artox/incubator-pagespeed-ngx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Dockerfiles for Alpine 3.8/edge build with Nginx 1.14/1.15 (stable/mainline), (directory structure organised for DockerHub build compatibility). (#1598)

Browse Source 
Alpine Linux is a security-oriented, lightweight Linux distribution based on musl libc and busy box. Alpine is therefor the most logical OS base for Docker Images.

Although it does not fix #1181 completely, it helps to overcome the problems of building the PSOL on Alpine,
This commit is contained in:
Nico Berlee
2018-10-08 09:28:19 +02:00
committed by Otto van der Schaaf
parent 1ca55ba5d7
commit c24e387462
38 changed files with 2699 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docker/alpine-3.8/nginx-mainline/Dockerfile
+230
View File
@@ -0,0 +1,230 @@
ARG ALPINE_VERSION=3.8
########################
# Build pagespeed psol #
########################
FROM alpine:$ALPINE_VERSION as pagespeed
# Check https://github.com/apache/incubator-pagespeed-mod/tags
ARG MOD_PAGESPEED_TAG=v1.13.35.2
RUN apk add --no-cache \
apache2-dev \
apr-dev \
apr-util-dev \
build-base \
curl \
gettext-dev \
git \
gperf \
icu-dev \
libjpeg-turbo-dev \
libpng-dev \
libressl-dev \
pcre-dev \
py-setuptools \
zlib-dev \
;
WORKDIR /usr/src
RUN git clone -b ${MOD_PAGESPEED_TAG} \
--recurse-submodules \
--depth=1 \
-c advice.detachedHead=false \
-j`nproc` \
https://github.com/apache/incubator-pagespeed-mod.git \
modpagespeed \
;
WORKDIR /usr/src/modpagespeed
COPY patches/modpagespeed/*.patch ./
RUN for i in *.patch; do printf "\r\nApplying patch ${i%%.*}\r\n"; patch -p1 < $i || exit 1; done
WORKDIR /usr/src/modpagespeed/tools/gyp
RUN ./setup.py install
WORKDIR /usr/src/modpagespeed
RUN build/gyp_chromium --depth=. \
-D use_system_libs=1 \
&& \
cd /usr/src/modpagespeed/pagespeed/automatic && \
make psol BUILDTYPE=Release \
CFLAGS+="-I/usr/include/apr-1" \
CXXFLAGS+="-I/usr/include/apr-1 -DUCHAR_TYPE=uint16_t" \
-j`nproc` \
;
RUN mkdir -p /usr/src/ngxpagespeed/psol/lib/Release/linux/x64 && \
mkdir -p /usr/src/ngxpagespeed/psol/include/out/Release && \
cp -R out/Release/obj /usr/src/ngxpagespeed/psol/include/out/Release/ && \
cp -R pagespeed/automatic/pagespeed_automatic.a /usr/src/ngxpagespeed/psol/lib/Release/linux/x64/ && \
cp -R net \
pagespeed \
testing \
third_party \
url \
/usr/src/ngxpagespeed/psol/include/ \
;
