# Daemonless Container Image Builders > Search results for `build container images without a Docker daemon` on awesome-repositories.com. 110 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/build-container-images-without-a-docker-daemon **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/build-container-images-without-a-docker-daemon).** ## Results - [containers/libpod](https://awesome-repositories.com/repository/containers-libpod.md) (32,040 ⭐) — Libpod is a container management library for running and controlling the lifecycle of Open Container Initiative compliant containers and images across different storage backends. It provides a programmatic interface for the remote control and automation of container environments. The project enables the coordination of multiple containers into pods that share network namespaces and other shared resources. It supports rootless container execution by using user namespaces to launch containers without administrative privileges. The library covers a broad range of system operations, including image handling for pulling and pushing across registries, network configuration, and resource isolation through control groups to prevent system exhaustion. It also manages the full container lifecycle—from creation and execution to checkpointing and restoration—via OCI-compliant runtimes. For desktop operating systems, the project supports container execution through a virtual machine backend. - [containers/buildah](https://awesome-repositories.com/repository/containers-buildah.md) (8,618 ⭐) — Buildah is a tool for creating OCI-compliant container images without requiring a background daemon process. It functions as a daemonless image constructor and distribution tool, allowing users to build, push, and pull images between local storage and remote registries. The project distinguishes itself by supporting unprivileged image building through the use of user namespaces and rootless mode. It enables direct modification of container root filesystems by mounting them to the host, allowing images to be treated as directories that can be manipulated via standard shell commands or scripts. The build engine supports both Dockerfile emulation and scripted image construction to generate compliant artifacts. Additional capabilities include containerized build isolation, build cache acceleration for increased speed, and the production of reproducible, bit-for-bit identical images. The toolset also includes utilities for managing working containers, committing container state, and inspecting image metadata. - [docker-library/official-images](https://awesome-repositories.com/repository/docker-library-official-images.md) (6,972 ⭐) — This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-architecture image set, using image indexes to map a single tag to multiple hardware platforms. The repository covers several high-level capability areas, including container security hardening through the restriction of process privileges and the use of non-root users. It also manages container runtime configuration via entrypoints and health checks, and employs image optimization techniques such as multi-stage builds to reduce the final image footprint. - [googlecontainertools/skaffold](https://awesome-repositories.com/repository/googlecontainertools-skaffold.md) (15,856 ⭐) — Skaffold is a command-line tool that automates the build, push, and deployment lifecycle for containerized applications on Kubernetes. It functions as a continuous development engine, monitoring source code for changes to trigger incremental updates, manifest hydration, and automated deployments to a cluster. By abstracting the underlying build and deployment tools, it provides a unified interface for managing the inner development loop. The platform distinguishes itself through its environment-aware configuration and flexible build orchestration. It supports diverse build strategies, including local, remote, and in-cluster image construction, and allows developers to switch between environment-specific profiles automatically based on the active cluster context. To accelerate development, it includes features for direct file synchronization into running containers and remote debugging bridges that connect local tools to processes within a cluster. Beyond core orchestration, the tool manages the entire application lifecycle, from project bootstrapping and dependency definition to log streaming and port forwarding. It integrates with common package managers and supports complex workflows through modular configuration composition and automated manifest generation. The system also provides observability tools, such as structured log parsing and integration test coverage collection, to assist in monitoring and troubleshooting applications during the development process. - [docker/compose](https://awesome-repositories.com/repository/docker-compose.md) (37,588 ⭐) — Docker Compose is a tool for defining and running multi-container applications through declarative configuration files. It functions as an application lifecycle manager, coordinating the startup, shutdown, and scaling of interconnected services within isolated environments. By using a standardized configuration format, it enables infrastructure as code, allowing developers to manage complex application stacks and their dependencies in a single, repeatable file. The project distinguishes itself by integrating directly with the broader Docker platform, leveraging a client-server architecture where a command-line interface communicates with a persistent daemon to manage container lifecycles. It supports advanced development workflows by providing specialized AI agent frameworks, microVM-based sandboxing for secure code execution, and cloud-based offloading for container builds. These capabilities allow for consistent development environments that mirror production configurations while providing integrated security analysis and supply chain guardrails. Beyond core orchestration, the platform encompasses a comprehensive suite of tools for image distribution, automated builds, and enterprise-grade administration. It provides extensive support for managing container runtimes, storage drivers, and registry interactions, ensuring compatibility with standardized container interfaces. The project is supported by a wide range of documentation, including guides, API references, and interactive workshops designed to assist with local development and scalable deployment. - [dokku/dokku](https://awesome-repositories.com/repository/dokku-dokku.md) (31,954 ⭐) — Dokku is a self-hosted platform as a service that automates the deployment and management of web applications on your own infrastructure. It functions as an infrastructure automation tool, providing a git-driven engine that triggers container builds, service orchestration, and release workflows directly from source code repositories. The platform distinguishes itself by using buildpack-based image construction to detect project structures and automate container creation without manual configuration. It manages the full application lifecycle through a simplified interface that abstracts low-level container runtime commands, while dynamically handling reverse-proxy routing and environment-variable-driven configuration to map traffic and decouple settings from the underlying host. Beyond core deployment, the system provides comprehensive infrastructure