Add better docs and comments, complete configs, change nginx & cgi user to nexus, add example scripts
This commit is contained in:
parent
c815426c5a
commit
eb8483ea7f
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
test
|
39
Dockerfile
39
Dockerfile
@ -2,28 +2,33 @@ FROM ubuntu:trusty
|
||||
MAINTAINER Dave P
|
||||
|
||||
# Create nexus user
|
||||
RUN useradd --create-home nexus ; \
|
||||
echo "nexus:nexus" | chpasswd
|
||||
|
||||
# Install nginx
|
||||
RUN apt-get update ;\
|
||||
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron ;\
|
||||
mkdir /start.d /nexus /var/run/sshd ;\
|
||||
chown nexus /nexus
|
||||
|
||||
# Configure nginx
|
||||
RUN echo "daemon off;" >> /etc/nginx/nginx.conf ; cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
|
||||
RUN useradd --create-home nexus && \
|
||||
echo "nexus:nexus" | chpasswd && \
|
||||
apt-get update && \
|
||||
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron && \
|
||||
mkdir /start.d /nexus /var/run/sshd && \
|
||||
chown nexus /nexus && \
|
||||
cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
|
||||
|
||||
# Supervisor confs
|
||||
ADD supervisor.conf /etc/supervisor/conf.d/supervisor.conf
|
||||
ADD nginx.conf /etc/supervisor/conf.d/nginx.conf
|
||||
ADD fcgiwrap.conf /etc/supervisor/conf.d/fcgiwrap.conf
|
||||
ADD sshd.conf /etc/supervisor/conf.d/sshd.conf
|
||||
ADD cron.conf /etc/supervisor/conf.d/cron.conf
|
||||
ADD default /etc/nginx/sites-available/default
|
||||
ADD supervisor-nginx.conf /etc/supervisor/conf.d/nginx.conf
|
||||
ADD supervisor-fcgiwrap.conf /etc/supervisor/conf.d/fcgiwrap.conf
|
||||
ADD supervisor-sshd.conf /etc/supervisor/conf.d/sshd.conf
|
||||
ADD supervisor-cron.conf /etc/supervisor/conf.d/cron.conf
|
||||
|
||||
# nginx confs
|
||||
ADD nginx.conf /etc/nginx/nginx.conf
|
||||
ADD nginx-default /etc/nginx/sites-available/default
|
||||
|
||||
# Startup tasks
|
||||
ADD clear-sockets /start.d/clear-sockets
|
||||
ADD gen-ssh /start.d/gen-ssh
|
||||
ADD start /start
|
||||
|
||||
RUN chmod +x /start.d/clear-sockets
|
||||
RUN chmod +x /start.d/clear-sockets /start
|
||||
|
||||
ENTRYPOINT ["/start"]
|
||||
|
||||
EXPOSE 80
|
||||
EXPOSE 22
|
||||
|
35
README.md
Normal file
35
README.md
Normal file
@ -0,0 +1,35 @@
|
||||
# docker-nexus
|
||||
|
||||
**A nginx/cgi/sshd server for prototyping services or data hubs.**
|
||||
|
||||
## Quick start
|
||||
|
||||
* Clone: `git clone ssh://git@gitlab.xmopx.net:222/dave/docker-nexus.git`
|
||||
* Build: `cd docker-nexus ; docker build -t nexus .`
|
||||
* Run: `docker run nexus`
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
Nexus offers a couple services:
|
||||
|
||||
### SSHD
|
||||
|
||||
For shell related activities, an sshd daemonr runs on the standard port. Username and password, by default, is `nexus`.
|
||||
|
||||
### Nginx
|
||||
|
||||
For accessing data or calling CGI scripts, nginx runs on the standard port. The document root is `/nexus/`.
|
||||
|
||||
### CGI
|
||||
|
||||
Standard CGI scripts can be placed in `/nexus/cgi-bin/`. Some sample scripts exist in `./examples/cgi-scripts/`.
|
||||
|
||||
### Cron
|
||||
|
||||
Cron is present in the container.
