-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
52 lines (38 loc) · 1.33 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
FROM ubuntu:jammy AS builder
ARG NGX_VERSION=1.22.0
COPY ./packages-build.txt ./packages.txt
RUN apt-get update \
&& xargs -a packages.txt -r apt-get install -y \
&& rm -rf /var/lib/apt/lists/*
RUN wget https://nginx.org/download/nginx-${NGX_VERSION}.tar.gz -qO - | tar xzf -
WORKDIR nginx-${NGX_VERSION}
COPY ./module-sgx/ ./module-sgx/
RUN git clone https://github.com/openresty/echo-nginx-module.git &&\
./configure \
--prefix=/entrypoint \
--without-http_rewrite_module \
--with-http_ssl_module \
--with-http_geoip_module \
--with-compat \
--add-dynamic-module=./module-sgx \
--add-dynamic-module=./echo-nginx-module
RUN make -j
RUN make -j modules
RUN make install
# final stage
FROM enclaive/gramine-os:jammy-33576d39
RUN apt-get update \
&& apt-get install -y geoip-database libgeoip-dev \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /entrypoint/ /entrypoint/
COPY ./conf/ /entrypoint/conf/
COPY ./ssl/ /entrypoint/conf/ssl/
COPY ./html/ /entrypoint/html/
COPY ./nginx.manifest.template /manifest/
# creates self-signed server certificate if not present
RUN cd /entrypoint/conf/ssl/ && ./cert-gen.sh && cd - \
&& /manifest/manifest.sh nginx \
&& rm -rf /entrypoint/conf/ca.* /entrypoint/conf/cert-gen.sh
ENTRYPOINT [ "/entrypoint/enclaive.sh" ]
CMD [ "nginx" ]
EXPOSE 80 443