Last active
August 11, 2018 22:26
-
-
Save akutz/5d89e1c277a5044882cf9cbdb0044740 to your computer and use it in GitHub Desktop.
How to build a CoreOS-compatible nginx binary
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM gcc:7.3.0 | |
| LABEL maintainer="Andrew Kutz <[email protected]>" | |
| ENV SRC_DIR=/usr/local/src | |
| ENV NGINX_VERSION=1.14.0 | |
| ENV NGINX_URL=http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz | |
| ENV NGINX_SRC=${SRC_DIR}/nginx-${NGINX_VERSION} | |
| ENV OPENSSL_VERSION=1.1.0h | |
| ENV OPENSSL_URL=https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz | |
| ENV OPENSSL_SRC=${SRC_DIR}/openssl-${OPENSSL_VERSION} | |
| ENV PCRE_VERSION=8.42 | |
| ENV PCRE_URL=ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-${PCRE_VERSION}.tar.bz2 | |
| ENV PCRE_SRC=${SRC_DIR}/pcre-${PCRE_VERSION} | |
| ENV ZLIB_VERSION=1.2.11 | |
| ENV ZLIB_URL=http://zlib.net/zlib-${ZLIB_VERSION}.tar.gz | |
| ENV ZLIB_SRC=${SRC_DIR}/zlib-${ZLIB_VERSION} | |
| RUN apt-get update && apt-get install -y bzip2 libssl-dev libpam-dev | |
| RUN curl -L ${NGINX_URL} | tar xzC ${SRC_DIR} | |
| RUN curl -L ${ZLIB_URL} | tar xzC ${SRC_DIR} | |
| RUN curl -L ${PCRE_URL} | tar xjC ${SRC_DIR} | |
| RUN curl -L ${OPENSSL_URL} | tar xzC ${SRC_DIR} | |
| RUN cd ${NGINX_SRC} && ./configure \ | |
| --prefix=/var/lib/nginx \ | |
| --sbin-path=/opt/sbin/nginx \ | |
| --conf-path=/etc/nginx/nginx.conf \ | |
| --http-log-path=/var/log/nginx/access.log \ | |
| --error-log-path=/var/log/nginx/error.log \ | |
| --lock-path=/var/lock/nginx.lock \ | |
| --pid-path=/var/run/nginx.pid \ | |
| --with-http_v2_module \ | |
| --conf-path=/etc/nginx/nginx.conf \ | |
| --with-zlib=${ZLIB_SRC} \ | |
| --with-pcre=${PCRE_SRC} \ | |
| --with-openssl=${OPENSSL_SRC} \ | |
| --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' \ | |
| --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' \ | |
| --http-client-body-temp-path=/var/lib/nginx/body \ | |
| --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \ | |
| --http-proxy-temp-path=/var/lib/nginx/proxy \ | |
| --http-scgi-temp-path=/var/lib/nginx/scgi \ | |
| --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \ | |
| --with-debug \ | |
| --with-pcre-jit \ | |
| --with-ipv6 \ | |
| --with-http_ssl_module \ | |
| --with-http_stub_status_module \ | |
| --with-http_gzip_static_module && \ | |
| make && \ | |
| make install |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment