From 52608525acedd127d797824cb98a0bd61011d6dd Mon Sep 17 00:00:00 2001
From: Lukas Bahr <lukas.bahr@dm.de>
Date: Wed, 27 Mar 2024 15:35:21 +0100
Subject: [PATCH] #1322 add support for hardened container environments

---
 docker/nginx.conf          | 3 ++-
 packages/client/Dockerfile | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/docker/nginx.conf b/docker/nginx.conf
index 52409e62e..aec74873b 100644
--- a/docker/nginx.conf
+++ b/docker/nginx.conf
@@ -1,9 +1,10 @@
 events {
 }
+pid /tmp/nginx.pid;
 
 http {
     server {
-        listen 80;
+        listen 8080;
         include /etc/nginx/mime.types;
         root /var/www;
         index index.html index.htm;
diff --git a/packages/client/Dockerfile b/packages/client/Dockerfile
index b00683765..4a4fbddaa 100644
--- a/packages/client/Dockerfile
+++ b/packages/client/Dockerfile
@@ -5,6 +5,6 @@ COPY ./build /app/build
 
 RUN yarn install --immutable
 
-FROM nginx:stable-alpine
+FROM nginxinc/nginx-unprivileged:1.25
 COPY --from=build /app/build /var/www
 CMD ["nginx", "-g", "daemon off;"]