From 80aa4530f36f5696433819e89bc2aae57855954b Mon Sep 17 00:00:00 2001
From: ras07 <17038818+ras07@users.noreply.github.com>
Date: Tue, 18 Jan 2022 16:06:51 -0600
Subject: [PATCH] Update Dockerfile

Create a non-root user, and run the container as that user.
---
 Dockerfile | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index fa7a555..eabf405 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,8 +17,10 @@ FROM python:3.8-alpine
 RUN apk add --update --no-cache tor curl bash openrc
 # libcurl4-openssl-dev
 
+ARG DOCKER_USER=whoogle
+ARG DOCKER_USERID=927
 ARG config_dir=/config
-RUN mkdir -p $config_dir
+RUN mkdir -p -m 777 $config_dir
 VOLUME $config_dir
 
 ARG username=''
@@ -70,6 +72,13 @@ COPY run .
 # Allow writing symlinks to build dir
 RUN chown 102:102 app/static/build
 
+# Create user/group to run as
+RUN adduser -D -g $DOCKER_USERID -u $DOCKER_USERID $DOCKER_USER 
+# Fix ownership / permissions
+RUN	chown -R ${DOCKER_USER}:${DOCKER_USER} /whoogle /var/lib/tor && \
+
+USER $DOCKER_USER:$DOCKER_USER
+
 EXPOSE $EXPOSE_PORT
 
 HEALTHCHECK  --interval=30s --timeout=5s \