diff options
Diffstat (limited to 'pkg/docker')
| -rw-r--r-- | pkg/docker/Dockerfile.go1.19 | 79 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.go1.20 | 84 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.jsc11 | 83 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.minimal | 83 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.node18 | 85 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.perl5.36 | 83 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.php8.1 | 77 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.php8.2 | 84 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.python3.11 | 83 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.ruby3.1 | 77 | ||||
| -rw-r--r-- | pkg/docker/Dockerfile.ruby3.2 | 84 | ||||
| -rw-r--r-- | pkg/docker/Makefile | 137 | ||||
| -rwxr-xr-x | pkg/docker/docker-entrypoint.sh | 68 | ||||
| -rw-r--r-- | pkg/docker/template.Dockerfile | 83 | ||||
| -rw-r--r-- | pkg/docker/welcome.html | 45 | ||||
| -rw-r--r-- | pkg/docker/welcome.json | 25 | ||||
| -rw-r--r-- | pkg/docker/welcome.md | 29 |
17 files changed, 736 insertions, 553 deletions
diff --git a/pkg/docker/Dockerfile.go1.19 b/pkg/docker/Dockerfile.go1.19 deleted file mode 100644 index a6ff837c..00000000 --- a/pkg/docker/Dockerfile.go1.19 +++ /dev/null @@ -1,79 +0,0 @@ -FROM golang:1.19 as BUILDER - -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" - -RUN set -ex \ - && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ - && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ - && cd unit \ - && hg up 1.29.1 \ - && NCPU="$(getconf _NPROCESSORS_ONLN)" \ - && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ - && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ - && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ - --control=unix:/var/run/control.unit.sock \ - --pid=/var/run/unit.pid \ - --log=/var/log/unit.log \ - --tmp=/var/tmp \ - --user=unit \ - --group=unit \ - --openssl \ - --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ - && ./configure go --go-path=$GOPATH \ - && make -j $NCPU go-install-src libunit-install \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ - && ./configure go --go-path=$GOPATH \ - && make -j $NCPU go-install-src libunit-install \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM golang:1.19 -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt -COPY --from=BUILDER /usr/lib/*-linux-gnu/libunit.a /tmp/ -COPY --from=BUILDER /usr/include/nxt_* /usr/include/ -COPY --from=BUILDER /go/src/ /go/src/ -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ - && mkdir -p /var/lib/unit/ \ - && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ - --no-create-home \ - --home /nonexistent \ - --gecos "unit user" \ - --shell /bin/false \ - unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ - && rm -f /requirements.apt \ - && ln -sf /dev/stdout /var/log/unit.log - -STOPSIGNAL SIGTERM - -ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - -CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.go1.20 b/pkg/docker/Dockerfile.go1.20 new file mode 100644 index 00000000..50b4d5b3 --- /dev/null +++ b/pkg/docker/Dockerfile.go1.20 @@ -0,0 +1,84 @@ +FROM golang:1.20-bullseye + +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" + +RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ + && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ + && cd unit \ + && NCPU="$(getconf _NPROCESSORS_ONLN)" \ + && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ + && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ + && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ + --control=unix:/var/run/control.unit.sock \ + --pid=/var/run/unit.pid \ + --log=/var/log/unit.log \ + --tmpdir=/var/tmp \ + --user=unit \ + --group=unit \ + --openssl \ + --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ + && make clean \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ + && make clean \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && ./configure go --go-path=$GOPATH \ + && make -j $NCPU go-install-src libunit-install \ + && make clean \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ + && ./configure go --go-path=$GOPATH \ + && make -j $NCPU go-install-src libunit-install \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && /bin/true \ + && mkdir -p /var/lib/unit/ \ + && mkdir /docker-entrypoint.d/ \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ + --no-create-home \ + --home /nonexistent \ + --comment "unit user" \ + --shell /bin/false \ + unit \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ + && rm -f /requirements.apt \ + && ln -sf /dev/stdout /var/log/unit.log + +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + +STOPSIGNAL SIGTERM + +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +EXPOSE 80 +CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.jsc11 b/pkg/docker/Dockerfile.jsc11 index 501bfcda..bd987ae5 100644 --- a/pkg/docker/Dockerfile.jsc11 +++ b/pkg/docker/Dockerfile.jsc11 @@ -1,77 +1,84 @@ -FROM eclipse-temurin:11-jdk as BUILDER +FROM eclipse-temurin:11-jdk-jammy -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ && cd unit \ - && hg up 1.29.1 \ && NCPU="$(getconf _NPROCESSORS_ONLN)" \ && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ --control=unix:/var/run/control.unit.sock \ --pid=/var/run/unit.pid \ --log=/var/log/unit.log \ - --tmp=/var/tmp \ + --tmpdir=/var/tmp \ --user=unit \ --group=unit \ --openssl \ --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure java --jars=/usr/share/unit-jsc-common/ \ && make -j $NCPU java-shared-install java-install \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ && ./configure java --jars=/usr/share/unit-jsc-common/ \ && make -j $NCPU java-shared-install java-install \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM eclipse-temurin:11-jdk -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt -COPY --from=BUILDER /usr/share/unit-jsc-common/ /usr/share/unit-jsc-common/ -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && /bin/true \ && mkdir -p /var/lib/unit/ \ && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ --no-create-home \ --home /nonexistent \ - --gecos "unit user" \ + --comment "unit user" \ --shell /bin/false \ unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stdout /var/log/unit.log +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + STOPSIGNAL SIGTERM ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - +EXPOSE 80 CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.minimal b/pkg/docker/Dockerfile.minimal index 6101953e..06a85b22 100644 --- a/pkg/docker/Dockerfile.minimal +++ b/pkg/docker/Dockerfile.minimal @@ -1,77 +1,84 @@ -FROM debian:bullseye-slim as BUILDER +FROM debian:bullseye-slim -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ && cd unit \ - && hg up 1.29.1 \ && NCPU="$(getconf _NPROCESSORS_ONLN)" \ && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ --control=unix:/var/run/control.unit.sock \ --pid=/var/run/unit.pid \ --log=/var/log/unit.log \ - --tmp=/var/tmp \ + --tmpdir=/var/tmp \ --user=unit \ --group=unit \ --openssl \ --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure \ && make -j $NCPU version \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ && ./configure \ && make -j $NCPU version \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM debian:bullseye-slim -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt - -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && /bin/true \ && mkdir -p /var/lib/unit/ \ && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ --no-create-home \ --home /nonexistent \ - --gecos "unit user" \ + --comment "unit user" \ --shell /bin/false \ unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stdout /var/log/unit.log +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + STOPSIGNAL SIGTERM ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - +EXPOSE 80 CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.node18 b/pkg/docker/Dockerfile.node18 index 27543df1..b3fb46d3 100644 --- a/pkg/docker/Dockerfile.node18 +++ b/pkg/docker/Dockerfile.node18 @@ -1,79 +1,84 @@ -FROM node:18 as BUILDER +FROM node:18-bullseye -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ && cd unit \ - && hg up 1.29.1 \ && NCPU="$(getconf _NPROCESSORS_ONLN)" \ && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ --control=unix:/var/run/control.unit.sock \ --pid=/var/run/unit.pid \ --log=/var/log/unit.log \ - --tmp=/var/tmp \ + --tmpdir=/var/tmp \ --user=unit \ --group=unit \ --openssl \ --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure nodejs --node-gyp=/usr/local/lib/node_modules/npm/bin/node-gyp-bin/node-gyp \ && make -j $NCPU node node-install libunit-install \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ && ./configure nodejs --node-gyp=/usr/local/lib/node_modules/npm/bin/node-gyp-bin/node-gyp \ && make -j $NCPU node node-install libunit-install \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM node:18 -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt -COPY --from=BUILDER /usr/lib/*-linux-gnu/libunit.a /tmp/ -COPY --from=BUILDER /usr/include/nxt_* /usr/include/ -COPY --from=BUILDER /usr/local/lib/node_modules/unit-http/ /usr/local/lib/node_modules/unit-http/ -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && /bin/true \ && mkdir -p /var/lib/unit/ \ && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ --no-create-home \ --home /nonexistent \ - --gecos "unit user" \ + --comment "unit user" \ --shell /bin/false \ unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stdout /var/log/unit.log +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + STOPSIGNAL