New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Non root #186
Conversation
I have some comments here:
Another completely different approach would be to collect the static files at image build, but this would mean we have to merge the |
I was thinking of this as well. We could even have the the entrypoint script copy the files to a specific mountpoint if it exists, e.g. like this: if [ -d /mnt/nginx ]; then
cp -a /opt/netbox/netbox/static /mnt/nginx/
fi But in order to build the static files, a valid |
I forgot that one can just set an arbitrary UID without having to have a corresponding |
I think we should add the Also the changes from the "label" pull request are in this PR too. To keep it clear, those should be removed from this PR. |
I have rebased onto master. |
Would you put it to the beginning of the |
It should be placed before any files that are created, so at the moment before the "collectstatic". |
@tobiasge do you see a reason not to merge this? Otherwise I would appreciate your Approval and then I would proceed to make the 0.16.0 milestone reality. |
The permission setup does not work out of box |
This PR adds a
netbox
user, so that Netbox could be run as non-root user.But I'm not satisfied with the solution in the Dockerfile on line 79:
RUN mkdir static && chmod a+w static media
This is more a work-around than a solution. It is needed, because the static files are generated in the entrypoint (because they have to be copied to a Volume which is shared with nginx).
I would like to see if there are other solutions to this problem before going ahead.
Closes #172