Skip to content

WISVCH/docker-nginx

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.github/workflows
.github/workflows
 
 
.dockerignore
.dockerignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 

Repository files navigation

Customised, hardened Docker image for nginx

  • Entire container runs as non-root user
  • Logs to stdout and stderr instead of files
  • Listens on port 8080 instead of privileged port 80
  • Supports read-only root filesystem with /tmp as writable tmpfs
  • Content served from /srv by default

Example usage

Dockerfile for static files

FROM ghcr.io/wisvch/nginx
COPY . /srv/

Dockerfile with multi-stage Node.js build

FROM node:gallium AS builder
WORKDIR /src
COPY . .
RUN yarn
RUN yarn build

FROM ghcr.io/wisvch/nginx
COPY --from=builder /src/build/ /srv/

Building and running

docker build -t nginx .
docker run --rm -it -p 127.0.0.1:8080:8080 --tmpfs /tmp --read-only nginx

then open http://127.0.0.1:8080 in your browser.

About

Customised, hardened Docker image for nginx

Topics

docker nginx docker-image

Resources

Readme
Activity
Custom properties

Stars

9 stars

Watchers

6 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 2

  •  
  •  

Languages