goStatic

A really small static web server for Docker

The goal

My goal is to create to smallest docker container for my web static files. The advantage of Go is that you can generate a fully static binary, so that you don't need anything else.

Wait, I've been using old versions of GoStatic and things have changed!

Yeah, decided to drop support of unsecured HTTPS. Two-years ago, when I started GoStatic, there was no automatic HTTPS available. Nowadays, thanks to Let's Encrypt, it's really easy to do so. If you need HTTPS, I recommend caddy.

Features

• A fully static web server in 6MB
• No frameworkw
• Web server build for Docker
• Can generate certificate on his own
• Light container
• More security than official images (see below)
• Log enabled

Why?

Because the official Golang image is wayyyy to big (around 1/2Gb as you can see below) and could be unsecure.

For me, the whole point of containers is to have a light container... Many links should provide you with additionnal info to see my point of view:

• Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities
• Create The Smallest Possible Docker Container
• Building Docker Images for Static Go Binaries
• Small Docker Images For Go Apps

How to use

docker run -d -p 80:8043 -v path/to/website:/srv/http --name goStatic pierrezemb/gostatic

Usage

./goStatic --help
Usage of /goStatic:
  -append-header HeaderName:Value
        HTTP response header, specified as HeaderName:Value that should be added to all responses.
  -context string
        The 'context' path on which files are served, e.g. 'doc' will serve the files at 'http://localhost:<port>/doc/'
  -default-user-basic-auth string
        Define the user (default "gopher")
  -enable-basic-auth
        Enable basic auth. By default, password are randomly generated. Use --set-basic-auth to set it.
  -fallback string
    	Default relative to be used when no file requested found. E.g. /index.html
  -password-length int
        Size of the randomized password (default 16)
  -path string
        The path for the static files (default "/srv/http")
  -port int
        The listening port (default 8043)
  -set-basic-auth string
        Define the basic auth. Form must be user:password

Wow, such container! What are you using?

I'm using the centurylink/ca-certs image instead of the scratch image to avoid this error:

x509: failed to load system roots and no roots provided

The centurylink/ca-certs image is simply the scratch image with the most common root CA certificates pre-installed. The resulting image is only 258 kB which is still a good starting point for creating your own minimal images.