Comments (8)
Hi @sandywang1982!
We've had a few requests asking whether this is an official image, whether it's safe to pull and so on. We are trying to figure out the best solution to address these concerns at the moment - but in the meantime, rest assured this image is as "official" as an image without the official images tag can be. It's not hosted on the official Docker images library, true, but it is owned and maintained by NGINX on both GitHub and Docker Hub.
Cheers,
Alessandro.
from docker-nginx-unprivileged.
Hi
Sorry to bump such an old issue. I was wondering if there was any decision made as far as making this image "official". I realize that its official since its the same team as the "official" image and wanted to pitch in some ideas. I was wondering if this image could be released under the _nginx
account too, maybe with its own tag.
Thanks for maintaining this image. Using a privileged container is a huge hazard and this image saves the day.
from docker-nginx-unprivileged.
Great news! We finally managed to become a verified publisher! I am sorry it's taken way, way longer than it should have, but we got there in the end!
from docker-nginx-unprivileged.
Hey @ste93cry!
It's not been forgotten but there are indeed some problems that fundamentally block the resolution of this issue. The first and foremost is that Docker does not allow "use-case" specific images to be part of their "official" library.
There are still continuous discussions on how to best approach this issue and I will hopefully have some positive news to share sooner rather than later, but for now and in the near future, I sadly don't expect anything to change.
from docker-nginx-unprivileged.
Sadly, no. While talks are continuously ongoing, there are no major updates to report in this front (nor would I expect any changes in the near future).
from docker-nginx-unprivileged.
I will admit this is a question rooted in ignorance but I am curious the answer; Is there a reason to not have a rootless version of NGINX be the default? What consequences does this ultimately present to the user and/or administrator?
from docker-nginx-unprivileged.
It has been more than 2 years since the last update on this issue. Has it been forgotten or can we expect some updates at some point? I canβt imagine what problems there may be that block the resolution of this issue π€
from docker-nginx-unprivileged.
I would suggest bringing up that topic on the https://github.com/nginxinc/docker-nginx repo. Discussions like this are always ongoing and in-flux.
That being said, couple reasons that come to mind would be:
a) For legacy reasons -- millions of people are using the Docker NGINX image and suddenly swapping it around for a rootless version might break a ton of production environments.
b) NGINX running as non-root presents some uniques challenges in so far as permissions go. It can be done (as it is in these images), but extra care has to be employed when determining which directories to use for various NGINX functionalities.
from docker-nginx-unprivileged.
Related Issues (20)
- Update UID and GID to 10001 (>10000) HOT 2
- 15-local-resolvers.envsh is not executable HOT 2
- Branding? HOT 3
- Please add bookworm-stable tag with current stable version based on Debian 12 HOT 5
- Non-container guide HOT 2
- Allow contaiener root user to start nginx process and its workers when used in rootless podman HOT 1
- Publish image to a registry that is not rate-limited HOT 4
- nginx defaults to 8080 even if we tell otherwise HOT 8
- Add `;` in readme for Line 35
- Update image to mitigate CVE-2023-44487 vulnerability HOT 3
- Improve local testing docs
- Does image build include installing security updates? HOT 1
- Add another common issue to the README section
- proxy_bind transparent whithout root user HOT 1
- Clarify how to use the different base image versions. HOT 1
- Alpine 3.19 Upgrade HOT 1
- Stable Perl images using mainline nginx? HOT 1
- Upgrade Base Image of nginxinc/docker-nginx-unprivileged from stable-bullseye to stable-bookworm HOT 6
- Container images pushed to Dockerhub are changing checksums without changing version HOT 3
- nginxplus version HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-nginx-unprivileged.