更新 Nginx 至 1.24.0, ModSecurity 至 v3.0.14

AptS-1547 · AptS-1547 · commit d99eee3a9114 · 2025-05-21T13:00:13.000+08:00
diff --git a/Dockerfile.latest b/Dockerfile.latest
@@ -1,4 +1,4 @@
-FROM nginx:1.26.3-alpine AS builder
+FROM nginx:1.24.0-alpine AS builder
 
 # 设置 ModSecurity 版本
 ENV MODSECURITY_VERSION=v3.0.14
@@ -33,9 +33,9 @@ RUN apk add --no-cache --virtual .build-deps \
 WORKDIR /opt
 
 # 下载 Nginx 源码
-RUN wget https://nginx.org/download/nginx-1.26.3.tar.gz \
-    && tar -xzf nginx-1.26.3.tar.gz \
-    && rm nginx-1.26.3.tar.gz
+RUN wget https://nginx.org/download/nginx-1.24.0.tar.gz \
+    && tar -xzf nginx-1.24.0.tar.gz \
+    && rm nginx-1.24.0.tar.gz
 
 # 下载 ModSecurity
 RUN git clone --depth 1 -b ${MODSECURITY_VERSION} https://github.com/owasp-modsecurity/ModSecurity.git
@@ -54,15 +54,15 @@ RUN cd /opt/ModSecurity \
     && make clean
 
 # 编译 Nginx 与 ModSecurity 模块
-RUN cd /opt/nginx-1.26.3 \
+RUN cd /opt/nginx-1.24.0 \
     && ./configure --with-compat --add-dynamic-module=/opt/ModSecurity-nginx \
     && make modules \
     && cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules \
     && mkdir -p /etc/nginx/modsec \
     && cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec/
 
 # 最终镜像
-FROM nginx:1.26.3-alpine AS final
+FROM nginx:1.24.0-alpine AS final
 
 # 安装运行时依赖
 RUN apk add --no-cache --purge --virtual .runtime-deps \
@@ -82,7 +82,7 @@ COPY --from=builder /etc/nginx/modsec/unicode.mapping /etc/nginx/modsec/
 
