Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
712d64e484 | ||
|
1c78ef6e04 |
14
.github/workflows/docker.yml
vendored
14
.github/workflows/docker.yml
vendored
@@ -338,22 +338,20 @@ jobs:
|
|||||||
|
|
||||||
|
|
||||||
# README
|
# README
|
||||||
- name: github / checkout master
|
- name: github / checkout HEAD
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
run: |
|
run: |
|
||||||
git pull
|
git checkout HEAD
|
||||||
git checkout master
|
|
||||||
|
|
||||||
- name: docker / setup comparison images
|
- name: docker / setup comparison images
|
||||||
if: env.WORKFLOW_CREATE_COMPARISON == 'true'
|
if: env.WORKFLOW_CREATE_COMPARISON == 'true'
|
||||||
continue-on-error: true
|
continue-on-error: true
|
||||||
run: |
|
run: |
|
||||||
docker image prune -af
|
|
||||||
docker image pull ${{ env.WORKFLOW_CREATE_COMPARISON_IMAGE }}
|
docker image pull ${{ env.WORKFLOW_CREATE_COMPARISON_IMAGE }}
|
||||||
docker image pull ${{ env.WORKFLOW_CREATE_COMPARISON_FOREIGN_IMAGE }}
|
docker image pull ${{ env.WORKFLOW_CREATE_COMPARISON_FOREIGN_IMAGE }}
|
||||||
docker image ls &> ./docker.image.ls
|
docker image ls --filter "reference=${{ env.WORKFLOW_CREATE_COMPARISON_IMAGE }}" --format json | jq --raw-output '.Size' &> ./comparison.size0.log
|
||||||
echo "${PWD}"
|
docker image ls --filter "reference=${{ env.WORKFLOW_CREATE_COMPARISON_FOREIGN_IMAGE }}" --format json | jq --raw-output '.Size' &> ./comparison.size1.log
|
||||||
cat ./docker.image.ls
|
docker run --entrypoint "/bin/sh" --rm ${{ env.WORKFLOW_CREATE_COMPARISON_FOREIGN_IMAGE }} -c id &> ./comparison.id.log
|
||||||
|
|
||||||
- name: github / create README.md
|
- name: github / create README.md
|
||||||
id: github-readme
|
id: github-readme
|
||||||
@@ -409,7 +407,7 @@ jobs:
|
|||||||
git add LICENSE
|
git add LICENSE
|
||||||
fi
|
fi
|
||||||
git commit -m "auto update README.md"
|
git commit -m "auto update README.md"
|
||||||
git push
|
git push origin HEAD:master
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
3
.json
3
.json
@@ -20,6 +20,9 @@
|
|||||||
"11notes/distroless",
|
"11notes/distroless",
|
||||||
"11notes/distroless:curl"
|
"11notes/distroless:curl"
|
||||||
]
|
]
|
||||||
|
},
|
||||||
|
"comparison":{
|
||||||
|
"image":"nginx:1.28.0-alpine-slim"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
26
README.md
26
README.md
@@ -1,22 +1,22 @@
|
|||||||
|
|
||||||
|
|
||||||
# NGINX
|
# NGINX
|
||||||
[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-NGINX)[<img src="https://img.shields.io/github/issues/11notes/docker-NGINX?color=7842f5">](https://github.com/11notes/docker-NGINX/issues)
|
[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-NGINX)[<img src="https://img.shields.io/github/issues/11notes/docker-NGINX?color=7842f5">](https://github.com/11notes/docker-NGINX/issues)
|
||||||
|
|
||||||
Nginx, slim and distroless to be used behind a reverse proxy or as full version
|
Nginx, slim and distroless to be used behind a reverse proxy or as full version
|
||||||
|
|
||||||
# MAIN TAGS 🏷️
|
# MAIN TAGS 🏷️
|
||||||
These are the main tags for the image. There is also a tag for each commit and its shorthand sha256 value.
|
These are the main tags for the image. There is also a tag for each commit and its shorthand sha256 value.
|
||||||
|
|
||||||
* [1.26.3](https://hub.docker.com/r/11notes/nginx/tags?name=1.26.3)
|
* [1.28.0](https://hub.docker.com/r/11notes/nginx/tags?name=1.28.0)
|
||||||
* [stable](https://hub.docker.com/r/11notes/nginx/tags?name=stable)
|
* [stable](https://hub.docker.com/r/11notes/nginx/tags?name=stable)
|
||||||
* [latest](https://hub.docker.com/r/11notes/nginx/tags?name=latest)
|
* [latest](https://hub.docker.com/r/11notes/nginx/tags?name=latest)
|
||||||
|
|
||||||
# REPOSITORIES ☁️
|
# REPOSITORIES ☁️
|
||||||
```
|
```
|
||||||
docker pull 11notes/nginx:1.26.3
|
docker pull 11notes/nginx:1.28.0
|
||||||
docker pull ghcr.io/11notes/nginx:1.26.3
|
docker pull ghcr.io/11notes/nginx:1.28.0
|
||||||
docker pull quay.io/11notes/nginx:1.26.3
|
docker pull quay.io/11notes/nginx:1.28.0
|
||||||
```
|
```
|
||||||
|
|
||||||
# SYNOPSIS 📖
|
# SYNOPSIS 📖
|
||||||
@@ -32,9 +32,21 @@ docker pull quay.io/11notes/nginx:1.26.3
|
|||||||
>* This image is created via a secure, pinned CI/CD process and immune to upstream attacks, most other images have upstream dependencies that can be exploited
|
>* This image is created via a secure, pinned CI/CD process and immune to upstream attacks, most other images have upstream dependencies that can be exploited
|
||||||
>* This image contains a proper health check that verifies the app is actually working, most other images have either no health check or only check if a port is open or ping works
|
>* This image contains a proper health check that verifies the app is actually working, most other images have either no health check or only check if a port is open or ping works
|
||||||
>* This image works as read-only, most other images need to write files to the image filesystem
|
>* This image works as read-only, most other images need to write files to the image filesystem
|
||||||
|
>* This image is a lot smaller than most other images
|
||||||
|
|
||||||
If you value security, simplicity and the ability to interact with the maintainer and developer of an image. Using my images is a great start in that direction.
|
If you value security, simplicity and the ability to interact with the maintainer and developer of an image. Using my images is a great start in that direction.
|
||||||
|
|
||||||
|
# COMPARISON 🏁
|
||||||
|
Below you find a comparison between this image and the most used one.
|
||||||
|
|
||||||
|
| **image** | 11notes/nginx:1.28.0 | nginx:1.28.0-alpine-slim |
|
||||||
|
| ---: | :---: | :---: |
|
||||||
|
| **image size on disk** | 4.4MB | 11.9MB |
|
||||||
|
| **process UID/GID** | 1000/1000 | 0:0 |
|
||||||
|
| **distroless?** | ✅ | ❌ |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# DEFAULT CONFIG 📑
|
# DEFAULT CONFIG 📑
|
||||||
```yaml
|
```yaml
|
||||||
worker_processes auto;
|
worker_processes auto;
|
||||||
@@ -124,7 +136,7 @@ The default configuration contains no special settings. It enables brotli compre
|
|||||||
name: "nginx"
|
name: "nginx"
|
||||||
services:
|
services:
|
||||||
nginx:
|
nginx:
|
||||||
image: "11notes/nginx:1.26.3"
|
image: "11notes/nginx:1.28.0"
|
||||||
read_only: true
|
read_only: true
|
||||||
environment:
|
environment:
|
||||||
TZ: "Europe/Zurich"
|
TZ: "Europe/Zurich"
|
||||||
@@ -183,4 +195,4 @@ networks:
|
|||||||
# ElevenNotes™️
|
# ElevenNotes™️
|
||||||
This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-nginx/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-nginx/issues), thanks. If you have a question or inputs please create a new [discussion](https://github.com/11notes/docker-nginx/discussions) instead of an issue. You can find all my other repositories on [github](https://github.com/11notes?tab=repositories).
|
This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-nginx/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-nginx/issues), thanks. If you have a question or inputs please create a new [discussion](https://github.com/11notes/docker-nginx/discussions) instead of an issue. You can find all my other repositories on [github](https://github.com/11notes?tab=repositories).
|
||||||
|
|
||||||
*created 14.04.2025, 08:54:33 (CET)*
|
*created 28.04.2025, 11:03:22 (CET)*
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
name: "nginx"
|
name: "nginx"
|
||||||
services:
|
services:
|
||||||
nginx:
|
nginx:
|
||||||
image: "11notes/nginx:1.26.3"
|
image: "11notes/nginx:1.28.0"
|
||||||
read_only: true
|
read_only: true
|
||||||
environment:
|
environment:
|
||||||
TZ: "Europe/Zurich"
|
TZ: "Europe/Zurich"
|
||||||
|
|||||||
@@ -9,9 +9,13 @@ ${{ github:> }}* This image does not ship with any critical or high rated CVE an
|
|||||||
${{ github:> }}* This image is created via a secure, pinned CI/CD process and immune to upstream attacks, most other images have upstream dependencies that can be exploited
|
${{ github:> }}* This image is created via a secure, pinned CI/CD process and immune to upstream attacks, most other images have upstream dependencies that can be exploited
|
||||||
${{ github:> }}* This image contains a proper health check that verifies the app is actually working, most other images have either no health check or only check if a port is open or ping works
|
${{ github:> }}* This image contains a proper health check that verifies the app is actually working, most other images have either no health check or only check if a port is open or ping works
|
||||||
${{ github:> }}* This image works as read-only, most other images need to write files to the image filesystem
|
${{ github:> }}* This image works as read-only, most other images need to write files to the image filesystem
|
||||||
|
${{ github:> }}* This image is a lot smaller than most other images
|
||||||
|
|
||||||
If you value security, simplicity and the ability to interact with the maintainer and developer of an image. Using my images is a great start in that direction.
|
If you value security, simplicity and the ability to interact with the maintainer and developer of an image. Using my images is a great start in that direction.
|
||||||
|
|
||||||
|
${{ content_comparison }}
|
||||||
|
|
||||||
|
|
||||||
${{ title_config }}
|
${{ title_config }}
|
||||||
```yaml
|
```yaml
|
||||||
${{ include: ./rootfs/etc/nginx/nginx.conf }}
|
${{ include: ./rootfs/etc/nginx/nginx.conf }}
|
||||||
|
|||||||
Reference in New Issue
Block a user