Containers and Services
Build and smoke-test the container:
docker build -t koyal .
docker run --rm koyal doctor
Run the gateway through Compose:
docker compose up koyal-gateway
The image runs as UID/GID 65534, writes runtime state below /workspace/data, and exposes the gateway on port 8790.
scripts/ci/check_container_contract.sh keeps those guarantees aligned across
Dockerfile, Compose, GHCR workflow, smoke test, and docs.
Service samples are available for:
- systemd:
scripts/koyal.service - Kubernetes and OpenShift:
deploy-k8s/ - FreeBSD
rc.dand jail deployments:dist/freebsd/ - NixOS module:
nix/module.nix
scripts/ci/check_deploy_contract.sh keeps those service samples private,
non-root, and aligned with the documented gateway port, package wiring, and
data paths.
Container publishing and attestations are handled by .github/workflows/container.yml.