feat: multi-stage builds

gokaygurcan · web-flow · commit 33917589b235 · 2024-08-30T17:11:08.000+02:00
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,5 @@
+.github/
+.dockerignore
+.editorconfig
+LICENSE
+README.md
diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml
@@ -25,16 +25,7 @@ jobs:
 
     - id: checkout
       name: Checkout
-      uses: actions/checkout@v3
-
-    - id: login
-      name: Login to Docker Hub
-      uses: docker/login-action@v2
-      if: |
-        github.ref == 'refs/heads/main'
-      with:
-        username: ${{ secrets.DOCKER_USERNAME }}
-        password: ${{ secrets.DOCKER_PASSWORD }}
+      uses: actions/checkout@v4
 
     - id: build
       name: Build image
@@ -48,10 +39,19 @@ jobs:
         docker volume create usr-share-geoip
         docker run --rm --name geoipupdate -v usr-share-geoip:/usr/share/GeoIP -e GEOIPUPDATE_FREQUENCY=0 -e GEOIPUPDATE_ACCOUNT_ID='${{ secrets.GEOIPUPDATE_ACCOUNT_ID }}' -e GEOIPUPDATE_LICENSE_KEY='${{ secrets.GEOIPUPDATE_LICENSE_KEY }}' -e GEOIPUPDATE_EDITION_IDS='GeoLite2-City GeoLite2-Country' maxmindinc/geoipupdate
         docker run --rm --name nginx gokaygurcan/nginx nginx -V
+    
+    - id: login
+      name: Login to Docker Hub
+      uses: docker/login-action@v3
+      if: |
+        github.ref == 'refs/heads/main'
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
 
     - id: push
       name: Push to Docker Registry
-      uses: docker/build-push-action@v3
+      uses: docker/build-push-action@v6
       if: |
         github.ref == 'refs/heads/main'
       with:
diff --git a/Dockerfile b/Dockerfile
@@ -1,17 +1,15 @@
 # gokaygurcan/dockerfile-nginx
 
-FROM gokaygurcan/ubuntu:latest
-
-# metadata
+FROM gokaygurcan/ubuntu:latest as build-nginx
 LABEL maintainer "Gökay Gürcan <docker@gokaygurcan.com>"
 
 ARG DEBIAN_FRONTEND=noninteractive
 ENV USR_SRC=/usr/src \
     USR_SRC_NGINX=/usr/src/nginx \
     USR_SRC_NGINX_MODS=/usr/src/nginx/modules \
-    NGINX_VERSION=1.27.0 \
+    NGINX_VERSION=1.27.1 \
     OPENSSL_VERSION=3.3.1 \
-    LIBMAXMINDDB_VERSION=1.10.0
+    LIBMAXMINDDB_VERSION=1.11.0
 
 USER root
 
@@ -98,6 +96,7 @@ RUN set -ex && \
     mv eustas-ngx_brotli-* brotli && \
     cd ${USR_SRC_NGINX_MODS}/brotli/deps && \
     rm -rf ./brotli && \
+    # google/brotli
     aria2c -q https://github.com/google/brotli/tarball/master && \
     tar -xzf google-brotli-*.tar.gz && \
     rm google-brotli-*.tar.gz && \
@@ -107,10 +106,9 @@ RUN set -ex && \
     aria2c -q https://github.com/aperezdc/ngx-fancyindex/tarball/master && \
     tar -xzf aperezdc-ngx-fancyindex-*.tar.gz && \
     rm aperezdc-ngx-fancyindex-*.tar.gz && \
-    mv aperezdc-ngx-fancyindex-* fancyindex 
-
+    mv aperezdc-ngx-fancyindex-* fancyindex && \
     # compile nginx
-RUN cd ${USR_SRC_NGINX} && \
+    cd ${USR_SRC_NGINX} && \
     sh ./configure \
     --conf-path=/etc/nginx/nginx.conf \
     --sbin-path=/usr/sbin/nginx \
@@ -159,6 +157,8 @@ RUN cd ${USR_SRC_NGINX} && \
     make && \
     make install && \
     echo "✓" | tee /usr/local/nginx/html/index.html && \
+    # Diffie-Hellman
+    openssl dhparam -dsaparam -out /etc/nginx/dhparam.pem 4096 && \
     # clean up
     rm /etc/nginx/*.default && \
     apt-get autoclean -yqq && \
@@ -171,13 +171,21 @@ RUN cd ${USR_SRC_NGINX} && \
     ln -sf /dev/stdout /var/log/nginx/access.log && \
     ln -sf /dev/stderr /var/log/nginx/error.log
 
+# FROM ubuntu:noble
+FROM gokaygurcan/ubuntu:latest
+LABEL maintainer "Gökay Gürcan <docker@gokaygurcan.com>"
+
+COPY --from=build-nginx /etc/nginx /etc/nginx
+COPY --from=build-nginx /usr/local/nginx /usr/local/nginx
+COPY --from=build-nginx /var/log/nginx /var/log/nginx
+COPY --from=build-nginx /usr/sbin/nginx /usr/sbin/nginx
+
 WORKDIR /etc/nginx
 
 # copy configs from docker folder
 COPY docker /
 
-# Diffie-Hellman
-RUN openssl dhparam -dsaparam -out /etc/nginx/dhparam.pem 4096
+ENV PATH "${PATH}:/usr/sbin/nginx"
 
 EXPOSE 80/tcp 443/tcp
 
diff --git a/README.md b/README.md
@@ -10,9 +10,9 @@
 
 | Variable             | Version                |
 | -------------------- | ---------------------- |
-| NGINX_VERSION        | 1.27.0                 |
+| NGINX_VERSION        | 1.27.1                 |
 | OPENSSL_VERSION      | 3.3.1                  |
-| LIBMAXMINDDB_VERSION | 1.10.0                 |
+| LIBMAXMINDDB_VERSION | 1.11.0                 |
 
 ## Additional packages
 
diff --git a/docker/etc/nginx/conf.optional.d/more_headers.conf b/docker/etc/nginx/conf.optional.d/more_headers.conf
@@ -1 +1,2 @@
 more_set_headers                                    "Server: Unknown";
+more_set_headers                                    "X-Powered-By: gokaygurcan/nginx";
diff --git a/docker/etc/nginx/nginx.conf b/docker/etc/nginx/nginx.conf
@@ -57,5 +57,6 @@ http {
 
     # include configs
     include                                         /etc/nginx/conf.d/*.conf;
+    # include                                         /etc/nginx/conf.optional.d/*.conf;
     include                                         /etc/nginx/sites-enabled/**/*;
 }

Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`	`1`	`more_set_headers "Server: Unknown";`
	`2`	`+more_set_headers "X-Powered-By: gokaygurcan/nginx";`
Original file line number	Diff line number	Diff line change
`@@ -57,5 +57,6 @@ http {`
`57`	`57`
`58`	`58`	`# include configs`
`59`	`59`	`include /etc/nginx/conf.d/*.conf;`
	`60`	`+ # include /etc/nginx/conf.optional.d/*.conf;`
`60`	`61`	`include /etc/nginx/sites-enabled/*/;`
`61`	`62`	`}`