SIGTERM ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - +EXPOSE 80 CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.perl5.36 b/pkg/docker/Dockerfile.perl5.36 index 8f2b8a61..2dc31e53 100644 --- a/pkg/docker/Dockerfile.perl5.36 +++ b/pkg/docker/Dockerfile.perl5.36 @@ -1,77 +1,84 @@ -FROM perl:5.36 as BUILDER +FROM perl:5.36-bullseye -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ && cd unit \ - && hg up 1.29.1 \ && NCPU="$(getconf _NPROCESSORS_ONLN)" \ && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ --control=unix:/var/run/control.unit.sock \ --pid=/var/run/unit.pid \ --log=/var/log/unit.log \ - --tmp=/var/tmp \ + --tmpdir=/var/tmp \ --user=unit \ --group=unit \ --openssl \ --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure perl \ && make -j $NCPU perl-install \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ && ./configure perl \ && make -j $NCPU perl-install \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM perl:5.36 -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt - -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && /bin/true \ && mkdir -p /var/lib/unit/ \ && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ --no-create-home \ --home /nonexistent \ - --gecos "unit user" \ + --comment "unit user" \ --shell /bin/false \ unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stdout /var/log/unit.log +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + STOPSIGNAL SIGTERM ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - +EXPOSE 80 CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.php8.1 b/pkg/docker/Dockerfile.php8.1 deleted file mode 100644 index eefc4aa8..00000000 --- a/pkg/docker/Dockerfile.php8.1 +++ /dev/null @@ -1,77 +0,0 @@ -FROM php:8.1-cli as BUILDER - -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" - -RUN set -ex \ - && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ - && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ - && cd unit \ - && hg up 1.29.1 \ - && NCPU="$(getconf _NPROCESSORS_ONLN)" \ - && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ - && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ - && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ - --control=unix:/var/run/control.unit.sock \ - --pid=/var/run/unit.pid \ - --log=/var/log/unit.log \ - --tmp=/var/tmp \ - --user=unit \ - --group=unit \ - --openssl \ - --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ - && ./configure php \ - && make -j $NCPU php-install \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ - && ./configure php \ - && make -j $NCPU php-install \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM php:8.1-cli -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt -RUN ldconfig -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ - && mkdir -p /var/lib/unit/ \ - && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ - --no-create-home \ - --home /nonexistent \ - --gecos "unit user" \ - --shell /bin/false \ - unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ - && rm -f /requirements.apt \ - && ln -sf /dev/stdout /var/log/unit.log - -STOPSIGNAL SIGTERM - -ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - -CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.php8.2 b/pkg/docker/Dockerfile.php8.2 new file mode 100644 index 00000000..fcf3f59e --- /dev/null +++ b/pkg/docker/Dockerfile.php8.2 @@ -0,0 +1,84 @@ +FROM php:8.2-cli-bullseye + +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" + +RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ + && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ + && cd unit \ + && NCPU="$(getconf _NPROCESSORS_ONLN)" \ + && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ + && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ + && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ + --control=unix:/var/run/control.unit.sock \ + --pid=/var/run/unit.pid \ + --log=/var/log/unit.log \ + --tmpdir=/var/tmp \ + --user=unit \ + --group=unit \ + --openssl \ + --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ + && make clean \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ + && make clean \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && ./configure php \ + && make -j $NCPU php-install \ + && make clean \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ + && ./configure php \ + && make -j $NCPU php-install \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && ldconfig \ + && mkdir -p /var/lib/unit/ \ + && mkdir /docker-entrypoint.d/ \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ + --no-create-home \ + --home /nonexistent \ + --comment "unit user" \ + --shell /bin/false \ + unit \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ + && rm -f /requirements.apt \ + && ln -sf /dev/stdout /var/log/unit.log + +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + +STOPSIGNAL SIGTERM + +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +EXPOSE 80 +CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.python3.11 b/pkg/docker/Dockerfile.python3.11 index 744eda20..89cd315a 100644 --- a/pkg/docker/Dockerfile.python3.11 +++ b/pkg/docker/Dockerfile.python3.11 @@ -1,77 +1,84 @@ -FROM python:3.11 as BUILDER +FROM python:3.11-bullseye -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ && cd unit \ - && hg up 1.29.1 \ && NCPU="$(getconf _NPROCESSORS_ONLN)" \ && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ --control=unix:/var/run/control.unit.sock \ --pid=/var/run/unit.pid \ --log=/var/log/unit.log \ - --tmp=/var/tmp \ + --tmpdir=/var/tmp \ --user=unit \ --group=unit \ --openssl \ --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure python --config=/usr/local/bin/python3-config \ && make -j $NCPU python3-install \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ && ./configure python --config=/usr/local/bin/python3-config \ && make -j $NCPU python3-install \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM python:3.11 -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt - -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && /bin/true \ && mkdir -p /var/lib/unit/ \ && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ --no-create-home \ --home /nonexistent \ - --gecos "unit user" \ + --comment "unit user" \ --shell /bin/false \ unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stdout /var/log/unit.log +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + STOPSIGNAL SIGTERM ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - +EXPOSE 80 CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.ruby3.1 b/pkg/docker/Dockerfile.ruby3.1 deleted file mode 100644 index 132b2b34..00000000 --- a/pkg/docker/Dockerfile.ruby3.1 +++ /dev/null @@ -1,77 +0,0 @@ -FROM ruby:3.1 as BUILDER - -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" - -RUN set -ex \ - && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ - && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ - && cd unit \ - && hg up 1.29.1 \ - && NCPU="$(getconf _NPROCESSORS_ONLN)" \ - && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ - && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ - && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ - --control=unix:/var/run/control.unit.sock \ - --pid=/var/run/unit.pid \ - --log=/var/log/unit.log \ - --tmp=/var/tmp \ - --user=unit \ - --group=unit \ - --openssl \ - --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ - && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ - && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ - && ./configure ruby \ - && make -j $NCPU ruby-install \ - && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ - && ./configure ruby \ - && make -j $NCPU ruby-install \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM ruby:3.1 -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt -RUN gem install rack -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ - && mkdir -p /var/lib/unit/ \ - && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ - --no-create-home \ - --home /nonexistent \ - --gecos "unit user" \ - --shell /bin/false \ - unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ - && rm -f /requirements.apt \ - && ln -sf /dev/stdout /var/log/unit.log - -STOPSIGNAL SIGTERM - -ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - -CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Dockerfile.ruby3.2 b/pkg/docker/Dockerfile.ruby3.2 new file mode 100644 index 00000000..4a6b60e4 --- /dev/null +++ b/pkg/docker/Dockerfile.ruby3.2 @@ -0,0 +1,84 @@ +FROM ruby:3.2-bullseye + +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="1.30.0" + +RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ + && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ + && hg clone -u 1.30.0-1 https://hg.nginx.org/unit \ + && cd unit \ + && NCPU="$(getconf _NPROCESSORS_ONLN)" \ + && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ + && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ + && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ + --control=unix:/var/run/control.unit.sock \ + --pid=/var/run/unit.pid \ + --log=/var/log/unit.log \ + --tmpdir=/var/tmp \ + --user=unit \ + --group=unit \ + --openssl \ + --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ + && make clean \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ + && make -j $NCPU unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ + && make clean \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ + && ./configure ruby \ + && make -j $NCPU ruby-install \ + && make clean \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ + && ./configure ruby \ + && make -j $NCPU ruby-install \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && gem