Browse files

Run docker as a normal user (#690)

TODO: Allow as root, if someone *really* wants
  • Loading branch information...
Undeadhunter authored and Cazzar committed Mar 14, 2018
1 parent 931a587 commit 3c94a2f5ed5a8f33c44302ad42db593c0dc8e53d
Showing with 45 additions and 2 deletions.
  1. +17 −2 Dockerfile
  2. +28 −0
@@ -4,12 +4,18 @@ FROM mono:5.4

RUN curl | apt-key add -
RUN echo "deb jesse main" | tee -a /etc/apt/sources.list
RUN echo "deb jessie-backports main" | tee -a /etc/apt/sources.list

RUN apt-get update && apt-get install -y --force-yes libmediainfo0 librhash0 sqlite.interop jq unzip
ADD${TINI_VERSION}/tini /bin/tini
RUN chmod +x /bin/tini

RUN apt update && apt install -y --force-yes libmediainfo0 librhash0 sqlite.interop jq unzip && apt install -t jessie-backports gosu

RUN mkdir -p /usr/src/app/source /usr/src/app/build
COPY . /usr/src/app/source
WORKDIR /usr/src/app/source
RUN mv /usr/src/app/source/ /

RUN mono NuGet.exe restore
@@ -31,4 +37,13 @@ VOLUME /usr/src/app/build/webui
HEALTHCHECK --start-period=5m CMD curl -H "Content-Type: application/json" -H 'Accept: application/json' 'http://localhost:8111/v1/Server' || exit 1

ENTRYPOINT mono --debug Shoko.CLI.exe

#RUN mkdir -p /home/shoko
#RUN groupadd -r shoko && useradd --no-log-init -r -g shoko shoko
#RUN chown -R shoko:shoko /home/shoko
#RUN chown -R shoko:shoko /usr/src/app/build

#USER shoko:shoko

#ENTRYPOINT mono --debug Shoko.CLI.exe
ENTRYPOINT /bin/bash /
@@ -0,0 +1,28 @@

# Set variable for the UID and GID based on env, else use default values

groupadd -o -g "$PGID" shokogroup
useradd -o -u "$PUID" -d /home/shoko shoko

usermod -G shokogroup shoko

mkdir -p /home/shoko
chown -R shoko:shokogroup /home/shoko

mkdir -p /.shoko/

# Set owership of shoko files to shoko user
chown -R shoko:shokogroup /usr/src/app/build/

echo "
User uid: $(id -u shoko)
User gid: $(id -g shoko)

# Go and run the server
exec gosu shoko:shokogroup mono --debug /usr/src/app/build/Shoko.CLI.exe

0 comments on commit 3c94a2f

Please sign in to comment.