modified: README.md

new file: golang.yml modified: nginx.yml new file: node.yml new file: postgres.yml new file: python.yml new file: redis.yml
2026-06-30 03:10:55 -07:00
parent 424d1b5718
commit 5367063499
7 changed files with 223 additions and 2 deletions
@@ -0,0 +1,48 @@
+# syntax=dhi.io/build:2-alpine3.23
+
+contents:
+  repositories:
+    - https://dl-cdn.alpinelinux.org/alpine/v3.23/main
+    - https://dl-cdn.alpinelinux.org/alpine/v3.23/community
+  packages:
+    - postgresql16
+    - postgresql16-client
+    - ca-certificates
+    - tzdata
+
+accounts:
+  groups:
+    - gid: 65532
+      name: postgres
+  users:
+    - uid: 65532
+      gid: 65532
+      name: postgres
+  run-as: postgres
+
+work-dir: /var/lib/postgresql
+
+paths:
+  - path: /var/lib/postgresql
+    type: directory
+    uid: 65532
+    gid: 65532
+    permissions: 0700
+  - path: /var/run/postgresql
+    type: directory
+    uid: 65532
+    gid: 65532
+    permissions: 0775
+
+environment:
+  PATH: /usr/lib/postgresql16/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+  PGDATA: /var/lib/postgresql/data
+
+entrypoint:
+  - postgres
+  - -D
+  - /var/lib/postgresql/data
+
+annotations:
+  org.opencontainers.image.title: "hardened-postgres"
+  org.opencontainers.image.description: "Minimal PostgreSQL 16 image stripped of shell utilities"