lifecycle management, including the automated setup of system dependencies and the configuration of administrative access controls. The platform is designed for modular expansion, allowing users to extend core functionality through a plugin system that hooks into lifecycle events. It is installed on Linux distributions using automated scripts to ensure consistent environment preparation. - [containers/skopeo](https://awesome-repositories.com/repository/containers-skopeo.md) (10,982 ⭐) — Skopeo is an OCI container image manager and registry client designed for inspecting, copying, and signing container images across different registries and storage backends. It enables the manipulation of container images using direct API calls to registries, operating independently of a local container daemon or runtime. The tool provides specialized capabilities for container image mirroring and synchronization, specifically supporting the mirroring of external repositories to internal registries for air-gapped environments. It also functions as a container image signing tool, allowing for the attachment and verification of cryptographic signatures to ensure content integrity and authenticity. Broad functional areas include remote registry administration and inspection, which allow for the retrieval of image manifests and metadata as well as the deletion of specific image versions and tags. The system also manages secure registry access through credential-based authentication and session management. - [docker/docker-py](https://awesome-repositories.com/repository/docker-docker-py.md) (7,184 ⭐) — docker-py is a Python library and SDK that serves as a programmatic client for the Docker Engine API. It provides a programmatic interface for controlling containers, images, and clusters, allowing for the automation of containerized applications and engine resources. The library enables remote Docker administration through various transport methods, including Unix domain sockets, TCP ports, and encrypted SSH tunnels. It handles real-time data links by using WebSockets to stream input and output from active containers. The project covers container lifecycle control, image management for building and distributing images to registries, and cluster orchestration for coordinating services across distributed nodes. It also includes capabilities for real-time container monitoring and log streaming. - [docker-archive-public/docker.dockercraft](https://awesome-repositories.com/repository/docker-archive-public-docker-dockercraft.md) (7,437 ⭐) — Dockercraft is a Cuberite-based system that visualizes running Docker containers as blocks inside a Minecraft world, providing an in-game interface for managing containers through block interactions. It maps each Docker container to a distinct block entity, linking container lifecycle events to block state changes for at-a-glance status monitoring. The project uses a Cuberite server plugin to translate in-game player actions into Docker API calls, enabling starting, stopping, and inspecting containers by interacting with their block representations. A real-time polling loop periodically queries the Docker daemon for status updates and reflects changes by modifying block appearances in the game world, while an event-driven handler captures player interactions and triggers corresponding Docker operations. The system supports customizing the Minecraft world's biome and terrain features by passing parameters at server launch, and the Cuberite server implementation accepts these parameters to shape the environment around container visualizations. - [oracle/docker-images](https://awesome-repositories.com/repository/oracle-docker-images.md) (6,978 ⭐) — This project is a Docker container image library providing official Dockerfiles and configurations for deploying enterprise software and database products. It serves as a source of container specifications and OCI compatible image repositories for packaging commercial application software into standardized container images. The repository specifically focuses on Oracle software containerization, offering pre-configured images and build scripts to deploy Oracle database instances in containerized environments. The project implements a standardized image build workflow and utilizes multi-stage container builds to separate build-time environments from final runtime images. This process incorporates configuration-driven builds and base-image inheritance to maintain consistent system configurations and security patches. - [crystal-lang/crystal](https://awesome-repositories.com/repository/crystal-lang-crystal.md) (20,299 ⭐) — Crystal is a statically typed, compiled programming language designed for high performance and memory safety. It leverages an LLVM-based compiler to translate source code into optimized machine-executable binaries, while its type-inference-based static analysis enforces strict safety rules during the build process. The language distinguishes itself through a fiber-based concurrent runtime that manages lightweight execution units for asynchronous input and output without blocking the main process. It also features a powerful compile-time macro system that allows for the inspection and transformation of the abstract syntax tree, enabling developers to automate repetitive tasks and generate code dynamically during compilation. Furthermore, Crystal provides a native foreign function interface that maps native memory layouts and function signatures to local identifiers, facilitating direct interaction with external system libraries. Beyond its core language features, Crystal includes a comprehensive suite of tooling for the entire software lifecycle. This includes dependency management, automated testing frameworks, documentation generation, and project scaffolding utilities. The ecosystem supports high-performance systems programming, cross-architecture compilation, and the production of statically linked binaries to simplify deployment across diverse environments. - [aquasecurity/trivy](https://awesome-repositories.com/repository/aquasecurity-trivy.md) (36,462 ⭐) — Trivy is a comprehensive security scanner designed to identify vulnerabilities and misconfigurations across container images, filesystems, and infrastructure as code files. It functions as a software composition analysis tool and an infrastructure security scanner, providing automated checks for CI/CD pipelines and cloud environments to ensure the integrity of the software supply chain. The tool distinguishes itself through a modular, plugin-based architecture that allows for the independent inspection of diverse targets. It utilizes a declarative policy engine to evaluate configurations against compliance standards and relies on a remote, periodically updated vulnerability database to maintain current detection logic without requiring binary updates. By employing static analysis pattern matching, it maps disparate scan results into a unified output schema for consistent reporting. Beyond its core scanning capabilities, the project supports cloud infrastructure auditing and deep inspection of local and remote environments. It is distributed as a single cross-platform executable, and comprehensive configuration and usage details are available in the project's official user guide. - [opencontainers/container-images](https://awesome-repositories.com/repository/opencontainers-container-images.md) (16 ⭐) — A