Giters

ammnt / freenginx

Distroless FreeNGINX with HTTP/3 and QUIC support (BoringSSL)🚀

Home Page:https://msftcnsi.com/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

0-rttalpineboringssldistrolessdockerfastopenforkfreenginxhttp2http3httpsnginxquicrootlesstlsunprivilegedweb

Distroless FreeNGINX with HTTP/3 and QUIC support🚀

Build and push image📦 version GitHub issues open

The Docker image is ready to use:
docker run -d --rm -p 127.0.0.1:8080:8080/tcp ghcr.io/ammnt/freenginx:main
or
docker run -d --rm -p 127.0.0.1:8080:8080/tcp ammnt/freenginx:main

Description:

  • Based on latest version of Alpine Linux - low size (~4 MB);
  • BoringSSL with HTTP/3 and QUIC support;
  • HTTP/2 with ALPN support;
  • TLS 1.3 and 0-RTT support;
  • TLS 1.2 and TCP Fast Open (TFO) support;
  • Built using hardening GCC flags;
  • NJS support;
  • PCRE with JIT compilation;
  • zlib-ng library latest version;
  • Rootless master process - unprivileged container;
  • Async I/O threads module;
  • "Distroless" image - shell removed from the image;
  • Removed unnecessary modules;
  • Added OCI labels and annotations;
  • No excess ENTRYPOINT in the image;
  • Slimmed version by Docker Slim tool;
  • Scanned efficiency result with Dive tool;
  • Scanned by vulnerability scanners: GitHub, Docker Scout, Snyk, Grype, Clair and Syft;
  • Anonymous signature - removed "Server" header ("banner"):
    https://github.com/ammnt/freenginx/blob/main/Dockerfile

Note:

Feel free to contact me with more security improvements🙋

About

Distroless FreeNGINX with HTTP/3 and QUIC support (BoringSSL)🚀

https://msftcnsi.com/

0-rttalpineboringssldistrolessdockerfastopenforkfreenginxhttp2http3httpsnginxquicrootlesstlsunprivilegedweb

Languages

Language:Dockerfile 100.0%