Merge pull request #9 from devilbox/release-0.15

WIP: Add HTTPS support

Author: cytopia

.travis.yml

@@ -71,7 +71,7 @@ jobs:
             elif [ "${TRAVIS_BRANCH}" == "master" ]; then
               docker build --no-cache=true -t "${IMAGE}:latest" . &&
               docker images;
-            elif [[ ${TRAVIS_BRANCH} =~ ^(release[/-][.0-9]+)$ ]]; then
+            elif [[ ${TRAVIS_BRANCH} =~ ^(release-[.0-9]+)$ ]]; then
               docker build --no-cache=true -t "${IMAGE}:${TRAVIS_BRANCH}" . &&
               docker images;
             else
@@ -91,7 +91,7 @@ jobs:
             elif [ "${TRAVIS_BRANCH}" == "master" ]; then
               echo "Pushing ${IMAGE}:latest" &&
               docker push "${IMAGE}:latest";
-            elif [[ ${TRAVIS_BRANCH} =~ ^(release[/-][.0-9]+)$ ]]; then
+            elif [[ ${TRAVIS_BRANCH} =~ ^(release-[.0-9]+)$ ]]; then
               echo "Pushing ${IMAGE}:${TRAVIS_BRANCH}" &&
               docker push "${IMAGE}:${TRAVIS_BRANCH}";
             else

Dockerfile

@@ -3,14 +3,29 @@ MAINTAINER "cytopia" <[email protected]>
 
 
 ###
-### Labels
+### Build arguments
 ###
-LABEL \
-	name="cytopia's Nginx Image" \
-	image="nginx-stable" \
-	vendor="devilbox" \
-	license="MIT" \
-	build-date="2017-10-01"
+ARG VHOST_GEN_GIT_REF=0.5
+ARG CERT_GEN_GIT_REF=0.2
+
+ENV BUILD_DEPS \
+	git \
+	make \
+	wget
+
+ENV RUN_DEPS \
+	ca-certificates \
+	python-yaml \
+	supervisor
+
+
+###
+### Runtime arguments
+###
+ENV MY_USER=nginx
+ENV MY_GROUP=nginx
+ENV HTTPD_START="/usr/sbin/nginx"
+ENV HTTPD_RELOAD="nginx -s reload"
 
 
 ###
@@ -22,40 +37,36 @@ RUN set -x \
 	&& apt-get update \
 	&& apt-get upgrade -y \
 	&& apt-get install --no-install-recommends --no-install-suggests -y \
-		make \
-		python-yaml \
-		supervisor \
-		wget \
-	&& rm -rf /var/lib/apt/lists/* \
-	&& apt-get purge -y --auto-remove
-
-# vhost-gen
-RUN set -x \
-	&& wget --no-check-certificate -O vhost_gen.tar.gz https://github.com/devilbox/vhost-gen/archive/master.tar.gz \
-	&& tar xfvz vhost_gen.tar.gz \
-	&& cd vhost-gen-master \
+		${BUILD_DEPS} \
+		${RUN_DEPS} \
+	\
+	# Install vhost-gen
+	&& git clone https://github.com/devilbox/vhost-gen \
+	&& cd vhost-gen \
+	&& git checkout "${VHOST_GEN_GIT_REF}" \
 	&& make install \
 	&& cd .. \
-	&& rm -rf vhost*gen*
-
-# watcherd
-RUN set -x \
+	&& rm -rf vhost*gen* \
+	\
+	# Install cert-gen
+	&& wget --no-check-certificate -O /usr/bin/ca-gen https://raw.githubusercontent.com/devilbox/cert-gen/${CERT_GEN_GIT_REF}/bin/ca-gen \
+	&& wget --no-check-certificate -O /usr/bin/cert-gen https://raw.githubusercontent.com/devilbox/cert-gen/${CERT_GEN_GIT_REF}/bin/cert-gen \
+	&& chmod +x /usr/bin/ca-gen \
+	&& chmod +x /usr/bin/cert-gen \
+	\
+	# Install watcherd
 	&& wget --no-check-certificate -O /usr/bin/watcherd https://raw.githubusercontent.com/devilbox/watcherd/master/watcherd \
-	&& chmod +x /usr/bin/watcherd
-
-# cleanup
-RUN set -x \
-	&& apt-get update \
-	&& apt-get remove -y \
-		make \
-		wget \
-	&& apt-get autoremove -y \
-	&& rm -rf /var/lib/apt/lists/* \
-	&& apt-get purge -y --auto-remove
+	&& chmod +x /usr/bin/watcherd \
+	\
+	# Clean-up
+	&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps \
+		${BUILD_DEPS} \
+	&& rm -rf /var/lib/apt/lists/*
 
