'''
$ docker pull nginx:latest
$ docker run -d --name nginx nginx:latest
$ docker cp nginx:/usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 .
$ strings libssl.so.1.0.0 |grep '^OpenSSL'
OpenSSLDie
OpenSSL 1.0.1e 11 Feb 2013
'''

OpenSSL needs to be updated to at least 1.0.1g.

FYI I reported this on the nginx trax by accident:
http://trac.nginx.org/nginx/ticket/703
but now I see from the Docker Hub page that it should be reported here:

Hi,

I'd like to know the reasoning behind /etc/nginx being a volume.

It causes problem when trying to ADD custom Nginx configurations to the container (i.e. it makes it impossible, unless you ADD the configuration snippets to a different location, then override CMD to copy the snippets to /etc/nginx and then run the real command, which is "ouch").

I would of course be very open about suggestions to do things differently to inject custom Nginx configuration.

Thanks!

An issue has come up over at nginx-proxy/nginx-proxy#216 regarding overriding the log_format for the main access_log defined in nginx.conf.

In nginx-proxy/nginx-proxy#62, I added a log_format and an access_log directive in order to get the server name for the requested virtual host in the logs. I didn't notice it at the time, but it turns out that this created duplicate access log lines on STDOUT.

I'm suspecting that the problem is that the access_log in nginx.conf is writing to the /var/log/nginx/access.log symlink while the one I added to nginx-proxy's generated default.conf file refers to /proc/self/fd/1.

My question here is: what is the recommended way to override the log_format for the main log defined in nginx.conf? Another customization that @jgallen23 expressed a need for was the ability to change the access_log to a JSON-style output using a custom log_format.

Really sorry to post this as an issue, I think I just misunderstood something ^^

In the documentation I can read

docker run --name some-nginx -v /some/nginx.conf:/etc/nginx/nginx.conf:ro -d nginx

I tried this but when I browse the container, I am still seeing the default nginx page instead of my content.

Am i wrong or the documentation is outdated?

Thanks for your help,

I would like to know the reasoning on why /var/cache/nginx is a volume.

As an administrator of docker-nginx is this a folder I should archive by default?

Why there is no 1.8.x tag available?

FROM nginx:latest
RUN mkdir /etc/nginx/{sites-available,sites-enabled}

The above Dockerfile doesn't create either directory. Is this a permission issue?

Logs are no longer being piped to stdout and stderr, this has been happening since at least 1.8.0. I suspect it maybe has something to do with this line in the changelog, but I'm not using the --read-only flag.

Make /proc, /sys, & /dev readonly for readonly containers

In the logs, and anything else that uses $remote_addr, why do I [mostly] always see the IP address of the docker0 interface instead of the client's remote IP?

The strange thing is that when Google's web crawler hits my server, or the hackers from China take their shot, I see their remote IP with no problems. But every other hit to the website gives me 172.17.42.1 as the client's address. This IP is the default private address for the docker0 interface. That is, the default gateway for every docker container.

It would be nice with an nginx:alpine variant:

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               alpine              adfc4335a989        15 seconds ago      6.245 MB
nginx               latest              fb7fe53bd952        2 weeks ago         133.8 MB

The image above uses the distro provided nginx package:

FROM alpine:3.3

MAINTAINER NGINX Docker Maintainers "[email protected]"

ENV NGINX_VERSION 1.8.0

RUN apk add --no-cache nginx

# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
    && ln -sf /dev/stderr /var/log/nginx/error.log

EXPOSE 80 443

CMD ["nginx", "-g", "daemon off;"]

I can probably help with either building an official nginx repository for alpine and use that as base for a docker image, or I can help you with building it from sources if you can point me to where I can find the compile options used for deb http://nginx.org/packages/mainline/debian/ jessie nginx

With the chosen option for the CMD entry, I'm facing an issue when "inheriting" from this image and add an ENTRYPOINT. The error encountered is the following:

nginx: invalid option: "off;"

Is there anything I'm missing so it would work?

A solution may be to do like the old official images and add daemon off; in the /etc/nginx/nginx.conf file so the CMD should simply be ["nginx"].
If so, I'd be more than happy to open a PR 😄

Whatever I do, my docker ports do not get exposed to the host machine on Windows.

To me it looks as if it is not an nginx issue, but a general Docker problem.
But perhaps you are able to find the problem most quickly?