##########################################
# Build Nginx with support for PageSpeed #
##########################################
FROM alpine:$ALPINE_VERSION AS nginx
# Check https://github.com/apache/incubator-pagespeed-ngx/tags
ARG NGX_PAGESPEED_TAG=v1.13.35.2-stable
# Check http://nginx.org/en/download.html for the latest version.
ARG NGINX_VERSION=1.15.4
ARG NGINX_PGPKEY=520A9993A1C052F8
ARG NGINX_BUILD_CONFIG="\
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-stream_geoip_module=dynamic \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-compat \
--with-file-aio \
--with-http_v2_module \
"
RUN apk add --no-cache \
apr-dev \
apr-util-dev \
build-base \
ca-certificates \
gd-dev \
geoip-dev \
git \
gnupg \
icu-dev \
libjpeg-turbo-dev \
libpng-dev \
libxslt-dev \
linux-headers \
libressl-dev \
pcre-dev \
tar \
zlib-dev \
;
WORKDIR /usr/src
RUN git clone -b ${NGX_PAGESPEED_TAG} \
--recurse-submodules \
--shallow-submodules \
--depth=1 \
-c advice.detachedHead=false \
-j`nproc` \
https://github.com/apache/incubator-pagespeed-ngx.git \
ngxpagespeed \
;
RUN wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz \
https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz.asc && \
(gpg --keyserver ha.pool.sks-keyservers.net --keyserver-options timeout=10 --recv-keys ${NGINX_PGPKEY} || \
gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options timeout=10 --recv-keys ${NGINX_PGPKEY} || \
gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --keyserver-options timeout=10 --recv-keys $NGINX_PGPKEY} ) && \
gpg --trusted-key ${NGINX_PGPKEY} --verify nginx-${NGINX_VERSION}.tar.gz.asc
COPY --from=pagespeed /usr/src/ngxpagespeed /usr/src/ngxpagespeed/
WORKDIR /usr/src/nginx
RUN tar zxf ../nginx-${NGINX_VERSION}.tar.gz --strip-components=1 -C . && \
./configure \
${NGINX_BUILD_CONFIG} \
--add-module=/usr/src/ngxpagespeed \
--with-ld-opt="-Wl,-z,relro,--start-group -lapr-1 -laprutil-1 -licudata -licuuc -lpng -lturbojpeg -ljpeg" \
&& \
make install -j`nproc`
RUN rm -rf /etc/nginx/html/ && \
mkdir /etc/nginx/conf.d/ && \
mkdir -p /usr/share/nginx/html/ && \
sed -i 's|^</body>|<p><a href="https://www.ngxpagespeed.com/"><img src="pagespeed.png" title="Nginx module for rewriting web pages to reduce latency and bandwidth" /></a></p>\n</body>|' html/index.html && \
install -m644 html/index.html /usr/share/nginx/html/ && \
install -m644 html/50x.html /usr/share/nginx/html/ && \
ln -s ../../usr/lib/nginx/modules /etc/nginx/modules && \
strip /usr/sbin/nginx* \
/usr/lib/nginx/modules/*.so \
;
COPY conf/nginx.conf /etc/nginx/nginx.conf
COPY conf/nginx.vh.default.conf /etc/nginx/conf.d/default.conf
COPY pagespeed.png /usr/share/nginx/html/
##########################################
# Combine everything with minimal layers #
##########################################
FROM alpine:$ALPINE_VERSION
LABEL maintainer="Nico Berlee <nico.berlee@on2it.net>" \
version.mod-pagespeed="1.13.35.2" \
version.nginx="1.15.4" \
version.ngx-pagespeed="1.13.35.2"
COPY --from=pagespeed /usr/bin/envsubst /usr/local/bin
COPY --from=nginx /usr/sbin/nginx /usr/sbin/nginx
COPY --from=nginx /usr/lib/nginx/modules/ /usr/lib/nginx/modules/
COPY --from=nginx /etc/nginx /etc/nginx
COPY --from=nginx /usr/share/nginx/html/ /usr/share/nginx/html/
RUN apk --no-cache upgrade && \
scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /usr/local/bin/envsubst \
| tr ',' '\n' \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
| xargs apk add --no-cache \
&& \
apk add --no-cache tzdata
RUN addgroup -S nginx && \
adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx && \
install -g nginx -o nginx -d /var/cache/ngx_pagespeed && \
mkdir -p /var/log/nginx && \
ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log
EXPOSE 80
STOPSIGNAL SIGTERM
CMD ["/usr/sbin/nginx", "-g", "daemon off;"]
docker/alpine-3.8/nginx-mainline/conf/nginx.conf
+32
View File
@@ -0,0 +1,32 @@
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
docker/alpine-3.8/nginx-mainline/conf/nginx.vh.default.conf
+57
View File
@@ -0,0 +1,57 @@
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
pagespeed on;
# Needs to exist and be writable by nginx. Use tmpfs for best performance.
pagespeed FileCachePath /var/cache/ngx_pagespeed;
# Ensure requests for pagespeed optimized resources go to the pagespeed handler
# and no extraneous headers get set.
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
docker/alpine-3.8/nginx-mainline/pagespeed.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

docker/alpine-3.8/nginx-mainline/patches/modpagespeed/automatic_makefile.patch
+31
View File
@@ -0,0 +1,31 @@
--- a/pagespeed/automatic/Makefile
+++ b/pagespeed/automatic/Makefile
@@ -146,8 +146,6 @@
pagespeed/libpagespeed_thread.a \
pagespeed/libpthread_system.a \
pagespeed/libutil.a \
- third_party/apr/libapr.a \
- third_party/aprutil/libaprutil.a \
third_party/base64/libbase64.a \
third_party/chromium/src/base/third_party/dynamic_annotations/libdynamic_annotations.a \
