xref: /unit/pkg/docker/Dockerfile.minimal (revision 1958)
1*1958Sthresh@nginx.comFROM debian:bullseye-slim as BUILDER
2509Sthresh@nginx.com
3509Sthresh@nginx.comLABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
4509Sthresh@nginx.com
51784Sthresh@nginx.comRUN set -ex \
61784Sthresh@nginx.com    && apt-get update \
71784Sthresh@nginx.com    && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates mercurial build-essential libssl-dev libpcre2-dev \
81784Sthresh@nginx.com    && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \
91784Sthresh@nginx.com    && hg clone https://hg.nginx.org/unit \
101784Sthresh@nginx.com    && cd unit \
111946Svbart@nginx.com    && hg up 1.25.0 \
121784Sthresh@nginx.com    && NCPU="$(getconf _NPROCESSORS_ONLN)" \
131784Sthresh@nginx.com    && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \
141784Sthresh@nginx.com    && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \
151784Sthresh@nginx.com    && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \
161784Sthresh@nginx.com    && CONFIGURE_ARGS="--prefix=/usr \
171784Sthresh@nginx.com                --state=/var/lib/unit \
181784Sthresh@nginx.com                --control=unix:/var/run/control.unit.sock \
191784Sthresh@nginx.com                --pid=/var/run/unit.pid \
201784Sthresh@nginx.com                --log=/var/log/unit.log \
211784Sthresh@nginx.com                --tmp=/var/tmp \
221784Sthresh@nginx.com                --user=unit \
231784Sthresh@nginx.com                --group=unit \
241784Sthresh@nginx.com                --openssl \
251784Sthresh@nginx.com                --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \
261784Sthresh@nginx.com    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/debug-modules --debug \
271784Sthresh@nginx.com    && make -j $NCPU unitd \
281784Sthresh@nginx.com    && install -pm755 build/unitd /usr/sbin/unitd-debug \
291784Sthresh@nginx.com    && make clean \
301784Sthresh@nginx.com    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modules=/usr/lib/unit/modules \
311784Sthresh@nginx.com    && make -j $NCPU unitd \
321784Sthresh@nginx.com    && install -pm755 build/unitd /usr/sbin/unitd \
331784Sthresh@nginx.com    && make clean \
341784Sthresh@nginx.com    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/debug-modules --debug \
351784Sthresh@nginx.com    && ./configure  \
361784Sthresh@nginx.com    && make -j $NCPU version \
371784Sthresh@nginx.com    && make clean \
381784Sthresh@nginx.com    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --modules=/usr/lib/unit/modules \
391784Sthresh@nginx.com    && ./configure  \
401784Sthresh@nginx.com    && make -j $NCPU version \
411784Sthresh@nginx.com    && ldd /usr/sbin/unitd | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq > /requirements.apt
421784Sthresh@nginx.com
43*1958Sthresh@nginx.comFROM debian:bullseye-slim
441784Sthresh@nginx.comCOPY docker-entrypoint.sh /usr/local/bin/
451784Sthresh@nginx.comCOPY --from=BUILDER /usr/sbin/unitd /usr/sbin/unitd
461784Sthresh@nginx.comCOPY --from=BUILDER /usr/sbin/unitd-debug /usr/sbin/unitd-debug
471784Sthresh@nginx.comCOPY --from=BUILDER /usr/lib/unit/ /usr/lib/unit/
481784Sthresh@nginx.comCOPY --from=BUILDER /requirements.apt /requirements.apt
49509Sthresh@nginx.com
50509Sthresh@nginx.comRUN set -x \
511784Sthresh@nginx.com    && mkdir -p /var/lib/unit/ \
521784Sthresh@nginx.com    && mkdir /docker-entrypoint.d/ \
531784Sthresh@nginx.com    && addgroup --system unit \
541784Sthresh@nginx.com    && adduser \
551784Sthresh@nginx.com         --system \
561784Sthresh@nginx.com         --disabled-login \
571784Sthresh@nginx.com         --ingroup unit \
581784Sthresh@nginx.com         --no-create-home \
591784Sthresh@nginx.com         --home /nonexistent \
601784Sthresh@nginx.com         --gecos "unit user" \
611784Sthresh@nginx.com         --shell /bin/false \
621784Sthresh@nginx.com         unit \
631784Sthresh@nginx.com    && apt update \
641802Sthresh@nginx.com    && apt --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \
651784Sthresh@nginx.com    && apt-get clean && rm -rf /var/lib/apt/lists/* \
661784Sthresh@nginx.com    && rm -f /requirements.apt \
671784Sthresh@nginx.com    && ln -sf /dev/stdout /var/log/unit.log
68509Sthresh@nginx.com
69509Sthresh@nginx.comSTOPSIGNAL SIGTERM
70509Sthresh@nginx.com
711220Sthresh@nginx.comENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
721220Sthresh@nginx.com
73509Sthresh@nginx.comCMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"]
74