backports support added

34df6b47 · Michał 'rysiek' Woźniak · 08299f1d · 34df6b47 · 34df6b47
Commit 34df6b47 authored Aug 15, 2018 by Michał 'rysiek' Woźniak
Hide whitespace changes
Inline Side-by-side

Showing with 58 additions and 15 deletions

Dockerfile Dockerfile +38 -14

README.md README.md +20 -1

No files found.
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,6 +21,11 @@ FROM debian:stretch
 # based on: https://github.com/nginxinc/docker-nginx/blob/1eea9f7d082dff426e7923a90138de804038266d/Dockerfile
 MAINTAINER Michał "rysiek" Woźniak <rysiek@occrp.org>

+# requirements
+RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
+    apt-get install -y ca-certificates inotify-tools gnupg2 && \
+    rm -rf /var/lib/apt/lists/*
+
 #
 # which package do we want?
 # possible versions: nginx, nginx-light, nginx-full, nginx-extras
@@ -29,16 +34,8 @@ MAINTAINER Michał "rysiek" Woźniak <rysiek@occrp.org>
 # otherwise, the Debian-provided package is installed; compare versions here:
 # https://wiki.debian.org/Nginx#Recap_of_the_different_modules_in_every_package_.28starting_Squeeze-Backports.29
 ARG NGINX_PACKAGE=nginx
-
-# NOTICE: Debian-provided packages are *older*, so adjust NGINX_VERSION accordingly
-#         (as of this writing Debian stretch package version is at 1.10*)
-ARG NGINX_VERSION=1.13*
-
-# requirements
-RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
-    apt-get install -y ca-certificates inotify-tools gnupg2 && \
-    rm -rf /var/lib/apt/lists/*
-
+ARG INSTALL_PACKAGES=
+    
 # reality check
 RUN case $NGINX_PACKAGE in \
    nginx) \
@@ -46,9 +43,14 @@ RUN case $NGINX_PACKAGE in \
        apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
        echo "deb http://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list; \
        ;; \
-    nginx-light|nginx-full|nginx-extras) \
+    nginx-light*|nginx-full*|nginx-extras*) \
        echo "+-- building with Debian-provided package: ${NGINX_PACKAGE}"; \
-        echo "\n* * * NOTICE: if build fails, make sure NGINX_VERSION is properly adjusted to what is available in Debian repository!\n\n"; \
+        echo "\n* * * NOTICE: if build fails, make sure NGINX_VERSION is properly adjusted to what is available in Debian repositories!\n\n"; \
+        echo "$NGINX_PACKAGE $INSTALL_PACKAGES" | tr ' ' '\n' | egrep ':backports$' >/dev/null 2>&1 && \
+            echo "* * * Setting up backports to install: " && \
+            echo "$NGINX_PACKAGE $INSTALL_PACKAGES" | tr ' ' '\n' | egrep ':backports$' | sed -r -e 's/:backports$//'; \
+            echo "\n"; \
+            echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/stretch-backports.list ; \
        ;; \
    *) \
        echo "\n* * * ERROR: unknown nginx package: ${NGINX_PACKAGE}; please use one of: nginx, nginx-light, nginx-full, nginx-extras\n\n"; \
@@ -56,16 +58,38 @@ RUN case $NGINX_PACKAGE in \
        ;; \
    esac

+# NOTICE: Debian-provided packages are *older*, so adjust NGINX_VERSION accordingly
+#         (as of this writing Debian stretch package version is at 1.10*)
+ARG NGINX_VERSION=1.13*
+    
 RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
-    apt-get install -y "${NGINX_PACKAGE}"="${NGINX_VERSION}" && \
+    case "$NGINX_PACKAGE" in \
+        *:backports) \
+            echo "* * * installing backports nginx package: ${NGINX_PACKAGE%:backports}"; \
+            export BACKPORTS_ENABLED="-t stretch-backports"; \
+            ;; \
+        *) \
+            echo "* * * installing mainline nginx package: $NGINX_PACKAGE"; \
+    esac; \
+    apt-get install -y $BACKPORTS_ENABLED "${NGINX_PACKAGE%:backports}"="${NGINX_VERSION}" && \
    rm -rf /var/lib/apt/lists/*
    