third_party/css_parser/libcss_parser.a \
@@ -163,18 +161,11 @@
third_party/grpc/libgrpc_core.a \
third_party/grpc/libgrpc_cpp.a \
third_party/hiredis/libhiredis.a \
- third_party/icu/libicudata.a \
- third_party/icu/libicuuc.a \
third_party/jsoncpp/libjsoncpp.a \
- third_party/libjpeg_turbo/libjpeg.a \
- third_party/libjpeg_turbo/src/libjpeg_turbo.a \
- third_party/libpng/libpng.a \
third_party/optipng/libopngreduc.a \
third_party/protobuf/libprotobuf_full_do_not_use.a \
third_party/re2/libre2.a \
- third_party/serf/libopenssl.a \
third_party/serf/libserf.a \
- third_party/zlib/libzlib.a \
url/liburl_lib.a
# The 'gclient' build flow uses 'xcodebuild' on Mac and 'make' on Linux.
docker/alpine-3.8/nginx-mainline/patches/modpagespeed/libpng16.patch
+141
View File
@@ -0,0 +1,141 @@
From 7ea8d5fc141c7067c54ffa2b9fbc552c15089ca6 Mon Sep 17 00:00:00 2001
From: ashishk-1 <ashish.k@gdbtech.in>
Date: Thu, 18 Jan 2018 22:14:05 +0530
Subject: [PATCH] Upgrading libpng library to version 1.6 (#1724)
---
net/instaweb/rewriter/image.cc | 8 ++++++++
pagespeed/kernel/image/gif_reader.cc | 4 ++--
pagespeed/kernel/image/image_converter.cc | 6 ++++++
pagespeed/kernel/image/png_optimizer_test.cc | 6 ++++++
third_party/libpng/libpng.gyp | 26 +++++++++++++++++++++++---
third_party/libpng/src | 2 +-
6 files changed, 46 insertions(+), 6 deletions(-)
diff --git a/net/instaweb/rewriter/image.cc b/net/instaweb/rewriter/image.cc
index 4f631182a..bb67bba35 100644
--- a/net/instaweb/rewriter/image.cc
+++ b/net/instaweb/rewriter/image.cc
@@ -21,6 +21,14 @@
#include <algorithm>
#include <cstddef>
+extern "C" {
+#ifdef USE_SYSTEM_ZLIB
+#include "zlib.h"
+#else
+#include "third_party/zlib/zlib.h"
+#endif
+} // extern "C"
+
#include "base/logging.h"
#include "net/instaweb/rewriter/cached_result.pb.h"
#include "net/instaweb/rewriter/public/image_data_lookup.h"
diff --git a/pagespeed/kernel/image/gif_reader.cc b/pagespeed/kernel/image/gif_reader.cc
index 7de69b3d7..bb0bc9cfc 100644
--- a/pagespeed/kernel/image/gif_reader.cc
+++ b/pagespeed/kernel/image/gif_reader.cc
@@ -411,8 +411,8 @@ bool ReadGifToPng(GifFileType* gif_file,
png_uint_32 height = png_get_image_height(paletted_png_ptr,
paletted_info_ptr);
for (png_uint_32 row = 1; row < height; ++row) {
- memcpy(paletted_info_ptr->row_pointers[row],
- paletted_info_ptr->row_pointers[0],
+ memcpy(row_pointers[row],
+ row_pointers[0],
row_size);
}
diff --git a/pagespeed/kernel/image/image_converter.cc b/pagespeed/kernel/image/image_converter.cc
index d796b5065..84b7aff74 100644
--- a/pagespeed/kernel/image/image_converter.cc
+++ b/pagespeed/kernel/image/image_converter.cc
@@ -30,6 +30,12 @@ extern "C" {
#else
#include "third_party/libpng/src/png.h"
#endif
+
+#ifdef USE_SYSTEM_ZLIB
+#include "zlib.h"
+#else
+#include "third_party/zlib/zlib.h"
+#endif
} // extern "C"
#include "base/logging.h"
diff --git a/pagespeed/kernel/image/png_optimizer_test.cc b/pagespeed/kernel/image/png_optimizer_test.cc
index 9ad915aff..3faa526a8 100644
--- a/pagespeed/kernel/image/png_optimizer_test.cc
+++ b/pagespeed/kernel/image/png_optimizer_test.cc
@@ -36,6 +36,12 @@ extern "C" {
#else
#include "third_party/libpng/src/png.h"
#endif
+
+#ifdef USE_SYSTEM_ZLIB
+#include "zlib.h"
+#else
+#include "third_party/zlib/zlib.h"
