Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ironpeakservices/iron-nginx
Secure base image for running nginx.
https://github.com/ironpeakservices/iron-nginx
docker nginx
Last synced: about 2 months ago
JSON representation
Secure base image for running nginx.
- Host: GitHub
- URL: https://github.com/ironpeakservices/iron-nginx
- Owner: ironpeakservices
- License: apache-2.0
- Created: 2019-10-28T09:47:34.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2024-04-24T04:58:58.000Z (9 months ago)
- Last Synced: 2024-04-24T10:58:19.816Z (9 months ago)
- Topics: docker, nginx
- Language: Dockerfile
- Homepage: https://github.com/ironPeakServices/iron-nginx
- Size: 172 KB
- Stars: 25
- Watchers: 2
- Forks: 0
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ironpeakservices/iron-nginx
Secure base image for running nginx.
`docker pull ghcr.io/ironpeakservices/iron-nginx:1.19.3`
## How is this different?
We build from the official nginx docker image, but additionally:
- an empty scratch container (no shell, unprivileged user, ...) for a tiny attack vector
- secure healthcheck binary for embedded container monitoring
- hardened nginx config
- hardened Docker Compose file
- max memory set to 1GB
## Example
```
FROM ghcr.io/ironpeakservices/iron-nginx:1.19.3
COPY --chown=nonroot css/ js/ html/ /assets
```
## Update policy
Updates to the official nginx docker image are automatically created as a pull request and trigger linting & a docker build.
When those checks complete without errors, a merge into master will trigger a deploy with the same nginx version to packages.