Use nobody:nogroup under Debian

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2022-10-12 12:08:56 +02:00
parent 36932f601d
commit 8c36173027
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773

View file

@ -50,19 +50,19 @@ LABEL org.opencontainers.image.title="mobilizon" \
RUN apt update && apt dist-upgrade -y && apt install -y curl openssl ca-certificates libncurses5 file postgresql-client gcc g++ imagemagick python3 python3-pip python3-pillow python3-cffi python3-brotli python3-dev libpango-1.0-0 libxslt-dev fonts-cantarell && rm -rf /var/lib/apt RUN apt update && apt dist-upgrade -y && apt install -y curl openssl ca-certificates libncurses5 file postgresql-client gcc g++ imagemagick python3 python3-pip python3-pillow python3-cffi python3-brotli python3-dev libpango-1.0-0 libxslt-dev fonts-cantarell && rm -rf /var/lib/apt
RUN pip install weasyprint pyexcel-ods3 RUN pip install weasyprint pyexcel-ods3
RUN mkdir -p /var/lib/mobilizon/uploads && chown nobody:nobody /var/lib/mobilizon/uploads RUN mkdir -p /var/lib/mobilizon/uploads && chown nobody:nogroup /var/lib/mobilizon/uploads
RUN mkdir -p /var/lib/mobilizon/uploads/exports/{csv,pdf,ods} && chown -R nobody:nobody /var/lib/mobilizon/uploads/exports RUN mkdir -p /var/lib/mobilizon/uploads/exports/{csv,pdf,ods} && chown -R nobody:nogroup /var/lib/mobilizon/uploads/exports
RUN mkdir -p /var/lib/mobilizon/timezones RUN mkdir -p /var/lib/mobilizon/timezones
RUN curl -L 'https://packages.joinmobilizon.org/tz_world/timezones-geodata.dets' -o /var/lib/mobilizon/timezones/timezones-geodata.dets RUN curl -L 'https://packages.joinmobilizon.org/tz_world/timezones-geodata.dets' -o /var/lib/mobilizon/timezones/timezones-geodata.dets
RUN chown nobody:nobody /var/lib/mobilizon/timezones RUN chown nobody:nogroup /var/lib/mobilizon/timezones
RUN mkdir -p /etc/mobilizon && chown nobody:nobody /etc/mobilizon RUN mkdir -p /etc/mobilizon && chown nobody:nogroup /etc/mobilizon
USER nobody USER nobody
EXPOSE 4000 EXPOSE 4000
ENV MOBILIZON_DOCKER=true ENV MOBILIZON_DOCKER=true
COPY --from=builder --chown=nobody:nobody _build/prod/rel/mobilizon ./ COPY --from=builder --chown=nobody:nogroup _build/prod/rel/mobilizon ./
RUN cp /releases/*/runtime.exs /etc/mobilizon/config.exs RUN cp /releases/*/runtime.exs /etc/mobilizon/config.exs
COPY docker/production/docker-entrypoint.sh ./ COPY docker/production/docker-entrypoint.sh ./