nginxinc/docker-nginx-unprivileged

Stars
376
Rank 113,810 (Top 3 %)
Language
Shell
License
Apache License 2.0
Created over 6 years ago
Updated 3 months ago

nginxinc/docker-nginx-unprivileged

nginxinc

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Unprivileged NGINX Dockerfiles

NGINX Unprivileged Docker Image

This repo contains a series of Dockerfiles to create an NGINX Docker image that runs NGINX as a non root, unprivileged user. Notable differences with respect to the official NGINX Docker image include:

The default NGINX listen port is now 8080 instead of 80 (this is no longer necessary as of Docker 20.03 but it's still required in other container runtimes).
The default NGINX user directive in /etc/nginx/nginx.conf has been removed.
The default NGINX PID has been moved from /var/run/nginx.pid to /tmp/nginx.pid.
Change *_temp_path variables to /tmp/*.

New images are built and pushed to on a weekly basis (every Monday night).

Check out the docs for the upstream Docker NGINX image for a detailed explanation on how to use this image.

Note: Issues related to security vulnerabilities will be promptly closed unless they are accompanied by a solid reasoning as to why the vulnerability poses a real security threat to this image. Check out the SECURITY doc for more details.

Supported Image Registries and Platforms

Image Registries

You can find built images in the following registries:

Amazon ECR - https://gallery.ecr.aws/nginx/nginx-unprivileged
Docker Hub - https://hub.docker.com/r/nginxinc/nginx-unprivileged
GitHub Container Registry - https://github.com/nginxinc/docker-nginx-unprivileged/pkgs/container/nginx-unprivileged

Platforms

Most images are built for the amd64, arm32v5 (for Debian), arm32v6 (for Alpine), arm32v7, arm64v8, i386, mips64le (for Debian), ppc64le and s390x architectures.

Common Issues

If you override the default nginx.conf file you may receive the message nginx: [emerg] open() "/var/run/nginx.pid" failed (13: Permission denied), in this case you have to add the line pid /tmp/nginx.pid into your config.

kubernetes-ingress

NGINX and NGINX Plus Ingress Controllers for Kubernetes

docker-nginx

Official NGINX Dockerfiles

nginx-prometheus-exporter

NGINX Prometheus Exporter for NGINX and NGINX Plus

NGINX-Demos

NGINX and NGINX Plus demos

ngx-rust

Rust binding for NGINX

nginx-ldap-auth

Example of LDAP authentication using ngx_http_auth_request_module

ansible-role-nginx

Ansible role for installing NGINX

kic-reference-architectures

MARA: Modern Application Reference Architecture

crossplane

Quick and reliable way to convert NGINX configurations into JSON and back.

nginmesh

Istio compatible service mesh using NGINX

nginx-s3-gateway

NGINX S3 Caching Gateway

nginx-gateway-fabric

NGINX Gateway Fabric provides an implementation for the Gateway API using NGINX as the data plane.

nginx-wiki

ARCHIVED -- Source for the now archived NGINX Wiki section of https://www.nginx.com

docker-nginx-amplify

Official NGINX and Amplify Dockerfiles

nginx-amplify-doc

Public documentation for Amplify

nginx-openid-connect

Reference implementation of OpenID Connect integration for NGINX Plus

nginx-otel

ansible-role-nginx-config

Ansible role for configuring NGINX

mra-ingenious

A photo-sharing app built by NGINX and implemented using the Fabric Model from the Microservices Reference Architecture.

rtapi

Real time API latency analyzer - Create a PDF report and HDR histogram of your APIs

nginx-service-mesh

A service mesh powered by NGINX Plus to manage container traffic in Kubernetes environments.

ansible-collection-nginx

Ansible collection for NGINX

nginx-ingress-operator

WARNING - DEPRECATION NOTICE: The NGINX Ingress Operator has been updated to be a Helm based operator. This repo has been deprecated and will soon be archived - the new NGINX Ingress Operator repo can be found at https://github.com/nginxinc/nginx-ingress-helm-operator.

