search

TeslaGov / ngx-http-auth-jwt-module

Secure your NGINX locations with JWT
MIT License
317 stars 122 forks source link

Docker / build refactor & update Nginx #69

Closed TimUnderhay closed 2 years ago

TimUnderhay commented 2 years ago

It's been a while, TeslaGov! Glad to see this project is still kicking. I had a need to revisit it and found that the build / Docker end of things was in need of a serious facelift. Please see the description below.

JoshMcCullough commented 2 years ago

@KensingtonTech note that I updated the Makefile to allow for overriding the NGINX version, e.g.:

NGINX_VERSION=1.16.1 make rebuild-nginx

This is important because we don't always run on the latest NGINX. So you'll want to rebase your branch. Commit: https://github.com/TeslaGov/ngx-http-auth-jwt-module/commit/148987d81d31cf16cfb8ccc391056c6e2528ab39

BTW I think we can consolidate the build-nginx and rebuild-nginx tasks at some point as well.

TimUnderhay commented 2 years ago

@JoshMcCullough I pushed another commit that makes DOCKER_ORG_NAME, DOCKER_IMAGE_NAME, and NGINX_VERSION configurable via env vars.

JoshMcCullough commented 2 years ago

I'm seeing some errors when running: NGINX_VERSION=1.16.1 make rebuild-nginx

checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for sysconf(_SC_LEVEL1_DCACHE_LINESIZE) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
configuring additional dynamic modules
adding module in ../ngx-http-auth-jwt-module
 + ngx_http_auth_jwt_module was configured
checking for PCRE library ... not found
checking for PCRE library in /usr/local/ ... not found
checking for PCRE library in /usr/include/pcre/ ... not found
checking for PCRE library in /usr/pkg/ ... not found
checking for PCRE library in /opt/local/ ... not found

./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.

The command '/bin/sh -c set -x  && curl -O http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz        && tar -xzf nginx-$NGINX_VERSION.tar.gz    && rm nginx-$NGINX_VERSION.tar.gz       && ln -sf nginx-$NGINX_VERSION nginx    && cd /root/dl/nginx    && ./configure --with-compat --add-dynamic-module=../ngx-http-auth-jwt-module      && make modules' returned a non-zero code: 1
make: *** [Makefile:36: rebuild-nginx] Error 1
TimUnderhay commented 2 years ago

I'm seeing some errors when running: NGINX_VERSION=1.16.1 make rebuild-nginx

checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for sysconf(_SC_LEVEL1_DCACHE_LINESIZE) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
configuring additional dynamic modules
adding module in ../ngx-http-auth-jwt-module
 + ngx_http_auth_jwt_module was configured
checking for PCRE library ... not found
checking for PCRE library in /usr/local/ ... not found
checking for PCRE library in /usr/include/pcre/ ... not found
checking for PCRE library in /usr/pkg/ ... not found
checking for PCRE library in /opt/local/ ... not found

./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.

The command '/bin/sh -c set -x  && curl -O http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz        && tar -xzf nginx-$NGINX_VERSION.tar.gz    && rm nginx-$NGINX_VERSION.tar.gz       && ln -sf nginx-$NGINX_VERSION nginx    && cd /root/dl/nginx    && ./configure --with-compat --add-dynamic-module=../ngx-http-auth-jwt-module      && make modules' returned a non-zero code: 1
make: *** [Makefile:36: rebuild-nginx] Error 1

@JoshMcCullough apologies for the lull. The issue with 1.16.1 has been addressed, as well as an issue where the test runner was always using the latest version.

JoshMcCullough commented 2 years ago

Looks good, thanks!

TimUnderhay commented 2 years ago

@JoshMcCullough I hope you don’t mind, but I’ve taken the liberty of publishing the image to Docker hub (https://hub.docker.com/r/kensingtontech/nginx-jwt). I’ve made sure to add your 1.16.1 in there, as well.

JoshMcCullough commented 2 years ago

Nice! We really should be better about this sort of thing, and should publish boundaries, images, etc. Thanks for contributing.