mirror of
https://github.com/knadh/listmonk.git
synced 2024-09-19 23:06:32 +08:00
Add support for running Docker container as non-root user using docker-entrypoint.sh (#1892)
* Enabling the usage of non root user in Docker * Added docker-entrypoint.sh to .goreleaser.yml * Renamed UID to PUID and GID to PGID
This commit is contained in:
parent
888e33e5e3
commit
821b43d74f
|
@ -63,6 +63,7 @@ dockers:
|
|||
extra_files:
|
||||
- config.toml.sample
|
||||
- config-demo.toml
|
||||
- docker-entrypoint.sh
|
||||
- use: buildx
|
||||
goos: linux
|
||||
goarch: arm64
|
||||
|
@ -87,6 +88,7 @@ dockers:
|
|||
extra_files:
|
||||
- config.toml.sample
|
||||
- config-demo.toml
|
||||
- docker-entrypoint.sh
|
||||
- use: buildx
|
||||
goos: linux
|
||||
goarch: arm
|
||||
|
@ -112,6 +114,7 @@ dockers:
|
|||
extra_files:
|
||||
- config.toml.sample
|
||||
- config-demo.toml
|
||||
- docker-entrypoint.sh
|
||||
- use: buildx
|
||||
goos: linux
|
||||
goarch: arm
|
||||
|
@ -137,6 +140,7 @@ dockers:
|
|||
extra_files:
|
||||
- config.toml.sample
|
||||
- config-demo.toml
|
||||
- docker-entrypoint.sh
|
||||
|
||||
docker_manifests:
|
||||
- name_template: "{{ .Env.DOCKER_ORG }}/{{ .ProjectName }}:latest"
|
||||
|
|
23
Dockerfile
23
Dockerfile
|
@ -1,8 +1,27 @@
|
|||
FROM --platform=$BUILDPLATFORM alpine:latest
|
||||
RUN apk --no-cache add ca-certificates tzdata
|
||||
|
||||
# Install dependencies
|
||||
RUN apk --no-cache add ca-certificates tzdata shadow su-exec
|
||||
|
||||
# Set the working directory
|
||||
WORKDIR /listmonk
|
||||
|
||||
# Copy only the necessary files
|
||||
COPY listmonk .
|
||||
COPY config.toml.sample config.toml
|
||||
COPY config-demo.toml .
|
||||
CMD ["./listmonk"]
|
||||
|
||||
# Copy the entrypoint script
|
||||
COPY docker-entrypoint.sh /usr/local/bin/
|
||||
|
||||
# Make the entrypoint script executable
|
||||
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
|
||||
|
||||
# Expose the application port
|
||||
EXPOSE 9000
|
||||
|
||||
# Set the entrypoint
|
||||
ENTRYPOINT ["docker-entrypoint.sh"]
|
||||
|
||||
# Define the command to run the application
|
||||
CMD ["./listmonk"]
|
||||
|
|
48
docker-entrypoint.sh
Normal file
48
docker-entrypoint.sh
Normal file
|
@ -0,0 +1,48 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
export PUID=${PUID:-0}
|
||||
export PGID=${PGID:-0}
|
||||
export GROUP_NAME="app"
|
||||
export USER_NAME="app"
|
||||
|
||||
# This function evaluates if the supplied PGID is already in use
|
||||
# if it is not in use, it creates the group with the PGID
|
||||
# if it is in use, it sets the GROUP_NAME to the existing group
|
||||
create_group() {
|
||||
if ! getent group ${PGID} > /dev/null 2>&1; then
|
||||
addgroup -g ${PGID} ${GROUP_NAME}
|
||||
else
|
||||
existing_group=$(getent group ${PGID} | cut -d: -f1)
|
||||
export GROUP_NAME=${existing_group}
|
||||
fi
|
||||
}
|
||||
|
||||
# This function evaluates if the supplied PUID is already in use
|
||||
# if it is not in use, it creates the user with the PUID and PGID
|
||||
create_user() {
|
||||
if ! getent passwd ${PUID} > /dev/null 2>&1; then
|
||||
adduser -u ${PUID} -G ${GROUP_NAME} -s /bin/sh -D ${USER_NAME}
|
||||
else
|
||||
existing_user=$(getent passwd ${PUID} | cut -d: -f1)
|
||||
export USER_NAME=${existing_user}
|
||||
fi
|
||||
}
|
||||
|
||||
# Run the needed functions to create the user and group
|
||||
create_group
|
||||
create_user
|
||||
|
||||
# Set the ownership of the app directory to the app user
|
||||
chown -R ${PUID}:${PGID} /listmonk
|
||||
|
||||
echo "Launching listmonk with user=[${USER_NAME}] group=[${GROUP_NAME}] PUID=[${PUID}] PGID=[${PGID}]"
|
||||
|
||||
# If running as root and PUID is not 0, then execute command as PUID
|
||||
# this allows us to run the container as a non-root user
|
||||
if [ "$(id -u)" = "0" ] && [ "${PUID}" != "0" ]; then
|
||||
su-exec ${PUID}:${PGID} "$@"
|
||||
else
|
||||
exec "$@"
|
||||
fi
|
Loading…
Reference in a new issue