Nginx Container Image¶

Hardened Nginx build for reverse proxies, load balancers, and static sites with opinionated security defaults.

Features¶

• Security hardening includes rate limiting, strict HTTP method whitelists, CSP/HSTS security headers, access controls, and tight body/header limits.
• Optional SSL/TLS configuration baked into /etc/nginx/nginx.conf, ready to extend with your own certs.
• Tagged per upstream Nginx version (e.g., 1.26.3) plus a rolling latest tag.
• Works equally well for serving static content or acting as a reverse proxy, thanks to a single consolidated configuration file.

Usage¶

Pull the images¶

podman pull registry.gitlab.com/niclas-zone/ctr/nginx:latest
podman pull registry.gitlab.com/niclas-zone/ctr/nginx:1.26.3

Run with the default site¶

podman run -d \
  --name nginx \
  -p 8080:8080 \
  registry.gitlab.com/niclas-zone/ctr/nginx:latest

Serve your own content¶

podman run -d \
  --name nginx \
  -p 8080:8080 \
  -v ./html:/var/www/html:ro \
  registry.gitlab.com/niclas-zone/ctr/nginx:latest

Provide a custom configuration¶

podman run -d \
  --name nginx \
  -p 8080:8080 \
  -v ./custom-nginx.conf:/etc/nginx/nginx.conf:ro \
  registry.gitlab.com/niclas-zone/ctr/nginx:latest

Author¶

Niclas Heinz

Contributing¶

Contributions are welcome! Please open an issue or submit a merge request if you have suggestions or improvements.

License¶

This project is licensed under the MIT License. See LICENSE for the full terms.