Skip to content

Commit

Permalink
Use non root for containers
Browse files Browse the repository at this point in the history
  • Loading branch information
@luigi311
luigi311 committed Nov 13, 2023
1 parent f6b2186 commit d607c9c
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 4 deletions.
12 changes: 10 additions & 2 deletions Dockerfile.alpine
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,12 +32,20 @@ ENV WHITELIST_LIBRARY_TYPE ''
ENV BLACKLIST_USERS ''
ENV WHITELIST_USERS ''


RUN addgroup --system jellyplex_user && \
adduser --system --no-create-home jellyplex_user --ingroup jellyplex_user && \
mkdir -p /app && \
chown -R jellyplex_user:jellyplex_user /app

WORKDIR /app

COPY ./requirements.txt ./
COPY --chown=jellyplex_user:jellyplex_user ./requirements.txt ./

RUN pip install --no-cache-dir -r requirements.txt

COPY . .
COPY --chown=jellyplex_user:jellyplex_user . .

USER jellyplex_user

CMD ["python", "-u", "main.py"]
12 changes: 10 additions & 2 deletions Dockerfile.slim
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,12 +32,20 @@ ENV WHITELIST_LIBRARY_TYPE ''
ENV BLACKLIST_USERS ''
ENV WHITELIST_USERS ''


RUN addgroup --system jellyplex_user && \
adduser --system --no-create-home jellyplex_user --ingroup jellyplex_user && \
mkdir -p /app && \
chown -R jellyplex_user:jellyplex_user /app

WORKDIR /app

COPY ./requirements.txt ./
COPY --chown=jellyplex_user:jellyplex_user ./requirements.txt ./

RUN pip install --no-cache-dir -r requirements.txt

COPY . .
COPY --chown=jellyplex_user:jellyplex_user . .

USER jellyplex_user

CMD ["python", "-u", "main.py"]

0 comments on commit d607c9c

Please sign in to comment.