+#endif
}
namespace {
diff --git a/third_party/libpng/libpng.gyp b/third_party/libpng/libpng.gyp
index cfaafee00..d96a8f74c 100644
--- a/third_party/libpng/libpng.gyp
+++ b/third_party/libpng/libpng.gyp
@@ -22,14 +22,29 @@
'dependencies': [
'../zlib/zlib.gyp:zlib',
],
+ 'actions': [
+ {
+ 'action_name': 'copy_libpngconf_prebuilt',
+ 'inputs' : [],
+ 'outputs': [''],
+ 'action': [
+ 'cp',
+ '-f',
+ '<(DEPTH)/third_party/libpng/src/scripts/pnglibconf.h.prebuilt',
+ '<(DEPTH)/third_party/libpng/src/pnglibconf.h',
+ ],
+ },
+ ],
'msvs_guid': 'C564F145-9172-42C3-BFCB-6014CA97DBCD',
'sources': [
+ 'src/pngpriv.h',
'src/png.c',
'src/png.h',
'src/pngconf.h',
+ 'src/pngdebug.h',
'src/pngerror.c',
- 'src/pnggccrd.c',
'src/pngget.c',
+ 'src/pnginfo.h',
'src/pngmem.c',
'src/pngpread.c',
'src/pngread.c',
@@ -37,9 +52,8 @@
'src/pngrtran.c',
'src/pngrutil.c',
'src/pngset.c',
+ 'src/pngstruct.h',
'src/pngtrans.c',
- 'src/pngusr.h',
- 'src/pngvcrd.c',
'src/pngwio.c',
'src/pngwrite.c',
'src/pngwtran.c',
@@ -54,6 +68,12 @@
# doesn't like that. This define tells libpng to not
# complain about our inclusion of setjmp.h.
'PNG_SKIP_SETJMP_CHECK',
+
+ # The PNG_FREE_ME_SUPPORTED define was dropped in libpng
+ # 1.4.0beta78, with its behavior becoming the default
+ # behavior.
+ # Hence, we define it ourselves for version >= 1.4.0
+ 'PNG_FREE_ME_SUPPORTED',
],
},
'export_dependent_settings': [
docker/alpine-3.8/nginx-mainline/patches/modpagespeed/pthread_nonrecursive_np.patch
+11
View File
@@ -0,0 +1,11 @@
--- a/pagespeed/kernel/thread/pthread_rw_lock.cc
+++ b/pagespeed/kernel/thread/pthread_rw_lock.cc
@@ -31,7 +31,7 @@
//
// Other OS's (FreeBSD, Darwin, OpenSolaris) documentation suggests
// that they prefer writers by default.
-#ifdef linux
+#if defined(linux) && defined(__GLIBC__)
pthread_rwlockattr_setkind_np(&attr_,
PTHREAD_RWLOCK_PREFER_WRITER_NONRECURSIVE_NP);
#endif
docker/alpine-3.8/nginx-mainline/patches/modpagespeed/rename_c_symbols.patch
+13
View File
@@ -0,0 +1,13 @@
--- a/pagespeed/automatic/rename_c_symbols.sh
+++ b/pagespeed/automatic/rename_c_symbols.sh
@@ -24,8 +24,8 @@
set -e # exit script if any command returns an error
set -u # exit the script if any variable is uninitialized
-IN=$(readlink -f $1)
-OUT=$(readlink -f $2)
+IN=$1
+OUT=$2
# Get a list of defined non-C++ symbols that are global and not weak.
# _Z is used at start of C++-mangled symbol names.
docker/alpine-3.8/nginx-mainline/patches/modpagespeed/stack_trace_posix.patch
+64
View File
@@ -0,0 +1,64 @@
--- a/third_party/chromium/src/base/debug/stack_trace_posix.cc
+++ b/third_party/chromium/src/base/debug/stack_trace_posix.cc
@@ -5,7 +5,9 @@
#include "base/debug/stack_trace.h"
#include <errno.h>
+#if defined(HAVE_BACKTRACE)
#include <execinfo.h>
+#endif
#include <fcntl.h>
#include <signal.h>
#include <stdio.h>
@@ -64,7 +66,7 @@
// Note: code in this function is NOT async-signal safe (std::string uses
// malloc internally).
-#if defined(__GLIBCXX__)
+#if defined(__GLIBCXX__) && defined(HAVE_BACKTRACE)
std::string::size_type search_from = 0;
while (search_from < text->size()) {
@@ -145,7 +147,7 @@
handler->HandleOutput("\n");
}
-#else
+#elif defined(HAVE_BACKTRACE)
bool printed = false;
// Below part is async-signal unsafe (uses malloc), so execute it only
@@ -469,23 +471,31 @@
StackTrace::StackTrace() {
// NOTE: This code MUST be async-signal safe (it's used by in-process
// stack dumping signal handler). NO malloc or stdio is allowed here.
-
+#if defined(HAVE_BACKTRACE)
// Though the backtrace API man page does not list any possible negative
// return values, we take no chance.
count_ = std::max(backtrace(trace_, arraysize(trace_)), 0);
+#else
+ count_ = 0;
+#endif
}
void StackTrace::Print() const {
// NOTE: This code MUST be async-signal safe (it's used by in-process
// stack dumping signal handler). NO malloc or stdio is allowed here.
