Minimal and secure Alpine Linux based Docker image.
Tini is used by the container as an init process. It protects the system
from process table being filled up, which can prevent the system from spawning any
new processes, by reaping zombie processes.
In addtion to reaping zombies Tini also performs signal forwarding.
Container uses iptables to configure packet filtering rules in the Linux kernel
and therefore CAP_NET_ADMIN capability is required to run the container.
Only local and outbound IPv4 network traffic is allowed.
All IPv6 traffic is blocked.
Host user and group can be mapped to a container by defining HOST_UID and
HOST_GID environment variables. If the variables are left undefined the
container will execute its command with a random UID/GID combination.
Container is compatible with docker logs command although logging is disabled
by default if the container is started with docker-compose command. To find
out more about logging see the command reference.
To print out a trace of commands executed by container-entrypoint script,
set DEBUG environment variable to any non-null value.
This project is licensed under the MIT License.