mirror of
https://github.com/NginxProxyManager/docker-nginx-full.git
synced 2026-05-18 07:40:36 +00:00
Jamie Curnow
77 lines
2.0 KiB
Docker
77 lines
2.0 KiB
Docker
ARG BASE_IMAGE=nginxproxymanager/nginx-full:latest
|
|
|
|
#############
|
|
# Certbot Builder
|
|
#############
|
|
|
|
FROM debian:bookworm-slim AS certbotbuilder
|
|
|
|
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
|
|
|
|
RUN apt-get update
|
|
RUN apt-get install -y \
|
|
build-essential \
|
|
ca-certificates \
|
|
curl \
|
|
libaugeas0 \
|
|
libffi-dev \
|
|
libssl-dev \
|
|
openssl \
|
|
pkg-config \
|
|
python3 \
|
|
python3-dev \
|
|
python3-venv
|
|
|
|
ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
|
|
|
|
# Yes, python compilation requires rust.
|
|
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
|
|
ENV PATH="/root/.cargo/bin:$PATH"
|
|
|
|
# It's all about pip now.
|
|
RUN python3 -m venv /opt/certbot/
|
|
ENV PATH="/opt/certbot/bin:$PATH"
|
|
|
|
RUN curl -L 'https://bootstrap.pypa.io/get-pip.py' | python3
|
|
|
|
RUN pip install --no-cache-dir --upgrade pyopenssl \
|
|
&& pip install --no-cache-dir cffi certbot==4.2.0 cryptography \
|
|
&& pip install tldextract zope pip-system-certs
|
|
|
|
#############
|
|
# Final Image
|
|
#############
|
|
FROM $BASE_IMAGE AS final
|
|
ARG BASE_IMAGE
|
|
ARG TARGETPLATFORM
|
|
|
|
LABEL maintainer="Jamie Curnow <jc@jc21.com>"
|
|
|
|
RUN echo "Certbot: $BASE_IMAGE, ${TARGETPLATFORM:-linux/amd64}" >> /built-for-arch
|
|
|
|
COPY scripts/install-cert-prune /tmp/install-cert-prune
|
|
RUN /tmp/install-cert-prune "${TARGETPLATFORM:-linux/amd64}" && rm -f /tmp/install-cert-prune
|
|
|
|
# OpenResty uses LuaJIT which has a dependency on GCC
|
|
RUN apt-get update \
|
|
&& apt-get install -y --no-install-recommends \
|
|
python3 \
|
|
python3-distutils \
|
|
python3-venv \
|
|
&& apt-get clean \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
COPY ./files/.bashrc.certbot /root/.bashrc
|
|
|
|
# Copy certbot
|
|
COPY --from=certbotbuilder /opt/certbot /opt/certbot
|
|
|
|
ENV PATH="/opt/certbot/bin:$PATH"
|
|
|
|
RUN python3 -m venv /opt/certbot/ \
|
|
&& curl -L 'https://bootstrap.pypa.io/get-pip.py' | /opt/certbot/bin/python3 \
|
|
&& sed -i 's/include-system-site-packages = false/include-system-site-packages = true/g' -i /opt/certbot/pyvenv.cfg \
|
|
&& ln -s /opt/certbot/bin/certbot /usr/bin/certbot
|
|
|
|
LABEL org.label-schema.cmd="docker run --rm -ti nginxproxymanager/nginx-full:certbot"
|