-
+#if defined(HAVE_BACKTRACE)
PrintBacktraceOutputHandler handler;
ProcessBacktrace(trace_, count_, &handler);
+#endif
}
void StackTrace::OutputToStream(std::ostream* os) const {
+#if !defined(HAVE_BACKTRACE)
+(*os) << "(stack trace not supported)\n";
+#else
StreamBacktraceOutputHandler handler(os);
ProcessBacktrace(trace_, count_, &handler);
+#endif
}
namespace internal {
docker/alpine-3.8/nginx-stable/Dockerfile
+231
View File
@@ -0,0 +1,231 @@
ARG ALPINE_VERSION=3.8
########################
# Build pagespeed psol #
########################
FROM alpine:$ALPINE_VERSION as pagespeed
# Check https://github.com/apache/incubator-pagespeed-mod/tags
ARG MOD_PAGESPEED_TAG=v1.13.35.2
RUN apk add --no-cache \
apache2-dev \
apr-dev \
apr-util-dev \
build-base \
curl \
gettext-dev \
git \
gperf \
icu-dev \
libjpeg-turbo-dev \
libpng-dev \
libressl-dev \
pcre-dev \
py-setuptools \
zlib-dev \
;
WORKDIR /usr/src
RUN git clone -b ${MOD_PAGESPEED_TAG} \
--recurse-submodules \
--depth=1 \
-c advice.detachedHead=false \
-j`nproc` \
https://github.com/apache/incubator-pagespeed-mod.git \
modpagespeed \
;
WORKDIR /usr/src/modpagespeed
COPY patches/modpagespeed/*.patch ./
RUN for i in *.patch; do printf "\r\nApplying patch ${i%%.*}\r\n"; patch -p1 < $i || exit 1; done
WORKDIR /usr/src/modpagespeed/tools/gyp
RUN ./setup.py install
WORKDIR /usr/src/modpagespeed
RUN build/gyp_chromium --depth=. \
-D use_system_libs=1 \
&& \
cd /usr/src/modpagespeed/pagespeed/automatic && \
make psol BUILDTYPE=Release \
CFLAGS+="-I/usr/include/apr-1" \
CXXFLAGS+="-I/usr/include/apr-1 -DUCHAR_TYPE=uint16_t" \
-j`nproc` \
;
RUN mkdir -p /usr/src/ngxpagespeed/psol/lib/Release/linux/x64 && \
mkdir -p /usr/src/ngxpagespeed/psol/include/out/Release && \
cp -R out/Release/obj /usr/src/ngxpagespeed/psol/include/out/Release/ && \
cp -R pagespeed/automatic/pagespeed_automatic.a /usr/src/ngxpagespeed/psol/lib/Release/linux/x64/ && \
cp -R net \
pagespeed \
testing \
third_party \
url \
/usr/src/ngxpagespeed/psol/include/ \
;
##########################################
# Build Nginx with support for PageSpeed #
##########################################
FROM alpine:$ALPINE_VERSION AS nginx
# Check https://github.com/apache/incubator-pagespeed-ngx/tags
ARG NGX_PAGESPEED_TAG=v1.13.35.2-stable
# Check http://nginx.org/en/download.html for the latest version.
ARG NGINX_VERSION=1.14.0
ARG NGINX_PGPKEY=520A9993A1C052F8
ARG NGINX_BUILD_CONFIG="\
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-stream_geoip_module=dynamic \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-compat \
--with-file-aio \
--with-http_v2_module \
"
RUN apk add --no-cache \
apr-dev \
apr-util-dev \
build-base \
ca-certificates \
gd-dev \
geoip-dev \
git \
gnupg \
icu-dev \
libjpeg-turbo-dev \
libpng-dev \
libxslt-dev \
linux-headers \
libressl-dev \
pcre-dev \
tar \
zlib-dev \
;
WORKDIR /usr/src
RUN git clone -b ${NGX_PAGESPEED_TAG} \
--recurse-submodules \
--shallow-submodules \
--depth=1 \
-c advice.detachedHead=false \
-j`nproc` \
https://github.com/apache/incubator-pagespeed-ngx.git \
ngxpagespeed \
;
RUN wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz \
https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz.asc && \
(gpg --keyserver ha.pool.sks-keyservers.net --keyserver-options timeout=10 --recv-keys ${NGINX_PGPKEY} || \
gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options timeout=10 --recv-keys ${NGINX_PGPKEY} || \
