Charley

Nginx镜像构建_V3.0.0

实际使用过程中发现lua处理ngx.location.capture的时候会有问题, 一直会超过请求失败【暂未查明原因】

更新内容

  • 更新tengine到V3.0.0版本
  • 更新ip2region版本, 编译为静态库
  • 更新lualib基础库
  • 更新nginx.conf, 最小化配置nginx.conf
  • 去除ip2region.xdb在容器中, 改为自定义设置
  • 更新headers-more-nginx-module到v0.0.34
  • 去除其他依赖, 减少定制化
  • 优化dockerfile, 层次更加清晰
  • 加入bash,可以进入容器

#Dockerfile

# 使用基础镜像
FROM alpine:3.18 AS base
RUN rm -rf /var/cache/apk/* \
    && rm -rf /tmp/* \
    && set -eux \
    && sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories \
    && apk add --no-cache bash \
    && /bin/bash

FROM base

# 设置默认的 Tengine 版本
ARG TENGINE_VERSION=3.0.0

# 设置编译参数
ARG CONFIG=" \
        --prefix=/etc/nginx \
        --sbin-path=/usr/sbin/nginx \
        --modules-path=/usr/lib/nginx/modules \
        --conf-path=/etc/nginx/nginx.conf \
        --error-log-path=/var/log/nginx/error.log \
        --http-log-path=/var/log/nginx/access.log \
        --pid-path=/var/run/nginx.pid \
        --lock-path=/var/run/nginx.lock \
        --http-client-body-temp-path=/var/cache/nginx/client_temp \
        --http-proxy-temp-path=/var/cache/nginx/proxy_temp \
        --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
        --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
        --http-scgi-temp-path=/var/cache/nginx/scgi_temp \
        --user=root \
        --group=root \
        --with-http_ssl_module \
        --with-http_realip_module \
        --with-http_addition_module \
        --with-http_sub_module \
        --with-http_dav_module \
        --with-http_flv_module \
        --with-http_mp4_module \
        --with-http_gunzip_module \
        --with-http_gzip_static_module \
        --with-http_random_index_module \
        --with-http_secure_link_module \
        --with-http_stub_status_module \
        --with-http_auth_request_module \
        --with-http_xslt_module=dynamic \
        --with-http_image_filter_module=dynamic \
        --with-http_geoip_module=dynamic \
        --with-threads \
        --with-stream \
        --with-stream_ssl_module \
        --with-stream_ssl_preread_module \
        --with-stream_realip_module \
        --with-stream_geoip_module=dynamic \
        --with-http_slice_module \
        --with-mail \
        --with-mail_ssl_module \
        --with-compat \
        --with-file-aio \
        --with-http_v2_module \
        --add-module=modules/ngx_http_upstream_check_module \
        --add-module=modules/headers-more-nginx-module \
        --add-module=modules/ngx_http_upstream_session_sticky_module \
        --add-module=modules/ngx_http_lua_module \
        --add-module=modules/ngx_http_reqstat_module \
	    --add-module=modules/ngx_http_upstream_vnswrr_module \
        --add-module=modules/ip2region/binding/nginx \
        --with-cc-opt="-Imodules/ip2region/binding/c/build/include" \
        --with-ld-opt="-Lmodules/ip2region/binding/c/build/lib" \
	"

# 安装依赖项并下载源码
RUN apk --no-cache add --virtual .build-deps \
        gcc \
        g++ \
        libc-dev \
        make \
        openssl-dev \
        pcre-dev \
        zlib-dev \
        linux-headers \
        curl \
        libxslt-dev \
        gd-dev \
        geoip-dev \
        tzdata \
    && cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
    && mkdir -p /usr/local/src \
    && cd /usr/local/src/ \
    && curl -L "http://minio.8min.top/linux/nginx/build/v2023.09.25/tengine_v3.0.0.tar.gz" -o tengine_v3.0.0.tar.gz \
    && tar xf tengine_v3.0.0.tar.gz \  
    \ 
    # 编译安装 Tengine, Lualib
    && cd /usr/local/src/tengine_v3.0.0/luajit2-2.1-20210510 \
    && make -j$(getconf _NPROCESSORS_ONLN) \
    && make install \
    && export LUAJIT_LIB=/usr/local/lib \
    && export LUAJIT_INC=/usr/local/include/luajit-2.1 \
    \ 
    && cd /usr/local/src/tengine_v3.0.0/tengine-3.0.0/modules/ip2region/binding/c \
    && make xdb_searcher_lib \
    && cd /usr/local/src/tengine_v3.0.0/tengine-3.0.0 \
    && ./configure $CONFIG \
    && make -j$(getconf _NPROCESSORS_ONLN) \
    && make install \  
    \
    # 处理安装后其他问题
    && mkdir /etc/nginx/conf.d/ \
    && cd /usr/local/src/tengine_v3.0.0/tengine-3.0.0 \ 
    && ls -l \
    && ls -l ../ \ 
    && mkdir -p /usr/share/nginx/html/ \
    && install -m644 html/index.html /usr/share/nginx/html/ \
    && install -m644 html/50x.html /usr/share/nginx/html/ \
    && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \
    && strip /usr/sbin/nginx* \
    && strip /usr/lib/nginx/modules/*.so \  
    && mkdir -p /var/cache/nginx \
    \
    && mv /usr/local/src/tengine_v3.0.0/lualib /etc/nginx/lualib \
    && rm -f /etc/nginx/nginx.conf \ 
    && mv /usr/local/src/tengine_v3.0.0/nginx.conf /etc/nginx/nginx.conf \
    # 清理
    && apk del .build-deps \
    && rm -rf /var/cache/apk/* \
    && rm -rf /tmp/* \
    && rm -rf /usr/local/src \
    && apk add --no-cache --virtual .gettext gettext \
    && mv /usr/bin/envsubst /tmp/ \
    \
    && runDeps="$( \
            scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \
                    | tr ',' '\n' \
                    | sort -u \
                    | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
    )" \
    && apk add --no-cache --virtual .nginx-rundeps $runDeps \
    && apk del .gettext \
    && mv /tmp/envsubst /usr/local/bin/ \
    && ln -sf /dev/stdout /var/log/nginx/access.log \
    && ln -sf /dev/stderr /var/log/nginx/error.log \
    && ls -l /usr/local/lib \
    && apk add --no-cache -U libgcc 

