46 lines
1.6 KiB
Docker
46 lines
1.6 KiB
Docker
FROM nginx:1.26-bookworm
|
|
|
|
ENV TZ=Asia/Seoul
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
|
|
# ========================================
|
|
# 1. Base packages & timezone setup
|
|
# ========================================
|
|
RUN apt-get update && \
|
|
apt-get install -y --no-install-recommends apt-utils && \
|
|
apt-get install -yq tzdata && \
|
|
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
|
|
|
|
# ========================================
|
|
# 2. Required packages
|
|
# ========================================
|
|
RUN apt-get install -y sendmail wget gnupg ca-certificates
|
|
|
|
# ========================================
|
|
# 3. Cron & Certbot (SSL auto-renewal)
|
|
# ========================================
|
|
RUN apt-get install -y cron certbot python3-certbot-nginx
|
|
|
|
# ========================================
|
|
# 4. CA certificates
|
|
# ========================================
|
|
RUN update-ca-certificates && \
|
|
chmod 644 /etc/ssl/certs/ca-certificates.crt
|
|
|
|
# ========================================
|
|
# 5. Cleanup
|
|
# ========================================
|
|
RUN apt-get autoremove -y && \
|
|
apt-get clean && \
|
|
rm -rf /var/lib/apt/lists/*
|
|
|
|
# ========================================
|
|
# 6. Certbot auto-renewal cron job
|
|
# ========================================
|
|
RUN crontab -l 2>/dev/null | { cat; echo "0 5 * * 1 certbot renew --quiet --deploy-hook \"nginx -t && service nginx reload\" >> /log/nginx/crontab_\$(date +\%Y\%m\%d).log 2>&1"; } | crontab -
|
|
|
|
# ========================================
|
|
# 7. Add cron to nginx entrypoint
|
|
# ========================================
|
|
RUN sed -i'' -r -e "/set/i\cron" /docker-entrypoint.sh || true
|