This commit is contained in:
parent
eee51f6694
commit
a771da8902
2 changed files with 40 additions and 15 deletions
15
Dockerfile
15
Dockerfile
|
|
@ -37,24 +37,9 @@ RUN --mount=type=bind,source=src,target=src \
|
|||
|
||||
FROM docker.io/library/alpine:3.18 AS final
|
||||
|
||||
# Create a non-privileged user (recommended best practice)
|
||||
ARG UID=10001
|
||||
RUN adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--home "/nonexistent" \
|
||||
--shell "/sbin/nologin" \
|
||||
--no-create-home \
|
||||
--uid "${UID}" \
|
||||
imnyang
|
||||
|
||||
RUN mkdir -p /app
|
||||
RUN chmod -R 755 /app
|
||||
RUN mkdir -p /app/uploads
|
||||
RUN chown -R imnyang:imnyang /app
|
||||
|
||||
# Drop privileges for runtime.
|
||||
USER imnyang
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue