \ - && apk del .gettext \ - && mv /tmp/envsubst /usr/local/bin/ \ - \ - # Bring in tzdata so users could set the timezones through the environment - # variables - && apk add --no-cache tzdata \ - \ - # forward request and error logs to docker log collector - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - -COPY nginx.conf /etc/nginx/nginx.conf -COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf +RUN set -x \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl curl ca-certificates \ + && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && printf "%s%s%s\n" \ + "http://nginx.org/packages/mainline/alpine/v" \ + `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ + "/main" \ + | tee -a /etc/apk/repositories \ + && apk del .cert-deps \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su - nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + ;; \ + esac \ + && apk add --no-cache $nginxPackages \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# remove the last line with the packages repos in the repositories file + && sed -i '$ d' /etc/apk/repositories \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 diff --git a/mainline/alpine-perl/nginx.conf b/mainline/alpine-perl/nginx.conf deleted file mode 100644 index e4bad8db..00000000 --- a/mainline/alpine-perl/nginx.conf +++ /dev/null @@ -1,32 +0,0 @@ - -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/mainline/alpine-perl/nginx.vh.default.conf b/mainline/alpine-perl/nginx.vh.default.conf deleted file mode 100644 index 299c622a..00000000 --- a/mainline/alpine-perl/nginx.vh.default.conf +++ /dev/null @@ -1,45 +0,0 @@ -server { - listen 80; - server_name localhost; - - #charset koi8-r; - #access_log /var/log/nginx/host.access.log main; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - } - - #error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -} - diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 7b9f3a3e..bee9f5d8 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -3,141 +3,109 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.15.12 +ENV NJS_VERSION 1.15.12.0.3.1 +ENV PKG_RELEASE 1 -RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ - && CONFIG="\ - --prefix=/etc/nginx \ - --sbin-path=/usr/sbin/nginx \ - --modules-path=/usr/lib/nginx/modules \ - --conf-path=/etc/nginx/nginx.conf \ - --error-log-path=/var/log/nginx/error.log \ - --http-log-path=/var/log/nginx/access.log \ - --pid-path=/var/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ - --http-client-body-temp-path=/var/cache/nginx/client_temp \ - --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ - --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ - --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ - --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ - --user=nginx \ - --group=nginx \ - --with-http_ssl_module \ - --with-http_realip_module \ - --with-http_addition_module \ - --with-http_sub_module \ - --with-http_dav_module \ - --with-http_flv_module \ - --with-http_mp4_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_random_index_module \ - --with-http_secure_link_module \ - --with-http_stub_status_module \ - --with-http_auth_request_module \ - --with-http_xslt_module=dynamic \ - --with-http_image_filter_module=dynamic \ - --with-http_geoip_module=dynamic \ - --with-threads \ - --with-stream \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-stream_realip_module \ - --with-stream_geoip_module=dynamic \ - --with-http_slice_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-compat \ - --with-file-aio \ - --with-http_v2_module \ - " \ - && addgroup -S nginx \ - && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ - && apk add --no-cache --virtual .build-deps \ - gcc \ - libc-dev \ - make \ - openssl-dev \ - pcre-dev \ - zlib-dev \ - linux-headers \ - curl \ - gnupg1 \ - libxslt-dev \ - gd-dev \ - geoip-dev \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ - && export GNUPGHOME="$(mktemp -d)" \ - && found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $GPG_KEYS from $server"; \ - gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \ - gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ - && rm -rf "$GNUPGHOME" nginx.tar.gz.asc \ - && mkdir -p /usr/src \ - && tar -zxC /usr/src -f nginx.tar.gz \ - && rm nginx.tar.gz \ - && cd /usr/src/nginx-$NGINX_VERSION \ - && ./configure $CONFIG --with-debug \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && mv objs/nginx objs/nginx-debug \ - && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ - && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ - && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ - && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ - && ./configure $CONFIG \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && make install \ - && rm -rf /etc/nginx/html/ \ - && mkdir /etc/nginx/conf.d/ \ - && mkdir -p /usr/share/nginx/html/ \ - && install -m644 html/index.html /usr/share/nginx/html/ \ - && install -m644 html/50x.html /usr/share/nginx/html/ \ - && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ - && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ - && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ - && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ - && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ - && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ - && strip /usr/sbin/nginx* \ - && strip /usr/lib/nginx/modules/*.so \ - && rm -rf /usr/src/nginx-$NGINX_VERSION \ - \ - # Bring in gettext so we can get `envsubst`, then throw - # the rest away. To do this, we need to install `gettext` - # then move `envsubst` out of the way so `gettext` can - # be deleted completely, then move `envsubst` back. - && apk add --no-cache --virtual .gettext gettext \ - && mv /usr/bin/envsubst /tmp/ \ - \ - && runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )" \ - && apk add --no-cache --virtual .nginx-rundeps $runDeps \ - && apk del .build-deps \ - && apk del .gettext \ - && mv /tmp/envsubst /usr/local/bin/ \ - \ - # Bring in tzdata so users could set the timezones through the environment - # variables - && apk add --no-cache tzdata \ - \ - # forward request and error logs to docker log collector - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - -COPY nginx.conf /etc/nginx/nginx.conf -COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf +RUN set -x \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl curl ca-certificates \ + && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && printf "%s%s%s\n" \ + "http://nginx.org/packages/mainline/alpine/v" \ + `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ + "/main" \ + | tee -a /etc/apk/repositories \ + && apk del .cert-deps \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su - nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + ;; \ + esac \ + && apk add --no-cache $nginxPackages \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# remove the last line with the packages repos in the repositories file + && sed -i '$ d' /etc/apk/repositories \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 diff --git a/mainline/alpine/nginx.conf b/mainline/alpine/nginx.conf deleted file mode 100644 index e4bad8db..00000000 --- a/mainline/alpine/nginx.conf +++ /dev/null @@ -1,32 +0,0 @@ - -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/mainline/alpine/nginx.vh.default.conf b/mainline/alpine/nginx.vh.default.conf deleted file mode 100644 index 299c622a..00000000 --- a/mainline/alpine/nginx.vh.default.conf +++ /dev/null @@ -1,45 +0,0 @@ -server { - listen 80; - server_name localhost; - - #charset koi8-r; - #access_log /var/log/nginx/host.access.log main; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - } - - #error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -} - diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index c952e56c..6a3ec93c 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,146 +3,112 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.14.2 +ENV NJS_VERSION 1.14.2.0.2.7 +ENV PKG_RELEASE 1 -RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ - && CONFIG="\ - --prefix=/etc/nginx \ - --sbin-path=/usr/sbin/nginx \ - --modules-path=/usr/lib/nginx/modules \ - --conf-path=/etc/nginx/nginx.conf \ - --error-log-path=/var/log/nginx/error.log \ - --http-log-path=/var/log/nginx/access.log \ - --pid-path=/var/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ - --http-client-body-temp-path=/var/cache/nginx/client_temp \ - --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ - --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ - --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ - --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ - --user=nginx \ - --group=nginx \ - --with-http_ssl_module \ - --with-http_realip_module \ - --with-http_addition_module \ - --with-http_sub_module \ - --with-http_dav_module \ - --with-http_flv_module \ - --with-http_mp4_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_random_index_module \ - --with-http_secure_link_module \ - --with-http_stub_status_module \ - --with-http_auth_request_module \ - --with-http_xslt_module=dynamic \ - --with-http_image_filter_module=dynamic \ - --with-http_geoip_module=dynamic \ - --with-http_perl_module=dynamic \ - --with-threads \ - --with-stream \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-stream_realip_module \ - --with-stream_geoip_module=dynamic \ - --with-http_slice_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-compat \ - --with-file-aio \ - --with-http_v2_module \ - " \ - && addgroup -S nginx \ - && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ - && apk add --no-cache --virtual .build-deps \ - gcc \ - libc-dev \ - make \ - openssl-dev \ - pcre-dev \ - zlib-dev \ - linux-headers \ - curl \ - gnupg1 \ - libxslt-dev \ - gd-dev \ - geoip-dev \ - perl-dev \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ - && export GNUPGHOME="$(mktemp -d)" \ - && found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $GPG_KEYS from $server"; \ - gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \ - gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ - && rm -rf "$GNUPGHOME" nginx.tar.gz.asc \ - && mkdir -p /usr/src \ - && tar -zxC /usr/src -f nginx.tar.gz \ - && rm nginx.tar.gz \ - && cd /usr/src/nginx-$NGINX_VERSION \ - && ./configure $CONFIG --with-debug \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && mv objs/nginx objs/nginx-debug \ - && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ - && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ - && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ - && mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \ - && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ - && ./configure $CONFIG \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && make install \ - && rm -rf /etc/nginx/html/ \ - && mkdir /etc/nginx/conf.d/ \ - && mkdir -p /usr/share/nginx/html/ \ - && install -m644 html/index.html /usr/share/nginx/html/ \ - && install -m644 html/50x.html /usr/share/nginx/html/ \ - && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ - && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ - && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ - && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ - && install -m755 objs/ngx_http_perl_module-debug.so /usr/lib/nginx/modules/ngx_http_perl_module-debug.so \ - && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ - && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ - && strip /usr/sbin/nginx* \ - && strip /usr/lib/nginx/modules/*.so \ - && rm -rf /usr/src/nginx-$NGINX_VERSION \ - \ - # Bring in gettext so we can get `envsubst`, then throw - # the rest away. To do this, we need to install `gettext` - # then move `envsubst` out of the way so `gettext` can - # be deleted completely, then move `envsubst` back. - && apk add --no-cache --virtual .gettext gettext \ - && mv /usr/bin/envsubst /tmp/ \ - \ - && runDeps="$( \ - scanelf --needed --nobanner /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ - | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ - | sort -u \ - | xargs -r apk info --installed \ - | sort -u \ - )" \ - && apk add --no-cache --virtual .nginx-rundeps $runDeps \ - && apk del .build-deps \ - && apk del .gettext \ - && mv /tmp/envsubst /usr/local/bin/ \ - \ - # Bring in tzdata so users could set the timezones through the environment - # variables - && apk add --no-cache tzdata \ - \ - # forward request and error logs to docker log collector - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - -COPY nginx.conf /etc/nginx/nginx.conf -COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf +RUN set -x \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl curl ca-certificates \ + && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && printf "%s%s%s\n" \ + "http://nginx.org/packages/alpine/v" \ + `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ + "/main" \ + | tee -a /etc/apk/repositories \ + && apk del .cert-deps \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su - nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ +# fixme: needs to check out a tag on the next 1.14 release + && hg up stable-1.14 \ + && echo hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + ;; \ + esac \ + && apk add --no-cache $nginxPackages \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# remove the last line with the packages repos in the repositories file + && sed -i '$ d' /etc/apk/repositories \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 diff --git a/stable/alpine-perl/nginx.conf b/stable/alpine-perl/nginx.conf deleted file mode 100644 index e4bad8db..00000000 --- a/stable/alpine-perl/nginx.conf +++ /dev/null @@ -1,32 +0,0 @@ - -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/stable/alpine-perl/nginx.vh.default.conf b/stable/alpine-perl/nginx.vh.default.conf deleted file mode 100644 index 299c622a..00000000 --- a/stable/alpine-perl/nginx.vh.default.conf +++ /dev/null @@ -1,45 +0,0 @@ -server { - listen 80; - server_name localhost; - - #charset koi8-r; - #access_log /var/log/nginx/host.access.log main; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - } - - #error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -} - diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 7a7ded45..4c760c6e 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,141 +3,111 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.14.2 +ENV NJS_VERSION 1.14.2.0.2.7 +ENV PKG_RELEASE 1 -RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \ - && CONFIG="\ - --prefix=/etc/nginx \ - --sbin-path=/usr/sbin/nginx \ - --modules-path=/usr/lib/nginx/modules \ - --conf-path=/etc/nginx/nginx.conf \ - --error-log-path=/var/log/nginx/error.log \ - --http-log-path=/var/log/nginx/access.log \ - --pid-path=/var/run/nginx.pid \ - --lock-path=/var/run/nginx.lock \ - --http-client-body-temp-path=/var/cache/nginx/client_temp \ - --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ - --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ - --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ - --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ - --user=nginx \ - --group=nginx \ - --with-http_ssl_module \ - --with-http_realip_module \ - --with-http_addition_module \ - --with-http_sub_module \ - --with-http_dav_module \ - --with-http_flv_module \ - --with-http_mp4_module \ - --with-http_gunzip_module \ - --with-http_gzip_static_module \ - --with-http_random_index_module \ - --with-http_secure_link_module \ - --with-http_stub_status_module \ - --with-http_auth_request_module \ - --with-http_xslt_module=dynamic \ - --with-http_image_filter_module=dynamic \ - --with-http_geoip_module=dynamic \ - --with-threads \ - --with-stream \ - --with-stream_ssl_module \ - --with-stream_ssl_preread_module \ - --with-stream_realip_module \ - --with-stream_geoip_module=dynamic \ - --with-http_slice_module \ - --with-mail \ - --with-mail_ssl_module \ - --with-compat \ - --with-file-aio \ - --with-http_v2_module \ - " \ - && addgroup -S nginx \ - && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \ - && apk add --no-cache --virtual .build-deps \ - gcc \ - libc-dev \ - make \ - openssl-dev \ - pcre-dev \ - zlib-dev \ - linux-headers \ - curl \ - gnupg1 \ - libxslt-dev \ - gd-dev \ - geoip-dev \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \ - && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \ - && export GNUPGHOME="$(mktemp -d)" \ - && found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $GPG_KEYS from $server"; \ - gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \ - gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \ - && rm -rf "$GNUPGHOME" nginx.tar.gz.asc \ - && mkdir -p /usr/src \ - && tar -zxC /usr/src -f nginx.tar.gz \ - && rm nginx.tar.gz \ - && cd /usr/src/nginx-$NGINX_VERSION \ - && ./configure $CONFIG --with-debug \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && mv objs/nginx objs/nginx-debug \ - && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \ - && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \ - && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \ - && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \ - && ./configure $CONFIG \ - && make -j$(getconf _NPROCESSORS_ONLN) \ - && make install \ - && rm -rf /etc/nginx/html/ \ - && mkdir /etc/nginx/conf.d/ \ - && mkdir -p /usr/share/nginx/html/ \ - && install -m644 html/index.html /usr/share/nginx/html/ \ - && install -m644 html/50x.html /usr/share/nginx/html/ \ - && install -m755 objs/nginx-debug /usr/sbin/nginx-debug \ - && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \ - && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \ - && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \ - && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \ - && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \ - && strip /usr/sbin/nginx* \ - && strip /usr/lib/nginx/modules/*.so \ - && rm -rf /usr/src/nginx-$NGINX_VERSION \ - \ - # Bring in gettext so we can get `envsubst`, then throw - # the rest away. To do this, we need to install `gettext` - # then move `envsubst` out of the way so `gettext` can - # be deleted completely, then move `envsubst` back. - && apk add --no-cache --virtual .gettext gettext \ - && mv /usr/bin/envsubst /tmp/ \ - \ - && runDeps="$( \ - scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \ - | tr ',' '\n' \ - | sort -u \ - | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ - )" \ - && apk add --no-cache --virtual .nginx-rundeps $runDeps \ - && apk del .build-deps \ - && apk del .gettext \ - && mv /tmp/envsubst /usr/local/bin/ \ - \ - # Bring in tzdata so users could set the timezones through the environment - # variables - && apk add --no-cache tzdata \ - \ - # forward request and error logs to docker log collector - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - -COPY nginx.conf /etc/nginx/nginx.conf -COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf +RUN set -x \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl curl ca-certificates \ + && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && printf "%s%s%s\n" \ + "http://nginx.org/packages/alpine/v" \ + `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ + "/main" \ + | tee -a /etc/apk/repositories \ + && apk del .cert-deps \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su - nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ +# fixme: needs to check out a tag on the next 1.14 release + && hg up stable-1.14 \ + && echo hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + ;; \ + esac \ + && apk add --no-cache $nginxPackages \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# remove the last line with the packages repos in the repositories file + && sed -i '$ d' /etc/apk/repositories \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 diff --git a/stable/alpine/nginx.conf b/stable/alpine/nginx.conf deleted file mode 100644 index e4bad8db..00000000 --- a/stable/alpine/nginx.conf +++ /dev/null @@ -1,32 +0,0 @@ - -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - include /etc/nginx/conf.d/*.conf; -} diff --git a/stable/alpine/nginx.vh.default.conf b/stable/alpine/nginx.vh.default.conf deleted file mode 100644 index 299c622a..00000000 --- a/stable/alpine/nginx.vh.default.conf +++ /dev/null @@ -1,45 +0,0 @@ -server { - listen 80; - server_name localhost; - - #charset koi8-r; - #access_log /var/log/nginx/host.access.log main; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - } - - #error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -} - From 42b9a87db35929dec0f9c329486f16d6f6254d55 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 23 Apr 2019 15:45:08 +0300 Subject: [PATCH 016/113] mainline: get rid of duplication in variables versions --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/stretch-perl/Dockerfile | 19 ++++++++++--------- mainline/stretch/Dockerfile | 15 ++++++++------- 4 files changed, 22 insertions(+), 20 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 3d577de3..257a7ef2 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.15.12 -ENV NJS_VERSION 1.15.12.0.3.1 +ENV NJS_VERSION 0.3.1 ENV PKG_RELEASE 1 RUN set -x \ @@ -14,7 +14,7 @@ RUN set -x \ nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-perl=${NGINX_VERSION}-r${PKG_RELEASE} \ - nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ x86_64) \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index bee9f5d8..503ef875 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.15.12 -ENV NJS_VERSION 1.15.12.0.3.1 +ENV NJS_VERSION 0.3.1 ENV PKG_RELEASE 1 RUN set -x \ @@ -13,7 +13,7 @@ RUN set -x \ nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ - nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ x86_64) \ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 07270881..14664705 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,9 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.12-1~stretch -ENV NJS_VERSION 1.15.12.0.3.1-1~stretch +ENV NGINX_VERSION 1.15.12 +ENV NJS_VERSION 0.3.1 +ENV PKG_RELEASE 1~stretch RUN set -x \ && apt-get update \ @@ -23,13 +24,13 @@ RUN set -x \ test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ && dpkgArch="$(dpkg --print-architecture)" \ - && nginxPackages=" \ - nginx=${NGINX_VERSION} \ - nginx-module-xslt=${NGINX_VERSION} \ - nginx-module-geoip=${NGINX_VERSION} \ - nginx-module-image-filter=${NGINX_VERSION} \ - nginx-module-perl=${NGINX_VERSION} \ - nginx-module-njs=${NJS_VERSION} \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386) \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 9c54b75e..45f8c6ea 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,9 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.12-1~stretch -ENV NJS_VERSION 1.15.12.0.3.1-1~stretch +ENV NGINX_VERSION 1.15.12 +ENV NJS_VERSION 0.3.1 +ENV PKG_RELEASE 1~stretch RUN set -x \ && apt-get update \ @@ -24,11 +25,11 @@ RUN set -x \ apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ && dpkgArch="$(dpkg --print-architecture)" \ && nginxPackages=" \ - nginx=${NGINX_VERSION} \ - nginx-module-xslt=${NGINX_VERSION} \ - nginx-module-geoip=${NGINX_VERSION} \ - nginx-module-image-filter=${NGINX_VERSION} \ - nginx-module-njs=${NJS_VERSION} \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386) \ From 9a052e07b2c283df9960375ee40be50c5c462a7e Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 23 Apr 2019 15:49:02 +0300 Subject: [PATCH 017/113] Updated stable nginx to 1.16.0 While at it, merge mainline versioning changes. --- stable/alpine-perl/Dockerfile | 10 ++++------ stable/alpine/Dockerfile | 10 ++++------ stable/stretch-perl/Dockerfile | 19 ++++++++++--------- stable/stretch/Dockerfile | 15 ++++++++------- 4 files changed, 26 insertions(+), 28 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 6a3ec93c..556ff741 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.2 -ENV NJS_VERSION 1.14.2.0.2.7 +ENV NGINX_VERSION 1.16.0 +ENV NJS_VERSION 0.3.1 ENV PKG_RELEASE 1 RUN set -x \ @@ -14,7 +14,7 @@ RUN set -x \ nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-perl=${NGINX_VERSION}-r${PKG_RELEASE} \ - nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ x86_64) \ @@ -66,9 +66,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ -# fixme: needs to check out a tag on the next 1.14 release - && hg up stable-1.14 \ - && echo hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 4c760c6e..00a6b291 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.2 -ENV NJS_VERSION 1.14.2.0.2.7 +ENV NGINX_VERSION 1.16.0 +ENV NJS_VERSION 0.3.1 ENV PKG_RELEASE 1 RUN set -x \ @@ -13,7 +13,7 @@ RUN set -x \ nginx-module-xslt=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-geoip=${NGINX_VERSION}-r${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-r${PKG_RELEASE} \ - nginx-module-njs=${NJS_VERSION}-r${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ x86_64) \ @@ -65,9 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ -# fixme: needs to check out a tag on the next 1.14 release - && hg up stable-1.14 \ - && echo hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/stretch-perl/Dockerfile b/stable/stretch-perl/Dockerfile index 05cf5697..a43184bc 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/stretch-perl/Dockerfile @@ -2,8 +2,9 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.2-1~stretch -ENV NJS_VERSION 1.14.2.0.2.6-1~stretch +ENV NGINX_VERSION 1.16.0 +ENV NJS_VERSION 0.3.1 +ENV PKG_RELEASE 1~stretch RUN set -x \ && apt-get update \ @@ -23,13 +24,13 @@ RUN set -x \ test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ && dpkgArch="$(dpkg --print-architecture)" \ - && nginxPackages=" \ - nginx=${NGINX_VERSION} \ - nginx-module-xslt=${NGINX_VERSION} \ - nginx-module-geoip=${NGINX_VERSION} \ - nginx-module-image-filter=${NGINX_VERSION} \ - nginx-module-perl=${NGINX_VERSION} \ - nginx-module-njs=${NJS_VERSION} \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386) \ diff --git a/stable/stretch/Dockerfile b/stable/stretch/Dockerfile index 097b04b9..c358e608 100644 --- a/stable/stretch/Dockerfile +++ b/stable/stretch/Dockerfile @@ -2,8 +2,9 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.14.2-1~stretch -ENV NJS_VERSION 1.14.2.0.2.6-1~stretch +ENV NGINX_VERSION 1.16.0 +ENV NJS_VERSION 0.3.1 +ENV PKG_RELEASE 1~stretch RUN set -x \ && apt-get update \ @@ -24,11 +25,11 @@ RUN set -x \ apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ && dpkgArch="$(dpkg --print-architecture)" \ && nginxPackages=" \ - nginx=${NGINX_VERSION} \ - nginx-module-xslt=${NGINX_VERSION} \ - nginx-module-geoip=${NGINX_VERSION} \ - nginx-module-image-filter=${NGINX_VERSION} \ - nginx-module-njs=${NJS_VERSION} \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386) \ From 61973ac9c0c7fecdaa251b5ef7568f81486a0e8a Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 23 Apr 2019 18:56:55 +0300 Subject: [PATCH 018/113] Updated generate-stackbrew-library.sh --- generate-stackbrew-library.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 4d70a428..22587c2f 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -3,8 +3,8 @@ set -eu declare -A aliases aliases=( - [mainline]='1 1.15 latest' - [stable]='1.14' + [mainline]='1 1.17 latest' + [stable]='1.16' ) self="$(basename "$BASH_SOURCE")" From 6f41f97b39b1a3d658f25329e7206324a1e883b5 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 23 Apr 2019 19:04:52 +0300 Subject: [PATCH 019/113] Updated generate-stackbrew-library.sh to use new versioning scheme --- generate-stackbrew-library.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 22587c2f..3f3a9886 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -54,7 +54,6 @@ for version in "${versions[@]}"; do commit="$(dirCommit "$version/$base")" fullVersion="$(git show "$commit":"$version/$base/Dockerfile" | awk '$1 == "ENV" && $2 == "NGINX_VERSION" { print $3; exit }')" - fullVersion="${fullVersion%[.-]*}" versionAliases=( $fullVersion ) if [ "$version" != "$fullVersion" ]; then From 9674d1078009f49ee2d3d4d168a2a1eb9b86e638 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 21 May 2019 19:42:16 +0300 Subject: [PATCH 020/113] Updated mainline nginx to 1.17.0 and njs to 0.3.2 Fixes: #331, #317. --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 257a7ef2..96279e97 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.12 -ENV NJS_VERSION 0.3.1 +ENV NGINX_VERSION 1.17.0 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 503ef875..c5724bc7 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.12 -ENV NJS_VERSION 0.3.1 +ENV NGINX_VERSION 1.17.0 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 14664705..7526870d 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.12 -ENV NJS_VERSION 0.3.1 +ENV NGINX_VERSION 1.17.0 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 45f8c6ea..16efe844 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.15.12 -ENV NJS_VERSION 0.3.1 +ENV NGINX_VERSION 1.17.0 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ From c308ce3f7b9f94de299b3f19b86524d35253493f Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 21 May 2019 19:42:34 +0300 Subject: [PATCH 021/113] Updated njs for stable images to 0.3.2 --- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- stable/stretch-perl/Dockerfile | 2 +- stable/stretch/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 556ff741..21744f51 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.1 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 00a6b291..3e323045 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.1 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/stable/stretch-perl/Dockerfile b/stable/stretch-perl/Dockerfile index a43184bc..372c7f7e 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/stretch-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.1 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ diff --git a/stable/stretch/Dockerfile b/stable/stretch/Dockerfile index c358e608..0b75d730 100644 --- a/stable/stretch/Dockerfile +++ b/stable/stretch/Dockerfile @@ -3,7 +3,7 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.1 +ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ From b749353968a57ebd9da17e12d23f1a5fb62f9de9 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 4 Jun 2019 14:27:46 +0300 Subject: [PATCH 022/113] Made the UID/GID consistent throughout the variants. 