limit available scopes to hopefully serve rails and other routes prop…

…erly
foodcoopsat · Feb 19, 2024 · 798a862 · 798a862
1 parent e7abc00
commit 798a862
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 4 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -69,9 +69,9 @@ RUN mkdir -p tmp storage && \
     chown nobody storage
 
 COPY docker-entrypoint.sh ./
-
+RUN apt-get install -y gosu
 # Run app as unprivileged user
-USER nobody
+# USER nobody
 
 EXPOSE 3000
 

diff --git a/config/routes.rb b/config/routes.rb
@@ -10,7 +10,7 @@
 
   root to: 'sessions#redirect_to_foodcoop', as: nil
 
-  scope '/:foodcoop' do
+  scope '/:foodcoop', foodcoop: /__FOODCOOPS__/ do
     use_doorkeeper
 
     # Root path

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -10,6 +10,10 @@ if [ ! -z "${FOODSOFT_DB_PREFIX}" ] || [ ! -z "${FOODSOFT_DB_PREFIX_FILE}" ]; th
   FOODSOFT_FOODCOOPS=`BUNDLE_CONFIG=/dev/null bundle exec ruby script/list_databases`
 fi
 
+FOODSOFT_FOODCOOPS_REGEX=`echo $FOODSOFT_FOODCOOPS | sed 's/ /|/g'`
+
+sed -i "s/__FOODCOOPS__/$FOODSOFT_FOODCOOPS_REGEX/g" config/routes.rb
+
 if [ -e app_config.defaults.yml ] ; then
   cat app_config.defaults.yml > config/app_config.yml
 
@@ -23,4 +27,4 @@ EOF
   done
 fi
 
-exec "$@"
+exec gosu nobody:nogroup "$@"