Creation of user in the runtime.
All checks were successful
continuous-integration/drone/pr Build is passing
All checks were successful
continuous-integration/drone/pr Build is passing
Added tini
This commit is contained in:
parent
d23f9190c3
commit
eb9b1b47fc
17
Dockerfile
17
Dockerfile
|
@ -25,16 +25,15 @@ RUN mage build:clean && \
|
||||||
# because of this, the container would not start when I compiled the image without cgo.
|
# because of this, the container would not start when I compiled the image without cgo.
|
||||||
FROM alpine:3.16 AS runner
|
FROM alpine:3.16 AS runner
|
||||||
LABEL maintainer="maintainers@vikunja.io"
|
LABEL maintainer="maintainers@vikunja.io"
|
||||||
WORKDIR /app/vikunja/
|
WORKDIR /app/vikunja
|
||||||
|
ENTRYPOINT [ "/sbin/tini", "-g", "--", "/entrypoint.sh" ]
|
||||||
|
|
||||||
ENTRYPOINT [ "/app/vikunja/vikunja" ]
|
|
||||||
ENV VIKUNJA_SERVICE_ROOTPATH=/app/vikunja/
|
ENV VIKUNJA_SERVICE_ROOTPATH=/app/vikunja/
|
||||||
|
ENV VIKUNJA_PUID 1000
|
||||||
|
ENV VIKUNJA_PGID 1000
|
||||||
|
|
||||||
RUN apk --update --no-cache add tzdata && \
|
RUN apk --update --no-cache add tzdata tini
|
||||||
addgroup -g 1000 vikunja && \
|
COPY docker/entrypoint.sh /entrypoint.sh
|
||||||
adduser -s /bin/sh -D -G vikunja -u 1000 vikunja -h /app/vikunja -H && \
|
RUN chmod 0755 /entrypoint.sh && mkdir files
|
||||||
mkdir files && \
|
|
||||||
chown vikunja:vikunja files
|
|
||||||
|
|
||||||
COPY --from=builder --chown=vikunja:vikunja /build/vikunja-* vikunja
|
COPY --from=builder /build/vikunja-* vikunja
|
||||||
USER vikunja
|
|
||||||
|
|
15
docker/entrypoint.sh
Normal file
15
docker/entrypoint.sh
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
set -e
|
||||||
|
|
||||||
|
if [ -n "$VIKUNJA_PUID" ] && [ "$VIKUNJA_PUID" -ne 0 ] && \
|
||||||
|
[ -n "$VIKUNJA_PGID" ] && [ "$VIKUNJA_PGID" -ne 0 ] ; then
|
||||||
|
echo "info: creating the new user vikunja with $VIKUNJA_PUID:$VIKUNJA_PGID"
|
||||||
|
addgroup -g "$VIKUNJA_PGID" vikunja
|
||||||
|
adduser -s /bin/sh -D -G vikunja -u "$VIKUNJA_PUID" vikunja -h /app/vikunja -H
|
||||||
|
chown -R vikunja:vikunja ./
|
||||||
|
su -pc /app/vikunja/vikunja - vikunja "$@"
|
||||||
|
else
|
||||||
|
echo "info: creation of non-root user is skipped"
|
||||||
|
exec /app/vikunja/vikunja "$@"
|
||||||
|
fi
|
||||||
|
|
Loading…
Reference in New Issue
Block a user