Naujausia Stable — v1.6.30
Download Fluxheim
Pre-built Linux binaries for x86_64 and ARM64, plus macOS developer builds. Paskelbta 2026 m. birželio 23 d..
Pilnas
Rekomenduojama
Pilna production build
Visi stabilūs production moduliai: proxy, web, cache, compression, load balancing, raw TCP stream proxying, TLS (rustls), PHP-FPM, ACME client, GeoIP/Geo-Context, security hardening, metrics ir OpenTelemetry.
Static serving su reverse proxy ir PHP-FPM
Cache backendai (memory, disk, tiered)
gzip, zstd ir Brotli compression
TLS ir managed ACME renewal
Local GeoIP country/ASN kontekstas
Hardened TCP stream proxying režimas režimas
Prometheus ir OpenTelemetry
~10.3 MB binary
Load Balancer
Nauja
Load Balancer Edge profile profile
Tikslinė HTTP/TCP load-balancer build be cache, static web, PHP, GeoIP, stream proxying ar traffic mirroring.
Advanced pool selection
Drain, disable, force-down operations operations
Hardened LB core dalis dalis
TLS ir managed ACME renewal
PHP
Managed PHP-FPM režimas režimas
PHP application build
Static web + reverse proxy + PHP-FPM FastCGI bridge kelias kelias. Idealu WordPress ir PHP front-controller apps. Cache module nekompiliuotas.
PHP-FPM FastCGI bridge kelias kelias
Static asset serving iš tos pačios root
TLS ir managed ACME renewal
~8.9 MB binary
Cache edge
Cache Edge build
Tikslinė cache edge be local static web serving. Apima proxy, cache, compression, TLS ir ACME. Tinka CDN tipo deployment.
Reverse proxy su cache
Cache-safe compression controls rinkinys rinkinys
TLS ir managed ACME renewal
Static web module nekompiliuotas
~6.8 MB binary
Proxy edge
Proxy Edge build
Tikslinis reverse proxy be cache, static web ar dedicated load-balancer module. Skirtas pure reverse-proxy deployment su TLS, ACME, compression ir upstream resilience.
Tik reverse proxy
ACL, rate limits, retries, health checks
TLS ir managed ACME renewal
Cache arba web module nekompiliuoti
~5.8 MB binary
Platform Downloads
Production Linux builds plus Level 1 macOS developer tarballs.
| Build profilis | Linux x86_64 | Linux ARM64 | macOS kūrimas |
|---|---|---|---|
| Pilnas | x86_64-linux | aarch64-linux | Apple Silicon |
| PHP | x86_64-linux | aarch64-linux | - |
| Load Balancer | x86_64-linux | aarch64-linux | - |
| Cache edge | x86_64-linux | aarch64-linux | - |
| Proxy edge | x86_64-linux | aarch64-linux | - |
| Config tester įrankis | x86_64-linux | aarch64-linux | - |
Diegimas
bash — tarball diegimas
# 1. Atsisiųsk pilną Linux build tarball
# ARM64 serveriuose naudok aarch64-linux vietoj x86_64-linux.
curl -L https://github.com/valkyoth/fluxheim/releases/download/v1.6.30/fluxheim-1.6.30-full-x86_64-linux.tar.gz \
-o fluxheim-1.6.30.tar.gz
# 2. Patikrink ir išskleisk
tar xzf fluxheim-1.6.30.tar.gz
# 3. Perkelk binary ir helper tools į system path
sudo mv fluxheim /usr/local/bin/
sudo mv fluxheim-acme /usr/local/bin/ # ACME companion įrankis įrankis
sudo mv fluxheim-config-tester /usr/local/bin/ # Config validator įrankis įrankis
# 4. Sukurk config directory ir pridėk savo config
sudo mkdir -p /etc/fluxheim /srv/fluxheim
sudo cp packaging/default/fluxheim.toml /etc/fluxheim/fluxheim.toml
# 5. Valida config
fluxheim --check-config --config /etc/fluxheim/fluxheim.toml
# 6. Vykdyk tiesiogiai (arba žiūrėk Systemd tab service setup)
sudo fluxheim --config /etc/fluxheim/fluxheim.tomlbash — rootless Podman vykdymas vykdymas
# Atsisiųsk GHCR image (full, load-balancer, cache, proxy ir PHP variantai)
podman pull ghcr.io/valkyoth/fluxheim:v1.6.30 # pilnas
podman pull ghcr.io/valkyoth/fluxheim:v1.6.30-load-balancer # load balancer profilis profilis
podman pull ghcr.io/valkyoth/fluxheim:v1.6.30-cache # cache edge profile profile
podman pull ghcr.io/valkyoth/fluxheim:v1.6.30-proxy # proxy edge profile profile
podman pull ghcr.io/valkyoth/fluxheim:v1.6.30-php # valdomas PHP-FPM
# Tas pats build set pasiekiamas Quay
podman pull quay.io/valkyoth/fluxheim:v1.6.30
podman pull quay.io/valkyoth/fluxheim:v1.6.30-load-balancer
podman pull quay.io/valkyoth/fluxheim:v1.6.30-cache
podman pull quay.io/valkyoth/fluxheim:v1.6.30-proxy
podman pull quay.io/valkyoth/fluxheim:v1.6.30-php
# Vykdyk rootless — vidiniai portai 8080 ir 8443
podman run -d \
--name fluxheim \
--restart unless-stopped \
-p 8080:8080 \
-p 8443:8443 \
-v /srv/sites:/srv/sites:ro \
-v /srv/fluxheim/certs:/etc/fluxheim/certs:rw \
-v ./fluxheim.toml:/etc/fluxheim/fluxheim.toml:ro \
ghcr.io/valkyoth/fluxheim:v1.6.30
# Tikrink log
podman logs -f fluxheimbash — systemd service sąranka sąranka
# Tarball archyvas archyvas turi hardened systemd unit
sudo cp packaging/systemd/fluxheim.service /etc/systemd/system/
# Sukurk fluxheim system user
sudo useradd -r -s /sbin/nologin -d /var/lib/fluxheim fluxheim
# Paruošk directory
sudo mkdir -p /etc/fluxheim /srv/fluxheim /var/log/fluxheim
sudo chown fluxheim:fluxheim /srv/fluxheim /var/log/fluxheim
# Perkrauk systemd ir įjunk service
sudo systemctl daemon-reload
sudo systemctl enable --now fluxheim
# Tikrink status
sudo systemctl status fluxheim
sudo journalctl -u fluxheim -fPastaba: Supakuotas systemd unit naudoja CAP_NET_BIND_SERVICE kad Fluxheim galėtų bind prie portų 80 ir 443 neveikdamas kaip root. Unit file turi security hardening options.
bash — managed ACME certificate išdavimas
# Fluxheim turi acme-init sertifikatų setup vedliui
# Let's Encrypt issuer (HTTP-01)
sudo fluxheim acme-init letsencrypt
# Actalis (nemokamas EAB-capable issuer)
sudo fluxheim acme-init actalis
# Companion tool fluxheim-acme tvarko renewals
# container ir external service-manager deployment
fluxheim-acme status
fluxheim-acme renew
fluxheim-acme reloadfluxheim.toml — ACME konfigūracija
[[vhosts]]
name = "site"
hosts = ["example.com", "www.example.com"]
[vhosts.tls]
enabled = true
[vhosts.tls.acme]
enabled = true
# issuer nustatymas: issuer = "letsencrypt"Sistemos reikalavimai
Palaikomos platformos
- Linux x86_64 (kernel 4.14+)
- Linux ARM64 / aarch64
- tik macOS developer binary
Container image
Visos release image build publikuojamos GHCR ir Quay.
- Wolfi (minimalus, hardened)
- Pilnas, load-balancer, cache, proxy ir PHP image profiles
- Alpine Linux
- SUSE Micro
- Debian
- Publikuota GHCR ir Quay
All Releases
Žiūrėti viską GitHub →| Versija | Data | Svarbiausia | Atsisiuntimai |
|---|---|---|---|
|
v1.6.0 – v1.6.30
Naujausia serija
|
2026 m. birželis | Native-runtime cutover linija: Pingora-exit pagrindai, Fluxheim-owned HTTP/1 ir HTTP/2 paths, native TLS/listener previews, route proxy/static-web parity, compression ir error pages, forwarded-header policy, auth-request, traffic mirroring, rate limits, gRPC validation, pooled upstream HTTP/2 ir hardened runtime evidence. | Viskas GitHub |
| v1.5.0 - v1.5.23 | 2026 m. birželis | Enterprise load-balancer ir runtime-ownership linija: tiksliniai load-balancer binary/image, runtime member ir weight controls, managed affinity cookies, stream ir HTTP boundary work, active ir protocol-aware health checks, service discovery, background task ownership, cache crate boundaries, UDP beta guardrails, origin-protection budgets, ARM/macOS assets ir platus security hardening. | Viskas GitHub |
| v1.4.0 – v1.4.7 | 2026 m. gegužė | Proxy operations linija su production proxy parity, turtingesne route policy, traffic mirroring, dynamic upstream discovery, modular runtime/config split, Apple Silicon ir Linux ARM64 release assets, GeoIP/Geo-Context, config-tester archives ir hardened TCP stream proxying | Viskas GitHub |
| v1.3.0 – v1.3.7 | 2026 m. gegužė | PHP-FPM production linija, valdoma php-fpm supervision, config tester ir ACME companion binary, FIPS/ISO validation track, tiksliniai cache/proxy profile ir security hardening | Viskas GitHub |
| v1.2.0 – v1.2.6 | 2026 m. gegužė | Cache ir observability baseline su route-scoped cache policy, memory/disk/tiered backend, encrypted disk cache, peer fill, range caching, Prometheus ir OpenTelemetry export | Viskas GitHub |
| v1.1.x | 2026 | Certificate operations linija su TLS policy profile, multi-certificate rustls SNI, managed ACME issuance ir renewal, EAB-capable issuers, file-backed TLS secrets ir renewal units | Viskas GitHub |
| v1.0.0 | 2026 | Gateway foundation su vhost routing, route-level static/proxy/redirect actions, static file serving, reverse proxying, rustls TLS, admin control-plane, secure headers, systemd packaging ir rootless containers | GitHub |
| v0.5.0 | Pre-release versija versija | Pirmas public pre-release milestone prieš stabilią 1.x gateway liniją | GitHub |
Žiūrėk Keitimų žurnalas išsamioms release notes.