FROM nginx:1.27.5
RUN /bin/rm -f /etc/apt/sources.list.d/debian.sources &&
echo "deb http://mirrors.nju.edu.cn/debian/ bookworm main contrib non-free non-free-firmware" >/etc/apt/sources.list &&
echo "deb http://mirrors.nju.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware" >>/etc/apt/sources.list &&
echo "deb http://mirrors.nju.edu.cn/debian-security bookworm-security/updates main contrib non-free non-free-firmware" >>/etc/apt/sources.list &&
apt-get update && apt-get install -y --no-install-recommends \
gcc \
g++ \
make \
libpcre3 \
libpcre3-dev \
libssl-dev \
libxml2 \
libxml2-dev \
libcurl4-openssl-dev \
libgeoip-dev \
libyajl-dev \
pkg-config \
zlib1g-dev \
automake \
autoconf \
libtool &&
rm -rf /var/lib/apt/lists/*
WORKDIR /app
ADD ./modsecurity-v3.0.13.tar.gz /app
RUN cd modsecurity-v3.0.13 &&
./build.sh &&
./configure --prefix=/app/modsecurity &&
make &&
make install &&
cd .. &&
rm -rf modsecurity-v3.0.13
ADD ./ModSecurity-nginx-v1.0.4.tar.gz /app
ADD ./nginx-1.27.5.tar.gz /app
RUN cd nginx-1.27.5 &&
ln -svf /app/modsecurity /usr/local &&
./configure --with-compat --add-dynamic-module=../ModSecurity-nginx-v1.0.4 &&
make modules &&
cp objs/ngx_http_modsecurity_module.so /usr/lib/nginx/modules/ngx_http_modsecurity_module.so &&
sed -i '/events {/iload_module modules/ngx_http_modsecurity_module.so;\n' /etc/nginx/nginx.conf &&
cd .. &&
rm -rf nginx-1.27.5
Categories:
docker与kubernetes