Have a look at this issue here:
moby/moby#15740

Thanks!

Few "RUN" entries is bad way for creating normal image. I suggest to rewrite Dockerfile as described here https://docs.docker.com/articles/dockerfile_best-practices/. It permits to avoid any garbage layers. Like that:

MAINTAINER NGINX Docker Maintainers "[email protected]"

ENV NGINX_VERSION 1.7.8-1~wheezy

RUN apt-key adv --keyserver pgp.mit.edu --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 \
    && echo "deb http://nginx.org/packages/mainline/debian/ wheezy nginx" >> /etc/apt/sources.list \
    && apt-get update && apt-get install -y nginx=${NGINX_VERSION} \
    && rm -rf /var/lib/apt/lists/\* \
    && ln -sf /dev/stdout /var/log/nginx/access.log \
    && ln -sf /dev/stderr /var/log/nginx/error.log

VOLUME ["/var/cache/nginx"]

EXPOSE 80 443

CMD ["nginx", "-g", "daemon off;"]```

My host is OS X El Captain version 10.11.1

Docker version 1.9.0.

When I run the following command:

docker run --name mynginx1 -P -d nginx

And I attempt to connect to the port listed in docker ps -a with

curl -v http://localhost:32791

I get:

• Rebuilt URL to: http://localhost:32791/
• Trying ::1...
• connect to ::1 port 32791 failed: Connection refused
• Trying 127.0.0.1...
• connect to 127.0.0.1 port 32791 failed: Connection refused
• Failed to connect to localhost port 32791: Connection refused
• Closing connection 0
  curl: (7) Failed to connect to localhost port 32791: Connection refused

If I connect to the docker container with docker exec -it mynginx1 bash and run nginx I get the following output:

2015/11/14 17:29:52 [emerg] 12#12: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2015/11/14 17:29:52 [emerg] 12#12: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2015/11/14 17:29:52 [emerg] 12#12: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2015/11/14 17:29:52 [emerg] 12#12: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2015/11/14 17:29:52 [emerg] 12#12: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2015/11/14 17:29:52 [emerg] 12#12: still could not bind()
nginx: [emerg] still could not bind()

I am trying to install the echo nginx module (https://github.com/openresty/echo-nginx-module). I have the following steps:

FROM nginx:1.9.7
MAINTAINER Zachary <[email protected]>

ADD https://github.com/openresty/echo-nginx-module/archive/v0.58.tar.gz /nginx-modules/

# install Make and the nginx module
RUN tar -xzvf /nginx-modules/v0.58.tar.gz \
    && ./configure --prefix=/etc/nginx --add-module=/nginx-modules/echo-nginx-module-0.58 \
    && make -j2 \
    && make install \
    && rm /etc/nginx/conf.d/default.conf

I get the error /bin/sh: 1: ./configure: not found when I do this.

Please see distribution/distribution#655 for details, but the use of bcrypt with htpasswd results in the following errors:

nginx_1    | 2015/06/22 09:00:25 [crit] 5#5: *2 crypt_r() failed (22: Invalid argument)

Hunting this down shows this is dependent on the version of gcc shipped with debian. An inspection of ubuntu's crypt manpage shows it has support, although this is untested.

Either the base image needs to updated to support the modern password hashing scheme or libc needs to be recompiled for the base image.

I will likely be moving to 1.7.x but for now I'm still entrenched in 1.6 and was hoping you'd support a 1.6 branch.

First try with "docker run --name ngx1 -d nginx". Container is up and running but get "curl: (7) Failed to connect to localhost port 80: Connection refused". No logs from the container.
To debug,

1. Launched bash on the container. The nginx master and worker processes were running. index.html was at the right place "/usr/share/nginx/html"
2. Kill and remove all containers and images. Launched it again, no difference.
3. Killed the container and then launched nginx on host working fine.

What could went wrong?

Logs are pumped to stdout and stderr, which go to the docker log for the nginx container.
If the container runs a long time this log can be huge, and docker has no way of pruning the log.

What is the general practice for handing of the logs in a docker env?

• One can override error_log and access_log in nginx.conf and put them in another folder, but that has then top be pruned. Or create an image based on nginx and make the log directory a mountable volume.
• or send logs to syslog --log-driver=syslog

(Hmm, a circular mountable access logs of the last XX requests that does not need pruning would be nice ..)