collection of container images used in CI across various opencontainers projects - [php/frankenphp](https://awesome-repositories.com/repository/php-frankenphp.md) (11,151 ⭐) — FrankenPHP is a Go-based PHP runtime and application server that integrates a web server and PHP interpreter to host applications without requiring a separate process manager. It functions as a worker mode server that keeps applications in memory across requests to eliminate bootstrap overhead and a static binary bundler that packages applications and the server into a single self-contained executable. The project distinguishes itself by allowing the embedding of a PHP runtime directly into Go programs and enabling the development of PHP extensions using the Go language. It also includes a built-in real-time hub for pushing updates to clients via the Mercure protocol. The server covers a broad range of operational capabilities, including worker thread scaling, request routing, and the delivery of early hint responses for asset preloading. It provides developer experience tools for automated hot reloading and worker restarts, alongside observability features such as thread state inspection and Prometheus metrics exposure. Deployment is supported through container image building and the compilation of standalone static binaries using musl libc. - [earthly/earthly](https://awesome-repositories.com/repository/earthly-earthly.md) (12,035 ⭐) — Earthly is a containerized build system and Docker build framework designed for creating reproducible build pipelines. It ensures environment consistency by executing every build step inside an isolated container, combining the isolation of container images with dependency tracking and parallel execution. The system differentiates itself through a focus on hermeticity and multiplatform support, allowing for the generation of container images targeting multiple CPU architectures within a single execution flow. It maintains a hermetic build environment by isolating network access and utilizing a secret-mounting mechanism that injects sensitive data without persisting it in image layers. The project covers a broad range of automation capabilities, including directed acyclic graph orchestration for parallel target execution and content-addressable distributed caching to avoid redundant computations. It further supports monorepo coordination, remote build execution on cloud infrastructure, and the orchestration of containerized integration tests. Earthly provides the ability to inherit specifications from existing Dockerfiles to incorporate them into its own build pipelines. - [docker/awesome-compose](https://awesome-repositories.com/repository/docker-awesome-compose.md) (45,561 ⭐) — Awesome Compose is a collection of resources designed to demonstrate the orchestration of multi-container applications. It serves as a practical reference for using declarative configuration files to define, manage, and deploy complex software stacks, ensuring that services run consistently across development, testing, and production environments. The project highlights the capabilities of container lifecycle management by providing examples of how to bundle software with its dependencies into isolated, portable units. It emphasizes the use of multi-stage build pipelines to optimize image sizes and the integration of environment variables to decouple application logic from host-specific settings. By leveraging these patterns, users can standardize development workspaces and automate the maintenance of interconnected service architectures. Beyond basic orchestration, the repository covers the broader surface of container infrastructure, including the management of image registries, network configurations, and storage drivers. It also demonstrates how to execute build-time commands and embed complex scripts directly into configuration files to streamline the assembly of containerized environments. - [whoan/docker-build-with-cache-action](https://awesome-repositories.com/repository/whoan-docker-build-with-cache-action.md) (351 ⭐) — :octocat: Build and push docker images caching each stage to reduce build time - [nixos/nixpkgs](https://awesome-repositories.com/repository/nixos-nixpkgs.md) (23,527 ⭐) — Nixpkgs is a comprehensive repository of declarative software definitions used to build and manage reproducible system environments. It functions as a framework for assembling operating system components and application dependencies into consistent, versioned, and verifiable software collections. By utilizing a functional derivation graph and a lazy evaluation model, the project ensures that software environments are defined as pure expressions, resulting in absolute reproducibility across different machines. The repository distinguishes itself through its ability to manage complex software lifecycles via overlay-based modifications and declarative system specifications. Users can extend or override existing package definitions to create tailored deployments without altering original source files. This architecture supports granular control over software availability, allowing for the enforcement of license compliance and security policies through managed allowlists and blocklists. Beyond core packaging, the project provides tools for system configuration management and the generation of immutable container images. It handles the integration of shell assets and binary dependencies by wrapping executables to ensure they locate necessary runtime paths. The system also incorporates automated integrity checks and build hooks to verify software quality and compatibility before finalizing any installation. - [apache/airflow](https://awesome-repositories.com/repository/apache-airflow.md) (45,902 ⭐) — Airflow is a platform for programmatically authoring, scheduling, and monitoring complex data pipelines. It functions as a workflow automation engine that manages the lifecycle of recurring business processes by executing code-defined task dependencies. By representing workflows as directed acyclic graphs, the system ensures that task execution order and data flow are explicitly defined and reliably maintained across distributed computing environments. The platform distinguishes itself through a highly modular, provider-based architecture that decouples core orchestration logic from external service integrations. This extensibility allows users to connect diverse cloud services, databases, and storage systems through custom plugins and packages. The system utilizes a distributed task queue to enable horizontal scaling, while a centralized scheduler and metadata-driven state management ensure fault tolerance and visibility across large-scale infrastructure. Beyond core scheduling, the project provides comprehensive observability through a web-based interface for pipeline visualization, status tracking, and source code inspection. It supports secure operations by integrating with external secret management services and offers robust administrative control through both a command-line interface and a programmatic API. The system is designed for containerized deployment, providing tools for building optimized images and managing complex dependency environments. - [testcontainers/testcontainers-java](https://awesome-repositories.com/repository/testcontainers-testcontainers-java.md) (8,660 ⭐) — Testcontainers for Java is a library for launching and managing disposable