docker-swag/Dockerfile

184 lines
5.1 KiB
Docker
Raw Normal View History

2023-01-20 23:42:13 -05:00
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.19
2020-08-03 11:00:14 -04:00
# set version label
ARG BUILD_DATE
ARG VERSION
ARG CERTBOT_VERSION
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
2022-10-03 14:24:24 -04:00
LABEL maintainer="nemchik"
2020-08-03 11:00:14 -04:00
# environment settings
ENV DHLEVEL=2048 ONLY_SUBDOMAINS=false AWS_CONFIG_FILE=/config/dns-conf/route53.ini
2021-02-10 09:52:09 -05:00
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
2020-08-03 11:00:14 -04:00
RUN \
2021-04-27 11:08:22 -04:00
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies \
2023-01-20 23:42:13 -05:00
build-base \
2021-04-27 11:08:22 -04:00
cargo \
libffi-dev \
2021-10-06 15:08:00 -04:00
libxml2-dev \
libxslt-dev \
2021-04-27 11:08:22 -04:00
openssl-dev \
python3-dev && \
echo "**** install runtime packages ****" && \
2023-05-25 23:12:06 -04:00
apk add --no-cache \
2021-04-27 11:08:22 -04:00
fail2ban \
gnupg \
memcached \
nginx-mod-http-brotli \
nginx-mod-http-dav-ext \
nginx-mod-http-echo \
nginx-mod-http-fancyindex \
nginx-mod-http-geoip2 \
nginx-mod-http-headers-more \
nginx-mod-http-image-filter \
nginx-mod-http-perl \
nginx-mod-http-redis2 \
nginx-mod-http-set-misc \
nginx-mod-http-upload-progress \
nginx-mod-http-xslt-filter \
nginx-mod-mail \
nginx-mod-rtmp \
nginx-mod-stream \
nginx-mod-stream-geoip2 \
nginx-vim \
php83-bcmath \
php83-bz2 \
php83-dom \
php83-exif \
php83-ftp \
php83-gd \
php83-gmp \
php83-imap \
php83-intl \
php83-ldap \
php83-mysqli \
php83-mysqlnd \
php83-opcache \
php83-pdo_mysql \
php83-pdo_odbc \
php83-pdo_pgsql \
php83-pdo_sqlite \
php83-pear \
php83-pecl-apcu \
php83-pecl-memcached \
php83-pecl-redis \
php83-pgsql \
php83-posix \
php83-soap \
php83-sockets \
php83-sodium \
php83-sqlite3 \
php83-tokenizer \
php83-xmlreader \
php83-xsl \
2021-04-27 11:08:22 -04:00
whois && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php83-pecl-mcrypt && \
2021-04-27 11:08:22 -04:00
echo "**** install certbot plugins ****" && \
if [ -z ${CERTBOT_VERSION+x} ]; then \
2023-01-20 23:42:13 -05:00
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
2021-04-27 11:08:22 -04:00
fi && \
2023-05-25 23:12:06 -04:00
python3 -m venv /lsiopy && \
pip install -U --no-cache-dir \
2023-01-20 23:42:13 -05:00
pip \
wheel && \
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.19/ \
2023-01-20 23:42:13 -05:00
certbot==${CERTBOT_VERSION} \
certbot-dns-acmedns \
2021-04-27 11:08:22 -04:00
certbot-dns-aliyun \
2022-02-25 04:53:59 -05:00
certbot-dns-azure \
2023-06-25 14:13:59 -04:00
certbot-dns-bunny \
2021-04-27 11:08:22 -04:00
certbot-dns-cloudflare \
certbot-dns-cpanel \
2021-11-12 08:26:57 -05:00
certbot-dns-desec \
2021-04-27 11:08:22 -04:00
certbot-dns-digitalocean \
certbot-dns-directadmin \
certbot-dns-dnsimple \
certbot-dns-dnsmadeeasy \
certbot-dns-dnspod \