So my question is where there is a consensus about this, or perhaps I missed something obvious?

thanks in advance.

I thought the 'Debian' style nginx configuration was to use sites-available and sites-config

The nginx.conf included in this (debian-based) image contains

include /etc/nginx/conf.d/*.conf;

and not

include /etc/nginx/sites-available/*;

as I anticipated. This could result in problems for a lot of people.

Some people (inc. me) would like to use other compatible libraries than OpenSSL (e.g. "Amazon s2n":https://github.com/awslabs/s2n) for https. How to configure this package to install things like this?

After the update to 1.9.7, when I try an fresh build of nginx docker container, I get:
E: Version '1.9.7-1~jessie' for 'nginx' was not found

The command is:

ENV NGINX_VERSION 1.9.7~jessie
RUN apt-get update && \
    apt-get install -y ca-certificates nginx=${NGINX_VERSION} && \
    rm -rf /var/lib/apt/lists/*

The same happened when updating to 1.9.6 and took a couple of days before I could apt-get . Is there any specific reason why I can't install the ca-certificates for that nginx version straight away?

The upcoming docker 1.9 release will add support for defining the default stop signal sent by docker stop:

1. At run time through the --stop-signal option added to docker run
2. At build time through the STOP keyword in the Dockerfile syntax.

Prior to this addition, alternative signals had to be sent using docker kill -s with the desired signal. (I feel this information should be added to the docker hub documentation for the official nginx images) considering nginx expects SIGQUIT for graceful shut down while docker stop sends SIGTERM by default (causing a fast shutdown by default and not a gracefull shutdown).

As detailed in the nginx documentation here:

We found a weird behaviour after changing a file which is mounted as volume.
If you connect to the container via bash and print out the changed file it's okay, but opening the file via http (browser or curl) shows still the old content. It has to do with the volume, because it's working with other files.

You can reproduce it:

git clone https://github.com/timaschew/loadbalancer
cd loadbalancer
docker build -t actano/haproxy .
docker-compose up

• open http://192.168.99.100:81/indexA.html
• change the file indexA.html and then refresh the browser (you see the old content)
• docker exec -it /bin/bash serverA and then cat /usr/share/nginx/html/indexA.html
• WTF!

env setup
Virtualbox 5.0.4 + docker-machine + OSX 10.10

Was released 24th of Februari

Currently this repo has no tag. The publish process should enforce tagging.

Per https://hub.docker.com/_/nginx/ I have no clue what 1.9.9 is nor how it differs from latest HEAD.
Which SHA from https://github.com/nginxinc/docker-nginx/commits/master was used to publish nginx:1.9.9 ?

Hi,

Can you please add Module ngx_http_gzip_static_module to this image?

Thank you :-) !

I seem to not be able to find any information about this on the internet and that nginx-extras seems to be a debian/ubuntu only package. But I would like to know if there is somewhere, it is possible to get a docker image of nginx, with all modules included or will we simply have to start maintaining our own docker image inhouse?

Any possibility of providing an image with lua support? I've got a Dockerfile if interested.

I'm on a Mint host:

`Linux xxxx 3.19.0-18-generic #18~14.04.1-Ubuntu SMP Wed May 20 09:38:33 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux``

I placed the content provided here into Dockerfile & ran 'docker build .' in the same dir. The build fails when the nginx package tries to adduser - see output below.

Any suggestions??

