| Nico Huber | 38c14da | 2023-06-24 16:59:28 +0000 | [diff] [blame] | 1 | ARG SSL_VARIANT=selfsigned |
| 2 | ARG NGINX_TAG=1.25-alpine |
| 3 | |
| 4 | |
| 5 | FROM nginx:${NGINX_TAG} as nginx_letsencrypt |
| 6 | |
| 7 | ONBUILD RUN echo "Let's encrypt support not implemented yet."; exit 1 |
| 8 | |
| 9 | |
| 10 | FROM nginx:${NGINX_TAG} as nginx_selfsigned |
| 11 | |
| 12 | ARG SELFSIGNED_REQ_HOST |
| 13 | ARG SELFSIGNED_REQ_ALT_NAMES |
| 14 | ONBUILD RUN test "${SELFSIGNED_REQ_HOST}" || { echo "Require SELFSIGNED_REQ_HOST argument."; exit 1; } |
| 15 | ONBUILD RUN \ |
| 16 | apk add openssl && \ |
| 17 | printf "DE\nHassia\nEschborn\nSource Arcade\nWeb\n${SELFSIGNED_REQ_HOST}\n\n" | \ |
| 18 | openssl req -x509 -nodes -days 14 -newkey rsa:2048 \ |
| 19 | -addext "subjectAltName = ${SELFSIGNED_REQ_ALT_NAMES}" \ |
| 20 | -keyout /etc/ssl/private/sa-selfsigned.key \ |
| 21 | -out /etc/ssl/certs/sa-selfsigned.crt && \ |
| 22 | apk del openssl |
| 23 | |
| 24 | |
| 25 | FROM nginx_${SSL_VARIANT} |
| Nico Huber | d652872 | 2023-07-01 14:38:39 +0000 | [diff] [blame^] | 26 | |
| 27 | COPY nginx/Dockerfile.entrypoint /nginx-entrypoint |
| 28 | RUN chmod 544 /nginx-entrypoint |
| 29 | |
| 30 | ENTRYPOINT ["/bin/sh", "/nginx-entrypoint"] |
| 31 | CMD ["nginx", "-g", "daemon off;"] |