philschmid HF staff commited on
Commit
9d3c91f
·
1 Parent(s): 1b0b961
Files changed (1) hide show
  1. Dockerfile +14 -9
Dockerfile CHANGED
@@ -19,8 +19,17 @@ RUN npm run build
19
  # Stage 2: Serve the built app with a lightweight web server
20
  FROM nginx:alpine
21
 
22
- # Set up a new user named "user" with user ID 1001
23
- RUN adduser -D -u 1001 user
 
 
 
 
 
 
 
 
 
24
 
25
  # Switch to the root user to perform privileged operations
26
  USER root
@@ -32,14 +41,10 @@ RUN rm /etc/nginx/conf.d/default.conf
32
  COPY --from=build /app/dist /usr/share/nginx/html
33
 
34
  # Replace the default nginx.conf with our configuration
35
- COPY nginx.conf /etc/nginx/nginx.conf
36
 
37
- # Create the necessary directories and set the correct permissions
38
- RUN mkdir -p /var/cache/nginx/client_temp /var/cache/nginx/proxy_temp /var/cache/nginx/fastcgi_temp /var/cache/nginx/uwsgi_temp /var/cache/nginx/scgi_temp && \
39
- chown -R user:user /usr/share/nginx/html /etc/nginx /var/cache/nginx /var/run /var/log/nginx
40
-
41
- # Ensure the /var/run/nginx.pid file has correct permissions
42
- RUN touch /var/run/nginx.pid && chown user:user /var/run/nginx.pid
43
 
44
  # Switch back to the "user" user
45
  USER user
 
19
  # Stage 2: Serve the built app with a lightweight web server
20
  FROM nginx:alpine
21
 
22
+ # Install necessary packages and set up a non-root user
23
+ RUN apk add --no-cache shadow \
24
+ && useradd -u 1001 -U -d /home/user -s /bin/bash user \
25
+ && mkdir -p /home/user \
26
+ && chown -R user:user /home/user
27
+
28
+ # Install nginx and set permissions
29
+ RUN apk add --no-cache nginx \
30
+ && mkdir -p /var/cache/nginx /var/log/nginx /var/lib/nginx /var/run \
31
+ && touch /var/run/nginx.pid \
32
+ && chown -R user:user /var/cache/nginx /var/log/nginx /var/lib/nginx /var/run/nginx.pid
33
 
34
  # Switch to the root user to perform privileged operations
35
  USER root
 
41
  COPY --from=build /app/dist /usr/share/nginx/html
42
 
43
  # Replace the default nginx.conf with our configuration
44
+ COPY nginx.conf /etc/nginx/conf.d
45
 
46
+ # Change ownership of the necessary directories and files to the non-root user
47
+ RUN chown -R user:user /usr/share/nginx/html /etc/nginx/conf.d /var/cache/nginx /var/run /var/log/nginx
 
 
 
 
48
 
49
  # Switch back to the "user" user
50
  USER user