-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
executable file
·159 lines (139 loc) · 4.57 KB
/
Dockerfile
File metadata and controls
executable file
·159 lines (139 loc) · 4.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
ARG SQUID_VERSION=5.5
FROM alpine as squid
ARG SQUID_VERSION
ENV SQUID_FINGERPRINT=CD6DBF8EF3B17D3E
RUN apk update && apk add --no-cache gnupg curl
RUN curl -OL http://www.squid-cache.org/Versions/v${SQUID_VERSION:0:1}/squid-${SQUID_VERSION}.tar.gz
RUN curl -OL http://www.squid-cache.org/Versions/v${SQUID_VERSION:0:1}/squid-${SQUID_VERSION}.tar.gz.asc
RUN gpg --no-tty --keyserver hkps://keyserver.ubuntu.com:443 --recv-keys ${SQUID_FINGERPRINT}
RUN gpg --verify squid-${SQUID_VERSION}.tar.gz.asc
RUN tar xf squid-${SQUID_VERSION}.tar.gz
###
###
###
FROM debian:buster-slim as ecap_libs
ENV DEBIAN_FRONTEND=noninteractive
RUN apt update && apt install -y --no-install-recommends \
build-essential \
ca-certificates \
git \
libecap3-dev \
libexiv2-dev \
libpodofo-dev \
libtag1-dev \
libtagc0-dev \
libtool \
libzip-dev \
pkg-config
RUN git clone --depth 1 https://github.com/yvoinov/squid-ecap-gzip.git
RUN (cd squid-ecap-gzip; sh ./configure ; make -j $(getconf _NPROCESSORS_ONLN); make install-strip )
RUN git clone --branch 0.5.4 --depth 1 https://github.com/yvoinov/squid-ecap-exif.git
RUN (cd squid-ecap-exif; sh ./bootstrap.sh ; sh ./configure ; make -j $(getconf _NPROCESSORS_ONLN); make install-strip )
###
###
###
FROM debian:buster-slim as deps
RUN echo "deb-src http://deb.debian.org/debian buster main" >> /etc/apt/sources.list
RUN apt update && apt-get build-dep -y squid
RUN apt install -y libssl-dev m4
###
###
###
FROM deps as builder
ENV DEBIAN_FRONTEND=noninteractive
ARG SQUID_VERSION
ENV DEBIAN_FRONTEND=noninteractive
ENV SQUID_CACHE_DIR=/var/spool/squid
ENV SQUID_LOG_DIR=/var/log/squid
ENV SQUID_USER=proxy
ENV SQUID_ERROR_LANG=English
ENV SQUID_PREFIX=/usr/local/squid
COPY --from=squid squid-${SQUID_VERSION} squid-${SQUID_VERSION}
WORKDIR squid-${SQUID_VERSION}
RUN ./configure \
'PKG_CONFIG_PATH=/usr/local/lib/pkgconfig' \
--datadir=/usr/share/squid \
--disable-arch-native \
--disable-auth-basic \
--disable-auth-digest \
--disable-auth-negotiate \
--disable-auth-ntlm \
--disable-external-acl-helpers \
--enable-async-io \
--enable-cache-digests \
--enable-delay-pools \
--enable-dependency-tracking \
--enable-ecap \
--enable-err-language=${SQUID_ERROR_LANG} \
--enable-esi \
--enable-eui \
--enable-follow-x-forwarded-for \
--enable-forw-via-db \
--enable-htpc \
--enable-icap-client \
--enable-icmp \
--enable-inline \
--enable-linux-netfilter \
--enable-openssl \
--enable-referer-log \
--enable-removal-policies="lru,heap" \
--enable-security-cert-validators="fake" \
--enable-silent-rules \
--enable-ssl-crtd \
--enable-storeid-rewrite-helpers="file" \
--enable-storeio="ufs,aufs,diskd,rock" \
--enable-url-rewrite-helpers="fake" \
--enable-useragent-log \
--enable-zph-qos \
--libexecdir=/usr/lib/squid \
--prefix=${SQUID_PREFIX} \
--sysconfdir=/etc/squid \
--with-default-user=${SQUID_USER} \
--with-large-files \
--with-logdir=${SQUID_LOG_DIR} \
--with-openssl \
--with-pidfile=/var/run/squid.pid \
--with-swapdir=${SQUID_CACHE_DIR} \
--without-gnugss \
--without-heimdal-krb5 \
--without-mit-krb5 \
--without-systemd
RUN make -j $(getconf _NPROCESSORS_ONLN)
RUN make install-strip
###
###
###
FROM debian:buster-slim as debian_main
LABEL org.opencontainers.image.source="https://github.com/goonnowgit/squid-container-fun"
ENV DEBIAN_FRONTEND=noninteractive
ENV SQUID_CACHE_DIR=/var/spool/squid
ENV SQUID_LOG_DIR=/var/log/squid
ENV SQUID_USER=proxy
ENV SQUID_ERROR_LANG=English
ENV SQUID_PREFIX=/usr/local/squid
COPY --from=builder /usr/lib/squid /usr/lib/squid
COPY --from=builder /usr/share/squid /usr/share/squid
COPY --from=builder /usr/local/squid /usr/local/squid
COPY --from=ecap_libs /usr/local/lib /usr/local/lib
COPY entrypoint.sh /sbin/entrypoint.sh
RUN apt update && apt install -y --no-install-recommends \
ca-certificates \
exiv2 \
expat \
libecap3 \
libltdl7 \
libnetfilter-conntrack3 \
libnfnetlink0 \
libpodofo0.9.6 \
libstdc++6 \
libtag1v5 \
libtagc0 \
libxml2 \
libzip4 \
libcap2 \
&& rm -rf /var/lib/apt/lists/* \
&& chown -R ${SQUID_USER}:${SQUID_USER} /usr/local/lib /usr/lib/squid /usr/share/squid /usr/local/squid \
&& chmod 0550 /sbin/entrypoint.sh \
&& chown ${SQUID_USER}:${SQUID_USER} /sbin/entrypoint.sh
EXPOSE 3128/tcp
ENTRYPOINT ["/sbin/entrypoint.sh"]