 # Add custom config directive to httpd server
 RUN set -x \
-	&& sed -i'' 's|^\s*include.*conf\.d/.*|    include /etc/httpd-custom.d/*.conf;\n    include /etc/httpd/conf.d/*.conf;\n    include /etc/httpd/vhost.d/*.conf;\n|g' /etc/nginx/nginx.conf
+	&& sed -i'' 's|^\s*include.*conf\.d/.*|    include /etc/httpd-custom.d/*.conf;\n    include /etc/httpd/conf.d/*.conf;\n    include /etc/httpd/vhost.d/*.conf;\n|g' /etc/nginx/nginx.conf \
+	&& echo "daemon off;" >> /etc/nginx/nginx.conf
 
 # create directories
 RUN set -x \
@@ -65,28 +76,31 @@ RUN set -x \
 	&& mkdir -p /var/www/default/htdocs \
 	&& mkdir -p /shared/httpd \
 	&& chmod 0775 /shared/httpd \
-	&& chown nginx:nginx /shared/httpd
+	&& chown ${MY_USER}:${MY_GROUP} /shared/httpd
 
 
 ###
 ### Copy files
 ###
-COPY ./data/vhost-gen/conf.yml /etc/vhost-gen/conf.yml
 COPY ./data/vhost-gen/main.yml /etc/vhost-gen/main.yml
-COPY ./data/supervisord.conf /etc/supervisord.conf
+COPY ./data/vhost-gen/mass.yml /etc/vhost-gen/mass.yml
+COPY ./data/create-vhost.sh /usr/local/bin/create-vhost.sh
+COPY ./data/docker-entrypoint.d /docker-entrypoint.d
 COPY ./data/docker-entrypoint.sh /docker-entrypoint.sh
 
 
 ###
 ### Ports
 ###
 EXPOSE 80
+EXPOSE 443
 
 
 ###
 ### Volumes
 ###
 VOLUME /shared/httpd
+VOLUME /ca
 
 
 ###

README.md

@@ -1,24 +1,22 @@
-# Nginx stable Docker
+# Nginx stable Docker image
 
-[![Devilbox](https://raw.githubusercontent.com/cytopia/devilbox/master/.devilbox/www/htdocs/assets/img/devilbox_80.png)](https://github.com/cytopia/devilbox)
+[![Build Status](https://travis-ci.org/devilbox/docker-nginx-stable.svg?branch=master)](https://travis-ci.org/devilbox/docker-nginx-stable)
+[![release](https://img.shields.io/github/release/devilbox/docker-nginx-stable.svg)](https://github.com/devilbox/docker-nginx-stable/releases)
+[![Join the chat at https://gitter.im/devilbox/Lobby](https://badges.gitter.im/devilbox/Lobby.svg)](https://gitter.im/devilbox/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Github](https://img.shields.io/badge/github-docker--nginx--stable-red.svg)](https://github.com/devilbox/docker-nginx-stable)
+[![](https://images.microbadger.com/badges/license/devilbox/nginx-stable.svg)](https://microbadger.com/images/devilbox/nginx-stable "nginx-stable")
 
-<sub>This Docker image is part of the **[devilbox](https://github.com/cytopia/devilbox)**.</sub>
+**[devilbox/docker-nginx-stable](https://github.com/devilbox/docker-nginx-stable)**
 
-**[Apache 2.2](https://github.com/devilbox/docker-apache-2.2) | [Apache 2.4](https://github.com/devilbox/docker-apache-2.4) | Nginx stable | [Nginx mainline](https://github.com/devilbox/docker-nginx-mainline)**
-
-[![Build Status](https://travis-ci.org/devilbox/docker-nginx-stable.svg?branch=master)](https://travis-ci.org/devilbox/docker-nginx-stable) [![](https://images.microbadger.com/badges/version/devilbox/nginx-stable.svg)](https://microbadger.com/images/devilbox/nginx-stable "nginx-stable") [![](https://images.microbadger.com/badges/image/devilbox/nginx-stable.svg)](https://microbadger.com/images/devilbox/nginx-stable "nginx-stable") [![](https://images.microbadger.com/badges/license/devilbox/nginx-stable.svg)](https://microbadger.com/images/devilbox/nginx-stable "nginx-stable")
+This image is based on the official **[Nginx](https://hub.docker.com/_/nginx)** Docker image and extends it with the ability to have **virtual hosts created automatically**, as well as **adding SSL certificates** when creating new directories. For that to work, it integrates two tools that will take care about the whole process: **[watcherd](https://github.com/devilbox/watcherd)** and **[vhost-gen](https://github.com/devilbox/vhost-gen)**.
 