install rack \ + && mkdir -p /var/lib/unit/ \ + && mkdir /docker-entrypoint.d/ \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ + --no-create-home \ + --home /nonexistent \ + --comment "unit user" \ + --shell /bin/false \ + unit \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ + && rm -f /requirements.apt \ + && ln -sf /dev/stdout /var/log/unit.log + +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + +STOPSIGNAL SIGTERM + +ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] +EXPOSE 80 +CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/Makefile b/pkg/docker/Makefile index b08e885f..cb801253 100644 --- a/pkg/docker/Makefile +++ b/pkg/docker/Makefile @@ -6,114 +6,123 @@ include ../shasum.mak DEFAULT_VERSION := $(NXT_VERSION) VERSION ?= $(DEFAULT_VERSION) +PATCHLEVEL ?= 1 -EXPORT_DIR := $(VERSION) +MODULES ?= go jsc node perl php python ruby -MODULES ?= go jsc node perl php python ruby minimal +VARIANT ?= bullseye -VERSION_minimal ?= -CONTAINER_minimal ?= debian:bullseye-slim +VERSIONS_minimal ?= +CONTAINER_minimal ?= debian:$(VARIANT)-slim CONFIGURE_minimal ?= INSTALL_minimal ?= version -define COPY_minimal -endef +RUN_minimal ?= /bin/true -VERSION_go ?= 1.19 -CONTAINER_go ?= golang:$(VERSION_go) +VERSIONS_go ?= 1.20 +VARIANT_go ?= $(VARIANT) +$(foreach goversion, $(VERSIONS_go), $(eval CONTAINER_go$(goversion) = golang:$(goversion)-$(VARIANT_go))) CONFIGURE_go ?= go --go-path=$$GOPATH INSTALL_go ?= go-install-src libunit-install -define COPY_go -COPY --from=BUILDER /usr/lib/\*-linux-gnu/libunit.a /tmp/\n\$ -COPY --from=BUILDER /usr/include/nxt_* /usr/include/\n\$ -COPY --from=BUILDER /go/src/ /go/src/ -endef - -VERSION_jsc ?= 11 -CONTAINER_jsc ?= eclipse-temurin:$(VERSION_jsc)-jdk +RUN_go ?= /bin/true + +VERSIONS_jsc ?= 11 +VARIANT_jsc ?= jammy +$(foreach jscversion, $(VERSIONS_jsc), $(eval CONTAINER_jsc$(jscversion) = eclipse-temurin:$(jscversion)-jdk-$(VARIANT_jsc))) CONFIGURE_jsc ?= java --jars=/usr/share/unit-jsc-common/ INSTALL_jsc ?= java-shared-install java-install -COPY_jsc = COPY --from=BUILDER /usr/share/unit-jsc-common/ /usr/share/unit-jsc-common/ +RUN_jsc ?= /bin/true -VERSION_node ?= 18 -CONTAINER_node ?= node:$(VERSION_node) +VERSIONS_node ?= 18 +VARIANT_node ?= $(VARIANT) +$(foreach nodeversion, $(VERSIONS_node), $(eval CONTAINER_node$(nodeversion) = node:$(nodeversion)-$(VARIANT_node))) CONFIGURE_node ?= nodejs --node-gyp=/usr/local/lib/node_modules/npm/bin/node-gyp-bin/node-gyp INSTALL_node ?= node node-install libunit-install -define COPY_node -COPY --from=BUILDER /usr/lib/\*-linux-gnu/libunit.a /tmp/\n\$ -COPY --from=BUILDER /usr/include/nxt_* /usr/include/\n\$ -COPY --from=BUILDER /usr/local/lib/node_modules/unit-http/ /usr/local/lib/node_modules/unit-http/ -endef - -VERSION_perl ?= 5.36 -CONTAINER_perl ?= perl:$(VERSION_perl) +RUN_node ?= /bin/true + +VERSIONS_perl ?= 5.36 +VARIANT_perl ?= $(VARIANT) +$(foreach perlversion, $(VERSIONS_perl), $(eval CONTAINER_perl$(perlversion) = perl:$(perlversion)-$(VARIANT_perl))) CONFIGURE_perl ?= perl INSTALL_perl ?= perl-install -COPY_perl = +RUN_perl ?= /bin/true -VERSION_php ?= 8.1 -CONTAINER_php ?= php:$(VERSION_php)-cli +VERSIONS_php ?= 8.2 +VARIANT_php ?= cli-$(VARIANT) +$(foreach phpversion, $(VERSIONS_php), $(eval CONTAINER_php$(phpversion) = php:$(phpversion)-$(VARIANT_php))) CONFIGURE_php ?= php INSTALL_php ?= php-install -COPY_php = RUN ldconfig +RUN_php ?= ldconfig -VERSION_python ?= 3.11 -CONTAINER_python ?= python:$(VERSION_python) +VERSIONS_python ?= 3.11 +VARIANT_python ?= $(VARIANT) +$(foreach pythonversion, $(VERSIONS_python), $(eval CONTAINER_python$(pythonversion) = python:$(pythonversion)-$(VARIANT_python))) CONFIGURE_python ?= python --config=/usr/local/bin/python3-config INSTALL_python ?= python3-install -COPY_python = +RUN_python ?= /bin/true -VERSION_ruby ?= 3.1 -CONTAINER_ruby ?= ruby:$(VERSION_ruby) +VERSIONS_ruby ?= 3.2 +VARIANT_ruby ?= $(VARIANT) +$(foreach rubyversion, $(VERSIONS_ruby), $(eval CONTAINER_ruby$(rubyversion) = ruby:$(rubyversion)-$(VARIANT_ruby))) CONFIGURE_ruby ?= ruby INSTALL_ruby ?= ruby-install -COPY_ruby = RUN gem install rack +RUN_ruby ?= gem install rack default: - @echo "valid targets: all build dockerfiles push tag export clean" + @echo "valid targets: all build dockerfiles library clean" -MODVERSIONS = $(foreach module,$(MODULES),$(module)$(VERSION_$(module))) +MODVERSIONS = $(foreach module, $(MODULES), $(foreach modversion, $(shell for v in $(VERSIONS_$(module)); do echo $$v; done | sort -r), $(module)$(modversion))) minimal modname = $(shell echo $1 | /usr/bin/tr -d '.01234567890-') dockerfiles: $(addprefix Dockerfile., $(MODVERSIONS)) -build: $(addprefix build-,$(MODVERSIONS)) -tag: $(addprefix tag-,$(MODVERSIONS)) -push: $(addprefix push-,$(MODVERSIONS)) -export: $(addsuffix .tar.gz,$(addprefix $(EXPORT_DIR)/nginx-unit-$(VERSION)-,$(MODVERSIONS))) $(addsuffix .tar.gz.sha512, $(addprefix $(EXPORT_DIR)/nginx-unit-$(VERSION)-,$(MODVERSIONS))) +build: $(addprefix build-, $(MODVERSIONS)) -Dockerfile.