nginx update

This commit is contained in:
Zimovskii Anatolii 2022-11-13 01:03:43 +03:00
parent b2f7ec6de8
commit c2dbc9dba7
Signed by: stam
GPG Key ID: 9911D9EF664EEE14
30 changed files with 1325 additions and 0 deletions

View File

@ -0,0 +1,2 @@
NGINX_VERSION=1.21.6
NGINX_DOWNLOAD_URL=http://nginx.org/download/nginx-1.21.6.tar.gz

View File

@ -0,0 +1,244 @@
##################################################################
# Set Global ARG to build process
##################################################################
ARG NGINX_VERSION
##################################################################
# Start build process
##################################################################
FROM epicmorg/debian:bullseye-develop AS builder
LABEL maintainer="EpicMorg DevTeam, developer@epicm.org"
ARG DEBIAN_FRONTEND=noninteractive
##################################################################
# ARGuments
##################################################################
ENV BuildDocker true
ARG BUILDS_DIR=/builds
ARG SRC_DIR=${BUILDS_DIR}/src
ARG EXPORT_DIR=${BUILDS_DIR}/export
ARG PRE_DIR=${BUILDS_DIR}/pre
ARG NGINX_SRC_DIR=${SRC_DIR}/nginx
ARG NGINX_VERSION
ARG NGINX_DOWNLOAD_URL
ARG LUAJIT_INC=/usr/local/include/luajit-2.1
ARG LUAJIT_LIB=/usr/local/lib
##################################################################
# Files and folders
##################################################################
RUN mkdir -p ${PRE_DIR} ${NGINX_SRC_DIR} /usr/lib/nginx
ADD pre/luajit2-description-pak ${PRE_DIR}
ADD pre/nginx-description-pak ${PRE_DIR}
ADD pre/ip2location-description-pak ${PRE_DIR}
##################################################################
# IP2Location support for prod nginx module
##################################################################
RUN cd ${SRC_DIR} && \
git clone https://github.com/chrislim2888/IP2Location-C-Library.git ip2 && \
cp -fv ${PRE_DIR}/ip2location-description-pak ${SRC_DIR}/ip2/description-pak && \
cd ${SRC_DIR}/ip2 && \ ls -las && \
autoreconf -i -v --force && \
aclocal && \
automake --gnu --add-missing && \
autoconf && \
autoreconf -i -v --force && \
./configure && \
ls -las && \
make clean && \
make && \
make -C data convert && \
make check && \
ls -las && \
fakeroot checkinstall -D --pakdir=${EXPORT_DIR} --maintainer="EpicMorg, developer@epicm.org" --pkgname=ip2-custom --conflicts=ip2 --install=yes -y && \
ln -s /usr/local/lib/libIP2Location.so /usr/lib/libIP2Location.so && \
ln -s /usr/local/lib/libIP2Location.so.1 /usr/lib/libIP2Location.so.1 && \
ln -s /usr/local/lib/libIP2Location.so.2 /usr/lib/libIP2Location.so.2 && \
ln -s /usr/local/lib/libIP2Location.so /lib/libIP2Location.so && \
ln -s /usr/local/lib/libIP2Location.so.1 /lib/libIP2Location.so.1 && \
ln -s /usr/local/lib/libIP2Location.so.2 /lib/libIP2Location.so.2 && \
dpkg --force-all -i ${EXPORT_DIR}/*.deb
##################################################################
# luaJIT 2 support for prod nginx module
##################################################################
RUN cd ${SRC_DIR} && \
git clone https://github.com/openresty/luajit2.git luajit2 && \
cp -fv ${PRE_DIR}/luajit2-description-pak ${SRC_DIR}/luajit2/description-pak && \
cd ${SRC_DIR}/luajit2 && \
make && \
make install && \
fakeroot checkinstall -D --pakdir=${EXPORT_DIR} --maintainer="EpicMorg, developer@epicm.org" --pkgname=luajit2-custom --conflicts=luajit2 --install=no -y
##################################################################
# nginx preparing
##################################################################
RUN wget -qO - ${NGINX_DOWNLOAD_URL} | tar -zxv --strip-components=1 -C ${NGINX_SRC_DIR} && \
cd ${NGINX_SRC_DIR} && \
git clone https://github.com/openresty/headers-more-nginx-module.git http-headers-more-filter && \
git clone https://github.com/sto/ngx_http_auth_pam_module.git http-auth-pam && \
git clone https://github.com/arut/nginx-dav-ext-module.git http-dav-ext && \
git clone https://github.com/openresty/echo-nginx-module.git http-echo && \
git clone https://github.com/aperezdc/ngx-fancyindex.git http-fancyindex && \
git clone https://github.com/slact/nchan.git nchan && \
git clone https://github.com/masterzen/nginx-upload-progress-module.git http-uploadprogress && \
git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module http-subs-filter && \
git clone https://github.com/grahamedgecombe/nginx-ct.git ssl-ct && \
git clone https://github.com/stnoonan/spnego-http-auth-nginx-module.git spnego-http-auth-nginx-module && \
git clone https://github.com/leev/ngx_http_geoip2_module http-geoip2 && \
git clone https://github.com/flavioribeiro/nginx-audio-track-for-hls-module.git nginx-audio-track-for-hls-module && \
git clone https://github.com/chrislim2888/ip2location-nginx.git ip2location-nginx && \
git clone https://github.com/kaltura/nginx-vod-module.git nginx-vod-module && \
git clone https://github.com/vozlt/nginx-module-vts.git nginx-module-vts && \
git clone https://github.com/evanmiller/mod_zip.git mod-zip && \
git clone https://github.com/alibaba/nginx-http-user-agent.git nginx-http-user-agent && \
git clone https://github.com/youzee/nginx-unzip-module.git nginx-unzip-module && \
git clone https://github.com/vladbondarenko/ngx_webp.git ngx-webp && \
git clone https://github.com/openresty/xss-nginx-module.git xss-nginx-module && \
git clone https://github.com/openresty/set-misc-nginx-module.git set-misc-nginx-module && \
git clone https://github.com/arut/nginx-rtmp-module.git rtmp && \