gpg --keyserver hkp://p80.pool.sks-keyservers.net:80 --keyserver-options timeout=10 --recv-keys $NGINX_PGPKEY} ) && \
gpg --trusted-key ${NGINX_PGPKEY} --verify nginx-${NGINX_VERSION}.tar.gz.asc
COPY --from=pagespeed /usr/src/ngxpagespeed /usr/src/ngxpagespeed/
WORKDIR /usr/src/nginx
RUN tar zxf ../nginx-${NGINX_VERSION}.tar.gz --strip-components=1 -C . && \
./configure \
${NGINX_BUILD_CONFIG} \
--add-module=/usr/src/ngxpagespeed \
--with-ld-opt="-Wl,-z,relro,--start-group -lapr-1 -laprutil-1 -licudata -licuuc -lpng -lturbojpeg -ljpeg" \
&& \
make install -j`nproc`
RUN rm -rf /etc/nginx/html/ && \
mkdir /etc/nginx/conf.d/ && \
mkdir -p /usr/share/nginx/html/ && \
sed -i 's|^</body>|<p><a href="https://www.ngxpagespeed.com/"><img src="pagespeed.png" title="Nginx module for rewriting web pages to reduce latency and bandwidth" /></a></p>\n</body>|' html/index.html && \
install -m644 html/index.html /usr/share/nginx/html/ && \
install -m644 html/50x.html /usr/share/nginx/html/ && \
ln -s ../../usr/lib/nginx/modules /etc/nginx/modules && \
strip /usr/sbin/nginx* \
/usr/lib/nginx/modules/*.so \
;
COPY conf/nginx.conf /etc/nginx/nginx.conf
COPY conf/nginx.vh.default.conf /etc/nginx/conf.d/default.conf
COPY pagespeed.png /usr/share/nginx/html/
##########################################
# Combine everything with minimal layers #
##########################################
FROM alpine:$ALPINE_VERSION
LABEL maintainer="Nico Berlee <nico.berlee@on2it.net>" \
version.mod-pagespeed="1.13.35.2" \
version.nginx="1.14.0" \
version.ngx-pagespeed="1.13.35.2"
COPY --from=pagespeed /usr/bin/envsubst /usr/local/bin
COPY --from=nginx /usr/sbin/nginx /usr/sbin/nginx
COPY --from=nginx /usr/lib/nginx/modules/ /usr/lib/nginx/modules/
COPY --from=nginx /etc/nginx /etc/nginx
COPY --from=nginx /usr/share/nginx/html/ /usr/share/nginx/html/
RUN apk --no-cache upgrade && \
scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /usr/local/bin/envsubst \
| tr ',' '\n' \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
| xargs apk add --no-cache \
&& \
apk add --no-cache tzdata
RUN addgroup -S nginx && \
adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx && \
install -g nginx -o nginx -d /var/cache/ngx_pagespeed && \
mkdir -p /var/log/nginx && \
ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log
EXPOSE 80
STOPSIGNAL SIGTERM
CMD ["/usr/sbin/nginx", "-g", "daemon off;"]
docker/alpine-3.8/nginx-stable/conf/nginx.conf
+32
View File
@@ -0,0 +1,32 @@
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
docker/alpine-3.8/nginx-stable/conf/nginx.vh.default.conf
+57
View File
@@ -0,0 +1,57 @@
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
pagespeed on;
# Needs to exist and be writable by nginx. Use tmpfs for best performance.
pagespeed FileCachePath /var/cache/ngx_pagespeed;
# Ensure requests for pagespeed optimized resources go to the pagespeed handler
# and no extraneous headers get set.
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
docker/alpine-3.8/nginx-stable/pagespeed.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

docker/alpine-3.8/nginx-stable/patches/modpagespeed/automatic_makefile.patch
+31
View File
@@ -0,0 +1,31 @@
--- a/pagespeed/automatic/Makefile
+++ b/pagespeed/automatic/Makefile
@@ -146,8 +146,6 @@
pagespeed/libpagespeed_thread.a \
pagespeed/libpthread_system.a \
pagespeed/libutil.a \
- third_party/apr/libapr.a \
- third_party/aprutil/libaprutil.a \
third_party/base64/libbase64.a \
third_party/chromium/src/base/third_party/dynamic_annotations/libdynamic_annotations.a \
