docker
俺でもわかるシリーズ

Nginxをrootで起動しない俺のDockerfile

oredesu

ubuntuベースでroot起動させないnginxつくってみた。

masterプロセスもwww-dataで起動しちゃうのでWARNINGでるけどネ.

COPY元のnginx.confとapp.confはwww-dataなuserで起動するかんじで、適宜vhostsなりupstream書く感じ。


Dockerfile

FROM ubuntu

USER root
RUN apt-get install -y nginx
COPY ./docker-compose/nginx/etc/nginx/nginx.conf /etc/nginx/nginx.conf
COPY ./docker-compose/nginx/etc/nginx/conf.d/app.conf /etc/nginx/conf.d/app.conf
RUN mkdir /var/lib/app
RUN chown -R www-data:root /var/log/nginx
RUN unlink /etc/nginx/sites-enabled/default
RUN mkdir /var/run/nginx
RUN mkdir /var/lib/nginx/body
RUN mkdir /var/lib/nginx/fastcgi
RUN mkdir /var/lib/nginx/proxy
RUN mkdir /var/lib/nginx/scgi
RUN mkdir /var/lib/nginx/uwsgi
RUN chown www-data:root /run/nginx
RUN cd /var/lib/nginx && chown www-data:root body fastcgi proxy scgi uwsgi
RUN chmod 700 /var/lib/nginx/body
RUN chmod 700 /var/lib/nginx/fastcgi
RUN chmod 700 /var/lib/nginx/proxy
RUN chmod 700 /var/lib/nginx/scgi
RUN chmod 700 /var/lib/nginx/uwsgi
USER www-data
WORKDIR /tmp


Command

compose upやrunするときはコレで.

/usr/sbin/nginx -g 'daemon off;' -c /etc/nginx/nginx.conf

完って感じ