Sending build context to Docker daemon 3.072 kB
Sending build context to Docker daemon 
Step 0 : FROM debian:jessie
 ---> 9a61b6b1315e
Step 1 : MAINTAINER NGINX Docker Maintainers "[email protected]"
 ---> Running in 394095f976d9
 ---> 27594f224a65
Removing intermediate container 394095f976d9
Step 2 : RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
 ---> Running in 94d5566568b1
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.YYIZFlvFTj --no-auto-check-trustdb --trust-model always --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
gpg: requesting key 7BD9BF62 from hkp server pgp.mit.edu
gpg: key 7BD9BF62: public key "nginx signing key <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
 ---> 7169ca42e4d6
Removing intermediate container 94d5566568b1
Step 3 : RUN echo "deb http://nginx.org/packages/mainline/debian/ jessie nginx" >> /etc/apt/sources.list
 ---> Running in 999bd68ff086
 ---> affd8376b9bc
Removing intermediate container 999bd68ff086
Step 4 : ENV NGINX_VERSION 1.9.3-1~jessie
 ---> Running in 40ea7f3658d0
 ---> eea2c22afd38
Removing intermediate container 40ea7f3658d0
Step 5 : RUN apt-get update &&    apt-get install -y ca-certificates nginx=${NGINX_VERSION} &&    rm -rf /var/lib/apt/lists/*
 ---> Running in d2dc9f42330f
Get:1 http://security.debian.org jessie/updates InRelease [63.1 kB]
Ign http://nginx.org jessie InRelease
Get:2 http://httpredir.debian.org jessie InRelease [134 kB]
Get:3 http://httpredir.debian.org jessie-updates InRelease [123 kB]
Get:4 http://nginx.org jessie Release.gpg [287 B]
Get:5 http://security.debian.org jessie/updates/main amd64 Packages [165 kB]
Get:6 http://httpredir.debian.org jessie/main amd64 Packages [9038 kB]
Get:7 http://nginx.org jessie Release [2307 B]
Get:8 http://nginx.org jessie/nginx amd64 Packages [827 B]
Get:9 http://httpredir.debian.org jessie-updates/main amd64 Packages [3614 B]
Fetched 9530 kB in 11s (815 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
  libssl1.0.0 openssl
The following NEW packages will be installed:
  ca-certificates libssl1.0.0 nginx openssl
0 upgraded, 4 newly installed, 0 to remove and 1 not upgraded.
Need to get 2395 kB of archives.
After this operation, 5913 kB of additional disk space will be used.
Get:1 http://security.debian.org/ jessie/updates/main libssl1.0.0 amd64 1.0.1k-3+deb8u1 [1038 kB]
Get:2 http://nginx.org/packages/mainline/debian/ jessie/nginx nginx amd64 1.9.3-1~jessie [480 kB]
Get:3 http://httpredir.debian.org/debian/ jessie/main ca-certificates all 20141019 [200 kB]
Get:4 http://security.debian.org/ jessie/updates/main openssl amd64 1.0.1k-3+deb8u1 [677 kB]

 **debconf: delaying package configuration, since apt-utils is not installed**

Fetched 2395 kB in 2s (1063 kB/s)
Selecting previously unselected package libssl1.0.0:amd64.
(Reading database ... 7528 files and directories currently installed.)
Preparing to unpack .../libssl1.0.0_1.0.1k-3+deb8u1_amd64.deb ...
Unpacking libssl1.0.0:amd64 (1.0.1k-3+deb8u1) ...
Selecting previously unselected package openssl.
Preparing to unpack .../openssl_1.0.1k-3+deb8u1_amd64.deb ...
Unpacking openssl (1.0.1k-3+deb8u1) ...
Selecting previously unselected package ca-certificates.
Preparing to unpack .../ca-certificates_20141019_all.deb ...
Unpacking ca-certificates (20141019) ...
Selecting previously unselected package nginx.
Preparing to unpack .../nginx_1.9.3-1~jessie_amd64.deb ...
chfn: PAM: System error
adduser: `/usr/bin/chfn -f nginx user nginx' returned error code 1. Exiting.
dpkg: error processing archive /var/cache/apt/archives/nginx_1.9.3-1~jessie_amd64.deb (--unpack):
 subprocess new pre-installation script returned error exit status 1
Errors were encountered while processing:
 /var/cache/apt/archives/nginx_1.9.3-1~jessie_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
2015/08/16 23:33:21 The command [/bin/sh -c apt-get update &&    apt-get install -y ca-certificates nginx=${NGINX_VERSION} &&    rm -rf /var/lib/apt/lists/*] returned a non-zero code: 100

Does nginx have to run as root? It would be much better for security if it set-up a separate user.

Note that users with volumes will have a short-term problem if you make this change.

I have ported nginx to power8 architecture (ppc64le) and have also dockerized it on Ubuntu. I want to contribute docker files back to nginx community.

I would like to know more about,

1. What is the correct way/procedure to commit/submit dockerfile to repository?
2. Is there any preference about naming convention of dockerfiles and their place in repository?