third_party/css_parser/libcss_parser.a \
@@ -163,18 +161,11 @@
third_party/grpc/libgrpc_core.a \
third_party/grpc/libgrpc_cpp.a \
third_party/hiredis/libhiredis.a \
- third_party/icu/libicudata.a \
- third_party/icu/libicuuc.a \
third_party/jsoncpp/libjsoncpp.a \
- third_party/libjpeg_turbo/libjpeg.a \
- third_party/libjpeg_turbo/src/libjpeg_turbo.a \
- third_party/libpng/libpng.a \
third_party/optipng/libopngreduc.a \
third_party/protobuf/libprotobuf_full_do_not_use.a \
third_party/re2/libre2.a \
- third_party/serf/libopenssl.a \
third_party/serf/libserf.a \
- third_party/zlib/libzlib.a \
url/liburl_lib.a
# The 'gclient' build flow uses 'xcodebuild' on Mac and 'make' on Linux.
docker/alpine-3.8/nginx-stable/patches/modpagespeed/libpng16.patch
+141
View File
@@ -0,0 +1,141 @@
From 7ea8d5fc141c7067c54ffa2b9fbc552c15089ca6 Mon Sep 17 00:00:00 2001
From: ashishk-1 <ashish.k@gdbtech.in>
Date: Thu, 18 Jan 2018 22:14:05 +0530
Subject: [PATCH] Upgrading libpng library to version 1.6 (#1724)
---
net/instaweb/rewriter/image.cc | 8 ++++++++
pagespeed/kernel/image/gif_reader.cc | 4 ++--
pagespeed/kernel/image/image_converter.cc | 6 ++++++
pagespeed/kernel/image/png_optimizer_test.cc | 6 ++++++
third_party/libpng/libpng.gyp | 26 +++++++++++++++++++++++---
third_party/libpng/src | 2 +-
6 files changed, 46 insertions(+), 6 deletions(-)
diff --git a/net/instaweb/rewriter/image.cc b/net/instaweb/rewriter/image.cc
index 4f631182a..bb67bba35 100644
--- a/net/instaweb/rewriter/image.cc
+++ b/net/instaweb/rewriter/image.cc
@@ -21,6 +21,14 @@
#include <algorithm>
#include <cstddef>
+extern "C" {
+#ifdef USE_SYSTEM_ZLIB
+#include "zlib.h"
+#else
+#include "third_party/zlib/zlib.h"
+#endif
+} // extern "C"
+
#include "base/logging.h"
#include "net/instaweb/rewriter/cached_result.pb.h"
#include "net/instaweb/rewriter/public/image_data_lookup.h"
diff --git a/pagespeed/kernel/image/gif_reader.cc b/pagespeed/kernel/image/gif_reader.cc
index 7de69b3d7..bb0bc9cfc 100644
--- a/pagespeed/kernel/image/gif_reader.cc
+++ b/pagespeed/kernel/image/gif_reader.cc
@@ -411,8 +411,8 @@ bool ReadGifToPng(GifFileType* gif_file,
png_uint_32 height = png_get_image_height(paletted_png_ptr,
paletted_info_ptr);
for (png_uint_32 row = 1; row < height; ++row) {
- memcpy(paletted_info_ptr->row_pointers[row],
- paletted_info_ptr->row_pointers[0],
+ memcpy(row_pointers[row],
+ row_pointers[0],
row_size);
}
diff --git a/pagespeed/kernel/image/image_converter.cc b/pagespeed/kernel/image/image_converter.cc
index d796b5065..84b7aff74 100644
--- a/pagespeed/kernel/image/image_converter.cc
+++ b/pagespeed/kernel/image/image_converter.cc
@@ -30,6 +30,12 @@ extern "C" {
#else
#include "third_party/libpng/src/png.h"
#endif
+
+#ifdef USE_SYSTEM_ZLIB
+#include "zlib.h"
+#else
+#include "third_party/zlib/zlib.h"
+#endif
} // extern "C"
#include "base/logging.h"
diff --git a/pagespeed/kernel/image/png_optimizer_test.cc b/pagespeed/kernel/image/png_optimizer_test.cc
index 9ad915aff..3faa526a8 100644
--- a/pagespeed/kernel/image/png_optimizer_test.cc
+++ b/pagespeed/kernel/image/png_optimizer_test.cc
@@ -36,6 +36,12 @@ extern "C" {
#else
#include "third_party/libpng/src/png.h"
#endif
+
+#ifdef USE_SYSTEM_ZLIB
+#include "zlib.h"
+#else
+#include "third_party/zlib/zlib.h"