101 was chosen as UID/GID for both supported platforms since that's the first unused pair. This also looks forward compatible at least for now with Debian Buster and Alpine 3.10 as from the :edge tag of the time writing this message. Fixes: #218. --- mainline/alpine-perl/Dockerfile | 3 +++ mainline/alpine/Dockerfile | 3 +++ mainline/stretch-perl/Dockerfile | 3 +++ mainline/stretch/Dockerfile | 3 +++ stable/alpine-perl/Dockerfile | 3 +++ stable/alpine/Dockerfile | 3 +++ stable/stretch-perl/Dockerfile | 3 +++ stable/stretch/Dockerfile | 3 +++ 8 files changed, 24 insertions(+) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 96279e97..cbb6e96c 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ && apkArch="$(cat /etc/apk/arch)" \ && nginxPackages=" \ nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index c5724bc7..17822daf 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ && apkArch="$(cat /etc/apk/arch)" \ && nginxPackages=" \ nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 7526870d..54d9941f 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ && \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 16efe844..11ab8975 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ && \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 21744f51..255e8d75 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ && apkArch="$(cat /etc/apk/arch)" \ && nginxPackages=" \ nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 3e323045..1e88ebd2 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1 RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ && apkArch="$(cat /etc/apk/arch)" \ && nginxPackages=" \ nginx=${NGINX_VERSION}-r${PKG_RELEASE} \ diff --git a/stable/stretch-perl/Dockerfile b/stable/stretch-perl/Dockerfile index 372c7f7e..d82f6225 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/stretch-perl/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ && \ diff --git a/stable/stretch/Dockerfile b/stable/stretch/Dockerfile index 0b75d730..85816f3f 100644 --- a/stable/stretch/Dockerfile +++ b/stable/stretch/Dockerfile @@ -7,6 +7,9 @@ ENV NJS_VERSION 0.3.2 ENV PKG_RELEASE 1~stretch RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ && \ From 0e47be34c3fcdc15078e51d6b0bcc4abd81f1383 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Thu, 6 Jun 2019 16:13:55 +0200 Subject: [PATCH 023/113] Remove dash from su command Fixes #327 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index cbb6e96c..d9c7ca10 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -64,7 +64,7 @@ RUN set -x \ bash \ alpine-sdk \ findutils \ - && su - nobody -s /bin/sh -c " \ + && su nobody -s /bin/sh -c " \ export HOME=${tempDir} \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 17822daf..78d5b0a8 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -63,7 +63,7 @@ RUN set -x \ bash \ alpine-sdk \ findutils \ - && su - nobody -s /bin/sh -c " \ + && su nobody -s /bin/sh -c " \ export HOME=${tempDir} \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 255e8d75..17d1384b 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -64,7 +64,7 @@ RUN set -x \ bash \ alpine-sdk \ findutils \ - && su - nobody -s /bin/sh -c " \ + && su nobody -s /bin/sh -c " \ export HOME=${tempDir} \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 1e88ebd2..266ffb02 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -63,7 +63,7 @@ RUN set -x \ bash \ alpine-sdk \ findutils \ - && su - nobody -s /bin/sh -c " \ + && su nobody -s /bin/sh -c " \ export HOME=${tempDir} \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ From c10dfd0d6df13b33f498eb49d499df26fb0c440b Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Thu, 6 Jun 2019 16:33:15 +0200 Subject: [PATCH 024/113] Change tabs to spaces And other minor formatting fixes Signed-off-by: Konstantin Pavlov --- mainline/alpine-perl/Dockerfile | 14 ++-- mainline/alpine/Dockerfile | 14 ++-- mainline/stretch-perl/Dockerfile | 120 ++++++++++++++-------------- mainline/stretch/Dockerfile | 132 +++++++++++++++---------------- stable/alpine-perl/Dockerfile | 14 ++-- stable/alpine/Dockerfile | 14 ++-- stable/stretch-perl/Dockerfile | 120 ++++++++++++++-------------- stable/stretch/Dockerfile | 132 +++++++++++++++---------------- 8 files changed, 280 insertions(+), 280 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index d9c7ca10..359991a2 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.0 ENV NJS_VERSION 0.3.2 -ENV PKG_RELEASE 1 +ENV PKG_RELEASE 1 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -28,12 +28,12 @@ RUN set -x \ openssl curl ca-certificates \ && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ - echo "key verification succeeded!"; \ - mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ - else \ - echo "key verification failed!"; \ - exit 1; \ - fi \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ && printf "%s%s%s\n" \ "http://nginx.org/packages/mainline/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 78d5b0a8..e0fbb828 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.0 ENV NJS_VERSION 0.3.2 -ENV PKG_RELEASE 1 +ENV PKG_RELEASE 1 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -27,12 +27,12 @@ RUN set -x \ openssl curl ca-certificates \ && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ - echo "key verification succeeded!"; \ - mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ - else \ - echo "key verification failed!"; \ - exit 1; \ - fi \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ && printf "%s%s%s\n" \ "http://nginx.org/packages/mainline/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 54d9941f..01ddc4bf 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -10,23 +10,23 @@ RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ - && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ - && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ - apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ - && dpkgArch="$(dpkg --print-architecture)" \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ && nginxPackages=" \ nginx=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ @@ -34,68 +34,68 @@ RUN set -x \ nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ - " \ - && case "$dpkgArch" in \ - amd64|i386) \ + " \ + && case "$dpkgArch" in \ + amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - && apt-get update \ - ;; \ - *) \ + echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - \ + echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ # new directory for storing sources and .deb files - && tempDir="$(mktemp -d)" \ - && chmod 777 "$tempDir" \ + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ # (777 to ensure APT's "_apt" user can access it too) - \ + \ # save list of currently-installed packages so build dependencies can be cleanly removed later - && savedAptMark="$(apt-mark showmanual)" \ - \ + && savedAptMark="$(apt-mark showmanual)" \ + \ # build .deb files from upstream's source packages (which are verified by apt-get) - && apt-get update \ - && apt-get build-dep -y $nginxPackages \ - && ( \ - cd "$tempDir" \ - && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ - apt-get source --compile $nginxPackages \ - ) \ + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ # we don't remove APT lists here because they get re-downloaded and removed later - \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) - && apt-mark showmanual | xargs apt-mark auto > /dev/null \ - && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ - \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ # create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) - && ls -lAFh "$tempDir" \ - && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ - && grep '^Package: ' "$tempDir/Packages" \ - && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ # work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") # Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) # ... # E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) - && apt-get -o Acquire::GzipIndexes=false update \ - ;; \ - esac \ - \ - && apt-get install --no-install-recommends --no-install-suggests -y \ - $nginxPackages \ - gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ - \ + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) - && if [ -n "$tempDir" ]; then \ - apt-get purge -y --auto-remove \ - && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 11ab8975..12a3130a 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -10,91 +10,91 @@ RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ - && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ - && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ - apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ - && dpkgArch="$(dpkg --print-architecture)" \ - && nginxPackages=" \ - nginx=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ - " \ - && case "$dpkgArch" in \ - amd64|i386) \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + " \ + && case "$dpkgArch" in \ + amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - && apt-get update \ - ;; \ - *) \ + echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - \ + echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ # new directory for storing sources and .deb files - && tempDir="$(mktemp -d)" \ - && chmod 777 "$tempDir" \ + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ # (777 to ensure APT's "_apt" user can access it too) - \ + \ # save list of currently-installed packages so build dependencies can be cleanly removed later - && savedAptMark="$(apt-mark showmanual)" \ - \ + && savedAptMark="$(apt-mark showmanual)" \ + \ # build .deb files from upstream's source packages (which are verified by apt-get) - && apt-get update \ - && apt-get build-dep -y $nginxPackages \ - && ( \ - cd "$tempDir" \ - && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ - apt-get source --compile $nginxPackages \ - ) \ + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ # we don't remove APT lists here because they get re-downloaded and removed later - \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) - && apt-mark showmanual | xargs apt-mark auto > /dev/null \ - && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ - \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ # create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) - && ls -lAFh "$tempDir" \ - && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ - && grep '^Package: ' "$tempDir/Packages" \ - && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ # work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") # Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) # ... # E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) - && apt-get -o Acquire::GzipIndexes=false update \ - ;; \ - esac \ - \ - && apt-get install --no-install-recommends --no-install-suggests -y \ - $nginxPackages \ - gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ - \ + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) - && if [ -n "$tempDir" ]; then \ - apt-get purge -y --auto-remove \ - && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 17d1384b..b5a54f4e 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 ENV NJS_VERSION 0.3.2 -ENV PKG_RELEASE 1 +ENV PKG_RELEASE 1 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -28,12 +28,12 @@ RUN set -x \ openssl curl ca-certificates \ && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ - echo "key verification succeeded!"; \ - mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ - else \ - echo "key verification failed!"; \ - exit 1; \ - fi \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ && printf "%s%s%s\n" \ "http://nginx.org/packages/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 266ffb02..b51ada35 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 ENV NJS_VERSION 0.3.2 -ENV PKG_RELEASE 1 +ENV PKG_RELEASE 1 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -27,12 +27,12 @@ RUN set -x \ openssl curl ca-certificates \ && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ - echo "key verification succeeded!"; \ - mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ - else \ - echo "key verification failed!"; \ - exit 1; \ - fi \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ && printf "%s%s%s\n" \ "http://nginx.org/packages/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ diff --git a/stable/stretch-perl/Dockerfile b/stable/stretch-perl/Dockerfile index d82f6225..9f038d28 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/stretch-perl/Dockerfile @@ -10,23 +10,23 @@ RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ - && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ - && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ - apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ - && dpkgArch="$(dpkg --print-architecture)" \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ && nginxPackages=" \ nginx=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ @@ -34,68 +34,68 @@ RUN set -x \ nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ - " \ - && case "$dpkgArch" in \ - amd64|i386) \ + " \ + && case "$dpkgArch" in \ + amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - && apt-get update \ - ;; \ - *) \ + echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - \ + echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ # new directory for storing sources and .deb files - && tempDir="$(mktemp -d)" \ - && chmod 777 "$tempDir" \ + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ # (777 to ensure APT's "_apt" user can access it too) - \ + \ # save list of currently-installed packages so build dependencies can be cleanly removed later - && savedAptMark="$(apt-mark showmanual)" \ - \ + && savedAptMark="$(apt-mark showmanual)" \ + \ # build .deb files from upstream's source packages (which are verified by apt-get) - && apt-get update \ - && apt-get build-dep -y $nginxPackages \ - && ( \ - cd "$tempDir" \ - && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ - apt-get source --compile $nginxPackages \ - ) \ + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ # we don't remove APT lists here because they get re-downloaded and removed later - \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) - && apt-mark showmanual | xargs apt-mark auto > /dev/null \ - && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ - \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ # create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) - && ls -lAFh "$tempDir" \ - && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ - && grep '^Package: ' "$tempDir/Packages" \ - && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ # work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") # Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) # ... # E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) - && apt-get -o Acquire::GzipIndexes=false update \ - ;; \ - esac \ - \ - && apt-get install --no-install-recommends --no-install-suggests -y \ - $nginxPackages \ - gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ - \ + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) - && if [ -n "$tempDir" ]; then \ - apt-get purge -y --auto-remove \ - && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 diff --git a/stable/stretch/Dockerfile b/stable/stretch/Dockerfile index 85816f3f..f7dc48c5 100644 --- a/stable/stretch/Dockerfile +++ b/stable/stretch/Dockerfile @@ -10,91 +10,91 @@ RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ - && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ - && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ - apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ - && dpkgArch="$(dpkg --print-architecture)" \ - && nginxPackages=" \ - nginx=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ - " \ - && case "$dpkgArch" in \ - amd64|i386) \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ + && nginxPackages=" \ + nginx=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + " \ + && case "$dpkgArch" in \ + amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - && apt-get update \ - ;; \ - *) \ + echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ - \ + echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ # new directory for storing sources and .deb files - && tempDir="$(mktemp -d)" \ - && chmod 777 "$tempDir" \ + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ # (777 to ensure APT's "_apt" user can access it too) - \ + \ # save list of currently-installed packages so build dependencies can be cleanly removed later - && savedAptMark="$(apt-mark showmanual)" \ - \ + && savedAptMark="$(apt-mark showmanual)" \ + \ # build .deb files from upstream's source packages (which are verified by apt-get) - && apt-get update \ - && apt-get build-dep -y $nginxPackages \ - && ( \ - cd "$tempDir" \ - && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ - apt-get source --compile $nginxPackages \ - ) \ + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ # we don't remove APT lists here because they get re-downloaded and removed later - \ + \ # reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies # (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) - && apt-mark showmanual | xargs apt-mark auto > /dev/null \ - && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ - \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ # create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) - && ls -lAFh "$tempDir" \ - && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ - && grep '^Package: ' "$tempDir/Packages" \ - && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ # work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") # Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) # ... # E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) - && apt-get -o Acquire::GzipIndexes=false update \ - ;; \ - esac \ - \ - && apt-get install --no-install-recommends --no-install-suggests -y \ - $nginxPackages \ - gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ - \ + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) - && if [ -n "$tempDir" ]; then \ - apt-get purge -y --auto-remove \ - && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 From 1ebbaf6c2f94fb4f60917220d1fae9482fb65e81 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 7 Jun 2019 14:46:29 +0300 Subject: [PATCH 025/113] stable alpine: ping to revision 417 of http://hg.nginx.org/pkg-oss. This makes stable images buildable until the next version bump. --- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index b5a54f4e..57b521d0 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -69,7 +69,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up -r 417 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index b51ada35..1dcb7636 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -68,7 +68,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up -r 417 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ From 011ca42d34576e884610e8842b5dfb28f175fc7c Mon Sep 17 00:00:00 2001 From: J0WI Date: Thu, 20 Jun 2019 14:38:31 +0200 Subject: [PATCH 026/113] Fetch Alpine package over https --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 359991a2..0984a7de 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -35,7 +35,7 @@ RUN set -x \ exit 1; \ fi \ && printf "%s%s%s\n" \ - "http://nginx.org/packages/mainline/alpine/v" \ + "https://nginx.org/packages/mainline/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ "/main" \ | tee -a /etc/apk/repositories \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index e0fbb828..d021c4bc 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -34,7 +34,7 @@ RUN set -x \ exit 1; \ fi \ && printf "%s%s%s\n" \ - "http://nginx.org/packages/mainline/alpine/v" \ + "https://nginx.org/packages/mainline/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ "/main" \ | tee -a /etc/apk/repositories \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 57b521d0..1a10857c 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -35,7 +35,7 @@ RUN set -x \ exit 1; \ fi \ && printf "%s%s%s\n" \ - "http://nginx.org/packages/alpine/v" \ + "https://nginx.org/packages/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ "/main" \ | tee -a /etc/apk/repositories \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 1dcb7636..2c5e2d97 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -34,7 +34,7 @@ RUN set -x \ exit 1; \ fi \ && printf "%s%s%s\n" \ - "http://nginx.org/packages/alpine/v" \ + "https://nginx.org/packages/alpine/v" \ `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ "/main" \ | tee -a /etc/apk/repositories \ From 17c4abd5f5fb7d1edebeab36e0f5ac40f23f6b9b Mon Sep 17 00:00:00 2001 From: Nick Porter Date: Sat, 29 Jun 2019 23:15:20 -0400 Subject: [PATCH 027/113] Fix typo in README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f0d253c2..7adf25f3 100644 --- a/README.md +++ b/README.md @@ -5,5 +5,5 @@ Hub page for the full readme on how to use the Docker image and for information regarding contributing and issues. The full readme is generated over in [docker-library/docs](https://github.com/docker-library/docs), -specificially in [docker-library/docs/nginx](https://github.com/docker-library/docs/tree/master/nginx). +specifically in [docker-library/docs/nginx](https://github.com/docker-library/docs/tree/master/nginx). From 976f38e04cce6a70625b24189fda405907d9cebf Mon Sep 17 00:00:00 2001 From: J0WI Date: Tue, 25 Jun 2019 01:38:30 +0200 Subject: [PATCH 028/113] Remove curl dependency from Alpine varaint --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- stable/alpine-perl/Dockerfile | 4 ++-- stable/alpine/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 0984a7de..eff71f42 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -25,8 +25,8 @@ RUN set -x \ set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ && apk add --no-cache --virtual .cert-deps \ - openssl curl ca-certificates \ - && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ echo "key verification succeeded!"; \ mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index d021c4bc..da123df9 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -24,8 +24,8 @@ RUN set -x \ set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ && apk add --no-cache --virtual .cert-deps \ - openssl curl ca-certificates \ - && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ echo "key verification succeeded!"; \ mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 1a10857c..420072f6 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -25,8 +25,8 @@ RUN set -x \ set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ && apk add --no-cache --virtual .cert-deps \ - openssl curl ca-certificates \ - && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ echo "key verification succeeded!"; \ mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 2c5e2d97..a483653c 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -24,8 +24,8 @@ RUN set -x \ set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ && apk add --no-cache --virtual .cert-deps \ - openssl curl ca-certificates \ - && curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ echo "key verification succeeded!"; \ mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ From f9fbfcbcb24cb1fd6d207d33e9345d3e6dbb8ff2 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Mon, 1 Jul 2019 15:46:11 +0300 Subject: [PATCH 029/113] Updated nginx to 1.17.1 and njs to 0.3.3 Fixes #343 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/stretch-perl/Dockerfile | 4 ++-- mainline/stretch/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index eff71f42..ef35167c 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.17.1 +ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index da123df9..f23a275e 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.9 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.17.1 +ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/stretch-perl/Dockerfile b/mainline/stretch-perl/Dockerfile index 01ddc4bf..1e2fee6f 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/stretch-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.17.1 +ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1~stretch RUN set -x \ diff --git a/mainline/stretch/Dockerfile b/mainline/stretch/Dockerfile index 12a3130a..caec21c1 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/stretch/Dockerfile @@ -2,8 +2,8 @@ FROM debian:stretch-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.17.1 +ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1~stretch RUN set -x \ From 5abbd4a936e9ebd0bd116511c0dcd5ca27b9f4ad Mon Sep 17 00:00:00 2001 From: J0WI Date: Thu, 20 Jun 2019 14:39:27 +0200 Subject: [PATCH 030/113] Update Alpine to 3.10 Signed-off-by: Konstantin Pavlov --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index ef35167c..92e09573 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.9 +FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index f23a275e..312bd350 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.9 +FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 420072f6..794c446c 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.9 +FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index a483653c..49a567ef 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.9 +FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " From 7956a3fed9b57f4796881c99ec23c03c05945d43 Mon Sep 17 00:00:00 2001 From: J0WI Date: Wed, 10 Jul 2019 16:42:11 +0200 Subject: [PATCH 031/113] Upgrade to Debian Buster Signed-off-by: Konstantin Pavlov --- generate-stackbrew-library.sh | 4 ++-- mainline/{stretch-perl => buster-perl}/Dockerfile | 12 ++++++------ mainline/{stretch => buster}/Dockerfile | 12 ++++++------ stable/{stretch-perl => buster-perl}/Dockerfile | 12 ++++++------ stable/{stretch => buster}/Dockerfile | 12 ++++++------ 5 files changed, 26 insertions(+), 26 deletions(-) rename mainline/{stretch-perl => buster-perl}/Dockerfile (92%) rename mainline/{stretch => buster}/Dockerfile (92%) rename stable/{stretch-perl => buster-perl}/Dockerfile (90%) rename stable/{stretch => buster}/Dockerfile (90%) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 3f3a9886..4464e466 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -9,7 +9,7 @@ aliases=( self="$(basename "$BASH_SOURCE")" cd "$(dirname "$(readlink -f "$BASH_SOURCE")")" -base=stretch +base=buster versions=( */ ) versions=( "${versions[@]%/}" ) @@ -69,7 +69,7 @@ for version in "${versions[@]}"; do Directory: $version/$base EOE - for variant in stretch-perl; do + for variant in buster-perl; do commit="$(dirCommit "$version/$variant")" variantAliases=( "${versionAliases[@]/%/-perl}" ) diff --git a/mainline/stretch-perl/Dockerfile b/mainline/buster-perl/Dockerfile similarity index 92% rename from mainline/stretch-perl/Dockerfile rename to mainline/buster-perl/Dockerfile index 1e2fee6f..a1ad85a8 100644 --- a/mainline/stretch-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -1,17 +1,17 @@ -FROM debian:stretch-slim +FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.1 ENV NJS_VERSION 0.3.3 -ENV PKG_RELEASE 1~stretch +ENV PKG_RELEASE 1~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ && \ NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ found=''; \ @@ -38,13 +38,13 @@ RUN set -x \ && case "$dpkgArch" in \ amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb-src https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ \ # new directory for storing sources and .deb files && tempDir="$(mktemp -d)" \ @@ -85,7 +85,7 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ diff --git a/mainline/stretch/Dockerfile b/mainline/buster/Dockerfile similarity index 92% rename from mainline/stretch/Dockerfile rename to mainline/buster/Dockerfile index caec21c1..046ed052 100644 --- a/mainline/stretch/Dockerfile +++ b/mainline/buster/Dockerfile @@ -1,17 +1,17 @@ -FROM debian:stretch-slim +FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.1 ENV NJS_VERSION 0.3.3 -ENV PKG_RELEASE 1~stretch +ENV PKG_RELEASE 1~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ && \ NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ found=''; \ @@ -37,13 +37,13 @@ RUN set -x \ && case "$dpkgArch" in \ amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb-src https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ \ # new directory for storing sources and .deb files && tempDir="$(mktemp -d)" \ @@ -84,7 +84,7 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ diff --git a/stable/stretch-perl/Dockerfile b/stable/buster-perl/Dockerfile similarity index 90% rename from stable/stretch-perl/Dockerfile rename to stable/buster-perl/Dockerfile index 9f038d28..2657f64a 100644 --- a/stable/stretch-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -1,17 +1,17 @@ -FROM debian:stretch-slim +FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 ENV NJS_VERSION 0.3.2 -ENV PKG_RELEASE 1~stretch +ENV PKG_RELEASE 1~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ && \ NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ found=''; \ @@ -38,13 +38,13 @@ RUN set -x \ && case "$dpkgArch" in \ amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb-src https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ \ # new directory for storing sources and .deb files && tempDir="$(mktemp -d)" \ @@ -85,7 +85,7 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ diff --git a/stable/stretch/Dockerfile b/stable/buster/Dockerfile similarity index 90% rename from stable/stretch/Dockerfile rename to stable/buster/Dockerfile index f7dc48c5..05d593ec 100644 --- a/stable/stretch/Dockerfile +++ b/stable/buster/Dockerfile @@ -1,17 +1,17 @@ -FROM debian:stretch-slim +FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.0 ENV NJS_VERSION 0.3.2 -ENV PKG_RELEASE 1~stretch +ENV PKG_RELEASE 1~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants && addgroup --system --gid 101 nginx \ && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ && \ NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ found=''; \ @@ -37,13 +37,13 @@ RUN set -x \ && case "$dpkgArch" in \ amd64|i386) \ # arches officialy built by upstream - echo "deb https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for # let's build binaries from the published source packages - echo "deb-src https://nginx.org/packages/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \ + echo "deb-src https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ \ # new directory for storing sources and .deb files && tempDir="$(mktemp -d)" \ @@ -84,7 +84,7 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ From c817e28dd68b6daa33265a8cb527b1c4cd723b59 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 23 Jul 2019 16:33:30 +0300 Subject: [PATCH 032/113] Updated mainline nginx to 1.17.2 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 92e09573..d376c2ca 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.1 +ENV NGINX_VERSION 1.17.2 ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 312bd350..c910f580 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.1 +ENV NGINX_VERSION 1.17.2 ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1 diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index a1ad85a8..7c083606 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.1 +ENV NGINX_VERSION 1.17.2 ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1~buster diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 046ed052..480b7a3b 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.1 +ENV NGINX_VERSION 1.17.2 ENV NJS_VERSION 0.3.3 ENV PKG_RELEASE 1~buster From 952de68bda48815a1fc9137b51633a6ea053251c Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Thu, 15 Aug 2019 12:03:42 +0300 Subject: [PATCH 033/113] Updated nginx to 1.17.3 and njs to 0.3.4 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index d376c2ca..17f53416 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.2 -ENV NJS_VERSION 0.3.3 +ENV NGINX_VERSION 1.17.3 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index c910f580..4ab42553 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.2 -ENV NJS_VERSION 0.3.3 +ENV NGINX_VERSION 1.17.3 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 7c083606..97b100c4 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.2 -ENV NJS_VERSION 0.3.3 +ENV NGINX_VERSION 1.17.3 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 480b7a3b..d4137f04 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.2 -ENV NJS_VERSION 0.3.3 +ENV NGINX_VERSION 1.17.3 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1~buster RUN set -x \ From f5a5bc9926f0bdcd45073ee7d80f73a5656fabe9 Mon Sep 17 00:00:00 