FROM alpine:3.15
RUN set -x && \
    addgroup -g 101 -S nginx && \
    adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx && \
    apk add --no-cache wget && \
    wget -O /etc/apk/keys/nginx_signing.rsa.pub https://cs.nginx.com/static/keys/nginx_signing.rsa.pub && \
    printf "https://minio.momobako.com/nginx-plus/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories && \
    apk add --no-cache \
        nginx-plus \
        nginx-plus-module-auth-spnego \
        nginx-plus-module-brotli \
        nginx-plus-module-encrypted-session \
        nginx-plus-module-fips-check \
        nginx-plus-module-geoip2 \
        nginx-plus-module-geoip \
        nginx-plus-module-headers-more \
        nginx-plus-module-image-filter \
        nginx-plus-module-lua \
        nginx-plus-module-ndk \
        nginx-plus-module-njs \
        nginx-plus-module-opentracing \
        nginx-plus-module-passenger \
        nginx-plus-module-perl \
        nginx-plus-module-prometheus \
        nginx-plus-module-rtmp \
        nginx-plus-module-set-misc \
        nginx-plus-module-subs-filter \
        nginx-plus-module-xslt \
        curl ca-certificates tzdata \
    && \
    ln -sf /dev/stdout /var/log/nginx/access.log && \
    ln -sf /dev/stderr /var/log/nginx/error.log && \
    rm -rf /etc/nginx/sites-enabled/* /etc/nginx/conf.d/default.conf && \
    mkdir /etc/nginx/stream

COPY ./dummy /usr/lib/nginx-plus/check-subscription
COPY ./nginx.conf /etc/nginx/nginx.conf

EXPOSE 80 443
STOPSIGNAL SIGQUIT
CMD ["nginx", "-g", "daemon off;"]
