{"id":13567703,"url":"https://github.com/nginxinc/docker-nginx-unprivileged","last_synced_at":"2025-03-22T10:08:33.065Z","repository":{"id":36414302,"uuid":"136453947","full_name":"nginxinc/docker-nginx-unprivileged","owner":"nginxinc","description":"Unprivileged NGINX Dockerfiles","archived":false,"fork":false,"pushed_at":"2024-04-03T19:57:45.000Z","size":482,"stargazers_count":359,"open_issues_count":14,"forks_count":147,"subscribers_count":14,"default_branch":"main","last_synced_at":"2024-04-04T20:36:15.177Z","etag":null,"topics":["alpine","debian","docker","nginx"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/nginxinc/nginx-unprivileged","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nginxinc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-06-07T09:26:04.000Z","updated_at":"2024-04-15T15:14:10.539Z","dependencies_parsed_at":"2023-11-14T17:24:05.576Z","dependency_job_id":"d9b80f88-a776-4656-8c27-a8a5f6c6aa9a","html_url":"https://github.com/nginxinc/docker-nginx-unprivileged","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginxinc%2Fdocker-nginx-unprivileged","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginxinc%2Fdocker-nginx-unprivileged/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginxinc%2Fdocker-nginx-unprivileged/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nginxinc%2Fdocker-nginx-unprivileged/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nginxinc","download_url":"https://codeload.github.com/nginxinc/docker-nginx-unprivileged/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244937830,"owners_count":20535127,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alpine","debian","docker","nginx"],"created_at":"2024-08-01T13:02:39.841Z","updated_at":"2025-03-22T10:08:33.037Z","avatar_url":"https://github.com/nginxinc.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"[![Project Status: Active – The project has reached a stable, usable state and is being actively developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active)\n[![Community Support](https://badgen.net/badge/support/community/cyan?icon=awesome)](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/SUPPORT.md)\n[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-2.1-4baaaa.svg)](https://github.com/nginxinc/docker-nginx-unprivileged/main/CODE_OF_CONDUCT.md)\n\n# NGINX Unprivileged Docker Image\n\nThis repo contains a series of Dockerfiles to create an NGINX Docker image that runs NGINX as a non root, unprivileged user. Notable differences with respect to the official [NGINX Docker](https://github.com/nginxinc/docker-nginx) image include:\n\n* The default NGINX listen port is now `8080` instead of `80` (this is no longer necessary as of Docker `20.03` but it's still required in other container runtimes)\n* The default NGINX user directive in `/etc/nginx/nginx.conf` has been removed\n* The default NGINX PID has been moved from `/var/run/nginx.pid` to `/tmp/nginx.pid`\n* Change `*_temp_path` variables to `/tmp/*`\n\nNew images are built and pushed to on a weekly basis (every Monday night).\n\nCheck out the [docs](https://hub.docker.com/_/nginx) for the upstream Docker NGINX image for a detailed explanation on how to use this image.\n\n## Supported Image Registries and Platforms\n\n### Image Registries\n\nYou can find pre-built images in each of the following registries:\n\n* Amazon ECR - \u003chttps://gallery.ecr.aws/nginx/nginx-unprivileged\u003e\n* Docker Hub - \u003chttps://hub.docker.com/r/nginxinc/nginx-unprivileged\u003e\n* GitHub Container Registry - \u003chttps://github.com/nginxinc/docker-nginx-unprivileged/pkgs/container/nginx-unprivileged\u003e\n* Quay - \u003chttps://quay.io/repository/nginx/nginx-unprivileged\u003e\n\n### Architectures\n\nMost images are built for the `amd64`, `arm32v5` (for Debian), `arm32v6` (for Alpine), `arm32v7`, `arm64v8`, `i386`, `mips64le` (for Debian), `ppc64le` and `s390x` architectures.\n\n## Troubleshooting Tips\n\n* If you wish to use a different user ID and/or group ID when running the Docker Unprivileged image, rebuild the image using the following Docker build arguments:\n\n  ```bash\n  docker build --build-arg UID=\u003cUID\u003e --build-arg GID=\u003cGID\u003e -t nginx-unprivileged .\n  ```\n\n* If you override the default `nginx.conf` file you may encounter various types of error messages:\n  * To fix `nginx: [emerg] open() \"/var/run/nginx.pid\" failed (13: Permission denied)`, you have to specify a valid `pid` location by adding the line `pid /tmp/nginx.pid;` at the top level of your config.\n  * To fix `nginx: [emerg] mkdir() \"/var/cache/nginx/client_temp\" failed (30: Read-only file system)`, you have to specify a valid location for the various NGINX temporary paths by adding these lines within the `http` context:\n\n    ```nginx\n    http {\n        client_body_temp_path /tmp/client_temp;\n        proxy_temp_path       /tmp/proxy_temp_path;\n        fastcgi_temp_path     /tmp/fastcgi_temp;\n        uwsgi_temp_path       /tmp/uwsgi_temp;\n        scgi_temp_path        /tmp/scgi_temp;\n    ...\n    }\n    ```\n\n## On Reporting Issues\n\nWhilst issues and PRs are welcome, please do note that:\n\n1. Issues related to security vulnerabilities will be promptly closed unless they are accompanied by a solid reasoning as to why the vulnerability poses a real security threat to this image. Check out the [`SECURITY`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/SECURITY.md) doc for more details.\n2. These images are unprivileged ports of the upstream [Docker NGINX](https://github.com/nginxinc/docker-nginx) images. Any changes that do not specifically involve the changes made to run NGINX on an unprivileged system should be reported in the [Docker NGINX](https://github.com/nginxinc/docker-nginx) upstream repo. They will not get addressed here.\n3. Following from 2., base images (e.g. Alpine x.x or Debian x) in the [Docker NGINX](https://github.com/nginxinc/docker-nginx) upstream repo get updated when a new version of NGINX is released, never within the same release version. Similarly, new NGINX releases usually make their way to the [Docker NGINX](https://github.com/nginxinc/docker-nginx) image a couple days after their standard release. Please refrain from opening an issue or PR here if the upstream repo hasn't been updated -- it will be closed.\n\n## Contributing\n\nPlease see the [contributing guide](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/CONTRIBUTING.md) for guidelines on how to best contribute to this project.\n\n## License\n\n[Apache License, Version 2.0](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/LICENSE)\n\n\u0026copy; [F5, Inc.](https://www.f5.com/) 2018 - 2024\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnginxinc%2Fdocker-nginx-unprivileged","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnginxinc%2Fdocker-nginx-unprivileged","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnginxinc%2Fdocker-nginx-unprivileged/lists"}