fix(docker): install patched nginx from official repository
Pin nginx to the official nginx.org Alpine mainline package in development and production images so patched releases can be installed consistently.
This commit is contained in:
Andras Bacsai
parent
bba0cd76d2
commit
0917bb7b8e
2 changed files with 40 additions and 1 deletions
|
|
@ -8,6 +8,8 @@ ARG CLOUDFLARED_VERSION=2025.7.0
|
||||||
# https://www.postgresql.org/support/versioning/
|
# https://www.postgresql.org/support/versioning/
|
||||||
# Note: We are using version 18 of the postgres client (while still using postgres 15 for the postgres server) as version 15 has been removed from Alpine 3.23+ https://pkgs.alpinelinux.org/packages?name=postgresql*-client&branch=v3.23&repo=&arch=x86_64&origin=&flagged=&maintainer=
|
# Note: We are using version 18 of the postgres client (while still using postgres 15 for the postgres server) as version 15 has been removed from Alpine 3.23+ https://pkgs.alpinelinux.org/packages?name=postgresql*-client&branch=v3.23&repo=&arch=x86_64&origin=&flagged=&maintainer=
|
||||||
ARG POSTGRES_VERSION=18
|
ARG POSTGRES_VERSION=18
|
||||||
|
# https://nginx.org/en/linux_packages.html
|
||||||
|
ARG NGINX_VERSION=1.31.0-r1
|
||||||
|
|
||||||
# =================================================================
|
# =================================================================
|
||||||
# Get MinIO client
|
# Get MinIO client
|
||||||
|
|
@ -24,11 +26,23 @@ ARG GROUP_ID
|
||||||
ARG TARGETPLATFORM
|
ARG TARGETPLATFORM
|
||||||
ARG POSTGRES_VERSION
|
ARG POSTGRES_VERSION
|
||||||
ARG CLOUDFLARED_VERSION
|
ARG CLOUDFLARED_VERSION
|
||||||
|
ARG NGINX_VERSION
|
||||||
|
|
||||||
WORKDIR /var/www/html
|
WORKDIR /var/www/html
|
||||||
|
|
||||||
USER root
|
USER root
|
||||||
|
|
||||||
|
# Install patched Nginx from the official nginx.org Alpine repository
|
||||||
|
RUN set -eux; \
|
||||||
|
apk add --no-cache ca-certificates curl; \
|
||||||
|
NGINX_ALPINE_VERSION="$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)"; \
|
||||||
|
NGINX_REPOSITORY="https://nginx.org/packages/mainline/alpine/v${NGINX_ALPINE_VERSION}/main"; \
|
||||||
|
sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories; \
|
||||||
|
grep -qxF "@nginx ${NGINX_REPOSITORY}" /etc/apk/repositories || echo "@nginx ${NGINX_REPOSITORY}" >> /etc/apk/repositories; \
|
||||||
|
curl -fsSL https://nginx.org/keys/nginx_signing.rsa.pub -o /etc/apk/keys/nginx_signing.rsa.pub; \
|
||||||
|
apk add --no-cache --upgrade "nginx@nginx=${NGINX_VERSION}"; \
|
||||||
|
nginx -v
|
||||||
|
|
||||||
RUN docker-php-serversideup-set-id www-data $USER_ID:$GROUP_ID && \
|
RUN docker-php-serversideup-set-id www-data $USER_ID:$GROUP_ID && \
|
||||||
docker-php-serversideup-set-file-permissions --owner $USER_ID:$GROUP_ID --service nginx
|
docker-php-serversideup-set-file-permissions --owner $USER_ID:$GROUP_ID --service nginx
|
||||||
|
|
||||||
|
|
@ -38,7 +52,6 @@ RUN apk upgrade --no-cache && \
|
||||||
mkdir -p /usr/share/keyrings && \
|
mkdir -p /usr/share/keyrings && \
|
||||||
curl -fSsL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor > /usr/share/keyrings/postgresql.gpg
|
curl -fSsL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor > /usr/share/keyrings/postgresql.gpg
|
||||||
|
|
||||||
RUN sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories
|
|
||||||
|
|
||||||
# Install system dependencies
|
# Install system dependencies
|
||||||
RUN apk add --no-cache \
|
RUN apk add --no-cache \
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,8 @@ ARG CLOUDFLARED_VERSION=2025.7.0
