Use standard nginx.conf from lsio alpine nginx base image

This commit is contained in:
Eric Nemchik
2021-10-14 16:03:42 -05:00
parent c02488e09b
commit 10c254db2c
10 changed files with 174 additions and 255 deletions

View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.14 FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.15
# set version label # set version label
ARG BUILD_DATE ARG BUILD_DATE
@@ -11,29 +11,33 @@ LABEL maintainer="aptalca"
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \ RUN \
echo "**** install runtime packages ****" && \ echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \ apk add --no-cache --upgrade \
curl \ curl \
php7-ctype \ php8-ctype \
php7-curl \ php8-curl \
php7-pdo_pgsql \ php8-pdo_pgsql \
php7-pdo_sqlite \ php8-pdo_sqlite \
php7-pdo_mysql \ php8-pdo_mysql \
php7-tokenizer \ php8-tokenizer \
php7-zip && \ php8-zip \
echo "**** install heimdall ****" && \ tar && \
mkdir -p \ echo "**** install heimdall ****" && \
/heimdall && \ mkdir -p \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \ /heimdall && \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \ if [ -z ${HEIMDALL_RELEASE+x} ]; then \
| awk '/tag_name/{print $4;exit}' FS='[""]'); \ HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
fi && \ | awk '/tag_name/{print $4;exit}' FS='[""]'); \
curl -o \ fi && \
/heimdall/heimdall.tar.gz -L \ curl -o \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \ /heimdall/heimdall.tar.gz -L \
echo "**** cleanup ****" && \ "https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
rm -rf \ echo "**** cleanup ****" && \
/tmp/* rm -rf \
/tmp/*
# add local files # add local files
COPY root/ / COPY root/ /
# ports and volumes
EXPOSE 80 443

View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.14 FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.15
# set version label # set version label
ARG BUILD_DATE ARG BUILD_DATE
@@ -11,29 +11,33 @@ LABEL maintainer="aptalca"
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \ RUN \
echo "**** install runtime packages ****" && \ echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \ apk add --no-cache --upgrade \
curl \ curl \
php7-ctype \ php8-ctype \
php7-curl \ php8-curl \
php7-pdo_pgsql \ php8-pdo_pgsql \
php7-pdo_sqlite \ php8-pdo_sqlite \
php7-pdo_mysql \ php8-pdo_mysql \
php7-tokenizer \ php8-tokenizer \
php7-zip && \ php8-zip \
echo "**** install heimdall ****" && \ tar && \
mkdir -p \ echo "**** install heimdall ****" && \
/heimdall && \ mkdir -p \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \ /heimdall && \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \ if [ -z ${HEIMDALL_RELEASE+x} ]; then \
| awk '/tag_name/{print $4;exit}' FS='[""]'); \ HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
fi && \ | awk '/tag_name/{print $4;exit}' FS='[""]'); \
curl -o \ fi && \
/heimdall/heimdall.tar.gz -L \ curl -o \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \ /heimdall/heimdall.tar.gz -L \
echo "**** cleanup ****" && \ "https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
rm -rf \ echo "**** cleanup ****" && \
/tmp/* rm -rf \
/tmp/*
# add local files # add local files
COPY root/ / COPY root/ /
# ports and volumes
EXPOSE 80 443