Docker containers to provide isolated dependencies for automated tests. It provides specialized provisioners for containerized databases, a manager for WebDriver browser containers, and an orchestrator for deploying multi-container applications via Docker Compose. The project ensures reproducible data states through database schema initialization and provides integration with JUnit to manage the lifecycle of external services. It supports automated browser testing by launching Selenium containers with the ability to record sessions via VNC. The library covers broader container orchestration capabilities, including network configuration, host directory binding, and on-the-fly image building. It manages container lifecycles with specific wait strategies for startup and utilizes a sidecar container for automated resource cleanup to prevent orphaned containers. Additional utilities include in-container command execution, log streaming, and authentication for private registries. - [docker/cli](https://awesome-repositories.com/repository/docker-cli.md) (5,693 ⭐) — Docker CLI is the command-line tool that enables users to interact with the Docker daemon for building, running, and managing containers. It provides a structured interface for controlling container lifecycles, images, networks, and volumes through a terminal-based workflow. The tool supports building container images from source code using Dockerfiles, with features like build context streaming and image layer caching to accelerate construction. It also allows starting interactive shells inside containers for isolated development and testing environments. The CLI operates through a client-server architecture, communicating with a remote Docker daemon over a REST API. A command-parsing pipeline tokenizes user input and dispatches it to handler functions, while a plugin-based extension system enables third-party subcommands and hooks. The daemon abstracts underlying container execution engines to manage lifecycle, isolation, and resource allocation. - [ageitgey/face_recognition](https://awesome-repositories.com/repository/ageitgey-face-recognition.md) (56,504 ⭐) — This is a Python facial recognition library designed to detect, encode, and identify human faces in images and video. It functions as a biometric identification tool that converts facial features into numerical encodings to compare and match identities. The library provides a computer vision command line interface for batch processing face detection and recognition tasks across image directories. It also supports a GPU accelerated vision API that utilizes CUDA and NVIDIA hardware to increase the speed of facial analysis and identification. Its capabilities cover human face detection and facial landmark mapping for eyes, noses, mouths, and chins. It includes tools for facial identity verification, real-time video recognition, and the training of classifiers to predict the identity of unknown faces. Pre-configured container images are provided for both CPU and GPU environments to simplify the installation of dependencies. - [sherlock-project/sherlock](https://awesome-repositories.com/repository/sherlock-project-sherlock.md) (85,076 ⭐) — Sherlock is a command-line automation tool designed to orchestrate software build, execution, and deployment workflows. It functions as an ephemeral runtime orchestrator that executes applications directly from source code, bypassing the need for persistent system-wide installations or manual dependency management. By providing a unified, containerized development environment, it ensures that application dependencies and infrastructure configurations remain consistent across diverse host operating systems. The project distinguishes itself through its ability to synthesize container images declaratively, translating source code and configuration manifests into immutable artifacts. It utilizes documentation-driven discovery to parse technical guides and reference materials, allowing it to map command-line interfaces to automated execution routines. This approach enables the provisioning of short-lived, reproducible environments that maintain consistent behavior throughout the application lifecycle. Beyond its core orchestration capabilities, the tool provides a comprehensive infrastructure-as-code workflow for managing service dependencies and build processes. It abstracts low-level container runtime operations to handle networking, resource constraints, and lifecycle management, while offering integrated access to project documentation to assist with operational requirements. - [apache/superset](https://awesome-repositories.com/repository/apache-superset.md) (73,451 ⭐) — Superset is a web-based business intelligence platform designed for data exploration, visualization, and interactive dashboarding. It functions as a query-driven analytics engine that connects to various SQL databases, allowing users to perform ad-hoc analysis, define virtual metrics, and build complex data visualizations through a centralized interface. The platform distinguishes itself through a robust semantic layer that transforms raw database schemas into calculated columns and virtual metrics, enabling consistent business logic across an organization. It features a plugin-based visualization architecture that supports modular chart components and custom geospatial maps, alongside granular role-based access control that enforces data security through row-level filters applied directly to generated SQL queries. Beyond its core analytics capabilities, the system provides comprehensive tools for enterprise data governance, including automated reporting, scheduled data snapshots, and secure content embedding. It supports high-performance operations through distributed caching, asynchronous query execution, and a standardized API for programmatic resource management. The project is designed for production-grade deployment, offering extensive configuration for containerized environments, metadata management, and secure network communication. It provides detailed documentation for installation, environment migration, and system hardening to ensure scalability and data integrity across distributed instances. - [containers/podman](https://awesome-repositories.com/repository/containers-podman.md) (32,035 ⭐) — Podman is a container engine designed for managing containerized applications and images without the need for a persistent background daemon. By utilizing a fork-exec process model, it executes container management commands as direct child processes of the host system, ensuring that container lifecycles are handled through standard host-level process control. The project distinguishes itself through a focus on rootless security and cross-platform compatibility. It employs user namespace mapping to allow unprivileged users to manage isolated workloads without requiring administrative system access. On non-Linux operating systems, it integrates with lightweight virtual machines to provide a native command-line experience for container development. The engine supports the full container lifecycle, including image management, registry interaction, and orchestration of background or interactive services. It adheres to open industry standards for container runtimes and includes capabilities for checkpointing and restoring the memory and process state of running containers to facilitate workload