|
||||||
# https://www.postgresql.org/support/versioning/
|
# https://www.postgresql.org/support/versioning/
|
||||||
# Note: We are using version 18 of the postgres client (while still using postgres 15 for the postgres server) as version 15 has been removed from Alpine 3.23+ https://pkgs.alpinelinux.org/packages?name=postgresql*-client&branch=v3.23&repo=&arch=x86_64&origin=&flagged=&maintainer=
|
# Note: We are using version 18 of the postgres client (while still using postgres 15 for the postgres server) as version 15 has been removed from Alpine 3.23+ https://pkgs.alpinelinux.org/packages?name=postgresql*-client&branch=v3.23&repo=&arch=x86_64&origin=&flagged=&maintainer=
|
||||||
ARG POSTGRES_VERSION=18
|
ARG POSTGRES_VERSION=18
|
||||||
|
# https://nginx.org/en/linux_packages.html
|
||||||
|
ARG NGINX_VERSION=1.31.0-r1
|
||||||
|
|
||||||
# Add user/group
|
# Add user/group
|
||||||
ARG USER_ID=9999
|
ARG USER_ID=9999
|
||||||
|
|
@ -20,6 +22,18 @@ FROM serversideup/php:${SERVERSIDEUP_PHP_VERSION} AS base
|
||||||
|
|
||||||
USER root
|
USER root
|
||||||
|
|
||||||
|
# Install patched Nginx from the official nginx.org Alpine repository
|
||||||
|
ARG NGINX_VERSION
|
||||||
|
RUN set -eux; \
|
||||||
|
apk add --no-cache ca-certificates curl; \
|
||||||
|
NGINX_ALPINE_VERSION="$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)"; \
|
||||||
|
NGINX_REPOSITORY="https://nginx.org/packages/mainline/alpine/v${NGINX_ALPINE_VERSION}/main"; \
|
||||||
|
sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories; \
|
||||||
|
grep -qxF "@nginx ${NGINX_REPOSITORY}" /etc/apk/repositories || echo "@nginx ${NGINX_REPOSITORY}" >> /etc/apk/repositories; \
|
||||||
|
curl -fsSL https://nginx.org/keys/nginx_signing.rsa.pub -o /etc/apk/keys/nginx_signing.rsa.pub; \
|
||||||
|
apk add --no-cache --upgrade "nginx@nginx=${NGINX_VERSION}"; \
|
||||||
|
nginx -v
|
||||||
|
|
||||||
ARG USER_ID
|
ARG USER_ID
|
||||||
ARG GROUP_ID
|
ARG GROUP_ID
|
||||||
|
|
||||||
|
|
@ -60,12 +74,24 @@ ARG GROUP_ID
|
||||||
ARG TARGETPLATFORM
|
ARG TARGETPLATFORM
|
||||||
ARG POSTGRES_VERSION
|
ARG POSTGRES_VERSION
|
||||||
ARG CLOUDFLARED_VERSION
|
ARG CLOUDFLARED_VERSION
|
||||||
|
ARG NGINX_VERSION
|
||||||
ARG CI=true
|
ARG CI=true
|
||||||
|
|
||||||
WORKDIR /var/www/html
|
WORKDIR /var/www/html
|
||||||
|
|
||||||
USER root
|
USER root
|
||||||
|
|
||||||
|
# Install patched Nginx from the official nginx.org Alpine repository
|
||||||
|
RUN set -eux; \
|
||||||
|
apk add --no-cache ca-certificates curl; \
|
||||||
|
NGINX_ALPINE_VERSION="$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)"; \
|
||||||
|
NGINX_REPOSITORY="https://nginx.org/packages/mainline/alpine/v${NGINX_ALPINE_VERSION}/main"; \
|
||||||
|
sed -i 's|http://nginx.org/packages|https://nginx.org/packages|g' /etc/apk/repositories; \
|
||||||
|
grep -qxF "@nginx ${NGINX_REPOSITORY}" /etc/apk/repositories || echo "@nginx ${NGINX_REPOSITORY}" >> /etc/apk/repositories; \
|
||||||
|
curl -fsSL https://nginx.org/keys/nginx_signing.rsa.pub -o /etc/apk/keys/nginx_signing.rsa.pub; \
|
||||||
|
apk add --no-cache --upgrade "nginx@nginx=${NGINX_VERSION}"; \
|
||||||
|
nginx -v
|
||||||
|
|
||||||
RUN docker-php-serversideup-set-id www-data $USER_ID:$GROUP_ID && \
|
RUN docker-php-serversideup-set-id www-data $USER_ID:$GROUP_ID && \
|
||||||
docker-php-serversideup-set-file-permissions --owner $USER_ID:$GROUP_ID --service nginx
|
docker-php-serversideup-set-file-permissions --owner $USER_ID:$GROUP_ID --service nginx
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue