FROM nginx:1.27.5
RUN /bin/rm -f /etc/apt/sources.list.d/debian.sources && \
echo "deb http://mirrors.nju.edu.cn/debian/ bookworm main contrib non-free non-free-firmware" >/etc/apt/sources.list && \
echo "deb http://mirrors.nju.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware" >>/etc/apt/sources.list && \
echo "deb http://mirrors.nju.edu.cn/debian-security bookworm-security/updates main contrib non-free non-free-firmware" >>/etc/apt/sources.list && \
apt-get update && apt-get install -y --no-install-recommends \
gcc \
g++ \
make \
libpcre3 \
libpcre3-dev \
libssl-dev \
libxml2 \
libxml2-dev \
libcurl4-openssl-dev \
libgeoip-dev \
libyajl-dev \
libbrotli-dev \
pkg-config \
zlib1g-dev \
automake \
autoconf \
libtool && \
rm -rf /var/lib/apt/lists/*
WORKDIR /app
ADD ./modsecurity-v3.0.13.tar.gz /app
RUN cd modsecurity-v3.0.13 && \
./build.sh && \
./configure --prefix=/app/modsecurity && \
make && \
make install && \
cd .. && \
rm -rf modsecurity-v3.0.13
ADD ./ModSecurity-nginx-v1.0.4.tar.gz /app
ADD ./ngx_brotli.tar.gz /app
ADD ./nginx-1.27.5.tar.gz /app
RUN cd nginx-1.27.5 && \
ln -svf /app/modsecurity /usr/local && \
./configure --with-compat --add-dynamic-module=../ModSecurity-nginx-v1.0.4 --add-dynamic-module=../ngx_brotli && \
make modules && \
cp objs/ngx_http_modsecurity_module.so /usr/lib/nginx/modules/ngx_http_modsecurity_module.so && \
cp objs/ngx_http_brotli_filter_module.so objs/ngx_http_brotli_static_module.so /usr/lib/nginx/modules/ && \
sed -i '/events {/iload_module modules/ngx_http_modsecurity_module.so;\nload_module modules/ngx_http_brotli_filter_module.so;\nload_module modules/ngx_http_brotli_static_module.so;\n' /etc/nginx/nginx.conf && \
cd .. && \
rm -rf nginx-1.27.5
Categories:
docker与kubernetes