webkaos
is a web-server based on the latest version of Nginx.
- Improved default SSL/TLS preferencies
- Dynamic TLS Records support
- The latest version of BoringSSL with some state-of-the-art crypto features
- TLS 1.3 support (RFC 8446)
- TCP Fast Open support
- Lua and Headers More modules from the box
- Improved SysV script
- Well-looking error pages
- Improved design of index pages
- Performance tuning for highload
sudo dnf install -y https://pkgs.kaos.st/kaos-repo-latest.el$(grep 'CPE_NAME' /etc/os-release | tr -d '"' | cut -d':' -f5).noarch.rpm
sudo dnf install webkaos
Official webkaos images available on GitHub Container Registry and Docker Hub. All Docker images support templating using environment variables.
Official images:
ghcr.io/essentialkaos/webkaos:ol8
ghcr.io/essentialkaos/webkaos:ol8-unprivileged
ghcr.io/essentialkaos/webkaos:ol9
ghcr.io/essentialkaos/webkaos:ol9-unprivileged
essentialkaos/webkaos:ol8
essentialkaos/webkaos:ol8-unprivileged
essentialkaos/webkaos:ol9
essentialkaos/webkaos:ol9-unprivileged
Usage examples:
# Image on OracleLinux 8
docker run --name my-webkaos -v /some/content:/usr/share/webkaos/html:ro -p 8080:80 -d essentialkaos/webkaos:ol8
# Unprivileged image on OracleLinux 8
docker run --name my-webkaos -v /some/content:/usr/share/webkaos/html:ro -p 8080:8080 -d essentialkaos/webkaos:ol8-unprivileged
Useful environment variables:
WEBKAOS_ENABLE_ENTRYPOINT_LOGS
- Enable logging for actions made by entrypoint script;WEBKAOS_DISABLE_PROC_TUNE
- Disable automaticworker_processes
tuning;WEBKAOS_DISABLE_BUCKET_TUNE
- Disable automaticserver_names_hash_bucket_size
tuning;WEBKAOS_DISABLE_TEMPLATES
- Disable automatic templates rendering.
Using rpmbuilder
# install and configure rpmbuilder
git clone https://kaos.sh/webkaos
cd webkaos/
rpmbuilder webkaos.spec -dl SOURCES
rpmbuilder webkaos.spec -3 -V -I
Q: Why is it named webkaos?
A: The very first version of this webserver was named nginx-kaos
. But it uses a lot of different, awesome projects and libraries, not only nginx. So, we decided to choose something neutral.
Q: Is it safe to use webkaos in production?
A: Yes. But we can't guarantee that there are no bugs in nginx, its modules, or used dependencies.
Q: Can I use Docker images with Kubernetes/Nomad/Rancher?
A: Yes.
Q: Can you provide packages for Ubuntu/Debian/FreeBSD?
A: Theoretically, yes. Practically, no. We use only RHEL-based distros in our infrastructure, and we can't provide the same quality of packages for other distros.
Q: Can you provide Alpine-based Docker images?
A: No. Using RPM packages simplify their support for us. There is a complex process of building and testing packages with different tools (rpmbuilder, rpmlint, perfecto, bibop, shellcheck) and we can't provide the same level of quality without them. Also, it is tough to write and maintain Dockerfiles with a large number of build actions and stages.