Dockerized GeoServer.
Old GeoServer versions affected by a severe security vulnerability have been removed from this repo to prevent damage. Please update to most recent version where possible, or at least use a secure version:
- If you are in a version lower than 2.23.x and you can't update, you will need to patch and build your own images, as we won't provide support or patched builds here. Please refer to CVE-2024-36401 the official GeoServer post for details.
- If you are in the 2.23.x series, use at least 2.23.6.
- If you are in the 2.24.x series, use at least 2.24.5.
- If you are in the 2.25.x series, use at least version 2.25.2.
- If you are in 2.26.0 or higher, you are safe from this one.
If you are concerned about security and want to keep GeoServer in good shape, please consider supporting the key shift towards 3.0 release.
- Built on top of Docker's official tomcat image, specifically
tomcat:9-jre17. - Running tomcat process as non-root user.
- Separate GEOSERVER_DATA_DIR location (on /var/local/geoserver).
- Configurable extensions.
- Injectable UID and GID for better mounted volume management.
- CORS ready.
- Taken care of JVM Options.
- Automatic installation of Microsoft Core Fonts for better labelling compatibility.
- Custom geoserver deployment path.
- docker health check.
Latest versions with automated builds available on docker registry:
latest,2.26.1(2.26.1/Dockerfile)2.25.4(2.25.4/Dockerfile)2.24.5(2.24.5/Dockerfile)2.23.6(2.23.6/Dockerfile)
Other experimental dockerfiles (not automated build):
oracle. Uses wnameless/oracle-xe-11g, needs ojdbc7.jar and setting up a database. See the run commands.h2-vector. Plays nicely with oscarfonts/h2:geodb, and includes sample scripts for docker-compose and systemd.- DEPRECATED
ecw. Added GDAL plugin with ECW support to legacy GeoServer versions, not distributed anymore. Needs an update to recent versions.
Think of them more as recipes or documentation rather than production-ready builds :)
Get the image:
docker pull oscarfonts/geoserverRun as a service, exposing port 8080 and using a hosted GEOSERVER_DATA_DIR:
docker run -d -p 8080:8080 -v ${PWD}/data_dir:/var/local/geoserver oscarfonts/geoserver- On build time, set the GEOSERVER_PATH arg to change the geoserver base path. It defaults to
/geoserver.
The tomcat user uid and gid can be customized with CUSTOM_UID and CUSTOM_GID environment variables, so that the mounted data_dir and exts_dir are accessible by both geoserver and a given host user. Usage example:
docker run -d -p 8080:8080 -e CUSTOM_UID=$(id -u) -e CUSTOM_GID=$(id -g) oscarfonts/geoserverTo add extensions to your GeoServer installation, provide a directory with the unzipped extensions separated by directories (one directory per extension):
docker run -d -p 8080:8080 -v ${PWD}/exts_dir:/var/local/geoserver-exts/ oscarfonts/geoserverYou can use the build_exts_dir.sh script together with a extensions configuration file to create your own extensions directory easily.
Warning: The
.jarfiles contained in the extensions directory will be copied to theWEB-INF/libdirectory of the GeoServer installation. Make sure to include only.jarfiles from trusted sources to avoid security risks.
It is also possible to configure the context path by providing a Catalina configuration directory:
docker run -d -p 8080:8080 -v ${PWD}/config_dir:/usr/local/tomcat/conf/Catalina/localhost oscarfonts/geoserverSee some examples.
CORS is configured automatically in the servlet web.xml filters. If you have another
component in front that already takes care of it you can disable it with the environment variable
-e "GEOSERVER_CORS_ENABLED=false".
It is also possible to fine tune it for specific origins, methods, etc. with the following variables:
GEOSERVER_CORS_ALLOWED_ORIGINS(cors.allowed.origins)GEOSERVER_CORS_ALLOWED_METHODS(cors.allowed.methods)GEOSERVER_CORS_ALLOWED_HEADERS(cors.allowed.headers)GEOSERVER_CORS_URL_PATTERN(filter-mapping url-pattern)
See Tomcat documentation for more info.