Enable distroless / chiseled self-hosted scenario

Hi :wave:t2:

When using the new Unified Deployment beta, the Bitwarden Server runs based on the default ASP.NET Core Docker image. Therefore, one can connect to the container and start a shell session, e.g. via docker exec -it bitwarden bash. This enables a whole set of attack vectors.

Since the Bitwarden Server seems to be a more or less common .NET app, it would be great to offer a distroless / chiseled Bitwarden Docker image, e.g. bitwarden/self-host:beta-chiseled as Microsoft provides the corresponding ASP.NET Core base images, too (e.g. mcr.microsoft.com/dotnet/aspnet:9.0.0-noble-chiseled). Here you find more information from Microsoft in a dedicated blog post.

I’ve migrated several of my own apps to use the chiseled base images and it works nicely :ok_hand:t2:

Thx for considering this!