forked from bunkerity/bunkerweb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
26 lines (18 loc) · 834 Bytes
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
FROM nginx:1.20.1-alpine
COPY . /tmp/bunkerized-nginx-docker
COPY helpers/install.sh /tmp/install.sh
RUN apk --no-cache add bash && \
chmod +x /tmp/install.sh && \
/tmp/install.sh && \
rm -f /tmp/install.sh
COPY helpers/docker.sh /tmp/docker.sh
RUN chmod +x /tmp/docker.sh && \
/tmp/docker.sh && \
rm -f /tmp/docker.sh
# Fix CVE-2021-22945, CVE-2021-22946, CVE-2021-22947 and CVE-2021-40528
RUN apk add "curl>=7.79.0-r0" "libgcrypt>=1.8.8-r1"
VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins
EXPOSE 8080/tcp 8443/tcp
USER nginx:nginx
HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 CMD [ -f /tmp/nginx.pid ] || [ -f /tmp/nginx-temp.pid ] || exit 1
ENTRYPOINT ["/opt/bunkerized-nginx/entrypoint/entrypoint.sh"]