View File

@@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.14 FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.15
# set version label # set version label
ARG BUILD_DATE ARG BUILD_DATE
@@ -11,29 +11,33 @@ LABEL maintainer="aptalca"
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2 ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \ RUN \
echo "**** install runtime packages ****" && \ echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \ apk add --no-cache --upgrade \
curl \ curl \
php7-ctype \ php8-ctype \
php7-curl \ php8-curl \
php7-pdo_pgsql \ php8-pdo_pgsql \
php7-pdo_sqlite \ php8-pdo_sqlite \
php7-pdo_mysql \ php8-pdo_mysql \
php7-tokenizer \ php8-tokenizer \
php7-zip && \ php8-zip \
echo "**** install heimdall ****" && \ tar && \
mkdir -p \ echo "**** install heimdall ****" && \
/heimdall && \ mkdir -p \
if [ -z ${HEIMDALL_RELEASE+x} ]; then \ /heimdall && \
HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \ if [ -z ${HEIMDALL_RELEASE+x} ]; then \
| awk '/tag_name/{print $4;exit}' FS='[""]'); \ HEIMDALL_RELEASE=$(curl -sX GET "https://api.github.com/repos/linuxserver/Heimdall/releases/latest" \
fi && \ | awk '/tag_name/{print $4;exit}' FS='[""]'); \
curl -o \ fi && \
/heimdall/heimdall.tar.gz -L \ curl -o \
"https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \ /heimdall/heimdall.tar.gz -L \
echo "**** cleanup ****" && \ "https://github.com/linuxserver/Heimdall/archive/${HEIMDALL_RELEASE}.tar.gz" && \
rm -rf \ echo "**** cleanup ****" && \
/tmp/* rm -rf \
/tmp/*
# add local files # add local files
COPY root/ / COPY root/ /
# ports and volumes
EXPOSE 80 443

View File

@@ -76,7 +76,7 @@ Access the web gui at http://SERVERIP:PORT
### Adding password protection ### Adding password protection
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place. This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default.conf` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
## Usage ## Usage
@@ -240,8 +240,8 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions ## Versions
* **20.08.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)).
* **13.03.21:** - Make searchproviders.yaml user configurable. * **13.03.21:** - Make searchproviders.yaml user configurable.
* **11.03.21:** - Rebase to alpine 3.14.
* **10.02.21:** - Revert to alpine 3.12 as php 7.4 broke laravel. * **10.02.21:** - Revert to alpine 3.12 as php 7.4 broke laravel.
* **10.02.21:** - Rebasing to alpine 3.13. * **10.02.21:** - Rebasing to alpine 3.13.
* **17.08.20:** - Add php7-curl. * **17.08.20:** - Add php7-curl.
@@ -264,5 +264,5 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
* **07.10.18:** - Symlink `.env` rather than copy. It now resides under `/config/www` * **07.10.18:** - Symlink `.env` rather than copy. It now resides under `/config/www`
* **30.09.18:** - Multi-arch image. Move `.env` to `/config`. * **30.09.18:** - Multi-arch image. Move `.env` to `/config`.
* **05.09.18:** - Rebase to alpine linux 3.8. * **05.09.18:** - Rebase to alpine linux 3.8.
* **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place * **06.03.18:** - Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place
* **12.02.18:** - Initial Release. * **12.02.18:** - Initial Release.

View File

@@ -45,12 +45,12 @@ app_setup_block: |
### Adding password protection ### Adding password protection
This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default` and restart the container after updating the image. A new site config with htpasswd support will be created in its place. This image now supports password protection through htpasswd. Run the following command on your host to generate the htpasswd file `docker exec -it heimdall htpasswd -c /config/nginx/.htpasswd <username>`. Replace <username> with a username of your choice and you will be asked to enter a password. New installs will automatically pick it up and implement password protected access. Existing users updating their image can delete their site config at `/config/nginx/site-confs/default.conf` and restart the container after updating the image. A new site config with htpasswd support will be created in its place.
# changelog # changelog
changelogs: changelogs:
- { date: "20.08.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
- { date: "13.03.21:", desc: "Make searchproviders.yaml user configurable." } - { date: "13.03.21:", desc: "Make searchproviders.yaml user configurable." }
- { date: "11.03.21:", desc: "Rebase to alpine 3.14." }
- { date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel." } - { date: "10.02.21:", desc: "Revert to alpine 3.12 as php 7.4 broke laravel." }
- { date: "10.02.21:", desc: "Rebasing to alpine 3.13." } - { date: "10.02.21:", desc: "Rebasing to alpine 3.13." }
- { date: "17.08.20:", desc: "Add php7-curl." } - { date: "17.08.20:", desc: "Add php7-curl." }
@@ -73,5 +73,5 @@ changelogs:
- { date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`" } - { date: "07.10.18:", desc: "Symlink `.env` rather than copy. It now resides under `/config/www`" }
- { date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`." } - { date: "30.09.18:", desc: "Multi-arch image. Move `.env` to `/config`." }
- { date: "05.09.18:", desc: "Rebase to alpine linux 3.8." } - { date: "05.09.18:", desc: "Rebase to alpine linux 3.8." }
- { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default and restart the container, a new default site config with htpasswd support will be created in its place" } - { date: "06.03.18:", desc: "Use password protection if htpasswd is set. Existing users can delete their default site config at /config/nginx/site-confs/default.conf and restart the container, a new default site config with htpasswd support will be created in its place" }
- { date: "12.02.18:", desc: "Initial Release." } - { date: "12.02.18:", desc: "Initial Release." }

