Hardened multi-arch Redis built from source on Alpine â non-root, TLS, 0 known CVEs.
2.9K
Minimal, security-hardened Redis built from source on Alpine Linux. Multi-stage build, runs as a non-root user, multi-arch (amd64/arm64), and ships with zero known CVEs (scanned with Trivy on every release).
BUILD_TLS=yes.redis-cli ping).linux/amd64, linux/arm64.latest â newest build.7.4.2-alpine3.21 â Redis 7.4.2 on Alpine 3.21.docker run -d --name redis -p 6379:6379 truebyteinnovation/redis:latest
docker run -d --name redis -p 6379:6379 \
--read-only -v redis-data:/data \
truebyteinnovation/redis:latest
docker run -d --name redis -p 6379:6379 -v redis-data:/data \
truebyteinnovation/redis:latest --requirepass "your-strong-password"
| Item | Value |
|---|---|
| Data dir | /data (declared as a VOLUME) |
| Port | 6379 |
| User | redis (non-root, uid 100) |
| Entrypoint | redis-server |
Pass any redis-server flags or a config file path as arguments after the image
name. protected-mode is on by default â set a password, TLS, or ACLs
before exposing Redis beyond a trusted network.
wget applet is removed to reduce attack surface.HIGH/CRITICAL.cosign verify --key https://raw.githubusercontent.com/truebyteinnovation/docker-images/main/assets/cosign.pub \
docker.io/truebyteinnovation/redis:7.4.2-alpine3.21
A production Helm chart (standalone / Sentinel HA / Cluster) is available at
oci://registry-1.docker.io/truebyteinnovation/redis-chart.
Redis is distributed under the BSD-3-Clause license.
Content type
Image
Digest
sha256:afb35b894âĶ
Size
6.3 MB
Last updated
23 days ago
docker pull truebyteinnovation/redis