migration. - [devcontainers/cli](https://awesome-repositories.com/repository/devcontainers-cli.md) (2,482 ⭐) — This is a command line tool for building and managing isolated development environments based on the Development Container Specification. It functions as an OCI container image builder and a provisioner for instantiating standardized containers within automated continuous integration workflows. The tool includes a system for injecting pre-configured software and toolsets into containers using a registry of reusable installation modules. This allows for the creation of shareable features and the installation of specific languages, CLI tools, and software dependencies. It covers the automation of environment bootstrapping, the generation of prebuilt images to reduce startup time, and the execution of commands and lifecycle scripts within running containers. It also handles the mapping of workspace folders to ensure consistent setups across different machines. - [apache/gravitino](https://awesome-repositories.com/repository/apache-gravitino.md) (2,866 ⭐) — Gravitino is a federated metadata lake and unified data catalog designed to manage tables, files, and AI models across diverse data sources and cloud storage. It serves as a centralized interface for governing schemas, access controls, and tagging across relational databases, messaging queues, and object stores. The project distinguishes itself by unifying the management of AI assets, such as machine learning models and their version lineages, alongside traditional tabular data. It also implements the Iceberg REST specification to provide a standardized metadata server and proxy for lakehouse tables across different compute engines. The system covers a broad range of capabilities, including federated metadata management for relational and streaming sources, role-based access control with credential vending, and data lineage tracking using the OpenLineage standard. It further provides automation for table maintenance, metadata lookup caching for performance, and a Model Context Protocol server for AI tool integration. Deployment options include Kubernetes Helm charts, standalone REST servers, and containerized local sandboxes. - [microsoft/qlib](https://awesome-repositories.com/repository/microsoft-qlib.md) (44,490 ⭐) — This project is a comprehensive platform for quantitative investment research, machine learning, and algorithmic trading. It provides an end-to-end environment for developing, testing, and executing financial strategies, supporting the entire lifecycle from data ingestion and feature engineering to model training and backtesting. The system is distinguished by its configuration-driven workflow orchestration, which allows researchers to automate complex pipelines and manage experiments through declarative files. It features a high-performance data infrastructure that utilizes custom binary formats to optimize throughput for large-scale market datasets, while a dedicated temporal management layer enforces strict point-in-time data integrity to prevent information leakage during simulations. Furthermore, the platform includes a hierarchical simulation framework that coordinates multi-level trading interactions, such as the relationship between daily portfolio management and intraday order execution. Beyond its core research capabilities, the platform offers a specialized toolkit for financial machine learning, including support for reinforcement learning agents and meta-learning algorithms. Users can integrate custom models and trading strategies through standardized interfaces, ensuring flexibility in how predictive signals are generated and applied. The environment also provides robust utilities for experiment tracking, containerized deployment management, and performance reporting to facilitate reproducible research and strategy verification. - [podman-desktop/podman-desktop](https://awesome-repositories.com/repository/podman-desktop-podman-desktop.md) (7,722 ⭐) — Podman Desktop is a graphical user interface for building, managing, and deploying containers and Kubernetes clusters from a local workstation. It serves as a container engine manager and a Kubernetes cluster dashboard, providing a visual environment for tasks typically handled via the command line. The project includes a container extension framework that allows users to integrate additional tools and capabilities into the management environment through a plugin system and extension catalog. The software covers the full container lifecycle, including image building and pushing to registries, container lifecycle control, and multi-engine orchestration. It provides tools for local Kubernetes development and administration, enabling the management of pods and the conversion of local workloads into cloud-based deployments. Additional capabilities include engine configuration, resource adjustment, and image registry management for enterprise environments. - [docker-mailserver/docker-mailserver](https://awesome-repositories.com/repository/docker-mailserver-docker-mailserver.md) (18,420 ⭐) — This project provides a full-stack, containerized mail server platform designed for self-hosting. It functions as a complete mail transfer agent that bundles essential services—including SMTP, IMAP, and POP3—into a unified environment. By leveraging container orchestration, it enables the deployment of private email infrastructure that handles message transport, delivery, and user management within a single, manageable service. The platform distinguishes itself through deep integration with container runtimes and robust configuration flexibility. It supports granular customization via configuration-file injection, initialization-script hooking, and volume-based persistence, allowing administrators to tune mail transport parameters and maintain state across container lifecycles. It also offers advanced operational capabilities such as multi-tenant relay routing, automated container updates, and native support for Kubernetes environments. Beyond core delivery, the server includes a comprehensive security and filtering suite. It integrates modular middleware for real-time spam and malware analysis, enforces cryptographic signing for message authenticity, and provides automated protection against brute-force attacks and malicious traffic. Administrative tasks are simplified through a dedicated command-line utility for account management, alias configuration, and storage quota enforcement, alongside built-in observability tools for monitoring server health and filtering statistics. The project is distributed as a container image, with documentation and configuration patterns provided to support deployment across standard container runtimes and orchestration platforms. - [lotabout/let-s-build-a-compiler](https://awesome-repositories.com/repository/lotabout-let-s-build-a-compiler.md) (580 ⭐) — A C & x86 version of the "Let's Build a Compiler" by Jack Crenshaw - [docker-archive-public/docker.machine](https://awesome-repositories.com/repository/docker-archive-public-docker-machine.md) (6,615 ⭐) — Docker Machine is a tool for provisioning and managing Docker hosts across local virtual machines and cloud providers. It automates the creation of Docker-ready servers, installing the Docker Engine and configuring the client to connect, all from a single command-line interface. The project provides a unified way to create, list, start, stop, and remove