So this is part of my nginx configuration

nginx:
image: quay.io/jumo/sms_nginx:0.0.2
links:
- web:web
volumes_from:
- web
ports:
- 80:80

web:
image: quay.io/jumo/sms_packages:0.0.2
volumes:
- web_container:/root/code
- /root/code/sms_platform/static
command: ./app_server.sh
environment:
- DJANGO_SETTINGS_MODULE=sms_platform.settings.development
ports:
- 8000:3000
links:
- db:db
- rabbitmq:rabbitmq
- loggy:loggy

The image is from the official nginx
So when try to get the static files I get 403 Forbidden

I've seen a few images (eg: https://github.com/jwilder/nginx-proxy) having to install ca-certificates on their images to configure SSL/ this means they have to apt-get update && apt-get install ... && rm -rf /var/lib/apt/lists/*.

it would simplify things if ca-certificates was installed by default as it seems it's a useful package for nginx

would you consider adding it into the image?

I've seen #14 and #56 so thought I could build an image from the following Dockerfile:

FROM nginx:latest
RUN apt-get -y update && apt-get -y install nginx-extras

However, building the image fails with the following (trimmed) output:

Selecting previously unselected package nginx-common.
Preparing to unpack .../nginx-common_1.6.2-5_all.deb ...
Unpacking nginx-common (1.6.2-5) ...
dpkg: error processing archive /var/cache/apt/archives/nginx-common_1.6.2-5_all.deb (--unpack):
 trying to overwrite '/usr/share/nginx/html/index.html', which is also in package nginx 1.9.9-1~jessie
Selecting previously unselected package rename.
Preparing to unpack .../archives/rename_0.20-3_all.deb ...
Unpacking rename (0.20-3) ...
Selecting previously unselected package xml-core.
Preparing to unpack .../xml-core_0.13+nmu2_all.deb ...
Unpacking xml-core (0.13+nmu2) ...
Selecting previously unselected package nginx-extras.
Preparing to unpack .../nginx-extras_1.6.2-5_amd64.deb ...
Unpacking nginx-extras (1.6.2-5) ...
dpkg: error processing archive /var/cache/apt/archives/nginx-extras_1.6.2-5_amd64.deb (--unpack):
 trying to overwrite '/usr/sbin/nginx', which is also in package nginx 1.9.9-1~jessie
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Errors were encountered while processing:
 /var/cache/apt/archives/nginx-common_1.6.2-5_all.deb
 /var/cache/apt/archives/nginx-extras_1.6.2-5_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
The command '/bin/sh -c apt-get -y update && apt-get -y install nginx-extras' returned a non-zero code: 100

As an alternative, I'm now using ubuntu as the base image:

FROM ubuntu:14.04

RUN apt-get -y update && apt-get -y install \
  nginx \
  nginx-extras \
  ca-certificates

# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log
RUN ln -sf /dev/stderr /var/log/nginx/error.log

VOLUME ["/var/cache/nginx"]

EXPOSE 80 443

CMD ["nginx", "-g", "daemon off;"]

This works well, however was wondering if/how I can get the first Dockerfile working as its more intention revealing.

But do not want recompile it

--with-http_image_filter_module

Just had a few suggestions after checking out the Dockerfile and the image on Docker Hub. Instead of making separate issues, thought I'd just do bullet points:

• Provide a stable (1.6) tag on the Docker Hub. Looks like there are only tags for the mainline / 1.7 versions of nginx? I see I could easily build my own by passing in an NGINX_VERSION value to docker build but having a pre-built tag would be cool.
• Set worker_processes to auto. Otherwise whatever machine at the Docker Hub that builds the image will set this value to the number of cores on that machine, right? Or perhaps it's assumed that users will provide their own nginx.conf?
• Collapse multiple RUN statements into one. This reduces the size of the resulting Docker image. For example,

RUN ln -sf /dev/stdout /var/log/nginx/access.log &&\
  ln -sf /dev/stderr /var/log/nginx/error.log

(for this image you could move ENV below MAINTAINER and collapse all the RUN statements into one)

Nginx unfortunately doesn't support using environment variables inside most configuration blocks.

Since this is quite essential when linking with other containers to build a reverse proxy I think this image should provide some mechanism to use environment variables in custom configuration.

Solutions found on the web:

Pre-processing configuration files
https://github.com/shepmaster/nginx-template-image

Using set_by_lua or set_by_perl
https://docs.apitools.com/blog/2014/07/02/using-environment-variables-in-nginx-conf.html

Both of this don't work out of the box because none of the modules is included.

