Newer
Older
# use this self-generated certificate only in dev, IT IS NOT SECURE!
# https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact
ARG NGINX_VERSION=1.17
FROM nginx:${NGINX_VERSION}-alpine
# persistent / runtime deps
RUN apk add --no-cache \
nss-tools \
;
WORKDIR /certs
ARG MKCERT_VERSION=1.4.1
RUN set -eux; \
wget -O /usr/local/bin/mkcert https://github.com/FiloSottile/mkcert/releases/download/v$MKCERT_VERSION/mkcert-v$MKCERT_VERSION-linux-amd64; \
chmod +x /usr/local/bin/mkcert; \
mkcert --cert-file localhost.crt --key-file localhost.key localhost 127.0.0.1 ::1 mercure; \
# the file must be named server.pem - the default certificate path in webpack-dev-server
cat localhost.key localhost.crt > server.pem; \
# export the root CA cert, but not the root CA key
cp "$(mkcert -CAROOT)/rootCA.pem" /certs/localCA.crt
# add redirect from http://localhost to https://localhost
RUN set -eux; \
{ \
echo 'server {'; \
echo ' return 301 https://$host$request_uri;'; \
echo '}'; \
} | tee /etc/nginx/conf.d/default.conf