From da172803a3fcdb93af110498f6e1fff6c6e1f4b9 Mon Sep 17 00:00:00 2001 From: Hugo Gomes Date: Mon, 28 Aug 2023 18:35:08 +0100 Subject: [PATCH 1/4] feat: move proxy_cached to alpine --- proxy_cached/Dockerfile | 72 ++++++++++--------------------- proxy_cached/docker-entrypoint.sh | 4 +- 2 files changed, 25 insertions(+), 51 deletions(-) diff --git a/proxy_cached/Dockerfile b/proxy_cached/Dockerfile index 37c44b0..4b5fef0 100644 --- a/proxy_cached/Dockerfile +++ b/proxy_cached/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:bookworm-slim +FROM alpine:3.18 LABEL version="1.0" LABEL maintainer="Platforme " @@ -6,70 +6,44 @@ LABEL maintainer="Platforme " EXPOSE 80 EXPOSE 443 -ARG VARNISH_MODULES_VERSION=0.20.0 -ARG VARNISH_MODULES_SHA512SUM=e63d6da8f63a5ce56bc7a5a1dd1a908e4ab0f6a36b5bdc5709dca2aa9c0b474bd8a06491ed3dee23636d335241ced4c7ef017b57413b05792ad382f6306a0b36 -ARG VARNISH_MODULES_QUERYFILTER_VERSION=1.0.1 -ARG VARNISH_MODULES_QUERYFILTER_SHA512SUM=6c3178d656dfffa7f515afc5d01e00d86b4149e9e61e8024b524e04a427cf3875a918f03999a9bbf4e762ec684d8d193aa03b8d36c1291a825834905802ecc32 -ARG TOOLBOX_COMMIT=96bab07cf58b6e04824ffec608199f1780ff0d04 +ARG APORTS_COMMIT=7843f08683dff0ce67394eb8be2f58f598606199 ENV SERVER_NAME=localhost ENV PROXY_PROTO=https:// ENV PROXY_HOST=app.platforme.com ENV VARNISH_SIZE=1G -RUN apt-get -y update && apt-get -y upgrade &&\ - apt-get -y --no-install-recommends install gettext nginx varnish varnish-modules &&\ - apt-get -y clean && rm -rf /var/lib/apt/lists/* +RUN apk add --no-cache envsubst varnish nginx COPY docker-entrypoint.sh / COPY nginx.default.template / COPY varnish.default.template / -RUN set -e; \ - export DEBIAN_FRONTEND=noninteractive; \ - export DEBCONF_NONINTERACTIVE_SEEN=true; \ - apt-get -y update; apt-get -y install \ - automake \ - build-essential \ - ca-certificates \ - curl \ - git \ - libgetdns10 \ - libgetdns-dev \ - libtool \ - libvarnishapi-dev \ - pkg-config \ - python3-docutils; \ +RUN set -e;\ + apk add --virtual build -q --no-progress --update alpine-sdk sudo; \ + \ + adduser -D builder; \ + echo "builder ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/builder; \ + addgroup builder abuild; \ + su builder -c "abuild-keygen -nai"; \ + git clone https://gitlab.alpinelinux.org/alpine/aports.git; \ + cd aports; git checkout $APORTS_COMMIT; \ + cd testing/varnish-modules; \ + chown builder -R .; \ + su builder -c "abuild -r"; \ + tree ~builder/packages/; \ + apk add --allow-untrusted ~builder/packages/testing/**/varnish-modules-0.22.0-r0.apk; \ + echo -e 'vcl 4.1;\nbackend default none;' > /etc/varnish/default.vcl; \ \ rm /etc/varnish/default.vcl; \ \ - rm /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default; \ - touch /etc/nginx/default.conf; \ - sed -i '/sites-enabled.*$/i \\tinclude \/etc\/nginx\/default\.conf;' /etc/nginx/nginx.conf; \ + rm /etc/nginx/http.d/default.conf; \ nginx -t -c /etc/nginx/nginx.conf; \ \ - cd /tmp; \ - git clone https://github.com/varnish/toolbox.git; cd toolbox; \ - git checkout $TOOLBOX_COMMIT; \ - cp install-vmod/install-vmod /usr/local/bin/; \ - \ - install-vmod https://github.com/varnish/varnish-modules/releases/download/$VARNISH_MODULES_VERSION/varnish-modules-$VARNISH_MODULES_VERSION.tar.gz $VARNISH_MODULES_SHA512SUM; \ - \ - chown varnish /var/lib/varnish; \ - apt-get -y purge --auto-remove \ - automake \ - build-essential \ - ca-certificates \ - curl \ - git \ - libgetdns10 \ - libgetdns-dev \ - libtool \ - libvarnishapi-dev \ - pkg-config \ - python3-docutils; \ - apt-get -y clean; \ - rm -rf /var/lib/apt/lists/* /tmp/toolbox /usr/lib/varnish/vmods/libvmod_*.la; + apk del --no-network build; \ + rm -rf ~builder /packages /aports /etc/sudoers.d/builder; \ + deluser --remove-home builder; \ + chown varnish /var/lib/varnish; ENTRYPOINT ["./docker-entrypoint.sh"] diff --git a/proxy_cached/docker-entrypoint.sh b/proxy_cached/docker-entrypoint.sh index 893f3a9..e125451 100755 --- a/proxy_cached/docker-entrypoint.sh +++ b/proxy_cached/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh set -e @@ -6,7 +6,7 @@ if [[ ! -f "/etc/varnish/default.vcl" ]]; then cp /varnish.default.template /etc/varnish/default.vcl fi -envsubst '$SERVER_NAME$PROXY_PROTO$PROXY_HOST' < /nginx.default.template > /etc/nginx/default.conf; +envsubst '$SERVER_NAME$PROXY_PROTO$PROXY_HOST' < /nginx.default.template > /etc/nginx/http.d/default.conf; if [ "$#" -eq 0 ] ; then nginx -c /etc/nginx/nginx.conf; From 20917b41221030bd79d3b5dd6c7cd05e54d09314 Mon Sep 17 00:00:00 2001 From: Hugo Gomes Date: Mon, 28 Aug 2023 18:39:41 +0100 Subject: [PATCH 2/4] style: cleanup --- proxy_cached/Dockerfile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/proxy_cached/Dockerfile b/proxy_cached/Dockerfile index 4b5fef0..d6457a8 100644 --- a/proxy_cached/Dockerfile +++ b/proxy_cached/Dockerfile @@ -13,15 +13,15 @@ ENV PROXY_PROTO=https:// ENV PROXY_HOST=app.platforme.com ENV VARNISH_SIZE=1G -RUN apk add --no-cache envsubst varnish nginx - COPY docker-entrypoint.sh / COPY nginx.default.template / COPY varnish.default.template / RUN set -e;\ - apk add --virtual build -q --no-progress --update alpine-sdk sudo; \ \ + apk add --no-cache envsubst varnish nginx; \ + \ + apk add --virtual build -q --no-progress --update alpine-sdk sudo; \ adduser -D builder; \ echo "builder ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/builder; \ addgroup builder abuild; \ @@ -33,7 +33,6 @@ RUN set -e;\ su builder -c "abuild -r"; \ tree ~builder/packages/; \ apk add --allow-untrusted ~builder/packages/testing/**/varnish-modules-0.22.0-r0.apk; \ - echo -e 'vcl 4.1;\nbackend default none;' > /etc/varnish/default.vcl; \ \ rm /etc/varnish/default.vcl; \ \ From 83c13b2d170e0c167515e7de7bfc7bc3e439d6db Mon Sep 17 00:00:00 2001 From: Hugo Gomes Date: Mon, 28 Aug 2023 18:41:21 +0100 Subject: [PATCH 3/4] style: review --- proxy_cached/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxy_cached/Dockerfile b/proxy_cached/Dockerfile index d6457a8..f2de10b 100644 --- a/proxy_cached/Dockerfile +++ b/proxy_cached/Dockerfile @@ -17,7 +17,7 @@ COPY docker-entrypoint.sh / COPY nginx.default.template / COPY varnish.default.template / -RUN set -e;\ +RUN set -e; \ \ apk add --no-cache envsubst varnish nginx; \ \ From 4b0db8b90e076bb8fd748b5e7d98fff619f14b6c Mon Sep 17 00:00:00 2001 From: Hugo Gomes Date: Mon, 28 Aug 2023 18:45:06 +0100 Subject: [PATCH 4/4] review: small fix --- proxy_cached/Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/proxy_cached/Dockerfile b/proxy_cached/Dockerfile index f2de10b..d72e11f 100644 --- a/proxy_cached/Dockerfile +++ b/proxy_cached/Dockerfile @@ -34,8 +34,6 @@ RUN set -e; \ tree ~builder/packages/; \ apk add --allow-untrusted ~builder/packages/testing/**/varnish-modules-0.22.0-r0.apk; \ \ - rm /etc/varnish/default.vcl; \ - \ rm /etc/nginx/http.d/default.conf; \ nginx -t -c /etc/nginx/nginx.conf; \ \