vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
c1bd611e57b2a44b8490dac4c15c322eed290e7e
NetAlertX/docs/BUILDS.md
jokob-sk a353acff2d DOCS: builds 
Signed-off-by: jokob-sk <jokob.sk@gmail.com>
2025-10-29 07:32:56 +11:00

83 lines
2.0 KiB
Markdown
Raw Blame History

# NetAlertX Builds: Choose Your Path
NetAlertX provides different installation methods for different needs. This guide helps you choose the right path for security, experimentation, or development.
## 1. Hardened Appliance (Default Production)
> [!NOTE]
> Use this image if: You want to use NetAlertX securely.
### Who is this for?
All users who want a stable, secure, "set-it-and-forget-it" appliance.
### Methodology
- Multi-stage Alpine build
- Aggressively "amputated"
- Locked down for max security
### Source
`Dockerfile (hardened target)`
## 2. "Tinkerer's" Image (Insecure VM-Style)
> [!NOTE]
> Use this image if: You want to experiment with NetAlertX.
### Who is this for?
Power users, developers, and "tinkerers" wanting a familiar "VM-like" experience.
### Methodology
- Traditional Debian build
- Includes full un-hardened OS
- Contains `apt`, `sudo`, `git`
### Source
`Dockerfile.debian`
## 3. Contributor's Devcontainer (Project Developers)
> [!NOTE]
> Use this image if: You want to develop NetAlertX itself.
### Who is this for?
Project contributors who are actively writing and debugging code for NetAlertX.
### Methodology
- Builds `FROM runner` stage
- Loaded by VS Code
- Full debug tools: `xdebug`, `pytest`
### Source
`Dockerfile (devcontainer target)`
# Visualizing the Trade-Offs
This chart compares the three builds across key attributes. A higher score means "more of" that attribute. Notice the clear trade-offs between security and development features.
![tradeoffs](./img/BUILDS/build_images_options_tradeoffs.png)
# Build Process & Origins
The final images originate from two different files and build paths. The main `Dockerfile` uses stages to create *both* the hardened and development container images.
## Official Build Path
Dockerfile -> builder (Stage 1) -> runner (Stage 2) -> hardened (Final Stage) (Production Image) + devcontainer (Final Stage) (Developer Image)
## Legacy Build Path
Dockerfile.debian -> "Tinkerer's" Image (Insecure VM-Style Image)
Reference in New Issue View Git Blame Copy Permalink