certbot-dns-do \
2021-04-27 11:08:22 -04:00
certbot-dns-domeneshop \
2023-05-30 12:04:54 -04:00
certbot-dns-dreamhost \
2022-10-06 14:08:20 -04:00
certbot-dns-duckdns \
certbot-dns-freedns \
certbot-dns-gehirn \
2023-11-08 06:42:43 -05:00
certbot-dns-glesys \
certbot-dns-godaddy \
2021-04-27 11:08:22 -04:00
certbot-dns-google \
2023-03-09 15:41:56 -05:00
certbot-dns-google-domains \
certbot-dns-he \
2021-04-27 11:08:22 -04:00
certbot-dns-hetzner \
2021-11-22 01:39:20 -05:00
certbot-dns-infomaniak \
2021-04-27 11:08:22 -04:00
certbot-dns-inwx \
2021-08-01 12:51:47 -04:00
certbot-dns-ionos \
2021-04-27 11:08:22 -04:00
certbot-dns-linode \
2022-04-09 12:14:35 -04:00
certbot-dns-loopia \
2021-04-27 11:08:22 -04:00
certbot-dns-luadns \
certbot-dns-namecheap \
2021-04-27 11:08:22 -04:00
certbot-dns-netcup \
certbot-dns-njalla \
certbot-dns-nsone \
certbot-dns-ovh \
2023-02-06 19:26:07 -05:00
certbot-dns-porkbun \
2021-04-27 11:08:22 -04:00
certbot-dns-rfc2136 \
certbot-dns-route53 \
certbot-dns-sakuracloud \
certbot-dns-standalone \
2021-04-27 11:08:22 -04:00
certbot-dns-transip \
certbot-dns-vultr \
certbot-plugin-gandi \
cryptography \
2023-01-20 23:42:13 -05:00
future \
2021-04-27 11:08:22 -04:00
requests && \
echo "**** enable OCSP stapling from base ****" && \
sed -i \
's|#ssl_stapling on;|ssl_stapling on;|' \
/defaults/nginx/ssl.conf.sample && \
sed -i \
's|#ssl_stapling_verify on;|ssl_stapling_verify on;|' \
/defaults/nginx/ssl.conf.sample && \
sed -i \
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
/defaults/nginx/ssl.conf.sample && \
echo "**** correct ip6tables legacy issue ****" && \
2023-03-09 15:41:56 -05:00
rm \
/sbin/ip6tables && \
ln -s \
/sbin/ip6tables-nft /sbin/ip6tables && \
2021-04-27 11:08:22 -04:00
echo "**** remove unnecessary fail2ban filters ****" && \
rm \
/etc/fail2ban/jail.d/alpine-ssh.conf && \
echo "**** copy fail2ban default action and filter to /defaults ****" && \
2021-04-27 11:08:22 -04:00
mkdir -p /defaults/fail2ban && \
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
2023-03-29 08:57:41 -04:00
echo "**** define allowipv6 to silence warning ****" && \
2023-03-29 09:26:30 -04:00
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
echo "**** copy proxy confs to /defaults ****" && \
mkdir -p \
/defaults/nginx/proxy-confs && \
2021-04-27 11:08:22 -04:00
curl -o \
/tmp/proxy-confs.tar.gz -L \
2021-04-27 11:08:22 -04:00
"https://github.com/linuxserver/reverse-proxy-confs/tarball/master" && \
tar xf \
/tmp/proxy-confs.tar.gz -C \
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
2021-04-27 11:08:22 -04:00
echo "**** cleanup ****" && \
apk del --purge \
build-dependencies && \
rm -rf \
/tmp/* \
2023-01-20 23:42:13 -05:00
$HOME/.cache \
$HOME/.cargo
2020-08-03 11:00:14 -04:00
2022-08-21 18:05:56 -04:00
# copy local files
2020-08-03 11:00:14 -04:00
COPY root/ /
2022-08-21 18:05:56 -04:00
# ports and volumes
EXPOSE 80 443
VOLUME /config