 # 添加构建信息标签
 LABEL maintainer="AptS-1547 <apts-1547@esaps.net>" \
-      nginx_version="1.26.3" \
+      nginx_version="1.24.0" \
       modsecurity_version="v3.0.14" \
       modsecurity_nginx_version="v1.0.3" \
-      build_date="2025-05-21T04:47:38Z"
+      build_date="2025-05-21T05:00:13Z"
diff --git a/latest_version b/latest_version
@@ -1 +1 @@
-1.26.3
+1.26.3
diff --git a/nginx-1.22.1/mod-3.0.14/Dockerfile b/nginx-1.22.1/mod-3.0.14/Dockerfile
@@ -0,0 +1,88 @@
+FROM nginx:1.22.1-alpine AS builder
+
+# 设置 ModSecurity 版本
+ENV MODSECURITY_VERSION=v3.0.14
+ENV MODSECURITY_NGINX_VERSION=v1.0.3
+
+# 安装构建依赖
+RUN apk add --no-cache --virtual .build-deps \
+        alpine-sdk \
+        autoconf \
+        automake \
+        bison \
+        curl \
+        doxygen \
+        flex \
+        g++ \
+        gcc \
+        git \
+        libtool \
+        lmdb-dev \
+        lua5.4-dev \
+        make \
+        ssdeep \
+        yajl-dev \
+        zlib-dev \
+        libxml2-dev \
+        geoip-dev \
+        pcre-dev \
+        linux-headers \
+        wget
+
+# 创建工作目录
+WORKDIR /opt
+
+# 下载 Nginx 源码
+RUN wget https://nginx.org/download/nginx-1.22.1.tar.gz \
+    && tar -xzf nginx-1.22.1.tar.gz \
+    && rm nginx-1.22.1.tar.gz
+
+# 下载 ModSecurity
+RUN git clone --depth 1 -b ${MODSECURITY_VERSION} https://github.com/owasp-modsecurity/ModSecurity.git
+
+# 下载 ModSecurity-nginx 连接器
+RUN git clone --depth 1 -b ${MODSECURITY_NGINX_VERSION} https://github.com/owasp-modsecurity/ModSecurity-nginx.git
+
+# 编译 ModSecurity
+RUN cd /opt/ModSecurity \
+    && git submodule init \
+    && git submodule update \
+    && ./build.sh \
+    && ./configure --prefix=/usr/local/modsecurity \
+    && make \
+    && make install \
+    && make clean
+
+# 编译 Nginx 与 ModSecurity 模块
+RUN cd /opt/nginx-1.22.1 \
+    && ./configure --with-compat --add-dynamic-module=/opt/ModSecurity-nginx \
+    && make modules \
+    && cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules \
+    && mkdir -p /etc/nginx/modsec \
+    && cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec/
+
+# 最终镜像
+FROM nginx:1.22.1-alpine AS final
+
+# 安装运行时依赖
+RUN apk add --no-cache --purge --virtual .runtime-deps \
+        lua5.4 \
+        yajl \
+        libstdc++ \
+        pcre \
+        lmdb \
+        geoip \
+        libxml2
+
+# 复制配置文件和模块
+RUN sed -i '1i load_module modules/ngx_http_modsecurity_module.so;\n' /etc/nginx/nginx.conf
+COPY --from=builder /usr/local/modsecurity/ /usr/local/modsecurity/
+COPY --from=builder /etc/nginx/modules/ngx_http_modsecurity_module.so /etc/nginx/modules/
+COPY --from=builder /etc/nginx/modsec/unicode.mapping /etc/nginx/modsec/
+
+# 添加构建信息标签
+LABEL maintainer="AptS-1547 <apts-1547@esaps.net>" \
+      nginx_version="1.22.1" \
+      modsecurity_version="v3.0.14" \
+      modsecurity_nginx_version="v1.0.3" \
+      build_date="2025-05-21T04:48:17Z"
diff --git a/nginx-1.22.1/mod-3.0.14/README.md b/nginx-1.22.1/mod-3.0.14/README.md
@@ -0,0 +1,20 @@
+# ModSecurity with Nginx
+
+版本信息:
+- Nginx: 1.22.1
+- ModSecurity: v3.0.14
+- ModSecurity-nginx: v1.0.3
+
+创建日期: 2025-05-21T04:48:17Z
+
+## 构建镜像
+
+```bash
+docker build -t modsecurity:1.22.1-3.0.14 .
+```
+
+## 运行容器
+
+```bash
+docker run -d -p 80:80 modsecurity:1.22.1-3.0.14
+```
diff --git a/nginx-1.24.0/mod-3.0.14/Dockerfile b/nginx-1.24.0/mod-3.0.14/Dockerfile
@@ -0,0 +1,88 @@
+FROM nginx:1.24.0-alpine AS builder
+
+# 设置 ModSecurity 版本
+ENV MODSECURITY_VERSION=v3.0.14
+ENV MODSECURITY_NGINX_VERSION=v1.0.3
+
+# 安装构建依赖
+RUN apk add --no-cache --virtual .build-deps \
+        alpine-sdk \
+        autoconf \
+        automake \
+        bison \
+        curl \
+        doxygen \
+        flex \
+        g++ \
+        gcc \
+        git \
+        libtool \
+        lmdb-dev \
+        lua5.4-dev \
+        make \
+        ssdeep \
+        yajl-dev \
+        zlib-dev \
+        libxml2-dev \
+        geoip-dev \
+        pcre-dev \
+        linux-headers \
+        wget
+
+# 创建工作目录
+WORKDIR /opt
+
+# 下载 Nginx 源码
+RUN wget https://nginx.org/download/nginx-1.24.0.tar.gz \
+    && tar -xzf nginx-1.24.0.tar.gz \
+    && rm nginx-1.24.0.tar.gz
+
+# 下载 ModSecurity
+RUN git clone --depth 1 -b ${MODSECURITY_VERSION} https://github.com/owasp-modsecurity/ModSecurity.git
+
+# 下载 ModSecurity-nginx 连接器
+RUN git clone --depth 1 -b ${MODSECURITY_NGINX_VERSION} https://github.com/owasp-modsecurity/ModSecurity-nginx.git
+
+# 编译 ModSecurity
+RUN cd /opt/ModSecurity \
+    && git submodule init \
+    && git submodule update \
+    && ./build.sh \
+    && ./configure --prefix=/usr/local/modsecurity \
+    && make \
+    && make install \
+    && make clean
+
+# 编译 Nginx 与 ModSecurity 模块
+RUN cd /opt/nginx-1.24.0 \
+    && ./configure --with-compat --add-dynamic-module=/opt/ModSecurity-nginx \
+    && make modules \
+    && cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules \
+    && mkdir -p /etc/nginx/modsec \
+    && cp /opt/ModSecurity/unicode.mapping /etc/nginx/modsec/
+
+# 最终镜像
+FROM nginx:1.24.0-alpine AS final
+
+# 安装运行时依赖
+RUN apk add --no-cache --purge --virtual .runtime-deps \
+        lua5.4 \
+        yajl \
+        libstdc++ \
+        pcre \
+        lmdb \
+        geoip \
+        libxml2
+
+# 复制配置文件和模块
+RUN sed -i '1i load_module modules/ngx_http_modsecurity_module.so;\n' /etc/nginx/nginx.conf
+COPY --from=builder /usr/local/modsecurity/ /usr/local/modsecurity/
+COPY --from=builder /etc/nginx/modules/ngx_http_modsecurity_module.so /etc/nginx/modules/
+COPY --from=builder /etc/nginx/modsec/unicode.mapping /etc/nginx/modsec/
+
+# 添加构建信息标签
+LABEL maintainer="AptS-1547 <apts-1547@esaps.net>" \
+      nginx_version="1.24.0" \
+      modsecurity_version="v3.0.14" \
+      modsecurity_nginx_version="v1.0.3" \
+      build_date="2025-05-21T05:00:13Z"
diff --git a/nginx-1.24.0/mod-3.0.14/README.md b/nginx-1.24.0/mod-3.0.14/README.md
@@ -0,0 +1,20 @@
+# ModSecurity with Nginx
+
+版本信息:
+- Nginx: 1.24.0
+- ModSecurity: v3.0.14
+- ModSecurity-nginx: v1.0.3
+
+创建日期: 2025-05-21T05:00:13Z
+
+## 构建镜像
+
+```bash
+docker build -t modsecurity:1.24.0-3.0.14 .
+```
+
+## 运行容器
+
+```bash
+docker run -d -p 80:80 modsecurity:1.24.0-3.0.14
+```
diff --git a/update.sh b/update.sh
@@ -4,6 +4,7 @@
 NGINX_VERSION=${1:-"1.26.3"}
 MODSECURITY_VERSION=${2:-"v3.0.14"}
 MODSECURITY_NGINX_VERSION=${3:-"v1.0.3"}
+AUTO_PUSH=${4:-"false"}  # 新增参数，控制是否自动提交和推送
 