2001 From: Benjamin Dos Santos Date: Thu, 15 Aug 2019 11:09:20 +0200 Subject: [PATCH 034/113] Updated stable nginx to 1.16.1 and njs to 0.3.4 --- stable/alpine-perl/Dockerfile | 4 ++-- stable/alpine/Dockerfile | 4 ++-- stable/buster-perl/Dockerfile | 4 ++-- stable/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 794c446c..4d18a32c 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.16.1 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 49a567ef..116c25fe 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.16.1 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 2657f64a..60ccaeec 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.16.1 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 05d593ec..ac2d790f 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.0 -ENV NJS_VERSION 0.3.2 +ENV NGINX_VERSION 1.16.1 +ENV NJS_VERSION 0.3.4 ENV PKG_RELEASE 1~buster RUN set -x \ From e3bbc1131a683dabf868268e62b9d3fbd250191b Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Thu, 15 Aug 2019 22:12:21 +0300 Subject: [PATCH 035/113] Updated njs to 0.3.5 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- stable/buster-perl/Dockerfile | 2 +- stable/buster/Dockerfile | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 17f53416..3451a3ab 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.3 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 4ab42553..60c8fbe2 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.3 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 97b100c4..8c827f2f 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.3 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index d4137f04..b8692972 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.3 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 4d18a32c..f4f228c6 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 116c25fe..ee26e541 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 60ccaeec..ea60a497 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index ac2d790f..84d269ce 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.4 +ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1~buster RUN set -x \ From 0ad6faa0790f423fb239f2b8800dc339d763869a Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 27 Aug 2019 13:17:27 +0300 Subject: [PATCH 036/113] alpine: bump pkg-oss revision to fetch njs 0.3.5 sources --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 3451a3ab..0739c280 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -69,7 +69,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up -r 428 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 60c8fbe2..52424888 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -68,7 +68,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up -r 428 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index f4f228c6..0251a44e 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -69,7 +69,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 417 \ + && hg up -r 429 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index ee26e541..0bbe6668 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -68,7 +68,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 417 \ + && hg up -r 429 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ From 23a990403d6dbe102bf2c72ab2f6a239e940e3c3 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 24 Sep 2019 19:33:38 +0300 Subject: [PATCH 037/113] Updated mainline nginx to 1.17.4 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 0739c280..f274a309 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.3 +ENV NGINX_VERSION 1.17.4 ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1 @@ -69,7 +69,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 428 \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 52424888..d2fbdfec 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.3 +ENV NGINX_VERSION 1.17.4 ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1 @@ -68,7 +68,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 428 \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 8c827f2f..a25851a2 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.3 +ENV NGINX_VERSION 1.17.4 ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1~buster diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index b8692972..8bb1cdae 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.3 +ENV NGINX_VERSION 1.17.4 ENV NJS_VERSION 0.3.5 ENV PKG_RELEASE 1~buster From fe97d699daae7e04f916771ac520f7cf25ab2b27 Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Tue, 22 Oct 2019 19:28:56 +0300 Subject: [PATCH 038/113] Updated nginx to 1.17.5 and njs to 0.3.6 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index f274a309..5f25c711 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.4 -ENV NJS_VERSION 0.3.5 +ENV NGINX_VERSION 1.17.5 +ENV NJS_VERSION 0.3.6 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index d2fbdfec..9db13acb 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.4 -ENV NJS_VERSION 0.3.5 +ENV NGINX_VERSION 1.17.5 +ENV NJS_VERSION 0.3.6 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index a25851a2..e7c11edc 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.4 -ENV NJS_VERSION 0.3.5 +ENV NGINX_VERSION 1.17.5 +ENV NJS_VERSION 0.3.6 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 8bb1cdae..01601cd2 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.4 -ENV NJS_VERSION 0.3.5 +ENV NGINX_VERSION 1.17.5 +ENV NJS_VERSION 0.3.6 ENV PKG_RELEASE 1~buster RUN set -x \ From 7413661f772413ce02456db044d246c811a734be Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 13 Nov 2019 18:25:56 +0300 Subject: [PATCH 039/113] alpine: forced installing nginx packages from our repos That fixes clashes between alpine linux own repositories and our repos when they have the same versions available. --- mainline/alpine-perl/Dockerfile | 11 ++--------- mainline/alpine/Dockerfile | 11 ++--------- stable/alpine-perl/Dockerfile | 11 ++--------- stable/alpine/Dockerfile | 11 ++--------- 4 files changed, 8 insertions(+), 36 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 5f25c711..7a2253ac 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -34,12 +34,8 @@ RUN set -x \ echo "key verification failed!"; \ exit 1; \ fi \ - && printf "%s%s%s\n" \ - "https://nginx.org/packages/mainline/alpine/v" \ - `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ - "/main" \ - | tee -a /etc/apk/repositories \ && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/mainline/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for @@ -75,18 +71,15 @@ RUN set -x \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ " \ - && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ ;; \ esac \ - && apk add --no-cache $nginxPackages \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ -# remove the last line with the packages repos in the repositories file - && sed -i '$ d' /etc/apk/repositories \ # Bring in gettext so we can get `envsubst`, then throw # the rest away. To do this, we need to install `gettext` # then move `envsubst` out of the way so `gettext` can diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 9db13acb..d5917e14 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -33,12 +33,8 @@ RUN set -x \ echo "key verification failed!"; \ exit 1; \ fi \ - && printf "%s%s%s\n" \ - "https://nginx.org/packages/mainline/alpine/v" \ - `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ - "/main" \ - | tee -a /etc/apk/repositories \ && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/mainline/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for @@ -74,18 +70,15 @@ RUN set -x \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ " \ - && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ ;; \ esac \ - && apk add --no-cache $nginxPackages \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ -# remove the last line with the packages repos in the repositories file - && sed -i '$ d' /etc/apk/repositories \ # Bring in gettext so we can get `envsubst`, then throw # the rest away. To do this, we need to install `gettext` # then move `envsubst` out of the way so `gettext` can diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 0251a44e..c47a16b5 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -34,12 +34,8 @@ RUN set -x \ echo "key verification failed!"; \ exit 1; \ fi \ - && printf "%s%s%s\n" \ - "https://nginx.org/packages/alpine/v" \ - `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ - "/main" \ - | tee -a /etc/apk/repositories \ && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for @@ -75,18 +71,15 @@ RUN set -x \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ " \ - && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ ;; \ esac \ - && apk add --no-cache $nginxPackages \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ -# remove the last line with the packages repos in the repositories file - && sed -i '$ d' /etc/apk/repositories \ # Bring in gettext so we can get `envsubst`, then throw # the rest away. To do this, we need to install `gettext` # then move `envsubst` out of the way so `gettext` can diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 0bbe6668..38378c49 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -33,12 +33,8 @@ RUN set -x \ echo "key verification failed!"; \ exit 1; \ fi \ - && printf "%s%s%s\n" \ - "https://nginx.org/packages/alpine/v" \ - `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \ - "/main" \ - | tee -a /etc/apk/repositories \ && apk del .cert-deps \ + && apk add -X "https://nginx.org/packages/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ ;; \ *) \ # we're on an architecture upstream doesn't officially build for @@ -74,18 +70,15 @@ RUN set -x \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ " \ - && echo "${tempDir}/packages/alpine/" >> /etc/apk/repositories \ && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ ;; \ esac \ - && apk add --no-cache $nginxPackages \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ -# remove the last line with the packages repos in the repositories file - && sed -i '$ d' /etc/apk/repositories \ # Bring in gettext so we can get `envsubst`, then throw # the rest away. To do this, we need to install `gettext` # then move `envsubst` out of the way so `gettext` can From a973c221f6cedede4dab3ab36d18240c4d3e3d74 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 19 Nov 2019 19:20:45 +0300 Subject: [PATCH 040/113] Updated nginx to 1.17.6 and njs to 0.3.7 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 7a2253ac..f21b8565 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.5 -ENV NJS_VERSION 0.3.6 +ENV NGINX_VERSION 1.17.6 +ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index d5917e14..1ca4bd46 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.5 -ENV NJS_VERSION 0.3.6 +ENV NGINX_VERSION 1.17.6 +ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index e7c11edc..467dd49c 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.5 -ENV NJS_VERSION 0.3.6 +ENV NGINX_VERSION 1.17.6 +ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 01601cd2..f039a637 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.5 -ENV NJS_VERSION 0.3.6 +ENV NGINX_VERSION 1.17.6 +ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1~buster RUN set -x \ From 0f2f33169297d7571d733f3a9122e3486704c859 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 9 Jan 2020 13:00:19 +0300 Subject: [PATCH 041/113] Updated mainline nginx to 1.17.7 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index f21b8565..48ffe0e5 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.6 +ENV NGINX_VERSION 1.17.7 ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 1ca4bd46..8b204230 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.6 +ENV NGINX_VERSION 1.17.7 ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1 diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 467dd49c..9dbcd3ae 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.6 +ENV NGINX_VERSION 1.17.7 ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1~buster diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index f039a637..8bd9c0cb 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.6 +ENV NGINX_VERSION 1.17.7 ENV NJS_VERSION 0.3.7 ENV PKG_RELEASE 1~buster From 5971de30c487356d5d2a2e1a79e02b2612f9a72f Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 21 Jan 2020 18:29:20 +0300 Subject: [PATCH 042/113] Updated nginx to 1.17.8 and njs to 0.3.8 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 48ffe0e5..95dd1510 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.7 -ENV NJS_VERSION 0.3.7 +ENV NGINX_VERSION 1.17.8 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 8b204230..ce06ecad 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.7 -ENV NJS_VERSION 0.3.7 +ENV NGINX_VERSION 1.17.8 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 9dbcd3ae..182876f0 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.7 -ENV NJS_VERSION 0.3.7 +ENV NGINX_VERSION 1.17.8 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 8bd9c0cb..00d36742 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.7 -ENV NJS_VERSION 0.3.7 +ENV NGINX_VERSION 1.17.8 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1~buster RUN set -x \ From f7738edec51adb47470a96ad120cd63975a9d3d0 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 21 Jan 2020 19:56:39 +0300 Subject: [PATCH 043/113] Updated njs to 0.3.8 in stable nginx --- stable/alpine-perl/Dockerfile | 4 ++-- stable/alpine/Dockerfile | 4 ++-- stable/buster-perl/Dockerfile | 2 +- stable/buster/Dockerfile | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index c47a16b5..e0382158 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.5 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1 RUN set -x \ @@ -65,7 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 429 \ + && hg up -r 450 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 38378c49..a7f8cdf4 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.5 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1 RUN set -x \ @@ -64,7 +64,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 429 \ + && hg up -r 450 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index ea60a497..0c092ee0 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.5 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 84d269ce..f958d44b 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.5 +ENV NJS_VERSION 0.3.8 ENV PKG_RELEASE 1~buster RUN set -x \ From 5c15613519a26c6adc244c24f814a95c786cfbc3 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 4 Mar 2020 16:11:44 +0300 Subject: [PATCH 044/113] Updated nginx to 1.17.9 and njs to 0.3.9 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 95dd1510..dd90e4b3 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.8 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.17.9 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index ce06ecad..e5d32ece 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.10 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.8 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.17.9 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 182876f0..612def6c 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.8 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.17.9 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 00d36742..ef322cb6 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.8 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.17.9 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1~buster RUN set -x \ From 594ce7a8bc26c85af88495ac94d5cd0096b306f7 Mon Sep 17 00:00:00 2001 From: J0WI Date: Tue, 14 Apr 2020 20:44:35 +0200 Subject: [PATCH 045/113] Update nginx to 1.17.10 and Alpine to 3.11 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index dd90e4b3..7e974841 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -1,8 +1,8 @@ -FROM alpine:3.10 +FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.9 +ENV NGINX_VERSION 1.17.10 ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index e5d32ece..24452578 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,8 +1,8 @@ -FROM alpine:3.10 +FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.9 +ENV NGINX_VERSION 1.17.10 ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1 diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 612def6c..9b4e0487 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.9 +ENV NGINX_VERSION 1.17.10 ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1~buster diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index ef322cb6..23e8a816 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.9 +ENV NGINX_VERSION 1.17.10 ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1~buster From cab4f85211cef6e0672d4a44c783b09ae518b5ef Mon Sep 17 00:00:00 2001 From: chotow Date: Wed, 22 Apr 2020 17:44:52 +0800 Subject: [PATCH 046/113] Updated stable nginx to 1.18.0 --- stable/alpine-perl/Dockerfile | 8 ++++---- stable/alpine/Dockerfile | 8 ++++---- stable/buster-perl/Dockerfile | 4 ++-- stable/buster/Dockerfile | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index e0382158..ed451a03 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -1,9 +1,9 @@ -FROM alpine:3.10 +FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1 RUN set -x \ @@ -65,7 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 450 \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index a7f8cdf4..ef1088e8 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -1,9 +1,9 @@ -FROM alpine:3.10 +FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1 RUN set -x \ @@ -64,7 +64,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 450 \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 0c092ee0..a477b1c7 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index f958d44b..9f289bf4 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.16.1 -ENV NJS_VERSION 0.3.8 +ENV NGINX_VERSION 1.18.0 +ENV NJS_VERSION 0.3.9 ENV PKG_RELEASE 1~buster RUN set -x \ From b6120b10418b3f892cd5d141467419eb6fd6c3a0 Mon Sep 17 00:00:00 2001 From: chotow Date: Wed, 22 Apr 2020 17:46:51 +0800 Subject: [PATCH 047/113] Updated generate-stackbrew-library.sh --- generate-stackbrew-library.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 4464e466..1f506244 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -3,8 +3,8 @@ set -eu declare -A aliases aliases=( - [mainline]='1 1.17 latest' - [stable]='1.16' + [mainline]='1 1.19 latest' + [stable]='1.18' ) self="$(basename "$BASH_SOURCE")" From abef566d0a619721144d59f7a8dd482669250276 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 21 Apr 2020 16:19:59 +0300 Subject: [PATCH 048/113] Listen on ipv6 by default Fixes #394. --- mainline/alpine-perl/Dockerfile | 5 ++++- mainline/alpine/Dockerfile | 5 ++++- mainline/buster-perl/Dockerfile | 4 ++++ mainline/buster/Dockerfile | 4 ++++ stable/alpine-perl/Dockerfile | 5 ++++- stable/alpine/Dockerfile | 5 ++++- stable/buster-perl/Dockerfile | 4 ++++ stable/buster/Dockerfile | 4 ++++ 8 files changed, 32 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 7e974841..64ecd48f 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -102,7 +102,10 @@ RUN set -x \ && apk add --no-cache tzdata \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# make default server listen on ipv6 + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf EXPOSE 80 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 24452578..d7ec4c40 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -101,7 +101,10 @@ RUN set -x \ && apk add --no-cache tzdata \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# make default server listen on ipv6 + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf EXPOSE 80 diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 9b4e0487..af72698b 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -97,6 +97,10 @@ RUN set -x \ RUN ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log +# make default server listen on ipv6 +RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf + EXPOSE 80 STOPSIGNAL SIGTERM diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 23e8a816..33943181 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -96,6 +96,10 @@ RUN set -x \ RUN ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log +# make default server listen on ipv6 +RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf + EXPOSE 80 STOPSIGNAL SIGTERM diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index ed451a03..213f33f8 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -102,7 +102,10 @@ RUN set -x \ && apk add --no-cache tzdata \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# make default server listen on ipv6 + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf EXPOSE 80 diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index ef1088e8..debe3ac7 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -101,7 +101,10 @@ RUN set -x \ && apk add --no-cache tzdata \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# make default server listen on ipv6 + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf EXPOSE 80 diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index a477b1c7..72c0c92f 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -97,6 +97,10 @@ RUN set -x \ RUN ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log +# make default server listen on ipv6 +RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf + EXPOSE 80 STOPSIGNAL SIGTERM diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 9f289bf4..8049d482 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -96,6 +96,10 @@ RUN set -x \ RUN ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log +# make default server listen on ipv6 +RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + /etc/nginx/conf.d/default.conf + EXPOSE 80 STOPSIGNAL SIGTERM From 87f9340ea4b85b6ffada26d40e8a7ca99ef74a03 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 21 Apr 2020 16:37:37 +0300 Subject: [PATCH 049/113] Provide curl inside images to simplify service discovery registration Fixes #378. --- mainline/alpine-perl/Dockerfile | 2 ++ mainline/alpine/Dockerfile | 2 ++ mainline/buster-perl/Dockerfile | 3 ++- mainline/buster/Dockerfile | 3 ++- stable/alpine-perl/Dockerfile | 2 ++ stable/alpine/Dockerfile | 2 ++ stable/buster-perl/Dockerfile | 3 ++- stable/buster/Dockerfile | 3 ++- 8 files changed, 16 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 64ecd48f..1d46a0c5 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -100,6 +100,8 @@ RUN set -x \ # Bring in tzdata so users could set the timezones through the environment # variables && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index d7ec4c40..5d3bea96 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -99,6 +99,8 @@ RUN set -x \ # Bring in tzdata so users could set the timezones through the environment # variables && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index af72698b..eabb7223 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -85,7 +85,8 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 33943181..4c2cc9a7 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -84,7 +84,8 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 213f33f8..e094aca8 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -100,6 +100,8 @@ RUN set -x \ # Bring in tzdata so users could set the timezones through the environment # variables && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index debe3ac7..517fc646 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -99,6 +99,8 @@ RUN set -x \ # Bring in tzdata so users could set the timezones through the environment # variables && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 72c0c92f..890a455d 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -85,7 +85,8 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 8049d482..d14be027 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -84,7 +84,8 @@ RUN set -x \ && apt-get install --no-install-recommends --no-install-suggests -y \ $nginxPackages \ gettext-base \ - && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ \ # if we have leftovers from building, let's purge them (including extra, unnecessary build deps) && if [ -n "$tempDir" ]; then \ From 70e44865208627c5ada57242b46920205603c096 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 23 Apr 2020 17:32:05 +0300 Subject: [PATCH 050/113] Updated njs to 0.4.0 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 4 ++-- stable/alpine/Dockerfile | 4 ++-- stable/buster-perl/Dockerfile | 2 +- stable/buster/Dockerfile | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 1d46a0c5..d14ebc4b 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 5d3bea96..6b839186 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index eabb7223..456baaa9 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 4c2cc9a7..da207926 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index e094aca8..8aa45d0c 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1 RUN set -x \ @@ -65,7 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up -r 474 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 517fc646..fedb169c 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1 RUN set -x \ @@ -64,7 +64,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ + && hg up -r 474 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 890a455d..f313a7bc 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index d14be027..22085bc5 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.3.9 +ENV NJS_VERSION 0.4.0 ENV PKG_RELEASE 1~buster RUN set -x \ From 8ec60b8d3132eb78a2c9ec120490095142f9bcab Mon Sep 17 00:00:00 2001 From: J0WI Date: Thu, 30 Apr 2020 22:42:57 +0200 Subject: [PATCH 051/113] Update supported architectures (fix #405) Added: - arm32v7 for Alpine - arm32v5 and mips64le for Debian --- generate-stackbrew-library.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 1f506244..13e252de 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -64,7 +64,7 @@ for version in "${versions[@]}"; do echo cat <<-EOE Tags: $(join ', ' "${versionAliases[@]}") - Architectures: amd64, arm32v7, arm64v8, i386, ppc64le, s390x + Architectures: amd64, arm32v5, arm32v7, arm64v8, i386, mips64le, ppc64le, s390x GitCommit: $commit Directory: $version/$base EOE @@ -78,7 +78,7 @@ for version in "${versions[@]}"; do echo cat <<-EOE Tags: $(join ', ' "${variantAliases[@]}") - Architectures: amd64, arm32v7, arm64v8, i386, ppc64le, s390x + Architectures: amd64, arm32v5, arm32v7, arm64v8, i386, mips64le, ppc64le, s390x GitCommit: $commit Directory: $version/$variant EOE @@ -93,7 +93,7 @@ for version in "${versions[@]}"; do echo cat <<-EOE Tags: $(join ', ' "${variantAliases[@]}") - Architectures: amd64, arm32v6, arm64v8, i386, ppc64le, s390x + Architectures: arm64v8, arm32v6, arm32v7, ppc64le, s390x, i386, amd64 GitCommit: $commit Directory: $version/$variant EOE From 1acd7f697e11482edfdb0b3779f39aa3d0529cd0 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 26 May 2020 00:37:55 +0300 Subject: [PATCH 052/113] Reduced the number of layers in debian-based images --- mainline/buster-perl/Dockerfile | 10 ++++------ mainline/buster/Dockerfile | 10 ++++------ stable/buster-perl/Dockerfile | 10 ++++------ stable/buster/Dockerfile | 10 ++++------ 4 files changed, 16 insertions(+), 24 deletions(-) diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 456baaa9..294f86ec 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -92,14 +92,12 @@ RUN set -x \ && if [ -n "$tempDir" ]; then \ apt-get purge -y --auto-remove \ && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi - + fi \ # forward request and error logs to docker log collector -RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 -RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ /etc/nginx/conf.d/default.conf EXPOSE 80 diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index da207926..70421716 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -91,14 +91,12 @@ RUN set -x \ && if [ -n "$tempDir" ]; then \ apt-get purge -y --auto-remove \ && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi - + fi \ # forward request and error logs to docker log collector -RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 -RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ /etc/nginx/conf.d/default.conf EXPOSE 80 diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index f313a7bc..2cc01e50 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -92,14 +92,12 @@ RUN set -x \ && if [ -n "$tempDir" ]; then \ apt-get purge -y --auto-remove \ && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi - + fi \ # forward request and error logs to docker log collector -RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 -RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ /etc/nginx/conf.d/default.conf EXPOSE 80 diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 22085bc5..cce6f7d0 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -91,14 +91,12 @@ RUN set -x \ && if [ -n "$tempDir" ]; then \ apt-get purge -y --auto-remove \ && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ - fi - + fi \ # forward request and error logs to docker log collector -RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 -RUN sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ + && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ /etc/nginx/conf.d/default.conf EXPOSE 80 From e36b4f57b77618787caae825a72b93f8f40a8f74 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 26 May 2020 16:19:14 +0300 Subject: [PATCH 053/113] Introduced entrypoint This allows to launch configuration scripts on the start of container. --- mainline/alpine-perl/Dockerfile | 7 ++++- mainline/alpine-perl/docker-entrypoint.sh | 31 +++++++++++++++++++++++ mainline/alpine/Dockerfile | 7 ++++- mainline/alpine/docker-entrypoint.sh | 31 +++++++++++++++++++++++ mainline/buster-perl/Dockerfile | 7 ++++- mainline/buster-perl/docker-entrypoint.sh | 31 +++++++++++++++++++++++ mainline/buster/Dockerfile | 7 ++++- mainline/buster/docker-entrypoint.sh | 31 +++++++++++++++++++++++ stable/alpine-perl/Dockerfile | 7 ++++- stable/alpine-perl/docker-entrypoint.sh | 31 +++++++++++++++++++++++ stable/alpine/Dockerfile | 7 ++++- stable/alpine/docker-entrypoint.sh | 31 +++++++++++++++++++++++ stable/buster-perl/Dockerfile | 7 ++++- stable/buster-perl/docker-entrypoint.sh | 31 +++++++++++++++++++++++ stable/buster/Dockerfile | 7 ++++- stable/buster/docker-entrypoint.sh | 31 +++++++++++++++++++++++ 16 files changed, 296 insertions(+), 8 deletions(-) create mode 100755 mainline/alpine-perl/docker-entrypoint.sh create mode 100755 mainline/alpine/docker-entrypoint.sh create mode 100755 mainline/buster-perl/docker-entrypoint.sh create mode 100755 mainline/buster/docker-entrypoint.sh create mode 100755 stable/alpine-perl/docker-entrypoint.sh create mode 100755 stable/alpine/docker-entrypoint.sh create mode 100755 stable/buster-perl/docker-entrypoint.sh create mode 100755 stable/buster/docker-entrypoint.sh diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index d14ebc4b..3fef8fbe 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -107,7 +107,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/alpine-perl/docker-entrypoint.sh b/mainline/alpine-perl/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/mainline/alpine-perl/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 6b839186..619fc4e9 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -106,7 +106,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/alpine/docker-entrypoint.sh b/mainline/alpine/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/mainline/alpine/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 294f86ec..26ac40dd 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -98,7 +98,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/buster-perl/docker-entrypoint.sh b/mainline/buster-perl/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/mainline/buster-perl/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 70421716..392e0526 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -97,7 +97,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/buster/docker-entrypoint.sh b/mainline/buster/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/mainline/buster/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 8aa45d0c..d470dada 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -107,7 +107,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine-perl/docker-entrypoint.sh b/stable/alpine-perl/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/stable/alpine-perl/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index fedb169c..32c6746d 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -106,7 +106,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine/docker-entrypoint.sh b/stable/alpine/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/stable/alpine/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 2cc01e50..59bcfb0f 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -98,7 +98,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/buster-perl/docker-entrypoint.sh b/stable/buster-perl/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/stable/buster-perl/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index cce6f7d0..3b906795 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -97,7 +97,12 @@ RUN set -x \ && ln -sf /dev/stderr /var/log/nginx/error.log \ # make default server listen on ipv6 && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf + /etc/nginx/conf.d/default.conf \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/buster/docker-entrypoint.sh b/stable/buster/docker-entrypoint.sh new file mode 100755 index 00000000..3836402b --- /dev/null +++ b/stable/buster/docker-entrypoint.