FROM nginx

# set work dir
WORKDIR /etc/nginx/

# Set build shell to bash, default has has some issues sometimes
SHELL ["/bin/bash", "-c"]

# Update packges, remove nginx, default configs and install nginx-extras and other required packages
RUN apt-get update \
 && apt-get upgrade -y \
 && apt-get purge nginx -y \
 && rm -rvf /etc/default/nginx /etc/init.d/nginx /etc/init.d/nginx /etc/nginx/ \
 && apt-get install -y --no-install-recommends \
    nginx-extras \
    iputils-ping \
    ca-certificates \
    wget \
    curl \
    nano \
    vim \
    locales \
 && apt-get autoremove -y \
 && apt-get clean -y

# Set environment variables and generate locale for locale
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8
RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen \
 && locale-gen

# Generate fake ssl to drop invalid connections and generate default configs
RUN mkdir -pv /etc/nginx/ssl/ \
 && echo -e "\n\n\n\n\n\n" | openssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout /etc/nginx/ssl/drop.key -out /etc/nginx/ssl/drop.crt \
 && rm -v /etc/nginx/sites-enabled/default \
 && echo 'server { \
    listen 80 default_server; \
    listen [::]:80 default_server; \
    listen 443 ssl default_server; \
    listen [::]:443 ssl default_server; \
    \
    ssl_certificate /etc/nginx/ssl/drop.crt; \
    ssl_certificate_key /etc/nginx/ssl/drop.key; \
    \
    return 444; \
}' > /etc/nginx/conf.d/drop.conf \
 && echo 'user www-data; \
worker_processes auto; \
pid /run/nginx.pid; \
error_log /dev/sdtout; \
include /etc/nginx/modules-enabled/*.conf; \
\
events { \
        worker_connections 768; \
} \
 \
http { \
        sendfile on; \
        tcp_nopush on; \
        types_hash_max_size 2048; \
\
        include /etc/nginx/mime.types; \
        default_type application/octet-stream; \
\
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; \
        ssl_prefer_server_ciphers on; \
\
        access_log /dev/stdout; \
\
        include /etc/nginx/conf.d/*.conf; \
        include /etc/nginx/sites-enabled/*; \
}' \
> /etc/nginx/nginx.conf



# Install ngxtop
RUN apt-get -y --no-install-recommends install python-is-python3 pipx \
 && pipx install ngxtop \
 && rm -rf ~/.cache/ \
 && apt-get auto-remove -y \
 && apt-get clean -y

# clean up
RUN rm -rfv  /var/lib/apt/lists /var/lib/dpkg/info /docker-entrypoint.d /docker-entrypoint.sh
ENTRYPOINT []
CMD nginx -g daemon off