Docker hosts across multiple environments, supporting both local hypervisors and various cloud platforms. Its extensible driver system allows users to build custom plugins for additional virtualization or cloud platforms, adapting the tool to different infrastructure setups. Docker Machine also bundles Docker Engine, Compose, and Machine into a single installer for systems that cannot run Docker Desktop, enabling legacy environments to use modern container tooling. The project includes capabilities for deploying multi-container applications, orchestrating containers across clusters, building images from source code, and managing private image registries, along with features for signing and verifying container image authenticity and generating software bill of materials. - [encoredev/encore](https://awesome-repositories.com/repository/encoredev-encore.md) (12,049 ⭐) — Encore is a distributed systems framework designed to unify backend development, infrastructure provisioning, and observability. It functions as an infrastructure-as-code platform that allows developers to define cloud resources, databases, and messaging topics directly within their application code. By analyzing these declarations at compile-time, the system automatically manages the deployment of cloud resources and security policies, ensuring parity between local development and production environments. The platform distinguishes itself through its integrated development experience, which includes a local workspace that mirrors production infrastructure to facilitate testing and debugging. It provides automated AI-assisted development tools that leverage application metadata and runtime telemetry to aid in code generation and performance analysis. Furthermore, the framework enforces architectural standards and automates the creation of ephemeral, production-like environments for every pull request, streamlining the validation process before deployment. Beyond its core orchestration capabilities, the framework includes a comprehensive suite for building type-safe APIs and event-driven services. It handles the complexities of service communication, including automated client library generation, request validation, and distributed tracing instrumentation. The system also incorporates robust security primitives, such as identity token validation, secret management, and automated traffic control, to support the development of secure, scalable backend architectures. - [moby/buildkit](https://awesome-repositories.com/repository/moby-buildkit.md) (10,061 ⭐) — Buildkit is a programmable container build toolkit and OCI container image builder that converts build definitions into concurrent dependency graphs for image construction. It functions as an OCI image distribution engine, capable of generating container images and exporting artifacts to local storage or remote registries. The project is distinguished by its use of a low-level binary intermediate representation to decouple high-level build languages from the execution engine. It supports multi-platform image builds through user-mode architecture emulation and provides a distributed build cache manager to accelerate cycles by storing intermediate layers across registries or cloud storage. The system covers a broad range of capabilities including directed-acyclic-graph execution, content-addressable cache storage, and reproducible build pipelines that standardize timestamps and pin dependency versions. It also includes observability features for build performance tracing and telemetry via OpenTelemetry, as well as security primitives such as mutual TLS transport and rootless execution. Buildkit can be deployed as a standalone daemon or as a Kubernetes-native build daemon within a cluster. - [wemake-services/docker-image-size-limit](https://awesome-repositories.com/repository/wemake-services-docker-image-size-limit.md) (131 ⭐) — :whale: Keep an eye on your docker image size and prevent it from growing too big - [hashcat/hashcat](https://awesome-repositories.com/repository/hashcat-hashcat.md) (26,200 ⭐) — Hashcat is a high-performance hash cracking software and OpenCL compute application used to recover plain-text passwords from hashed data. It functions as a GPU-accelerated recovery tool and distributed password cracker, leveraging CPUs and GPUs to perform intensive cryptographic computations. The system differentiates itself through a distributed cracking workflow that coordinates tasks across multiple machines via an overlay network to share computational load. It further optimizes recovery speed using Markov chain keyspace optimization to prioritize the most likely password candidates. The software supports multiple attack modes, including mask-based brute force and dictionary-based recovery. It includes hardware performance tuning, hash algorithm benchmarking, and a thermal watchdog for hardware health monitoring. Long-running operations are supported by session management for pausing and restoring progress. Containerized deployment options are available to simplify installation and runtime configuration across different platforms. - [cachix/devenv](https://awesome-repositories.com/repository/cachix-devenv.md) (7,005 ⭐) — Devenv is a Nix-based development environment manager that provides declarative definitions for reproducible shells and toolchains. It functions as a declarative task runner for executing dependency-aware pipelines and a service orchestration tool for supervising background processes. The project distinguishes itself by generating OCI container images directly from environment definitions without requiring a separate container engine. It also implements the Model Context Protocol to expose project context and package search to AI agents, and supports AI-assisted scaffolding to generate configuration files from natural language descriptions. The platform covers a broad range of development capabilities, including local service orchestration with health checks, automated shell activation through hooks, and binary caching for accelerated setup. It also includes secret management via provider-agnostic abstractions and integration with Dev Container configurations. The system provides an IDE language server to support configuration files with completion and diagnostics. - [coollabsio/coolify](https://awesome-repositories.com/repository/coollabsio-coolify.md) (57,055 ⭐) — This project is a self-hosted platform-as-a-service that provides a centralized management interface for deploying, configuring, and monitoring containerized applications and databases on private infrastructure. It functions as a visual control plane, automating the end-to-end lifecycle of services from source code to production. By managing container orchestration, networking, and resource allocation, it allows users to maintain full control over their own hardware while streamlining the delivery of software. The platform distinguishes itself through its agentless architecture, which uses secure shell connections to execute administrative tasks and manage remote servers without requiring persistent local software. It integrates directly with version control systems to trigger automated build and deployment pipelines, including the creation of temporary, isolated preview environments for every pull request. This workflow is supported by a declarative engine that uses templates to standardize the deployment of complex multi-container