 # we might need to install some packages, but doing this in the entrypoint doesn't make any sense
 ARG INSTALL_PACKAGES
 RUN if [ "$INSTALL_PACKAGES" != "" ]; then \
+        MAINLINE_PACKAGES="$( echo "$INSTALL_PACKAGES" | tr ' ' '\n' | egrep -v ':backports$' | tr '\n' ' ' )"; \
+        echo "* * * installing mainline packages: $MAINLINE_PACKAGES"; \
+        BACKPORTS_PACKAGES="$( echo "$INSTALL_PACKAGES" | tr ' ' '\n' | egrep ':backports$' | sed -r -e 's/:backports$//' | tr '\n' ' ' )"; \
+        echo "* * * installing backports packages: $BACKPORTS_PACKAGES"; \
        export DEBIAN_FRONTEND=noninteractive && apt-get update && apt-get install -y \
-            $INSTALL_PACKAGES \
+            $MAINLINE_PACKAGES \
            --no-install-recommends && \
+        if [ "$BACKPORTS_PACKAGES" != "" ]; then \
+            apt-get install -y \
+                -t stretch-backports \
+                $BACKPORTS_PACKAGES \
+                --no-install-recommends ; \
+        fi; \
        rm -rf /var/lib/apt/lists/* ; \
    fi


--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ By default, `nginx` package from `nginx.org` is being installed. If `NGINX_PACKA

 The `NGINX_VERSION` build argument controls the `nginx` package version that is going to be installed. By default, version `1.13*` (the latest) is used.

-**NOTICE: package versions in official Debian repositories are much older than on `nginx.org`; hence, when using them, remember to set `NGINX_VERSION` accordingly. As of this writing Debian jessie package version is at `1.10*`.**
+**NOTICE: package versions in official Debian repositories are much older than on `nginx.org`; hence, when using them, remember to set `NGINX_VERSION` accordingly. As of this writing Debian stretch package version is at `1.10*`.**

 ## Environment variables

@@ -27,6 +27,19 @@ The `NGINX_VERSION` build argument controls the `nginx` package version that is
 - `DHPARAM_FILE` (default: "`/etc/ssl/nginx/dhparam.pem`")
    these control the locations where the `run.sh` script expects to find the `nginx` pidfile, the file to watch for logrotate signalling, and the SSL DH parameters files; these should reflect `nginx` config.

+- `NGINX_PACKAGE` (default: "`nginx`")
+- `NGINX_VERSION` (default: "`1.13*`")
+
+Name of Nginx package to install, and version of it. If the package name is exactly `nginx`, it is installed from official Nginx repositories; otherwise it is installed from Debian repositories. Backports repository is supported in the latter case the same way as in `INSTALL_PACKAGES` (see below).
+
+- `INSTALL_PACKAGES` (default: empty)
+
+Space-separated list of packages to be installed upon building the container. All packages are installed with `--no-install-recommend` flag passed to `apt-get`.
+
+Installing packages from [Debian Backports](https://backports.debian.org/) is supported by appending `:backports` to a package name. The backports repository will be added automagically if there is at least one package to be installed from it.
+
+For example, setting `INSTALL_PACKAGES` to `tmux:backports screen` will install `screen` from the main repository, then set-up `stretch-backports`, and install `tmux` from there. This also works with package versions and regexen: setting `INSTALL_PACKAGES` to `tmux=2.2-1~bpo8+1:backports` will set-up `stretch-backports` and install version `2.2-1~bpo8+1` of `tmux` from there; setting `INSTALL_PACKAGES` to `vim*:backports` will set-up `stretch-backports` and install all packages whise names start with `vim` from there,
+    
 ### Examples

 Building the image with `nginx` package from `nginx.org`, version `1.13.x` (i.e. the default):
@@ -43,6 +56,12 @@ Building the image with `nginx-extras` package from the Debian repository, versi
 docker build --build-arg=NGINX_PACKAGE=nginx-extras --build-arg=NGINX_VERSION=1.10* --no-cache ./
 ```

+Building the image with `nginx-full` package from the Debian backports repository, version `1.13*`:
+
+```
+docker build --build-arg=NGINX_PACKAGE=nginx-full:backports --build-arg=NGINX_VERSION=1.13* --no-cache ./
+```
+
 ## Operation

 Upon start it creates a dhparam file in `$DHPARAM_FILE` (if the file does not exist) and sets an `inotify` watch on `$WATCH_FILE`. Once the watch discovers that the watchfile has been modified, it sends the `USR1` signal to `nginx`, which causes it to reload the logfiles.