From 9e0df775528db233125a82c6f4bdf9dc7bc00f35 Mon Sep 17 00:00:00 2001 From: Catalin Constantin Mititiuc Date: Sat, 13 Sep 2025 19:17:50 -0700 Subject: [PATCH 1/7] Update README with TSL cert renewal command --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 5b06add..e59508c 100644 --- a/README.md +++ b/README.md @@ -90,6 +90,13 @@ example: $ make deploy +### renew server TSL certs + +SSH into server admin account and run: + + $ cd www + $ dehydrated --config config -c + ## gotchas ### What is error `cosmo failed: [string "..."]:62: cannot resume dead coroutine`? -- 2.39.5 From 0f826ce3c41a7effbd12d82c825c88a0527e6a43 Mon Sep 17 00:00:00 2001 From: Catalin Constantin Mititiuc Date: Mon, 24 Nov 2025 20:33:16 -0800 Subject: [PATCH 2/7] WIP: install openresty --- Dockerfile | 88 ++++++++++++++++++++++++++++++++------------ Dockerfile.buildpack | 82 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 147 insertions(+), 23 deletions(-) create mode 100644 Dockerfile.buildpack diff --git a/Dockerfile b/Dockerfile index d213f0e..a912ce6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,37 +1,79 @@ -FROM openresty/openresty:bookworm-buildpack +# FROM openresty/openresty:bookworm-buildpack +FROM buildpack-deps:trixie -WORKDIR /opt/app - -ARG version=3.7.0.1 +ARG version=3.8.2.1 ARG pkgname=pandoc-$version-1-amd64.deb ARG pkgurl=https://github.com/jgm/pandoc/releases/download/$version/$pkgname +ARG RESTY_DEB_FLAVOR="" +ARG RESTY_DEB_VERSION="=1.27.1.2-1~bookworm1" +ARG RESTY_LUAROCKS_VERSION="3.12.2" + RUN apt-get update && apt-get install -y \ - python3-pygments lua-inotify wget && \ + python3-pygments lua-inotify wget curl tar make && \ wget -q -O $pkgname $pkgurl && dpkg -i $pkgname && rm $pkgname -RUN luarocks install sitegen +WORKDIR /opt/app + +# COPY openresty.source /etc/apt/sources.list.d/ +# RUN cat openresty.source >> /etc/apt/sources.list.d/debian.sources +# RUN echo "$(cat openresty.source)" >> /etc/apt/sources.list.d/debian.sources + +RUN wget -qO - https://openresty.org/package/pubkey.gpg | gpg --dearmor > /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && chown root:root /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && chmod ugo+r /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && chmod go-w /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && echo "Types: deb\nURIs: https://openresty.org/package/debian\nSuites: bookworm\nComponents: openresty\nEnabled: yes\nSigned-By: /etc/apt/trusted.gpg.d/openresty-keyring.gpg" >> /etc/apt/sources.list.d/debian.sources \ + && echo "$(cat /etc/apt/sources.list.d/debian.sources)" \ + && DEBIAN_FRONTEND=noninteractive apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + openresty${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ + openresty-resty${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ + openresty-opm${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ + openresty-openssl3${RESTY_DEB_FLAVOR}-dev \ + openresty-pcre2${RESTY_DEB_FLAVOR}-dev \ + openresty-zlib${RESTY_DEB_FLAVOR}-dev \ + && mkdir -p /var/run/openresty \ + && ln -sf /dev/stdout /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/logs/access.log \ + && ln -sf /dev/stderr /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/logs/error.log + +# Install LuaRocks +# RUN curl -fSL https://luarocks.github.io/luarocks/releases/luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -o luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ +# && tar xzf luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ +# && cd luarocks-${RESTY_LUAROCKS_VERSION} \ +# && mkdir -p /usr/local/openresty/luajit \ +# && ./configure \ +# --prefix=/usr/local/openresty/luajit \ +# --with-lua=/usr/local/openresty/luajit \ +# --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 \ +# && make build \ +# && make install \ +# && cd /tmp \ +# && rm -rf luarocks-${RESTY_LUAROCKS_VERSION} luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz + +# RUN luarocks install sitegen # needed for sitegen watcher -RUN luarocks install inotify INOTIFY_INCDIR=/usr/include/x86_64-linux-gnu/ +# RUN luarocks install inotify INOTIFY_INCDIR=/usr/include/x86_64-linux-gnu/ # needed for testing -RUN luarocks install busted -RUN luarocks install luajit-curl -RUN luarocks install luasocket # needed for testing nginx reverse proxy +# RUN luarocks install busted +# RUN luarocks install luajit-curl +# RUN luarocks install luasocket # needed for testing nginx reverse proxy -RUN mkdir -p /var/www/certs/miti.sh \ - && openssl req -x509 -newkey rsa:4096 -nodes \ - -keyout /var/www/certs/miti.sh/privkey.pem \ - -out /var/www/certs/miti.sh/fullchain.pem \ - -sha256 -days 365 -subj '/CN=miti.sh' \ - -addext "subjectAltName=DNS:miti.sh,DNS:git.miti.sh,DNS:apps.miti.sh" +# RUN mkdir -p /var/www/certs/miti.sh \ +# && openssl req -x509 -newkey rsa:4096 -nodes \ +# -keyout /var/www/certs/miti.sh/privkey.pem \ +# -out /var/www/certs/miti.sh/fullchain.pem \ +# -sha256 -days 365 -subj '/CN=miti.sh' \ +# -addext "subjectAltName=DNS:miti.sh,DNS:git.miti.sh,DNS:apps.miti.sh" -RUN mkdir -p /var/www/certs/webdevcat.me \ - && openssl req -x509 -newkey rsa:4096 -nodes \ - -keyout /var/www/certs/webdevcat.me/privkey.pem \ - -out /var/www/certs/webdevcat.me/fullchain.pem \ - -sha256 -days 365 -subj '/CN=webdevcat.me' \ - -addext "subjectAltName=DNS:webdevcat.me,DNS:git.webdevcat.me,DNS:apps.webdevcat.me" +# RUN mkdir -p /var/www/certs/webdevcat.me \ +# && openssl req -x509 -newkey rsa:4096 -nodes \ +# -keyout /var/www/certs/webdevcat.me/privkey.pem \ +# -out /var/www/certs/webdevcat.me/fullchain.pem \ +# -sha256 -days 365 -subj '/CN=webdevcat.me' \ +# -addext "subjectAltName=DNS:webdevcat.me,DNS:git.webdevcat.me,DNS:apps.webdevcat.me" -CMD ["sh", "-c", "openresty -p `pwd` -g 'daemon off;'"] +# CMD ["sh", "-c", "openresty -p `pwd` -g 'daemon off;'"] +CMD ["bash"] diff --git a/Dockerfile.buildpack b/Dockerfile.buildpack new file mode 100644 index 0000000..98092d4 --- /dev/null +++ b/Dockerfile.buildpack @@ -0,0 +1,82 @@ +# Dockerfile - buildpack-deps +# https://github.com/openresty/docker-openresty + +ARG RESTY_IMAGE_BASE="buildpack-deps" +ARG RESTY_IMAGE_TAG="bookworm" + +FROM ${RESTY_IMAGE_BASE}:${RESTY_IMAGE_TAG} + +LABEL maintainer="Evan Wies " + +# RESTY_DEB_FLAVOR build argument is used to select other +# OpenResty Debian package variants. +# For example: "-debug" or "-valgrind" +ARG RESTY_DEB_FLAVOR="" +ARG RESTY_DEB_VERSION="=1.27.1.2-1~bookworm1" +ARG RESTY_APT_REPO="https://openresty.org/package/debian" +ARG RESTY_APT_PGP="https://openresty.org/package/pubkey.gpg" +ARG RESTY_APT_ARCH="amd64" +ARG RESTY_IMAGE_BASE="buildpack-deps" +ARG RESTY_IMAGE_TAG="bookworm" + +ARG RESTY_LUAROCKS_VERSION="3.12.2" + +LABEL resty_image_base="${RESTY_IMAGE_BASE}" +LABEL resty_image_tag="${RESTY_IMAGE_TAG}" +LABEL resty_apt_repo="${RESTY_APT_REPO}" +LABEL resty_apt_pgp="${RESTY_APT_PGP}" +LABEL resty_apt_arch="${RESTY_APT_ARCH}" +LABEL resty_deb_flavor="${RESTY_DEB_FLAVOR}" +LABEL resty_deb_version="${RESTY_DEB_VERSION}" +LABEL resty_luarocks_version="${RESTY_LUAROCKS_VERSION}}" + +# Install OpenResty +RUN wget -qO - ${RESTY_APT_PGP} | gpg --dearmor > /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && chown