 # 移除版本号中的 'v' 前缀，便于文件夹命名
 MOD_VERSION=${MODSECURITY_VERSION#v}
@@ -21,6 +22,7 @@ echo "Nginx: $NGINX_VERSION"
 echo "ModSecurity: $MODSECURITY_VERSION"
 echo "ModSecurity-nginx: $MODSECURITY_NGINX_VERSION"
 echo "导出目录: $VERSION_DIR"
+echo "自动提交并推送: $AUTO_PUSH"
 echo
 
 # 生成版本化目录的 Dockerfile
@@ -45,6 +47,9 @@ MODSECURITY_NGINX_VERSION=$MODSECURITY_NGINX_VERSION
 BUILD_DATE=$BUILD_DATE
 EOF
 
+# 更新最新版本文件
+echo "$NGINX_VERSION" > "latest_version"
+
 # 创建一个README文件，记录版本信息
 cat > "$VERSION_DIR/README.md" << EOF
 # ModSecurity with Nginx
@@ -72,4 +77,20 @@ EOF
 echo "更新完成！文件已导出到 $VERSION_DIR 目录"
 echo "同时已生成 Dockerfile.latest 和 versions.env 文件在根目录"
 echo "您可以运行以下命令构建镜像:"
-echo "cd $VERSION_DIR && docker build -t modsecurity:$NGINX_VERSION-$MOD_VERSION ."
+echo "cd $VERSION_DIR && docker build -t modsecurity:$NGINX_VERSION-$MOD_VERSION ."
+
+# 如果设置了自动提交和推送
+if [ "$AUTO_PUSH" = "true" ]; then
+    echo "正在提交更改..."
+    git add "$VERSION_DIR" Dockerfile.latest versions.env latest_version
+    git commit -m "更新 Nginx 至 $NGINX_VERSION, ModSecurity 至 $MODSECURITY_VERSION"
+    
+    echo "正在推送到远程仓库..."
+    git push
+    
+    if [ $? -eq 0 ]; then
+        echo "提交和推送成功完成！"
+    else
+        echo "推送失败，请手动检查并推送。"
+    fi
+fi
diff --git a/versions.env b/versions.env
@@ -1,4 +1,4 @@
-NGINX_VERSION=1.26.3
+NGINX_VERSION=1.24.0
 MODSECURITY_VERSION=v3.0.14
 MODSECURITY_NGINX_VERSION=v1.0.3
-BUILD_DATE=2025-05-21T04:47:38Z
+BUILD_DATE=2025-05-21T05:00:13Z
