Upgrade image base to phusion/baseimage:noble-1.0.0

Update changelog regarding available python versions Reflect Redis upgrade Allow setting http_proxy via EXTRA_BUILD_ARGS to cache apt packages during image build. Move error_log definition to root scope, refs: phusion/passenger#2541 Explicitly install ncurses for CRuby<3.3 Only create instance dir if not already present Make Python 3.12 the default python version
phusion · Oct 14, 2024 · 1bf5d72 · 1bf5d72
1 parent e11b053
commit 1bf5d72
Show file tree

Hide file tree

Showing 12 changed files with 617 additions and 198 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,15 @@
+## 3.1.0 (release date: TBD)
+ * Upgraded image base to phusion/baseimage:noble-1.0.0
+   * Upgraded to Ubuntu 24.04 LTS (Noble)
+       - note updated compiler chain and all tools; please test your apps thoroughly
+   * Default Python version is now 3.12 (from 3.10)
+   * Python 2.7 and 3.7 are no longer available from the Deadsnakes PPA; we weren't providing images for either previously
+   * Nginx version is now 1.24 (from 1.18)
+       - changelog can be found at https://nginx.org/en/CHANGES-1.24
+       - if you provide your own nginx.conf, please define error_log at the root scope, not the http scope; see https://github.com/phusion/passenger/issues/2541
+       - a number of modules are no longer installed and enabled by default (mod-http-geoip2, mod-http-image-filter, mod-http-xslt-filter, mod-mail, mod-stream, mod-stream-geoip2)
+    * Redis version is now 7.0.15 (from 6.0.16)
+
 ## 3.0.8 (release date: TBD)
  * Upgraded to Ruby 3.3.5
  * Added a Python 3.13 image

diff --git a/Makefile b/Makefile
@@ -82,7 +82,7 @@ build_%: build_base
 	@if [ "${*}" == "full" ]; then \
 	    for i in ${CRUBY_IMAGES}; do echo "$${i}=1" >> ${*}_image/buildconfig; done; \
 	    for i in ${MISC_IMAGES}; do echo "$${i}=1" >> ${*}_image/buildconfig; done; \
-	    echo python310=1 >> ${*}_image/buildconfig; \
+	    echo python312=1 >> ${*}_image/buildconfig; \
 	    echo redis=1 >> ${*}_image/buildconfig; \
 	    echo memcached=1 >> ${*}_image/buildconfig; \
 	fi

diff --git a/README.md b/README.md
@@ -85,7 +85,7 @@ Why use passenger-docker instead of doing everything yourself in Dockerfile?
 
 Basics (learn more at [baseimage-docker](http://phusion.github.io/baseimage-docker/)):
 
- * Ubuntu 22.04 LTS as base system.
+ * Ubuntu 24.04 LTS as base system.
  * A **correct** init process ([learn more](http://blog.phusion.nl/2015/01/20/docker-and-the-pid-1-zombie-reaping-problem/)).
  * Fixes APT incompatibilities with Docker.
  * syslog-ng.
@@ -99,13 +99,13 @@ Language support:
    * 3.3.5 is configured as the default.
    * JRuby is installed from source, but we register an APT entry for it.
    * JRuby uses OpenJDK 17.
- * Python 2.7 or 3.10, or any version provided by the Deadsnakes PPA (currently 3.7, 3.8, 3.9, 3.11, 3.12, and 3.13; see https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa).
- * Node.js 18 by default, or any version provided by Nodesource (currently 16, 18, 20, 21; see https://github.com/nodesource/distributions).
+ * Python 3.12, or any version provided by the Deadsnakes PPA (currently 3.8, 3.9, 3.10, and 3.11; see https://launchpad.net/~deadsnakes/+archive/ubuntu/ppa).
+ * Node.js 20 by default, or any version provided by Nodesource (currently 18, 20, 21, 22; see https://github.com/nodesource/distributions).
  * A build system, git, and development headers for many popular libraries, so that the most popular Ruby, Python and Node.js native extensions can be compiled without problems.
 
