Skip to content

Commit bb65b6d

Browse files
denjidenji
committed
compatibility fixes
1 parent fb665ea commit bb65b6d

File tree

2 files changed

+30
-34
lines changed

2 files changed

+30
-34
lines changed

mainline/alpine/Dockerfile

+15-18
Original file line numberDiff line numberDiff line change
@@ -49,8 +49,6 @@ RUN GPG_KEYS=D6786CE303D9A9022998DC6CC8464D549AF75C0A \
4949
--with-file-aio \
5050
--with-http_v2_module \
5151
--with-http_v3_module \
52-
--with-cc-opt=-I/usr/src/boringssl/.openssl/include \
53-
--with-ld-opt=-L/usr/src/boringssl/.openssl/lib \
5452
--add-dynamic-module=/usr/src/ngx_headers_more \
5553
--add-dynamic-module=/usr/src/ngx_brotli \
5654
--add-dynamic-module=/usr/src/njs/nginx \
@@ -88,8 +86,8 @@ RUN GPG_KEYS=D6786CE303D9A9022998DC6CC8464D549AF75C0A \
8886
zlib \
8987
zlib-dev \
9088
mercurial \
91-
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
92-
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \
89+
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx-$NGINX_VERSION.tar.gz \
90+
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx-$NGINX_VERSION.tar.gz.asc \
9391
&& export GNUPGHOME="$(mktemp -d)" \
9492
&& found=''; \
9593
for server in \
@@ -102,35 +100,34 @@ RUN GPG_KEYS=D6786CE303D9A9022998DC6CC8464D549AF75C0A \
102100
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
103101
done; \
104102
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
105-
gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
106-
&& rm -rf "$GNUPGHOME" nginx.tar.gz.asc \
103+
gpg --batch --verify nginx-$NGINX_VERSION.tar.gz.asc nginx-$NGINX_VERSION.tar.gz \
107104
&& mkdir -p /usr/src \
108-
\
105+
&& tar -zxC /usr/src -f nginx-$NGINX_VERSION.tar.gz \
106+
&& rm nginx-$NGINX_VERSION.tar.gz \
107+
&& rm -rf "$GNUPGHOME" nginx-$NGINX_VERSION.tar.gz.asc \
109108
&& git clone --depth=1 --recurse-submodules https://github.com/google/ngx_brotli /usr/src/ngx_brotli \
110109
&& git clone --depth=1 https://github.com/openresty/headers-more-nginx-module /usr/src/ngx_headers_more \
111110
&& hg clone http://hg.nginx.org/njs /usr/src/njs \
112-
&& (git clone --depth=1 https://boringssl.googlesource.com/boringssl /usr/src/boringssl \
113-
&& mkdir -p /usr/src/boringssl/build /usr/src/boringssl/.openssl/lib /usr/src/boringssl/.openssl/include \
114-
&& ln -sf /usr/src/boringssl/include/openssl /usr/src/boringssl/.openssl/include/openssl \
115-
&& touch /usr/src/boringssl/.openssl/include/openssl/ssl.h \
116-
&& cmake -B/usr/src/boringssl/build -H/usr/src/boringssl -DCMAKE_BUILD_TYPE=RelWithDebInfo \
111+
&& (git clone https://boringssl.googlesource.com/boringssl /usr/src/boringssl \
112+
&& cd /usr/src/boringssl && git checkout --force --quiet e648990 \
113+
&& (grep -qxF 'SET_TARGET_PROPERTIES(crypto PROPERTIES SOVERSION 1)' /usr/src/boringssl/crypto/CMakeLists.txt || echo -e '\nSET_TARGET_PROPERTIES(crypto PROPERTIES SOVERSION 1)' >> /usr/src/boringssl/crypto/CMakeLists.txt) \
114+
&& (grep -qxF 'SET_TARGET_PROPERTIES(ssl PROPERTIES SOVERSION 1)' /usr/src/boringssl/ssl/CMakeLists.txt || echo -e '\nSET_TARGET_PROPERTIES(ssl PROPERTIES SOVERSION 1)' >> /usr/src/boringssl/ssl/CMakeLists.txt) \
115+
&& mkdir -p /usr/src/boringssl/build \
116+
&& cmake -B/usr/src/boringssl/build -S/usr/src/boringssl -DCMAKE_BUILD_TYPE=RelWithDebInfo \
117117
&& make -C/usr/src/boringssl/build -j$(getconf _NPROCESSORS_ONLN) \
118-
&& cp /usr/src/boringssl/build/crypto/libcrypto.a /usr/src/boringssl/build/ssl/libssl.a /usr/src/boringssl/.openssl/lib) \
119-
\
120-
&& tar -zxC /usr/src -f nginx.tar.gz \
121-
&& rm nginx.tar.gz \
118+
) \
122119
&& cd /usr/src/nginx-$NGINX_VERSION \
123120
&& curl -fSL https://raw.githubusercontent.com/nginx-modules/ngx_http_tls_dyn_size/master/nginx__dynamic_tls_records_1.25.1%2B.patch -o dynamic_tls_records.patch \
124121
&& patch -p1 < dynamic_tls_records.patch \
125-
&& ./configure $CONFIG --with-debug \
122+
&& ./configure $CONFIG --with-debug --with-cc-opt="-I/usr/src/boringssl/include" --with-ld-opt="-L/usr/src/boringssl/build/ssl -L/usr/src/boringssl/build/crypto" \
126123
&& make -j$(getconf _NPROCESSORS_ONLN) \
127124
&& mv objs/nginx objs/nginx-debug \
128125
&& mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \
129126
&& mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \
130127
&& mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \
131128
&& mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \
132129
&& mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \
133-
&& ./configure $CONFIG \
130+
&& ./configure $CONFIG --with-cc-opt="-I/usr/src/boringssl/include" --with-ld-opt="-L/usr/src/boringssl/build/ssl -L/usr/src/boringssl/build/crypto" \
134131
&& make -j$(getconf _NPROCESSORS_ONLN) \
135132
&& make install \
136133
&& rm -rf /etc/nginx/html/ \

