diff options
| author | 羽先生 <8655163+VergilGao@users.noreply.github.com> | 2022-05-29 16:06:38 +0800 |
|---|---|---|
| committer | 羽先生 <8655163+VergilGao@users.noreply.github.com> | 2022-05-29 16:06:38 +0800 |
| commit | 2a144e73ed743059d97a62fa6fcb2e95a8058d17 (patch) | |
| tree | 54f3f4ffb82a508f1535c734ec4fc62e316430e9 | |
| parent | Merge pull request #144 from shalak/enhance_bookmarklets (diff) | |
| download | metube-2a144e73ed743059d97a62fa6fcb2e95a8058d17.tar.gz metube-2a144e73ed743059d97a62fa6fcb2e95a8058d17.tar.bz2 metube-2a144e73ed743059d97a62fa6fcb2e95a8058d17.zip | |
use gosu and usermod to ensure data permissions
| -rw-r--r-- | Dockerfile | 22 | ||||
| -rw-r--r-- | docker-entrypoint.sh | 19 |
2 files changed, 39 insertions, 2 deletions
@@ -5,6 +5,14 @@ COPY ui ./ RUN npm ci && \
node_modules/.bin/ng build --prod
+FROM golang:alpine3.15 as gosu-builder
+
+RUN apk --update --no-cache add \
+ git
+
+RUN git clone -b 1.14 --depth 1 --single-branch https://github.com/tianon/gosu /src
+
+RUN cd /src && go build -o bin/gosu
FROM python:3.8-alpine
@@ -12,20 +20,30 @@ WORKDIR /app COPY Pipfile* ./
+ADD docker-entrypoint.sh /opt/scripts/docker-entrypoint.sh
+
RUN apk add --update ffmpeg && \
apk add --update --virtual .build-deps gcc g++ musl-dev && \
pip install --no-cache-dir pipenv && \
pipenv install --system --deploy --clear && \
pip uninstall pipenv -y && \
+ apk add --update coreutils shadow && \
apk del .build-deps && \
- rm -rf /var/cache/apk/*
+ rm -rf /var/cache/apk/* && \
+ chmod +x /opt/scripts/docker-entrypoint.sh && \
+ useradd metube
COPY favicon ./favicon
COPY app ./app
COPY --from=builder /metube/dist/metube ./ui/dist/metube
+COPY --from=gosu-builder /src/bin/ /bin
+
+ENV UID=99
+ENV GID=100
+ENV UMASK=002
ENV DOWNLOAD_DIR /downloads
ENV STATE_DIR /downloads/.metube
VOLUME /downloads
EXPOSE 8081
-CMD ["python3", "app/main.py"]
+ENTRYPOINT [ "/opt/scripts/docker-entrypoint.sh" ]
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100644 index 0000000..9cc00d1 --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +USER=metube + +echo "---Setup Timezone to ${TZ}---" +echo "${TZ}" > /etc/timezone +echo "---Checking if UID: ${UID} matches user---" +usermod -o -u ${UID} ${USER} +echo "---Checking if GID: ${GID} matches user---" +groupmod -o -g ${GID} ${USER} > /dev/null 2>&1 ||: +usermod -g ${GID} ${USER} +echo "---Setting umask to ${UMASK}---" +umask ${UMASK} + +mkdir -p ${DOWNLOAD_DIR} ${STATE_DIR} + +chown -R ${UID}:${GID} /app ${DOWNLOAD_DIR} ${STATE_DIR} + +gosu ${USER} python3 app/main.py
\ No newline at end of file |