Add better docs and comments, complete configs, change nginx & cgi user to nexus, add example scripts
This commit is contained in:
parent
c815426c5a
commit
eb8483ea7f
|
@ -0,0 +1 @@
|
||||||
|
test
|
39
Dockerfile
39
Dockerfile
|
@ -2,28 +2,33 @@ FROM ubuntu:trusty
|
||||||
MAINTAINER Dave P
|
MAINTAINER Dave P
|
||||||
|
|
||||||
# Create nexus user
|
# Create nexus user
|
||||||
RUN useradd --create-home nexus ; \
|
RUN useradd --create-home nexus && \
|
||||||
echo "nexus:nexus" | chpasswd
|
echo "nexus:nexus" | chpasswd && \
|
||||||
|
apt-get update && \
|
||||||
# Install nginx
|
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron && \
|
||||||
RUN apt-get update ;\
|
mkdir /start.d /nexus /var/run/sshd && \
|
||||||
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron ;\
|
chown nexus /nexus && \
|
||||||
mkdir /start.d /nexus /var/run/sshd ;\
|
cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
|
||||||
chown nexus /nexus
|
|
||||||
|
|
||||||
# Configure nginx
|
|
||||||
RUN echo "daemon off;" >> /etc/nginx/nginx.conf ; cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
|
|
||||||
|
|
||||||
|
# Supervisor confs
|
||||||
ADD supervisor.conf /etc/supervisor/conf.d/supervisor.conf
|
ADD supervisor.conf /etc/supervisor/conf.d/supervisor.conf
|
||||||
ADD nginx.conf /etc/supervisor/conf.d/nginx.conf
|
ADD supervisor-nginx.conf /etc/supervisor/conf.d/nginx.conf
|
||||||
ADD fcgiwrap.conf /etc/supervisor/conf.d/fcgiwrap.conf
|
ADD supervisor-fcgiwrap.conf /etc/supervisor/conf.d/fcgiwrap.conf
|
||||||
ADD sshd.conf /etc/supervisor/conf.d/sshd.conf
|
ADD supervisor-sshd.conf /etc/supervisor/conf.d/sshd.conf
|
||||||
ADD cron.conf /etc/supervisor/conf.d/cron.conf
|
ADD supervisor-cron.conf /etc/supervisor/conf.d/cron.conf
|
||||||
ADD default /etc/nginx/sites-available/default
|
|
||||||
|
# nginx confs
|
||||||
|
ADD nginx.conf /etc/nginx/nginx.conf
|
||||||
|
ADD nginx-default /etc/nginx/sites-available/default
|
||||||
|
|
||||||
|
# Startup tasks
|
||||||
ADD clear-sockets /start.d/clear-sockets
|
ADD clear-sockets /start.d/clear-sockets
|
||||||
ADD gen-ssh /start.d/gen-ssh
|
ADD gen-ssh /start.d/gen-ssh
|
||||||
ADD start /start
|
ADD start /start
|
||||||
|
|
||||||
RUN chmod +x /start.d/clear-sockets
|
RUN chmod +x /start.d/clear-sockets /start
|
||||||
|
|
||||||
|
ENTRYPOINT ["/start"]
|
||||||
|
|
||||||
EXPOSE 80
|
EXPOSE 80
|
||||||
|
EXPOSE 22
|
||||||
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
# docker-nexus
|
||||||
|
|
||||||
|
**A nginx/cgi/sshd server for prototyping services or data hubs.**
|
||||||
|
|
||||||
|
## Quick start
|
||||||
|
|
||||||
|
* Clone: `git clone ssh://git@gitlab.xmopx.net:222/dave/docker-nexus.git`
|
||||||
|
* Build: `cd docker-nexus ; docker build -t nexus .`
|
||||||
|
* Run: `docker run nexus`
|
||||||
|
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
Nexus offers a couple services:
|
||||||
|
|
||||||
|
### SSHD
|
||||||
|
|
||||||
|
For shell related activities, an sshd daemonr runs on the standard port. Username and password, by default, is `nexus`.
|
||||||
|
|
||||||
|
### Nginx
|
||||||
|
|
||||||
|
For accessing data or calling CGI scripts, nginx runs on the standard port. The document root is `/nexus/`.
|
||||||
|
|
||||||
|
### CGI
|
||||||
|
|
||||||
|
Standard CGI scripts can be placed in `/nexus/cgi-bin/`. Some sample scripts exist in `./examples/cgi-scripts/`.
|
||||||
|
|
||||||
|
### Cron
|
||||||
|
|
||||||
|
Cron is present in the container.
