diff --git a/Makefile b/Makefile index 78304e0..dd1457b 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,7 @@ RESET = "\e[0m" COMPOSE = ./srcs/docker-compose.yml IMAGES = test \ -# nginx + nginx HOME_D = $(shell echo $(HOME)) @@ -49,7 +49,7 @@ build: sudo docker-compose -f $(COMPOSE) build up: $(VOLUMES_D) - sudo docker-compose -f $(COMPOSE) up + sudo docker-compose -f $(COMPOSE) up -d # list images, containers, volumes list: @@ -73,8 +73,12 @@ stop: rm-containers: stop - sudo docker rm $(CONTAINERS) +# close nginx +close-nginx: + - sudo nginx -s quit + # remove project images and containers -clean: rm-images stop rm-containers +clean: stop rm-containers close-nginx # remove project volumes rm-volumes: @@ -82,7 +86,7 @@ rm-volumes: /bin/rm -rf $(VOLUMES_D) # remove project -fclean: clean rm-volumes +fclean: rm-images clean rm-volumes # remove all containers and related files that are not runnings prune: @@ -97,7 +101,5 @@ fprune: re: fclean all -rre: ffclean all - -.PHONY : all build up $(VOLUMES_D) list rm-images stop rm-containers clean rm-volumes fclean prune fprune re rre +.PHONY : all build up $(VOLUMES_D) list rm-images stop rm-containers close-nginx clean rm-volumes fclean prune fprune re diff --git a/README.md b/README.md index 9d464e6..75a436d 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,12 @@ # inception -This README would normally document whatever steps are necessary to get your application up and running. +--- +## git next commit + ++ in makefile added -d to up in detach ++ in makefile added close-nginx ++ in makefile changed clean doesnt rm-images --- ## questions @@ -24,12 +29,24 @@ This README would normally document whatever steps are necessary to get your app - `sudo docker stop $(sudo docker ps -q)` stop all runnings containers --- -## Dockerfile basics +## Docker basics - the container posess its own filesystem - we need to copy the files it uses inside this filesystem - we can do that with COPY +**build and run a docker image** +- `sudo docker build --tag .` +- `sudo docker run ` +- `sudo docker images` to list docker images +- `sudo docker image rm ` +- `sudo docker ps` to list docker processes +- `sudo docker ps rm ` + +**execute a docker-compose file** +- `sudo docker-compose up` +- or `sudo docker-compose -f ./path up` to specify a path + --- ## ressources @@ -42,6 +59,7 @@ This README would normally document whatever steps are necessary to get your app - [docker image from scratch](https://codeburst.io/docker-from-scratch-2a84552470c8) - [build context and image context](https://stackoverflow.com/questions/55108649/what-is-app-working-directory-for-a-dockerfile/55109065#55109065) - [nginx begginer guide](https://hub.docker.com/_/nginx/) +- [nginx all directives for conf file](https://nginx.org/en/docs/dirindex.html) #### docker pid 1 @@ -81,17 +99,6 @@ This README would normally document whatever steps are necessary to get your app - notice the 'v' below, before the version name (docker doc has it wong) - `sudo curl -L "https://github.com/docker/compose/releases/download/v2.10.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose` - `sudo chmod +x /usr/local/bin/docker-compose` -**build and run a docker image** -- be in directory with a Dockerfile -- `sudo docker build --tag .` -- `sudo docker run ` -- `sudo docker images` to list docker images -- `sudo docker image rm ` -- `sudo docker ps` to list docker processes -- `sudo docker ps rm ` -**execute a docker-compose file** -- be in directory with a docker-compose.yml file -- `sudo docker-compose up` #### volumes vs bind mounts diff --git a/srcs/docker-compose.yml b/srcs/docker-compose.yml index 1ba411e..31af7c5 100644 --- a/srcs/docker-compose.yml +++ b/srcs/docker-compose.yml @@ -8,13 +8,26 @@ version: "3.8" services: + +#--------------------------------- + test: build: context: ./requirements/test dockerfile: Dockerfile image: test container_name: mytest -# test: -# build: -# context: ./requirements/test -# dockerfile: Dockerfile + +#--------------------------------- + + nginx: + ports: + - "80:80" + build: + context: ./requirements/nginx + dockerfile: Dockerfile + image: nginx + container_name: mynginx + +#--------------------------------- + diff --git a/srcs/requirements/nginx/Dockerfile b/srcs/requirements/nginx/Dockerfile index b8101ce..f9235ca 100644 --- a/srcs/requirements/nginx/Dockerfile +++ b/srcs/requirements/nginx/Dockerfile @@ -4,8 +4,14 @@ RUN apt update && apt install -y nginx COPY ./conf/nginx.conf /etc/nginx/ COPY ./conf/inception_nginx.conf /etc/nginx/conf.d/ + +# for test COPY ./conf/index.html /data/www/ COPY ./conf/salade.jpeg /data/images/ CMD [ "nginx", "-g", "daemon off;" ] + +# -g 'daemon off' : +# daemon off, to avoid the main process of nginx to quit after creating its childs, and therefore make docker exit +# https://stackoverflow.com/questions/18861300/how-to-run-nginx-within-a-docker-container-without-halting diff --git a/srcs/requirements/nginx/conf/inception_nginx.conf b/srcs/requirements/nginx/conf/inception_nginx.conf index 6dee8d9..13048fc 100644 --- a/srcs/requirements/nginx/conf/inception_nginx.conf +++ b/srcs/requirements/nginx/conf/inception_nginx.conf @@ -1,4 +1,8 @@ server { + # http uses port 80, and https uses port 443 + listen 443 ssl; # for ipv4. + listen [::]:443 ssl; # for ipv6. + server_name localhost; location / { root /data/www; diff --git a/srcs/requirements/nginx/conf/nginx.conf b/srcs/requirements/nginx/conf/nginx.conf index b21ef82..dfe39df 100644 --- a/srcs/requirements/nginx/conf/nginx.conf +++ b/srcs/requirements/nginx/conf/nginx.conf @@ -1,50 +1,52 @@ -user www-data; -worker_processes auto; -pid /run/nginx.pid; -include /etc/nginx/modules-enabled/*.conf; + # doc : https://nginx.org/en/docs/dirindex.html -events { - worker_connections 768; +user www-data; # process owner name, can be anything +worker_processes auto; # a worker is a process that handles incoming requests, auto to automatically adjust the number of processes available +pid /run/nginx.pid; # defines a file that will store the process id of the main process +include /etc/nginx/modules-enabled/*.conf; # include a file + +events { # section for connection processing directives + worker_connections 768; # max number of connection that can be opened by a worker process # multi_accept on; } -http { +http { # section for http server directives ## # Basic Settings ## - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; + sendfile on; # enable the use of linux sendfil() function, that transfer data directly betzeen fd, so withour copying to intermediate memory buffer, it increases performances in most cases (https://stackoverflow.com/questions/58066785/always-use-sendfile-with-nginx-on-linux) + tcp_nopush on; # enables the socket option TCP_CORK/TCP_NOPUSH, that allows to send packets filled with more datas (https://baus.net/on-tcp_cork/) + tcp_nodelay on; # opposit of TCP_CORK, TCP_NODELAY says the application to send datas as soon as it receives it, both options are exclusives but can work together in modern kernel (https://stackoverflow.com/questions/3761276/when-should-i-use-tcp-nodelay-and-when-tcp-cork) + keepalive_timeout 65; # in seconds, defines time before closing a connexion without activity + types_hash_max_size 2048; # maximum size for the list that stores duplicates of the hash table, size of the hash table is chosen accordingly (https://nginx.org/en/docs/hash.html, hash table : https://www.youtube.com/watch?v=KyUTuwz_b7Q) # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; - include /etc/nginx/mime.types; - default_type application/octet-stream; + include /etc/nginx/mime.types; # include a file + default_type application/octet-stream; # defines the default MIME type (default is text/plain) ## # SSL Settings ## - ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE - ssl_prefer_server_ciphers on; + ssl_protocols TLSv1.2; # Dropping SSLv3, ref: POODLE # enables the specified protocols. The TLSv1.1 and TLSv1.2 parameters works only when OpenSSL 1.0.1 or higher is used, and the TLSv1.3 only when OpenSSL 1.1.1 or higher is used + ssl_prefer_server_ciphers on; # Specifies that server ciphers should be preferred over client ciphers when using the SSLv3 and TLS protocols (a cipher is "an algorithm for performing encryption or decryption, a series of [...] steps that can be followed as a procedure" https://en.wikipedia.org/wiki/Cipher_suite) ## # Logging Settings ## - access_log /var/log/nginx/access.log; - error_log /var/log/nginx/error.log; + access_log /var/log/nginx/access.log; # defines where to write the access logs. if gzip is used, the log will be buffered + error_log /var/log/nginx/error.log; # defines where to write the error logs. if gzip is used, the log will be buffered ## # Gzip Settings ## - gzip on; + gzip on; # enable gzipping of responses. gzip is an algorithm that compress the data # gzip_vary on; # gzip_proxied any; @@ -57,8 +59,8 @@ http { # Virtual Host Configs ## - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; + include /etc/nginx/conf.d/*.conf; # include the *.conf files found in conf.d folder. do the same as "sites-enabled" with another approach : you put your .conf files for the site inside this folder, and if you want to disable a config file you just rename it to no have a .conf suffix + # include /etc/nginx/sites-enabled/*; # include all the (symlink) files found in sites-enabled folder. do the same as "conf.d" with another approach : you put all your configurations files into a "/etc/nginx/sites-available/" folder, and you put symlinks of a selection of thoses files that you want to use for the site, into "/etc/nginx/sites-enabled/" folder (bad practice : https://serverfault.com/questions/527630/difference-in-sites-available-vs-sites-enabled-vs-conf-d-directories-nginx#answer-870709) } diff --git a/srcs/requirements/test/Dockerfile b/srcs/requirements/test/Dockerfile index 070a86e..178357b 100644 --- a/srcs/requirements/test/Dockerfile +++ b/srcs/requirements/test/Dockerfile @@ -1,4 +1,3 @@ - # find official images : https://hub.docker.com/search #FROM ubuntu:18.04 #FROM alpine:3.16.1