Update Dockerfile

Create a non-root user, and run the container as that user.
2022-01-18 16:06:51 -06:00 · 2022-01-18 16:06:51 -06:00 · 80aa4530f3
commit 80aa4530f3
parent fc50359752
1 changed files with 10 additions and 1 deletions
--- a/11
+++ b/11
@ -17,8 +17,10 @@ FROM python:3.8-alpine
 RUN apk add --update --no-cache tor curl bash openrc
 # libcurl4-openssl-dev

+ARG DOCKER_USER=whoogle
+ARG DOCKER_USERID=927
 ARG config_dir=/config
-RUN mkdir -p $config_dir
+RUN mkdir -p -m 777 $config_dir
 VOLUME $config_dir

 ARG username=''
@ -70,6 +72,13 @@ COPY run .
 # Allow writing symlinks to build dir
 RUN chown 102:102 app/static/build

+# Create user/group to run as
+RUN adduser -D -g $DOCKER_USERID -u $DOCKER_USERID $DOCKER_USER 
+# Fix ownership / permissions
+RUN	chown -R ${DOCKER_USER}:${DOCKER_USER} /whoogle /var/lib/tor && \
+
+USER $DOCKER_USER:$DOCKER_USER
+
 EXPOSE $EXPOSE_PORT

 HEALTHCHECK  --interval=30s --timeout=5s \