-This image is based on the official **[Nginx (stable)](https://hub.docker.com/_/nginx/)** Docker image and extends it with the ability to have **virtual hosts created automatically** when adding new directories. For that to work, it integrates two tools that will take care about the whole process: **[watcherd](https://github.com/devilbox/watcherd)** and **[vhost-gen](https://github.com/devilbox/vhost-gen)**.
+From a users perspective, you mount your local project directory into the container under `/shared/httpd`. Any directory then created in your local project directory wil spawn a new virtual host by the same name. Additional settings such as custom server names, PHP-FPM or even different Apache templates per project are supported as well.
 
-From a users perspective, you mount your local project directory into the Docker under `/shared/httpd`. Any directory then created in your local project directory wil spawn a new virtual host by the same name. Additional settings such as custom server names, PHP-FPM or even different nginx templates per project are supported as well.
-
-----
+| Docker Hub | Upstream Project |
+|------------|------------------|
+| <a href="https://hub.docker.com/r/devilbox/nginx-stable"><img height="82px" src="http://dockeri.co/image/devilbox/nginx-stable" /></a> | <a href="https://github.com/cytopia/devilbox" ><img height="82px" src="https://raw.githubusercontent.com/devilbox/artwork/master/submissions_banner/cytopia/01/png/banner_256_trans.png" /></a> |
 
-Find me on **[Docker Hub](https://hub.docker.com/r/devilbox/nginx-stable)**:
-
-[![devilbox/nginx-stable](http://dockeri.co/image/devilbox/nginx-stable)](https://hub.docker.com/r/devilbox/nginx-stable/)
-
-<small>**Latest build:** This container is built every night by [travis-ci](https://travis-ci.org/devilbox/docker-nginx-stable).</small>
+**[Apache 2.2](https://github.com/devilbox/docker-apache-2.2) | [Apache 2.4](https://github.com/devilbox/docker-apache-2.4) | Nginx stable | [Nginx mainline](https://github.com/devilbox/docker-nginx-mainline)**
 
 ----
 
@@ -29,12 +27,16 @@ Find me on **[Docker Hub](https://hub.docker.com/r/devilbox/nginx-stable)**:
 
 1. Automated virtual hosts can be enabled by providing `-e MASS_VHOST_ENABLE=1`.
 2. You should mount a local project directory into the Docker under `/shared/httpd` (`-v /local/path:/shared/httpd`).
-3. You can optionally specify a global server name suffix via e.g.: `-e MASS_VHOST_TLD=.local`
+3. You can optionally specify a global server name suffix via e.g.: `-e MASS_VHOST_TLD=.loc`
 4. You can optionally specify a global subdirectory from which the virtual host will servve the documents via e.g.: `-e MASS_VHOST_DOCROOT=www`
-4. Allow the Docker to expose its port via `-p 80:80`.
-5. Have DNS names point to the IP address the docker runs on (e.g. via `/etc/hosts`)
+5. Allow the Docker to expose its port via `-p 80:80`.
+6. Have DNS names point to the IP address the container runs on (e.g. via `/etc/hosts`)
 
-With the above described settings, whenever you create a local directory under your projects dir, such as `/local/path/mydir`, there will be a new virtual host created by the same name `http://mydir`. You can also specify a global suffix for the vhost names via `-e MASS_VHOST_TLD=.local`, afterwards your above created vhost would be reachable via `http://mydir.local`.
+With the above described settings, whenever you create a local directory under your projects dir
+such as `/local/path/mydir`, there will be a new virtual host created by the same name
+`http://mydir`. You can also specify a global suffix for the vhost names via
+`-e MASS_VHOST_TLD=.loc`, afterwards your above created vhost would be reachable via
+`http://mydir.loc`.
 