stable/alpine/Dockerfile

+15-16
Original file line numberDiff line numberDiff line change
@@ -87,8 +87,8 @@ RUN GPG_KEYS=D6786CE303D9A9022998DC6CC8464D549AF75C0A \
8787
zlib \
8888
zlib-dev \
8989
mercurial \
90-
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
91-
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \
90+
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx-$NGINX_VERSION.tar.gz \
91+
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx-$NGINX_VERSION.tar.gz.asc \
9292
&& export GNUPGHOME="$(mktemp -d)" \
9393
&& found=''; \
9494
for server in \
@@ -101,35 +101,34 @@ RUN GPG_KEYS=D6786CE303D9A9022998DC6CC8464D549AF75C0A \
101101
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
102102
done; \
103103
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
104-
gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
105-
&& rm -rf "$GNUPGHOME" nginx.tar.gz.asc \
104+
gpg --batch --verify nginx-$NGINX_VERSION.tar.gz.asc nginx-$NGINX_VERSION.tar.gz \
106105
&& mkdir -p /usr/src \
107-
\
106+
&& tar -zxC /usr/src -f nginx-$NGINX_VERSION.tar.gz \
107+
&& rm nginx-$NGINX_VERSION.tar.gz \
108+
&& rm -rf "$GNUPGHOME" nginx-$NGINX_VERSION.tar.gz.asc \
108109
&& git clone --depth=1 --recurse-submodules https://github.com/google/ngx_brotli /usr/src/ngx_brotli \
109110
&& git clone --depth=1 https://github.com/openresty/headers-more-nginx-module /usr/src/ngx_headers_more \
110111
&& hg clone http://hg.nginx.org/njs /usr/src/njs \
111-
&& (git clone --depth=1 https://boringssl.googlesource.com/boringssl /usr/src/boringssl \
112-
&& mkdir -p /usr/src/boringssl/build /usr/src/boringssl/.openssl/lib /usr/src/boringssl/.openssl/include \
113-
&& ln -sf /usr/src/boringssl/include/openssl /usr/src/boringssl/.openssl/include/openssl \
114-
&& touch /usr/src/boringssl/.openssl/include/openssl/ssl.h \
115-
&& cmake -B/usr/src/boringssl/build -H/usr/src/boringssl -DCMAKE_BUILD_TYPE=RelWithDebInfo \
112+
&& (git clone https://boringssl.googlesource.com/boringssl /usr/src/boringssl \
113+
&& cd /usr/src/boringssl && git checkout --force --quiet e648990 \
114+
&& (grep -qxF 'SET_TARGET_PROPERTIES(crypto PROPERTIES SOVERSION 1)' /usr/src/boringssl/crypto/CMakeLists.txt || echo -e '\nSET_TARGET_PROPERTIES(crypto PROPERTIES SOVERSION 1)' >> /usr/src/boringssl/crypto/CMakeLists.txt) \
115+
&& (grep -qxF 'SET_TARGET_PROPERTIES(ssl PROPERTIES SOVERSION 1)' /usr/src/boringssl/ssl/CMakeLists.txt || echo -e '\nSET_TARGET_PROPERTIES(ssl PROPERTIES SOVERSION 1)' >> /usr/src/boringssl/ssl/CMakeLists.txt) \
116+
&& mkdir -p /usr/src/boringssl/build \
117+
&& cmake -B/usr/src/boringssl/build -S/usr/src/boringssl -DCMAKE_BUILD_TYPE=RelWithDebInfo \
116118
&& make -C/usr/src/boringssl/build -j$(getconf _NPROCESSORS_ONLN) \
117-
&& cp /usr/src/boringssl/build/crypto/libcrypto.a /usr/src/boringssl/build/ssl/libssl.a /usr/src/boringssl/.openssl/lib/) \
118-
\
119-
&& tar -zxC /usr/src -f nginx.tar.gz \
120-
&& rm nginx.tar.gz \
119+
) \
121120
&& cd /usr/src/nginx-$NGINX_VERSION \
122121
&& curl -fSL https://raw.githubusercontent.com/nginx-modules/ngx_http_tls_dyn_size/0.5/nginx__dynamic_tls_records_1.17.7%2B.patch -o dynamic_tls_records.patch \
123122
&& patch -p1 < dynamic_tls_records.patch \
124-
&& ./configure $CONFIG --with-debug \
123+
&& ./configure $CONFIG --with-debug --with-cc-opt="-I/usr/src/boringssl/include" --with-ld-opt="-L/usr/src/boringssl/build/ssl -L/usr/src/boringssl/build/crypto" \
125124
&& make -j$(getconf _NPROCESSORS_ONLN) \
126125
&& mv objs/nginx objs/nginx-debug \
127126
&& mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \
128127
&& mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \
129128
&& mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \
130129
&& mv objs/ngx_http_perl_module.so objs/ngx_http_perl_module-debug.so \
131130
&& mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \
132-
&& ./configure $CONFIG \
131+
&& ./configure $CONFIG --with-cc-opt="-I/usr/src/boringssl/include" --with-ld-opt="-L/usr/src/boringssl/build/ssl -L/usr/src/boringssl/build/crypto" \
133132
&& make -j$(getconf _NPROCESSORS_ONLN) \
134133
&& make install \
135134
&& rm -rf /etc/nginx/html/ \

0 commit comments

Comments
 (0)