git clone https://github.com/kvspb/nginx-auth-ldap.git http-auth-ldap && \
git clone https://github.com/simplresty/ngx_devel_kit.git http-ndk && \
git clone https://github.com/chrislim2888/IP2Location-C-Library.git ip2location-c-7.0.0 && \
git clone https://github.com/itoffshore/nginx-upstream-fair.git http-upstream-fair && \
git clone https://github.com/yaoweibin/nginx_upstream_check_module.git nginx-upstream-check-module && \
git clone https://github.com/openresty/lua-nginx-module http-lua
##################################################################
# nginx compilling
##################################################################
RUN cd ${NGINX_SRC_DIR} && \
./configure \
--sbin-path=/usr/sbin/nginx \
--prefix=/usr/share/nginx \
--conf-path=/etc/nginx/nginx.conf \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--modules-path=/usr/lib/nginx/modules \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-scgi-temp-path=/var/lib/nginx/scgi \
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
--with-cc-opt='-I/usr/local/include/luajit-2.1 -g -O2 -lz -fstack-protector-strong -Wformat -Wno-error=date-time -Wno-error=implicit-fallthrough= -Wno-error=cast-function-type -Wno-error=format-security -Wno-error=implicit-function-declaration -Wno-error=deprecated-declarations -Wno-error=unused-result -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' \
--with-ld-opt='-Wl,-z,relro -Wl,-z,now -lz -fPIC -L/usr/local/lib' \
--with-file-aio \
--with-compat \
--with-debug \
--with-threads \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-http_addition_module \
--with-http_flv_module \
--with-http_geoip_module=dynamic \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_image_filter_module=dynamic \
--with-http_mp4_module \
--with-http_perl_module=dynamic \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_sub_module \
--with-http_xslt_module=dynamic \
--with-mail=dynamic \
--with-mail_ssl_module \
--with-stream=dynamic \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--add-dynamic-module=http-headers-more-filter \
--add-dynamic-module=http-auth-pam \
--add-dynamic-module=http-dav-ext \
--add-dynamic-module=http-ndk \
--add-dynamic-module=http-echo \
--add-dynamic-module=http-fancyindex \
--add-dynamic-module=nchan \
--add-dynamic-module=http-uploadprogress \
--add-dynamic-module=http-subs-filter \
--add-dynamic-module=ssl-ct \
--add-dynamic-module=http-geoip2 \
--add-dynamic-module=spnego-http-auth-nginx-module \
--add-dynamic-module=http-auth-ldap \
# --add-dynamic-module=nginx-audio-track-for-hls-module \
--add-dynamic-module=ip2location-nginx \
--add-dynamic-module=nginx-vod-module \
# --add-dynamic-module=nginx-module-vts \
--add-dynamic-module=mod-zip \
--add-dynamic-module=nginx-http-user-agent \
--add-dynamic-module=nginx-unzip-module \
--add-dynamic-module=ngx-webp \
--add-dynamic-module=set-misc-nginx-module \
--add-dynamic-module=rtmp \
--add-dynamic-module=http-upstream-fair \
--add-dynamic-module=nginx-upstream-check-module \
--add-dynamic-module=http-lua && \
cp -fv ${PRE_DIR}/nginx-description-pak ${NGINX_SRC_DIR}/description-pak && \
fakeroot checkinstall -D --pakdir=/builds/export --maintainer="EpicMorg, developer@epicm.org" --pkgname=nginx-custom --install=no -y && \
apt clean -y && \
apt autoclean -y && \
rm -rfv /var/lib/apt/lists/* && \
rm -rfv /var/cache/apt/archives/*.deb
##################################################################
##################################################################
##################################################################
FROM epicmorg/debian:bullseye
LABEL maintainer="EpicMorg DevTeam, developer@epicm.org"
ARG DEBIAN_FRONTEND=noninteractive
##################################################################
# LDAP Fix
##################################################################
RUN echo "TLS_REQCERT never" >> /etc/ldap/ldap.conf
##################################################################
# Installing nginx from deb
##################################################################
ADD pre/ngninx.pre.tar.gz /
COPY --from=builder /builds/export /tmp/deb
RUN apt-get update && \
apt-get install -y --allow-unauthenticated \
geoip-database \
geoip-bin \
libgeoip1 \
libmaxminddb0 \
libgd3 \
libxslt1.1 && \
dpkg --force-all -i /tmp/deb/*.deb && \
ln -s /usr/local/lib/libIP2Location.so /usr/lib/libIP2Location.so && \
ln -s /usr/local/lib/libIP2Location.so.1 /usr/lib/libIP2Location.so.1 && \
ln -s /usr/local/lib/libIP2Location.so.2 /usr/lib/libIP2Location.so.2 && \
ln -s /usr/local/lib/libIP2Location.so.3 /usr/lib/libIP2Location.so.3 && \
ln -s /usr/local/lib/libIP2Location.so.4 /usr/lib/libIP2Location.so.4 && \
ln -s /usr/local/lib/libIP2Location.so.5 /usr/lib/libIP2Location.so.5 && \
ln -s /usr/local/lib/libIP2Location.so /lib/libIP2Location.so && \
ln -s /usr/local/lib/libIP2Location.so.1 /lib/libIP2Location.so.1 && \
ln -s /usr/local/lib/libIP2Location.so.2 /lib/libIP2Location.so.2 && \
ln -s /usr/local/lib/libIP2Location.so.3 /lib/libIP2Location.so.3 && \
ln -s /usr/local/lib/libIP2Location.so.4 /lib/libIP2Location.so.4 && \
ln -s /usr/local/lib/libIP2Location.so.5 /lib/libIP2Location.so.5 && \
ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log && \
ln -sf /etc/ssl/dhparam.pem /etc/nginx/dhparam.pem && \
apt clean -y && \
apt autoclean -y && \
rm -rf /var/lib/apt/lists/* && \
rm -rf /var/cache/apt/archives/*.deb && \
rm -rf /tmp/deb/* && \
rm -rf /builds/* && \
rm -rf /valve/*
#Final config
VOLUME ["/var/cache/nginx"]
EXPOSE 80 443
CMD ["nginx", "-g", "daemon off;"]