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env sh +# vim:sw=4:ts=4:et + +set -e + +if [ "$1" = "nginx" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" + + echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do + echo "$0: Launching $f"; + "$f" + done + + # warn on shell scripts without exec bit + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do + echo "$0: Ignoring $f, not executable"; + done + # warn on filetypes we don't know what to do with + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do + echo "$0: Ignoring $f"; + done + + echo "$0: Initial configuration complete; ready for start up" + else + echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + fi +fi + +exec "$@" From 47f11ab83f79a6c445c5c5c14dbad5b577a01019 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 26 May 2020 16:29:45 +0300 Subject: [PATCH 054/113] Enable ipv6 listens on the containers where ipv6 is detected This aims to fix #394. IPv6 will not be enabled if /proc/net/if_inet6 is not available inside a container or a default.conf differs from the one installed by the package manager. Those who modify default.conf are considered savvy enough to enable ipv6 via custom configuration. --- .../10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ mainline/alpine-perl/Dockerfile | 4 +- .../alpine/10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ mainline/alpine/Dockerfile | 4 +- .../10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ mainline/buster-perl/Dockerfile | 4 +- .../buster/10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ mainline/buster/Dockerfile | 4 +- .../10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ stable/alpine-perl/Dockerfile | 4 +- stable/alpine/10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ stable/alpine/Dockerfile | 4 +- .../10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ stable/buster-perl/Dockerfile | 4 +- stable/buster/10-listen-on-ipv6-by-default.sh | 60 +++++++++++++++++++ stable/buster/Dockerfile | 4 +- 16 files changed, 488 insertions(+), 24 deletions(-) create mode 100755 mainline/alpine-perl/10-listen-on-ipv6-by-default.sh create mode 100755 mainline/alpine/10-listen-on-ipv6-by-default.sh create mode 100755 mainline/buster-perl/10-listen-on-ipv6-by-default.sh create mode 100755 mainline/buster/10-listen-on-ipv6-by-default.sh create mode 100755 stable/alpine-perl/10-listen-on-ipv6-by-default.sh create mode 100755 stable/alpine/10-listen-on-ipv6-by-default.sh create mode 100755 stable/buster-perl/10-listen-on-ipv6-by-default.sh create mode 100755 stable/buster/10-listen-on-ipv6-by-default.sh diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 3fef8fbe..3ac6f431 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -105,13 +105,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 619fc4e9..afc8a8f1 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -104,13 +104,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 26ac40dd..8bf66cfb 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -96,13 +96,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 392e0526..4529d063 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -95,13 +95,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index d470dada..f2556fbb 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -105,13 +105,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 32c6746d..46267047 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -104,13 +104,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 59bcfb0f..5212e28e 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -96,13 +96,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..4c52245b --- /dev/null +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ -f "/proc/net/if_inet6" ]; then + continue +else + echo "$ME: ipv6 not available, exiting" 1>&2 + exit 0 +fi + + +if [ -f "/$DEFAULT_CONF_FILE" ]; then + continue +else + echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + exit 0 +fi + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo "$ME: can not guess the operating system, exiting" 1>&2 + exit 0 +fi + +echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + exit 0 + } + ;; + *) + echo "$ME: Unsupported distribution, exiting" 1>&2 + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 3b906795..3050aa88 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -95,13 +95,11 @@ RUN set -x \ # forward request and error logs to docker log collector && ln -sf /dev/stdout /var/log/nginx/access.log \ && ln -sf /dev/stderr /var/log/nginx/error.log \ -# make default server listen on ipv6 - && sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' \ - /etc/nginx/conf.d/default.conf \ # create a docker-entrypoint.d directory && mkdir /docker-entrypoint.d COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 From cd98e75ce640e77633cd79035e41c9a122897fdf Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 26 May 2020 16:38:20 +0300 Subject: [PATCH 055/113] Run envsubst on container start to make templating easier This entrypoint script will look for files in /etc/nginx/templates/ with a ".conf.template" suffix, run them through envsubst replacing defined environment variables, and output to /etc/nginx/conf.d/ preserving file name sans .template. Fixes #232. --- .../alpine-perl/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ mainline/alpine-perl/Dockerfile | 1 + mainline/alpine/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ mainline/alpine/Dockerfile | 1 + .../buster-perl/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ mainline/buster-perl/Dockerfile | 1 + mainline/buster/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ mainline/buster/Dockerfile | 1 + .../alpine-perl/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ stable/alpine-perl/Dockerfile | 1 + stable/alpine/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ stable/alpine/Dockerfile | 1 + .../buster-perl/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ stable/buster-perl/Dockerfile | 1 + stable/buster/20-envsubst-on-templates.sh | 32 +++++++++++++++++++ stable/buster/Dockerfile | 1 + 16 files changed, 264 insertions(+) create mode 100755 mainline/alpine-perl/20-envsubst-on-templates.sh create mode 100755 mainline/alpine/20-envsubst-on-templates.sh create mode 100755 mainline/buster-perl/20-envsubst-on-templates.sh create mode 100755 mainline/buster/20-envsubst-on-templates.sh create mode 100755 stable/alpine-perl/20-envsubst-on-templates.sh create mode 100755 stable/alpine/20-envsubst-on-templates.sh create mode 100755 stable/buster-perl/20-envsubst-on-templates.sh create mode 100755 stable/buster/20-envsubst-on-templates.sh diff --git a/mainline/alpine-perl/20-envsubst-on-templates.sh b/mainline/alpine-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/mainline/alpine-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 3ac6f431..3202a052 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -110,6 +110,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/alpine/20-envsubst-on-templates.sh b/mainline/alpine/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/mainline/alpine/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index afc8a8f1..e660c4c0 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -109,6 +109,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/buster-perl/20-envsubst-on-templates.sh b/mainline/buster-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/mainline/buster-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 8bf66cfb..e7ce8739 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -101,6 +101,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/buster/20-envsubst-on-templates.sh b/mainline/buster/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/mainline/buster/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 4529d063..856f3fd0 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -100,6 +100,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine-perl/20-envsubst-on-templates.sh b/stable/alpine-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/stable/alpine-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index f2556fbb..c4e7d17e 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -110,6 +110,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine/20-envsubst-on-templates.sh b/stable/alpine/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/stable/alpine/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 46267047..09e6b618 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -109,6 +109,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/buster-perl/20-envsubst-on-templates.sh b/stable/buster-perl/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/stable/buster-perl/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 5212e28e..bb582472 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -101,6 +101,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/buster/20-envsubst-on-templates.sh b/stable/buster/20-envsubst-on-templates.sh new file mode 100755 index 00000000..b2b6e123 --- /dev/null +++ b/stable/buster/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + return 0 + fi + for template in $(find "$template_dir" -follow -name "*$suffix"); do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 3050aa88..6c98f2f7 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -100,6 +100,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 From 6c7dde575cecad8d6f8ec486ca9d4b76358e643e Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 26 May 2020 19:22:41 +0300 Subject: [PATCH 056/113] Updated mainline nginx to 1.19.0 and njs to 0.4.1 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 3202a052..ab362874 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.4.0 +ENV NGINX_VERSION 1.19.0 +ENV NJS_VERSION 0.4.1 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index e660c4c0..b33795b7 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.4.0 +ENV NGINX_VERSION 1.19.0 +ENV NJS_VERSION 0.4.1 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index e7ce8739..f4a99ce4 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.4.0 +ENV NGINX_VERSION 1.19.0 +ENV NJS_VERSION 0.4.1 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 856f3fd0..88784152 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.17.10 -ENV NJS_VERSION 0.4.0 +ENV NGINX_VERSION 1.19.0 +ENV NJS_VERSION 0.4.1 ENV PKG_RELEASE 1~buster RUN set -x \ From 41e6b2c686dc811e82aaca7db79dd0813432083b Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 28 May 2020 14:49:00 +0300 Subject: [PATCH 057/113] ipv6-listen: deal with edge cases and fixes - remove undefined behaviour from the if statements - exit early if a file already has an ipv6 listen - fixed md5sum check --- .../alpine-perl/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- mainline/alpine/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- .../buster-perl/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- mainline/buster/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- stable/alpine/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- stable/buster-perl/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- stable/buster/10-listen-on-ipv6-by-default.sh | 14 ++++++-------- 8 files changed, 48 insertions(+), 64 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 4c52245b..0ee48721 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -7,21 +7,19 @@ ME=$(basename $0) DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available -if [ -f "/proc/net/if_inet6" ]; then - continue -else +if [ ! -f "/proc/net/if_inet6" ]; then echo "$ME: ipv6 not available, exiting" 1>&2 exit 0 fi - -if [ -f "/$DEFAULT_CONF_FILE" ]; then - continue -else +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 exit 0 fi +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } + if [ -f "/etc/os-release" ]; then . /etc/os-release else @@ -34,7 +32,7 @@ echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) - echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 exit 0 } From 383bbaa29ff990a0583466c152805ab79966f102 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 29 May 2020 18:07:39 +0300 Subject: [PATCH 058/113] 20-env-subst: guard against whitespaces in file/folder names Additionally, ignore folders that could match suffixes. --- mainline/alpine-perl/20-envsubst-on-templates.sh | 2 +- mainline/alpine/20-envsubst-on-templates.sh | 2 +- mainline/buster-perl/20-envsubst-on-templates.sh | 2 +- mainline/buster/20-envsubst-on-templates.sh | 2 +- stable/alpine-perl/20-envsubst-on-templates.sh | 2 +- stable/alpine/20-envsubst-on-templates.sh | 2 +- stable/buster-perl/20-envsubst-on-templates.sh | 2 +- stable/buster/20-envsubst-on-templates.sh | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/20-envsubst-on-templates.sh b/mainline/alpine-perl/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/mainline/alpine-perl/20-envsubst-on-templates.sh +++ b/mainline/alpine-perl/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") diff --git a/mainline/alpine/20-envsubst-on-templates.sh b/mainline/alpine/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/mainline/alpine/20-envsubst-on-templates.sh +++ b/mainline/alpine/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") diff --git a/mainline/buster-perl/20-envsubst-on-templates.sh b/mainline/buster-perl/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/mainline/buster-perl/20-envsubst-on-templates.sh +++ b/mainline/buster-perl/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") diff --git a/mainline/buster/20-envsubst-on-templates.sh b/mainline/buster/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/mainline/buster/20-envsubst-on-templates.sh +++ b/mainline/buster/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") diff --git a/stable/alpine-perl/20-envsubst-on-templates.sh b/stable/alpine-perl/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/stable/alpine-perl/20-envsubst-on-templates.sh +++ b/stable/alpine-perl/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") diff --git a/stable/alpine/20-envsubst-on-templates.sh b/stable/alpine/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/stable/alpine/20-envsubst-on-templates.sh +++ b/stable/alpine/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") diff --git a/stable/buster-perl/20-envsubst-on-templates.sh b/stable/buster-perl/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/stable/buster-perl/20-envsubst-on-templates.sh +++ b/stable/buster-perl/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") diff --git a/stable/buster/20-envsubst-on-templates.sh b/stable/buster/20-envsubst-on-templates.sh index b2b6e123..4d202a6f 100755 --- a/stable/buster/20-envsubst-on-templates.sh +++ b/stable/buster/20-envsubst-on-templates.sh @@ -16,7 +16,7 @@ auto_envsubst() { echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 return 0 fi - for template in $(find "$template_dir" -follow -name "*$suffix"); do + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do relative_path="${template#$template_dir/}" output_path="$output_dir/${relative_path%$suffix}" subdir=$(dirname "$relative_path") From 0b607f324d208664f37f7c1136ada6b249ddcd9b Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Mon, 1 Jun 2020 12:31:24 +0300 Subject: [PATCH 059/113] docker-entrypoint: multiple changes - allow to run with nginx-debug cmd - prevent running if /docker-entrypoint.d was replaced with unreadable or empty dir - don't run find multiple times --- mainline/alpine-perl/docker-entrypoint.sh | 35 ++++++++++++----------- mainline/alpine/docker-entrypoint.sh | 35 ++++++++++++----------- mainline/buster-perl/docker-entrypoint.sh | 35 ++++++++++++----------- mainline/buster/docker-entrypoint.sh | 35 ++++++++++++----------- stable/alpine-perl/docker-entrypoint.sh | 35 ++++++++++++----------- stable/alpine/docker-entrypoint.sh | 35 ++++++++++++----------- stable/buster-perl/docker-entrypoint.sh | 35 ++++++++++++----------- stable/buster/docker-entrypoint.sh | 35 ++++++++++++----------- 8 files changed, 144 insertions(+), 136 deletions(-) diff --git a/mainline/alpine-perl/docker-entrypoint.sh b/mainline/alpine-perl/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/mainline/alpine-perl/docker-entrypoint.sh +++ b/mainline/alpine-perl/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/mainline/alpine/docker-entrypoint.sh b/mainline/alpine/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/mainline/alpine/docker-entrypoint.sh +++ b/mainline/alpine/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/mainline/buster-perl/docker-entrypoint.sh b/mainline/buster-perl/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/mainline/buster-perl/docker-entrypoint.sh +++ b/mainline/buster-perl/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/mainline/buster/docker-entrypoint.sh b/mainline/buster/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/mainline/buster/docker-entrypoint.sh +++ b/mainline/buster/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/alpine-perl/docker-entrypoint.sh b/stable/alpine-perl/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/stable/alpine-perl/docker-entrypoint.sh +++ b/stable/alpine-perl/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/alpine/docker-entrypoint.sh b/stable/alpine/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/stable/alpine/docker-entrypoint.sh +++ b/stable/alpine/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/buster-perl/docker-entrypoint.sh b/stable/buster-perl/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/stable/buster-perl/docker-entrypoint.sh +++ b/stable/buster-perl/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/buster/docker-entrypoint.sh b/stable/buster/docker-entrypoint.sh index 3836402b..6d7ee8c9 100755 --- a/stable/buster/docker-entrypoint.sh +++ b/stable/buster/docker-entrypoint.sh @@ -3,28 +3,29 @@ set -e -if [ "$1" = "nginx" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform an initial configuration" +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo "$0: Looking for shell scripts in /docker-entrypoint.d/" - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -executable | sort -n); do - echo "$0: Launching $f"; - "$f" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo "$0: Ignoring $f, not executable"; + fi + ;; + *) echo "$0: Ignoring $f";; + esac done - # warn on shell scripts without exec bit - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.sh" -not -executable); do - echo "$0: Ignoring $f, not executable"; - done - # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh"); do - echo "$0: Ignoring $f"; - done - - echo "$0: Initial configuration complete; ready for start up" + echo "$0: Configuration complete; ready for start up" else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration" + echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi From 2ef3fa66f2a434cd5e44e35a02f4ac502cf50808 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 2 Jun 2020 18:22:29 +0300 Subject: [PATCH 060/113] ipv6-listen: detect if default.conf is writable Fixes #416 --- mainline/alpine-perl/10-listen-on-ipv6-by-default.sh | 3 +++ mainline/alpine/10-listen-on-ipv6-by-default.sh | 3 +++ mainline/buster-perl/10-listen-on-ipv6-by-default.sh | 3 +++ mainline/buster/10-listen-on-ipv6-by-default.sh | 3 +++ stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 3 +++ stable/alpine/10-listen-on-ipv6-by-default.sh | 3 +++ stable/buster-perl/10-listen-on-ipv6-by-default.sh | 3 +++ stable/buster/10-listen-on-ipv6-by-default.sh | 3 +++ 8 files changed, 24 insertions(+) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 0ee48721..6885a9db 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -17,6 +17,9 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then exit 0 fi +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } + # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } From d8cbd8e266ea39d188590cd8cd26ae08fbbe3d59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= Date: Fri, 12 Jun 2020 22:04:18 +0200 Subject: [PATCH 061/113] Use /bin/sh in shebang instead of /usr/bin/env A POSIX compatible sh is guaranteed to be available as /bin/sh. By not using /usr/bin/env simply whitelisting /docker-entrypoint.sh within mandatory access control frameworks, such as AppArmor, is sufficient. When /usr/bin/env is used /docker-entrypoint.sh and the shell that provides sh (e.g. /bin/dash for debian based images) need to be whitelisted, increasing the possible attack area, by providing access to a full shell. --- mainline/alpine-perl/docker-entrypoint.sh | 2 +- mainline/alpine/docker-entrypoint.sh | 2 +- mainline/buster-perl/docker-entrypoint.sh | 2 +- mainline/buster/docker-entrypoint.sh | 2 +- stable/alpine-perl/docker-entrypoint.sh | 2 +- stable/alpine/docker-entrypoint.sh | 2 +- stable/buster-perl/docker-entrypoint.sh | 2 +- stable/buster/docker-entrypoint.sh | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/docker-entrypoint.sh b/mainline/alpine-perl/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/mainline/alpine-perl/docker-entrypoint.sh +++ b/mainline/alpine-perl/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e diff --git a/mainline/alpine/docker-entrypoint.sh b/mainline/alpine/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/mainline/alpine/docker-entrypoint.sh +++ b/mainline/alpine/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e diff --git a/mainline/buster-perl/docker-entrypoint.sh b/mainline/buster-perl/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/mainline/buster-perl/docker-entrypoint.sh +++ b/mainline/buster-perl/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e diff --git a/mainline/buster/docker-entrypoint.sh b/mainline/buster/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/mainline/buster/docker-entrypoint.sh +++ b/mainline/buster/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e diff --git a/stable/alpine-perl/docker-entrypoint.sh b/stable/alpine-perl/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/stable/alpine-perl/docker-entrypoint.sh +++ b/stable/alpine-perl/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e diff --git a/stable/alpine/docker-entrypoint.sh b/stable/alpine/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/stable/alpine/docker-entrypoint.sh +++ b/stable/alpine/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e diff --git a/stable/buster-perl/docker-entrypoint.sh b/stable/buster-perl/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/stable/buster-perl/docker-entrypoint.sh +++ b/stable/buster-perl/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e diff --git a/stable/buster/docker-entrypoint.sh b/stable/buster/docker-entrypoint.sh index 6d7ee8c9..63c6905c 100755 --- a/stable/buster/docker-entrypoint.sh +++ b/stable/buster/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh # vim:sw=4:ts=4:et set -e From a86ccdc94e394d9cf93c13a0e6a0dd0cca48d64d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexandre=20Salom=C3=A9?= Date: Mon, 8 Jun 2020 10:40:57 +0200 Subject: [PATCH 062/113] Add NGINX_ENTRYPOINT_QUIET_LOGS environment variable --- .../10-listen-on-ipv6-by-default.sh | 8 ++++---- .../alpine-perl/20-envsubst-on-templates.sh | 2 +- mainline/alpine-perl/docker-entrypoint.sh | 20 ++++++++++++------- .../alpine/10-listen-on-ipv6-by-default.sh | 8 ++++---- mainline/alpine/20-envsubst-on-templates.sh | 2 +- mainline/alpine/docker-entrypoint.sh | 20 ++++++++++++------- .../10-listen-on-ipv6-by-default.sh | 8 ++++---- .../buster-perl/20-envsubst-on-templates.sh | 2 +- mainline/buster-perl/docker-entrypoint.sh | 20 ++++++++++++------- .../buster/10-listen-on-ipv6-by-default.sh | 8 ++++---- mainline/buster/20-envsubst-on-templates.sh | 2 +- mainline/buster/docker-entrypoint.sh | 20 ++++++++++++------- .../10-listen-on-ipv6-by-default.sh | 8 ++++---- .../alpine-perl/20-envsubst-on-templates.sh | 2 +- stable/alpine-perl/docker-entrypoint.sh | 20 ++++++++++++------- stable/alpine/10-listen-on-ipv6-by-default.sh | 8 ++++---- stable/alpine/20-envsubst-on-templates.sh | 2 +- stable/alpine/docker-entrypoint.sh | 20 ++++++++++++------- .../10-listen-on-ipv6-by-default.sh | 8 ++++---- .../buster-perl/20-envsubst-on-templates.sh | 2 +- stable/buster-perl/docker-entrypoint.sh | 20 ++++++++++++------- stable/buster/10-listen-on-ipv6-by-default.sh | 8 ++++---- stable/buster/20-envsubst-on-templates.sh | 2 +- stable/buster/docker-entrypoint.sh | 20 ++++++++++++------- 24 files changed, 144 insertions(+), 96 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/alpine-perl/20-envsubst-on-templates.sh b/mainline/alpine-perl/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/mainline/alpine-perl/20-envsubst-on-templates.sh +++ b/mainline/alpine-perl/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/mainline/alpine-perl/docker-entrypoint.sh b/mainline/alpine-perl/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/mainline/alpine-perl/docker-entrypoint.sh +++ b/mainline/alpine-perl/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/alpine/20-envsubst-on-templates.sh b/mainline/alpine/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/mainline/alpine/20-envsubst-on-templates.sh +++ b/mainline/alpine/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/mainline/alpine/docker-entrypoint.sh b/mainline/alpine/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/mainline/alpine/docker-entrypoint.sh +++ b/mainline/alpine/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/buster-perl/20-envsubst-on-templates.sh b/mainline/buster-perl/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/mainline/buster-perl/20-envsubst-on-templates.sh +++ b/mainline/buster-perl/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/mainline/buster-perl/docker-entrypoint.sh b/mainline/buster-perl/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/mainline/buster-perl/docker-entrypoint.sh +++ b/mainline/buster-perl/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/buster/20-envsubst-on-templates.sh b/mainline/buster/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/mainline/buster/20-envsubst-on-templates.sh +++ b/mainline/buster/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/mainline/buster/docker-entrypoint.sh b/mainline/buster/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/mainline/buster/docker-entrypoint.sh +++ b/mainline/buster/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/alpine-perl/20-envsubst-on-templates.sh b/stable/alpine-perl/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/stable/alpine-perl/20-envsubst-on-templates.sh +++ b/stable/alpine-perl/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/stable/alpine-perl/docker-entrypoint.sh b/stable/alpine-perl/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/stable/alpine-perl/docker-entrypoint.sh +++ b/stable/alpine-perl/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/alpine/20-envsubst-on-templates.sh b/stable/alpine/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/stable/alpine/20-envsubst-on-templates.sh +++ b/stable/alpine/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/stable/alpine/docker-entrypoint.sh b/stable/alpine/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/stable/alpine/docker-entrypoint.sh +++ b/stable/alpine/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/buster-perl/20-envsubst-on-templates.sh b/stable/buster-perl/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/stable/buster-perl/20-envsubst-on-templates.sh +++ b/stable/buster-perl/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/stable/buster-perl/docker-entrypoint.sh b/stable/buster-perl/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/stable/buster-perl/docker-entrypoint.sh +++ b/stable/buster-perl/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 6885a9db..8ce9e9a3 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -18,10 +18,10 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -30,7 +30,7 @@ else exit 0 fi -echo "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/buster/20-envsubst-on-templates.sh b/stable/buster/20-envsubst-on-templates.sh index 4d202a6f..38df3a67 100755 --- a/stable/buster/20-envsubst-on-templates.sh +++ b/stable/buster/20-envsubst-on-templates.sh @@ -22,7 +22,7 @@ auto_envsubst() { subdir=$(dirname "$relative_path") # create a subdirectory where the template file exists mkdir -p "$output_dir/$subdir" - echo "$ME: Running envsubst on $template to $output_path" + echo >&3 "$ME: Running envsubst on $template to $output_path" envsubst "$defined_envs" < "$template" > "$output_path" done } diff --git a/stable/buster/docker-entrypoint.sh b/stable/buster/docker-entrypoint.sh index 63c6905c..88732541 100755 --- a/stable/buster/docker-entrypoint.sh +++ b/stable/buster/docker-entrypoint.sh @@ -3,29 +3,35 @@ set -e +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - echo "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - echo "$0: Looking for shell scripts in /docker-entrypoint.d/" + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then - echo "$0: Launching $f"; + echo >&3 "$0: Launching $f"; "$f" else # warn on shell scripts without exec bit - echo "$0: Ignoring $f, not executable"; + echo >&3 "$0: Ignoring $f, not executable"; fi ;; - *) echo "$0: Ignoring $f";; + *) echo >&3 "$0: Ignoring $f";; esac done - echo "$0: Configuration complete; ready for start up" + echo >&3 "$0: Configuration complete; ready for start up" else - echo "$0: No files found in /docker-entrypoint.d/, skipping configuration" + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" fi fi From 172571e53c1c6dacc86bcef2b09abf91c451bd69 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 17 Jun 2020 14:24:07 +0300 Subject: [PATCH 063/113] ipv6 listen: put r/o filesystem alert to stderr --- mainline/alpine-perl/10-listen-on-ipv6-by-default.sh | 2 +- mainline/alpine/10-listen-on-ipv6-by-default.sh | 2 +- mainline/buster-perl/10-listen-on-ipv6-by-default.sh | 2 +- mainline/buster/10-listen-on-ipv6-by-default.sh | 2 +- stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 2 +- stable/alpine/10-listen-on-ipv6-by-default.sh | 2 +- stable/buster-perl/10-listen-on-ipv6-by-default.sh | 2 +- stable/buster/10-listen-on-ipv6-by-default.sh | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 8ce9e9a3..85418f3c 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } From 6086122863e2d269dd99b63ed7b2f0e95821dc0b Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 17 Jun 2020 14:38:57 +0300 Subject: [PATCH 064/113] Reworded entrypoint scripts error messages to avoid confusion Fixes #419 --- .../alpine-perl/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- mainline/alpine-perl/20-envsubst-on-templates.sh | 2 +- mainline/alpine/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- mainline/alpine/20-envsubst-on-templates.sh | 2 +- .../buster-perl/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- mainline/buster-perl/20-envsubst-on-templates.sh | 2 +- mainline/buster/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- mainline/buster/20-envsubst-on-templates.sh | 2 +- .../alpine-perl/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- stable/alpine-perl/20-envsubst-on-templates.sh | 2 +- stable/alpine/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- stable/alpine/20-envsubst-on-templates.sh | 2 +- .../buster-perl/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- stable/buster-perl/20-envsubst-on-templates.sh | 2 +- stable/buster/10-listen-on-ipv6-by-default.sh | 16 ++++++++-------- stable/buster/20-envsubst-on-templates.sh | 2 +- 16 files changed, 72 insertions(+), 72 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/mainline/alpine-perl/20-envsubst-on-templates.sh b/mainline/alpine-perl/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/mainline/alpine-perl/20-envsubst-on-templates.sh +++ b/mainline/alpine-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/mainline/alpine/20-envsubst-on-templates.sh b/mainline/alpine/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/mainline/alpine/20-envsubst-on-templates.sh +++ b/mainline/alpine/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/mainline/buster-perl/20-envsubst-on-templates.sh b/mainline/buster-perl/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/mainline/buster-perl/20-envsubst-on-templates.sh +++ b/mainline/buster-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/mainline/buster/20-envsubst-on-templates.sh b/mainline/buster/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/mainline/buster/20-envsubst-on-templates.sh +++ b/mainline/buster/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/stable/alpine-perl/20-envsubst-on-templates.sh b/stable/alpine-perl/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/stable/alpine-perl/20-envsubst-on-templates.sh +++ b/stable/alpine-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/stable/alpine/20-envsubst-on-templates.sh b/stable/alpine/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/stable/alpine/20-envsubst-on-templates.sh +++ b/stable/alpine/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/stable/buster-perl/20-envsubst-on-templates.sh b/stable/buster-perl/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/stable/buster-perl/20-envsubst-on-templates.sh +++ b/stable/buster-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 85418f3c..f9cf4dad 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -8,25 +8,25 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: ipv6 not available, exiting" 1>&2 + echo "$ME: error: ipv6 not available" 1>&2 exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: /$DEFAULT_CONF_FILE is not a file or does not exist, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: Can not modify /$DEFAULT_CONF_FILE (read-only file system?), exiting" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: IPv6 listen already enabled, exiting"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: can not guess the operating system, exiting" 1>&2 + echo "$ME: error: can not guess the operating system" 1>&2 exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packaged version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: /$DEFAULT_CONF_FILE differs from the packages version, exiting" 1>&2 + echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 exit 0 } ;; *) - echo "$ME: Unsupported distribution, exiting" 1>&2 + echo "$ME: error: Unsupported distribution" 1>&2 exit 0 ;; esac diff --git a/stable/buster/20-envsubst-on-templates.sh b/stable/buster/20-envsubst-on-templates.sh index 38df3a67..545c765b 100755 --- a/stable/buster/20-envsubst-on-templates.sh +++ b/stable/buster/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable, exiting" 1>&2 + echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do From 3dcf654f100182075f01dcb5f0c1e42c3fa402f2 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 18 Jun 2020 12:26:47 +0300 Subject: [PATCH 065/113] Fixed typo introduced in 172571e53c1c6dacc86bcef2b09abf91c451bd69 --- mainline/alpine-perl/10-listen-on-ipv6-by-default.sh | 2 +- mainline/alpine/10-listen-on-ipv6-by-default.sh | 2 +- mainline/buster-perl/10-listen-on-ipv6-by-default.sh | 2 +- mainline/buster/10-listen-on-ipv6-by-default.sh | 2 +- stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 2 +- stable/alpine/10-listen-on-ipv6-by-default.sh | 2 +- stable/buster-perl/10-listen-on-ipv6-by-default.sh | 2 +- stable/buster/10-listen-on-ipv6-by-default.sh | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index f9cf4dad..9636f4c6 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -18,7 +18,7 @@ if [ ! -f "/$DEFAULT_CONF_FILE" ]; then fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" >1&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } From ea63c8ef2ffbd861e0d504af0451f76dfba95832 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 10 Jul 2020 14:10:16 +0300 Subject: [PATCH 066/113] Updated mainline nginx to 1.19.1 and njs to 0.4.2 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index ab362874..1950ff14 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.0 -ENV NJS_VERSION 0.4.1 +ENV NGINX_VERSION 1.19.1 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index b33795b7..aea7a424 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.0 -ENV NJS_VERSION 0.4.1 +ENV NGINX_VERSION 1.19.1 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index f4a99ce4..033ea6a7 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.0 -ENV NJS_VERSION 0.4.1 +ENV NGINX_VERSION 1.19.1 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 88784152..b7c29cbb 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.0 -ENV NJS_VERSION 0.4.1 +ENV NGINX_VERSION 1.19.1 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1~buster RUN set -x \ From a88587d28928da1134d7a73d4fd2087bef966583 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 10 Jul 2020 14:12:43 +0300 Subject: [PATCH 067/113] Updated njs to 0.4.2 for stable images --- stable/alpine-perl/Dockerfile | 4 ++-- stable/alpine/Dockerfile | 4 ++-- stable/buster-perl/Dockerfile | 2 +- stable/buster/Dockerfile | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index c4e7d17e..da428ec6 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.0 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1 RUN set -x \ @@ -65,7 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 474 \ + && hg up -r 489 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 09e6b618..17cabf24 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.0 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1 RUN set -x \ @@ -64,7 +64,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 474 \ + && hg up -r 489 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index bb582472..ea06f94e 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.0 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 6c98f2f7..2e6c4618 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.0 +ENV NJS_VERSION 0.4.2 ENV PKG_RELEASE 1~buster RUN set -x \ From 793319d7251c03eccecbf27b60e0cfbbd2d1f400 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 10 Jul 2020 14:23:41 +0300 Subject: [PATCH 068/113] Made all entrypoint scripts honour NGINX_ENTRYPOINT_QUIET_LOGS in full Fixes #437 --- .../alpine-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- mainline/alpine-perl/20-envsubst-on-templates.sh | 2 +- mainline/alpine/10-listen-on-ipv6-by-default.sh | 14 +++++++------- mainline/alpine/20-envsubst-on-templates.sh | 2 +- .../buster-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- mainline/buster-perl/20-envsubst-on-templates.sh | 2 +- mainline/buster/10-listen-on-ipv6-by-default.sh | 14 +++++++------- mainline/buster/20-envsubst-on-templates.sh | 2 +- stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/alpine-perl/20-envsubst-on-templates.sh | 2 +- stable/alpine/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/alpine/20-envsubst-on-templates.sh | 2 +- stable/buster-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/buster-perl/20-envsubst-on-templates.sh | 2 +- stable/buster/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/buster/20-envsubst-on-templates.sh | 2 +- 16 files changed, 64 insertions(+), 64 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/mainline/alpine-perl/20-envsubst-on-templates.sh b/mainline/alpine-perl/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/mainline/alpine-perl/20-envsubst-on-templates.sh +++ b/mainline/alpine-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/mainline/alpine/20-envsubst-on-templates.sh b/mainline/alpine/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/mainline/alpine/20-envsubst-on-templates.sh +++ b/mainline/alpine/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/mainline/buster-perl/20-envsubst-on-templates.sh b/mainline/buster-perl/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/mainline/buster-perl/20-envsubst-on-templates.sh +++ b/mainline/buster-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/mainline/buster/20-envsubst-on-templates.sh b/mainline/buster/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/mainline/buster/20-envsubst-on-templates.sh +++ b/mainline/buster/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/stable/alpine-perl/20-envsubst-on-templates.sh b/stable/alpine-perl/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/stable/alpine-perl/20-envsubst-on-templates.sh +++ b/stable/alpine-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/stable/alpine/20-envsubst-on-templates.sh b/stable/alpine/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/stable/alpine/20-envsubst-on-templates.sh +++ b/stable/alpine/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/stable/buster-perl/20-envsubst-on-templates.sh b/stable/buster-perl/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/stable/buster-perl/20-envsubst-on-templates.sh +++ b/stable/buster-perl/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 9636f4c6..9f73f9da 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo "$ME: error: ipv6 not available" 1>&2 + echo >&3 "$ME: error: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)" 1>&2; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } @@ -26,7 +26,7 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo "$ME: error: can not guess the operating system" 1>&2 + echo >&3 "$ME: error: can not guess the operating system" exit 0 fi @@ -36,19 +36,19 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" 1>&2 + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" exit 0 } ;; *) - echo "$ME: error: Unsupported distribution" 1>&2 + echo >&3 "$ME: error: Unsupported distribution" exit 0 ;; esac diff --git a/stable/buster/20-envsubst-on-templates.sh b/stable/buster/20-envsubst-on-templates.sh index 545c765b..4f330295 100755 --- a/stable/buster/20-envsubst-on-templates.sh +++ b/stable/buster/20-envsubst-on-templates.sh @@ -13,7 +13,7 @@ auto_envsubst() { defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) [ -d "$template_dir" ] || return 0 if [ ! -w "$output_dir" ]; then - echo "$ME: ERROR: $template_dir exists, but $output_dir is not writable" 1>&2 + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" return 0 fi find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do From 9774b522d4661effea57a1fbf64c883e699ac3ec Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 13 Aug 2020 11:27:00 +0300 Subject: [PATCH 069/113] Update nginx to 1.19.2 and njs to 0.4.3 on mainline images --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 1950ff14..1fdeb33e 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.1 -ENV NJS_VERSION 0.4.2 +ENV NGINX_VERSION 1.19.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index aea7a424..b2b59d86 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.1 -ENV NJS_VERSION 0.4.2 +ENV NGINX_VERSION 1.19.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 033ea6a7..244c5d6c 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.1 -ENV NJS_VERSION 0.4.2 +ENV NGINX_VERSION 1.19.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index b7c29cbb..6c31244a 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.1 -ENV NJS_VERSION 0.4.2 +ENV NGINX_VERSION 1.19.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1~buster RUN set -x \ From dded647966e2a2d09db621d896be6ee682085d5a Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 13 Aug 2020 11:28:44 +0300 Subject: [PATCH 070/113] Updated njs to 0.4.3 on stable images --- stable/alpine-perl/Dockerfile | 4 ++-- stable/alpine/Dockerfile | 4 ++-- stable/buster-perl/Dockerfile | 2 +- stable/buster/Dockerfile | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index da428ec6..7b44d35f 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1 RUN set -x \ @@ -65,7 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 489 \ + && hg up -r 494 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 17cabf24..f425e7a0 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1 RUN set -x \ @@ -64,7 +64,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 489 \ + && hg up -r 494 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index ea06f94e..5ae0c767 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 2e6c4618..2df09486 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.2 +ENV NJS_VERSION 0.4.3 ENV PKG_RELEASE 1~buster RUN set -x \ From aa41ddeef871b7f0ea64a44f26d3f4aa0e6d5e7b Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 13 Aug 2020 11:29:19 +0300 Subject: [PATCH 071/113] Moved mainline alpine images to 3.12 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 1fdeb33e..631ce29b 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index b2b59d86..6b185bff 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.11 +FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " From 0dc809fa606828a78087cd0a824bed06268d73e0 Mon Sep 17 00:00:00 2001 From: Nicolas Floquet Date: Mon, 5 Oct 2020 13:17:22 +0200 Subject: [PATCH 072/113] Update nginx version to 1.19.3 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/buster-perl/Dockerfile | 4 ++-- mainline/buster/Dockerfile | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 631ce29b..52156c9a 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.2 -ENV NJS_VERSION 0.4.3 +ENV NGINX_VERSION 1.19.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 6b185bff..79ae29e0 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,8 +2,8 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.2 -ENV NJS_VERSION 0.4.3 +ENV NGINX_VERSION 1.19.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index 244c5d6c..ef7c48f8 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.2 -ENV NJS_VERSION 0.4.3 +ENV NGINX_VERSION 1.19.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 6c31244a..c3747bc7 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,8 +2,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.2 -ENV NJS_VERSION 0.4.3 +ENV NGINX_VERSION 1.19.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster RUN set -x \ From 5488180ebdd45b12b45107694dfa92dc878a2795 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Mon, 5 Oct 2020 15:23:50 +0300 Subject: [PATCH 073/113] Updated njs to 0.4.4 on stable images --- stable/alpine-perl/Dockerfile | 4 ++-- stable/alpine/Dockerfile | 4 ++-- stable/buster-perl/Dockerfile | 2 +- stable/buster/Dockerfile | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 7b44d35f..48f7ceda 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 RUN set -x \ @@ -65,7 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 494 \ + && hg up -r 500 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index f425e7a0..9c38a418 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 RUN set -x \ @@ -64,7 +64,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 494 \ + && hg up -r 500 \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 5ae0c767..814652f7 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 2df09486..3200ce0a 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -3,7 +3,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.3 +ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster RUN set -x \ From a4208f853fa3fcb73a146a268fb2d5f0eee7733b Mon Sep 17 00:00:00 2001 From: Vlad GURDIGA Date: Mon, 31 Aug 2020 17:50:21 +0300 Subject: [PATCH 074/113] Fix typo in 10-listen-on-ipv6-by-default.sh --- mainline/alpine-perl/10-listen-on-ipv6-by-default.sh | 2 +- mainline/alpine/10-listen-on-ipv6-by-default.sh | 2 +- mainline/buster-perl/10-listen-on-ipv6-by-default.sh | 2 +- mainline/buster/10-listen-on-ipv6-by-default.sh | 2 +- stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 2 +- stable/alpine/10-listen-on-ipv6-by-default.sh | 2 +- stable/buster-perl/10-listen-on-ipv6-by-default.sh | 2 +- stable/buster/10-listen-on-ipv6-by-default.sh | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 9f73f9da..54366c2c 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -43,7 +43,7 @@ case "$ID" in "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packages version" + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; From aebdace36df83690ca283405efd283bc750ff41e Mon Sep 17 00:00:00 2001 From: J0WI Date: Tue, 3 Nov 2020 23:38:56 +0100 Subject: [PATCH 075/113] Update nginx to 1.19.4 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 52156c9a..7e032074 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.3 +ENV NGINX_VERSION 1.19.4 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 79ae29e0..19bf8d42 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.3 +ENV NGINX_VERSION 1.19.4 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index ef7c48f8..e989dbee 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.3 +ENV NGINX_VERSION 1.19.4 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index c3747bc7..94f0bf66 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -2,7 +2,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.3 +ENV NGINX_VERSION 1.19.4 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster From deff8fbe9d3e8613de110265aa932d84d1827acf Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 5 Nov 2020 12:12:27 +0300 Subject: [PATCH 076/113] Fixed njs package versioning --- mainline/buster-perl/Dockerfile | 2 +- mainline/buster/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mainline/buster-perl/Dockerfile b/mainline/buster-perl/Dockerfile index e989dbee..edba63dc 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/buster-perl/Dockerfile @@ -33,7 +33,7 @@ RUN set -x \ nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386) \ diff --git a/mainline/buster/Dockerfile b/mainline/buster/Dockerfile index 94f0bf66..b3f07e4a 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/buster/Dockerfile @@ -32,7 +32,7 @@ RUN set -x \ nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386) \ From d5f4d236dccea71a84c410170566d397066612a5 Mon Sep 17 00:00:00 2001 From: Dmitry Verkhoturov Date: Tue, 10 Nov 2020 16:14:41 +0100 Subject: [PATCH 077/113] Bump 1.18.0 PKG_RELEASE from 1 to 2 --- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- stable/buster-perl/Dockerfile | 2 +- stable/buster/Dockerfile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 48f7ceda..b6d91ef4 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 1 +ENV PKG_RELEASE 2 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 9c38a418..ec708a03 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 1 +ENV PKG_RELEASE 2 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants diff --git a/stable/buster-perl/Dockerfile b/stable/buster-perl/Dockerfile index 814652f7..2fea6ed0 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/buster-perl/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 1~buster +ENV PKG_RELEASE 2~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants diff --git a/stable/buster/Dockerfile b/stable/buster/Dockerfile index 3200ce0a..5b912320 100644 --- a/stable/buster/Dockerfile +++ b/stable/buster/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NGINX Docker Maintainers " ENV NGINX_VERSION 1.18.0 ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 1~buster +ENV PKG_RELEASE 2~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants From c84a1a2d8845707821af2b79a210b234a805a6a2 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 11 Nov 2020 12:18:37 +0300 Subject: [PATCH 078/113] Lower the severity of logging messages on ipv6-enabling script. Fixes #419 --- mainline/alpine-perl/10-listen-on-ipv6-by-default.sh | 6 +++--- mainline/alpine/10-listen-on-ipv6-by-default.sh | 6 +++--- mainline/buster-perl/10-listen-on-ipv6-by-default.sh | 6 +++--- mainline/buster/10-listen-on-ipv6-by-default.sh | 6 +++--- stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 6 +++--- stable/alpine/10-listen-on-ipv6-by-default.sh | 6 +++--- stable/buster-perl/10-listen-on-ipv6-by-default.sh | 6 +++--- stable/buster/10-listen-on-ipv6-by-default.sh | 6 +++--- 8 files changed, 24 insertions(+), 24 deletions(-) diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster-perl/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/buster/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/mainline/buster/10-listen-on-ipv6-by-default.sh +++ b/mainline/buster/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/buster-perl/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/stable/buster-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/buster-perl/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/buster/10-listen-on-ipv6-by-default.sh index 54366c2c..832918a2 100755 --- a/stable/buster/10-listen-on-ipv6-by-default.sh +++ b/stable/buster/10-listen-on-ipv6-by-default.sh @@ -21,7 +21,7 @@ fi touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart -grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: error: IPv6 listen already enabled"; exit 0; } +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } if [ -f "/etc/os-release" ]; then . /etc/os-release @@ -36,14 +36,14 @@ case "$ID" in "debian") CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; "alpine") CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE differs from the packaged version" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" exit 0 } ;; From 4a6623af8e1035cf32b5cb7829a3e8106406cccd Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 12 Nov 2020 18:19:40 +0300 Subject: [PATCH 079/113] Fixed stable alpine builds on non-amd64 --- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index b6d91ef4..7226df34 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -65,7 +65,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 500 \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index ec708a03..5eddcc29 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -64,7 +64,7 @@ RUN set -x \ && cd ${tempDir} \ && hg clone https://hg.nginx.org/pkg-oss \ && cd pkg-oss \ - && hg up -r 500 \ + && hg up ${NGINX_VERSION}-${PKG_RELEASE} \ && cd alpine \ && make all \ && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ From 56a20ba866321e5e5a3bd7dc2569d4a182e62506 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 18 Nov 2020 21:16:51 +0300 Subject: [PATCH 080/113] Added update script and template to make changes management easier --- Dockerfile-alpine.template | 114 ++++++++++++++++ Dockerfile-debian.template | 105 +++++++++++++++ entrypoint/10-listen-on-ipv6-by-default.sh | 61 +++++++++ entrypoint/20-envsubst-on-templates.sh | 32 +++++ entrypoint/docker-entrypoint.sh | 38 ++++++ update.sh | 148 +++++++++++++++++++++ 6 files changed, 498 insertions(+) create mode 100644 Dockerfile-alpine.template create mode 100644 Dockerfile-debian.template create mode 100755 entrypoint/10-listen-on-ipv6-by-default.sh create mode 100755 entrypoint/20-envsubst-on-templates.sh create mode 100755 entrypoint/docker-entrypoint.sh create mode 100755 update.sh diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template new file mode 100644 index 00000000..56e62f36 --- /dev/null +++ b/Dockerfile-alpine.template @@ -0,0 +1,114 @@ +FROM alpine:%%ALPINE_VERSION%% + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION %%NGINX_VERSION%% +ENV NJS_VERSION %%NJS_VERSION%% +ENV PKG_RELEASE %%PKG_RELEASE%% + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup -g 101 -S nginx \ + && adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \ + && apkArch="$(cat /etc/apk/arch)" \ + && nginxPackages="%%PACKAGES%% + " \ + && case "$apkArch" in \ + x86_64) \ +# arches officially built by upstream + set -x \ + && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ + && apk add --no-cache --virtual .cert-deps \ + openssl \ + && wget -O /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub \ + && if [ "$(openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout | openssl sha512 -r)" = "$KEY_SHA512" ]; then \ + echo "key verification succeeded!"; \ + mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/; \ + else \ + echo "key verification failed!"; \ + exit 1; \ + fi \ + && apk del .cert-deps \ + && apk add -X "%%PACKAGEREPO%%v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" --no-cache $nginxPackages \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published packaging sources + set -x \ + && tempDir="$(mktemp -d)" \ + && chown nobody:nobody $tempDir \ + && apk add --no-cache --virtual .build-deps \ + gcc \ + libc-dev \ + make \ + openssl-dev \ + pcre-dev \ + zlib-dev \ + linux-headers \ + libxslt-dev \ + gd-dev \ + geoip-dev \ + perl-dev \ + libedit-dev \ + mercurial \ + bash \ + alpine-sdk \ + findutils \ + && su nobody -s /bin/sh -c " \ + export HOME=${tempDir} \ + && cd ${tempDir} \ + && hg clone https://hg.nginx.org/pkg-oss \ + && cd pkg-oss \ + && hg up %%REVISION%% \ + && cd alpine \ + && make all \ + && apk index -o ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz ${tempDir}/packages/alpine/${apkArch}/*.apk \ + && abuild-sign -k ${tempDir}/.abuild/abuild-key.rsa ${tempDir}/packages/alpine/${apkArch}/APKINDEX.tar.gz \ + " \ + && cp ${tempDir}/.abuild/abuild-key.rsa.pub /etc/apk/keys/ \ + && apk del .build-deps \ + && apk add -X ${tempDir}/packages/alpine/ --no-cache $nginxPackages \ + ;; \ + esac \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then rm -rf "$tempDir"; fi \ + && if [ -n "/etc/apk/keys/abuild-key.rsa.pub" ]; then rm -f /etc/apk/keys/abuild-key.rsa.pub; fi \ + && if [ -n "/etc/apk/keys/nginx_signing.rsa.pub" ]; then rm -f /etc/apk/keys/nginx_signing.rsa.pub; fi \ +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. + && apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ \ +# Bring in tzdata so users could set the timezones through the environment +# variables + && apk add --no-cache tzdata \ +# Bring in curl and ca-certificates to make registering on DNS SD easier + && apk add --no-cache curl ca-certificates \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGTERM + +CMD ["nginx", "-g", "daemon off;"] diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template new file mode 100644 index 00000000..ca89e8f9 --- /dev/null +++ b/Dockerfile-debian.template @@ -0,0 +1,105 @@ +FROM debian:%%DEBIAN_VERSION%%-slim + +LABEL maintainer="NGINX Docker Maintainers " + +ENV NGINX_VERSION %%NGINX_VERSION%% +ENV NJS_VERSION %%NJS_VERSION%% +ENV PKG_RELEASE %%PKG_RELEASE%% + +RUN set -x \ +# create nginx user/group first, to be consistent throughout docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + found=''; \ + for server in \ + ha.pool.sks-keyservers.net \ + hkp://keyserver.ubuntu.com:80 \ + hkp://p80.pool.sks-keyservers.net:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ + && dpkgArch="$(dpkg --print-architecture)" \ + && nginxPackages="%%PACKAGES%% + " \ + && case "$dpkgArch" in \ + amd64|i386) \ +# arches officialy built by upstream + echo "deb %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \ + && apt-get update \ + ;; \ + *) \ +# we're on an architecture upstream doesn't officially build for +# let's build binaries from the published source packages + echo "deb-src %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \ + \ +# new directory for storing sources and .deb files + && tempDir="$(mktemp -d)" \ + && chmod 777 "$tempDir" \ +# (777 to ensure APT's "_apt" user can access it too) + \ +# save list of currently-installed packages so build dependencies can be cleanly removed later + && savedAptMark="$(apt-mark showmanual)" \ + \ +# build .deb files from upstream's source packages (which are verified by apt-get) + && apt-get update \ + && apt-get build-dep -y $nginxPackages \ + && ( \ + cd "$tempDir" \ + && DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \ + apt-get source --compile $nginxPackages \ + ) \ +# we don't remove APT lists here because they get re-downloaded and removed later + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies +# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies) + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + \ +# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be) + && ls -lAFh "$tempDir" \ + && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \ + && grep '^Package: ' "$tempDir/Packages" \ + && echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \ +# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes") +# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) +# ... +# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied) + && apt-get -o Acquire::GzipIndexes=false update \ + ;; \ + esac \ + \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + gettext-base \ + curl \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \ + \ +# if we have leftovers from building, let's purge them (including extra, unnecessary build deps) + && if [ -n "$tempDir" ]; then \ + apt-get purge -y --auto-remove \ + && rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \ + fi \ +# forward request and error logs to docker log collector + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ +# create a docker-entrypoint.d directory + && mkdir /docker-entrypoint.d + +COPY docker-entrypoint.sh / +COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d +COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 80 + +STOPSIGNAL SIGTERM + +CMD ["nginx", "-g", "daemon off;"] diff --git a/entrypoint/10-listen-on-ipv6-by-default.sh b/entrypoint/10-listen-on-ipv6-by-default.sh new file mode 100755 index 00000000..832918a2 --- /dev/null +++ b/entrypoint/10-listen-on-ipv6-by-default.sh @@ -0,0 +1,61 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +ME=$(basename $0) +DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" + +# check if we have ipv6 available +if [ ! -f "/proc/net/if_inet6" ]; then + echo >&3 "$ME: error: ipv6 not available" + exit 0 +fi + +if [ ! -f "/$DEFAULT_CONF_FILE" ]; then + echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + exit 0 +fi + +# check if the file can be modified, e.g. not on a r/o filesystem +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } + +# check if the file is already modified, e.g. on a container restart +grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } + +if [ -f "/etc/os-release" ]; then + . /etc/os-release +else + echo >&3 "$ME: error: can not guess the operating system" + exit 0 +fi + +echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" + +case "$ID" in + "debian") + CHECKSUM=$(dpkg-query --show --showformat='${Conffiles}\n' nginx | grep $DEFAULT_CONF_FILE | cut -d' ' -f 3) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | md5sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + "alpine") + CHECKSUM=$(apk manifest nginx 2>/dev/null| grep $DEFAULT_CONF_FILE | cut -d' ' -f 1 | cut -d ':' -f 2) + echo "$CHECKSUM /$DEFAULT_CONF_FILE" | sha1sum -c - >/dev/null 2>&1 || { + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE differs from the packaged version" + exit 0 + } + ;; + *) + echo >&3 "$ME: error: Unsupported distribution" + exit 0 + ;; +esac + +# enable ipv6 on default.conf listen sockets +sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE + +echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" + +exit 0 diff --git a/entrypoint/20-envsubst-on-templates.sh b/entrypoint/20-envsubst-on-templates.sh new file mode 100755 index 00000000..4f330295 --- /dev/null +++ b/entrypoint/20-envsubst-on-templates.