root:root /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && chmod ugo+r /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && chmod go-w /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ + && echo "deb [arch=$RESTY_APT_ARCH signed-by=/etc/apt/trusted.gpg.d/openresty-keyring.gpg] $RESTY_APT_REPO $(grep -Po 'VERSION="[0-9]+ \(\K[^)]+' /etc/os-release) openresty" | tee /etc/apt/sources.list.d/openresty.list \ + && DEBIAN_FRONTEND=noninteractive apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + openresty${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ + openresty-resty${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ + openresty-opm${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ + openresty-openssl3${RESTY_DEB_FLAVOR}-dev \ + openresty-pcre2${RESTY_DEB_FLAVOR}-dev \ + openresty-zlib${RESTY_DEB_FLAVOR}-dev \ + && mkdir -p /var/run/openresty \ + && ln -sf /dev/stdout /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/logs/access.log \ + && ln -sf /dev/stderr /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/logs/error.log + +# Install LuaRocks +RUN curl -fSL https://luarocks.github.io/luarocks/releases/luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -o luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ + && tar xzf luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ + && cd luarocks-${RESTY_LUAROCKS_VERSION} \ + && ./configure \ + --prefix=/usr/local/openresty/luajit \ + --with-lua=/usr/local/openresty/luajit \ + --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 \ + && make build \ + && make install \ + && cd /tmp \ + && rm -rf luarocks-${RESTY_LUAROCKS_VERSION} luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz + +# Add additional binaries into PATH for convenience +ENV PATH="$PATH:/usr/local/openresty${RESTY_DEB_FLAVOR}/luajit/bin:/usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/sbin:/usr/local/openresty${RESTY_DEB_FLAVOR}/bin" + +# Add LuaRocks paths +# If OpenResty changes, these may need updating: +# /usr/local/openresty/bin/resty -e 'print(package.path)' +# /usr/local/openresty/bin/resty -e 'print(package.cpath)' +ENV LUA_PATH="/usr/local/openresty/site/lualib/?.ljbc;/usr/local/openresty/site/lualib/?/init.ljbc;/usr/local/openresty/lualib/?.ljbc;/usr/local/openresty/lualib/?/init.ljbc;/usr/local/openresty/site/lualib/?.lua;/usr/local/openresty/site/lualib/?/init.lua;/usr/local/openresty/lualib/?.lua;/usr/local/openresty/lualib/?/init.lua;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua" +ENV LUA_CPATH="/usr/local/openresty/site/lualib/?.so;/usr/local/openresty/lualib/?.so;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so" + +# Copy nginx configuration files +COPY nginx.conf /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/conf/nginx.conf +COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf + +CMD ["/usr/bin/openresty", "-g", "daemon off;"] + +# Use SIGQUIT instead of default SIGTERM to cleanly drain requests +# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls +STOPSIGNAL SIGQUIT -- 2.39.5 From 55356c74332c377c9c606260f35195314c364c49 Mon Sep 17 00:00:00 2001 From: Catalin Constantin Mititiuc Date: Mon, 24 Nov 2025 20:40:39 -0800 Subject: [PATCH 3/7] Trixie buildpack Dockerfile --- Dockerfile | 91 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 52 insertions(+), 39 deletions(-) diff --git a/Dockerfile b/Dockerfile index a912ce6..d4557d6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,18 +13,11 @@ RUN apt-get update && apt-get install -y \ python3-pygments lua-inotify wget curl tar make && \ wget -q -O $pkgname $pkgurl && dpkg -i $pkgname && rm $pkgname -WORKDIR /opt/app - -# COPY openresty.source /etc/apt/sources.list.d/ -# RUN cat openresty.source >> /etc/apt/sources.list.d/debian.sources -# RUN echo "$(cat openresty.source)" >> /etc/apt/sources.list.d/debian.sources - RUN wget -qO - https://openresty.org/package/pubkey.gpg | gpg --dearmor > /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ && chown root:root /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ && chmod ugo+r /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ && chmod go-w /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ - && echo "Types: deb\nURIs: https://openresty.org/package/debian\nSuites: bookworm\nComponents: openresty\nEnabled: yes\nSigned-By: /etc/apt/trusted.gpg.d/openresty-keyring.gpg" >> /etc/apt/sources.list.d/debian.sources \ - && echo "$(cat /etc/apt/sources.list.d/debian.sources)" \ + && echo "\nTypes: deb\nURIs: https://openresty.org/package/debian\nSuites: bookworm\nComponents: openresty\nEnabled: yes\nSigned-By: /etc/apt/trusted.gpg.d/openresty-keyring.gpg" >> /etc/apt/sources.list.d/debian.sources \ && DEBIAN_FRONTEND=noninteractive apt-get update \ && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ openresty${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ @@ -38,42 +31,62 @@ RUN wget -qO - https://openresty.org/package/pubkey.gpg | gpg --dearmor > /etc/a && ln -sf /dev/stderr /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/logs/error.log # Install LuaRocks -# RUN curl -fSL https://luarocks.github.io/luarocks/releases/luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -o luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ -# && tar xzf luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ -# && cd luarocks-${RESTY_LUAROCKS_VERSION} \ -# && mkdir -p /usr/local/openresty/luajit \ -# && ./configure \ -# --prefix=/usr/local/openresty/luajit \ -# --with-lua=/usr/local/openresty/luajit \ -# --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 \ -# && make build \ -# && make install \ -# && cd /tmp \ -# && rm -rf luarocks-${RESTY_LUAROCKS_VERSION} luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz +RUN curl -fSL https://luarocks.github.io/luarocks/releases/luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -o luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ + && tar xzf luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ + && cd luarocks-${RESTY_LUAROCKS_VERSION} \ + && mkdir -p /usr/local/openresty/luajit \ + && ./configure \ + --prefix=/usr/local/openresty/luajit \ + --with-lua=/usr/local/openresty/luajit \ + --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 \ + && make build \ + && make install \ + && cd /tmp \ + && rm -rf luarocks-${RESTY_LUAROCKS_VERSION} luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -# RUN luarocks install sitegen +# Add additional binaries into PATH for convenience +ENV PATH="$PATH:/usr/local/openresty${RESTY_DEB_FLAVOR}/luajit/bin:/usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/sbin:/usr/local/openresty${RESTY_DEB_FLAVOR}/bin" + +# Add LuaRocks paths +# If OpenResty changes, these may need updating: +# /usr/local/openresty/bin/resty -e 'print(package.path)' +# /usr/local/openresty/bin/resty -e 'print(package.cpath)' +ENV LUA_PATH="/usr/local/openresty/site/lualib/?.ljbc;/usr/local/openresty/site/lualib/?/init.ljbc;/usr/local/openresty/lualib/?.ljbc;/usr/local/openresty/lualib/?/init.ljbc;/usr/local/openresty/site/lualib/?.lua;/usr/local/openresty/site/lualib/?/init.lua;/usr/local/openresty/lualib/?.lua;/usr/local/openresty/lualib/?