%: ../../version +Dockerfile.%: ../../version template.Dockerfile @echo "===> Building $@" cat template.Dockerfile | sed \ -e 's,@@VERSION@@,$(VERSION),g' \ - -e 's,@@CONTAINER@@,$(CONTAINER_$(call modname, $*)),g' \ + -e 's,@@PATCHLEVEL@@,$(PATCHLEVEL),g' \ + -e 's,@@CONTAINER@@,$(CONTAINER_$*),g' \ -e 's,@@CONFIGURE@@,$(CONFIGURE_$(call modname, $*)),g' \ -e 's,@@INSTALL@@,$(INSTALL_$(call modname, $*)),g' \ - -e 's,@@COPY@@,$(COPY_$(call modname, $*)),g' \ + -e 's,@@RUN@@,$(RUN_$(call modname, $*)),g' \ > $@ build-%: Dockerfile.% - docker pull $(CONTAINER_$(call modname, $*)) + docker pull $(CONTAINER_$*) docker build --no-cache -t unit:$(VERSION)-$* -f Dockerfile.$* . -tag-%: build-% - docker tag unit:$(VERSION)-$* nginx/unit:$(VERSION)-$* - -push-%: tag-% - docker push nginx/unit:$(VERSION)-$* - -$(EXPORT_DIR): - mkdir -p $@ - -$(EXPORT_DIR)/nginx-unit-$(VERSION)-%.tar.gz: $(EXPORT_DIR) tag-% - docker save nginx/unit:$(VERSION)-$* | gzip > $@ - -$(EXPORT_DIR)/nginx-unit-$(VERSION)-%.tar.gz.sha512: $(EXPORT_DIR)/nginx-unit-$(VERSION)-%.tar.gz - $(SHA512SUM) $< | sed 's,$(EXPORT_DIR)/,,' > $@ +library: + @echo "# this file is generated via https://github.com/nginx/unit/blob/$(shell git describe --always --abbrev=0 HEAD)/pkg/docker/Makefile" + @echo "" + @echo "Maintainers: Unit Docker Maintainers <docker-maint@nginx.com> (@nginx)" + @echo "GitRepo: https://github.com/nginx/unit.git" + @previous=""; \ + for mod in $(MODVERSIONS); do \ + echo ""; \ + modname="$$( echo $$mod | tr -d '.0123456789-' )"; \ + TAGS="$$mod $${mod%%.*} $$modname" ; \ + TAGS="$$(echo $$TAGS | tr " " "\n" | sort -u -r | tr "\n" "," | sed "s/,/, /g")"; \ + if [ "$$previous" == "$$modname" ]; then \ + echo "Tags: $(VERSION)-$$mod, $$mod"; \ + else \ + if [ "$$mod" == "minimal" ]; then \ + echo "Tags: $(VERSION)-$$mod, $${TAGS%, }, latest"; \ + else \ + echo "Tags: $(VERSION)-$$mod, $${TAGS%, }"; \ + fi; \ + fi; \ + echo "Architectures: amd64, arm64v8"; \ + echo "GitFetch: refs/heads/branches/packaging"; \ + echo "GitCommit: $(shell git describe --always --abbrev=0 HEAD)"; \ + echo "Directory: pkg/docker"; \ + echo "File: Dockerfile.$$mod"; \ + previous=$$(echo $$mod | tr -d '.0123456789-'); \ + done all: $(addprefix Dockerfile., $(MODVERSIONS)) clean: - rm -f $(addprefix Dockerfile., $(MODVERSIONS)) - rm -rf $(EXPORT_DIR) + rm -f Dockerfile.* -.PHONY: default build dockerfiles push tag export clean +.PHONY: default build dockerfiles clean library diff --git a/pkg/docker/docker-entrypoint.sh b/pkg/docker/docker-entrypoint.sh index 3d134ea2..4646409f 100755 --- a/pkg/docker/docker-entrypoint.sh +++ b/pkg/docker/docker-entrypoint.sh @@ -25,14 +25,23 @@ if [ "$1" = "unitd" ] || [ "$1" = "unitd-debug" ]; then if /usr/bin/find "/var/lib/unit/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then echo "$0: /var/lib/unit/ is not empty, skipping initial configuration..." else - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then - echo "$0: /docker-entrypoint.d/ is not empty, launching Unit daemon to perform initial configuration..." - /usr/sbin/$1 --control unix:/var/run/control.unit.sock + echo "$0: Launching Unit daemon to perform initial configuration..." + /usr/sbin/$1 --control unix:/var/run/control.unit.sock + + for i in $(/usr/bin/seq $WAITLOOPS); do + if [ ! -S /var/run/control.unit.sock ]; then + echo "$0: Waiting for control socket to be created..." + /bin/sleep $SLEEPSEC + else + break + fi + done + # even when the control socket exists, it does not mean unit has finished initialisation + # this curl call will get a reply once unit is fully launched + /usr/bin/curl -s -X GET --unix-socket /var/run/control.unit.sock http://localhost/ - while [ ! -S /var/run/control.unit.sock ]; do echo "$0: Waiting for control socket to be created..."; /bin/sleep 0.1; done - # even when the control socket exists, it does not mean unit has finished initialisation - # this curl call will get a reply once unit is fully launched - /usr/bin/curl -s -X GET --unix-socket /var/run/control.unit.sock http://localhost/ + if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -print -quit 2>/dev/null | /bin/grep -q .; then + echo "$0: /docker-entrypoint.d/ is not empty, applying initial configuration..." echo "$0: Looking for certificate bundles in /docker-entrypoint.d/..." for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.pem"); do @@ -40,6 +49,12 @@ if [ "$1" = "unitd" ] || [ "$1" = "unitd-debug" ]; then curl_put $f "certificates/$(basename $f .pem)" done + echo "$0: Looking for JavaScript modules in /docker-entrypoint.d/..." + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.js"); do + echo "$0: Uploading JavaScript module: $f" + curl_put $f "js_modules/$(basename $f .js)" + done + echo "$0: Looking for configuration snippets in /docker-entrypoint.d/..." for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -name "*.json"); do echo "$0: Applying configuration $f"; @@ -53,32 +68,33 @@ if [ "$1" = "unitd" ] || [ "$1" = "unitd-debug" ]; then done # warn on filetypes we don't know what to do with - for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh" -not -name "*.json" -not -name "*.pem"); do + for f in $(/usr/bin/find /docker-entrypoint.d/ -type f -not -name "*.sh" -not -name "*.json" -not -name "*.pem" -not -name "*.js"); do echo "$0: Ignoring $f"; done + else + echo "$0: /docker-entrypoint.d/ is empty, creating 'welcome' configuration..." + curl_put /usr/share/unit/welcome/welcome.json "config" + fi - echo "$0: Stopping Unit daemon after initial configuration..." - kill -TERM $(/bin/cat /var/run/unit.pid) + echo "$0: Stopping Unit daemon after initial configuration..." + kill -TERM $(/bin/cat /var/run/unit.pid) - for i in $(/usr/bin/seq $WAITLOOPS); do - if [ -S /var/run/control.unit.sock ]; then - echo "$0 Waiting for control socket to be removed..." - /bin/sleep $SLEEPSEC - else - break - fi - done + for i in $(/usr/bin/seq $WAITLOOPS); do if [ -S /var/run/control.unit.sock ]; then - kill -KILL $(/bin/cat /var/run/unit.pid) - rm -f /var/run/control.unit.sock + echo "$0: Waiting for control socket to be removed..." + /bin/sleep $SLEEPSEC + else + break fi - - echo - echo "$0: Unit initial configuration complete; ready for start up..." - echo - else - echo "$0: /docker-entrypoint.d/ is empty, skipping initial configuration..." + done + if [ -S /var/run/control.unit.sock ]; then + kill -KILL $(/bin/cat /var/run/unit.pid) + rm -f /var/run/control.unit.sock fi + + echo + echo "$0: Unit initial configuration complete; ready for start up..." + echo fi fi diff --git a/pkg/docker/template.Dockerfile b/pkg/docker/template.Dockerfile index 2d964eb6..c6a72aa8 100644 --- a/pkg/docker/template.Dockerfile +++ b/pkg/docker/template.Dockerfile @@ -1,77 +1,84 @@ -FROM @@CONTAINER@@ as BUILDER +FROM @@CONTAINER@@ -LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.title="Unit" +LABEL org.opencontainers.image.description="Official build of Unit for Docker." +LABEL org.opencontainers.image.url="https://unit.nginx.org" +LABEL org.opencontainers.image.source="https://github.com/nginx/unit" +LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images" +LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>" +LABEL org.opencontainers.image.version="@@VERSION@@" RUN set -ex \ + && savedAptMark="$(apt-mark showmanual)" \ && apt-get update \ - && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \ + && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev curl pkg-config \ && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \ - && hg clone https://hg.nginx.org/unit \ + && hg clone -u @@VERSION@@-@@PATCHLEVEL@@ https://hg.nginx.org/unit \ && cd unit \ - && hg up @@VERSION@@ \ && NCPU="$(getconf _NPROCESSORS_ONLN)" \ && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \ && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \ && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \ - && CONFIGURE_ARGS="--prefix=/usr \ - --state=/var/lib/unit \ + && CONFIGURE_ARGS_MODULES="--prefix=/usr \ + --statedir=/var/lib/unit \ --control=unix:/var/run/control.unit.sock \ --pid=/var/run/unit.pid \ --log=/var/log/unit.log \ - --tmp=/var/tmp \ + --tmpdir=/var/tmp \ --user=unit \ --group=unit \ --openssl \ --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \ + --njs" \ + && make -j $NCPU -C pkg/contrib .njs \ + && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd-debug \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \ && make -j $NCPU unitd \ - && install -pm755 build/unitd /usr/sbin/unitd \ + && install -pm755 build/sbin/unitd /usr/sbin/unitd \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \ && ./configure @@CONFIGURE@@ \ && make -j $NCPU @@INSTALL@@ \ && make clean \ - && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \ + && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \ && ./configure @@CONFIGURE@@ \ && make -j $NCPU @@INSTALL@@ \ - && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt - -FROM @@CONTAINER@@ -COPY docker-entrypoint.sh /usr/local/bin/ -COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd -COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug -COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/ -COPY --from=BUILDER /requirements.apt /requirements.apt -@@COPY@@ -RUN set -x \ - && if [ -f "/tmp/libunit.a" ]; then \ - mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \ - rm -f /tmp/libunit.a; \ - fi \ + && cd \ + && rm -rf unit \ + && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \ + ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \ + done \ + && apt-mark showmanual | xargs apt-mark auto > /dev/null \ + && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \ + && @@RUN@@ \ && mkdir -p /var/lib/unit/ \ && mkdir /docker-entrypoint.d/ \ - && addgroup --system unit \ - && adduser \ - --system \ - --disabled-login \ - --ingroup unit \ + && groupadd --gid 999 unit \ + && useradd \ + --uid 999 \ + --gid unit \ --no-create-home \ --home /nonexistent \ - --gecos "unit user" \ + --comment "unit user" \ --shell /bin/false \ unit \ - && apt update \ - && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ - && apt-get clean && rm -rf /var/lib/apt/lists/* \ + && apt-get update \ + && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \ + && apt-get purge -y --auto-remove \ + && rm -rf /var/lib/apt/lists/* \ && rm -f /requirements.apt \ && ln -sf /dev/stdout /var/log/unit.log +COPY docker-entrypoint.sh /usr/local/bin/ +COPY welcome.* /usr/share/unit/welcome/ + STOPSIGNAL SIGTERM ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] - +EXPOSE 80 CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"] diff --git a/pkg/docker/welcome.html b/pkg/docker/welcome.html new file mode 100644 index 00000000..9c4f8281 --- /dev/null +++ b/pkg/docker/welcome.html @@ -0,0 +1,45 @@ +<!DOCTYPE html> +<html> + <head> + <title>Welcome to NGINX Unit</title> + <style type="text/css"> + body { background: white; color: black; font-family: sans-serif; margin: 2em; line-height: 1.5; } + h1,h2 { color: #00974d; } + li { margin-bottom: 0.5em; } + pre { background-color: beige; padding: 0.4em; } + hr { margin-top: 2em; border: 1px solid #00974d; } + .indent { margin-left: 1.5em; } + </style> + </head> + <body> + <h1>Welcome to NGINX Unit</h1> + <p>Congratulations! NGINX Unit is installed and running.</p> + <h3>Useful Links</h3> + <ul> + <li><b><a href="https://unit.nginx.org/configuration/?referer=welcome&platform=docker">https://unit.nginx.org/configuration/</a></b><br> + To get started with Unit, see the <em>Configuration</em> docs, starting with + the <em>Quick Start</em> guide.</li> + <li><b><a href="https://unit.nginx.org/howto/docker/?referer=welcome&platform=docker">https://unit.nginx.org/howto/docker/</a></b><br> + For guidance about running <em>Unit in Docker</em> and tips for containerized + applications. + <li><b><a href="https://github.com/nginx/unit">https://github.com/nginx/unit</a></b><br> + See our GitHub repo to browse the code, contribute, or seek help from the + <a href="https://github.com/nginx/unit#community">community</a>.</li> + </ul> + + <h2>Next steps</h2> + + <h3>Check Current Configuration</h3> + <div class="indent"> + <p>Unit's control API is currently listening for configuration changes + on the <a href="https://en.wikipedia.org/wiki/Unix_domain_socket">Unix socket</a> at + <b>/var/run/control.unit.sock</b> inside the container.<br> + To see the current configuration run:</p> + <pre>docker exec -ti <containerID> curl --unix-socket /var/run/control.unit.sock http://localhost/config</pre> + </div> + + <hr> + <p><a href="https://unit.nginx.org/?referer=welcome&platform=docker">NGINX Unit — the universal web app server</a><br> + NGINX, Inc. © 2023</p> + </body> +</html> diff --git a/pkg/docker/welcome.json b/pkg/docker/welcome.json new file mode 100644 index 00000000..2a148da8 --- /dev/null +++ b/pkg/docker/welcome.json @@ -0,0 +1,25 @@ +{ + "listeners": { + "*:80": { + "pass": "routes" + } + }, + + "routes": [ + { + "match": { + "headers": { + "accept": "*text/html*" + } + }, + "action": { + "share": "/usr/share/unit/welcome/welcome.html" + } + }, + { + "action": { + "share": "/usr/share/unit/welcome/welcome.md" + } + } + ] +} diff --git a/pkg/docker/welcome.md b/pkg/docker/welcome.md new file mode 100644 index 00000000..fef3d152 --- /dev/null +++ b/pkg/docker/welcome.md @@ -0,0 +1,29 @@ +Welcome to NGINX Unit +===================== + +Congratulations! NGINX Unit is installed and running. + +Useful Links +------------ + + * https://unit.nginx.org/ + - Get started with the 'Configuration' docs, starting with the 'Quick Start' guide. + + * https://unit.nginx.org/howto/docker/ + - Guidance for running Unit in a container and tips for containerized applications. + + * https://github.com/nginx/unit + - See our GitHub repo to browse the code, contribute, or seek help from the community. + +Current Configuration +--------------------- +Unit's control API is currently listening for configuration changes on the Unix socket at +`/var/run/control.unit.sock` inside the container. + +Read the current configuration with +``` +docker exec -ti <containerID> curl --unix-socket /var/run/control.unit.sock http://localhost/config +``` + +--- +NGINX Unit - the universal web app server |