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +ME=$(basename $0) + +auto_envsubst() { + local template_dir="${NGINX_ENVSUBST_TEMPLATE_DIR:-/etc/nginx/templates}" + local suffix="${NGINX_ENVSUBST_TEMPLATE_SUFFIX:-.template}" + local output_dir="${NGINX_ENVSUBST_OUTPUT_DIR:-/etc/nginx/conf.d}" + + local template defined_envs relative_path output_path subdir + defined_envs=$(printf '${%s} ' $(env | cut -d= -f1)) + [ -d "$template_dir" ] || return 0 + if [ ! -w "$output_dir" ]; then + echo >&3 "$ME: ERROR: $template_dir exists, but $output_dir is not writable" + return 0 + fi + find "$template_dir" -follow -type f -name "*$suffix" -print | while read -r template; do + relative_path="${template#$template_dir/}" + output_path="$output_dir/${relative_path%$suffix}" + subdir=$(dirname "$relative_path") + # create a subdirectory where the template file exists + mkdir -p "$output_dir/$subdir" + echo >&3 "$ME: Running envsubst on $template to $output_path" + envsubst "$defined_envs" < "$template" > "$output_path" + done +} + +auto_envsubst + +exit 0 diff --git a/entrypoint/docker-entrypoint.sh b/entrypoint/docker-entrypoint.sh new file mode 100755 index 00000000..88732541 --- /dev/null +++ b/entrypoint/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +# vim:sw=4:ts=4:et + +set -e + +if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then + exec 3>&1 +else + exec 3>/dev/null +fi + +if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then + echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" + + echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" + find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + case "$f" in + *.sh) + if [ -x "$f" ]; then + echo >&3 "$0: Launching $f"; + "$f" + else + # warn on shell scripts without exec bit + echo >&3 "$0: Ignoring $f, not executable"; + fi + ;; + *) echo >&3 "$0: Ignoring $f";; + esac + done + + echo >&3 "$0: Configuration complete; ready for start up" + else + echo >&3 "$0: No files found in /docker-entrypoint.d/, skipping configuration" + fi +fi + +exec "$@" diff --git a/update.sh b/update.sh new file mode 100755 index 00000000..e0606bd0 --- /dev/null +++ b/update.sh @@ -0,0 +1,148 @@ +#!/usr/bin/env bash +set -Eeuo pipefail +shopt -s nullglob + +cd "$(dirname "$(readlink -f "$BASH_SOURCE")")" + +declare branches=( + "stable" + "mainline" +) + +declare -A nginx=( + [mainline]='1.19.4' + [stable]='1.18.0' +) + +defaultnjs='0.4.4' +declare -A njs=( + #[stable]='0.4.3' +) + +defaultpkg='1' +declare -A pkg=( + [stable]=2 +) + +defaultdebian='buster' +declare -A debian=( + #[stable]='stretch' +) + +defaultalpine='3.12' +declare -A alpine=( + [stable]='3.11' +) + +# When we bump njs version in a stable release we don't move the tag in the +# mercurial repo. This setting allows us to specify a revision to check out +# when building alpine packages on architectures not supported by nginx.org +defaultrev='${NGINX_VERSION}-${PKG_RELEASE}' +declare -A rev=( + #[stable]='-r 500' +) + +get_packages() { + local distro="$1"; shift; + local branch="$1"; shift; + local perl= + local r= + local sep= + + case "$distro:$branch" in + alpine*:*) + r="r" + sep="." + ;; + debian*:stable) + sep="." + ;; + debian*:*) + sep="+" + ;; + esac + + case "$distro" in + *-perl) + perl="nginx-module-perl" + ;; + esac + + echo -n ' \\\n' + for p in nginx nginx-module-xslt nginx-module-geoip nginx-module-image-filter $perl; do + echo -n ' '"$p"'=${NGINX_VERSION}-'"$r"'${PKG_RELEASE} \\\n' + done + for p in nginx-module-njs; do + echo -n ' '"$p"'=${NGINX_VERSION}'"$sep"'${NJS_VERSION}-'"$r"'${PKG_RELEASE} \\' + done +} + +get_packagerepo() { + local distro="${1%-perl}"; shift; + local branch="$1"; shift; + + [ "$branch" = "mainline" ] && branch="$branch/" || branch="" + + echo "https://nginx.org/packages/${branch}${distro}/" +} + +get_packagever() { + local distro="${1%-perl}"; shift; + local branch="$1"; shift; + local suffix= + + [ "${distro}" = "debian" ] && suffix="~${debianver}" + + echo ${pkg[$branch]:-$defaultpkg}${suffix} +} + +generated_warning() { + cat << __EOF__ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# +__EOF__ +} + +for branch in "${branches[@]}"; do + for variant in \ + alpine{,-perl} \ + debian{,-perl} \ + ; do + echo "$branch: $variant" + dir="$branch/$variant" + variant="$(basename "$variant")" + + [ -d "$dir" ] || continue + + template="Dockerfile-${variant%-perl}.template" + { generated_warning; cat "$template"; } > "$dir/Dockerfile" + + debianver="${debian[$branch]:-$defaultdebian}" + alpinever="${alpine[$branch]:-$defaultalpine}" + nginxver="${nginx[$branch]}" + njsver="${njs[${branch}]:-$defaultnjs}" + pkgver="${pkg[${branch}]:-$defaultpkg}" + revver="${rev[${branch}]:-$defaultrev}" + + packagerepo=$(get_packagerepo "$variant" "$branch") + packages=$(get_packages "$variant" "$branch") + packagever=$(get_packagever "$variant" "$branch") + + sed -i \ + -e 's,%%ALPINE_VERSION%%,'"$alpinever"',' \ + -e 's,%%DEBIAN_VERSION%%,'"$debianver"',' \ + -e 's,%%NGINX_VERSION%%,'"$nginxver"',' \ + -e 's,%%NJS_VERSION%%,'"$njsver"',' \ + -e 's,%%PKG_RELEASE%%,'"$packagever"',' \ + -e 's,%%PACKAGES%%,'"$packages"',' \ + -e 's,%%PACKAGEREPO%%,'"$packagerepo"',' \ + -e 's,%%REVISION%%,'"$revver"',' \ + "$dir/Dockerfile" + + cp -a entrypoint/*.sh "$dir/" + + done +done From 4370fa1e7c8a2aa66205b26c3fb08beb2c37c1b0 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 18 Nov 2020 21:18:36 +0300 Subject: [PATCH 081/113] Renegerated targets via update.sh --- mainline/alpine-perl/Dockerfile | 5 +++++ mainline/alpine/Dockerfile | 5 +++++ .../10-listen-on-ipv6-by-default.sh | 0 .../{buster-perl => debian-perl}/20-envsubst-on-templates.sh | 0 mainline/{buster-perl => debian-perl}/Dockerfile | 5 +++++ mainline/{buster-perl => debian-perl}/docker-entrypoint.sh | 0 mainline/{buster => debian}/10-listen-on-ipv6-by-default.sh | 0 mainline/{buster => debian}/20-envsubst-on-templates.sh | 0 mainline/{buster => debian}/Dockerfile | 5 +++++ mainline/{buster => debian}/docker-entrypoint.sh | 0 stable/alpine-perl/Dockerfile | 5 +++++ stable/alpine/Dockerfile | 5 +++++ .../10-listen-on-ipv6-by-default.sh | 0 .../{buster-perl => debian-perl}/20-envsubst-on-templates.sh | 0 stable/{buster-perl => debian-perl}/Dockerfile | 5 +++++ stable/{buster-perl => debian-perl}/docker-entrypoint.sh | 0 stable/{buster => debian}/10-listen-on-ipv6-by-default.sh | 0 stable/{buster => debian}/20-envsubst-on-templates.sh | 0 stable/{buster => debian}/Dockerfile | 5 +++++ stable/{buster => debian}/docker-entrypoint.sh | 0 20 files changed, 40 insertions(+) rename mainline/{buster-perl => debian-perl}/10-listen-on-ipv6-by-default.sh (100%) rename mainline/{buster-perl => debian-perl}/20-envsubst-on-templates.sh (100%) rename mainline/{buster-perl => debian-perl}/Dockerfile (98%) rename mainline/{buster-perl => debian-perl}/docker-entrypoint.sh (100%) rename mainline/{buster => debian}/10-listen-on-ipv6-by-default.sh (100%) rename mainline/{buster => debian}/20-envsubst-on-templates.sh (100%) rename mainline/{buster => debian}/Dockerfile (98%) rename mainline/{buster => debian}/docker-entrypoint.sh (100%) rename stable/{buster-perl => debian-perl}/10-listen-on-ipv6-by-default.sh (100%) rename stable/{buster-perl => debian-perl}/20-envsubst-on-templates.sh (100%) rename stable/{buster-perl => debian-perl}/Dockerfile (98%) rename stable/{buster-perl => debian-perl}/docker-entrypoint.sh (100%) rename stable/{buster => debian}/10-listen-on-ipv6-by-default.sh (100%) rename stable/{buster => debian}/20-envsubst-on-templates.sh (100%) rename stable/{buster => debian}/Dockerfile (98%) rename stable/{buster => debian}/docker-entrypoint.sh (100%) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 7e032074..e0c54b80 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 19bf8d42..69487071 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/buster-perl/10-listen-on-ipv6-by-default.sh b/mainline/debian-perl/10-listen-on-ipv6-by-default.sh similarity index 100% rename from mainline/buster-perl/10-listen-on-ipv6-by-default.sh rename to mainline/debian-perl/10-listen-on-ipv6-by-default.sh diff --git a/mainline/buster-perl/20-envsubst-on-templates.sh b/mainline/debian-perl/20-envsubst-on-templates.sh similarity index 100% rename from mainline/buster-perl/20-envsubst-on-templates.sh rename to mainline/debian-perl/20-envsubst-on-templates.sh diff --git a/mainline/buster-perl/Dockerfile b/mainline/debian-perl/Dockerfile similarity index 98% rename from mainline/buster-perl/Dockerfile rename to mainline/debian-perl/Dockerfile index edba63dc..7b34d369 100644 --- a/mainline/buster-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/buster-perl/docker-entrypoint.sh b/mainline/debian-perl/docker-entrypoint.sh similarity index 100% rename from mainline/buster-perl/docker-entrypoint.sh rename to mainline/debian-perl/docker-entrypoint.sh diff --git a/mainline/buster/10-listen-on-ipv6-by-default.sh b/mainline/debian/10-listen-on-ipv6-by-default.sh similarity index 100% rename from mainline/buster/10-listen-on-ipv6-by-default.sh rename to mainline/debian/10-listen-on-ipv6-by-default.sh diff --git a/mainline/buster/20-envsubst-on-templates.sh b/mainline/debian/20-envsubst-on-templates.sh similarity index 100% rename from mainline/buster/20-envsubst-on-templates.sh rename to mainline/debian/20-envsubst-on-templates.sh diff --git a/mainline/buster/Dockerfile b/mainline/debian/Dockerfile similarity index 98% rename from mainline/buster/Dockerfile rename to mainline/debian/Dockerfile index b3f07e4a..34ff4e60 100644 --- a/mainline/buster/Dockerfile +++ b/mainline/debian/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/buster/docker-entrypoint.sh b/mainline/debian/docker-entrypoint.sh similarity index 100% rename from mainline/buster/docker-entrypoint.sh rename to mainline/debian/docker-entrypoint.sh diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 7226df34..fcb7da5b 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 5eddcc29..1bf80d1f 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM alpine:3.11 LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/buster-perl/10-listen-on-ipv6-by-default.sh b/stable/debian-perl/10-listen-on-ipv6-by-default.sh similarity index 100% rename from stable/buster-perl/10-listen-on-ipv6-by-default.sh rename to stable/debian-perl/10-listen-on-ipv6-by-default.sh diff --git a/stable/buster-perl/20-envsubst-on-templates.sh b/stable/debian-perl/20-envsubst-on-templates.sh similarity index 100% rename from stable/buster-perl/20-envsubst-on-templates.sh rename to stable/debian-perl/20-envsubst-on-templates.sh diff --git a/stable/buster-perl/Dockerfile b/stable/debian-perl/Dockerfile similarity index 98% rename from stable/buster-perl/Dockerfile rename to stable/debian-perl/Dockerfile index 2fea6ed0..64a1cf0d 100644 --- a/stable/buster-perl/Dockerfile +++ b/stable/debian-perl/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/buster-perl/docker-entrypoint.sh b/stable/debian-perl/docker-entrypoint.sh similarity index 100% rename from stable/buster-perl/docker-entrypoint.sh rename to stable/debian-perl/docker-entrypoint.sh diff --git a/stable/buster/10-listen-on-ipv6-by-default.sh b/stable/debian/10-listen-on-ipv6-by-default.sh similarity index 100% rename from stable/buster/10-listen-on-ipv6-by-default.sh rename to stable/debian/10-listen-on-ipv6-by-default.sh diff --git a/stable/buster/20-envsubst-on-templates.sh b/stable/debian/20-envsubst-on-templates.sh similarity index 100% rename from stable/buster/20-envsubst-on-templates.sh rename to stable/debian/20-envsubst-on-templates.sh diff --git a/stable/buster/Dockerfile b/stable/debian/Dockerfile similarity index 98% rename from stable/buster/Dockerfile rename to stable/debian/Dockerfile index 5b912320..7cd94d52 100644 --- a/stable/buster/Dockerfile +++ b/stable/debian/Dockerfile @@ -1,3 +1,8 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "update.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " diff --git a/stable/buster/docker-entrypoint.sh b/stable/debian/docker-entrypoint.sh similarity index 100% rename from stable/buster/docker-entrypoint.sh rename to stable/debian/docker-entrypoint.sh From f836ba88de77f1b7c7d200c4c98625def7f7f102 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 18 Nov 2020 21:19:56 +0300 Subject: [PATCH 082/113] Updated generate-stackbrew-library.sh to pick up naming changes --- generate-stackbrew-library.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 13e252de..4ebadcb0 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -9,10 +9,9 @@ aliases=( self="$(basename "$BASH_SOURCE")" cd "$(dirname "$(readlink -f "$BASH_SOURCE")")" -base=buster +base=debian -versions=( */ ) -versions=( "${versions[@]%/}" ) +versions=( mainline stable ) # get the most recent commit which modified any of "$@" fileCommit() { @@ -69,7 +68,7 @@ for version in "${versions[@]}"; do Directory: $version/$base EOE - for variant in buster-perl; do + for variant in debian-perl; do commit="$(dirCommit "$version/$variant")" variantAliases=( "${versionAliases[@]/%/-perl}" ) From 08d37de30259d48b54c06172ae09736b70734ac9 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 18 Nov 2020 21:23:14 +0300 Subject: [PATCH 083/113] debian: don't build arm64 packages since nginx.org provides them now --- Dockerfile-debian.template | 2 +- mainline/debian-perl/Dockerfile | 2 +- mainline/debian/Dockerfile | 2 +- stable/debian-perl/Dockerfile | 2 +- stable/debian/Dockerfile | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index ca89e8f9..e614aae1 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -30,7 +30,7 @@ RUN set -x \ && nginxPackages="%%PACKAGES%% " \ && case "$dpkgArch" in \ - amd64|i386) \ + amd64|i386|arm64) \ # arches officialy built by upstream echo "deb %%PACKAGEREPO%% %%DEBIAN_VERSION%% nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 7b34d369..5ff72afc 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -41,7 +41,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ - amd64|i386) \ + amd64|i386|arm64) \ # arches officialy built by upstream echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index 34ff4e60..ab4595f6 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -40,7 +40,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ - amd64|i386) \ + amd64|i386|arm64) \ # arches officialy built by upstream echo "deb https://nginx.org/packages/mainline/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ diff --git a/stable/debian-perl/Dockerfile b/stable/debian-perl/Dockerfile index 64a1cf0d..a3cf3477 100644 --- a/stable/debian-perl/Dockerfile +++ b/stable/debian-perl/Dockerfile @@ -41,7 +41,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ - amd64|i386) \ + amd64|i386|arm64) \ # arches officialy built by upstream echo "deb https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ diff --git a/stable/debian/Dockerfile b/stable/debian/Dockerfile index 7cd94d52..b9cf7d16 100644 --- a/stable/debian/Dockerfile +++ b/stable/debian/Dockerfile @@ -40,7 +40,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ - amd64|i386) \ + amd64|i386|arm64) \ # arches officialy built by upstream echo "deb https://nginx.org/packages/debian/ buster nginx" >> /etc/apt/sources.list.d/nginx.list \ && apt-get update \ From 3fb70ddd7094c1fdd50cc83d432643dc10ab6243 Mon Sep 17 00:00:00 2001 From: Patrick Scheid Date: Tue, 24 Nov 2020 16:43:57 +0300 Subject: [PATCH 084/113] Use SIGQUIT instead of SIGTERM for graceful shutdown of nginx Fixes #377, #457 --- Dockerfile-alpine.template | 2 +- Dockerfile-debian.template | 2 +- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/debian-perl/Dockerfile | 2 +- mainline/debian/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- stable/debian-perl/Dockerfile | 2 +- stable/debian/Dockerfile | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index 56e62f36..eb623c2e 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -109,6 +109,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index e614aae1..8521d5a9 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -100,6 +100,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index e0c54b80..1b5dfd07 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -120,6 +120,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 69487071..dce93c6b 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -119,6 +119,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 5ff72afc..1513ece8 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -111,6 +111,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index ab4595f6..df444aea 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -110,6 +110,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index fcb7da5b..d86c2ccd 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -120,6 +120,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 1bf80d1f..bd34cfb1 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -119,6 +119,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/stable/debian-perl/Dockerfile b/stable/debian-perl/Dockerfile index a3cf3477..9998d132 100644 --- a/stable/debian-perl/Dockerfile +++ b/stable/debian-perl/Dockerfile @@ -111,6 +111,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] diff --git a/stable/debian/Dockerfile b/stable/debian/Dockerfile index b9cf7d16..a4b6b7f0 100644 --- a/stable/debian/Dockerfile +++ b/stable/debian/Dockerfile @@ -110,6 +110,6 @@ ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 -STOPSIGNAL SIGTERM +STOPSIGNAL SIGQUIT CMD ["nginx", "-g", "daemon off;"] From c411fdefd6655144f6cdab425026a8a427adc273 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 24 Nov 2020 17:08:46 +0300 Subject: [PATCH 085/113] Updated mainline nginx to 1.19.5 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/debian-perl/Dockerfile | 2 +- mainline/debian/Dockerfile | 2 +- update.sh | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 1b5dfd07..513d7c6e 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.4 +ENV NGINX_VERSION 1.19.5 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index dce93c6b..5fc76efc 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.4 +ENV NGINX_VERSION 1.19.5 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1 diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 1513ece8..2080b844 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.4 +ENV NGINX_VERSION 1.19.5 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index df444aea..fd707c51 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.4 +ENV NGINX_VERSION 1.19.5 ENV NJS_VERSION 0.4.4 ENV PKG_RELEASE 1~buster diff --git a/update.sh b/update.sh index e0606bd0..285d6553 100755 --- a/update.sh +++ b/update.sh @@ -10,7 +10,7 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.19.4' + [mainline]='1.19.5' [stable]='1.18.0' ) From 3d618e31dedbc8a5c817c4dfc9d300f3e570b5a4 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 4 Dec 2020 19:03:58 +0300 Subject: [PATCH 086/113] Added a script to simplify images mirroring to AWS ECR --- sync-awsecr.sh | 154 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 154 insertions(+) create mode 100755 sync-awsecr.sh diff --git a/sync-awsecr.sh b/sync-awsecr.sh new file mode 100755 index 00000000..f9746f01 --- /dev/null +++ b/sync-awsecr.sh @@ -0,0 +1,154 @@ +#!/bin/bash +set -eu + +image="nginx" +registry="public.ecr.aws/z9d2n7e1" + +declare -A aliases +aliases=( + [mainline]='1 1.19 latest' + [stable]='1.18' +) + +architectures=( amd64 arm64v8 ) + +self="$(basename "$BASH_SOURCE")" +cd "$(dirname "$(readlink -f "$BASH_SOURCE")")" +base=debian + +versions=( mainline stable ) + +pulllist=() +declare -A taglist +taglist=() + +# get the most recent commit which modified any of "$@" +fileCommit() { + git log -1 --format='format:%H' HEAD -- "$@" +} + +# get the most recent commit which modified "$1/Dockerfile" or any file COPY'd from "$1/Dockerfile" +dirCommit() { + local dir="$1"; shift + ( + cd "$dir" + fileCommit \ + Dockerfile \ + $(git show HEAD:./Dockerfile | awk ' + toupper($1) == "COPY" { + for (i = 2; i < NF; i++) { + print $i + } + } + ') + ) +} + +# prints "$2$1$3$1...$N" +join() { + local sep="$1"; shift + local out; printf -v out "${sep//%/%%}%s" "$@" + echo "${out#$sep}" +} + +for version in "${versions[@]}"; do + commit="$(dirCommit "$version/$base")" + fullVersion="$(git show "$commit":"$version/$base/Dockerfile" | awk '$1 == "ENV" && $2 == "NGINX_VERSION" { print $3; exit }')" + pulllist+=( "$image:$fullVersion" ) + for variant in perl alpine alpine-perl; do + pulllist+=( "$image:$fullVersion-$variant" ) + done +done + +for version in "${versions[@]}"; do + commit="$(dirCommit "$version/$base")" + + fullVersion="$(git show "$commit":"$version/$base/Dockerfile" | awk '$1 == "ENV" && $2 == "NGINX_VERSION" { print $3; exit }')" + + versionAliases=( $fullVersion ) + if [ "$version" != "$fullVersion" ]; then + versionAliases+=( $version ) + fi + versionAliases+=( ${aliases[$version]:-} ) + + for tag in ${versionAliases[@]:1}; do + taglist["$image:$tag"]="$image:$fullVersion" + done + + for variant in debian-perl; do + variantAliases=( "${versionAliases[@]/%/-perl}" ) + variantAliases=( "${variantAliases[@]//latest-/}" ) + + for tag in ${variantAliases[@]}; do + if [ "$tag" != "${fullVersion}-perl" ]; then + taglist["$image:$tag"]="$image:$fullVersion-perl" + fi + done + done + + for variant in alpine alpine-perl; do + commit="$(dirCommit "$version/$variant")" + + variantAliases=( "${versionAliases[@]/%/-$variant}" ) + variantAliases=( "${variantAliases[@]//latest-/}" ) + + for tag in ${variantAliases[@]}; do + if [ "$tag" != "${fullVersion}-$variant" ]; then + taglist["$image:$tag"]="$image:${fullVersion}-$variant" + fi + done + done + +done + +echo "#!/bin/sh" +echo "set -ex" +echo +echo "export DOCKER_CLI_EXPERIMENTAL=enabled" +echo +echo "# pulling stuff" +for arch in ${architectures[@]}; do +for tag in ${pulllist[@]}; do + echo "docker pull $arch/$tag"; +done +done + +echo + +echo "# tagging stuff" + +for arch in ${architectures[@]}; do +for tag in ${pulllist[@]}; do + echo "docker tag $arch/$tag $registry/$tag-$arch" +done +for tag in ${!taglist[@]}; do + echo "docker tag $arch/${taglist[$tag]} $registry/$tag-$arch" +done +done + +echo "# pushing stuff" + +for arch in ${architectures[@]}; do +for tag in ${pulllist[@]}; do + echo "docker push $registry/$tag-$arch" +done +for tag in ${!taglist[@]}; do + echo "docker push $registry/$tag-$arch" +done +done + +echo +echo "# manifesting stuff" +for tag in ${pulllist[@]} ${!taglist[@]}; do + string="docker manifest create --amend $registry/$tag" + for arch in ${architectures[@]}; do + string+=" $registry/$tag-$arch" + done + echo $string +done + +echo +echo "# pushing manifests" +for tag in ${pulllist[@]} ${!taglist[@]}; do + echo "docker manifest push --purge $registry/$tag" +done From 14e73942f37a7f4c1eb886a28b1e183555b4eacd Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 15 Dec 2020 17:37:27 +0300 Subject: [PATCH 087/113] 10-liste-on-ipv6-by-default: use "info" instead of error By popular request in https://github.com/nginxinc/docker-nginx/issues/419 --- entrypoint/10-listen-on-ipv6-by-default.sh | 14 +++++++------- .../alpine-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- mainline/alpine/10-listen-on-ipv6-by-default.sh | 14 +++++++------- .../debian-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- mainline/debian/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/alpine-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/alpine/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/debian-perl/10-listen-on-ipv6-by-default.sh | 14 +++++++------- stable/debian/10-listen-on-ipv6-by-default.sh | 14 +++++++------- 9 files changed, 63 insertions(+), 63 deletions(-) diff --git a/entrypoint/10-listen-on-ipv6-by-default.sh b/entrypoint/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/entrypoint/10-listen-on-ipv6-by-default.sh +++ b/entrypoint/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/alpine/10-listen-on-ipv6-by-default.sh b/mainline/alpine/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/mainline/alpine/10-listen-on-ipv6-by-default.sh +++ b/mainline/alpine/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/debian-perl/10-listen-on-ipv6-by-default.sh b/mainline/debian-perl/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/mainline/debian-perl/10-listen-on-ipv6-by-default.sh +++ b/mainline/debian-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/mainline/debian/10-listen-on-ipv6-by-default.sh b/mainline/debian/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/mainline/debian/10-listen-on-ipv6-by-default.sh +++ b/mainline/debian/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/stable/alpine-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/alpine/10-listen-on-ipv6-by-default.sh b/stable/alpine/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/stable/alpine/10-listen-on-ipv6-by-default.sh +++ b/stable/alpine/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/debian-perl/10-listen-on-ipv6-by-default.sh b/stable/debian-perl/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/stable/debian-perl/10-listen-on-ipv6-by-default.sh +++ b/stable/debian-perl/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 diff --git a/stable/debian/10-listen-on-ipv6-by-default.sh b/stable/debian/10-listen-on-ipv6-by-default.sh index 832918a2..9585152b 100755 --- a/stable/debian/10-listen-on-ipv6-by-default.sh +++ b/stable/debian/10-listen-on-ipv6-by-default.sh @@ -8,17 +8,17 @@ DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf" # check if we have ipv6 available if [ ! -f "/proc/net/if_inet6" ]; then - echo >&3 "$ME: error: ipv6 not available" + echo >&3 "$ME: info: ipv6 not available" exit 0 fi if [ ! -f "/$DEFAULT_CONF_FILE" ]; then - echo >&3 "$ME: error: /$DEFAULT_CONF_FILE is not a file or does not exist" + echo >&3 "$ME: info: /$DEFAULT_CONF_FILE is not a file or does not exist" exit 0 fi # check if the file can be modified, e.g. not on a r/o filesystem -touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: error: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } +touch /$DEFAULT_CONF_FILE 2>/dev/null || { echo >&3 "$ME: info: can not modify /$DEFAULT_CONF_FILE (read-only file system?)"; exit 0; } # check if the file is already modified, e.g. on a container restart grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 listen already enabled"; exit 0; } @@ -26,11 +26,11 @@ grep -q "listen \[::]\:80;" /$DEFAULT_CONF_FILE && { echo >&3 "$ME: info: IPv6 if [ -f "/etc/os-release" ]; then . /etc/os-release else - echo >&3 "$ME: error: can not guess the operating system" + echo >&3 "$ME: info: can not guess the operating system" exit 0 fi -echo >&3 "$ME: Getting the checksum of /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Getting the checksum of /$DEFAULT_CONF_FILE" case "$ID" in "debian") @@ -48,7 +48,7 @@ case "$ID" in } ;; *) - echo >&3 "$ME: error: Unsupported distribution" + echo >&3 "$ME: info: Unsupported distribution" exit 0 ;; esac @@ -56,6 +56,6 @@ esac # enable ipv6 on default.conf listen sockets sed -i -E 's,listen 80;,listen 80;\n listen [::]:80;,' /$DEFAULT_CONF_FILE -echo >&3 "$ME: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" +echo >&3 "$ME: info: Enabled listen on IPv6 in /$DEFAULT_CONF_FILE" exit 0 From 41156d8a36bd03b2fb36353ba31f16ada08d9e48 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 15 Dec 2020 18:40:46 +0300 Subject: [PATCH 088/113] Updated mainline nginx to 1.19.6 and njs to 0.5.0 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/debian-perl/Dockerfile | 4 ++-- mainline/debian/Dockerfile | 4 ++-- update.sh | 6 +++--- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 513d7c6e..53269308 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.5 -ENV NJS_VERSION 0.4.4 +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 5fc76efc..deafec08 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.12 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.5 -ENV NJS_VERSION 0.4.4 +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 2080b844..1f818c94 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.5 -ENV NJS_VERSION 0.4.4 +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index fd707c51..43d69701 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.5 -ENV NJS_VERSION 0.4.4 +ENV NGINX_VERSION 1.19.6 +ENV NJS_VERSION 0.5.0 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/update.sh b/update.sh index 285d6553..828859fd 100755 --- a/update.sh +++ b/update.sh @@ -10,13 +10,13 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.19.5' + [mainline]='1.19.6' [stable]='1.18.0' ) -defaultnjs='0.4.4' +defaultnjs='0.5.0' declare -A njs=( - #[stable]='0.4.3' + [stable]='0.4.4' ) defaultpkg='1' From fc5d895ad72b9d91162a8075197d0f7cadbbb197 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Mon, 2 Nov 2020 13:06:43 +0300 Subject: [PATCH 089/113] Provided a way to install third-party modules in a sane manner --- modules/Dockerfile | 67 +++++++++++++++++++++++++++++++ modules/Dockerfile.alpine | 67 +++++++++++++++++++++++++++++++ modules/README.md | 83 +++++++++++++++++++++++++++++++++++++++ modules/echo/build-deps | 1 + modules/echo/prebuild | 12 ++++++ modules/echo/source | 1 + 6 files changed, 231 insertions(+) create mode 100644 modules/Dockerfile create mode 100644 modules/Dockerfile.alpine create mode 100644 modules/README.md create mode 100644 modules/echo/build-deps create mode 100755 modules/echo/prebuild create mode 100644 modules/echo/source diff --git a/modules/Dockerfile b/modules/Dockerfile new file mode 100644 index 00000000..9ea6df85 --- /dev/null +++ b/modules/Dockerfile @@ -0,0 +1,67 @@ +FROM nginx:mainline as builder + +ARG ENABLED_MODULES + +RUN set -ex \ + && if [ "$ENABLED_MODULES" = "" ]; then \ + echo "No additional modules enabled, exiting"; \ + exit 1; \ + fi + +COPY ./ /modules/ + +RUN set -ex \ + && apt update \ + && apt install -y --no-install-suggests --no-install-recommends \ + patch make wget mercurial devscripts debhelper dpkg-dev \ + quilt lsb-release build-essential libxml2-utils xsltproc \ + equivs git g++ \ + && hg clone https://hg.nginx.org/pkg-oss/ \ + && cd pkg-oss \ + && mkdir /tmp/packages \ + && for module in $ENABLED_MODULES; do \ + echo "Building $module for nginx-$NGINX_VERSION"; \ + if [ -d /modules/$module ]; then \ + echo "Building $module from user-supplied sources"; \ + # check if module sources file is there and not empty + if [ ! -s /modules/$module/source ]; then \ + echo "No source file for $module in modules/$module/source, exiting"; \ + exit 1; \ + fi; \ + # some modules require build dependencies + if [ -f /modules/$module/build-deps ]; then \ + echo "Installing $module build dependencies"; \ + apt update && apt install -y --no-install-suggests --no-install-recommends $(cat /modules/$module/build-deps | xargs); \ + fi; \ + # if a module has a build dependency that is not in a distro, provide a + # shell script to fetch/build/install those + # note that shared libraries produced as a result of this script will + # not be copied from the builder image to the main one so build static + if [ -x /modules/$module/prebuild ]; then \ + echo "Running prebuild script for $module"; \ + /modules/$module/prebuild; \ + fi; \ + /pkg-oss/build_module.sh -v $NGINX_VERSION -f -y -o /tmp/packages -n $module $(cat /modules/$module/source); \ + elif make -C /pkg-oss/debian list | grep -P "^$module\s+\d" > /dev/null; then \ + echo "Building $module from pkg-oss sources"; \ + cd /pkg-oss/debian; \ + make rules-module-$module BASE_VERSION=$NGINX_VERSION; \ + mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" debuild-module-$module/nginx-$NGINX_VERSION/debian/control; \ + make module-$module BASE_VERSION=$NGINX_VERSION; \ + find ../../ -maxdepth 1 -mindepth 1 -type f -name "*.deb" -exec mv -v {} /tmp/packages/ \;; \ + else \ + echo "Don't know how to build $module module, exiting"; \ + exit 1; \ + fi; \ + done + +FROM nginx:mainline +ARG ENABLED_MODULES +COPY --from=builder /tmp/packages /tmp/packages +RUN set -ex \ + && apt update \ + && for module in $ENABLED_MODULES; do \ + apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb; \ + done \ + && rm -rf /tmp/packages \ + && rm -rf /var/lib/apt/lists/ diff --git a/modules/Dockerfile.alpine b/modules/Dockerfile.alpine new file mode 100644 index 00000000..b2b8b3e3 --- /dev/null +++ b/modules/Dockerfile.alpine @@ -0,0 +1,67 @@ +FROM nginx:mainline-alpine as builder + +ARG ENABLED_MODULES + +RUN set -ex \ + && if [ "$ENABLED_MODULES" = "" ]; then \ + echo "No additional modules enabled, exiting"; \ + exit 1; \ + fi + +COPY ./ /modules/ + +RUN set -ex \ + && apk update \ + && apk add linux-headers openssl-dev pcre-dev zlib-dev openssl abuild \ + musl-dev libxslt libxml2-utils make mercurial gcc unzip git \ + xz g++ \ + # allow abuild as a root user \ + && printf "#!