Skip to content

pentago/traefik-unprivileged

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
.github
.github
 
 
tests
tests
 
 
.markdownlint.json
.markdownlint.json
 
 
.yamllint
.yamllint
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Unprivileged Traefik Container Image

Main CI

To be able to run this critical component as unprivileged and secure as possible, it needs to be built as a custom image.

Approach here is to fetch the official image binary, and copy over the binary to a scratch based image with bare minimum of additions (root certificates and zoneinfo files from official image), running as unprivileged user (1000:1000) by default, all making it smaller and more secure.

Considering official image simplicity, this unprivileged image can be used across at least entire 3.x branch lifetime, hopefully even longer.

Features

  • Official, untouched binary
  • Rootless
  • Listens on high ports
  • Bare-bones scratch image
  • Multiple architectures
  • Free

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 2

  •  
  •  

Languages