Adjust Docker setup to run Rails without root
This commit is contained in:
parent
d5f61239ce
commit
388d34c9ce
|
@ -1,5 +1,10 @@
|
||||||
FROM ruby:2.7
|
FROM ruby:2.7
|
||||||
|
|
||||||
|
USER root
|
||||||
|
|
||||||
|
ARG UID=1000
|
||||||
|
ARG GID=1000
|
||||||
|
|
||||||
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
|
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
|
||||||
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
|
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
|
||||||
|
|
||||||
|
@ -14,9 +19,20 @@ RUN apt-get update -qq \
|
||||||
yarn \
|
yarn \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
RUN mkdir /app
|
RUN mkdir /app \
|
||||||
|
&& mkdir /cache
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
|
RUN addgroup --gid ${GID} app \
|
||||||
|
&& adduser --gecos "" --disabled-password --shell /bin/bash --uid ${UID} --gid ${GID} app \
|
||||||
|
&& chown "${UID}:${GID}" -R /app/ \
|
||||||
|
&& chown "${UID}:${GID}" -R /cache/
|
||||||
|
|
||||||
|
COPY .docker/entrypoint.sh /usr/bin/
|
||||||
|
RUN chmod +x /usr/bin/entrypoint.sh
|
||||||
|
|
||||||
|
USER app:app
|
||||||
|
|
||||||
ADD Gemfile* /app/
|
ADD Gemfile* /app/
|
||||||
RUN bundle install --jobs=$(nproc)
|
RUN bundle install --jobs=$(nproc)
|
||||||
RUN gem install ruby-debug-ide
|
RUN gem install ruby-debug-ide
|
||||||
|
@ -27,8 +43,6 @@ RUN yarn install
|
||||||
|
|
||||||
COPY . /app
|
COPY . /app
|
||||||
|
|
||||||
COPY .docker/entrypoint.sh /usr/bin/
|
|
||||||
RUN chmod +x /usr/bin/entrypoint.sh
|
|
||||||
ENTRYPOINT ["entrypoint.sh"]
|
ENTRYPOINT ["entrypoint.sh"]
|
||||||
EXPOSE 3000
|
EXPOSE 3000
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue