rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(docker): install patched nginx from official repository

Browse source 
Pin nginx to the official nginx.org Alpine mainline package in development and production images so patched releases can be installed consistently.
This commit is contained in:
Andras Bacsai 2026-05-16 19:06:39 +02:00
parent bba0cd76d2
commit 0917bb7b8e
2 changed files with 40 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
docker/development/Dockerfile
View file

@ -8,6 +8,8 @@ ARG CLOUDFLARED_VERSION=2025.7.0
# https://www.postgresql.org/support/versioning/
# Note: We are using version 18 of the postgres client (while still using postgres 15 for the postgres server) as version 15 has been removed from Alpine 3.23+ https://pkgs.alpinelinux.org/packages?name=postgresql*-client&branch=v3.23&repo=&arch=x86_64&origin=&flagged=&maintainer=
ARG POSTGRES_VERSION=18
# https://nginx.org/en/linux_packages.html
ARG NGINX_VERSION=1.31.0-r1
# =================================================================
# Get MinIO client
@ -24,11 +26,23 @@ ARG GROUP_ID
ARG TARGETPLATFORM
ARG POSTGRES_VERSION
ARG CLOUDFLARED_VERSION
ARG NGINX_VERSION
WORKDIR /var/www/html
USER root
# Install patched Nginx from the official nginx.org Alpine repository
RUN set -eux; \
apk add --no-cache ca-certificates curl; \
NGINX_ALPINE_VERSION="$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)"; \
NGINX_REPOSITORY="https://nginx.org/packages/mainline/alpine/v${NGINX_ALPINE_VERSION}/main"; \
sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories; \
grep -qxF "@nginx ${NGINX_REPOSITORY}" /etc/apk/repositories || echo "@nginx ${NGINX_REPOSITORY}" >> /etc/apk/repositories; \
curl -fsSL https://nginx.org/keys/nginx_signing.rsa.pub -o /etc/apk/keys/nginx_signing.rsa.pub; \
apk add --no-cache --upgrade "nginx@nginx=${NGINX_VERSION}"; \
nginx -v
RUN docker-php-serversideup-set-id www-data $USER_ID:$GROUP_ID && \
docker-php-serversideup-set-file-permissions --owner $USER_ID:$GROUP_ID --service nginx
@ -38,7 +52,6 @@ RUN apk upgrade --no-cache && \
mkdir -p /usr/share/keyrings && \
curl -fSsL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor > /usr/share/keyrings/postgresql.gpg
RUN sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories
# Install system dependencies
RUN apk add --no-cache \

26
docker/production/Dockerfile
View file

@ -8,6 +8,8 @@ ARG CLOUDFLARED_VERSION=2025.7.0
# https://www.postgresql.org/support/versioning/
# Note: We are using version 18 of the postgres client (while still using postgres 15 for the postgres server) as version 15 has been removed from Alpine 3.23+ https://pkgs.alpinelinux.org/packages?name=postgresql*-client&branch=v3.23&repo=&arch=x86_64&origin=&flagged=&maintainer=
ARG POSTGRES_VERSION=18
# https://nginx.org/en/linux_packages.html
ARG NGINX_VERSION=1.31.0-r1
# Add user/group
ARG USER_ID=9999
@ -20,6 +22,18 @@ FROM serversideup/php:${SERVERSIDEUP_PHP_VERSION} AS base
USER root
# Install patched Nginx from the official nginx.org Alpine repository
ARG NGINX_VERSION
RUN set -eux; \
apk add --no-cache ca-certificates curl; \
NGINX_ALPINE_VERSION="$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)"; \
NGINX_REPOSITORY="https://nginx.org/packages/mainline/alpine/v${NGINX_ALPINE_VERSION}/main"; \
sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories; \
grep -qxF "@nginx ${NGINX_REPOSITORY}" /etc/apk/repositories || echo "@nginx ${NGINX_REPOSITORY}" >> /etc/apk/repositories; \
curl -fsSL https://nginx.org/keys/nginx_signing.rsa.pub -o /etc/apk/keys/nginx_signing.rsa.pub; \
apk add --no-cache --upgrade "nginx@nginx=${NGINX_VERSION}"; \
nginx -v
ARG USER_ID
ARG GROUP_ID
@ -60,12 +74,24 @@ ARG GROUP_ID
ARG TARGETPLATFORM
ARG POSTGRES_VERSION
ARG CLOUDFLARED_VERSION
ARG NGINX_VERSION
ARG CI=true
WORKDIR /var/www/html
USER root
# Install patched Nginx from the official nginx.org Alpine repository
RUN set -eux; \
apk add --no-cache ca-certificates curl; \
NGINX_ALPINE_VERSION="$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)"; \
NGINX_REPOSITORY="https://nginx.org/packages/mainline/alpine/v${NGINX_ALPINE_VERSION}/main"; \
sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories; \
grep -qxF "@nginx ${NGINX_REPOSITORY}" /etc/apk/repositories || echo "@nginx ${NGINX_REPOSITORY}" >> /etc/apk/repositories; \
curl -fsSL https://nginx.org/keys/nginx_signing.rsa.pub -o /etc/apk/keys/nginx_signing.rsa.pub; \
apk add --no-cache --upgrade "nginx@nginx=${NGINX_VERSION}"; \
nginx -v
RUN docker-php-serversideup-set-id www-data $USER_ID:$GROUP_ID && \
docker-php-serversideup-set-file-permissions --owner $USER_ID:$GROUP_ID --service nginx