Hi =) Just wanted to share this as i scratched my head a while on this issue.

In the https://hub.docker.com/_/nginx/ page, the reader is encouraged to add "daemon: off;" to their nginx.conf, in this text:

Be sure to include daemon off; in your custom configuration to ensure that Nginx stays in the foreground so that Docker can track the process properly (otherwise your container will stop immediately after starting)!

however in https://github.com/nginxinc/docker-nginx/blob/master/Dockerfile#L22 it is explicit set, which ends up in something like this

2015/09/06 14:13:48 [emerg] 1#1: "daemon" directive is duplicate in /etc/nginx/nginx.conf:4
nginx: [emerg] "daemon" directive is duplicate in /etc/nginx/nginx.conf:4

When building the image from a fresh clone of the repo, the build fails. Here's the trace I get:

Sending build context to Docker daemon 139.3 kB
Sending build context to Docker daemon
Step 0 : FROM debian:jessie
 ---> df2a0347c9d0
Step 1 : MAINTAINER NGINX Docker Maintainers "[email protected]"
 ---> Running in 8ff8ef43cd7e
 ---> 3d26e9e15c25
Removing intermediate container 8ff8ef43cd7e
Step 2 : RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
 ---> Running in ee9df31bee09
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.uUMkn9p6dT --no-auto-check-trustdb --trust-model always --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
gpg: requesting key 7BD9BF62 from hkp server pgp.mit.edu
gpg: key 7BD9BF62: public key "nginx signing key <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
 ---> 7fa48597fa15
Removing intermediate container ee9df31bee09
Step 3 : RUN echo "deb http://nginx.org/packages/mainline/debian/ jessie nginx" >> /etc/apt/sources.list
 ---> Running in 036684610dc7
 ---> caefc777d468
Removing intermediate container 036684610dc7
Step 4 : ENV NGINX_VERSION 1.9.0-1~jessie
 ---> Running in 938ca7c4db82
 ---> 12983e70dfe6
Removing intermediate container 938ca7c4db82
Step 5 : RUN apt-get update &&     apt-get install -y ca-certificates nginx=${NGINX_VERSION} &&     rm -rf /var/lib/apt/lists/*
 ---> Running in 79ed82d17bba
Ign http://nginx.org jessie InRelease
Get:1 http://security.debian.org jessie/updates InRelease [63.1 kB]
Get:2 http://nginx.org jessie Release.gpg [287 B]
Get:3 http://nginx.org jessie Release [2307 B]
Get:4 http://nginx.org jessie/nginx amd64 Packages [826 B]
Get:5 http://httpredir.debian.org jessie InRelease [128 kB]
Get:6 http://security.debian.org jessie/updates/main amd64 Packages [88.8 kB]
Get:7 http://httpredir.debian.org jessie-updates InRelease [126 kB]
Get:8 http://httpredir.debian.org jessie/main amd64 Packages [9019 kB]
Get:9 http://httpredir.debian.org jessie-updates/main amd64 Packages [3612 B]
Fetched 9432 kB in 3s (2489 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
E: Version '1.9.0-1~jessie' for 'nginx' was not found
INFO[0012] The command [/bin/sh -c apt-get update &&     apt-get install -y ca-certificates nginx=${NGINX_VERSION} &&     rm -rf /var/lib/apt/lists/*] returned a non-zero code: 100

I've followed the instructions https://hub.docker.com/_/nginx/

My Dockerfile:

FROM nginx
COPY sites-available-default /etc/nginx/sites-available/default
COPY app-dir /usr/share/nginx/html

I started container docker run --name nginx-cont -d -p 8080:80 nginx-cont

And able to confirm it's running

$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                           NAMES
c2e5d5cd08ad        nginx-cont          "nginx -g 'daemon off"   12 minutes ago      Up 12 minutes       443/tcp, 0.0.0.0:8080->80/tcp   nginx-cont

But when access http://localhost:8080 it says, This webpage is not available

error_log /var/log/nginx/error.log debug; doesn't work because --with-debug apparently wasn't used in the debian package:

root@52df12b24fec:/etc/nginx/conf.d# nginx -V 
configure arguments: --prefix=/etc/nginx 
--sbin-path=/usr/sbin/nginx 
--conf-path=/etc/nginx/nginx.conf 
--error-log-path=/var/log/nginx/error.log 
--http-log-path=/var/log/nginx/access.log 
--pid-path=/var/run/nginx.pid 
--lock-path=/var/run/nginx.lock 
--http-client-body-temp-path=/var/cache/nginx/client_temp 
--http-proxy-temp-path=/var/cache/nginx/proxy_temp 
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp 
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp 
--http-scgi-temp-path=/var/cache/nginx/scgi_temp 
--user=nginx --group=nginx 
--with-http_ssl_module 
--with-http_realip_module 
--with-http_addition_module 
--with-http_sub_module 
--with-http_dav_module 
--with-http_flv_module 
--with-http_mp4_module 
--with-http_gunzip_module 
--with-http_gzip_static_module 
--with-http_random_index_module 
--with-http_secure_link_module 
--with-http_stub_status_module 
--with-http_auth_request_module 
--with-threads 
--with-stream 
--with-stream_ssl_module 
--with-mail 
--with-mail_ssl_module 
--with-file-aio 
--with-http_v2_module 
--with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2' 
--with-ld-opt='-Wl,-z,relro -Wl,--as-needed' 
--with-ipv6

Is it possible to enable debug logs otherwise?

Debian 8 has been released (https://www.debian.org/News/2015/20150426)

I don't know if this is the right place to bring this up, but at some point it would be good to
get nginx mainline packages for debian 8 "jessie" here: http://nginx.org/packages/mainline/debian/dists/
and then update this repo.

The debian 8 package for nginx is at 1.6: https://packages.debian.org/jessie/nginx

Hi, since there are Dockerfiles for other Linux distributions, do you plan to build and tag those images on Docker Hub?

Thanks

This is on OS X 10.9 with Boot2Docker 1.6.2 (using AUFS) and Docker 1.6.2. Running the Nginx container with a volume for static files produces garbage.

docker run -v "$(pwd)/html:/usr/share/nginx/html" -p 80:80 -d nginx

html/index.html was originally (when I started the container):

Hey

Then I changed it to:

I have a different length than you think!

This has 42 bytes, including the trailing newline. When I use any browser to access this container, I get the original file content (padded with zero bytes), but the Content-Length matches the new version: (I'm using dnsmasq to map all *.docker domains to the Boot2Docker IP.)

felix-mba:funk fr$ curl -v http://garbage.docker/
* Adding handle: conn: 0x7f9d4a803a00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7f9d4a803a00) send_pipe: 1, recv_pipe: 0
* About to connect() to garbage.docker port 80 (#0)
*   Trying 192.168.59.103...
* Connected to garbage.docker (192.168.59.103) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.30.0
> Host: garbage.docker
> Accept: */*
> 
< HTTP/1.1 200 OK
* Server nginx/1.9.0 is not blacklisted
< Server: nginx/1.9.0
< Date: Fri, 22 May 2015 18:21:55 GMT
< Content-Type: text/html
< Content-Length: 42
< Last-Modified: Fri, 22 May 2015 18:21:54 GMT
< Connection: keep-alive
< ETag: "555f73c2-2a"
< Accept-Ranges: bytes
< 
Hey
* Connection #0 to host garbage.docker left intact
felix-mba:funk fr$ curl -s http://garbage.docker/ | hexdump -C
00000000  48 65 79 0a 00 00 00 00  00 00 00 00 00 00 00 00  |Hey.............|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000020  00 00 00 00 00 00 00 00  00 00                    |..........|
0000002a
felix-mba:funk fr$

Any ideas?

Would be useful to be able to easily enable http/2 using env variables or using so specific tags of this image, it would probably imply having to provide cert in volume and also enable ssl.

Since nginx can auto-tune now the worker_processes configuration parameter, I would suggest to use
worker_processes auto; instead of worker_processes 1; in /etc/nginx/nginx.conf

Rationale: Docker manages resources using container restrictions and expects them to automatically adapt to the provided amount of CPU and memory.

But for non-docker environments, using only one thread is a safe default. So upstream developers provide it that way.

The Dockerfile exposes 443, so ssl support is available? Could you please add how to add certs and enable ssl ?

There are a lot of Docker and NGINX docker setups out there, and it would be awesome to have a little README to help get developers pointed in the right direction.

Would you consider using a source build strategy like the old repo? Would allow for setting any compile-time options that one might want and at no real cost (that I'm aware of).