Compiling nginx naxsi from source on docker doesnt listen on any ports

Im having issues compiling nginx with the naxsi addon module, im using the base ubuntu 16.04 docker image with the following Dockerfile

RUN apt-get update && \
apt-get upgrade -y && \
apt-get install fail2ban supervisor libpcre3-dev libxslt1-dev libgd2-xpm-dev libgeoip-dev libssl-dev unzip wget make \
  libgoogle-perftools-dev google-perftools jq -y --fix-missing && \
apt-get remove --purge -y software-properties-common build-essential && \
apt-get autoremove -y && \
apt-get clean && \
apt-get autoclean && \
echo -n > /var/lib/apt/extended_states && \
rm -rf /var/lib/apt/lists/* && \
rm -rf /usr/share/man/?? && \
rm -rf /usr/share/man/??_*

RUN mkdir /tmp/ngxbuild

RUN cd /tmp/ngxbuild

RUN wget -q http://nginx.org/download/nginx-1.11.9.tar.gz

RUN wget -q https://github.com/nbs-system/naxsi/archive/0.55.2.tar.gz

RUN tar xzf nginx-1.11.9.tar.gz

RUN tar xzf 0.55.2.tar.gz

WORKDIR  nginx-1.11.9

RUN groupadd -r nginx && useradd -r -g nginx nginx

RUN ./configure \
  --with-pcre \
  --with-ipv6 \
  --user=nginx \
  --group=nginx \
  --with-stream \
  --with-file-aio \
  --with-poll_module \
  --with-http_v2_module \
  --with-http_ssl_module \
  --with-stream_ssl_module \
  --with-http_realip_module \
  --pid-path=/run/nginx.pid \
  --prefix=/usr/local/nginx \
  --without-http_uwsgi_module \
  --with-stream_realip_module \
  --pid-path=/var/run/nginx.pid \
  --with-http_gzip_static_module \
  --with-google_perftools_module \
  --lock-path=/var/lock/nginx.lock \
  --conf-path=/etc/nginx/nginx.conf \
  --sbin-path=/usr/local/sbin/nginx \
  --lock-path=/run/lock/subsys/nginx \
  --add-module=../naxsi-0.55.2/naxsi_src/ \
  --error-log-path=/var/log/nginx/error.log \
  --http-log-path=/var/log/nginx/access.log \
  --http-proxy-temp-path=/var/lib/nginx/proxy \
  --http-client-body-temp-path=/var/lib/nginx/body \
  --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
  --without-mail_pop3_module \
  --without-mail_smtp_module \
  --without-mail_imap_module \
  --without-http_scgi_module \
  --prefix=/usr && \
  make -j 4 && \
  make install && \
  mkdir -p /var/lib/nginx/{body,proxy,fastcgi}

nginx compiles and the dockerfile builds with no errors but when i boot the container up nginx is started but not listening on any ports

  • Understanding docker plugins
  • Docker jwilder/nginx-proxy location configuration
  • Slow meteor build performance in docker container
  • How to pull from private docker repository on docker hub?
  • How to log in gcloud with a dockerfile
  • openldap + kerberos - unable to reach any KDC in realm
  • my site config looks like followed

    server {
        listen 443 ssl http2 default_server;
        listen [::]:443 ssl http2 default_server;
    
        root /data/www/app/dist;
    
        # Add index.php to the list if you are using PHP
        index index.html;
    
        server_name url.co.uk;
    
        ssl_certificate /data/ssl/nginx-selfsigned.crt;
        ssl_certificate_key /data/ssl/nginx-selfsigned.key;
        ssl_dhparam /data/ssl/dhparam.pem;
    
        location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
        }
    }
    

    my nginx.conf looks like

    user nginx;
    worker_processes auto;
    pid /run/nginx.pid;
    
    events {
        worker_connections 768;
        multi_accept on;
        use epoll;
    }
    
    http {
    
        ##
        # Basic Settings
        ##
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        server_tokens off;
        client_header_timeout  3m;
        client_body_timeout    3m;
        send_timeout           3m;
        client_body_buffer_size      128k;
        client_max_body_size         10m;
        client_header_buffer_size    1k;
        large_client_header_buffers  4 4k;
        output_buffers               1 32k;
        postpone_output              1460;
        server_names_hash_bucket_size 64;
        server_name_in_redirect off;
        default_type application/octet-stream;
        include /etc/nginx/mime.types;
    
        ##
        # SSL Settings
        ##
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
        ssl_session_cache shared:SSL:5m;
        ssl_session_timeout 1h;
        ssl_ecdh_curve secp384r1;
        ssl_session_tickets off;
        ssl_stapling off;
        ssl_stapling_verify off;
        add_header Strict-Transport-Security max-age=15768000;
        add_header X-Frame-Options DENY;
        add_header X-Content-Type-Options nosniff;
    
        ##
        # Resolver Settings
        ##
        resolver 8.8.8.8 8.8.4.4 valid=300s;
        resolver_timeout 5s;
    
        ##
        # Logging Settings
        ##
        access_log /data/log/nginx/qg-webapp.access.log;
        error_log /data/log/nginx/qg-webapp.error.log;
    
        ##
        # Gzip Settings
        ##
        gzip on;
        gzip_disable "msie6";
        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_http_version 1.1;
        gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
    
        ##
        # Virtual Host Configs
        ##
        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
    }
    

    when i run lsof -i: 443 it show nothing is listening on the ssl port. Am i doing something wrong when compiling?

  • Docker compose external links alias with http protocol
  • bundler installed gems not persisting in fig/docker
  • cannot run docker image with mounted folder
  • How to handle PHP project code in docker container
  • Passing a command with arguments as a string to docker run
  • “Address already in use” error upon docker-compose up
  • One Solution collect form web for “Compiling nginx naxsi from source on docker doesnt listen on any ports”

    You have to map your ports, in your dockerfile you can use

    EXPOSE 443:443
    

    Or while you use run command do

    docker run -its -p 443:443 --name nginx image_nginx
    

    And you can put this into your Dockerfile

    ENTRYPOINT sh -c 'while true; do sleep 3600; done;'
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.