View File

@@ -1,43 +0,0 @@
## Version 2018/03/06 - Changelog: https://github.com/linuxserver/docker-heimdall/commits/master/root/defaults/default
server {
listen 80 default_server;
listen 443 ssl;
root /var/www/localhost/heimdall/public;
index index.php index.html index.htm;
server_name _;
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
client_max_body_size 0;
error_page 599 = @noauth;
location / {
if (!-f /config/nginx/.htpasswd) {
return 599;
}
auth_basic "Restricted";
auth_basic_user_file /config/nginx/.htpasswd;
try_files $uri $uri/ /index.php?$args;
}
location @noauth {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# With php5-cgi alone:
fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}

View File

@@ -1,98 +0,0 @@
user abc;
worker_processes 4;
pid /run/nginx.pid;
include /etc/nginx/modules/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
client_max_body_size 0;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /config/log/nginx/access.log;
error_log /config/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /config/nginx/site-confs/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
daemon off;

View File

@@ -2,57 +2,65 @@
# make our folders # make our folders
mkdir -p \ mkdir -p \
/config/www/{backgrounds,icons,avatars,SupportedApps} \ /config/www/{backgrounds,icons,avatars,SupportedApps} \
/var/www/localhost/heimdall \ /app/www \
/config/log/heimdall /config/log/heimdall
# install heimdall if necessary # install heimdall if necessary
[[ -f /heimdall/heimdall.tar.gz ]] && \ if [[ -f /heimdall/heimdall.tar.gz ]]; then
echo "New container detected, installing Heimdall" && \ echo "New container detected, installing Heimdall"
tar xf \ tar xf \
/heimdall/heimdall.tar.gz -C \ /heimdall/heimdall.tar.gz -C \
/var/www/localhost/heimdall --strip-components=1 && \ /app/www --strip-components=1
echo -e '\n# Heimdall user authorization\nfastcgi_param PHP_AUTH_USER $remote_user;\nfastcgi_param PHP_AUTH_PW $http_authorization;' >> \ echo -e '\n# Heimdall user authorization\nfastcgi_param PHP_AUTH_USER $remote_user;\nfastcgi_param PHP_AUTH_PW $http_authorization;' >> \
/etc/nginx/fastcgi_params && \ /etc/nginx/fastcgi_params
rm -rf /heimdall && \ rm -rf /heimdall
cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig && \ cp /app/www/storage/app/searchproviders.yaml /app/www/storage/app/searchproviders.yaml.orig
chown -R abc:abc /var/www/localhost/heimdall chown -R abc:abc /app/www
fi
# create symlinks # create symlinks
symlinks=( \ symlinks=( \
/var/www/localhost/heimdall/storage/app/public/avatars \ /app/www/storage/app/public/avatars \
/var/www/localhost/heimdall/storage/app/public/backgrounds \ /app/www/storage/app/public/backgrounds \
/var/www/localhost/heimdall/storage/app/public/icons \ /app/www/storage/app/public/icons \
/var/www/localhost/heimdall/app/SupportedApps \ /app/www/app/SupportedApps \
/var/www/localhost/heimdall/database/app.sqlite \ /app/www/database/app.sqlite \
/var/www/localhost/heimdall/.env ) /app/www/.env )
for i in "${symlinks[@]}" for i in "${symlinks[@]}"
do do
[[ -e "$i" && ! -L "$i" ]] && rm -rf "$i" if [[ -e "$i" && ! -L "$i" ]]; then
[[ ! -L "$i" ]] && ln -s /config/www/"$(basename "$i")" "$i" rm -rf "$i"
fi
if [[ ! -L "$i" ]]; then
ln -s /config/www/"$(basename "$i")" "$i"
fi
done done
[[ -e "/var/www/localhost/heimdall/storage/logs/laravel.log" && ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] \ if [[ -e "/app/www/storage/logs/laravel.log" && ! -L "/app/www/storage/logs/laravel.log" ]]; then
&& rm -rf "/var/www/localhost/heimdall/storage/logs/laravel.log" rm -rf "/app/www/storage/logs/laravel.log"
[[ ! -L "/var/www/localhost/heimdall/storage/logs/laravel.log" ]] && \ fi
ln -s "/config/log/heimdall/laravel.log" "/var/www/localhost/heimdall/storage/logs/laravel.log" if [[ ! -L "/app/www/storage/logs/laravel.log" ]]; then
ln -s "/config/log/heimdall/laravel.log" "/app/www/storage/logs/laravel.log"
fi
# copy .env if not exists # copy .env if not exists
[[ ! -f /config/www/.env ]] && \ if [[ ! -f /config/www/.env ]]; then
cp /var/www/localhost/heimdall/.env.example /config/www/.env && \ cp /app/www/.env.example /config/www/.env
echo "Creating app key. This may take a while on slower systems" && \ echo "Creating app key. This may take a while on slower systems"
php /var/www/localhost/heimdall/artisan key:generate php /app/www/artisan key:generate
fi
# copy searchproviders if not exists and symlink # copy searchproviders if not exists and symlink
[[ ! -f /config/www/searchproviders.yaml ]] && \ if [[ ! -f /config/www/searchproviders.yaml ]]; then
cp /var/www/localhost/heimdall/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml cp /app/www/storage/app/searchproviders.yaml.orig /config/www/searchproviders.yaml
rm -rf /var/www/localhost/heimdall/storage/app/searchproviders.yaml fi
ln -s /config/www/searchproviders.yaml /var/www/localhost/heimdall/storage/app/searchproviders.yaml rm -rf /app/www/storage/app/searchproviders.yaml
ln -s /config/www/searchproviders.yaml /app/www/storage/app/searchproviders.yaml
# set queue driver to database # set queue driver to database
sed -i 's/QUEUE_DRIVER=sync/QUEUE_DRIVER=database/' /config/www/.env sed -i 's/QUEUE_DRIVER=sync/QUEUE_DRIVER=database/' /config/www/.env
# permissions # permissions
echo "Setting permissions" echo "Setting permissions"
chown -R abc:abc \ chown -R abc:abc \
/config /config

View File

@@ -1,4 +1,4 @@
#!/usr/bin/with-contenv bash #!/usr/bin/with-contenv bash
exec \ exec \
s6-setuidgid abc php /var/www/localhost/heimdall/artisan queue:work database --sleep=3 --tries=3 s6-setuidgid abc php /app/www/artisan queue:work database --sleep=3 --tries=3

View File

@@ -0,0 +1,40 @@
<html>
<head>
<title>Upgrade Required!</title>
<style>
body{
font-family: Helvetica, Arial, sans-serif;
}
.message{
width:440px;
padding:20px 40px;
margin:0 auto;
background-color:#f9f9f9;
border:1px solid #ddd;
color: #1e3d62;
}
center{
margin:40px 0;
}
h1{
font-size: 18px;
line-height: 26px;
}
p{
font-size: 12px;
}
a{
color: rgb(207, 48, 139);
}
</style>
</head>
<body>
<div class="message">
<h1>Upgrade Required!</h1>
<p>The application inside this image has been moved to a new folder.</p>
<p>You will need to update your <strong>/config/nginx/nginx.conf</strong> and <strong>/config/nginx/site-confs/default.conf</strong> in order for the application to work.</p>
<p>New config samples are located at <strong>/config/nginx/nginx.conf.sample</strong> and <strong>/config/nginx/site-confs/default.conf.sample</strong></p>
<p>Please review our announcement: <a target="_blank" href="https://info.linuxserver.io/issues/2022-08-20-nginx-base/">Significant changes to nginx based images</a></p>
</div>
</body>
</html>