/init.lua;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua" +ENV LUA_CPATH="/usr/local/openresty/site/lualib/?.so;/usr/local/openresty/lualib/?.so;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so" + +WORKDIR /opt/app + +# Copy nginx configuration files +COPY nginx.conf /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/conf/nginx.conf +COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf + +RUN luarocks install sitegen # needed for sitegen watcher -# RUN luarocks install inotify INOTIFY_INCDIR=/usr/include/x86_64-linux-gnu/ +RUN luarocks install inotify INOTIFY_INCDIR=/usr/include/x86_64-linux-gnu/ # needed for testing -# RUN luarocks install busted -# RUN luarocks install luajit-curl -# RUN luarocks install luasocket # needed for testing nginx reverse proxy +RUN luarocks install busted +RUN luarocks install luajit-curl +RUN luarocks install luasocket # needed for testing nginx reverse proxy -# RUN mkdir -p /var/www/certs/miti.sh \ -# && openssl req -x509 -newkey rsa:4096 -nodes \ -# -keyout /var/www/certs/miti.sh/privkey.pem \ -# -out /var/www/certs/miti.sh/fullchain.pem \ -# -sha256 -days 365 -subj '/CN=miti.sh' \ -# -addext "subjectAltName=DNS:miti.sh,DNS:git.miti.sh,DNS:apps.miti.sh" +RUN mkdir -p /var/www/certs/miti.sh \ + && openssl req -x509 -newkey rsa:4096 -nodes \ + -keyout /var/www/certs/miti.sh/privkey.pem \ + -out /var/www/certs/miti.sh/fullchain.pem \ + -sha256 -days 365 -subj '/CN=miti.sh' \ + -addext "subjectAltName=DNS:miti.sh,DNS:git.miti.sh,DNS:apps.miti.sh" -# RUN mkdir -p /var/www/certs/webdevcat.me \ -# && openssl req -x509 -newkey rsa:4096 -nodes \ -# -keyout /var/www/certs/webdevcat.me/privkey.pem \ -# -out /var/www/certs/webdevcat.me/fullchain.pem \ -# -sha256 -days 365 -subj '/CN=webdevcat.me' \ -# -addext "subjectAltName=DNS:webdevcat.me,DNS:git.webdevcat.me,DNS:apps.webdevcat.me" +RUN mkdir -p /var/www/certs/webdevcat.me \ + && openssl req -x509 -newkey rsa:4096 -nodes \ + -keyout /var/www/certs/webdevcat.me/privkey.pem \ + -out /var/www/certs/webdevcat.me/fullchain.pem \ + -sha256 -days 365 -subj '/CN=webdevcat.me' \ + -addext "subjectAltName=DNS:webdevcat.me,DNS:git.webdevcat.me,DNS:apps.webdevcat.me" + +CMD ["sh", "-c", "openresty -p `pwd` -g 'daemon off;'"] + +# Use SIGQUIT instead of default SIGTERM to cleanly drain requests +# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls +STOPSIGNAL SIGQUIT -# CMD ["sh", "-c", "openresty -p `pwd` -g 'daemon off;'"] -CMD ["bash"] -- 2.39.5 From 5787bc4e0205c87e0afecfe2e74dbf836b85b6d7 Mon Sep 17 00:00:00 2001 From: Catalin Constantin Mititiuc Date: Tue, 25 Nov 2025 15:21:10 -0800 Subject: [PATCH 4/7] Add 'make shell' command --- Dockerfile | 1 - Makefile | 3 +++ README.md | 4 ++++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d4557d6..e03d4d5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,3 @@ -# FROM openresty/openresty:bookworm-buildpack FROM buildpack-deps:trixie ARG version=3.8.2.1 diff --git a/Makefile b/Makefile index 74c9081..9bb360e 100644 --- a/Makefile +++ b/Makefile @@ -5,6 +5,9 @@ serve: docker run --rm -it --init -v $(PWD):/opt/app -p 8080:80 $(image) \ sh -c "openresty -p /opt/app -g 'daemon off;' -c conf/dev.nginx.conf" +shell: + docker run --rm -it --init -v $(PWD):/opt/app -p 8080:80 $(image) bash + build: $(if $(file), $(docker-run) sitegen build $(file), $(docker-run) sitegen) diff --git a/README.md b/README.md index e59508c..3f1f34d 100644 --- a/README.md +++ b/README.md @@ -66,6 +66,10 @@ Visit `localhost:8080` in web browser +### start a shell + + $ make shell + ### start watcher $ docker