+#endif
}
namespace {
diff --git a/third_party/libpng/libpng.gyp b/third_party/libpng/libpng.gyp
index cfaafee00..d96a8f74c 100644
--- a/third_party/libpng/libpng.gyp
+++ b/third_party/libpng/libpng.gyp
@@ -22,14 +22,29 @@
'dependencies': [
'../zlib/zlib.gyp:zlib',
],
+ 'actions': [
+ {
+ 'action_name': 'copy_libpngconf_prebuilt',
+ 'inputs' : [],
+ 'outputs': [''],
+ 'action': [
+ 'cp',
+ '-f',
+ '<(DEPTH)/third_party/libpng/src/scripts/pnglibconf.h.prebuilt',
+ '<(DEPTH)/third_party/libpng/src/pnglibconf.h',
+ ],
+ },
+ ],
'msvs_guid': 'C564F145-9172-42C3-BFCB-6014CA97DBCD',
'sources': [
+ 'src/pngpriv.h',
'src/png.c',
'src/png.h',
'src/pngconf.h',
+ 'src/pngdebug.h',
'src/pngerror.c',
- 'src/pnggccrd.c',
'src/pngget.c',
+ 'src/pnginfo.h',
'src/pngmem.c',
'src/pngpread.c',
'src/pngread.c',
@@ -37,9 +52,8 @@
'src/pngrtran.c',
'src/pngrutil.c',
'src/pngset.c',
+ 'src/pngstruct.h',
'src/pngtrans.c',
- 'src/pngusr.h',
- 'src/pngvcrd.c',
'src/pngwio.c',
'src/pngwrite.c',
'src/pngwtran.c',
@@ -54,6 +68,12 @@
# doesn't like that. This define tells libpng to not
# complain about our inclusion of setjmp.h.
'PNG_SKIP_SETJMP_CHECK',
+
+ # The PNG_FREE_ME_SUPPORTED define was dropped in libpng
+ # 1.4.0beta78, with its behavior becoming the default
+ # behavior.
+ # Hence, we define it ourselves for version >= 1.4.0
+ 'PNG_FREE_ME_SUPPORTED',
],
},
'export_dependent_settings': [
docker/alpine-3.8/nginx-stable/patches/modpagespeed/pthread_nonrecursive_np.patch
+11
View File
@@ -0,0 +1,11 @@
--- a/pagespeed/kernel/thread/pthread_rw_lock.cc
+++ b/pagespeed/kernel/thread/pthread_rw_lock.cc
@@ -31,7 +31,7 @@
//
// Other OS's (FreeBSD, Darwin, OpenSolaris) documentation suggests
// that they prefer writers by default.
-#ifdef linux
+#if defined(linux) && defined(__GLIBC__)
pthread_rwlockattr_setkind_np(&attr_,
PTHREAD_RWLOCK_PREFER_WRITER_NONRECURSIVE_NP);
#endif
docker/alpine-3.8/nginx-stable/patches/modpagespeed/rename_c_symbols.patch
+13
View File
@@ -0,0 +1,13 @@
--- a/pagespeed/automatic/rename_c_symbols.sh
+++ b/pagespeed/automatic/rename_c_symbols.sh
@@ -24,8 +24,8 @@
set -e # exit script if any command returns an error
set -u # exit the script if any variable is uninitialized
-IN=$(readlink -f $1)
-OUT=$(readlink -f $2)
+IN=$1
+OUT=$2
# Get a list of defined non-C++ symbols that are global and not weak.
# _Z is used at start of C++-mangled symbol names.
docker/alpine-3.8/nginx-stable/patches/modpagespeed/stack_trace_posix.patch
+64
View File
@@ -0,0 +1,64 @@
--- a/third_party/chromium/src/base/debug/stack_trace_posix.cc
+++ b/third_party/chromium/src/base/debug/stack_trace_posix.cc
@@ -5,7 +5,9 @@
#include "base/debug/stack_trace.h"
#include <errno.h>
+#if defined(HAVE_BACKTRACE)
#include <execinfo.h>
+#endif
#include <fcntl.h>
#include <signal.h>
#include <stdio.h>
@@ -64,7 +66,7 @@
// Note: code in this function is NOT async-signal safe (std::string uses
// malloc internally).
-#if defined(__GLIBCXX__)
+#if defined(__GLIBCXX__) && defined(HAVE_BACKTRACE)
std::string::size_type search_from = 0;
while (search_from < text->size()) {
@@ -145,7 +147,7 @@
handler->HandleOutput("\n");
}
-#else
+#elif defined(HAVE_BACKTRACE)
bool printed = false;
// Below part is async-signal unsafe (uses malloc), so execute it only
@@ -469,23 +471,31 @@
StackTrace::StackTrace() {
// NOTE: This code MUST be async-signal safe (it's used by in-process
// stack dumping signal handler). NO malloc or stdio is allowed here.
-
+#if defined(HAVE_BACKTRACE)
// Though the backtrace API man page does not list any possible negative
// return values, we take no chance.
count_ = std::max(backtrace(trace_, arraysize(trace_)), 0);
+#else
+ count_ = 0;
+#endif
}
void StackTrace::Print() const {
// NOTE: This code MUST be async-signal safe (it's used by in-process
// stack dumping signal handler). NO malloc or stdio is allowed here.
-
+#if defined(HAVE_BACKTRACE)
PrintBacktraceOutputHandler handler;
ProcessBacktrace(trace_, count_, &handler);
+#endif
}
void StackTrace::OutputToStream(std::ostream* os) const {
+#if !defined(HAVE_BACKTRACE)
+(*os) << "(stack trace not supported)\n";
+#else
StreamBacktraceOutputHandler handler(os);
ProcessBacktrace(trace_, count_, &handler);
+#endif
}
namespace internal {