From fb1424cd4e4197b8cfd997a45f8bf34f34e63d34 Mon Sep 17 00:00:00 2001 From: Michael Hirschler Date: Wed, 5 Feb 2020 21:28:47 +0100 Subject: [PATCH] uses non-root user --- docker/images/n8n-ubuntu/Dockerfile | 5 +++-- docker/images/n8n-ubuntu/docker-entrypoint.sh | 9 +++++++++ docker/images/n8n/Dockerfile | 5 +++-- docker/images/n8n/docker-entrypoint.sh | 9 +++++++++ 4 files changed, 24 insertions(+), 4 deletions(-) create mode 100755 docker/images/n8n-ubuntu/docker-entrypoint.sh create mode 100755 docker/images/n8n/docker-entrypoint.sh diff --git a/docker/images/n8n-ubuntu/Dockerfile b/docker/images/n8n-ubuntu/Dockerfile index 2b44afe401..892c86de63 100644 --- a/docker/images/n8n-ubuntu/Dockerfile +++ b/docker/images/n8n-ubuntu/Dockerfile @@ -6,7 +6,7 @@ RUN if [ -z "$N8N_VERSION" ] ; then echo "The N8N_VERSION argument is missing!" RUN \ apt-get update && \ - apt-get -y install graphicsmagick + apt-get -y install graphicsmagick gosu # Set a custom user to not have n8n run as root USER root @@ -15,4 +15,5 @@ RUN npm_config_user=root npm install -g n8n@${N8N_VERSION} WORKDIR /data -CMD "n8n" +COPY docker-entrypoint.sh /docker-entrypoint.sh +ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/docker/images/n8n-ubuntu/docker-entrypoint.sh b/docker/images/n8n-ubuntu/docker-entrypoint.sh new file mode 100755 index 0000000000..e39ba8f38e --- /dev/null +++ b/docker/images/n8n-ubuntu/docker-entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ -d /root/.n8n ] ; then + chmod o+rx /root + chown -R node /root/.n8n + ln -s /root/.n8n /home/node/ +fi + +exec gosu node n8n diff --git a/docker/images/n8n/Dockerfile b/docker/images/n8n/Dockerfile index c2a1d2551d..d609d00363 100644 --- a/docker/images/n8n/Dockerfile +++ b/docker/images/n8n/Dockerfile @@ -5,7 +5,7 @@ ARG N8N_VERSION RUN if [ -z "$N8N_VERSION" ] ; then echo "The N8N_VERSION argument is missing!" ; exit 1; fi # Update everything and install needed dependencies -RUN apk add --update graphicsmagick tzdata git +RUN apk add --update graphicsmagick tzdata git tini su-exec # # Set a custom user to not have n8n run as root USER root @@ -18,4 +18,5 @@ RUN apk --update add --virtual build-dependencies python build-base ca-certifica WORKDIR /data -CMD ["n8n"] +COPY docker-entrypoint.sh /docker-entrypoint.sh +ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"] diff --git a/docker/images/n8n/docker-entrypoint.sh b/docker/images/n8n/docker-entrypoint.sh new file mode 100755 index 0000000000..c574c3ae70 --- /dev/null +++ b/docker/images/n8n/docker-entrypoint.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +if [ -d /root/.n8n ] ; then + chmod o+rx /root + chown -R node /root/.n8n + ln -s /root/.n8n /home/node/ +fi + +exec su-exec node n8n