Add better docs and comments, complete configs, change nginx & cgi user to nexus, add example scripts

This commit is contained in:
dave 2015-12-26 14:01:50 -08:00
parent c815426c5a
commit eb8483ea7f
12 changed files with 170 additions and 22 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
test

View File

@ -2,28 +2,33 @@ FROM ubuntu:trusty
MAINTAINER Dave P
# Create nexus user
RUN useradd --create-home nexus ; \
echo "nexus:nexus" | chpasswd
# Install nginx
RUN apt-get update ;\
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron ;\
mkdir /start.d /nexus /var/run/sshd ;\
chown nexus /nexus
# Configure nginx
RUN echo "daemon off;" >> /etc/nginx/nginx.conf ; cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
RUN useradd --create-home nexus && \
echo "nexus:nexus" | chpasswd && \
apt-get update && \
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron && \
mkdir /start.d /nexus /var/run/sshd && \
chown nexus /nexus && \
cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
# Supervisor confs
ADD supervisor.conf /etc/supervisor/conf.d/supervisor.conf
ADD nginx.conf /etc/supervisor/conf.d/nginx.conf
ADD fcgiwrap.conf /etc/supervisor/conf.d/fcgiwrap.conf
ADD sshd.conf /etc/supervisor/conf.d/sshd.conf
ADD cron.conf /etc/supervisor/conf.d/cron.conf
ADD default /etc/nginx/sites-available/default
ADD supervisor-nginx.conf /etc/supervisor/conf.d/nginx.conf
ADD supervisor-fcgiwrap.conf /etc/supervisor/conf.d/fcgiwrap.conf
ADD supervisor-sshd.conf /etc/supervisor/conf.d/sshd.conf
ADD supervisor-cron.conf /etc/supervisor/conf.d/cron.conf
# nginx confs
ADD nginx.conf /etc/nginx/nginx.conf
ADD nginx-default /etc/nginx/sites-available/default
# Startup tasks
ADD clear-sockets /start.d/clear-sockets
ADD gen-ssh /start.d/gen-ssh
ADD start /start
RUN chmod +x /start.d/clear-sockets
RUN chmod +x /start.d/clear-sockets /start
ENTRYPOINT ["/start"]
EXPOSE 80
EXPOSE 22

35
README.md Normal file
View File

@ -0,0 +1,35 @@
# docker-nexus
**A nginx/cgi/sshd server for prototyping services or data hubs.**
## Quick start
* Clone: `git clone ssh://git@gitlab.xmopx.net:222/dave/docker-nexus.git`
* Build: `cd docker-nexus ; docker build -t nexus .`
* Run: `docker run nexus`
## Usage
Nexus offers a couple services:
### SSHD
For shell related activities, an sshd daemonr runs on the standard port. Username and password, by default, is `nexus`.
### Nginx
For accessing data or calling CGI scripts, nginx runs on the standard port. The document root is `/nexus/`.
### CGI
Standard CGI scripts can be placed in `/nexus/cgi-bin/`. Some sample scripts exist in `./examples/cgi-scripts/`.
### Cron
Cron is present in the container.
## TODO
* Allow ssh password to be set by passing an env var
* More sample CGI scripts

View File

@ -1,3 +1,5 @@
#!/bin/sh
rm -f /tmp/fcgiwrap.socket
# Clear any stranded pid/socket files that could cause issues
rm -f /tmp/fcgiwrap.socket

25
examples/cgi-scripts/basic.py Executable file
View File

@ -0,0 +1,25 @@
#!/usr/bin/env python3
import os
from urllib.parse import parse_qs
import traceback
def start_response(content_type="text/html", status_code=("200", "OK",)):
print('Status: %s %s' % (status_code))
print("Content-Type: %s" % content_type)
print()
if __name__ == "__main__":
try:
data = parse_qs(os.environ["QUERY_STRING"])
assert "yo" in data, "Must pass parameter 'yo' in query string"
start_response()
print("you passed: ?yo=%s" % data["yo"][0])
except Exception as e:
start_response(status_code=('500', "you fucked up"))
tb = traceback.format_exc()
print('<pre>{}</pre>'.format(tb))

View File

@ -1,4 +1,7 @@
#!/bin/sh
# Regenerate ssh key per container
dpkg-reconfigure openssh-server
rm /start.d/gen-ssh

View File

@ -19,5 +19,8 @@ server {
fastcgi_pass unix:/tmp/fcgiwrap.socket;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /nexus$fastcgi_script_name;
fastcgi_read_timeout 600s;
fastcgi_send_timeout 600s;
client_max_body_size 1024m;
}
}

View File

@ -1,3 +1,74 @@
[program:nginx]
command=/usr/sbin/nginx
autorestart=true
user nexus;
worker_processes 4;
pid /run/nginx.pid;
daemon off;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

View File

@ -1,4 +1,4 @@
[program:fcgiwrap]
user=www-data
user=nexus
command=/usr/sbin/fcgiwrap -f -s unix:/tmp/fcgiwrap.socket
autorestart=true

3
supervisor-nginx.conf Normal file
View File

@ -0,0 +1,3 @@
[program:nginx]
command=/usr/sbin/nginx
autorestart=true