xref: /unit/pkg/docker/Dockerfile.jsc11 (revision 2119:8a9055cbe4ff)
1FROM openjdk:11-jdk as BUILDER
2
3LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
4
5RUN set -ex \
6    && apt-get update \
7    && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \
8    && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \
9    && hg clone https://hg.nginx.org/unit \
10    && cd unit \
11    && hg up 1.27.0 \
12    && NCPU="$(getconf _NPROCESSORS_ONLN)" \
13    && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \
14    && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \
15    && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \
16    && CONFIGURE_ARGS="--prefix=/usr \
17                --state=/var/lib/unit \
18                --control=unix:/var/run/control.unit.sock \
19                --pid=/var/run/unit.pid \
20                --log=/var/log/unit.log \
21                --tmp=/var/tmp \
22                --user=unit \
23                --group=unit \
24                --openssl \
25                --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \
26    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \
27    && make -j $NCPU unitd \
28    && install -pm755 build/unitd /usr/sbin/unitd-debug \
29    && make clean \
30    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \
31    && make -j $NCPU unitd \
32    && install -pm755 build/unitd /usr/sbin/unitd \
33    && make clean \
34    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \
35    && ./configure java --jars=/usr/share/unit-jsc-common/ \
36    && make -j $NCPU java-shared-install java-install \
37    && make clean \
38    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \
39    && ./configure java --jars=/usr/share/unit-jsc-common/ \
40    && make -j $NCPU java-shared-install java-install \
41    && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt
42
43FROM openjdk:11-jdk
44COPY docker-entrypoint.sh /usr/local/bin/
45COPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd
46COPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug
47COPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/
48COPY --from=BUILDER /requirements.apt /requirements.apt
49COPY --from=BUILDER /usr/share/unit-jsc-common/ /usr/share/unit-jsc-common/
50RUN set -x \
51    && if [ -f "/tmp/libunit.a" ]; then \
52        mv /tmp/libunit.a /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libunit.a; \
53        rm -f /tmp/libunit.a; \
54    fi \
55    && mkdir -p /var/lib/unit/ \
56    && mkdir /docker-entrypoint.d/ \
57    && addgroup --system unit \
58    && adduser \
59         --system \
60         --disabled-login \
61         --ingroup unit \
62         --no-create-home \
63         --home /nonexistent \
64         --gecos "unit user" \
65         --shell /bin/false \
66         unit \
67    && apt update \
68    && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \
69    && apt-get clean && rm -rf /var/lib/apt/lists/* \
70    && rm -f /requirements.apt \
71    && ln -sf /dev/stdout /var/log/unit.log
72
73STOPSIGNAL SIGTERM
74
75ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
76
77CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"]
78