nginx 镜像模板&容器模板（编译）

为了降低容器权限风险，使用普通用户启动nginx进程，所以编译nginx版本

自定义编译nginx 版本 Dockerfile：

FROM rockylinux:8.10

ENV NGINX_VERSION=nginx-1.22.0 \
    PATH=$PATH:/usr/local/nginx/sbin \
    WWWROOT="/usr/lcoal/nginx/html" \
    LANG="en_US.UTF-8" \
    TERM=xterm

COPY ${NGINX_VERSION}.tar.gz /

RUN rm -rf /etc/localtime ;echo 'Asia/Shanghai' >/etc/timezone && \
    ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
    dnf install -y gcc gcc-c++ make openssl-devel pcre-devel gd-devel iproute net-tools telnet wget curl && \
    dnf autoremove; dnf clean all && \
    useradd -M -s /sbin/nginx nginx && \
    tar zxf ${NGINX_VERSION}.tar.gz && \
    cd ${NGINX_VERSION} && \
        ./configure --prefix=/usr/local/nginx \
        --user=nginx --group=nginx \
    --with-http_ssl_module \
    --with-http_stub_status_module && \
    make -j 4 && make install && \
    rm -rf /usr/local/nginx/html/* && \
    chown -R nginx:nginx /usr/local/nginx && \
    echo "ok" >> /usr/local/nginx/html/status.html && \
    cd / && rm -rf ${NGINX_VERSION}*

#COPY nginx.conf /usr/local/nginx/conf/nginx.conf
#COPY default.conf /usr/local/nginx/conf.d/default.conf

WORKDIR /usr/local/nginx/html

EXPOSE 80

CMD ["/usr/local/nginx/sbin/nginx"", "-g", "daemon off;"]

构建镜像：

docker build -t nginx:22 .

nginx 业务镜像

FROM nginx:22
COPY dist/  /usr/local/nginx/html/
EXPOSE 8085
CMD ["/usr/local/nginx/sbin/nginx"", "-g", "daemon off;"]

nginx.conf模板：

user  nginx;
worker_processes  auto;

error_log  logs/error.log warn;
pid        /usr/local/nginx/nginx.pid;


events {
    use epoll;
    worker_connections  102400;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    charset utf-8;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  logs/access.log  main;

    sendfile        on;
    tcp_nopush     on;

    keepalive_timeout  65;

    gzip  on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types text/plain text/css application/x-javascript;
    gzip_vary on;

    include /usr/local/nginx/conf.d/*.conf;
}

default.conf

server {
    listen       8085;
    server_name  localhost;

    charset utf-8;
    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
        try_files $uri $uri/  /index.html;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}