/bin/sh\\n/usr/bin/abuild -F \"\$@\"\\n" > /usr/local/bin/abuild \ + && chmod +x /usr/local/bin/abuild \ + && hg clone https://hg.nginx.org/pkg-oss/ \ + && cd pkg-oss \ + && mkdir /tmp/packages \ + && for module in $ENABLED_MODULES; do \ + echo "Building $module for nginx-$NGINX_VERSION"; \ + if [ -d /modules/$module ]; then \ + echo "Building $module from user-supplied sources"; \ + # check if module sources file is there and not empty + if [ ! -s /modules/$module/source ]; then \ + echo "No source file for $module in modules/$module/source, exiting"; \ + exit 1; \ + fi; \ + # some modules require build dependencies + if [ -f /modules/$module/build-deps ]; then \ + echo "Installing $module build dependencies"; \ + apk update && apk add $(cat /modules/$module/build-deps | xargs); \ + fi; \ + # if a module has a build dependency that is not in a distro, provide a + # shell script to fetch/build/install those + # note that shared libraries produced as a result of this script will + # not be copied from the builder image to the main one so build static + if [ -x /modules/$module/prebuild ]; then \ + echo "Running prebuild script for $module"; \ + /modules/$module/prebuild; \ + fi; \ + /pkg-oss/build_module.sh -v $NGINX_VERSION -f -y -o /tmp/packages -n $module $(cat /modules/$module/source); \ + elif make -C /pkg-oss/alpine list | grep -E "^$module\s+\d+" > /dev/null; then \ + echo "Building $module from pkg-oss sources"; \ + cd /pkg-oss/alpine; \ + make abuild-module-$module BASE_VERSION=$NGINX_VERSION; \ + apk add $(. ./abuild-module-$module/APKBUILD; echo $makedepends;); \ + make module-$module BASE_VERSION=$NGINX_VERSION; \ + find ~/packages -type f -name "*.apk" -exec mv -v {} /tmp/packages/ \;; \ + else \ + echo "Don't know how to build $module module, exiting"; \ + exit 1; \ + fi; \ + done + +FROM nginx:mainline-alpine +ARG ENABLED_MODULES +COPY --from=builder /tmp/packages /tmp/packages +RUN set -ex \ + && for module in $ENABLED_MODULES; do \ + apk add --no-cache --allow-untrusted /tmp/packages/nginx-module-${module}-${NGINX_VERSION}*.apk; \ + done \ + && rm -rf /tmp/packages diff --git a/modules/README.md b/modules/README.md new file mode 100644 index 00000000..8680022e --- /dev/null +++ b/modules/README.md @@ -0,0 +1,83 @@ +# Adding third-party modules to nginx official image + +It's possible to extend a mainline image with third-party modules either from +your own instuctions following a simple filesystem layout/syntax using +`build_module.sh` helper script, or failing back to package sources from +`https://hg.nginx.org/pkg-oss`. + +## Usage + +``` +$ docker build --build-arg ENABLED_MODULES="ndk lua" -t my-nginx-with-lua . +``` +This command will attempt to build an image called `my-nginx-with-lua` based on +official nginx docker hub image with two modules: `ndk` and `lua`. +By default, a Debian-based image will be used. If you wish to use Alpine +instead, add `-f Dockerfile.alpine` to the command line. + +The build script will look for module build definition files on filesystem +directory under the same name as the module (and resulting package) and if +those are not found will try to look up requested modules in the pkg-oss +repository. + +For well-known modules we maintain a set of build sources packages over at +`pkg-oss`, so it's probably a good idea to rely on those instead of providing +your own implementation. + +As of the time of writing this README, the following modules and their versions +are available from `pkg-oss` repository: + +``` +/pkg-oss $ LC_ALL=C make -C debian list-all-modules +make: Entering directory '/pkg-oss/debian' +brotli 1.0.0-1 +encrypted-session 0.08-1 +geoip 1.19.6-1 +geoip2 3.3-1 +headers-more 0.33-1 +image-filter 1.19.6-1 +lua 0.10.19-1 +modsecurity 1.0.1-1 +ndk 0.3.1-1 +njs 0.5.0-1 +opentracing 0.10.0-1 +passenger 6.0.6-1 +perl 1.19.6-1 +rtmp 1.2.1-1 +set-misc 0.32-1 +subs-filter 0.6.4-1 +xslt 1.19.6-1 +make: Leaving directory '/pkg-oss/debian' +``` + +If you still want to provide your own instructions for a specific module, +organize the build directory in a following way, e.g. for `echo` module: + +``` +docker-nginx/modules $ tree echo +echo +├── build-deps +├── prebuild +└── source + +0 directories, 3 files +``` + +The scripts expect one file to always exist for a module you wish to build +manually: `source`. It should contain a link to a zip/tarball source code of a +module you want to build. In `build-deps` you can specify build dependencies +for a module as found in Debian or Alpine repositories. `prebuild` is a shell +script (make it `chmod +x prebuild`!) that will be executed prior to building +the module but after installing the dependencies, so it can be used to install +additional build dependencies if they are not available from Debian or Alpine. +Keep in mind that those dependencies wont be automatically copied to the +resulting image and if you're building a library, build it statically. + +Once the build is done in the builder image, the built packages are copied over +to resulting image and installed via apt/apk. The resulting image will be +tagged and can be used the same way as an official docker hub image. + +Note that we can not provide any support for those modifications and in no way +guarantee they will work as nice as a build without third-party modules. If +you encounter any issues running your image with the modules enabled, please +reproduce with a vanilla image first. diff --git a/modules/echo/build-deps b/modules/echo/build-deps new file mode 100644 index 00000000..1ccfbc2f --- /dev/null +++ b/modules/echo/build-deps @@ -0,0 +1 @@ +make gcc diff --git a/modules/echo/prebuild b/modules/echo/prebuild new file mode 100755 index 00000000..cd2864b0 --- /dev/null +++ b/modules/echo/prebuild @@ -0,0 +1,12 @@ +#!/bin/sh + +# if a module has a build dependency that is not in debian/alpine +# use this script to fetch/build/install them +# +# note that shared libraries produced as a result of this script will +# not be copied from the builder image to the resulting one, so you need to +# build them statically + +echo "No prebuild stage required - all dependencies are satisfied already!" + +exit 0 diff --git a/modules/echo/source b/modules/echo/source new file mode 100644 index 00000000..3a6ad274 --- /dev/null +++ b/modules/echo/source @@ -0,0 +1 @@ +https://github.com/openresty/echo-nginx-module/archive/v0.62.tar.gz From 734e1de30709e375e1b7176d0601d55f840e96ec Mon Sep 17 00:00:00 2001 From: J0WI Date: Fri, 29 Jan 2021 22:49:09 +0100 Subject: [PATCH 090/113] Alpine 3.13 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- update.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 53269308..ae3b6ba2 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -3,7 +3,7 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM alpine:3.12 +FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index deafec08..11eeab8d 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -3,7 +3,7 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM alpine:3.12 +FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " diff --git a/update.sh b/update.sh index 828859fd..49ec3c87 100755 --- a/update.sh +++ b/update.sh @@ -29,7 +29,7 @@ declare -A debian=( #[stable]='stretch' ) -defaultalpine='3.12' +defaultalpine='3.13' declare -A alpine=( [stable]='3.11' ) From 5c93520500b222f6a735a5ea9838cd37c3d867c6 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Mon, 1 Feb 2021 12:42:14 +0300 Subject: [PATCH 091/113] docker-entrypoint: use natural sort for scripts to launch Fixes #489. --- entrypoint/docker-entrypoint.sh | 2 +- mainline/alpine-perl/docker-entrypoint.sh | 2 +- mainline/alpine/docker-entrypoint.sh | 2 +- mainline/debian-perl/docker-entrypoint.sh | 2 +- mainline/debian/docker-entrypoint.sh | 2 +- stable/alpine-perl/docker-entrypoint.sh | 2 +- stable/alpine/docker-entrypoint.sh | 2 +- stable/debian-perl/docker-entrypoint.sh | 2 +- stable/debian/docker-entrypoint.sh | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/entrypoint/docker-entrypoint.sh b/entrypoint/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/entrypoint/docker-entrypoint.sh +++ b/entrypoint/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/mainline/alpine-perl/docker-entrypoint.sh b/mainline/alpine-perl/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/mainline/alpine-perl/docker-entrypoint.sh +++ b/mainline/alpine-perl/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/mainline/alpine/docker-entrypoint.sh b/mainline/alpine/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/mainline/alpine/docker-entrypoint.sh +++ b/mainline/alpine/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/mainline/debian-perl/docker-entrypoint.sh b/mainline/debian-perl/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/mainline/debian-perl/docker-entrypoint.sh +++ b/mainline/debian-perl/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/mainline/debian/docker-entrypoint.sh b/mainline/debian/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/mainline/debian/docker-entrypoint.sh +++ b/mainline/debian/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/stable/alpine-perl/docker-entrypoint.sh b/stable/alpine-perl/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/stable/alpine-perl/docker-entrypoint.sh +++ b/stable/alpine-perl/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/stable/alpine/docker-entrypoint.sh b/stable/alpine/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/stable/alpine/docker-entrypoint.sh +++ b/stable/alpine/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/stable/debian-perl/docker-entrypoint.sh b/stable/debian-perl/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/stable/debian-perl/docker-entrypoint.sh +++ b/stable/debian-perl/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then diff --git a/stable/debian/docker-entrypoint.sh b/stable/debian/docker-entrypoint.sh index 88732541..72d5cd94 100755 --- a/stable/debian/docker-entrypoint.sh +++ b/stable/debian/docker-entrypoint.sh @@ -14,7 +14,7 @@ if [ "$1" = "nginx" -o "$1" = "nginx-debug" ]; then echo >&3 "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" echo >&3 "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -n | while read -r f; do + find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do case "$f" in *.sh) if [ -x "$f" ]; then From 2f2859121ae8b0ccf8e9111bf252787a24ad372c Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Mon, 1 Feb 2021 13:13:17 +0300 Subject: [PATCH 092/113] README: mentioned nginx.org changelog Fixes #491 --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7adf25f3..5fa769cb 100644 --- a/README.md +++ b/README.md @@ -7,3 +7,4 @@ regarding contributing and issues. The full readme is generated over in [docker-library/docs](https://github.com/docker-library/docs), specifically in [docker-library/docs/nginx](https://github.com/docker-library/docs/tree/master/nginx). +The changelog for NGINX releases is available at [nginx.org changes page](https://nginx.org/en/CHANGES). From 2b064090d1ebb724865ce7e6f4b6cc64c4c5cd6e Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 25 Nov 2020 21:41:08 +0300 Subject: [PATCH 093/113] Introduced an entrypoint script to autotune the number of worker processes The script is a no-op bye default, you would need to enable its logic by setting an NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE variable to any value. The script then tries to get the following values: - getconf _NPROCESSORS_ONLN - the amount of cpus from cpuset cgroupv1 - the quotas from cpu/cpuacct cgroupv1 - the amount of cpus from cgroupv2 - the quotas from cgroupv2 The lowest of all five is then applied to nginx.conf. Fixes #472 --- Dockerfile-alpine.template | 1 + Dockerfile-debian.template | 1 + entrypoint/30-tune-worker-processes.sh | 194 ++++++++++++++++++ .../alpine-perl/30-tune-worker-processes.sh | 194 ++++++++++++++++++ mainline/alpine-perl/Dockerfile | 1 + mainline/alpine/30-tune-worker-processes.sh | 194 ++++++++++++++++++ mainline/alpine/Dockerfile | 1 + .../debian-perl/30-tune-worker-processes.sh | 194 ++++++++++++++++++ mainline/debian-perl/Dockerfile | 1 + mainline/debian/30-tune-worker-processes.sh | 194 ++++++++++++++++++ mainline/debian/Dockerfile | 1 + .../alpine-perl/30-tune-worker-processes.sh | 194 ++++++++++++++++++ stable/alpine-perl/Dockerfile | 1 + stable/alpine/30-tune-worker-processes.sh | 194 ++++++++++++++++++ stable/alpine/Dockerfile | 1 + .../debian-perl/30-tune-worker-processes.sh | 194 ++++++++++++++++++ stable/debian-perl/Dockerfile | 1 + stable/debian/30-tune-worker-processes.sh | 194 ++++++++++++++++++ stable/debian/Dockerfile | 1 + 19 files changed, 1756 insertions(+) create mode 100755 entrypoint/30-tune-worker-processes.sh create mode 100755 mainline/alpine-perl/30-tune-worker-processes.sh create mode 100755 mainline/alpine/30-tune-worker-processes.sh create mode 100755 mainline/debian-perl/30-tune-worker-processes.sh create mode 100755 mainline/debian/30-tune-worker-processes.sh create mode 100755 stable/alpine-perl/30-tune-worker-processes.sh create mode 100755 stable/alpine/30-tune-worker-processes.sh create mode 100755 stable/debian-perl/30-tune-worker-processes.sh create mode 100755 stable/debian/30-tune-worker-processes.sh diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index eb623c2e..1ce4411a 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -105,6 +105,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index 8521d5a9..91b7cf78 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -96,6 +96,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/entrypoint/30-tune-worker-processes.sh b/entrypoint/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/entrypoint/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/mainline/alpine-perl/30-tune-worker-processes.sh b/mainline/alpine-perl/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/mainline/alpine-perl/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index ae3b6ba2..d3d9a146 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -116,6 +116,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/alpine/30-tune-worker-processes.sh b/mainline/alpine/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/mainline/alpine/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 11eeab8d..ea8829e1 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -115,6 +115,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/debian-perl/30-tune-worker-processes.sh b/mainline/debian-perl/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/mainline/debian-perl/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 1f818c94..aa215d79 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -107,6 +107,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/mainline/debian/30-tune-worker-processes.sh b/mainline/debian/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/mainline/debian/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index 43d69701..e9fdc169 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -106,6 +106,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine-perl/30-tune-worker-processes.sh b/stable/alpine-perl/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/stable/alpine-perl/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index d86c2ccd..6df7dde2 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -116,6 +116,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/alpine/30-tune-worker-processes.sh b/stable/alpine/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/stable/alpine/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index bd34cfb1..397380ad 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -115,6 +115,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/debian-perl/30-tune-worker-processes.sh b/stable/debian-perl/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/stable/debian-perl/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/stable/debian-perl/Dockerfile b/stable/debian-perl/Dockerfile index 9998d132..90a797dc 100644 --- a/stable/debian-perl/Dockerfile +++ b/stable/debian-perl/Dockerfile @@ -107,6 +107,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 diff --git a/stable/debian/30-tune-worker-processes.sh b/stable/debian/30-tune-worker-processes.sh new file mode 100755 index 00000000..4adb0432 --- /dev/null +++ b/stable/debian/30-tune-worker-processes.sh @@ -0,0 +1,194 @@ +#!/bin/sh +# vim:sw=2:ts=2:sts=2:et + +set -eu + +LC_ALL=C +ME=$( basename "$0" ) +PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +[ "${NGINX_ENTRYPOINT_WORKER_PROCESSES_AUTOTUNE:-}" ] || exit 0 + +touch /etc/nginx/nginx.conf 2>/dev/null || { echo >&2 "$ME: error: can not modify /etc/nginx/nginx.conf (read-only file system?)"; exit 0; } + +ceildiv() { + num=$1 + div=$2 + echo $(( (num + div - 1) / div )) +} + +get_cpuset() { + cpusetroot=$1 + cpusetfile=$2 + ncpu=0 + [ -f "$cpusetroot/$cpusetfile" ] || return + for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do + case "$token" in + *-*) + count=$( seq $(echo "$token" | tr '-' ' ') | wc -l ) + ncpu=$(( ncpu+count )) + ;; + *) + ncpu=$(( ncpu+1 )) + ;; + esac + done + echo "$ncpu" +} + +get_quota() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return + [ -f "$cpuroot/cpu.cfs_period_us" ] || return + cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) + cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) + [ "$cfs_quota" = "-1" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_quota_v2() { + cpuroot=$1 + ncpu=0 + [ -f "$cpuroot/cpu.max" ] || return + cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) + cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) + [ "$cfs_quota" = "max" ] && return + [ "$cfs_period" = "0" ] && return + ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) + [ "$ncpu" -gt 0 ] || return + echo "$ncpu" +} + +get_cgroup_v1_path() { + needle=$1 + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + case "$needle" in + "cpuset") + case "$line" in + *cpuset*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + ;; + "cpu") + case "$line" in + *cpuset*) + ;; + *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + ;; + esac + esac + done << __EOF__ +$( grep -F -- '- cgroup ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + controller=$( echo "$line" | cut -d: -f 2 ) + case "$needle" in + "cpuset") + case "$controller" in + cpuset) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + "cpu") + case "$controller" in + cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) + mountpoint=$( echo "$line" | cut -d: -f 3 ) + ;; + esac + ;; + esac +done << __EOF__ +$( grep -F -- 'cpu' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +get_cgroup_v2_path() { + found= + foundroot= + mountpoint= + + [ -r "/proc/self/mountinfo" ] || return + [ -r "/proc/self/cgroup" ] || return + + while IFS= read -r line; do + found=$( echo "$line" | cut -d ' ' -f 4,5 ) + done << __EOF__ +$( grep -F -- '- cgroup2 ' /proc/self/mountinfo ) +__EOF__ + + while IFS= read -r line; do + mountpoint=$( echo "$line" | cut -d: -f 3 ) +done << __EOF__ +$( grep -F -- '0::' /proc/self/cgroup ) +__EOF__ + + case "${found%% *}" in + "") + return + ;; + "/") + foundroot="${found##* }$mountpoint" + ;; + "$mountpoint") + foundroot="${found##* }" + ;; + esac + echo "$foundroot" +} + +ncpu_online=$( getconf _NPROCESSORS_ONLN ) +ncpu_cpuset= +ncpu_quota= +ncpu_cpuset_v2= +ncpu_quota_v2= + +cpuset=$( get_cgroup_v1_path "cpuset" ) +[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) +[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online + +cpu=$( get_cgroup_v1_path "cpu" ) +[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) +[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online + +cgroup_v2=$( get_cgroup_v2_path ) +[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) +[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online + +[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) +[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online + +ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ + "$ncpu_online" \ + "$ncpu_cpuset" \ + "$ncpu_quota" \ + "$ncpu_cpuset_v2" \ + "$ncpu_quota_v2" \ + | sort -n \ + | head -n 1 ) + +sed -i.bak -r 's/^(worker_processes)(.*)$/# Commented out by '"$ME"' on '"$(date)"'\n#\1\2\n\1 '"$ncpu"';/' /etc/nginx/nginx.conf diff --git a/stable/debian/Dockerfile b/stable/debian/Dockerfile index a4b6b7f0..a4d932bf 100644 --- a/stable/debian/Dockerfile +++ b/stable/debian/Dockerfile @@ -106,6 +106,7 @@ RUN set -x \ COPY docker-entrypoint.sh / COPY 10-listen-on-ipv6-by-default.sh /docker-entrypoint.d COPY 20-envsubst-on-templates.sh /docker-entrypoint.d +COPY 30-tune-worker-processes.sh /docker-entrypoint.d ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 80 From fa2213a76da35137a5aee565cef5095a209aeb3d Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 16 Feb 2021 20:28:33 +0300 Subject: [PATCH 094/113] Updated nginx to 1.19.7 and njs to 0.5.1 for mainline --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/debian-perl/Dockerfile | 4 ++-- mainline/debian/Dockerfile | 4 ++-- update.sh | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index d3d9a146..851b86d6 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.6 -ENV NJS_VERSION 0.5.0 +ENV NGINX_VERSION 1.19.7 +ENV NJS_VERSION 0.5.1 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index ea8829e1..59519217 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.6 -ENV NJS_VERSION 0.5.0 +ENV NGINX_VERSION 1.19.7 +ENV NJS_VERSION 0.5.1 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index aa215d79..0874f07d 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.6 -ENV NJS_VERSION 0.5.0 +ENV NGINX_VERSION 1.19.7 +ENV NJS_VERSION 0.5.1 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index e9fdc169..198e225c 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.6 -ENV NJS_VERSION 0.5.0 +ENV NGINX_VERSION 1.19.7 +ENV NJS_VERSION 0.5.1 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/update.sh b/update.sh index 49ec3c87..c6f95612 100755 --- a/update.sh +++ b/update.sh @@ -10,11 +10,11 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.19.6' + [mainline]='1.19.7' [stable]='1.18.0' ) -defaultnjs='0.5.0' +defaultnjs='0.5.1' declare -A njs=( [stable]='0.4.4' ) From e559b4da5b4cf0cf94990906f7523d6efcdcdbc9 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 17 Feb 2021 18:22:27 +0300 Subject: [PATCH 095/113] modules: Added a hack to make build system fetch a requested nginx version We're now using a tip of default branch on pkg-oss which moves fast and breaks things. A better solution is probably to check out a specific nginx tag and build whatever is available for it. This, however, is not currently possible with 1.19.6, and only works for 1.19.7. This should probably be reverted once we have enough tags supporting it. --- modules/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/Dockerfile b/modules/Dockerfile index 9ea6df85..de4c0a76 100644 --- a/modules/Dockerfile +++ b/modules/Dockerfile @@ -45,9 +45,9 @@ RUN set -ex \ elif make -C /pkg-oss/debian list | grep -P "^$module\s+\d" > /dev/null; then \ echo "Building $module from pkg-oss sources"; \ cd /pkg-oss/debian; \ - make rules-module-$module BASE_VERSION=$NGINX_VERSION; \ + make rules-module-$module BASE_VERSION=$NGINX_VERSION NGINX_VERSION=$NGINX_VERSION; \ mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" debuild-module-$module/nginx-$NGINX_VERSION/debian/control; \ - make module-$module BASE_VERSION=$NGINX_VERSION; \ + make module-$module BASE_VERSION=$NGINX_VERSION NGINX_VERSION=$NGINX_VERSION; \ find ../../ -maxdepth 1 -mindepth 1 -type f -name "*.deb" -exec mv -v {} /tmp/packages/ \;; \ else \ echo "Don't know how to build $module module, exiting"; \ From 636b7e3616ffebd9220f793aad672246c7e18376 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 2 Mar 2021 15:54:52 +0300 Subject: [PATCH 096/113] Updated and improved third-party modules documentation Fixes #511 --- modules/README.md | 101 ++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 94 insertions(+), 7 deletions(-) diff --git a/modules/README.md b/modules/README.md index 8680022e..db8c93e9 100644 --- a/modules/README.md +++ b/modules/README.md @@ -3,7 +3,7 @@ It's possible to extend a mainline image with third-party modules either from your own instuctions following a simple filesystem layout/syntax using `build_module.sh` helper script, or failing back to package sources from -`https://hg.nginx.org/pkg-oss`. +[pkg-oss](https://hg.nginx.org/pkg-oss). ## Usage @@ -30,23 +30,25 @@ are available from `pkg-oss` repository: ``` /pkg-oss $ LC_ALL=C make -C debian list-all-modules make: Entering directory '/pkg-oss/debian' +auth-spnego 1.1.0-1 brotli 1.0.0-1 encrypted-session 0.08-1 -geoip 1.19.6-1 +fips-check 0.1-1 +geoip 1.19.7-1 geoip2 3.3-1 headers-more 0.33-1 -image-filter 1.19.6-1 +image-filter 1.19.7-1 lua 0.10.19-1 -modsecurity 1.0.1-1 +modsecurity 1.0.1-2 ndk 0.3.1-1 -njs 0.5.0-1 +njs 0.5.1-1 opentracing 0.10.0-1 passenger 6.0.6-1 -perl 1.19.6-1 +perl 1.19.7-1 rtmp 1.2.1-1 set-misc 0.32-1 subs-filter 0.6.4-1 -xslt 1.19.6-1 +xslt 1.19.7-1 make: Leaving directory '/pkg-oss/debian' ``` @@ -81,3 +83,88 @@ Note that we can not provide any support for those modifications and in no way guarantee they will work as nice as a build without third-party modules. If you encounter any issues running your image with the modules enabled, please reproduce with a vanilla image first. + +## Examples + +### docker-compose with pre-packaged modules + +If desired modules are already packaged in +[pkg-oss](https://hg.nginx.org/pkg-oss/) - e.g. `debian/Makefile.module-*` +exists for a given module, you can use this example. + +1. Create a directory for your project: + +``` +mkdir myapp +cd myapp +```` + +2. Populate the build context for a custom nginx image: + +``` +mkdir my-nginx +curl -o my-nginx/Dockerfile https://raw.githubusercontent.com/nginxinc/docker-nginx/master/modules/Dockerfile +``` + +3. Create a `docker-compose.yml` file: + +``` +cat > docker-compose.yml << __EOF__ +version: "3.3" +services: + web: + build: + context: ./my-nginx/ + args: + ENABLED_MODULES: ndk lua + image: my-nginx-with-lua:v1 + ports: + - "80:8000" +__EOF__ +``` + +Now, running `docker-compose up --build -d` will build the image and run the application for you. + +### docker-compose with a non-packaged module + +If a needed module is not available via `pkg-oss`, you can use this example. + +We're going to build the image with [ngx_cache_purge](https://github.com/FRiCKLE/ngx_cache_purge) module. + +The steps are similar to a previous example, with a notable difference of +providing a URL to fetch the module source code from. + +1. Create a directory for your project: + +``` +mkdir myapp-cache +cd myapp-cache +```` + +2. Populate the build context for a custom nginx image: + +``` +mkdir my-nginx +curl -o my-nginx/Dockerfile https://raw.githubusercontent.com/nginxinc/docker-nginx/master/modules/Dockerfile +mkdir my-nginx/cachepurge +echo "https://github.com/FRiCKLE/ngx_cache_purge/archive/2.3.tar.gz" > my-nginx/cachepurge/source +``` + +3. Create a `docker-compose.yml` file: + +``` +cat > docker-compose.yml << __EOF__ +version: "3.3" +services: + web: + build: + context: ./my-nginx/ + args: + ENABLED_MODULES: cachepurge + image: my-nginx-with-cachepurge:v1 + ports: + - "80:8080" +__EOF__ +``` + +Now, running `docker-compose up --build -d` will build the image and run the application for you. From dcaaf66e4464037b1a887541f39acf8182233ab8 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 9 Mar 2021 20:19:57 +0300 Subject: [PATCH 097/113] Updated mainline nginx to 1.19.8 and njs to 0.5.2 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/debian-perl/Dockerfile | 4 ++-- mainline/debian/Dockerfile | 4 ++-- update.sh | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 851b86d6..2f629e00 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.7 -ENV NJS_VERSION 0.5.1 +ENV NGINX_VERSION 1.19.8 +ENV NJS_VERSION 0.5.