|
||||
|
||||
## TODO
|
||||
|
||||
* Allow ssh password to be set by passing an env var
|
||||
* More sample CGI scripts
|
@ -1,3 +1,5 @@
|
||||
#!/bin/sh
|
||||
rm -f /tmp/fcgiwrap.socket
|
||||
|
||||
# Clear any stranded pid/socket files that could cause issues
|
||||
|
||||
rm -f /tmp/fcgiwrap.socket
|
||||
|
25
examples/cgi-scripts/basic.py
Executable file
25
examples/cgi-scripts/basic.py
Executable file
@ -0,0 +1,25 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
import os
|
||||
from urllib.parse import parse_qs
|
||||
import traceback
|
||||
|
||||
def start_response(content_type="text/html", status_code=("200", "OK",)):
|
||||
print('Status: %s %s' % (status_code))
|
||||
print("Content-Type: %s" % content_type)
|
||||
print()
|
||||
|
||||
if __name__ == "__main__":
|
||||
try:
|
||||
|
||||
data = parse_qs(os.environ["QUERY_STRING"])
|
||||
|
||||
assert "yo" in data, "Must pass parameter 'yo' in query string"
|
||||
|
||||
start_response()
|
||||
print("you passed: ?yo=%s" % data["yo"][0])
|
||||
|
||||
except Exception as e:
|
||||
start_response(status_code=('500', "you fucked up"))
|
||||
tb = traceback.format_exc()
|
||||
print('<pre>{}</pre>'.format(tb))
|
3
gen-ssh
3
gen-ssh
@ -1,4 +1,7 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Regenerate ssh key per container
|
||||
|
||||
dpkg-reconfigure openssh-server
|
||||
|
||||
rm /start.d/gen-ssh
|
||||
|
@ -19,5 +19,8 @@ server {
|
||||
fastcgi_pass unix:/tmp/fcgiwrap.socket;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /nexus$fastcgi_script_name;
|
||||
fastcgi_read_timeout 600s;
|
||||
fastcgi_send_timeout 600s;
|
||||
client_max_body_size 1024m;
|
||||
}
|
||||
}
|
77
nginx.conf
77
nginx.conf
@ -1,3 +1,74 @@
|
||||
[program:nginx]
|
||||
command=/usr/sbin/nginx
|
||||
autorestart=true
|
||||
user nexus;
|
||||
worker_processes 4;
|
||||
pid /run/nginx.pid;
|
||||
daemon off;
|
||||
|
||||
events {
|
||||
worker_connections 768;
|
||||
# multi_accept on;
|
||||
}
|
||||
|
||||
http {
|
||||
|
||||
##
|
||||
# Basic Settings
|
||||
##
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
# server_tokens off;
|
||||
|
||||
# server_names_hash_bucket_size 64;
|
||||
# server_name_in_redirect off;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
##
|
||||
# Logging Settings
|
||||
##
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
##
|
||||
# Gzip Settings
|
||||
##
|
||||
|
||||
gzip on;
|
||||
gzip_disable "msie6";
|
||||
|
||||
# gzip_vary on;
|
||||
# gzip_proxied any;
|
||||
# gzip_comp_level 6;
|
||||
# gzip_buffers 16 8k;
|
||||
# gzip_http_version 1.1;
|
||||
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
|
||||
|
||||
##
|
||||
# nginx-naxsi config
|
||||
##
|
||||
# Uncomment it if you installed nginx-naxsi
|
||||
##
|
||||
|
||||
#include /etc/nginx/naxsi_core.rules;
|
||||
|
||||
##
|
||||
# nginx-passenger config
|
||||
##
|
||||
# Uncomment it if you installed nginx-passenger
|
||||
##
|
||||
|
||||
#passenger_root /usr;
|
||||
#passenger_ruby /usr/bin/ruby;
|
||||
|
||||
##
|
||||
# Virtual Host Configs
|
||||
##
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
[program:fcgiwrap]
|
||||
user=www-data
|
||||
user=nexus
|
||||
command=/usr/sbin/fcgiwrap -f -s unix:/tmp/fcgiwrap.socket
|
||||
autorestart=true
|
3
supervisor-nginx.conf
Normal file
3
supervisor-nginx.conf
Normal file
@ -0,0 +1,3 @@
|
||||
[program:nginx]
|
||||
command=/usr/sbin/nginx
|
||||
autorestart=true
|
Loading…
Reference in New Issue
Block a user