Tested with NGINX Instance Manager 2.12.0 (#108)

* Added API Connectivity Manager 1.5.0 support

* Ownership fix

* Startup script fix

* NGINX App Protect WAF updates

* Tested with NGINX Instance Manager 2.9.1

* Added docker-compose support

* Tested with NGINX Instance Manager 2.10.0 and Security Monitoring 1.4.0

* Tested with NGINX Instance Manager 2.10.0 and API Connectivity Manager 1.5.0

* Tested with API Connectivity Manager 1.6.0

* Tested with API Connectivity Manager 1.6.0

* README updated

* Added support for NGINX Instance Manager 2.10.1 and App Delivery Manager 4.0.0

* Fixed NGINX App Protect detection bug for NGINX Instance Manager 2.10.0+

* Fixed agent syslog receiver bug

* README updated

* Tested with NGINX Instance Manager 2.11.0 and Security Monitoring 1.5.0

* Tested with NGINX Instance Manager 2.11.0

* Tested with NGINX API Connectivity Manager 1.7.0

* Tested with NGINX Instance Manager 2.12.0 and Security Monitoring 1.6.0

* Tested with API Connectivity Manager 1.8.0

* Tested with API Connectivity Manager 1.8.0

* Tested with NGINX Instance Manager 2.12.0

---------

Signed-off-by: 65397 <[email protected]>

Author: fabriziofiorucci

nginx-agent-docker/Dockerfile

@@ -7,21 +7,14 @@ ARG NAP_WAF=false
 # Initial packages setup
 RUN	apt-get -y update \
 	&& apt-get -y install apt-transport-https lsb-release ca-certificates wget gnupg2 curl debian-archive-keyring \
-# NGINX Instance Manager agent setup
 	&& mkdir -p /deployment /etc/ssl/nginx \
-# Agent installation
-	&& bash -c 'curl -k $NMS_URL/install/nginx-agent | sh' && echo "Agent installed from NMS"
-
-# Startup script
-COPY ./container/start.sh /deployment/
+	&& addgroup --system --gid 20983 nginx \
+	&& adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos "nginx user" --shell /bin/false --uid 20983 nginx
 
-# Download certificate and key from the customer portal (https://account.f5.com)
-# and copy to the build context
+# Use certificate and key from kubernetes secret
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
 	--mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
 	set -x \
-# Startup script
-	&& chmod +x /deployment/start.sh && touch /.dockerenv \
 # Install prerequisite packages:
 	&& wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor > /usr/share/keyrings/nginx-archive-keyring.gpg \
 	&& printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/plus/debian `lsb_release -cs` nginx-plus\n" > /etc/apt/sources.list.d/nginx-plus.list \
@@ -53,7 +46,15 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
 
 	&& groupadd -g 1001 nginx-agent \
 	&& usermod root -G nginx-agent \
-	&& usermod nginx -G nginx-agent
+	&& usermod nginx -G nginx-agent \
+
+# NGINX Instance Manager agent installation
+	&& bash -c 'curl -k $NMS_URL/install/nginx-agent | sh' && echo "Agent installed from NMS"
+
+# Startup script
+COPY ./container/start.sh /deployment/
+RUN	chmod +x /deployment/start.sh && touch /.dockerenv
+
 
 EXPOSE 80
 STOPSIGNAL SIGTERM

nginx-agent-docker/README.md

@@ -8,8 +8,8 @@ This repository can be used to build a docker image with NGINX Plus and NGINX In
 
 This repository has been tested with NGINX agent for:
 
-- NGINX Instance Manager 2.4.0, 2.5.0, 2.5.1, 2.6.0, 2.7.0, 2.8.0, 2.9.0, 2.10.0, 2.10.1, 2.11.0
-- API Connectivity Manager 1.4.0, 1.5.0, 1.6.0
+- NGINX Instance Manager 2.4.0, 2.5.0, 2.5.1, 2.6.0, 2.7.0, 2.8.0, 2.9.0, 2.10.0, 2.10.1, 2.11.0, 2.12.0
+- API Connectivity Manager 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.8.0
 - NGINX App Protect WAF 4.100.1+
 
 ## Prerequisites