hoellen/dockerfiles
1
0
Fork 0
mirror of https://github.com/hoellen/dockerfiles.git synced 2025-04-20 04:19:18 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #11 from elrido/master

Browse Source 
Making the PrivateBin container image more robust
This commit is contained in:
hoellen 2018-08-12 10:08:06 +02:00 committed by GitHub
commit a785f9c665
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 47 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
privatebin/Dockerfile
View File

@ -1,6 +1,6 @@
FROM hoellen/nginx-php FROM hoellen/nginx-php
ARG PRIVATEBIN_VER=1.2 ARG PRIVATEBIN_VER=1.2.1
ENV GID=991 UID=991 \ ENV GID=991 UID=991 \
UPLOAD_MAX_SIZE=10M \ UPLOAD_MAX_SIZE=10M \
@ -10,19 +10,31 @@ ENV GID=991 UID=991 \
PHP_MIN_SPARE_SERVERS=1 \ PHP_MIN_SPARE_SERVERS=1 \
PHP_MAX_SPARE_SERVERS=6 PHP_MAX_SPARE_SERVERS=6
RUN BUILD_DEPS="tar libressl ca-certificates" \ RUN BUILD_DEPS="tar gnupg" \
&& apk -U upgrade && apk add $BUILD_DEPS \ && apk -U upgrade && apk add $BUILD_DEPS \
&& mkdir privatebin && cd privatebin \ && mkdir -p privatebin/data privatebin/cfg \
&& wget -qO- https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VER}.tar.gz | tar xz --strip 1 \ && export GNUPGHOME="$(mktemp -d)" \
&& mv cfg/conf.sample.php cfg/conf.php \ && gpg2 --list-public-keys || /bin/true \
&& wget -qO- https://privatebin.info/key/release.asc | gpg2 --import - \
&& wget -qO /privatebin.tar.gz.asc https://github.com/PrivateBin/PrivateBin/releases/download/${PRIVATEBIN_VER}/PrivateBin-${PRIVATEBIN_VER}.tar.gz.asc \
&& wget -qO /privatebin.tar.gz https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VER}.tar.gz \
&& gpg2 --verify /privatebin.tar.gz.asc \
&& cd srv \
&& tar -xzf /privatebin.tar.gz --strip 1 \
&& mv cfg /privatebin \
&& mv lib /privatebin \
&& mv tpl /privatebin \
&& mv vendor /privatebin \
&& sed -i "s#define('PATH', '');#define('PATH', '/privatebin/');#" index.php \
&& apk del $BUILD_DEPS \ && apk del $BUILD_DEPS \
&& rm -f /var/cache/apk/* && rm -rf /var/cache/apk/* *.md /privatebin.tar.gz* "${GNUPGHOME}"
COPY rootfs / COPY rootfs /
RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
VOLUME /privatebin/data /php/session # mark dirs as volumes that need to be writable, allows running the container --read-only
VOLUME /privatebin/data /php /nginx /tmp /etc/s6.d
EXPOSE 8888 EXPOSE 8888

4
privatebin/rootfs/nginx/sites-enabled/nginx.conf
View File

@ -1,7 +1,7 @@
server { server {
listen 8888; listen 8888;
root /privatebin; root /srv;
index index.php index.html; index index.php;
location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ { location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ {
expires 30d; expires 30d;

2
privatebin/rootfs/usr/local/bin/run.sh
View File

@ -6,5 +6,5 @@ sed -i -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/e
-e "s/<PHP_MIN_SPARE_SERVERS>/$PHP_MIN_SPARE_SERVERS/g" /php/etc/php-fpm.conf \ -e "s/<PHP_MIN_SPARE_SERVERS>/$PHP_MIN_SPARE_SERVERS/g" /php/etc/php-fpm.conf \
-e "s/<PHP_MAX_SPARE_SERVERS>/$PHP_MAX_SPARE_SERVERS/g" /php/etc/php-fpm.conf -e "s/<PHP_MAX_SPARE_SERVERS>/$PHP_MAX_SPARE_SERVERS/g" /php/etc/php-fpm.conf
chown -R $UID:$GID /privatebin /nginx /php /tmp /etc/s6.d chown -R $UID:$GID /privatebin/data /nginx /php /tmp /etc/s6.d
exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d