exec -it container_name sitegen watch -- 2.39.5 From ca71fd717456fcbb526b17cc32e983d9dbbc14ab Mon Sep 17 00:00:00 2001 From: Catalin Constantin Mititiuc Date: Tue, 25 Nov 2025 15:23:12 -0800 Subject: [PATCH 5/7] Add default nginx files for building current Docker image --- nginx.conf | 117 ++++++++++++++++++++++++++++++++++++++++++ nginx.vh.default.conf | 58 +++++++++++++++++++++ 2 files changed, 175 insertions(+) create mode 100644 nginx.conf create mode 100644 nginx.vh.default.conf diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 0000000..29bc085 --- /dev/null +++ b/nginx.conf @@ -0,0 +1,117 @@ + +#user nobody; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/nginx.vh.default.conf b/nginx.vh.default.conf new file mode 100644 index 0000000..3ad9572 --- /dev/null +++ b/nginx.vh.default.conf @@ -0,0 +1,58 @@ +# nginx.vh.default.conf -- docker-openresty +# +# This file is installed to: +# `/etc/nginx/conf.d/default.conf` +# +# It tracks the `server` section of the upstream OpenResty's `nginx.conf`. +# +# This config (and any other configs in `etc/nginx/conf.d/`) is loaded by +# default by the `include` directive in `/usr/local/openresty/nginx/conf/nginx.conf`. +# +# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files +# + + +server { + listen 80; + server_name localhost; + + #charset koi8-r; + #access_log /var/log/nginx/host.access.log main; + + location / { + root /usr/local/openresty/nginx/html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/local/openresty/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root /usr/local/openresty/nginx/html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} -- 2.39.5 From a314cd9e6ecd0e2ec1fb0fefe60e75664004ee0f Mon Sep 17 00:00:00 2001 From: Catalin Constantin Mititiuc Date: Tue, 25 Nov 2025 15:28:14 -0800 Subject: [PATCH 6/7] Remove Dockerfile.buildpack --- Dockerfile.buildpack | 82 -------------------------------------------- 1 file changed, 82 deletions(-) delete mode 100644 Dockerfile.buildpack diff --git a/Dockerfile.buildpack b/Dockerfile.buildpack deleted file mode 100644 index 98092d4..0000000 --- a/Dockerfile.buildpack +++ /dev/null @@ -1,82 +0,0 @@ -# Dockerfile - buildpack-deps -# https://github.com/openresty/docker-openresty - -ARG RESTY_IMAGE_BASE="buildpack-deps" -ARG RESTY_IMAGE_TAG="bookworm" - -FROM ${RESTY_IMAGE_BASE}:${RESTY_IMAGE_TAG} - -LABEL maintainer="Evan Wies " - -# RESTY_DEB_FLAVOR build argument is used to select other -# OpenResty Debian package variants. -# For example: "-debug" or "-valgrind" -ARG RESTY_DEB_FLAVOR="" -ARG RESTY_DEB_VERSION="=1.27.1.2-1~bookworm1" -ARG RESTY_APT_REPO="https://openresty.org/package/debian" -ARG RESTY_APT_PGP="https://openresty.org/package/pubkey.gpg" -ARG RESTY_APT_ARCH="amd64" -ARG RESTY_IMAGE_BASE="buildpack-deps" -ARG RESTY_IMAGE_TAG="bookworm" - -ARG RESTY_LUAROCKS_VERSION="3.12.2" - -LABEL resty_image_base="${RESTY_IMAGE_BASE}" -LABEL resty_image_tag="${RESTY_IMAGE_TAG}" -LABEL resty_apt_repo="${RESTY_APT_REPO}" -LABEL resty_apt_pgp="${RESTY_APT_PGP}" -LABEL resty_apt_arch="${RESTY_APT_ARCH}" -LABEL resty_deb_flavor="${RESTY_DEB_FLAVOR}" -LABEL resty_deb_version="${RESTY_DEB_VERSION}" -LABEL resty_luarocks_version="${RESTY_LUAROCKS_VERSION}}" - -# Install OpenResty -RUN wget -qO - ${RESTY_APT_PGP} | gpg --dearmor > /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ - && chown root:root /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ - && chmod ugo+r /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ - && chmod go-w /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ - && echo "deb [arch=$RESTY_APT_ARCH signed-by=/etc/apt/trusted.gpg.d/openresty-keyring.gpg] $RESTY_APT_REPO $(grep -Po 'VERSION="[0-9]+ \(\K[^)]+' /etc/os-release) openresty" | tee /etc/apt/sources.list.d/openresty.list \ - && DEBIAN_FRONTEND=noninteractive apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - openresty${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ - openresty-resty${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ - openresty-opm${RESTY_DEB_FLAVOR}${RESTY_DEB_VERSION} \ - openresty-openssl3${RESTY_DEB_FLAVOR}-dev \ - openresty-pcre2${RESTY_DEB_FLAVOR}-dev \ - openresty-zlib${RESTY_DEB_FLAVOR}-dev \ - && mkdir -p /var/run/openresty \ - && ln -sf /dev/stdout /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/logs/access.log \ - && ln -sf /dev/stderr /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/logs/error.log - -# Install LuaRocks -RUN curl -fSL https://luarocks.github.io/luarocks/releases/luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz -o luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ - && tar xzf luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz \ - && cd luarocks-${RESTY_LUAROCKS_VERSION} \ - && ./configure \ - --prefix=/usr/local/openresty/luajit \ - --with-lua=/usr/local/openresty/luajit \ - --with-lua-include=/usr/local/openresty/luajit/include/luajit-2.1 \ - && make build \ - && make install \ - && cd /tmp \ - && rm -rf luarocks-${RESTY_LUAROCKS_VERSION} luarocks-${RESTY_LUAROCKS_VERSION}.tar.gz - -# Add additional binaries into PATH for convenience -ENV PATH="$PATH:/usr/local/openresty${RESTY_DEB_FLAVOR}/luajit/bin:/usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/sbin:/usr/local/openresty${RESTY_DEB_FLAVOR}/bin" - -# Add LuaRocks paths -# If OpenResty changes, these may need updating: -# /usr/local/openresty/bin/resty -e 'print(package.path)' -# /usr/local/openresty/bin/resty -e 'print(package.cpath)' -ENV LUA_PATH="/usr/local/openresty/site/lualib/?.ljbc;/usr/local/openresty/site/lualib/?/init.ljbc;/usr/local/openresty/lualib/?.ljbc;/usr/local/openresty/lualib/?/init.ljbc;/usr/local/openresty/site/lualib/?.lua;/usr/local/openresty/site/lualib/?/init.lua;/usr/local/openresty/lualib/?.lua;/usr/local/openresty/lualib/?/init.lua;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua" -ENV LUA_CPATH="/usr/local/openresty/site/lualib/?.so;/usr/local/openresty/lualib/?.so;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so" - -# Copy nginx configuration files -COPY nginx.conf /usr/local/openresty${RESTY_DEB_FLAVOR}/nginx/conf/nginx.conf -COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf - -CMD ["/usr/bin/openresty", "-g", "daemon off;"] - -# Use SIGQUIT instead of default SIGTERM to cleanly drain requests -# See https://github.com/openresty/docker-openresty/blob/master/README.md#tips--pitfalls -STOPSIGNAL SIGQUIT -- 2.39.5 From 5abad632c69db4b66cc54ec4b5be7c382add90f0 Mon Sep 17 00:00:00 2001 From: Catalin Constantin Mititiuc Date: Tue, 25 Nov 2025 15:38:35 -0800 Subject: [PATCH 7/7] Remove unnecessary apt package installs from Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e03d4d5..bce9aee 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,7 +9,7 @@ ARG RESTY_DEB_VERSION="=1.27.1.2-1~bookworm1" ARG RESTY_LUAROCKS_VERSION="3.12.2" RUN apt-get update && apt-get install -y \ - python3-pygments lua-inotify wget curl tar make && \ + python3-pygments lua-inotify wget && \ wget -q -O $pkgname $pkgurl && dpkg -i $pkgname && rm $pkgname RUN wget -qO - https://openresty.org/package/pubkey.gpg | gpg --dearmor > /etc/apt/trusted.gpg.d/openresty-keyring.gpg \ -- 2.39.5