Skip to content
Snippets Groups Projects
Select Git revision
  • b13f20bf018bf00826442e722b512eecb8ce74d6
  • master default
  • host01
  • ns4
  • kodi
5 results

docker-compose.yml

Blame
  • Dockerfile 1.18 KiB
    FROM nginx:1.20.0-alpine
    # hadolint ignore=DL3018
    RUN rm -rf /etc/nginx/conf./* && \
        chmod 777 /run && \
        apk add --no-cache --update libcap openssl && \
        curl https://letsencrypt.org/certs/isrg-root-ocsp-x1.pem.txt > /etc/ssl/ocsp.pem && \
        mkdir /var/ssl &&\
        curl https://ssl-config.mozilla.org/ffdhe2048.txt > /var/ssl/dhparams &&\
        chmod 644 /var/ssl/dhparams && \
        install -d -m 755 -o root -g root /etc/nginx/snippets && \
        install -d -m 755 -o root -g root /var/ssl && \
        install -d -m 700 -o nginx -g nginx /var/cache/nginx && \
        openssl req -x509 \
                    -newkey rsa:4096 \
                    -keyout /var/ssl/site.key \
                    -nodes \
                    -out /var/ssl/site.crt \
                    -batch && \
        cp /var/ssl/site.crt /var/ssl/mail.crt && \
        cp /var/ssl/site.key /var/ssl/mail.key && \
        setcap CAP_NET_BIND_SERVICE=+ep "$(command -v nginx)" && \
        chown nginx /var/ssl/site.* /var/ssl/mail.*
    COPY www/ /var/www/
    COPY conf.d/ /etc/nginx/conf.d/
    COPY snippets/ /etc/nginx/snippets/
    USER nginx
    RUN nginx -t
    HEALTHCHECK CMD curl --fail --verbose --user-agent 'Docker health check' --header "Host: status" http://localhost/ || exit 1