from alpine:3.14
RUN rm -rf /var/cache/apk/* && \
rm -rf /tmp/* && \
set -eux && sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories && \
apk add --no-cache bash tzdata && \
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
/bin/bash
- 构建基础镜像 docker build -t youshumin/apline:3.14
FROM youshumin/alpine:3.14
ENV TENGINE_VERSION 2.3.3
ENV CONFIG "\
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=root \
--group=root \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-stream_geoip_module=dynamic \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-compat \
--with-file-aio \
--with-http_v2_module \
--add-module=modules/ngx_http_upstream_check_module \
--add-module=modules/headers-more-nginx-module-0.33 \
--add-module=modules/ngx_http_upstream_session_sticky_module \
--add-module=modules/ngx_http_lua_module \
--add-module=modules/ngx_http_reqstat_module \
--add-module=modules/ngx_http_upstream_vnswrr_module \
"
RUN rm -rf /var/cache/apk/* \
&& rm -rf /tmp/* \
&& set -eux && sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories \
&& apk add --no-cache --virtual .build-deps \
gcc \
g++ \
libc-dev \
make \
openssl-dev \
pcre-dev \
zlib-dev \
linux-headers \
curl \
libxslt-dev \
gd-dev \
geoip-dev \
tzdata \
&& cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone \
&& mkdir /usr/local/src \
&& cd /usr/local/src/ \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/v2022.10.19.0/more.tar.gz" -o more.tar.gz \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/v2022.10.19.0/tengine-2.3.3.tar.gz" -o tengine-2.3.3.tar.gz \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/v2022.10.19.0/luajit2-2.1-20210510.tar.gz" -o luajit2-2.1-20210510.tar.gz \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/v2022.10.19.0/ip2region.tar.gz" -o ip2region.tar.gz \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/v2022.10.19.0/ip2region.db" -o ip2region.db \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/v2022.10.19.0/lualib_2022.tar.gz" -o lualib_2022.tar.gz \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/base_v2022.11.07/log_info.ini" -o log_info.ini \
&& curl -L "http://minio.8min.top/2022/docker/nginx/build/base_v2022.11.07/nginx.conf" -o nginx.conf \
&& tar -zxC /usr/local/src -f /usr/local/src/ip2region.tar.gz \
&& tar -zxC /usr/local/src -f /usr/local/src/tengine-2.3.3.tar.gz \
&& tar -zxC /usr/local/src -f /usr/local/src/luajit2-2.1-20210510.tar.gz \
&& tar -zxC /usr/local/src -f /usr/local/src/more.tar.gz \
&& tar -zxC /usr/local/src -f /usr/local/src/lualib_2022.tar.gz \
&& ls /usr/local/src/ \
&& mv /usr/local/src/headers-more-nginx-module-0.33 /usr/local/src/tengine-2.3.3/modules/ \
&& cd /usr/local/src/luajit2-2.1-20210510 \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
&& export LUAJIT_LIB=/usr/local/lib \
&& export LUAJIT_INC=/usr/local/include/luajit-2.1 \
&& cd /usr/local/src/ip2region/lua_c \
&& make \
&& cd /usr/local/src/tengine-2.3.3 \
&& ./configure $CONFIG --with-debug \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& mv objs/nginx objs/nginx-debug \
&& mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \
&& mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \
&& mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \
&& mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \
&& ./configure $CONFIG \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
&& mkdir /etc/nginx/conf.d/ \
&& mkdir -p /usr/share/nginx/html/ \
&& install -m644 html/index.html /usr/share/nginx/html/ \
&& install -m644 html/50x.html /usr/share/nginx/html/ \
&& install -m755 objs/nginx-debug /usr/sbin/nginx-debug \
&& install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \
&& install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \
&& install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \
&& install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \
&& mv /usr/local/src/ip2region/lua_c/Ip2region.so /usr/lib/nginx/modules/ \
&& ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \
&& strip /usr/sbin/nginx* \
&& strip /usr/lib/nginx/modules/*.so \
&& mkdir -p /etc/nginx/ip2region/ \
&& mkdir -p /var/cache/nginx \
\
# 更新部分配置
#
&& mv /usr/local/src/ip2region.db /etc/nginx/ip2region/ip2region.db \
&& mv /usr/local/src/lua /etc/nginx/ \
&& mv /usr/local/src/log_info.ini /etc/nginx/ip2region/ \
&& mv /usr/local/src/nginx.conf /etc/nginx/nginx.conf \
&& rm -rf /usr/local/src/ \
\
# Bring in gettext so we can get `envsubst`, then throw
# the rest away. To do this, we need to install `gettext`
# then move `envsubst` out of the way so `gettext` can
# be deleted completely, then move `envsubst` back.
&& apk add --no-cache --virtual .gettext gettext \
&& mv /usr/bin/envsubst /tmp/ \
\
&& runDeps="$( \
scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)" \
&& apk add --no-cache --virtual .nginx-rundeps $runDeps \
&& apk del .build-deps \
&& apk del .gettext \
&& mv /tmp/envsubst /usr/local/bin/ \
\
# Bring in tzdata so users could set the timezones through the environment
# variables
# && apk add --no-cache tzdata \
# \
# forward request and error logs to docker log collector
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log \
&& ls -l /usr/local/lib \
&& apk add --no-cache -U libgcc
EXPOSE 80 443
STOPSIGNAL SIGTERM
CMD ["nginx", "-g", "daemon off;"]
worker_processes auto;
worker_cpu_affinity auto;
user root;
pid /var/run/nginx.pid;
worker_rlimit_nofile 65535;
error_log "pipe:rollback logs/error.log interval=1d baknum=7 maxsize=1G" error;
events {
use epoll;
worker_connections 65535;
multi_accept on;
}
http {
include mime.types;
lua_package_cpath "/etc/nginx/modules/Ip2region.so;";
init_by_lua_block {
local Ip2region = require "Ip2region";
ip2region = Ip2region.new("/etc/nginx/ip2region/ip2region.db");
}
log_format main escape=none '[$time_iso8601]$msec$host$hostname'
'$remote_addr$request$status$request_length$bytes_sent'
'$body_bytes_sent$request_time$http_referer$upstream_cache_status$http_user_agent'
'$http_range$server_addr$tcpinfo_rtt$tcpinfo_rttvar'
'$server_port$http_x_request_id$upstream_connect_time$upstream_header_time'
'$upstream_response_time$http_x_from$upstream_status$upstream_addr'
'$upstream_response_length$ip2regin_city$ip2regin_country$ip2regin_region'
'$ip2regin_province$ip2regin_isp'
access_log logs/access_$year$month$day.log main;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 8 256k;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
server_tokens off;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
gzip on;
gzip_buffers 4 16k;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_min_length 1k;
gzip_proxied any;
gzip_vary on;
gzip_types
text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
text/javascript application/javascript application/x-javascript
text/x-json application/json application/x-web-app-manifest+json
text/css text/plain text/x-component
font/opentype application/x-font-ttf application/vnd.ms-fontobject
image/x-icon;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
include conf.d/*.conf;
}
set $ip2regin_city '';
set $ip2regin_country '';
set $ip2regin_region '';
set $ip2regin_province '';
set $ip2regin_isp '';
set $real_client_ip '';
access_by_lua_block {
local str_gsub = string.gsub
local headers=ngx.req.get_headers();
real_client_ip=headers["X-REAL-IP"] or headers["X_FORWARDED_FOR"] or ngx.var.remote_addr or "0.0.0.0";
data = ip2region:memorySearch(real_client_ip);
local arr = {}
str_gsub(data.region,'[^|]+',function(field)
arr[#arr + 1] = field
end
)
ngx.var.ip2regin_country = arr[1] or ''
ngx.var.ip2regin_region = arr[2] or ''
ngx.var.ip2regin_province = arr[3] or ''
ngx.var.ip2regin_city = arr[4]
ngx.var.ip2regin_isp = arr[5]
}
access_log logs/access_$year$month$day.log main;
# access_log "pipe:rollback logs/access_log interval=1m baknum=7 maxsize=2G" main;
# error_log "pipe:rollback logs/error_log interval=1m baknum=7 maxsize=2G" error;
- 构建命令 docker build -t youshumin/nginx:2.3.3
- 启动