|
||||||
|
|
||||||
|
## TODO
|
||||||
|
|
||||||
|
* Allow ssh password to be set by passing an env var
|
||||||
|
* More sample CGI scripts
|
|
@ -1,3 +1,5 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
rm -f /tmp/fcgiwrap.socket
|
|
||||||
|
|
||||||
|
# Clear any stranded pid/socket files that could cause issues
|
||||||
|
|
||||||
|
rm -f /tmp/fcgiwrap.socket
|
||||||
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
import os
|
||||||
|
from urllib.parse import parse_qs
|
||||||
|
import traceback
|
||||||
|
|
||||||
|
def start_response(content_type="text/html", status_code=("200", "OK",)):
|
||||||
|
print('Status: %s %s' % (status_code))
|
||||||
|
print("Content-Type: %s" % content_type)
|
||||||
|
print()
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
try:
|
||||||
|
|
||||||
|
data = parse_qs(os.environ["QUERY_STRING"])
|
||||||
|
|
||||||
|
assert "yo" in data, "Must pass parameter 'yo' in query string"
|
||||||
|
|
||||||
|
start_response()
|
||||||
|
print("you passed: ?yo=%s" % data["yo"][0])
|
||||||
|
|
||||||
|
except Exception as e:
|
||||||
|
start_response(status_code=('500', "you fucked up"))
|
||||||
|
tb = traceback.format_exc()
|
||||||
|
print('<pre>{}</pre>'.format(tb))
|
3
gen-ssh
3
gen-ssh
|
@ -1,4 +1,7 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
# Regenerate ssh key per container
|
# Regenerate ssh key per container
|
||||||
|
|
||||||
dpkg-reconfigure openssh-server
|
dpkg-reconfigure openssh-server
|
||||||
|
|
||||||
rm /start.d/gen-ssh
|
rm /start.d/gen-ssh
|
||||||
|
|
|
@ -19,5 +19,8 @@ server {
|
||||||
fastcgi_pass unix:/tmp/fcgiwrap.socket;
|
fastcgi_pass unix:/tmp/fcgiwrap.socket;
|
||||||
include /etc/nginx/fastcgi_params;
|
include /etc/nginx/fastcgi_params;
|
||||||
fastcgi_param SCRIPT_FILENAME /nexus$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME /nexus$fastcgi_script_name;
|
||||||
|
fastcgi_read_timeout 600s;
|
||||||
|
fastcgi_send_timeout 600s;
|
||||||
|
client_max_body_size 1024m;
|
||||||
}
|
}
|
||||||
}
|
}
|
77
nginx.conf
77
nginx.conf
|
@ -1,3 +1,74 @@
|
||||||
[program:nginx]
|
user nexus;
|
||||||
command=/usr/sbin/nginx
|
worker_processes 4;
|
||||||
autorestart=true
|
pid /run/nginx.pid;
|
||||||
|
daemon off;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 768;
|
||||||
|
# multi_accept on;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
|
||||||
|
##
|
||||||
|
# Basic Settings
|
||||||
|
##
|
||||||
|
|
||||||
|
sendfile on;
|
||||||
|
tcp_nopush on;
|
||||||
|
tcp_nodelay on;
|
||||||
|
keepalive_timeout 65;
|
||||||
|
types_hash_max_size 2048;
|
||||||
|
# server_tokens off;
|
||||||
|
|
||||||
|
# server_names_hash_bucket_size 64;
|
||||||
|
# server_name_in_redirect off;
|
||||||
|
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
|
||||||
|
##
|
||||||
|
# Logging Settings
|
||||||
|
##
|
||||||
|
|
||||||
|
access_log /var/log/nginx/access.log;
|
||||||
|
error_log /var/log/nginx/error.log;
|
||||||
|
|
||||||
|
##
|
||||||
|
# Gzip Settings
|
||||||
|
##
|
||||||
|
|
||||||
|
gzip on;
|
||||||
|
gzip_disable "msie6";
|
||||||
|
|
||||||
|
# gzip_vary on;
|
||||||
|
# gzip_proxied any;
|
||||||
|
# gzip_comp_level 6;
|
||||||
|
# gzip_buffers 16 8k;
|
||||||
|
# gzip_http_version 1.1;
|
||||||
|
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
|
||||||
|
|
||||||
|
##
|
||||||
|
# nginx-naxsi config
|
||||||
|
##
|
||||||
|
# Uncomment it if you installed nginx-naxsi
|
||||||
|
##
|
||||||
|
|
||||||
|
#include /etc/nginx/naxsi_core.rules;
|
||||||
|
|
||||||
|
##
|
||||||
|
# nginx-passenger config
|
||||||
|
##
|
||||||
|
# Uncomment it if you installed nginx-passenger
|
||||||
|
##
|
||||||
|
|
||||||
|
#passenger_root /usr;
|
||||||
|
#passenger_ruby /usr/bin/ruby;
|
||||||
|
|
||||||
|
##
|
||||||
|
# Virtual Host Configs
|
||||||
|
##
|
||||||
|
|
||||||
|
include /etc/nginx/conf.d/*.conf;
|
||||||
|
include /etc/nginx/sites-enabled/*;
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
[program:fcgiwrap]
|
[program:fcgiwrap]
|
||||||
user=www-data
|
user=nexus
|
||||||
command=/usr/sbin/fcgiwrap -f -s unix:/tmp/fcgiwrap.socket
|
command=/usr/sbin/fcgiwrap -f -s unix:/tmp/fcgiwrap.socket
|
||||||
autorestart=true
|
autorestart=true
|
|
@ -0,0 +1,3 @@
|
||||||
|
[program:nginx]
|
||||||
|
command=/usr/sbin/nginx
|
||||||
|
autorestart=true
|
Loading…
Reference in New Issue