2023-03-15 01:28:28 -04:00
|
|
|
FROM jc21/testca as testca
|
2022-05-11 18:47:31 -04:00
|
|
|
FROM letsencrypt/pebble as pebbleca
|
2023-03-15 01:28:28 -04:00
|
|
|
FROM jc21/nginx-full:acmesh-golang
|
2020-02-18 23:55:06 -05:00
|
|
|
LABEL maintainer="Jamie Curnow <jc@jc21.com>"
|
|
|
|
|
2022-05-11 18:47:31 -04:00
|
|
|
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
|
|
|
|
|
|
|
|
ARG GOPROXY
|
|
|
|
ARG GOPRIVATE
|
|
|
|
|
|
|
|
ENV GOPROXY=$GOPROXY \
|
|
|
|
GOPRIVATE=$GOPRIVATE \
|
|
|
|
S6_LOGGING=0 \
|
2021-04-28 18:28:40 -04:00
|
|
|
SUPPRESS_NO_CONFIG_WARNING=1 \
|
2022-05-11 18:47:31 -04:00
|
|
|
ACMESH_CONFIG_HOME=/data/.acme.sh/config \
|
|
|
|
ACMESH_HOME=/data/.acme.sh \
|
|
|
|
CERT_HOME=/data/.acme.sh/certs \
|
|
|
|
LE_CONFIG_HOME=/data/.acme.sh/config \
|
2023-02-25 07:52:42 -05:00
|
|
|
LE_WORKING_DIR=/data/.acme.sh \
|
|
|
|
CGO_ENABLED=1 \
|
|
|
|
GO111MODULE=on
|
2022-05-11 18:47:31 -04:00
|
|
|
|
|
|
|
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf
|
2020-02-18 23:55:06 -05:00
|
|
|
|
2023-03-09 07:11:28 -05:00
|
|
|
# usql, node, fail2ban
|
2022-05-22 09:54:40 -04:00
|
|
|
RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - \
|
2021-04-28 18:28:40 -04:00
|
|
|
&& apt-get update \
|
2023-03-09 07:11:28 -05:00
|
|
|
&& apt-get install -y --no-install-recommends nodejs vim dnsutils fail2ban \
|
2022-07-14 07:53:11 -04:00
|
|
|
&& npm install --location=global yarn \
|
2021-04-28 18:28:40 -04:00
|
|
|
&& apt-get clean \
|
2023-03-09 07:11:28 -05:00
|
|
|
&& rm -rf /var/lib/apt/lists/* /etc/fail2ban \
|
2023-04-10 19:12:48 -04:00
|
|
|
&& go install github.com/xo/usql@v0.13.12
|
2020-02-18 23:55:06 -05:00
|
|
|
|
2021-02-07 09:52:37 -05:00
|
|
|
# Task
|
|
|
|
RUN cd /usr \
|
|
|
|
&& curl -sL https://taskfile.dev/install.sh | sh \
|
|
|
|
&& cd /root
|
|
|
|
|
2023-02-24 03:31:46 -05:00
|
|
|
COPY docker/rootfs /
|
2021-02-07 09:52:37 -05:00
|
|
|
RUN rm -f /etc/nginx/conf.d/production.conf
|
|
|
|
|
2020-02-18 23:55:06 -05:00
|
|
|
# s6 overlay
|
2023-02-24 03:31:46 -05:00
|
|
|
COPY scripts/install-s6 /tmp/install-s6
|
|
|
|
RUN /tmp/install-s6 && rm -rf /tmp/*
|
2020-02-18 23:55:06 -05:00
|
|
|
|
2022-05-11 18:47:31 -04:00
|
|
|
# Fix for golang dev:
|
|
|
|
RUN chown -R 1000:1000 /opt/go
|
|
|
|
|
|
|
|
COPY --from=pebbleca /test/certs/pebble.minica.pem /etc/ssl/certs/pebble.minica.pem
|
|
|
|
COPY --from=testca /home/step/certs/root_ca.crt /etc/ssl/certs/NginxProxyManager.crt
|
|
|
|
|
|
|
|
EXPOSE 80
|
|
|
|
CMD [ "/init" ]
|
|
|
|
HEALTHCHECK --interval=15s --timeout=3s CMD curl -f http://127.0.0.1:81/api || exit 1
|