# 设置运行时配置
EXPOSE 80 443
STOPSIGNAL SIGTERM

# 启动命令
CMD ["nginx", "-g", "daemon off;"]

#使用方法

docker run -id -d -v /data/nginx/conf.d:/etc/nginx/conf.d -v /data/nginx/logs:/etc/nginx/logs -p 443:443 -p 80:80 --name nginx youshumin/nginx:3.0.0.4

  • 然后将conf 文件放在conf.d目录下就行, 可以自行挂载多个目录

#定制功能说明

  • ip2region功能【github搜ip2region获取ip库】
  • 日志记录区域城市

#参考global_server.conf

# General Configuration Settings
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 8 256k;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
server_tokens off;
tcp_nodelay on;

# Proxy Settings
proxy_buffering off;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_connect_timeout 1s;
proxy_read_timeout 10;
proxy_send_timeout 10;
proxy_http_version 1.1;
proxy_next_upstream_tries 3;
proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 1024;

# IP2Region Database Configuration
ip2region_db conf.d/ip2region.xdb;

# Define Log Formats
log_format main escape=none '[$time_iso8601]$msec$host$hostname'
                '$remote_addr$request$status$request_length$bytes_sent'
                '$body_bytes_sent$request_time$http_referer$upstream_cache_status$http_user_agent'
                '$http_range$server_addr$tcpinfo_rtt$tcpinfo_rttvar'
                '$server_port$http_x_request_id$upstream_connect_time$upstream_header_time'
                '$upstream_response_time$http_x_from$upstream_status$upstream_addr'
                '$upstream_response_length$ip2regin_city$ip2regin_country$ip2regin_region'
                '$ip2regin_province$ip2regin_isp';

log_format main_json escape=none '{'
    '"time_iso8601": "$time_iso8601",'
    '"msec": "$msec",'
    '"host": "$host",'
    '"hostname": "$hostname",'
    '"remote_addr": "$remote_addr",'
    '"request": "$request",'
    '"status": "$status",'
    '"request_length": "$request_length",'
    '"bytes_sent": "$bytes_sent",'
    '"body_bytes_sent": "$body_bytes_sent",'
    '"request_time": "$request_time",'
    '"http_referer": "$http_referer",'
    '"upstream_cache_status": "$upstream_cache_status",'
    '"http_user_agent": "$http_user_agent",'
    '"http_range": "$http_range",'
    '"server_addr": "$server_addr",'
    '"tcpinfo_rtt": "$tcpinfo_rtt",'
    '"tcpinfo_rttvar": "$tcpinfo_rttvar",'
    '"server_port": "$server_port",'
    '"http_x_request_id": "$http_x_request_id",'
    '"upstream_connect_time": "$upstream_connect_time",'
    '"upstream_header_time": "$upstream_header_time",'
    '"upstream_response_time": "$upstream_response_time",'
    '"http_x_from": "$http_x_from",'
    '"upstream_status": "$upstream_status",'
    '"upstream_addr": "$upstream_addr",'
    '"upstream_response_length": "$upstream_response_length",'
    '"ip2regin_city": "$ip2regin_city",'
    '"ip2regin_country": "$ip2regin_country",'
    '"ip2regin_region": "$ip2regin_region",'
    '"ip2regin_province": "$ip2regin_province",'
    '"ip2regin_isp": "$ip2regin_isp"'
'}';

# Define the Server Block
server {
    listen 80;
    server_name test.com;

    # Configure Access Logging
    access_log logs/access.log main;

    # Initialize IP2Region Variables
    set $ip2regin_city '';
    set $ip2regin_country '';
    set $ip2regin_region  '';
    set $ip2regin_province '';
    set $ip2regin_isp '';
    set $real_client_ip '';

    # Configure Lua Script Execution
    log_by_lua_file /etc/nginx/conf.d/lualib/log_rewrite.lua;

    # Root Directory Configuration
    location / {
	root /etc/nginx/conf.d/www/;
        index index.html index.htm;

    }
}

log_rewrite.lua

-- Define a function to process ip2region data
function processIp2RegionData()
    -- Extract the ip2region field from the log message
    local ip2region_log = ngx.var.ip2region or ''

    -- Split the ip2region field using the pipe '|' delimiter
    local arr = {}
    for field in string.gmatch(ip2region_log, '([^|]+)') do
        table.insert(arr, field)
    end

    -- Assign the split values to the appropriate variables
    ngx.var.ip2regin_country = arr[1] or ''
    ngx.var.ip2regin_region = arr[2] or ''
    ngx.var.ip2regin_province = arr[3] or ''
    ngx.var.ip2regin_city = arr[4] or ''
    ngx.var.ip2regin_isp = arr[5] or ''
end

-- Call the function using pcall to handle any errors
local success, err = pcall(processIp2RegionData)

if not success then
    ngx.log(ngx.ERR, "Error processing ip2region data: ", err)
end