From 8107e0f6592508b0ddbe37bbbcae69c0052ea3ee Mon Sep 17 00:00:00 2001 From: Manuel de Brito Fontes Date: Sun, 17 Jun 2018 14:34:55 -0400 Subject: [PATCH] Change modsecurity directories --- rootfs/Dockerfile | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/rootfs/Dockerfile b/rootfs/Dockerfile index 68254efd1..a6c702021 100644 --- a/rootfs/Dockerfile +++ b/rootfs/Dockerfile @@ -23,19 +23,32 @@ RUN clean-install \ dumb-init \ libcap2-bin -# Create symlinks to redirect nginx logs to stdout and stderr docker log collector -# This only works if nginx is started with CMD or ENTRYPOINT -RUN mkdir -p /var/log/nginx \ - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - COPY . / RUN setcap cap_net_bind_service=+ep /usr/sbin/nginx \ && setcap cap_net_bind_service=+ep /nginx-ingress-controller -RUN mkdir -p /etc/ingress-controller/ssl /etc/ingress-controller/auth \ - && chown -R www-data.www-data /etc/nginx /etc/ingress-controller +RUN bash -eux -c ' \ + writeDirs=( \ + /etc/nginx \ + /etc/ingress-controller/ssl \ + /etc/ingress-controller/auth \ + /var/log \ + /var/log/nginx \ + /opt/modsecurity/var/log \ + /opt/modsecurity/var/upload \ + /opt/modsecurity/var/audit \ + ); \ + for dir in "${writeDirs[@]}"; do \ + mkdir -p ${dir}; \ + chown -R www-data.www-data ${dir}; \ + done \ + ' + +# Create symlinks to redirect nginx logs to stdout and stderr docker log collector +# This only works if nginx is started with CMD or ENTRYPOINT +RUN ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log USER www-data