Browse Source

update: run as non-root user

pull/4/head
Florian Rinke 3 months ago
parent
commit
7e75c34b8e
  1. 6
      Dockerfile

6
Dockerfile

@ -19,9 +19,15 @@ RUN mkdir $(basename /usr/local/lib/python3.*/) && cd ./python3.*/ && \
COPY ./boot.py /release/bin/syncplay COPY ./boot.py /release/bin/syncplay
FROM ${PYTHON} FROM ${PYTHON}
ARG USER_UID=800
ARG USER_GID=800
RUN sh -c '[ $(getconf LONG_BIT) -eq 64 ] || apk add --no-cache libgcc' RUN sh -c '[ $(getconf LONG_BIT) -eq 64 ] || apk add --no-cache libgcc'
COPY --from=syncplay /release/ /usr/ COPY --from=syncplay /release/ /usr/
ENV PYTHONUNBUFFERED=1 ENV PYTHONUNBUFFERED=1
EXPOSE 8999 EXPOSE 8999
WORKDIR /data/ WORKDIR /data/
RUN addgroup -g "${USER_GID}" -S syncplay && \
adduser -u "${USER_UID}" -S syncplay -G syncplay && \
chown -R syncplay:syncplay /data
USER syncplay
ENTRYPOINT ["syncplay"] ENTRYPOINT ["syncplay"]

Loading…
Cancel
Save