Skip to content
This repository has been archived by the owner on Feb 19, 2023. It is now read-only.

guillaumedsde/nzbhydra2-distroless

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits

hooks

hooks

 
 

rootfs/etc

rootfs/etc

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

.gitlab-ci.yml

.gitlab-ci.yml

 
 

.prettierrc

.prettierrc

 
 

Dockerfile

Dockerfile

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

Repository files navigation

🐋 NZBHydra2-distroless

Docker Cloud Build Status Gitlab pipeline status Docker Cloud Automated build Docker Image Version (latest by date) Docker Image Size (latest by date) Docker Pulls GitHub stars GitHub watchers Docker Stars GitHub

This repository contains the code to build a small and secure distroless docker image for NZBHydra2 running as an unprivileged user. The final images are built and hosted on the dockerhub and the documentation is hosted on gitlab pages

✔️ Features summary

  • 🥑 distroless minimal image
  • 🤏 As few Docker layers as possible
  • 🛡️ only basic runtime dependencies
  • 🛡️ Runs as unprivileged user with minimal permissions

🏁 How to Run

docker run

$ docker run  -v /your/config/path/:/config \
              -v /your/torrent/blackhole/path/:/blackhole \
              -v /etc/localtime:/etc/localtime:ro \
              -e PUID=1000 \
              -e PGID=1000 \
              -p 5076:5076 \
              guillaumedsde/nzbhydra2-distroless:latest

🧊 Read-only docker run

If you want your container to be even more secure, you can run it with a read-only filesystem:

$ docker run  -v /your/config/path/:/config \
              -v /your/torrent/blackhole/path/:/blackhole \
              -v /etc/localtime:/etc/localtime:ro \
              -e PUID=1000 \
              -e PGID=1000 \
              -e S6_READ_ONLY_ROOT=1 \
              -p 5076:5076 \
              --read-only \
              --tmpfs /var:rw,exec \
              --tmpfs /tmp \
              guillaumedsde/nzbhydra2-distroless:latest

docker-compose.yml

version: "3.3"
services:
  nzbhydra2-distroless:
    volumes:
      - "/your/config/path/:/config"
      - "/your/torrent/blackhole/path/:/blackhole"
      - "/etc/localtime:/etc/localtime:ro"
    environment:
      - PUID=1000
      - PGID=1000
    ports:
      - "5076:5076"
    image: "guillaumedsde/nzbhydra2-distroless:latest"

🧊 Read-only docker-compose.yml

If you want your container to be even more secure, you can run it with a read-only filesystem:

version: "3.3"
services:
  jackett-distroless:
    volumes:
      - "/your/config/path/:/config"
      - "/your/torrent/blackhole/path/:/blackhole"
      - "/etc/localtime:/etc/localtime:ro"
    environment:
      - PUID=1000
      - PGID=1000
      - S6_READ_ONLY_ROOT=1
    ports:
      - "5076:5076"
    tmpfs:
      - "/var:rw,exec"
      - "/tmp:rw,exec"
    read_only: true
    image: "guillaumedsde/nzbhydra2-distroless:latest"

⚙️ Available tags

Each NZBHydra2 docker image is published in two versions:

  • latest v3.14.1-s6-overlay distroless base image with the s6 overlay added
  • latest-distroless v3.14.1-distroless plain distroless base image

🖥️ Supported platforms

Currently this container supports only one (but widely used) platform:

  • linux/amd64

🙏 Credits

A couple of projects really helped me out while developing this container:

  • 💽 NZBHydra2 the awesome software
  • 🏁 s6-overlay A simple, relatively small yet powerful set of init script for managing processes (especially in docker containers)
  • 🥑 Google's distroless base docker images
  • 🐋 The Docker project (of course)

About

Distroless container for the NZBHydra2 program

guillaumedsde.gitlab.io/nzbhydra2-distroless/

Topics

docker docker-container docker-cloud docker-images nzbhydra2 nzbhydra2-distroless

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages