Lissy93/dashy
1
1
Fork 0
mirror of https://github.com/Lissy93/dashy.git synced 2025-01-03 14:51:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

changes to run as non-root user

Browse Source
This commit is contained in:
Benjamin Montgomery 2022-04-21 08:05:20 -04:00
parent 84764285f5
commit 79e6544a89
1 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Dockerfile
View File

@ -28,9 +28,12 @@ RUN yarn build
FROM node:16.14.2-alpine FROM node:16.14.2-alpine
# Define some ENV Vars # Define some ENV Vars
ENV PORT=80 \ ENV PORT=8080 \
DIRECTORY=/app \ DIRECTORY=/app \
IS_DOCKER=true DEST_DIRECTORY=/app/dist \
IS_DOCKER=true \
UID=5000 \
GID=5000
# Create and set the working directory # Create and set the working directory
WORKDIR ${DIRECTORY} WORKDIR ${DIRECTORY}
@ -40,8 +43,14 @@ RUN apk add --no-cache tzdata tini
# Copy built application from build phase # Copy built application from build phase
COPY --from=BUILD_IMAGE /app ./ COPY --from=BUILD_IMAGE /app ./
# Ensure only one version of conf.yml exists
RUN rm dist/conf.yml # fix permissions
RUN rm -rf ${DEST_DIRECTORY} && \
mkdir ${DEST_DIRECTORY} && \
chown $UID:$GID ${DEST_DIRECTORY} && \
chmod 755 ${DEST_DIRECTORY}
USER ${UID}
# Finally, run start command to serve up the built application # Finally, run start command to serve up the built application
ENTRYPOINT [ "/sbin/tini", "--" ] ENTRYPOINT [ "/sbin/tini", "--" ]