-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathContainerfile.rootless
39 lines (30 loc) · 1.04 KB
/
Containerfile.rootless
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# Use UBI8 minimal as base image
FROM registry.access.redhat.com/ubi8/ubi-minimal:latest
# Set up environment variables
ENV NGINX_VERSION=1.20 \
NGINX_HOME=/usr/share/nginx \
PATH=$PATH:/usr/sbin
# Switch to root temporarily for installation
USER root
# Install nginx and necessary packages
RUN microdnf update -y && \
microdnf install -y nginx shadow-utils && \
microdnf clean all
# the nginx user will get created when you install nginx in the above step
# Set up directories and permissions
RUN mkdir -p /var/log/nginx && \
mkdir -p /var/lib/nginx/tmp && \
chown -R nginx:root /var/log/nginx && \
chown -R nginx:root /var/lib/nginx && \
chown -R nginx:root /usr/share/nginx && \
chmod -R g+rwX /var/log/nginx && \
chmod -R g+rwX /var/lib/nginx && \
chmod -R g+rwX /usr/share/nginx
# Copy nginx configuration
COPY --chown=nginx:root nginx.conf /etc/nginx/nginx.conf
# Expose port 8080 (non-privileged port)
EXPOSE 8080
# Switch to non-root user
USER nginx
# Start Nginx
CMD ["nginx", "-g", "daemon off;"]