 Web server and application server:
 
- * Nginx 1.18. Disabled by default.
+ * Nginx 1.24. Disabled by default.
  * [Phusion Passenger 6](https://www.phusionpassenger.com/). Disabled by default (because it starts along with Nginx).
    * This is a fast and lightweight tool for simplifying web application integration into Nginx.
    * It adds many production-grade features, such as process monitoring, administration and status inspection.
@@ -114,7 +114,7 @@ Web server and application server:
 
 Auxiliary services and tools:
 
- * Redis 6.0. Not installed by default.
+ * Redis 7.0. Not installed by default.
  * Memcached. Not installed by default.
 
 <a name="memory_efficiency"></a>
@@ -219,7 +219,7 @@ CMD ["/sbin/my_init"]
 #RUN /pd_build/jruby-9.4.*.sh
 #
 #   Python support
-#RUN /pd_build/python.sh 3.10
+#RUN /pd_build/python.sh 3.12
 
 # ...put your own build instructions here...
 
@@ -280,7 +280,7 @@ server {
 
     # For Python ie. Django
     passenger_app_type wsgi;
-    passenger_startup_file passenger_wsgi.py; (contents example: https://gist.github.com/ajhodgson/96c51dba349697e5c7e46027cc530434)
+    passenger_startup_file passenger_wsgi.py; # (contents example: https://gist.github.com/ajhodgson/96c51dba349697e5c7e46027cc530434)
 
     # For Node.js
     passenger_app_type node;
@@ -520,7 +520,7 @@ The following example shows how you can add a startup script. This script simply
 <a name="upgrading_os"></a>
 ### Upgrading the operating system inside the container
 
-passenger-docker images contain an Ubuntu 22.04 operating system. You may want to update this OS from time to time, for example to pull in the latest security updates. OpenSSL is a notorious example. Vulnerabilities are discovered in OpenSSL on a regular basis, so you should keep OpenSSL up-to-date as much as you can.
+passenger-docker images contain an Ubuntu 24.04 operating system. You may want to update this OS from time to time, for example to pull in the latest security updates. OpenSSL is a notorious example. Vulnerabilities are discovered in OpenSSL on a regular basis, so you should keep OpenSSL up-to-date as much as you can.
 
 While we release passenger-docker images with the latest OS updates from time to time, you do not have to rely on us. You can update the OS inside passenger-docker images yourself, and it is recommend that you do this instead of waiting for us. This is also especially important to upgrade any installed Python or Node packages to the latest minor version.
 

diff --git a/image/Dockerfile b/image/Dockerfile
@@ -7,6 +7,7 @@ MAINTAINER Phusion <[email protected]>
 ADD . /pd_build
 
 ARG ARCH
+ARG http_proxy
 RUN --mount=type=cache,target=/build_cache \
     /usr/bin/nice /pd_build/install_image.sh
 

diff --git a/image/Dockerfile.base b/image/Dockerfile.base
@@ -1,10 +1,11 @@
 # syntax=docker/dockerfile:1.2
-FROM phusion/baseimage:jammy-1.0.4
+FROM phusion/baseimage:noble-1.0.0
 MAINTAINER Phusion <[email protected]>
 
 ADD . /pd_build
 
 ARG ARCH
+ARG http_proxy
 RUN --mount=type=cache,target=/build_cache \
     rm -rf "/build_cache/${ARCH}" && \
     /usr/bin/nice /pd_build/install_base.sh && \

diff --git a/image/config/nginx.conf b/image/config/nginx.conf
@@ -3,6 +3,12 @@ worker_processes auto;
 pid /run/nginx.pid;
 daemon off;
 
+##
+# Error logs
+##
+
+error_log /var/log/nginx/error.log;
+
 include /etc/nginx/main.d/*.conf;
 include /etc/nginx/modules-enabled/*.conf;
 
@@ -38,11 +44,10 @@ http {
 	ssl_prefer_server_ciphers on;
 
 	##
-	# Logging Settings
+	# Access logs
 	##
 
 	access_log /var/log/nginx/access.log;
-	error_log /var/log/nginx/error.log;
 
 	##
 	# Gzip Settings