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 59519217..9e7f149a 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.7 -ENV NJS_VERSION 0.5.1 +ENV NGINX_VERSION 1.19.8 +ENV NJS_VERSION 0.5.2 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 0874f07d..47f68d5c 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.7 -ENV NJS_VERSION 0.5.1 +ENV NGINX_VERSION 1.19.8 +ENV NJS_VERSION 0.5.2 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index 198e225c..2ff9655d 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.7 -ENV NJS_VERSION 0.5.1 +ENV NGINX_VERSION 1.19.8 +ENV NJS_VERSION 0.5.2 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/update.sh b/update.sh index c6f95612..71696fc2 100755 --- a/update.sh +++ b/update.sh @@ -10,11 +10,11 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.19.7' + [mainline]='1.19.8' [stable]='1.18.0' ) -defaultnjs='0.5.1' +defaultnjs='0.5.2' declare -A njs=( [stable]='0.4.4' ) From d1ed2dddd604c216b49c23a0ed747472c122c5bf Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Thu, 11 Mar 2021 19:56:02 +0300 Subject: [PATCH 098/113] Made 30-tune-worker-processes.sh more robust and error-prone. Fixes #520. --- entrypoint/30-tune-worker-processes.sh | 52 ++++++++----------- .../alpine-perl/30-tune-worker-processes.sh | 52 ++++++++----------- mainline/alpine/30-tune-worker-processes.sh | 52 ++++++++----------- .../debian-perl/30-tune-worker-processes.sh | 52 ++++++++----------- mainline/debian/30-tune-worker-processes.sh | 52 ++++++++----------- .../alpine-perl/30-tune-worker-processes.sh | 52 ++++++++----------- stable/alpine/30-tune-worker-processes.sh | 52 ++++++++----------- .../debian-perl/30-tune-worker-processes.sh | 52 ++++++++----------- stable/debian/30-tune-worker-processes.sh | 52 ++++++++----------- 9 files changed, 207 insertions(+), 261 deletions(-) diff --git a/entrypoint/30-tune-worker-processes.sh b/entrypoint/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/entrypoint/30-tune-worker-processes.sh +++ b/entrypoint/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/mainline/alpine-perl/30-tune-worker-processes.sh b/mainline/alpine-perl/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/mainline/alpine-perl/30-tune-worker-processes.sh +++ b/mainline/alpine-perl/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/mainline/alpine/30-tune-worker-processes.sh b/mainline/alpine/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/mainline/alpine/30-tune-worker-processes.sh +++ b/mainline/alpine/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/mainline/debian-perl/30-tune-worker-processes.sh b/mainline/debian-perl/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/mainline/debian-perl/30-tune-worker-processes.sh +++ b/mainline/debian-perl/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/mainline/debian/30-tune-worker-processes.sh b/mainline/debian/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/mainline/debian/30-tune-worker-processes.sh +++ b/mainline/debian/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/stable/alpine-perl/30-tune-worker-processes.sh b/stable/alpine-perl/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/stable/alpine-perl/30-tune-worker-processes.sh +++ b/stable/alpine-perl/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/stable/alpine/30-tune-worker-processes.sh b/stable/alpine/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/stable/alpine/30-tune-worker-processes.sh +++ b/stable/alpine/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/stable/debian-perl/30-tune-worker-processes.sh b/stable/debian-perl/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/stable/debian-perl/30-tune-worker-processes.sh +++ b/stable/debian-perl/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ diff --git a/stable/debian/30-tune-worker-processes.sh b/stable/debian/30-tune-worker-processes.sh index 4adb0432..56505871 100755 --- a/stable/debian/30-tune-worker-processes.sh +++ b/stable/debian/30-tune-worker-processes.sh @@ -21,7 +21,7 @@ get_cpuset() { cpusetroot=$1 cpusetfile=$2 ncpu=0 - [ -f "$cpusetroot/$cpusetfile" ] || return + [ -f "$cpusetroot/$cpusetfile" ] || return 1 for token in $( tr ',' ' ' < "$cpusetroot/$cpusetfile" ); do case "$token" in *-*) @@ -39,27 +39,27 @@ get_cpuset() { get_quota() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.cfs_quota_us" ] || return - [ -f "$cpuroot/cpu.cfs_period_us" ] || return + [ -f "$cpuroot/cpu.cfs_quota_us" ] || return 1 + [ -f "$cpuroot/cpu.cfs_period_us" ] || return 1 cfs_quota=$( cat "$cpuroot/cpu.cfs_quota_us" ) cfs_period=$( cat "$cpuroot/cpu.cfs_period_us" ) - [ "$cfs_quota" = "-1" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "-1" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } get_quota_v2() { cpuroot=$1 ncpu=0 - [ -f "$cpuroot/cpu.max" ] || return + [ -f "$cpuroot/cpu.max" ] || return 1 cfs_quota=$( cut -d' ' -f 1 < "$cpuroot/cpu.max" ) cfs_period=$( cut -d' ' -f 2 < "$cpuroot/cpu.max" ) - [ "$cfs_quota" = "max" ] && return - [ "$cfs_period" = "0" ] && return + [ "$cfs_quota" = "max" ] && return 1 + [ "$cfs_period" = "0" ] && return 1 ncpu=$( ceildiv "$cfs_quota" "$cfs_period" ) - [ "$ncpu" -gt 0 ] || return + [ "$ncpu" -gt 0 ] || return 1 echo "$ncpu" } @@ -69,8 +69,8 @@ get_cgroup_v1_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do case "$needle" in @@ -78,6 +78,7 @@ get_cgroup_v1_path() { case "$line" in *cpuset*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac ;; @@ -87,6 +88,7 @@ get_cgroup_v1_path() { ;; *cpu,cpuacct*|*cpuacct,cpu|*cpuacct*|*cpu*) found=$( echo "$line" | cut -d ' ' -f 4,5 ) + break ;; esac esac @@ -101,6 +103,7 @@ __EOF__ case "$controller" in cpuset) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -108,6 +111,7 @@ __EOF__ case "$controller" in cpu,cpuacct|cpuacct,cpu|cpuacct|cpu) mountpoint=$( echo "$line" | cut -d: -f 3 ) + break ;; esac ;; @@ -132,8 +136,8 @@ get_cgroup_v2_path() { foundroot= mountpoint= - [ -r "/proc/self/mountinfo" ] || return - [ -r "/proc/self/cgroup" ] || return + [ -r "/proc/self/mountinfo" ] || return 1 + [ -r "/proc/self/cgroup" ] || return 1 while IFS= read -r line; do found=$( echo "$line" | cut -d ' ' -f 4,5 ) @@ -149,7 +153,7 @@ __EOF__ case "${found%% *}" in "") - return + return 1 ;; "/") foundroot="${found##* }$mountpoint" @@ -167,20 +171,10 @@ ncpu_quota= ncpu_cpuset_v2= ncpu_quota_v2= -cpuset=$( get_cgroup_v1_path "cpuset" ) -[ "$cpuset" ] && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) -[ "$ncpu_cpuset" ] || ncpu_cpuset=$ncpu_online - -cpu=$( get_cgroup_v1_path "cpu" ) -[ "$cpu" ] && ncpu_quota=$( get_quota "$cpu" ) -[ "$ncpu_quota" ] || ncpu_quota=$ncpu_online - -cgroup_v2=$( get_cgroup_v2_path ) -[ "$cgroup_v2" ] && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) -[ "$ncpu_cpuset_v2" ] || ncpu_cpuset_v2=$ncpu_online - -[ "$cgroup_v2" ] && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) -[ "$ncpu_quota_v2" ] || ncpu_quota_v2=$ncpu_online +cpuset=$( get_cgroup_v1_path "cpuset" ) && ncpu_cpuset=$( get_cpuset "$cpuset" "cpuset.effective_cpus" ) || ncpu_cpuset=$ncpu_online +cpu=$( get_cgroup_v1_path "cpu" ) && ncpu_quota=$( get_quota "$cpu" ) || ncpu_quota=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_cpuset_v2=$( get_cpuset "$cgroup_v2" "cpuset.cpus.effective" ) || ncpu_cpuset_v2=$ncpu_online +cgroup_v2=$( get_cgroup_v2_path ) && ncpu_quota_v2=$( get_quota_v2 "$cgroup_v2" ) || ncpu_quota_v2=$ncpu_online ncpu=$( printf "%s\n%s\n%s\n%s\n%s\n" \ "$ncpu_online" \ From e7bab21fb789267fcf5b4d8d3b8a9a4df82966c3 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 12 Mar 2021 18:32:43 +0300 Subject: [PATCH 099/113] modules: use the same workaround for Alpine as we had for Debian Same as e559b4da5b4cf0cf94990906f7523d6efcdcdbc9. --- modules/Dockerfile.alpine | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/Dockerfile.alpine b/modules/Dockerfile.alpine index b2b8b3e3..ec64282a 100644 --- a/modules/Dockerfile.alpine +++ b/modules/Dockerfile.alpine @@ -47,9 +47,9 @@ RUN set -ex \ elif make -C /pkg-oss/alpine list | grep -E "^$module\s+\d+" > /dev/null; then \ echo "Building $module from pkg-oss sources"; \ cd /pkg-oss/alpine; \ - make abuild-module-$module BASE_VERSION=$NGINX_VERSION; \ + make abuild-module-$module BASE_VERSION=$NGINX_VERSION NGINX_VERSION=$NGINX_VERSION; \ apk add $(. ./abuild-module-$module/APKBUILD; echo $makedepends;); \ - make module-$module BASE_VERSION=$NGINX_VERSION; \ + make module-$module BASE_VERSION=$NGINX_VERSION NGINX_VERSION=$NGINX_VERSION; \ find ~/packages -type f -name "*.apk" -exec mv -v {} /tmp/packages/ \;; \ else \ echo "Don't know how to build $module module, exiting"; \ From 511c0fe67247c918395640e73abd2913695c10b1 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 30 Mar 2021 16:42:52 +0300 Subject: [PATCH 100/113] modules: check out an explicit pkg-oss tag. Fixes #518 --- modules/Dockerfile | 2 +- modules/Dockerfile.alpine | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/Dockerfile b/modules/Dockerfile index de4c0a76..cbd3a55f 100644 --- a/modules/Dockerfile +++ b/modules/Dockerfile @@ -16,7 +16,7 @@ RUN set -ex \ patch make wget mercurial devscripts debhelper dpkg-dev \ quilt lsb-release build-essential libxml2-utils xsltproc \ equivs git g++ \ - && hg clone https://hg.nginx.org/pkg-oss/ \ + && hg clone -r ${NGINX_VERSION}-${PKG_RELEASE} https://hg.nginx.org/pkg-oss/ \ && cd pkg-oss \ && mkdir /tmp/packages \ && for module in $ENABLED_MODULES; do \ diff --git a/modules/Dockerfile.alpine b/modules/Dockerfile.alpine index ec64282a..68644172 100644 --- a/modules/Dockerfile.alpine +++ b/modules/Dockerfile.alpine @@ -18,7 +18,7 @@ RUN set -ex \ # allow abuild as a root user \ && printf "#!/bin/sh\\n/usr/bin/abuild -F \"\$@\"\\n" > /usr/local/bin/abuild \ && chmod +x /usr/local/bin/abuild \ - && hg clone https://hg.nginx.org/pkg-oss/ \ + && hg clone -r ${NGINX_VERSION}-${PKG_RELEASE} https://hg.nginx.org/pkg-oss/ \ && cd pkg-oss \ && mkdir /tmp/packages \ && for module in $ENABLED_MODULES; do \ From 0f300ed4ae80724c569c9694bf89014e96ab567b Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 30 Mar 2021 19:26:57 +0300 Subject: [PATCH 101/113] Updated mainline nginx to 1.19.9 and njs to 0.5.3 --- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/debian-perl/Dockerfile | 4 ++-- mainline/debian/Dockerfile | 4 ++-- update.sh | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 2f629e00..9d8d5b4c 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.8 -ENV NJS_VERSION 0.5.2 +ENV NGINX_VERSION 1.19.9 +ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 9e7f149a..a15e0e39 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,8 +7,8 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.8 -ENV NJS_VERSION 0.5.2 +ENV NGINX_VERSION 1.19.9 +ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 47f68d5c..6c432428 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.8 -ENV NJS_VERSION 0.5.2 +ENV NGINX_VERSION 1.19.9 +ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index 2ff9655d..44891177 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.8 -ENV NJS_VERSION 0.5.2 +ENV NGINX_VERSION 1.19.9 +ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/update.sh b/update.sh index 71696fc2..d5ec49ee 100755 --- a/update.sh +++ b/update.sh @@ -10,11 +10,11 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.19.8' + [mainline]='1.19.9' [stable]='1.18.0' ) -defaultnjs='0.5.2' +defaultnjs='0.5.3' declare -A njs=( [stable]='0.4.4' ) From e129306eecbb60a5acc335fcd394e0878a3600ab Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 7 Apr 2021 14:36:28 +0300 Subject: [PATCH 102/113] modules: strip debian version from PKG_RELEASE Fixes #527 --- modules/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Dockerfile b/modules/Dockerfile index cbd3a55f..9dcbe400 100644 --- a/modules/Dockerfile +++ b/modules/Dockerfile @@ -16,7 +16,7 @@ RUN set -ex \ patch make wget mercurial devscripts debhelper dpkg-dev \ quilt lsb-release build-essential libxml2-utils xsltproc \ equivs git g++ \ - && hg clone -r ${NGINX_VERSION}-${PKG_RELEASE} https://hg.nginx.org/pkg-oss/ \ + && hg clone -r ${NGINX_VERSION}-${PKG_RELEASE%%~*} https://hg.nginx.org/pkg-oss/ \ && cd pkg-oss \ && mkdir /tmp/packages \ && for module in $ENABLED_MODULES; do \ From 464886ab21ebe4b036ceb36d7557bf491f6d9320 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 13 Apr 2021 19:48:13 +0300 Subject: [PATCH 103/113] Updated mainline nginx to 1.19.10 --- mainline/alpine-perl/Dockerfile | 2 +- mainline/alpine/Dockerfile | 2 +- mainline/debian-perl/Dockerfile | 2 +- mainline/debian/Dockerfile | 2 +- update.sh | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 9d8d5b4c..ee7d540b 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.9 +ENV NGINX_VERSION 1.19.10 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index a15e0e39..bba7ac8c 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.9 +ENV NGINX_VERSION 1.19.10 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 6c432428..4380f2d9 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.9 +ENV NGINX_VERSION 1.19.10 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index 44891177..727af2ba 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.9 +ENV NGINX_VERSION 1.19.10 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster diff --git a/update.sh b/update.sh index d5ec49ee..b2ce85bc 100755 --- a/update.sh +++ b/update.sh @@ -10,7 +10,7 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.19.9' + [mainline]='1.19.10' [stable]='1.18.0' ) From 010bcbf4db311fd682029b71d92cf2633392fe13 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 20 Apr 2021 19:12:21 +0300 Subject: [PATCH 104/113] Alpine template: nginx.org now provides aarch64 packages. --- Dockerfile-alpine.template | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index 1ce4411a..a9eb066e 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -14,7 +14,7 @@ RUN set -x \ && nginxPackages="%%PACKAGES%% " \ && case "$apkArch" in \ - x86_64) \ + x86_64|aarch64) \ # arches officially built by upstream set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ From ab8516ed3a212d8a03392567c8f55c570c839e59 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 20 Apr 2021 19:13:24 +0300 Subject: [PATCH 105/113] Updated stable nginx to 1.20.0 While at it, bumped alpine base image to 3.13 and njs to 0.5.3 --- stable/alpine-perl/Dockerfile | 10 +++++----- stable/alpine/Dockerfile | 10 +++++----- stable/debian-perl/Dockerfile | 8 ++++---- stable/debian/Dockerfile | 8 ++++---- update.sh | 11 ++++------- 5 files changed, 22 insertions(+), 25 deletions(-) diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 6df7dde2..4a6766e5 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -3,13 +3,13 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM alpine:3.11 +FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 2 +ENV NGINX_VERSION 1.20.0 +ENV NJS_VERSION 0.5.3 +ENV PKG_RELEASE 1 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -25,7 +25,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ - x86_64) \ + x86_64|aarch64) \ # arches officially built by upstream set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 397380ad..0a04fa80 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -3,13 +3,13 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM alpine:3.11 +FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 2 +ENV NGINX_VERSION 1.20.0 +ENV NJS_VERSION 0.5.3 +ENV PKG_RELEASE 1 RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -24,7 +24,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ - x86_64) \ + x86_64|aarch64) \ # arches officially built by upstream set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ diff --git a/stable/debian-perl/Dockerfile b/stable/debian-perl/Dockerfile index 90a797dc..f68d9929 100644 --- a/stable/debian-perl/Dockerfile +++ b/stable/debian-perl/Dockerfile @@ -7,9 +7,9 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 2~buster +ENV NGINX_VERSION 1.20.0 +ENV NJS_VERSION 0.5.3 +ENV PKG_RELEASE 1~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -38,7 +38,7 @@ RUN set -x \ nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386|arm64) \ diff --git a/stable/debian/Dockerfile b/stable/debian/Dockerfile index a4d932bf..7010be03 100644 --- a/stable/debian/Dockerfile +++ b/stable/debian/Dockerfile @@ -7,9 +7,9 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.18.0 -ENV NJS_VERSION 0.4.4 -ENV PKG_RELEASE 2~buster +ENV NGINX_VERSION 1.20.0 +ENV NJS_VERSION 0.5.3 +ENV PKG_RELEASE 1~buster RUN set -x \ # create nginx user/group first, to be consistent throughout docker variants @@ -37,7 +37,7 @@ RUN set -x \ nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ - nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \ + nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ " \ && case "$dpkgArch" in \ amd64|i386|arm64) \ diff --git a/update.sh b/update.sh index b2ce85bc..e47284f5 100755 --- a/update.sh +++ b/update.sh @@ -11,17 +11,17 @@ declare branches=( declare -A nginx=( [mainline]='1.19.10' - [stable]='1.18.0' + [stable]='1.20.0' ) defaultnjs='0.5.3' declare -A njs=( - [stable]='0.4.4' +# [stable]='0.4.4' ) defaultpkg='1' declare -A pkg=( - [stable]=2 +# [stable]=2 ) defaultdebian='buster' @@ -31,7 +31,7 @@ declare -A debian=( defaultalpine='3.13' declare -A alpine=( - [stable]='3.11' +# [stable]='3.11' ) # When we bump njs version in a stable release we don't move the tag in the @@ -54,9 +54,6 @@ get_packages() { r="r" sep="." ;; - debian*:stable) - sep="." - ;; debian*:*) sep="+" ;; From 1612733ec60173d9d4a18a0916b860a0ff255e74 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 21 Apr 2021 11:53:41 +0300 Subject: [PATCH 106/113] generate-stackbrew-library.sh: bump stable to 1.20 --- generate-stackbrew-library.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 4ebadcb0..428e4125 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -4,7 +4,7 @@ set -eu declare -A aliases aliases=( [mainline]='1 1.19 latest' - [stable]='1.18' + [stable]='1.20' ) self="$(basename "$BASH_SOURCE")" From be61420a4a6b97ad1e40325b3bbba198bf555e58 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 11 May 2021 12:25:34 +0300 Subject: [PATCH 107/113] sync-awsecr.sh: bump stable to 1.20 Refs: #545 --- sync-awsecr.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sync-awsecr.sh b/sync-awsecr.sh index f9746f01..26196dda 100755 --- a/sync-awsecr.sh +++ b/sync-awsecr.sh @@ -7,7 +7,7 @@ registry="public.ecr.aws/z9d2n7e1" declare -A aliases aliases=( [mainline]='1 1.19 latest' - [stable]='1.18' + [stable]='1.20' ) architectures=( amd64 arm64v8 ) From f3fe494531f9b157d9c09ba509e412dace54cd4f Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 25 May 2021 17:17:47 +0300 Subject: [PATCH 108/113] Updated nginx to 1.20.1 and 1.21.0 --- generate-stackbrew-library.sh | 2 +- mainline/alpine-perl/Dockerfile | 4 ++-- mainline/alpine/Dockerfile | 4 ++-- mainline/debian-perl/Dockerfile | 2 +- mainline/debian/Dockerfile | 2 +- stable/alpine-perl/Dockerfile | 2 +- stable/alpine/Dockerfile | 2 +- stable/debian-perl/Dockerfile | 2 +- stable/debian/Dockerfile | 2 +- sync-awsecr.sh | 2 +- update.sh | 4 ++-- 11 files changed, 14 insertions(+), 14 deletions(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 428e4125..4ff7ea38 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -3,7 +3,7 @@ set -eu declare -A aliases aliases=( - [mainline]='1 1.19 latest' + [mainline]='1 1.21 latest' [stable]='1.20' ) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index ee7d540b..8bf36e07 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.10 +ENV NGINX_VERSION 1.21.0 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 @@ -25,7 +25,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ - x86_64) \ + x86_64|aarch64) \ # arches officially built by upstream set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index bba7ac8c..96e351ce 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.10 +ENV NGINX_VERSION 1.21.0 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 @@ -24,7 +24,7 @@ RUN set -x \ nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-r${PKG_RELEASE} \ " \ && case "$apkArch" in \ - x86_64) \ + x86_64|aarch64) \ # arches officially built by upstream set -x \ && KEY_SHA512="e7fa8303923d9b95db37a77ad46c68fd4755ff935d0a534d26eba83de193c76166c68bfe7f65471bf8881004ef4aa6df3e34689c305662750c0172fca5d8552a *stdin" \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 4380f2d9..65007826 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.10 +ENV NGINX_VERSION 1.21.0 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index 727af2ba..cdeb9c8c 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.19.10 +ENV NGINX_VERSION 1.21.0 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster diff --git a/stable/alpine-perl/Dockerfile b/stable/alpine-perl/Dockerfile index 4a6766e5..f2ca2278 100644 --- a/stable/alpine-perl/Dockerfile +++ b/stable/alpine-perl/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.20.0 +ENV NGINX_VERSION 1.20.1 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 diff --git a/stable/alpine/Dockerfile b/stable/alpine/Dockerfile index 0a04fa80..f6bd08fe 100644 --- a/stable/alpine/Dockerfile +++ b/stable/alpine/Dockerfile @@ -7,7 +7,7 @@ FROM alpine:3.13 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.20.0 +ENV NGINX_VERSION 1.20.1 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1 diff --git a/stable/debian-perl/Dockerfile b/stable/debian-perl/Dockerfile index f68d9929..6d5fd1a4 100644 --- a/stable/debian-perl/Dockerfile +++ b/stable/debian-perl/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.20.0 +ENV NGINX_VERSION 1.20.1 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster diff --git a/stable/debian/Dockerfile b/stable/debian/Dockerfile index 7010be03..40b4d9ac 100644 --- a/stable/debian/Dockerfile +++ b/stable/debian/Dockerfile @@ -7,7 +7,7 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.20.0 +ENV NGINX_VERSION 1.20.1 ENV NJS_VERSION 0.5.3 ENV PKG_RELEASE 1~buster diff --git a/sync-awsecr.sh b/sync-awsecr.sh index 26196dda..767e03d4 100755 --- a/sync-awsecr.sh +++ b/sync-awsecr.sh @@ -6,7 +6,7 @@ registry="public.ecr.aws/z9d2n7e1" declare -A aliases aliases=( - [mainline]='1 1.19 latest' + [mainline]='1 1.21 latest' [stable]='1.20' ) diff --git a/update.sh b/update.sh index e47284f5..f315d367 100755 --- a/update.sh +++ b/update.sh @@ -10,8 +10,8 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.19.10' - [stable]='1.20.0' + [mainline]='1.21.0' + [stable]='1.20.1' ) defaultnjs='0.5.3' From fe33fad50a41a866a73e0a6607cb189f56169201 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 2 Jun 2021 13:17:12 +0300 Subject: [PATCH 109/113] modules/Dockerfile.alpine: added coreutils to use proper tr --- modules/Dockerfile.alpine | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Dockerfile.alpine b/modules/Dockerfile.alpine index 68644172..3e47a413 100644 --- a/modules/Dockerfile.alpine +++ b/modules/Dockerfile.alpine @@ -14,7 +14,7 @@ RUN set -ex \ && apk update \ && apk add linux-headers openssl-dev pcre-dev zlib-dev openssl abuild \ musl-dev libxslt libxml2-utils make mercurial gcc unzip git \ - xz g++ \ + xz g++ coreutils \ # allow abuild as a root user \ && printf "#!/bin/sh\\n/usr/bin/abuild -F \"\$@\"\\n" > /usr/local/bin/abuild \ && chmod +x /usr/local/bin/abuild \ From 6a9fffa542c291b92bb5b135e67cea1e6c92c346 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 2 Jun 2021 14:26:25 +0300 Subject: [PATCH 110/113] third party: fixed builds with non-alphanumeric characters in module names Closes #540 Fixes #550 --- modules/Dockerfile | 9 ++++++--- modules/Dockerfile.alpine | 9 ++++++--- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/modules/Dockerfile b/modules/Dockerfile index 9dcbe400..7a4e7141 100644 --- a/modules/Dockerfile +++ b/modules/Dockerfile @@ -42,6 +42,7 @@ RUN set -ex \ /modules/$module/prebuild; \ fi; \ /pkg-oss/build_module.sh -v $NGINX_VERSION -f -y -o /tmp/packages -n $module $(cat /modules/$module/source); \ + BUILT_MODULES="$BUILT_MODULES $(echo $module | tr '[A-Z]' '[a-z]' | tr -d '[/_\-\.\t ]')"; \ elif make -C /pkg-oss/debian list | grep -P "^$module\s+\d" > /dev/null; then \ echo "Building $module from pkg-oss sources"; \ cd /pkg-oss/debian; \ @@ -49,18 +50,20 @@ RUN set -ex \ mk-build-deps --install --tool="apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes" debuild-module-$module/nginx-$NGINX_VERSION/debian/control; \ make module-$module BASE_VERSION=$NGINX_VERSION NGINX_VERSION=$NGINX_VERSION; \ find ../../ -maxdepth 1 -mindepth 1 -type f -name "*.deb" -exec mv -v {} /tmp/packages/ \;; \ + BUILT_MODULES="$BUILT_MODULES $module"; \ else \ echo "Don't know how to build $module module, exiting"; \ exit 1; \ fi; \ - done + done \ + && echo "BUILT_MODULES=\"$BUILT_MODULES\"" > /tmp/packages/modules.env FROM nginx:mainline -ARG ENABLED_MODULES COPY --from=builder /tmp/packages /tmp/packages RUN set -ex \ && apt update \ - && for module in $ENABLED_MODULES; do \ + && . /tmp/packages/modules.env \ + && for module in $BUILT_MODULES; do \ apt install --no-install-suggests --no-install-recommends -y /tmp/packages/nginx-module-${module}_${NGINX_VERSION}*.deb; \ done \ && rm -rf /tmp/packages \ diff --git a/modules/Dockerfile.alpine b/modules/Dockerfile.alpine index 3e47a413..63dcc69f 100644 --- a/modules/Dockerfile.alpine +++ b/modules/Dockerfile.alpine @@ -44,6 +44,7 @@ RUN set -ex \ /modules/$module/prebuild; \ fi; \ /pkg-oss/build_module.sh -v $NGINX_VERSION -f -y -o /tmp/packages -n $module $(cat /modules/$module/source); \ + BUILT_MODULES="$BUILT_MODULES $(echo $module | tr '[A-Z]' '[a-z]' | tr -d '[/_\-\.\t ]')"; \ elif make -C /pkg-oss/alpine list | grep -E "^$module\s+\d+" > /dev/null; then \ echo "Building $module from pkg-oss sources"; \ cd /pkg-oss/alpine; \ @@ -51,17 +52,19 @@ RUN set -ex \ apk add $(. ./abuild-module-$module/APKBUILD; echo $makedepends;); \ make module-$module BASE_VERSION=$NGINX_VERSION NGINX_VERSION=$NGINX_VERSION; \ find ~/packages -type f -name "*.apk" -exec mv -v {} /tmp/packages/ \;; \ + BUILT_MODULES="$BUILT_MODULES $module"; \ else \ echo "Don't know how to build $module module, exiting"; \ exit 1; \ fi; \ - done + done \ + && echo "BUILT_MODULES=\"$BUILT_MODULES\"" > /tmp/packages/modules.env FROM nginx:mainline-alpine -ARG ENABLED_MODULES COPY --from=builder /tmp/packages /tmp/packages RUN set -ex \ - && for module in $ENABLED_MODULES; do \ + && . /tmp/packages/modules.env \ + && for module in $BUILT_MODULES; do \ apk add --no-cache --allow-untrusted /tmp/packages/nginx-module-${module}-${NGINX_VERSION}*.apk; \ done \ && rm -rf /tmp/packages From 1c123ec554ac65238c57c2b9c5e97513829238d0 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Wed, 2 Jun 2021 14:41:58 +0300 Subject: [PATCH 111/113] modules: updated the list of supported modules --- modules/README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/modules/README.md b/modules/README.md index db8c93e9..f558e34a 100644 --- a/modules/README.md +++ b/modules/README.md @@ -34,21 +34,21 @@ auth-spnego 1.1.0-1 brotli 1.0.0-1 encrypted-session 0.08-1 fips-check 0.1-1 -geoip 1.19.7-1 +geoip 1.21.0-1 geoip2 3.3-1 headers-more 0.33-1 -image-filter 1.19.7-1 +image-filter 1.21.0-1 lua 0.10.19-1 modsecurity 1.0.1-2 ndk 0.3.1-1 -njs 0.5.1-1 -opentracing 0.10.0-1 -passenger 6.0.6-1 -perl 1.19.7-1 +njs 0.5.3-1 +opentracing 0.14.0-1 +passenger 6.0.8-1 +perl 1.21.0-1 rtmp 1.2.1-1 set-misc 0.32-1 subs-filter 0.6.4-1 -xslt 1.19.7-1 +xslt 1.21.0-1 make: Leaving directory '/pkg-oss/debian' ``` From 4fb962398934526d5851c07d1f6107db97918c71 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Fri, 2 Jul 2021 11:56:24 +0300 Subject: [PATCH 112/113] modules: Dockerfile.alpine: set SETFATTR=true to skip setfattr. This is suggested as a fix for build issues (#525) in https://gitlab.alpinelinux.org/alpine/abuild/-/commit/32b7789e9ac09dad7f6d39df349c9a94e93e00c8 --- modules/Dockerfile.alpine | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/Dockerfile.alpine b/modules/Dockerfile.alpine index 63dcc69f..c154363e 100644 --- a/modules/Dockerfile.alpine +++ b/modules/Dockerfile.alpine @@ -16,7 +16,7 @@ RUN set -ex \ musl-dev libxslt libxml2-utils make mercurial gcc unzip git \ xz g++ coreutils \ # allow abuild as a root user \ - && printf "#!/bin/sh\\n/usr/bin/abuild -F \"\$@\"\\n" > /usr/local/bin/abuild \ + && printf "#!/bin/sh\\nSETFATTR=true /usr/bin/abuild -F \"\$@\"\\n" > /usr/local/bin/abuild \ && chmod +x /usr/local/bin/abuild \ && hg clone -r ${NGINX_VERSION}-${PKG_RELEASE} https://hg.nginx.org/pkg-oss/ \ && cd pkg-oss \ From f958fbacada447737319e979db45a1da49123142 Mon Sep 17 00:00:00 2001 From: Konstantin Pavlov Date: Tue, 6 Jul 2021 21:35:28 +0300 Subject: [PATCH 113/113] Updated nginx to 1.21.1 and njs to 0.6.1 on mainline builds. While at it, move mainline builds to alpine 3.14. --- mainline/alpine-perl/Dockerfile | 6 +++--- mainline/alpine/Dockerfile | 6 +++--- mainline/debian-perl/Dockerfile | 4 ++-- mainline/debian/Dockerfile | 4 ++-- update.sh | 10 +++++----- 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/mainline/alpine-perl/Dockerfile b/mainline/alpine-perl/Dockerfile index 8bf36e07..943622fa 100644 --- a/mainline/alpine-perl/Dockerfile +++ b/mainline/alpine-perl/Dockerfile @@ -3,12 +3,12 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM alpine:3.13 +FROM alpine:3.14 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.21.0 -ENV NJS_VERSION 0.5.3 +ENV NGINX_VERSION 1.21.1 +ENV NJS_VERSION 0.6.1 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/alpine/Dockerfile b/mainline/alpine/Dockerfile index 96e351ce..d02e9262 100644 --- a/mainline/alpine/Dockerfile +++ b/mainline/alpine/Dockerfile @@ -3,12 +3,12 @@ # # PLEASE DO NOT EDIT IT DIRECTLY. # -FROM alpine:3.13 +FROM alpine:3.14 LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.21.0 -ENV NJS_VERSION 0.5.3 +ENV NGINX_VERSION 1.21.1 +ENV NJS_VERSION 0.6.1 ENV PKG_RELEASE 1 RUN set -x \ diff --git a/mainline/debian-perl/Dockerfile b/mainline/debian-perl/Dockerfile index 65007826..1e5ecd12 100644 --- a/mainline/debian-perl/Dockerfile +++ b/mainline/debian-perl/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.21.0 -ENV NJS_VERSION 0.5.3 +ENV NGINX_VERSION 1.21.1 +ENV NJS_VERSION 0.6.1 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/mainline/debian/Dockerfile b/mainline/debian/Dockerfile index cdeb9c8c..54ee2f1b 100644 --- a/mainline/debian/Dockerfile +++ b/mainline/debian/Dockerfile @@ -7,8 +7,8 @@ FROM debian:buster-slim LABEL maintainer="NGINX Docker Maintainers " -ENV NGINX_VERSION 1.21.0 -ENV NJS_VERSION 0.5.3 +ENV NGINX_VERSION 1.21.1 +ENV NJS_VERSION 0.6.1 ENV PKG_RELEASE 1~buster RUN set -x \ diff --git a/update.sh b/update.sh index f315d367..6dadf693 100755 --- a/update.sh +++ b/update.sh @@ -10,13 +10,13 @@ declare branches=( ) declare -A nginx=( - [mainline]='1.21.0' + [mainline]='1.21.1' [stable]='1.20.1' ) -defaultnjs='0.5.3' +defaultnjs='0.6.1' declare -A njs=( -# [stable]='0.4.4' + [stable]='0.5.3' ) defaultpkg='1' @@ -29,9 +29,9 @@ declare -A debian=( #[stable]='stretch' ) -defaultalpine='3.13' +defaultalpine='3.14' declare -A alpine=( -# [stable]='3.11' + [stable]='3.13' ) # When we bump njs version in a stable release we don't move the tag in the