Skip to content

Regular rebuilds of upstream containers, privileged & unprivileged

License

Notifications You must be signed in to change notification settings

Polarix-Containers/nginx

NGINX

Build unprivileged mainline slim, scan & push Build unprivileged stable slim, scan & push

Features & usage

  • Built on upstream NGINX images, to be used as a drop-in replacement. Comes with regular rebuilds and hardened_malloc which are standard among Polarix containers.
  • Adds ca-certificates package for MTLS setups.

Sample Docker Compose config

 nginx:
    container_name: nginx
    image: ghcr.io/polarix-containers/nginx:unprivileged-slim
    restart: unless-stopped
    ports:
      - "8080:8080/tcp"
    volumes:
      - "./nginx/default.conf:/etc/nginx/conf.d/default.conf:Z,ro"
    user: "101:101"
    read_only: true
    tmpfs:
      - /var/cache/nginx:mode=0770,uid=101,gid=101,noexec,nosuid,nodev
      - /tmp:mode=0770,uid=101,gid=101,noexec,nosuid,nodev
    security_opt:
      - "no-new-privileges=true"
    cap_drop:
      - ALL

Licensing

  • The code in this repository is licensed under the Apache license. 😇
  • These images are built on upstream images, which are under the BSD license. Copyright to the base images belongs to F5 Inc.
  • Any image built by Polarix Containers is provided under the combination of license terms resulting from the use of individual packages.

About

Regular rebuilds of upstream containers, privileged & unprivileged

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages