bedcb8e975
This change amends eea99fe507.
https://docs.docker.com/engine/reference/builder/#user
USER <user>[:<group>] or
USER <UID>[:<GID>]
The USER instruction sets the user name (or UID) and optionally the user group
(or GID) to use when running the image and for any RUN, CMD and ENTRYPOINT
instructions that follow it in the Dockerfile.
71 lines
2.1 KiB
Docker
71 lines
2.1 KiB
Docker
# Etherpad Lite Dockerfile
|
|
#
|
|
# https://github.com/ether/etherpad-docker
|
|
#
|
|
# Author: muxator
|
|
#
|
|
# Version 0.1
|
|
|
|
FROM node:10-buster-slim
|
|
LABEL maintainer="Etherpad team, https://github.com/ether/etherpad-lite"
|
|
|
|
# git hash of the version to be built.
|
|
# If not given, build the latest development version.
|
|
ARG ETHERPAD_VERSION=develop
|
|
|
|
# plugins to install while building the container. By default no plugins are
|
|
# installed.
|
|
# If given a value, it has to be a space-separated, quoted list of plugin names.
|
|
#
|
|
# EXAMPLE:
|
|
# ETHERPAD_PLUGINS="ep_codepad ep_author_neat"
|
|
ARG ETHERPAD_PLUGINS=
|
|
|
|
# Set the following to production to avoid installing devDeps
|
|
# this can be done with build args (and is mandatory to build ARM version)
|
|
ENV NODE_ENV=development
|
|
|
|
# grab the ETHERPAD_VERSION tarball from github (no need to clone the whole
|
|
# repository)
|
|
RUN echo "Getting version: ${ETHERPAD_VERSION}" && \
|
|
curl \
|
|
--location \
|
|
--fail \
|
|
--silent \
|
|
--show-error \
|
|
--output /opt/etherpad-lite.tar.gz \
|
|
https://github.com/ether/etherpad-lite/archive/"${ETHERPAD_VERSION}".tar.gz && \
|
|
mkdir /opt/etherpad-lite && \
|
|
tar xf /opt/etherpad-lite.tar.gz \
|
|
--directory /opt/etherpad-lite \
|
|
--strip-components=1 && \
|
|
rm /opt/etherpad-lite.tar.gz
|
|
|
|
WORKDIR /opt/etherpad-lite
|
|
|
|
# install node dependencies for Etherpad
|
|
RUN bin/installDeps.sh && \
|
|
rm -rf ~/.npm/_cacache
|
|
|
|
# Install the plugins, if ETHERPAD_PLUGINS is not empty.
|
|
#
|
|
# Bash trick: in the for loop ${ETHERPAD_PLUGINS} is NOT quoted, in order to be
|
|
# able to split at spaces.
|
|
RUN for PLUGIN_NAME in ${ETHERPAD_PLUGINS}; do npm install "${PLUGIN_NAME}"; done
|
|
|
|
# Copy the configuration file.
|
|
COPY ./settings.json /opt/etherpad-lite/
|
|
|
|
# Follow the principle of least privilege: run as unprivileged user.
|
|
#
|
|
# Running as non-root enables running this image in platforms like OpenShift
|
|
# that do not allow images running as root.
|
|
RUN \
|
|
echo 'etherpad:x:65534:65534:etherpad:/:' > /etc/passwd && \
|
|
echo 'etherpad:x:65534:' > /etc/group && \
|
|
chown -R etherpad:etherpad ./
|
|
|
|
USER etherpad:etherpad
|
|
|
|
EXPOSE 9001
|
|
CMD ["node", "node_modules/ep_etherpad-lite/node/server.js"]
|