Bumped to nginx 1.15.3 and alpine 3.8

Author: elisiano

Dockerfile

@@ -1,8 +1,8 @@
-FROM alpine:3.4
+FROM alpine:3.8
 
-MAINTAINER Elisiano Petrini "[email protected]"
+LABEL maintainer="Elisiano Petrini <[email protected]>"
 
-ENV NGINX_VERSION 1.11.8
+ENV NGINX_VERSION 1.15.3
 
 RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	&& CONFIG="\
@@ -83,12 +83,22 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	&& apk add --no-cache \
 		yajl \
 		libstdc++ \
-	&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
-	&& curl -fSL http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc \
+	&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
+	&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc \
 	&& export GNUPGHOME="$(mktemp -d)" \
-	&& gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys "$GPG_KEYS" \
-	&& gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
-	&& rm -r "$GNUPGHOME" nginx.tar.gz.asc \
+	&& found=''; \
+	for server in \
+		ha.pool.sks-keyservers.net \
+		hkp://keyserver.ubuntu.com:80 \
+		hkp://p80.pool.sks-keyservers.net:80 \
+		pgp.mit.edu \
+	; do \
+		echo "Fetching GPG key $GPG_KEYS from $server"; \
+		gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
+	done; \
+	test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
+	gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
+	&& rm -rf "$GNUPGHOME" nginx.tar.gz.asc \
 	&& mkdir -p /usr/src \
 	&& tar -zxC /usr/src -f nginx.tar.gz \
 	&& rm nginx.tar.gz \
@@ -167,13 +177,19 @@ RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
 	&& mv /tmp/envsubst /usr/local/bin/ \
 	&& rm -rf /usr/src/ModSecurity /usr/src/ModSecurity-nginx \
 	\
+	# Bring in tzdata so users could set the timezones through the environment
+	# variables
+	&& apk add --no-cache tzdata \
+	\
 	# forward request and error logs to docker log collector
 	&& ln -sf /dev/stdout /var/log/nginx/access.log \
 	&& ln -sf /dev/stderr /var/log/nginx/error.log
 
 COPY nginx.conf /etc/nginx/nginx.conf
 COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf
 
-EXPOSE 80 443
+EXPOSE 80
+
+STOPSIGNAL SIGTERM
 
 CMD ["nginx", "-g", "daemon off;"]

README.md

@@ -1,8 +1,18 @@
 # NGINX with libModSecurity + ModSecurity-nginx connector
-The dockerfile of this container has been copied from the [official nginx repo (alpine variant)](https://raw.githubusercontent.com/nginxinc/docker-nginx/3e8a6ee0603bf6c9cd8846c5fa43e96b13b0f44b/mainline/alpine/Dockerfile)  and has been modified to add [ModSecurity library (v3)](https://github.com/SpiderLabs/ModSecurity/tree/v3/master)  + [ModSecurity nginx connector](https://github.com/SpiderLabs/ModSecurity-nginx).
+
+The dockerfile of this container has been copied from the [official nginx repo (alpine-perl variant)](https://github.com/nginxinc/docker-nginx/blob/1.15.3/mainline/alpine-perl/Dockerfile) and has been modified to add [ModSecurity library (v3)](https://github.com/SpiderLabs/ModSecurity/tree/v3/master) + [ModSecurity nginx connector](https://github.com/SpiderLabs/ModSecurity-nginx).
 
 You can refer to the [official nginx image documentation](https://hub.docker.com/_/nginx/) for instructions on how to use this image.
 
 When you provide your configuration you can enable modsecurity. Please refer to [their wiki](https://github.com/SpiderLabs/ModSecurity/wiki) for documentation.
 
 NOTE: no rules are shipped with this container, if you enable modsecurity you need to provide your own
+
+
+## Extras
+
+If you're curious to know the difference from this dockerfile and the upstream one:
+
+```bash
+diff <(curl -fsL https://github.com/nginxinc/docker-nginx/raw/1.15.3/mainline/alpine-perl/Dockerfile) <(curl -fsL http://github.com/elisiano/docker-nginx-modsecurity/raw/master/Dockerfile)
+```

nginx.vh.default.conf

@@ -3,7 +3,7 @@ server {
     server_name  localhost;
 
     #charset koi8-r;
-    #access_log  /var/log/nginx/log/host.access.log  main;
+    #access_log  /var/log/nginx/host.access.log  main;
 
     modsecurity on;
     location / {