architectures and persistent database engines. Beyond core orchestration, the system handles the operational requirements of hosted services by managing dynamic reverse-proxy routing and automated SSL certificate lifecycles. It provides a comprehensive suite of infrastructure management tools, including browser-based terminal access for debugging, automated system dependency installation, and persistent state management via a central database. These capabilities ensure that infrastructure remains synchronized and consistent across multiple remote environments. - [ko-build/ko](https://awesome-repositories.com/repository/ko-build-ko.md) (8,455 ⭐) — Ko is a daemonless container image builder and OCI image generator specifically for Go applications. It compiles Go source code into binaries and packages them directly into container images, pushing them to registries without requiring a local container runtime or daemon. The tool specializes in multi-platform image distribution, producing images for various CPU architectures and operating systems from a single execution. It distinguishes itself by automating the entire pipeline from Go import paths to Kubernetes deployment or serverless function packaging for architectures like AWS Lambda. The project covers broad capability areas including build acceleration through layer-based blob caching, security auditing via software bill of materials generation, and the ability to inject root CA certificates or assign Linux file capabilities. It also provides integration for continuous integration workflows and infrastructure as code. - [zylon-ai/private-gpt](https://awesome-repositories.com/repository/zylon-ai-private-gpt.md) (57,278 ⭐) — This project is a privacy-first backend service designed to facilitate retrieval-augmented generation by processing local documents into searchable vector representations. It provides a modular architecture that allows users to ingest diverse file formats, manage document metadata, and perform semantic searches to provide context-aware responses for chat and completion requests. The system distinguishes itself through a database-agnostic abstraction layer that supports various storage backends, ranging from local disk storage to enterprise-grade vector databases. It offers flexible deployment options, enabling users to run language models entirely on private hardware or connect to external cloud-based providers through a unified interface. To improve the quality of generated output, the engine incorporates reranking logic that refines retrieved document chunks before they are processed by the language model. The platform includes a comprehensive suite of tools for managing document intelligence pipelines, including automated parsing, text chunking, and embedding generation. Users can configure the system through environment-based profiles to match specific hardware capabilities, such as CPU or GPU-accelerated setups, and stream responses in real time to reduce latency. The application is configured via runtime settings files and environment variables, with support for building custom container images to suit specific deployment requirements. - [veggiemonk/awesome-docker](https://awesome-repositories.com/repository/veggiemonk-awesome-docker.md) (36,229 ⭐) — This project is a comprehensive, community-driven directory that serves as a centralized discovery hub for the container ecosystem. It functions as a structured knowledge base, aggregating a wide array of software tools, educational materials, and technical resources designed to assist developers and operators in mastering containerization technologies. The repository distinguishes itself through a meticulously organized taxonomy that maps the entire container lifecycle, from initial development and image building to orchestration, security, and infrastructure operations. By curating disparate external links and documentation into a single, version-controlled collection, it provides a clear navigation path for users seeking specialized utilities, ranging from runtime engines and registry tools to advanced supply chain security and observability solutions. Beyond its role as a tool index, the directory supports professional growth by offering a broad surface of learning resources, including tutorials, best practices, and community-vetted guides. It covers essential operational domains such as multi-container workload management, image hardening, and workflow optimization, ensuring that both newcomers and experienced practitioners have access to a reliable reference for modern containerized systems. - [docker-archive-public/docker.kitematic](https://awesome-repositories.com/repository/docker-archive-public-docker-kitematic.md) (12,142 ⭐) — Kitematic is a graphical user interface for managing and running Docker containers on desktop operating systems. It serves as a visual Docker management tool and API client that translates user interface interactions into REST API calls to control the Docker daemon without requiring the command line. The application is built as a cross-platform Electron desktop application, utilizing a Chromium-based shell to provide a consistent administrative interface across Mac and Windows. The software covers the full container lifecycle, including the creation, configuration, and monitoring of containers. This includes capabilities for modifying environment variables and port mappings through a visual editor and streaming real-time container logs for debugging. The system also incorporates security and governance tools for image verification, cryptographic signature validation, and the management of isolated sessions within micro-virtual machines. - [fastapi/fastapi](https://awesome-repositories.com/repository/fastapi-fastapi.md) (99,260 ⭐) — FastAPI is a web framework for building APIs with Python. It leverages standard language type hints to provide automatic data validation, request parsing, and interactive API documentation generation. The framework supports asynchronous request handling and manages execution contexts to prevent blocking the main event loop. The project includes a dependency injection system that allows for the resolution and injection of reusable components into request handlers. This system supports request-scoped caching, lifecycle management, and integration with security mechanisms like OAuth2 and JSON Web Tokens. Developers can organize applications into modular routers and mount sub-applications to manage complex routing logic. Infrastructure features include middleware support for cross-origin resource sharing, background task management, and static file serving. The framework automatically generates OpenAPI specifications for defined endpoints, which can be customized through metadata and schema extensions. Testing utilities are provided to simulate HTTP and WebSocket connections, allowing for isolated verification of application behavior. - [containers/toolbox](https://awesome-repositories.com/repository/containers-toolbox.md) (3,250 ⭐) — Toolbox is a development workspace orchestrator and container environment manager that bootstraps mutable toolsets and SDKs inside containers. It functions as a Linux distribution sandbox and a host-integrated container runtime, allowing users to run native package managers and software without modifying the host operating system. The project differentiates itself by bridging isolated containers with the host