This commit is contained in:
parent
3eafb5891b
commit
34bb52d60d
|
|
@ -42,6 +42,7 @@ RUN git clone --depth 1 -b ${MODSEC_VERSION} --recursive https://github.com/owas
|
|||
# 2. Download Nginx and Modules
|
||||
RUN git clone --depth 1 -b ${MODSEC_NGINX_VERSION} https://github.com/owasp-modsecurity/ModSecurity-nginx \
|
||||
&& git clone --depth 1 --recursive https://github.com/google/ngx_brotli \
|
||||
&& git clone --depth 1 https://github.com/openresty/headers-more-nginx-module \
|
||||
&& curl -fSL https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz -o nginx.tar.gz \
|
||||
&& tar zxf nginx.tar.gz
|
||||
|
||||
|
|
@ -72,6 +73,7 @@ RUN export PKG_CONFIG_PATH="/usr/local/modsecurity/lib/pkgconfig:$PKG_CONFIG_PAT
|
|||
--with-pcre-jit \
|
||||
--add-module=/usr/src/ModSecurity-nginx \
|
||||
--add-module=/usr/src/ngx_brotli \
|
||||
--add-module=/usr/src/headers-more-nginx-module \
|
||||
--with-cc-opt='-O3' \
|
||||
&& make -j$(nproc) \
|
||||
&& make install
|
||||
|
|
@ -81,6 +83,7 @@ FROM alpine:3.18
|
|||
|
||||
# Install runtime dependencies and tools
|
||||
RUN apk add --no-cache \
|
||||
pcre \
|
||||
pcre2 \
|
||||
yajl \
|
||||
libxml2 \
|
||||
|
|
@ -97,7 +100,8 @@ RUN apk add --no-cache \
|
|||
nano \
|
||||
openssh-server \
|
||||
sudo \
|
||||
tzdata
|
||||
tzdata \
|
||||
dos2unix
|
||||
|
||||
# Create nginx user
|
||||
RUN addgroup -S nginx && adduser -S nginx -G nginx
|
||||
|
|
@ -133,7 +137,7 @@ RUN git clone -b v3.3.5 https://github.com/coreruleset/coreruleset.git owasp-crs
|
|||
|
||||
# Entrypoint setup
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
RUN dos2unix /entrypoint.sh && chmod +x /entrypoint.sh
|
||||
|
||||
# Prepare Recommended ModSecurity Configs
|
||||
# Prepare Recommended ModSecurity Configs
|
||||
|
|
|
|||
|
|
@ -0,0 +1,7 @@
|
|||
Container producao-nginx-run-1166b5318e75 Creating
|
||||
Container producao-nginx-run-1166b5318e75 Created
|
||||
nginx version: nginx/1.25.3
|
||||
built by gcc 12.2.1 20220924 (Alpine 12.2.1_git20220924-r10)
|
||||
built with OpenSSL 3.1.8 11 Feb 2025
|
||||
TLS SNI support enabled
|
||||
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_v3_module --with-http_realip_module --with-http_auth_request_module --with-http_sub_module --with-http_gzip_static_module --with-http_stub_status_module --with-threads --with-pcre-jit --add-module=/usr/src/ModSecurity-nginx --add-module=/usr/src/ngx_brotli --add-module=/usr/src/headers-more-nginx-module --with-cc-opt=-O3
|
||||
Loading…
Reference in New Issue