nginx-loadbalancer-kubernetes

A Kubernetes Controller to synchronize NGINX+ Resources with Kubernetes Ingress Resources

nginx-asg-sync

NGINX Plus Integration with Cloud Autoscaling

nginx-go-crossplane

A library for working with NGINX configs in Go

bank-of-sirius

helm-charts

NGINX Helm Charts repository

nginx-plus-go-client

A client for NGINX Plus API for Go

nginx-openshift-router

NGINX and NGINX Plus OpenShift Routers

nginx-ingress-helm-operator

NGINX Ingress Operator for NGINX and NGINX Plus Ingress Controllers. Based on the Helm chart for NGINX Ingress Controller - https://github.com/nginxinc/helm-charts

docker-nginx-controller

Docker support for NGINX Controller Agent in Containers

nginx-ingress-workshops

Nginx Ingress Controller Hands on Workshops, with Lab Exercises and Guides

microservices-march

Examples from the Microservices March lectures and exercises.

ngx-istio-mixer

NGINX module for Istio mixer

nginx-saml

new-relic-agent

A new relic agent for NGINX Plus metrics

ansible-role-nginx-app-protect

Ansible role to install and configure NGINX App Protect (WAF and DoS) for NGINX Plus on your target host

router-mesh-architecture

NGINX Router Mesh Network Architecture for Microservices

aws-ha-elastic-ip

Active-Passive HA Deployment on AWS Using an Elastic IP Address

nginx-plus-dashboard

website-resources-conf

content for nginx.com/resources/conf/ -- configuration files shared in blog posts, etc.

fabric-model-architecture

Repository for the NGINX Fabric Model Architecture

nginx-management-suite-iac

ngxinfo

Community-Code-of-Conduct

NGINX Open Source Community's Code of Conduct

nginx-amplify-agent

NGINX Amplify Agent

mra-user-manager

snarejs

nginx-ns1-gslb

ARCHIVED - NGINX Plus Integration with NS1 GSLB

mra-auth-proxy

Auth proxy for MRA

nginx-wrapper

NGINX Event Process Wrapper

template-repository

A template repository for new NGINX projects

ngx-stream-nginmesh-dest

Nginx module to get dest ip and port

ansible-role-nginx-unit

Ansible role for NGINX Unit

ebook-managing-kubernetes-nginx

nginx-basics-workshops

nginx-unsupported-modules

Container builds of unsupported NGINX modules

nginx-hugo-theme

A hugo theme for NGINX documentation

ansible-role-nginx-management-suite

Ansible role for the NGINX Management Suite

mra-content-service

nginx-for-azure-deploy-action

Github Actions to sync NGINX configs into the NGINX for Azure service.

mra-photouploader

ansible_collection_nginx_controller

Collection of NGINX Controller Roles for Ansible

mra-photoresizer

nginx-controller-lab

mra-pages

nginxaas-for-azure-snippets

Example ARM templates for common NGINX for Azure use cases

.github

nginx-plus-install-tools

NGINX Plus Install tools

mra-album-manager

nginx-azure-workshops

Instructor Lead and Hands-on Lab Exercises and Lab Guides for NGINX as a Service for Microsoft Azure

homebrew-tap

ansible-role-nginx_controller_application

ansible_role_nginx_controller_agent

Ansible role for installing the NGINX Controller agent

nap-dos-arbitrator-helm-chart

nginx-aws-signature

NGINX AWS Signature Library to authenticate AWS services such as S3 and Lambda via NGINX and NGINX Plus.

alpine-fips

Alpine Linux with FIPS OpenSSL module

ansible-role-nginx_controller_publish_api

kic-test-containers

Docker containers used by the KIC team

ansible-role-nginx_controller_user

ansible-role-nginx_controller_environment

Managing environments within NGINX Controller

ansible-role-nginx_controller_api_definition_import

ansible-role-nginx-controller-gateway

ansible_role_nginx_controller_install

Ansible role for installing NGINX Controller

ansible-role-nginx-controller-certificate

ansible-role-nginx-controller-component

ansible_role_nginx_controller_generate_token

ansible-role-nginx_controller_location

ansible-role-nginx-controller-license

ansible-role-nginx_controller_integration

aws-marketplace-publish

Publish Docker images to AWS Marketplace

ansible-role-nginx_controller_user_role

ansible-role-nginx_controller_forwarder