xref: /unit/pkg/docker/Dockerfile.minimal (revision 2766:e1697591d345)
1FROM debian:bullseye-slim
2
3LABEL org.opencontainers.image.title="Unit (minimal)"
4LABEL org.opencontainers.image.description="Official build of Unit for Docker."
5LABEL org.opencontainers.image.url="https://unit.nginx.org"
6LABEL org.opencontainers.image.source="https://github.com/nginx/unit"
7LABEL org.opencontainers.image.documentation="https://unit.nginx.org/installation/#docker-images"
8LABEL org.opencontainers.image.vendor="NGINX Docker Maintainers <docker-maint@nginx.com>"
9LABEL org.opencontainers.image.version="1.32.0"
10
11RUN set -ex \
12    && savedAptMark="$(apt-mark showmanual)" \
13    && apt-get update \
14    && apt-get install --no-install-recommends --no-install-suggests -y ca-certificates git build-essential libssl-dev libpcre2-dev curl pkg-config \
15    && mkdir -p /usr/lib/unit/modules /usr/lib/unit/debug-modules \
16    && mkdir -p /usr/src/unit \
17    && cd /usr/src/unit \
18    && git clone --depth 1 -b 1.32.0-1 https://github.com/nginx/unit \
19    && cd unit \
20    && NCPU="$(getconf _NPROCESSORS_ONLN)" \
21    && DEB_HOST_MULTIARCH="$(dpkg-architecture -q DEB_HOST_MULTIARCH)" \
22    && CC_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_CFLAGS_MAINT_APPEND="-Wp,-D_FORTIFY_SOURCE=2 -fPIC" dpkg-buildflags --get CFLAGS)" \
23    && LD_OPT="$(DEB_BUILD_MAINT_OPTIONS="hardening=+all,-pie" DEB_LDFLAGS_MAINT_APPEND="-Wl,--as-needed -pie" dpkg-buildflags --get LDFLAGS)" \
24    && CONFIGURE_ARGS_MODULES="--prefix=/usr \
25                --statedir=/var/lib/unit \
26                --control=unix:/var/run/control.unit.sock \
27                --runstatedir=/var/run \
28                --pid=/var/run/unit.pid \
29                --logdir=/var/log \
30                --log=/var/log/unit.log \
31                --tmpdir=/var/tmp \
32                --user=unit \
33                --group=unit \
34                --openssl \
35                --libdir=/usr/lib/$DEB_HOST_MULTIARCH" \
36    && CONFIGURE_ARGS="$CONFIGURE_ARGS_MODULES \
37                --njs" \
38    && make -j $NCPU -C pkg/contrib .njs \
39    && export PKG_CONFIG_PATH=$(pwd)/pkg/contrib/njs/build \
40    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \
41    && make -j $NCPU unitd \
42    && install -pm755 build/sbin/unitd /usr/sbin/unitd-debug \
43    && make clean \
44    && ./configure $CONFIGURE_ARGS --cc-opt="$CC_OPT" --ld-opt="$LD_OPT" --modulesdir=/usr/lib/unit/modules \
45    && make -j $NCPU unitd \
46    && install -pm755 build/sbin/unitd /usr/sbin/unitd \
47    && make clean \
48    && /bin/true \
49    && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/debug-modules --debug \
50    && ./configure  \
51    && make -j $NCPU version \
52    && make clean \
53    && ./configure $CONFIGURE_ARGS_MODULES --cc-opt="$CC_OPT" --modulesdir=/usr/lib/unit/modules \
54    && ./configure  \
55    && make -j $NCPU version \
56    && cd \
57    && rm -rf /usr/src/unit \
58    && for f in /usr/sbin/unitd /usr/lib/unit/modules/*.unit.so; do \
59        ldd $f | awk '/=>/{print $(NF-1)}' | while read n; do dpkg-query -S $n; done | sed 's/^\([^:]\+\):.*$/\1/' | sort | uniq >> /requirements.apt; \
60       done \
61    && apt-mark showmanual | xargs apt-mark auto > /dev/null \
62    && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \
63    && /bin/true \
64    && mkdir -p /var/lib/unit/ \
65    && mkdir -p /docker-entrypoint.d/ \
66    && groupadd --gid 999 unit \
67    && useradd \
68         --uid 999 \
69         --gid unit \
70         --no-create-home \
71         --home /nonexistent \
72         --comment "unit user" \
73         --shell /bin/false \
74         unit \
75    && apt-get update \
76    && apt-get --no-install-recommends --no-install-suggests -y install curl $(cat /requirements.apt) \
77    && apt-get purge -y --auto-remove build-essential \
78    && rm -rf /var/lib/apt/lists/* \
79    && rm -f /requirements.apt \
80    && ln -sf /dev/stderr /var/log/unit.log
81
82COPY docker-entrypoint.sh /usr/local/bin/
83COPY welcome.* /usr/share/unit/welcome/
84
85STOPSIGNAL SIGTERM
86
87ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
88EXPOSE 80
89CMD ["unitd", "--no-daemon", "--control", "unix:/var/run/control.unit.sock"]
90