View File

@ -0,0 +1,19 @@
all: app
app:
make build
make deploy
make clean
build:
docker-compose build --compress --parallel --progress plain
deploy:
docker-compose push
clean:
docker container prune -f
docker image prune -f
docker network prune -f
docker volume prune -f
docker system prune -af

View File

@ -0,0 +1,30 @@
# Compose example
```yml
version: '3.7'
services:
balancer:
image: epicmorg/balancer
restart: unless-stopped
ports:
- "0.0.0.0:80:80"
- "0.0.0.0:443:443"
volumes:
- /etc/localtime:/etc/localtime
- /etc/timezone:/etc/timezone
- /etc/letsencrypt:/etc/letsencrypt
- nginx:/etc/nginx
- nginx-usr:/usr/share/nginx/html
- /var/lib/nginx
# extra_hosts:
# - "example.com:192.168.0.11"
depends_on:
- websites
tmpfs:
- /tmp
volumes:
nginx:
external: true
nginx-usr:
external: true
```

View File

@ -0,0 +1,9 @@
version: '3.9'
services:
app:
image: "epicmorg/nginx:${NGINX_VERSION}"
build:
context: .
args:
NGINX_VERSION: ${NGINX_VERSION}
NGINX_DOWNLOAD_URL: ${NGINX_DOWNLOAD_URL}

View File

@ -0,0 +1 @@
Custom build of ip2location lib by EpicMorg.

View File

@ -0,0 +1 @@
Custom build of luajit2 for Nginx module, by EpicMorg.

View File

@ -0,0 +1 @@
Custom build of Nginx with some modules by EpicMorg.

View File

@ -0,0 +1,2 @@
NGINX_VERSION=1.21.6
NGINX_DOWNLOAD_URL=http://nginx.org/download/nginx-1.21.6.tar.gz

View File

@ -0,0 +1,257 @@
##################################################################
# Set Global ARG to build process
##################################################################
ARG NGINX_VERSION
##################################################################
# Start build process
##################################################################
FROM epicmorg/debian:bullseye-develop AS builder
LABEL maintainer="EpicMorg DevTeam, developer@epicm.org"
ARG DEBIAN_FRONTEND=noninteractive
##################################################################
# ARGuments
##################################################################
ENV BuildDocker true
ARG BUILDS_DIR=/builds
ARG SRC_DIR=${BUILDS_DIR}/src
ARG EXPORT_DIR=${BUILDS_DIR}/export
ARG P4API_DIR=${SRC_DIR}/p4api
ARG P4PHP_DIR=${SRC_DIR}/p4php
ARG MAKE_DIR=${SRC_DIR}/p4php-7.4
ARG P4API_VER=r20.1
ARG P4API_URL=http://filehost.perforce.com/perforce/${P4API_VER}/bin.linux26x86_64/p4api.tgz
ARG P4PHP_VER=r20.1
ARG P4PHP_URL=http://filehost.perforce.com/perforce/${P4PHP_VER}/bin.tools/p4php-php7.tgz
ARG PHP_MODULE_PATH=/usr/lib/php/20190902
##################################################################
# Files and folders
##################################################################
RUN mkdir -p ${BUILDS_DIR} ${SRC_DIR} ${EXPORT_DIR} ${MAKE_DIR} ${P4API_DIR} ${P4PHP_DIR}
##################################################################
# Installing PHP7
##################################################################
#installing php repo
#Install base packages
RUN apt-get update && \
apt-get install -y --allow-unauthenticated \
libmemcached-dev \
smbclient libsmbclient libsmbclient-dev \
php7.4 \
php7.4-dev \
php7.4-fpm \
php7.4-cli \
php7.4-cgi
##################################################################
# preparing p4src
##################################################################
RUN wget -qO - ${P4API_URL} | tar -zxv --strip-components=1 -C ${P4API_DIR} && \
wget -qO - ${P4API_URL} | tar -zxv --strip-components=1 -C ${MAKE_DIR} && \
wget -qO - ${P4PHP_URL} | tar -zxv --strip-components=1 -C ${P4PHP_DIR} && \
wget -qO - ${P4PHP_URL} | tar -zxv --strip-components=1 -C ${MAKE_DIR} && \
cd ${P4API_DIR} && \
ls -las && \
cd ${P4PHP_DIR} && \
ls -las && \
cd ${MAKE_DIR} && \
ls -las && \
cd ${SRC_DIR} && \
ls -las
##################################################################
# compilling p4src
##################################################################
RUN cd ${MAKE_DIR} && \
ls -las && \
phpize && \
./configure --with-perforce=${P4API_DIR} && \
make && \
make test && \
make install && \
cp ${PHP_MODULE_PATH}/perforce.so ${EXPORT_DIR}
##################################################################
# compilling smbclient
##################################################################
RUN pecl install smbclient && \
cp ${PHP_MODULE_PATH}/smbclient.so ${EXPORT_DIR}
##################################################################
##################################################################
##################################################################
FROM epicmorg/nginx:${NGINX_VERSION}
LABEL maintainer="EpicMorg DevTeam, developer@epicm.org"
ARG DEBIAN_FRONTEND=noninteractive
##################################################################
# Installing php fpm for nginx from deb
##################################################################
ARG PHP_MODULE_PATH=/usr/lib/php/20190902
ARG PHP_VER=7.4
ARG PHP_DIR=/etc/php/${PHP_VER}
ARG P4_PHP_INI=${PHP_DIR}/mods-available/perfroce.ini
ARG SMB_PHP_INI=${PHP_DIR}/mods-available/smbclient.ini
##################################################################
# Installing PHP7
##################################################################
#Install base packages
RUN apt-get update && \
apt-get install -y --allow-unauthenticated \
php7.4 \
php7.4-dev \
php7.4-fpm \
php7.4-cli \
php7.4-cgi \
php-pear \
php7.4-gmp \
php7.4-snmp \
php7.4-ldap \
php7.4-mail \
php7.4-soap \
php7.4-mysql \
php7.4-memcached \
php7.4-memcache \
php7.4-igbinary \
php7.4-interbase \
php7.4-curl \
php7.4-gd \
php7.4-intl \
php7.4-zip \
php7.4-bcmath \
php7.4-imap \
php7.4-pspell \
php7.4-sqlite3 \
php7.4-tidy \
php7.4-xmlrpc \
php7.4-xml \
php7.4-mbstring \
php7.4-apcu \
php7.4-common \
php7.4-json \
php7.4-readline \
php7.4-enchant \
php7.4-ssh2 \
php7.4-oauth \
php7.4-gmagick \
php7.4-gnupg \
php7.4-redis \
smbclient libsmbclient \
# php-smbclient \
php7.4-yaml \
php7.4-geoip \
sendmail && \
update-alternatives --set php /usr/bin/php7.4 && \
phpenmod \
snmp \
gmp \
calendar \
ldap \
curl \
exif \
ftp \
fileinfo \
gd \
geoip \
gnupg \
iconv \
imap \
json \
mbstring \
memcached \
mysqli \
mysqlnd \
oauth \
pdo_mysql \
pdo_sqlite \
phar \
posix \
readline \
redis \
simplexml \
sockets \
sqlite3 \
ssh2 \
tokenizer \
xml \
xmlreader \
xmlrpc \
xmlwriter \
xsl \
yaml && \
ln -sf /etc/ssl/dhparam.pem /etc/php/dhparam.pem && \
php -v
##################################################################
# Installing IOnCube addon
##################################################################
ADD https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz /tmp/ioncube.tar.gz
RUN tar -C /tmp -xvf /tmp/ioncube.tar.gz && \
cp /tmp/ioncube/ioncube_loader_lin_7.4.so ${PHP_MODULE_PATH} && \
# echo "zend_extension = ${PHP_MODULE_PATH}/ioncube_loader_lin_7.4.so" >> ${PHP_DIR}/apache2/php.ini && \
echo "zend_extension = ${PHP_MODULE_PATH}/ioncube_loader_lin_7.4.so" >> ${PHP_DIR}/cgi/php.ini && \
echo "zend_extension = ${PHP_MODULE_PATH}/ioncube_loader_lin_7.4.so" >> ${PHP_DIR}/cli/php.ini && \
echo "zend_extension = ${PHP_MODULE_PATH}/ioncube_loader_lin_7.4.so" >> ${PHP_DIR}/fpm/php.ini && \
php -m && \
php -v
##################################################################
# Installing P4 addon
##################################################################
COPY --from=builder /builds/export/perforce.so ${PHP_MODULE_PATH}
RUN echo "extension=perforce.so" > ${P4_PHP_INI} && \
ln -sf ${P4_PHP_INI} ${PHP_DIR}/cgi/conf.d/perforce.ini && \
ln -sf ${P4_PHP_INI} ${PHP_DIR}/cli/conf.d/perforce.ini && \
ln -sf ${P4_PHP_INI} ${PHP_DIR}/fpm/conf.d/perforce.ini && \
php -m && \
php -v
##################################################################
# Installing smbclient addon
##################################################################
COPY --from=builder /builds/export/smbclient.so ${PHP_MODULE_PATH}
RUN echo "extension=smbclient.so" > ${SMB_PHP_INI} && \
ln -sf ${SMB_PHP_INI} ${PHP_DIR}/cgi/conf.d/smbclient.ini && \
ln -sf ${SMB_PHP_INI} ${PHP_DIR}/cli/conf.d/smbclient.ini && \
ln -sf ${SMB_PHP_INI} ${PHP_DIR}/fpm/conf.d/smbclient.ini && \
php -m && \
php -v
##################################################################
# Installing Composer addon
##################################################################
RUN cd /tmp && \
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" && \
php composer-setup.php --install-dir=/usr/local/bin --filename=composer && \
rm /tmp/composer-setup.php
##################################################################
# cleaninig up
##################################################################
RUN apt clean -y && \
apt autoclean -y && \
rm -rfv /var/lib/apt/lists/* && \
rm -rfv /var/cache/apt/archives/*.deb && \
rm -rfv /tmp/deb/* && \
rm -rfv /tmp/ioncube/* && \
rm -rfv /tmp/composer-setup.php && \
rm -rfv /tmp/ioncube.tar.gz
#Final config
VOLUME ["/var/cache/nginx"]
EXPOSE 80 443
CMD ["nginx", "-g", "daemon off;"]

View File

@ -0,0 +1,19 @@
all: app
app:
make build
make deploy
make clean
build:
docker-compose build --compress --parallel --progress plain
deploy:
docker-compose push
clean:
docker container prune -f
docker image prune -f
docker network prune -f
docker volume prune -f
docker system prune -af

View File

@ -0,0 +1,30 @@
# Compose example
```yml
version: '3.7'
services:
balancer:
image: epicmorg/balancer
restart: unless-stopped
ports:
- "0.0.0.0:80:80"
- "0.0.0.0:443:443"
volumes:
- /etc/localtime:/etc/localtime
- /etc/timezone:/etc/timezone
- /etc/letsencrypt:/etc/letsencrypt
- nginx:/etc/nginx
- nginx-usr:/usr/share/nginx/html
- /var/lib/nginx
# extra_hosts:
# - "example.com:192.168.0.11"
depends_on:
- websites
tmpfs:
- /tmp
volumes:
nginx:
external: true
nginx-usr:
external: true
```

View File

@ -0,0 +1,9 @@
version: '3.9'
services:
app:
image: "epicmorg/nginx:${NGINX_VERSION}-php"
build:
context: .
args:
NGINX_VERSION: ${NGINX_VERSION}
NGINX_DOWNLOAD_URL: ${NGINX_DOWNLOAD_URL}

View File

@ -0,0 +1,2 @@
NGINX_VERSION=1.21.6
NGINX_DOWNLOAD_URL=http://nginx.org/download/nginx-1.21.6.tar.gz

View File

@ -0,0 +1,127 @@
##################################################################
# Set Global ARG to build process
##################################################################
ARG NGINX_VERSION
##################################################################
# Start build process
##################################################################
FROM epicmorg/nginx:${NGINX_VERSION}
LABEL maintainer="EpicMorg DevTeam, developer@epicm.org"
ARG DEBIAN_FRONTEND=noninteractive
ARG NGINX_RTMP_MODULE_VERSION=1.2.1
##################################################################
# Clear sources.list.d
##################################################################
RUN rm -rfv /etc/apt/sources.list.d/*
##################################################################
# sid sources list
##################################################################
RUN rm -rfv /etc/apt/sources.list
COPY sources.list.d/sources.sid.list /etc/apt/sources.list
RUN apt update
##################################################################
# installing utils
##################################################################
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \
apt-get update && \
apt-get install -y --allow-unauthenticated \
libpcre3-dev \
librtmp1 \
libtheora0 \
libvorbis-dev \
libmp3lame0 \
libx264-dev \
libx265-dev
##################################################################
# stretch sources list + libvpx
##################################################################
RUN rm -rfv /etc/apt/sources.list
COPY sources.list.d/sources.stretch.list /etc/apt/sources.list
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \
apt-get update && \
apt-get install -y --allow-unauthenticated \
libvpx4
##################################################################
# buster sources list + libvpx
##################################################################
RUN rm -rfv /etc/apt/sources.list
COPY sources.list.d/sources.buster.list /etc/apt/sources.list
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \
apt-get update && \
apt-get install -y --allow-unauthenticated \
libvpx5
##################################################################
# sid sources list + libvpx
##################################################################
RUN rm -rfv /etc/apt/sources.list
COPY sources.list.d/sources.sid.list /etc/apt/sources.list
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \
apt-get update && \
apt-get install -y --allow-unauthenticated \
libvpx6
##################################################################
# installing deps for rtmp module
##################################################################
RUN mkdir -p /usr/share/nginx/html \
/mnt/hls \
/mnt/dash \
/tmp/build && \
chown -R www-data:www-data /mnt/hls && \
chown -R www-data:www-data /mnt/dash && \
chmod -R 755 /mnt/hls && \
chmod -R 755 /mnt/dash && \
cd /tmp/build && \
wget https://github.com/arut/nginx-rtmp-module/archive/v${NGINX_RTMP_MODULE_VERSION}.tar.gz && \
tar -zxf v${NGINX_RTMP_MODULE_VERSION}.tar.gz && \
rm v${NGINX_RTMP_MODULE_VERSION}.tar.gz && \
cp /tmp/build/nginx-rtmp-module-${NGINX_RTMP_MODULE_VERSION}/stat.xsl /usr/share/nginx/html/stat.xsl && \
rm -rf /tmp/build
##################################################################
# Forward logs to Docker
##################################################################
RUN ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log
##################################################################
# Copy nginx config file to container
##################################################################
RUN rm -rfv /etc/nginx/nginx.conf \
/etc/nginx/sites-avalible/default
COPY conf/nginx.conf /etc/nginx/nginx.conf
##################################################################
# Copy html players to container
##################################################################
COPY players /usr/share/nginx/html/players
##################################################################
# cleaninig up
##################################################################
RUN apt clean -y && \
apt autoclean -y && \
rm -rfv /var/lib/apt/lists/* && \
rm -rfv /var/cache/apt/archives/*.deb
EXPOSE 1935
EXPOSE 8080
CMD ["nginx", "-g", "daemon off;"]

View File

@ -0,0 +1,19 @@
all: app
app:
make build
make deploy
make clean
build:
docker-compose build --compress --parallel --progress plain
deploy:
docker-compose push
clean:
docker container prune -f
docker image prune -f
docker network prune -f
docker volume prune -f
docker system prune -af

View File

@ -0,0 +1,78 @@
# RTMP-HLS Docker
**BASED ON** [TareqAlqutami/rtmp-hls-server](https://github.com/TareqAlqutami/rtmp-hls-server)
**Docker image for video streaming server that supports RTMP, HLS, and DASH streams.**
## Description
This Docker image can be used to create a video streaming server that supports [**RTMP**](https://en.wikipedia.org/wiki/Real-Time_Messaging_Protocol), [**HLS**](https://en.wikipedia.org/wiki/HTTP_Live_Streaming), [**DASH**](https://en.wikipedia.org/wiki/Dynamic_Adaptive_Streaming_over_HTTP) out of the box.
It also allows adaptive streaming and custom transcoding of video streams.
All modules are built from source on Debian and Alpine Linux base images.
## Features
* The backend is [**Nginx**](http://nginx.org/en/) with [**nginx-rtmp-module**](https://github.com/arut/nginx-rtmp-module).
* [**FFmpeg**](https://www.ffmpeg.org/) for transcoding and adaptive streaming.
* Default settings:
* RTMP is ON
* HLS is ON (adaptive, 5 variants)
* DASH is ON
* Other Nginx configuration files are also provided to allow for RTMP-only streams or no-FFmpeg transcoding.
* Statistic page of RTMP streams at `http://<server ip>:<server port>/stats`.
* Available web video players (based on [video.js](https://videojs.com/) and [hls.js](https://github.com/video-dev/hls.js/)) at `/usr/share/nginx/html/players`.
## Usage
### To run the server
```
docker run -d -p 1935:1935 -p 8080:8080 epicmorg/balancer:rtmp-hls
```
To run with custom conf file:
```
docker run -d -p 1935:1935 -p 8080:8080 -v custom.conf:/etc/nginx/nginx.conf epicmorg/balancer:rtmp-hls
```
where `custom.conf` is the new conf file for Nginx.
### To stream to the server
* **Stream live RTMP content to:**
```
rtmp://<server ip>:1935/live/<stream_key>
```
where `<stream_key>` is any stream key you specify.
* **Configure [OBS](https://obsproject.com/) to stream content:** <br />
Go to Settings > Stream, choose the following settings:
* Service: Custom Streaming Server.
* Server: `rtmp://<server ip>:1935/live`.
* Stream key: anything you want, however provided video players assume stream key is `test`
### To view the stream
* **Using [VLC](https://www.videolan.org/vlc/index.html):**
* Go to Media > Open Network Stream.
* Enter the streaming URL: `rtmp://<server ip>:1935/live/<stream-key>`
Replace `<server ip>` with the IP of where the server is running, and
`<stream-key>` with the stream key you used when setting up the stream.
* For HLS and DASH, the URLs are of the forms:
`http://<server ip>:8080/hls/<stream-key>.m3u8` and
`http://<server ip>:8080/dash/<stream-key>_src.mpd` respectively.
* Click Play.
* **Using provided web players:** <br/>
The provided demo players assume the stream-key is called `test` and the player is opened in localhost.
* To play RTMP content (requires Flash): `http://localhost:8080/players/rtmp.html`
* To play HLS content: `http://localhost:8080/players/hls.html`
* To play HLS content using hls.js library: `http://localhost:8080/players/hls_hlsjs.html`
* To play DASH content: `http://localhost:8080/players/dash.html`
* To play RTMP and HLS contents on the same page: `http://localhost:8080/players/rtmp_hls.html`
**Notes:**
* These web players are hardcoded to play stream key "test" at localhost.
* To change the stream source for these players. Download the html files and modify the `src` attribute in the video tag in the html file. You can then mount the modified files to the container as follows:
```
docker run -d -p 1935:1935 -p 8080:8080 -v custom_players:/usr/share/nginx/html/players epicmorg/balancer:rtmp-hls
```
where `custom_players` is the directory holding the modified html files.

View File

@ -0,0 +1,134 @@
load_module "/usr/lib/nginx/modules/ngx_rtmp_module.so";
worker_processes auto;
#error_log logs/error.log;
events {
worker_connections 1024;
}
# RTMP configuration
rtmp {
server {
listen 1935; # Listen on standard RTMP port
chunk_size 4000;
# ping 30s;
# notify_method get;
# This application is to accept incoming stream
application live {
live on; # Allows live input
# for each received stream, transcode for adaptive streaming
# This single ffmpeg command takes the input and transforms
# the source into 4 different streams with different bitrates
# and qualities. # these settings respect the aspect ratio.
exec_push /usr/bin/ffmpeg -i rtmp://localhost:1935/$app/$name -async 1 -vsync -1
-c:v libx264 -c:a aac -b:v 256k -b:a 64k -vf "scale=480:trunc(ow/a/2)*2" -tune zerolatency -preset superfast -crf 23 -f flv rtmp://localhost:1935/show/$name_low
-c:v libx264 -c:a aac -b:v 768k -b:a 128k -vf "scale=720:trunc(ow/a/2)*2" -tune zerolatency -preset superfast -crf 23 -f flv rtmp://localhost:1935/show/$name_mid
-c:v libx264 -c:a aac -b:v 1024k -b:a 128k -vf "scale=960:trunc(ow/a/2)*2" -tune zerolatency -preset superfast -crf 23 -f flv rtmp://localhost:1935/show/$name_high
-c:v libx264 -c:a aac -b:v 1920k -b:a 128k -vf "scale=1280:trunc(ow/a/2)*2" -tune zerolatency -preset superfast -crf 23 -f flv rtmp://localhost:1935/show/$name_hd720
-c copy -f flv rtmp://localhost:1935/show/$name_src;
}
# This is the HLS application
application show {
live on; # Allows live input from above application
deny play all; # disable consuming the stream from nginx as rtmp
hls on; # Enable HTTP Live Streaming
hls_fragment 3;
hls_playlist_length 20;
hls_path /mnt/hls/; # hls fragments path
# Instruct clients to adjust resolution according to bandwidth
hls_variant _src BANDWIDTH=4096000; # Source bitrate, source resolution
hls_variant _hd720 BANDWIDTH=2048000; # High bitrate, HD 720p resolution
hls_variant _high BANDWIDTH=1152000; # High bitrate, higher-than-SD resolution
hls_variant _mid BANDWIDTH=448000; # Medium bitrate, SD resolution
hls_variant _low BANDWIDTH=288000; # Low bitrate, sub-SD resolution
# MPEG-DASH
dash on;
dash_path /mnt/dash/; # dash fragments path
dash_fragment 3;
dash_playlist_length 20;
}
}
}
http {
include /etc/nginx/sites-enabled/*.conf;
sendfile off;
tcp_nopush on;
directio 512;
# aio on;
# HTTP server required to serve the player and HLS fragments
server {
listen 8080;
# Serve HLS fragments
location /hls {
types {
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
root /mnt;
add_header Cache-Control no-cache; # Disable cache
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
# allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
# Serve DASH fragments
location /dash {
types {
application/dash+xml mpd;
video/mp4 mp4;
}
root /mnt;
add_header Cache-Control no-cache; # Disable cache
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
# Allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
# This URL provides RTMP statistics in XML
location /stat {
rtmp_stat all;
rtmp_stat_stylesheet stat.xsl; # Use stat.xsl stylesheet
}
location /stat.xsl {
# XML stylesheet to view RTMP stats.
root /usr/share/nginx/html;
}
}
}

View File

@ -0,0 +1,118 @@
load_module "/usr/lib/nginx/modules/ngx_rtmp_module.so";
worker_processes auto;
#error_log logs/error.log;
events {
worker_connections 1024;
}
# RTMP configuration
rtmp {
server {
listen 1935; # Listen on standard RTMP port
chunk_size 4000;
# ping 30s;
# notify_method get;
# This application is to accept incoming stream
application live {
live on; # Allows live input
push rtmp://localhost:1935/show;
}
# This is the HLS application
application show {
live on; # Allows live input from above application
deny play all; # disable consuming the stream from nginx as rtmp
hls on; # Enable HTTP Live Streaming
hls_fragment 3;
hls_playlist_length 10;
hls_path /mnt/hls/; # hls fragments path
# MPEG-DASH
dash on;
dash_path /mnt/dash/; # dash fragments path
dash_fragment 3;
dash_playlist_length 10;
}
}
}
http {
include /etc/nginx/sites-enabled/*.conf;
sendfile off;
tcp_nopush on;
directio 512;
# aio on;
# HTTP server required to serve the player and HLS fragments
server {
listen 8080;
# Serve HLS fragments
location /hls {
types {
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
root /mnt;
add_header Cache-Control no-cache; # Disable cache
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
# allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
# Serve DASH fragments
location /dash {
types {
application/dash+xml mpd;
video/mp4 mp4;
}
root /mnt;
add_header Cache-Control no-cache; # Disable cache
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
# Allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
# This URL provides RTMP statistics in XML
location /stat {
rtmp_stat all;
rtmp_stat_stylesheet stat.xsl; # Use stat.xsl stylesheet
}
location /stat.xsl {
# XML stylesheet to view RTMP stats.
root /usr/share/nginx/html;
}
}
}

View File

@ -0,0 +1,16 @@
load_module "/usr/lib/nginx/modules/ngx_rtmp_module.so";
worker_processes auto;
rtmp_auto_push on;
events {}
rtmp {
server {
listen 1935;
listen [::]:1935;
application live {
live on;
record off;
}
}
}

View File

@ -0,0 +1,9 @@
version: '3.9'
services:
app:
image: "epicmorg/nginx:${NGINX_VERSION}-rtmp-hls"
build:
context: .
args:
NGINX_VERSION: ${NGINX_VERSION}
NGINX_DOWNLOAD_URL: ${NGINX_DOWNLOAD_URL}

View File

@ -0,0 +1,23 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>DASH Live Streaming</title>
<link href="https://vjs.zencdn.net/7.5.5/video-js.css" rel="stylesheet">
<script src="https://vjs.zencdn.net/7.5.5/video.js"></script>
</head>
<body>
<h1>DASH Player</h1>
<video id="player" class="video-js vjs-default-skin" width="720" controls preload="auto">
<source src="/dash/test_src.mpd" type="application/dash+xml" />
</video>
<script>
var player = videojs('#player');
</script>
<div id="footer">
<font size="2"> Tareq-Alqutami - 2019</font>
</div>
</body>
</html>

View File

@ -0,0 +1,23 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>HLS Live Streaming</title>
<link href="https://vjs.zencdn.net/7.5.5/video-js.css" rel="stylesheet">
<script src="https://vjs.zencdn.net/7.5.5/video.js"></script>
</head>
<body>
<h1>HLS Player</h1>
<video id="player" class="video-js vjs-default-skin" width="720" controls preload="auto">
<source src="/hls/test.m3u8" type="application/x-mpegURL" />
</video>
<script>
var player = videojs('#player');
</script>
<div id="footer">
<font size="2"> Tareq-Alqutami - 2019</font>
</div>
</body>
</html>

View File

@ -0,0 +1,41 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>HLS streaming</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
<script src="https://code.jquery.com/jquery-3.4.1.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/hls.js@latest"></script>
</head>
<body>
<h1>HLS Player (using hls.js)</h1>
<div class="well">
<div class="embed-responsive embed-responsive-16by9">
<video id="video" style="max-height: 50%" class="embed-responsive-item video-js vjs-default-skin" controls muted="muted"></video>
</div>
</div>
<script>
if(Hls.isSupported()) {
var video = document.getElementById('video');
var hls = new Hls();
hls.loadSource('/hls/test.m3u8');
hls.attachMedia(video);
hls.on(Hls.Events.MANIFEST_PARSED,function() {
video.play();
});
}
</script>
<div id="footer">
<font size="2">Tareq-Alqutami - 2019</font>
</div>
</body>
</html>

View File

@ -0,0 +1,24 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>RTMP Live Streaming</title>
<title>Live Streaming</title>
<link href="https://unpkg.com/video.js/dist/video-js.css" rel="stylesheet">
<script src="https://unpkg.com/video.js/dist/video.js"></script>
<script src="https://unpkg.com/videojs-flash/dist/videojs-flash.min.js"></script>
<script src="https://unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js"></script>
</head>
<body>
<h1>RTMP Player</h1>
<video id="my_video_1" class="video-js vjs-default-skin" controls preload="auto" width="720"
data-setup='{"techOrder": ["html5","flash"]}'>
<source src="rtmp://127.0.0.1:1935/live/test" type="rtmp/mp4">
</video>
<div id="footer">
<font size="2">Tareq Alqutami - 2019</font>
</div>
</body>
</html>

View File

@ -0,0 +1,30 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Live Streaming</title>
<link href="https://unpkg.com/video.js/dist/video-js.css" rel="stylesheet">
<script src="https://unpkg.com/video.js/dist/video.js"></script>
<script src="https://unpkg.com/videojs-flash/dist/videojs-flash.min.js"></script>
<script src="https://unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js"></script>
</head>
<body>
<h1>RTMP Player</h1>
<video id="rtmp_video" class="video-js vjs-default-skin" controls preload="auto" width="720"
data-setup='{"techOrder": ["html5","flash"]}'>
<source src="rtmp://127.0.0.1:1935/live/test" type="rtmp/mp4">
</video>
<h1>HLS Player</h1>
<video id="hls_video" class="video-js vjs-default-skin" controls preload="auto" width="720"
data-setup='{"techOrder": ["html5","flash"]}'>
<source src="http://127.0.0.1:8080/hls/test.m3u8" type="application/x-mpegURL">
</video>
<div id="footer">
<font size="2">Tareq Alqutami - 2019</font>
</div>
</body>
</html>

View File

@ -0,0 +1,19 @@
#main
deb http://httpredir.debian.org/debian/ buster main contrib non-free
deb-src http://httpredir.debian.org/debian/ buster main contrib non-free
deb http://httpredir.debian.org/debian/ buster-updates main contrib non-free
deb-src http://httpredir.debian.org/debian/ buster-updates main contrib non-free
deb http://httpredir.debian.org/debian/ buster-backports main contrib non-free
deb-src http://httpredir.debian.org/debian/ buster-backports main contrib non-free
deb http://httpredir.debian.org/debian/ buster-proposed-updates main contrib non-free
deb-src http://httpredir.debian.org/debian/ buster-proposed-updates main contrib non-free
#security
deb http://httpredir.debian.org/debian-security/ buster/updates main contrib non-free
deb-src http://httpredir.debian.org/debian-security/ buster/updates main contrib non-free
##multimedia
#deb http://httpredir.debian.org/debian-multimedia/ buster main non-free
#deb-src http://httpredir.debian.org/debian-multimedia/ buster main non-free
#deb http://httpredir.debian.org/debian-multimedia/ buster-backports main
#deb-src http://httpredir.debian.org/debian-multimedia/ buster-backports main

View File

@ -0,0 +1,19 @@
#main
deb http://httpredir.debian.org/debian/ sid main contrib non-free
deb-src http://httpredir.debian.org/debian/ sid main contrib non-free
deb http://httpredir.debian.org/debian/ testing-updates main contrib non-free
deb-src http://httpredir.debian.org/debian/ testing-updates main contrib non-free
deb http://httpredir.debian.org/debian/ testing-proposed-updates main contrib non-free
deb-src http://httpredir.debian.org/debian/ testing-proposed-updates main contrib non-free
#backports
#deb http://httpredir.debian.org/debian/ testing-backports main contrib non-free
#deb-src http://httpredir.debian.org/debian/ testing-backports main contrib non-free
#security
deb http://httpredir.debian.org/debian-security/ testing-security main contrib non-free
deb-src http://httpredir.debian.org/debian-security/ testing-security main contrib non-free
##multimedia
#deb http://httpredir.debian.org/debian-multimedia/ sid main non-free
#deb-src http://httpredir.debian.org/debian-multimedia/ sid main non-free

View File

@ -0,0 +1,19 @@
#main
deb http://httpredir.debian.org/debian/ stretch main contrib non-free
deb-src http://httpredir.debian.org/debian/ stretch main contrib non-free
deb http://httpredir.debian.org/debian/ stretch-updates main contrib non-free
deb-src http://httpredir.debian.org/debian/ stretch-updates main contrib non-free
deb http://httpredir.debian.org/debian/ stretch-backports main contrib non-free
deb-src http://httpredir.debian.org/debian/ stretch-backports main contrib non-free
deb http://httpredir.debian.org/debian/ stretch-proposed-updates main contrib non-free
deb-src http://httpredir.debian.org/debian/ stretch-proposed-updates main contrib non-free
#security
deb http://httpredir.debian.org/debian-security/ stretch/updates main contrib non-free
deb-src http://httpredir.debian.org/debian-security/ stretch/updates main contrib non-free
##multimedia
#deb http://httpredir.debian.org/debian-multimedia/ stretch main non-free
#deb-src http://httpredir.debian.org/debian-multimedia/ stretch main non-free
#deb http://httpredir.debian.org/debian-multimedia/ stretch-backports main
#deb-src http://httpredir.debian.org/debian-multimedia/ stretch-backports main