From 6dc4965f2248615f5b95b37d4507126fb001224d Mon Sep 17 00:00:00 2001 From: soup Date: Thu, 20 Jun 2024 19:21:44 +0200 Subject: [PATCH] docs(install): distroless docker builds (#1500) * chore(readme): add section about distroless docker builds * Update README.md * Update README.md * Update README.md - one of the maintainers + one of the longterm maintainers * docs: update distroless note to caution * docs: distroless make warning bold --------- Co-authored-by: ze0s <43699394+zze0s@users.noreply.github.com> --- README.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/README.md b/README.md index ad389bf..f2bd3e3 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,7 @@ Full documentation can be found at [https://autobrr.com](https://autobrr.com) - [QuickBox](#quickbox) - [Shared Seedbox](#shared-seedbox) - [Docker Compose](#docker-compose) + - [Distroless docker images](#distroless-docker-images) - [Windows](#windows) - [MacOS](#macos) - [Linux Generic](#linux-generic) @@ -209,6 +210,21 @@ Then start with: docker compose up -d ``` +### Distroless Docker Images + +> [!CAUTION] +> This image comes without a shell, and external filtering and actions relying on `exec` will therefore not work with anything but compiled static binaries. +> +> To clarify: **`BASH` and `SH` shell scripts WILL NOT WORK!** +> +> Use the standard image if you rely on this functionality. + +For users who prioritize container security, one of the longterm maintainers offer alternative Docker images built on [Distroless](https://github.com/GoogleContainerTools/distroless). Specifically the `distroless/static-debian12:nonroot` base image. + +Distroless images do not contain a package manager or shell, thereby reducing the potential attack surface and making them a more secure option. These stripped-back images contain only the application and its runtime dependencies. + +The repository for these builds can be found here: [https://github.com/s0up4200/autobrr-distroless](https://github.com/s0up4200/autobrr-distroless) + ### Windows Check the Windows Setup Guide [here](https://autobrr.com/installation/windows).