This repository provides Wolfi based OCI/Docker containers which are built with consistency, minimalism, security and multi-architecture support in mind. The containers leverage both official packages and custom packages built with melange. Containers are versioned based on package versions, similar to official Docker images.
- Minimalist & Secure: Built from scratch using apko with a focus on security and small footprint.
- Continuous Updates: Regularly updated with the latest security patches.
- Multi-Arch Support: These containers are built with support for
linux/amd64andlinux/arm64. - Renovate compatible: Containers have the
org.opencontainers.image.sourcelabel to facilitate changelog population. - Versioned Images: The container images are versioned based on the package versions, making it easy to pin your application to a specific version.
- Busybox included: Busybox is included for debugging and utility reasons in all images, while keeping them tiny.
We follow a versioning scheme of upstream wolfi packages. For example ghcr.io/vaskozl/kubectl:1.28.2-1 is available as:
ghcr.io/vaskozl/kubectl:latestghcr.io/vaskozl/kubectl:1.33.1ghcr.io/vaskozl/kubectl:1.33ghcr.io/vaskozl/kubectl:1
You can choose the tag that best fits your needs, whether you want the latest version, a specific version, or even a particular release of a version. Do note that even releases pinned tags are not be immutable as they are rebuilt regularly to pick up the latest security fixes.
The best and intenteded way to achieve immutability is to just pin the images by by sha256 digest.
The containers do not provide custom entrypoint scripts, and users are expected to provide the command and arguments they desire. In most cases that simply means running the program that is installed with the argument that you desire. This helps keep everything simple and predictable and means you don't have to sift through a list environment variables just to figure out how to run the bespoke entrypoint. Configuration files can simply be mounted with volumes.
For more specific examples, check out my manifests repository.
| Image Name | Pull |
|---|---|
| thelounge | docker pull ghcr.io/vaskozl/thelounge |
| kubectl | docker pull ghcr.io/vaskozl/kubectl |
| lidarr | docker pull ghcr.io/vaskozl/lidarr |
| v2ray | docker pull ghcr.io/vaskozl/v2ray |
| renovate | docker pull ghcr.io/vaskozl/renovate |
| rakudo | docker pull ghcr.io/vaskozl/rakudo |
| prowlarr | docker pull ghcr.io/vaskozl/prowlarr |
| apk-tools | docker pull ghcr.io/vaskozl/apk-tools |
| nfs-subdir-external-provisioner | docker pull ghcr.io/vaskozl/nfs-subdir-external-provisioner |
| gitlab-runner | docker pull ghcr.io/vaskozl/gitlab-runner |
| gitlab-runner-helper | docker pull ghcr.io/vaskozl/gitlab-runner-helper |
| gitlab-container-registry | docker pull ghcr.io/vaskozl/gitlab-container-registry |
| gitlab-exporter | docker pull ghcr.io/vaskozl/gitlab-exporter |
| gitlab-shell | docker pull ghcr.io/vaskozl/gitlab-shell |
| gitlab-base | docker pull ghcr.io/vaskozl/gitlab-base |
| gitaly | docker pull ghcr.io/vaskozl/gitaly |
| gitlab-certificates | docker pull ghcr.io/vaskozl/gitlab-certificates |
| gitlab-pages | docker pull ghcr.io/vaskozl/gitlab-pages |
| blocky | docker pull ghcr.io/vaskozl/blocky |
| anubis | docker pull ghcr.io/vaskozl/anubis |
| sonarr | docker pull ghcr.io/vaskozl/sonarr |
| calibre | docker pull ghcr.io/vaskozl/calibre |
| wolfi | docker pull ghcr.io/vaskozl/wolfi |
| apko | docker pull ghcr.io/vaskozl/apko |
| hugo | docker pull ghcr.io/vaskozl/hugo |
| mosquitto | docker pull ghcr.io/vaskozl/mosquitto |
| cert-manager-cainjector | docker pull ghcr.io/vaskozl/cert-manager-cainjector |
| cert-manager-acmesolver | docker pull ghcr.io/vaskozl/cert-manager-acmesolver |
| cert-manager-webhook | docker pull ghcr.io/vaskozl/cert-manager-webhook |
| cert-manager-controller | docker pull ghcr.io/vaskozl/cert-manager-controller |
| openresty | docker pull ghcr.io/vaskozl/openresty |
| baikal | docker pull ghcr.io/vaskozl/baikal |
| go | docker pull ghcr.io/vaskozl/go |
| perl-libwww | docker pull ghcr.io/vaskozl/perl-libwww |
| chromium | docker pull ghcr.io/vaskozl/chromium |
| ripgrep | docker pull ghcr.io/vaskozl/ripgrep |
| net-tools | docker pull ghcr.io/vaskozl/net-tools |
| radarr | docker pull ghcr.io/vaskozl/radarr |
| buildkitd | docker pull ghcr.io/vaskozl/buildkitd |
| perl-mojolicious | docker pull ghcr.io/vaskozl/perl-mojolicious |
| nginx | docker pull ghcr.io/vaskozl/nginx |
| fluent-bit | docker pull ghcr.io/vaskozl/fluent-bit |
| docker | docker pull ghcr.io/vaskozl/docker |
| qbittorrent-nox | docker pull ghcr.io/vaskozl/qbittorrent-nox |
| grype | docker pull ghcr.io/vaskozl/grype |
| git | docker pull ghcr.io/vaskozl/git |
| flannel | docker pull ghcr.io/vaskozl/flannel |
| logrotate | docker pull ghcr.io/vaskozl/logrotate |
| busybox | docker pull ghcr.io/vaskozl/busybox |
| ntfy | docker pull ghcr.io/vaskozl/ntfy |
| melange | docker pull ghcr.io/vaskozl/melange |
| postgresql | docker pull ghcr.io/vaskozl/postgresql |
| minio | docker pull ghcr.io/vaskozl/minio |
| valkey | docker pull ghcr.io/vaskozl/valkey |
| redis | docker pull ghcr.io/vaskozl/redis |
| mariadb | docker pull ghcr.io/vaskozl/mariadb |
| maddy | docker pull ghcr.io/vaskozl/maddy |
| kubeconform | docker pull ghcr.io/vaskozl/kubeconform |
| jellyfin | docker pull ghcr.io/vaskozl/jellyfin |
| tailscale-operator | docker pull ghcr.io/vaskozl/tailscale-operator |