forked from OpenSourceLAN/origin-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
79 lines (66 loc) · 2.67 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
FROM ubuntu:bionic
# shared layers with second stage image, faster build by caching layers!
RUN apt-get update && apt-get install -y libssl1.0.0 libpcre3 zlib1g && apt-get purge
RUN apt-get update && \
apt-get install -y \
build-essential \
libssl-dev \
libpcre3-dev \
zlib1g-dev \
wget \
openssl \
unzip && apt-get purge
RUN mkdir /build
WORKDIR /build
ADD build.sh /build/build.sh
RUN /build/build.sh
# Generate a fake CA + certs for epic games so that we can put some fake certificates in to the image
# so that the epic games config file can be loaded without error
RUN \
openssl genrsa -out rootca.key 2048 && \
openssl req -batch -x509 -new -nodes -key rootca.key -sha256 -days 10000 -out rootca.pem && \
openssl genrsa -out client.key 2048 && \
cat /etc/ssl/openssl.cnf > /build/openssl.conf && \
echo "[SAN]" >> /build/openssl.conf && \
echo "subjectAltName=DNS:download1.epicgames.com,DNS:download2.epicgames.com,DNS:download3.epicgames.com,DNS:download4.epicgames.com,DNS:cdn1.epicgames.com,DNS:cdn2.epicgames.com,DNS:cdn1.unrealengine.com,DNS:cdn2.unrealengine.com,DNS:cdn3.unrealengine.com,DNS:static-assets-prod.epicgames.com,DNS:epicgames-download1.akamaized.net" >> /build/openssl.conf && \
openssl req -new -key client.key -out client.csr -subj "/C=US/ST=CA/O=Acme, Inc./CN=download.epicgames.com" -reqexts SAN -config /build/openssl.conf -out client.csr && \
openssl x509 -req -in client.csr -CA rootca.pem -CAkey rootca.key -CAcreateserial -out client.pem -days 10000 -sha256
FROM ubuntu:bionic
RUN apt-get update && apt-get install -y libssl1.0.0 libssl1.1 libpcre3 zlib1g && apt-get purge
COPY --from=0 /usr/sbin/nginx /usr/sbin/nginx
COPY --from=0 /etc/nginx/mime.types /etc/nginx/mime.types
RUN mkdir -p \
/etc/nginx/conf.d \
/etc/nginx/conf.d/includes \
/etc/nginx/ssl/epic \
/var/lib/nginx/body \
/var/lib/nginx/fastcgi \
/cache/cache_data \
/cache/static \
/var/log/nginx
ADD \
caches/blizzard.conf \
caches/catch_all.conf \
caches/epic.conf \
caches/hirez.conf \
caches/league.conf \
caches/microsoft.conf \
caches/origin.conf \
caches/sony.conf \
caches/static.conf \
caches/steam.conf \
caches/uplay.conf \
caches/wargaming.conf \
/etc/nginx/conf.d/
ADD \
includes/resolver.conf \
includes/log-formats.conf \
includes/proxy-cache-paths.conf \
includes/proxy-cache-upstream.conf \
includes/proxy-upstream.conf \
/etc/nginx/conf.d/includes/
ADD nginx.conf /etc/nginx/nginx.conf
# Epic games fake CA to allow epic config file to be loaded
COPY --from=0 /build/client.key /build/client.pem /etc/nginx/ssl/epic/
CMD nginx -g "daemon off;" -c /etc/nginx/nginx.conf
VOLUME ["/cache", "/var/log/nginx"]