 Just to give you a few examples:
 
@@ -67,7 +69,7 @@ docker run -it \
     -p 80:80 \
     -e MASS_VHOST_ENABLE=1 \
     -e MASS_VHOST_DOCROOT=www \
-    -e MASS_VHOST_TLD=.local \
+    -e MASS_VHOST_TLD=.loc \
     -v /local/path:/shared/httpd \
     devilbox/nginx-stable
 ```
@@ -99,7 +101,7 @@ PHP-FPM is not included inside this Docker container, but can be enabled to cont
 
 #### Disabling the default virtual host
 
-If you only want to server you custom projects and don't need the default virtual host, you can disable it by `-e MAIN_VHOST_DISABLE=1`.
+If you only want to server you custom projects and don't need the default virtual host, you can disable it by `-e MAIN_VHOST_ENABLE=0`.
 
 
 ## Options
@@ -130,7 +132,10 @@ This Docker container adds a lot of injectables in order to customize it to your
 
 | Variable | Type | Default | Description |
 |----------|------|---------|-------------|
-| MAIN_VHOST_DISABLE  | bool   | `0`     | By default there is a standard (catch-all) vhost configured to accept requests served from `/var/www/default/htdocs`. If you want to disable it, set the value to `1`.<br/><strong>Note:</strong>The `htdocs` dir name can be changed with `MAIN_VHOST_DOCROOT`. See below. |
+| MAIN_VHOST_ENABLE  | bool   | `1`     | By default there is a standard (catch-all) vhost configured to accept requests served from `/var/www/default/htdocs`. If you want to disable it, set the value to `0`.<br/><strong>Note:</strong>The `htdocs` dir name can be changed with `MAIN_VHOST_DOCROOT`. See below. |
+| MAIN_VHOST_SSL_TYPE | string | `plain` | <ul><li><code>plain</code> - only serve via http</li><li><code>ssl</code> - only serve via https</li><li><code>both</code> - serve via http and https</li><li><code>redir</code> - serve via https and redirect http to https</li></ul> |
+| MAIN_VHOST_SSL_GEN | bool | `0` | `0`: Do not generate an ssl certificate<br/> `1`: Generate self-signed certificate automatically |
+| MAIN_VHOST_SSL_CN  | string | `localhost` | Comma separated list of CN names for SSL certificate generation (The domain names by which you want to reach the default server) |
 | MAIN_VHOST_DOCROOT  | string | `htdocs`| This is the directory name appended to `/var/www/default/` from which the default virtual host will serve its files.<br/><strong>Default:</strong><br/>`/var/www/default/htdocs`<br/><strong>Example:</strong><br/>`MAIN_VHOST_DOCROOT=www`<br/>Doc root: `/var/www/default/www` | 
 | MAIN_VHOST_TPL      | string | `cfg`   | Directory within th default vhost base path (`/var/www/default`) to look for templates to overwrite virtual host settings. See [vhost-gen](https://github.com/devilbox/vhost-gen/tree/master/etc/templates) for available template files.<br/><strong>Resulting default path:</strong><br/>`/var/www/default/cfg` |
 | MAIN_VHOST_STATUS_ENABLE | bool | `0`  | Enable httpd status page. |
@@ -141,7 +146,9 @@ This Docker container adds a lot of injectables in order to customize it to your
 | Variable | Type | Default | Description |
 |----------|------|---------|-------------|
 | MASS_VHOST_ENABLE   | bool   | `0`     | You can enable mass virtual hosts by setting this value to `1`. Mass virtual hosts will be created for each directory present in `/shared/httpd` by the same name including a top-level domain suffix (which could also be a domain+tld). See `MASS_VHOST_TLD` for how to set it. |
-| MASS_VHOST_TLD      | string | `.local`| This string will be appended to the server name (which is built by its directory name) for mass virtual hosts and together build the final domain.<br/><strong>Default:</strong>`<project>.local`<br/><strong>Example:</strong><br/>Path: `/shared/httpd/temp`<br/>`MASS_VHOST_TLD=.lan`<br/>Server name: `temp.lan`<br/><strong>Example:</strong><br/>Path:`/shared/httpd/api`<br/>`MASS_VHOST_TLD=.example.com`<br/>Server name: `api.example.com` |
+| MASS_VHOST_SSL_TYPE | string | `plain` | <ul><li><code>plain</code> - only serve via http</li><li><code>ssl</code> - only serve via https</li><li><code>both</code> - serve via http and https</li><li><code>redir</code> - serve via https and redirect http to https</li></ul> |
+| MASS_VHOST_SSL_GEN | bool | `0` | `0`: Do not generate an ssl certificate<br/> `1`: Generate self-signed certificate automatically |
+| MASS_VHOST_TLD      | string | `.loc`| This string will be appended to the server name (which is built by its directory name) for mass virtual hosts and together build the final domain.<br/><strong>Default:</strong>`<project>.loc`<br/><strong>Example:</strong><br/>Path: `/shared/httpd/temp`<br/>`MASS_VHOST_TLD=.lan`<br/>Server name: `temp.lan`<br/><strong>Example:</strong><br/>Path:`/shared/httpd/api`<br/>`MASS_VHOST_TLD=.example.com`<br/>Server name: `api.example.com` |
 | MASS_VHOST_DOCROOT  | string | `htdocs`| This is a subdirectory within your project dir under each project from which the web server will serve its files.<br/>`/shared/httpd/<project>/$MASS_VHOST_DOCROOT/`<br/><strong>Default:</strong><br/>`/shared/httpd/<project>/htdocs/` |
 | MASS_VHOST_TPL      | string | `cfg`   | Directory within your new virtual host to look for templates to overwrite virtual host settings. See [vhost-gen](https://github.com/devilbox/vhost-gen/tree/master/etc/templates) for available template files.<br/>`/shared/httpd/<project>/$MASS_VHOST_TPL/`<br/><strong>Resulting default path:</strong><br/>`/shared/httpd/<project>/cfg/` |
 
@@ -159,7 +166,8 @@ This Docker container adds a lot of injectables in order to customize it to your
 
 | Docker | Description |
 |--------|-------------|
-| 80     | Nginx listening Port |
+| 80     | HTTP listening Port |
+| 443    | HTTPS listening Port |
 
 
 ## Examples
@@ -247,8 +255,5 @@ It allows any of the following combinations:
 ## Version
 
 ```
-nginx version: nginx/1.12.1
-built by gcc 6.3.0 20170516 (Debian 6.3.0-18)
-built with OpenSSL 1.1.0f  25 May 2017
-TLS SNI support enabled
+nginx version: nginx/1.14.0
 ```

build/docker-attach.sh

@@ -5,7 +5,8 @@
 ### Globals
 ###
 CWD="$(cd -P -- "$(dirname -- "$0")" && pwd -P)/.."
-
+VEND=devilbox
+NAME=nginx-stable
 
 ###
 ### Funcs
@@ -32,23 +33,6 @@ if [ ! -f "${CWD}/Dockerfile" ]; then
 	exit 1
 fi
 
-# Test Docker name
-if ! grep -q 'image=".*"' "${CWD}/Dockerfile" > /dev/null 2>&1; then
-	echo "No 'image' LABEL found"
-	exit
-fi
-
-# Test Docker vendor
-if ! grep -q 'vendor=".*"' "${CWD}/Dockerfile" > /dev/null 2>&1; then
-	echo "No 'vendor' LABEL found"
-	exit
-fi
-
-# Retrieve values
-NAME="$( grep 'image=".*"' "${CWD}/Dockerfile" | sed 's/^[[:space:]]*//g' | awk -F'"' '{print $2}' )"
-VEND="$( grep -Eo 'vendor="(.*)"' "${CWD}/Dockerfile" | awk -F'"' '{print $2}' )"
-DATE="$( date '+%Y-%m-%d' )"
-
 
 ###
 ### Update Base
@@ -61,21 +45,17 @@ run "docker pull ${MY_BASE}"
 ### Build
 ###
 
-# Update build date
-run "sed -i'' 's/build-date=\".*\"/build-date=\"${DATE}\"/g' ${CWD}/Dockerfile"
-
 # Build Docker
 run "docker build -t ${VEND}/${NAME} ${CWD}"
 
 
 ###
 ### Retrieve information afterwards and Update README.md
 ###
-docker run -d --rm --name my_tmp_${NAME} -t ${VEND}/${NAME}
-INFO="$( docker exec my_tmp_${NAME} httpd -V | grep -E '^Server.*(version|built|Module|loaded|MPM)' )"
-docker stop "$(docker ps | grep "my_tmp_${NAME}" | awk '{print $1}')" > /dev/null
+DID="$( docker run -d --rm -t ${VEND}/${NAME} )"
+INFO="$( docker exec "${DID}" nginx -v 2>&1 )"
+docker stop "${DID}"
 
-INFO="$( echo "${INFO}" | sed 's/\s$//g' )"        # remove trailing space
 echo "${INFO}"
 
 sed -i'' '/##[[:space:]]Version/q' "${CWD}/README.md"