diff --git a/consul-dns-srv-demo/README.md b/consul-dns-srv-demo/README.md index 917b2d14..81536282 100644 --- a/consul-dns-srv-demo/README.md +++ b/consul-dns-srv-demo/README.md @@ -54,7 +54,10 @@ Install Vagrant using the necessary package for your OS: $ sudo su ``` - The demo files will be in `/srv/NGINX-Demos/consul-dns-srv-demo` + The demo files will be in: + ``` + $ cd /srv/NGINX-Demos/consul-dns-srv-demo + ``` 7. Now simply follow the steps listed under section 'Running the demo'. diff --git a/consul-dns-srv-demo/Vagrantfile b/consul-dns-srv-demo/Vagrantfile index 863dcb52..3460e125 100644 --- a/consul-dns-srv-demo/Vagrantfile +++ b/consul-dns-srv-demo/Vagrantfile @@ -1,6 +1,6 @@ Vagrant.configure(2) do |config| - config.vm.box = "ubuntu/bionic64" + config.vm.box = "bento/ubuntu-22.04" config.vm.network "private_network", :ip => "10.2.2.70" config.vm.synced_folder "../consul-dns-srv-demo/", "/srv/NGINX-Demos/consul-dns-srv-demo" diff --git a/consul-dns-srv-demo/nginxplus/Dockerfile b/consul-dns-srv-demo/nginxplus/Dockerfile index 8b972d71..8d74875f 100644 --- a/consul-dns-srv-demo/nginxplus/Dockerfile +++ b/consul-dns-srv-demo/nginxplus/Dockerfile @@ -1,5 +1,4 @@ -# For Debian 9 -FROM debian:stretch-slim +FROM debian:bullseye-slim LABEL maintainer="NGINX Docker Maintainers " @@ -10,34 +9,63 @@ COPY nginx-repo.key /etc/ssl/nginx/ # Install NGINX Plus RUN set -x \ - && apt-get update && apt-get upgrade -y \ - && apt-get install --no-install-recommends --no-install-suggests -y apt-transport-https ca-certificates gnupg1 \ - && \ - NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ - found=''; \ - for server in \ - ha.pool.sks-keyservers.net \ - hkp://keyserver.ubuntu.com:80 \ - hkp://p80.pool.sks-keyservers.net:80 \ - pgp.mit.edu \ - ; do \ - echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ - apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ - done; \ - test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ - echo "Acquire::https::plus-pkgs.nginx.com::Verify-Peer \"true\";" >> /etc/apt/apt.conf.d/90nginx \ - && echo "Acquire::https::plus-pkgs.nginx.com::Verify-Host \"true\";" >> /etc/apt/apt.conf.d/90nginx \ - && echo "Acquire::https::plus-pkgs.nginx.com::SslCert \"/etc/ssl/nginx/nginx-repo.crt\";" >> /etc/apt/apt.conf.d/90nginx \ - && echo "Acquire::https::plus-pkgs.nginx.com::SslKey \"/etc/ssl/nginx/nginx-repo.key\";" >> /etc/apt/apt.conf.d/90nginx \ - && printf "deb https://plus-pkgs.nginx.com/debian stretch nginx-plus\n" > /etc/apt/sources.list.d/nginx-plus.list \ - && apt-get update && apt-get install -y nginx-plus \ - && apt-get remove --purge --auto-remove -y gnupg1 \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /etc/ssl/nginx - +# Create nginx user/group first, to be consistent throughout Docker variants + && addgroup --system --gid 101 nginx \ + && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 101 nginx \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + ca-certificates \ + gnupg1 \ + lsb-release \ + && \ + NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \ + NGINX_GPGKEY_PATH=/usr/share/keyrings/nginx-archive-keyring.gpg; \ + export GNUPGHOME="$(mktemp -d)"; \ + found=''; \ + for server in \ + hkp://keyserver.ubuntu.com:80 \ + pgp.mit.edu \ + ; do \ + echo "Fetching GPG key $NGINX_GPGKEY from $server"; \ + gpg1 --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \ + done; \ + test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \ + gpg1 --export "$NGINX_GPGKEY" > "$NGINX_GPGKEY_PATH" ; \ + rm -rf "$GNUPGHOME"; \ + apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \ +# Install the latest release of NGINX Plus and/or NGINX Plus modules +# Uncomment individual modules if necessary +# Use versioned packages over defaults to specify a release + && nginxPackages=" \ + nginx-plus \ + # nginx-plus=${NGINX_VERSION}-${PKG_RELEASE} \ + # nginx-plus-module-xslt \ + # nginx-plus-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} \ + # nginx-plus-module-geoip \ + # nginx-plus-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} \ + # nginx-plus-module-image-filter \ + # nginx-plus-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} \ + # nginx-plus-module-perl \ + # nginx-plus-module-perl=${NGINX_VERSION}-${PKG_RELEASE} \ + # nginx-plus-module-njs \ + # nginx-plus-module-njs=${NGINX_VERSION}+${NJS_VERSION}-${PKG_RELEASE} \ + " \ + && echo "Acquire::https::pkgs.nginx.com::Verify-Peer \"true\";" > /etc/apt/apt.conf.d/90nginx \ + && echo "Acquire::https::pkgs.nginx.com::Verify-Host \"true\";" >> /etc/apt/apt.conf.d/90nginx \ + && echo "Acquire::https::pkgs.nginx.com::SslCert \"/etc/ssl/nginx/nginx-repo.crt\";" >> /etc/apt/apt.conf.d/90nginx \ + && echo "Acquire::https::pkgs.nginx.com::SslKey \"/etc/ssl/nginx/nginx-repo.key\";" >> /etc/apt/apt.conf.d/90nginx \ + && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/plus/debian `lsb_release -cs` nginx-plus\n" > /etc/apt/sources.list.d/nginx-plus.list \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + $nginxPackages \ + curl \ + gettext-base \ + && apt-get remove --purge -y lsb-release \ + && apt-get remove --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx-plus.list \ + && rm -rf /etc/apt/apt.conf.d/90nginx /etc/ssl/nginx \ # Forward request logs to Docker log collector -RUN ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log EXPOSE 80 8080 443