From 10220641eb6a1dd14f49d919ea53dd3ae0141e5e Mon Sep 17 00:00:00 2001 From: Eric Guan Date: Thu, 19 Oct 2023 19:09:36 -0700 Subject: [PATCH] feat: add jwt nginx modules --- Dockerfile | 39 ++++++++++++++++++++++++++++++++++++-- container/nginx/nginx.conf | 1 + 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index a7899d18..409fc9c6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,6 +12,10 @@ ARG NGX_BROTLI_COMMIT=6e975bcb015f62e1f303054897783355e2a877dc ARG NODEJS_MAJOR_VERSION="18" # https://github.com/filecoin-project/lassie/releases ARG LASSIE_VERSION="v0.19.2" +# https://github.com/max-lt/nginx-jwt-module +ARG NGINX_JWT_VERSION="v3.2.2" +ARG LIBJWT_VERSION=1.15.3 + ############# # nginx build @@ -21,6 +25,8 @@ FROM docker.io/library/debian:bullseye AS build ARG NGINX_VERSION ARG NGX_BROTLI_COMMIT ARG NJS_VERSION +ARG NGINX_JWT_VERSION +ARG LIBJWT_VERSION # Install dependencies RUN apt-get update && apt-get install -y --no-install-recommends --no-install-suggests \ @@ -45,6 +51,17 @@ RUN apt-get update && apt-get install -y --no-install-recommends --no-install-su clang \ && rm -rf /var/lib/apt/lists/* + +# Install jwt dependencies +RUN apt-get update && apt-get install -y --no-install-recommends --no-install-suggests \ + libjansson-dev \ + autoconf \ + automake \ + libtool \ + pkg-config \ + check \ + && rm -rf /var/lib/apt/lists/* + WORKDIR /usr/src RUN echo "Cloning brotli $NGX_BROTLI_COMMIT" \ @@ -64,6 +81,20 @@ RUN echo "Cloning njs $NJS_VERSION" \ && ./configure \ && make +RUN echo "Cloning nginx-jwt-module $NGINX_JWT_VERSION" \ + && git clone --depth 1 --branch $NGINX_JWT_VERSION https://github.com/max-lt/nginx-jwt-module.git + +RUN echo "Installing libjwt $LIBJWT_VERSION" \ + && mkdir libjwt \ + && curl -sL https://github.com/benmcollins/libjwt/archive/v${LIBJWT_VERSION}.tar.gz \ + | tar -zx -C libjwt/ --strip-components=1 \ + && cd libjwt \ + && autoreconf -i \ + && ./configure \ + && make all \ + && make check \ + && make install + ARG CONFIG="--prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --modules-path=/usr/lib/nginx/modules \ @@ -86,7 +117,8 @@ ARG CONFIG="--prefix=/etc/nginx \ --with-http_sub_module \ --with-http_v2_module \ --add-dynamic-module=/usr/src/ngx_brotli \ - --add-dynamic-module=/usr/src/njs/nginx" + --add-dynamic-module=/usr/src/njs/nginx \ + --add-dynamic-module=/usr/src/nginx-jwt-module" RUN echo "Downloading and extracting nginx $NGINX_VERSION" \ && mkdir /usr/src/nginx \ @@ -111,6 +143,9 @@ COPY --from=build /usr/sbin/nginx /usr/sbin/ COPY --from=build /usr/src/nginx/objs/ngx_http_brotli_filter_module.so /usr/lib/nginx/modules/ COPY --from=build /usr/src/nginx/objs/ngx_http_brotli_static_module.so /usr/lib/nginx/modules/ COPY --from=build /usr/src/nginx/objs/ngx_http_js_module.so /usr/lib/nginx/modules/ +COPY --from=build /usr/lib/nginx/modules/ngx_http_auth_jwt_module.so /usr/lib/nginx/modules/ +COPY --from=build /usr/local/lib/libjwt.so /lib + # Prepare RUN apt-get update \ @@ -122,7 +157,7 @@ RUN apt-get update \ # Install dependencies RUN apt-get update \ - && apt-get install --no-install-recommends -y nodejs speedtest logrotate jq \ + && apt-get install --no-install-recommends -y nodejs speedtest logrotate jq libjansson-dev \ && rm -rf /var/lib/apt/lists/* # Download lassie diff --git a/container/nginx/nginx.conf b/container/nginx/nginx.conf index 785624cb..a48dd84f 100644 --- a/container/nginx/nginx.conf +++ b/container/nginx/nginx.conf @@ -1,6 +1,7 @@ load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so; load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so; load_module /usr/lib/nginx/modules/ngx_http_js_module.so; +load_module /usr/lib/nginx/modules/ngx_http_auth_jwt_module.so; user nginx; worker_processes auto;