2021-10-03 23:19:00 +00:00
|
|
|
ARG ALPINE_VERSION=3.13.6
|
|
|
|
ARG BASE_IMAGE=sutty/monit
|
|
|
|
FROM ${BASE_IMAGE}:${ALPINE_VERSION}
|
2019-09-10 23:10:18 +00:00
|
|
|
MAINTAINER "f <f@sutty.nl>"
|
2022-03-04 03:25:40 +00:00
|
|
|
|
2023-01-21 23:14:57 +00:00
|
|
|
ARG ACCESS_LOGS_FLAGS="--database=sqlite3:///var/log/access_log.sqlite3 -c /usr/share/crawler-user-agents/crawler-user-agents.json"
|
2023-04-11 18:52:48 +00:00
|
|
|
ARG ACCESS_LOG_VERSION="0.5.1"
|
2022-03-04 03:25:40 +00:00
|
|
|
|
|
|
|
ENV ACCESS_LOGS_FLAGS=${ACCESS_LOGS_FLAGS}
|
|
|
|
|
|
|
|
# Install nginx and remove default config
|
2023-04-11 18:52:48 +00:00
|
|
|
RUN apk add --no-cache nginx daemonize access_log~${ACCESS_LOG_VERSION} nginx-prometheus-exporter geoip2-database-country geoip2-database-city crawler-user-agents \
|
2022-03-04 03:25:40 +00:00
|
|
|
&& rm -rf /etc/nginx
|
|
|
|
|
|
|
|
# Add ssl group so nginx has access to certificates
|
|
|
|
RUN addgroup -S -g 777 ssl
|
|
|
|
RUN addgroup nginx ssl
|
|
|
|
|
|
|
|
COPY ./monit.conf /etc/monit.d/nginx.conf
|
|
|
|
COPY ./prometheusd.sh /usr/local/bin/prometheusd
|
2023-01-21 23:14:57 +00:00
|
|
|
COPY ./access_logd.sh /usr/bin/access_logd
|
2022-03-04 03:25:40 +00:00
|
|
|
COPY ./nginx /etc/nginx
|
2023-01-21 23:14:57 +00:00
|
|
|
COPY ./access_log.sqlite3 /var/lib/access_log.sqlite3
|
2022-03-04 03:25:40 +00:00
|
|
|
|
|
|
|
# Install modules after rewriting /etc/nginx
|
|
|
|
RUN apk add --no-cache nginx-mod-http-brotli nginx-mod-http-geoip2
|
|
|
|
|
|
|
|
# Add support for request_uri parsing if access_log >= 0.3.0
|
|
|
|
RUN mv /etc/nginx/access_logd_`access_log -v`.conf /etc/nginx/access_logd.conf
|
|
|
|
RUN chown -R nginx:nginx /etc/nginx
|
|
|
|
RUN nginx -t
|
|
|
|
|
2023-01-21 23:14:57 +00:00
|
|
|
# access_logd runs as nobody but the socket can be written to by nginx
|
|
|
|
RUN delgroup nobody nobody
|
|
|
|
RUN addgroup nobody www-data
|
|
|
|
RUN chown nobody:www-data /var/lib/access_log.sqlite3
|
|
|
|
|
2022-03-04 03:25:40 +00:00
|
|
|
# Shared configuration
|
|
|
|
VOLUME /etc/nginx/sites
|
|
|
|
VOLUME /etc/letsencrypt
|
|
|
|
VOLUME /var/lib/letsencrypt
|
|
|
|
|
|
|
|
EXPOSE 80
|
|
|
|
EXPOSE 443
|
|
|
|
EXPOSE 9113
|