system through the mapping of user identities, network sockets, and home directories. It utilizes a daemonless engine to provide these environments while ensuring that system configurations and credentials remain consistent between the host and the container. The system covers a broad range of capabilities including the deployment of custom container images for toolset standardization and the creation of interactive development environments. It further supports host system troubleshooting and Linux distribution testing by providing isolated command line spaces that maintain access to host hardware devices and directories. - [tilt-dev/tilt](https://awesome-repositories.com/repository/tilt-dev-tilt.md) (9,886 ⭐) — Tilt is a Kubernetes development orchestrator and containerized workflow manager that automates the build, deploy, and update loop for cloud-native services. It functions as an infrastructure-as-code environment, defining the entire local development setup as versioned code to synchronize local source changes with cluster deployments. The project distinguishes itself by offering live container updates, which sync files directly into running containers to bypass full image rebuilds and redeployments. It includes a cloud-native development dashboard for monitoring resource health, streaming aggregated logs, and triggering manual deployment tasks. Its broader capabilities cover microservices environment orchestration, including resource dependency management, automated image tagging, and network port-forwarding. The system also supports the execution of local scripts, custom task management, and CI deployment validation to verify that services reach a healthy state within pipelines. Configuration is supported by a plugin extension system and IDE editor support via a language server. - [collabnix/dockerlabs](https://awesome-repositories.com/repository/collabnix-dockerlabs.md) (8,008 ⭐) — dockerlabs is a collection of educational labs and technical tutorials designed to teach the fundamentals of containerization and microservice architecture. It provides instructional material and hands-on exercises covering image optimization, security training, infrastructure setup, and cluster orchestration. The project features specific courses and guides focused on reducing image size through multi-stage builds, securing workloads via vulnerability scanning and encrypted networks, and deploying multi-node clusters with high availability using Swarm orchestration. The materials cover a broad range of operational capabilities, including container lifecycle management, persistent data storage, and complex networking configurations. It also includes guidance on implementing observability stacks for monitoring and logging, as well as the administration of private image registries. - [kubernetes/minikube](https://awesome-repositories.com/repository/kubernetes-minikube.md) (31,877 ⭐) — Minikube is a command-line tool designed for local Kubernetes development, enabling users to provision and manage full-featured container clusters directly on a workstation. It serves as a local orchestrator that automates the lifecycle of isolated environments, allowing developers to start, stop, pause, and delete clusters to support testing and integration workflows. The project distinguishes itself through its flexible architecture, which supports multiple virtualization drivers and container runtimes to accommodate diverse host environments. It provides deep integration between the host and the cluster, including bidirectional filesystem mounting, service tunneling for local access, and the ability to build or load container images directly into the cluster runtime. Furthermore, it supports multi-node cluster management and profile-based configuration, allowing users to maintain separate, isolated environments for different projects. Beyond core orchestration, the tool covers a broad range of operational capabilities including dynamic storage provisioning, network policy enforcement, and hardware acceleration for specialized workloads like artificial intelligence. It also includes administrative features such as audit logging, secure authentication, and a web-based dashboard for monitoring cluster health and resource status. The project is distributed as a command-line utility that provides versioning to ensure compatibility between the management interface and the running cluster. - [cloudflare/workerd](https://awesome-repositories.com/repository/cloudflare-workerd.md) (8,346 ⭐) — workerd is a serverless edge runtime designed for executing lightweight, distributed functions at the network edge. It utilizes a V8-based JavaScript engine to provide fast startup and low memory overhead, while maintaining a WebAssembly-compatible execution environment that allows modules to run alongside JavaScript for high-performance computational tasks. The runtime supports isolate-based multi-tenancy to run multiple independent execution contexts within a single process. It implements an event-driven execution model that triggers code based on network requests or scheduled events and includes support for privileged socket inheritance to operate under unprivileged user accounts. The project covers a broad set of capabilities including serverless API development, AI inference deployment using GPU hardware and vector databases, and automated browser orchestration for web scraping. Additional functionality encompasses global state management via SQL databases and key-value stores, background job scheduling with message queues, and the delivery of static assets through a content delivery network. Development is supported by a command-line interface for project management, custom build pipelines, and tools for pinning runtime behavior to specific dates to ensure consistency. - [openscap/container-compliance](https://awesome-repositories.com/repository/openscap-container-compliance.md) (0 ⭐) — Resources and tools to assert compliance of containers (rocket, docker, ...). - [kata-containers/kata-containers](https://awesome-repositories.com/repository/kata-containers-kata-containers.md) (8,106 ⭐) — Kata Containers is an OCI container runtime that launches containers inside lightweight virtual machines to combine hardware-level isolation with container operational speed. It functions as a hardware-isolated container engine and lightweight VM hypervisor, providing a virtual machine monitor interface that abstracts multiple hypervisors to optimize for performance or specific hardware emulation. The project distinguishes itself through a confidential computing runtime that leverages hardware-backed trusted execution environments, such as Intel TDX and AMD SEV-SNP, to protect data in use. It further enhances performance and security via direct-device hardware passthrough for GPUs and high-performance networking using SR-IOV and vhost-user. The runtime covers a broad range of capabilities, including guest operating system image engineering, the coordination of sandbox resources, and advanced monitoring and observability via distributed request tracing and guest console access. It also implements performance optimizations such as template-based VM cloning for accelerated boot times and memory access optimization through direct access filesystem features. The system supports cross-architecture execution across x86, ARM, Power, and IBM Z hardware, with configuration managed through TOML files.