Commit ecce3b97 authored by Michał 'rysiek' Woźniak's avatar Michał 'rysiek' Woźniak
Browse files

support for installing nginx-(light|full|extras) packages from the Debian repository; documentation

parent 56b8a260
......@@ -19,17 +19,40 @@ FROM debian:jessie
# along with this program. If not, see <>.
# based on:
#MAINTAINER NGINX Docker Maintainers ""
MAINTAINER Michał "rysiek" Woźniak <>
RUN apt-key adv --keyserver hkp:// --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
RUN echo "deb jessie nginx" >> /etc/apt/sources.list
# which package do we want?
# possible versions: nginx, nginx-light, nginx-full, nginx-extras
# if version is the default -- "nginx" -- the package is installed
# otherwise, the Debian-provided package is installed; compare versions here:
# NOTICE: Debian-provided packages are *older*, so adjust NGINX_VERSION accordingly
# (as of this writing Debian jessie package version is at 1.6*)
# yeah, we'll pin on this
# reality check
nginx) \
echo "+-- building with package: ${NGINX_PACKAGE}"; \
apt-key adv --keyserver hkp:// --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
echo "deb jessie nginx" >> /etc/apt/sources.list; \
;; \
nginx-light|nginx-full|nginx-extras) \
echo "+-- building with Debian-provided package: ${NGINX_PACKAGE}"; \
echo "\n* * * NOTICE: if build fails, make sure NGINX_VERSION is properly adjusted to what is available in Debian repository!\n\n"; \
;; \
*) \
echo "\n* * * ERROR: unknown nginx package: ${NGINX_PACKAGE}; please use one of: nginx, nginx-light, nginx-full, nginx-extras\n\n"; \
exit 1; \
;; \
RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
apt-get install -y ca-certificates nginx="${NGINX_VERSION}" inotify-tools && \
apt-get install -y ca-certificates "${NGINX_PACKAGE}"="${NGINX_VERSION}" inotify-tools && \
rm -rf /var/lib/apt/lists/*
# forward request and error logs to docker log collector
......@@ -45,5 +68,4 @@ RUN chmod +x /
VOLUME ["/var/cache/nginx", "/etc/nginx"]
EXPOSE 80 443
#CMD ["nginx", "-g", "daemon off;"]
CMD ["/"]
\ No newline at end of file
......@@ -2,6 +2,34 @@
Watchful NginX container -- `nginx` docker container that watches for logrotated logfiles using `inotify` and makes sure `nginx` reloads them when needed. A nasty, but functional, kludge of a work-around for [lack of PID namespaces in docker](
## Building
The image can be built with either [`nginx` package installed from `` repository](, or any of [`nginx-light`, `nginx-full`, `nginx-extras` installed from official Debian repository]( This is controlled by `NGINX_PACKAGE` build argument.
By default, `nginx` package from `` is being installed. If `NGINX_PACKAGE` is set to anything else than `nginx`, packages from default Debian repositories are used instead.
The `NGINX_VERSION` build argument controls the `nginx` package version that is going to be installed. By default, version `1.11*` (the latest) is used.
**NOTICE: package versions in official Debian repositories are much older than on ``; hence, when using them, remember to set `NGINX_VERSION` accordingly. As of this writing Debian jessie package version is at `1.6*`.**
### Examples
Building the image with `nginx` package from ``, version `1.11.x` (i.e. the default):
docker build ./
# equivalent to
docker build --build-arg=NGINX_PACKAGE=nginx --build-arg=NGINX_VERSION=1.11* --no-cache ./
Building the image with `nginx-extras` package from the Debian repository, version `1.6*`:
docker build --build-arg=NGINX_PACKAGE=nginx-extras --build-arg=NGINX_VERSION=1.6* --no-cache ./
## Operation
Upon start it creates a dhparam file in `/etc/ssl/nginx/dhparam.pem` (if the file does not exist) and sets an `inotify` watch on `/srv/logs/nginx/logrotate`. Once the watch discovers that the watchfile has been modified, it sends the `USR1` signal to `nginx`, which causes it to reload the logfiles.
Use by volume-mounting the watchfile in this container and in a container that logrotate runs in, and making sure logrotate touches/modifies that file, for instance by using the following in your logrotate config files:
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment