From ef31d8e02585495e75a01cc9a46aad70507dfcc5 Mon Sep 17 00:00:00 2001 From: Revant Nandgaonkar Date: Thu, 18 Nov 2021 22:23:54 +0530 Subject: [PATCH] feat(frappe-nginx): use nginxinc/nginx-unprivileged image --- build/frappe-nginx/Dockerfile | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/build/frappe-nginx/Dockerfile b/build/frappe-nginx/Dockerfile index 46c9a07a..e0520af6 100644 --- a/build/frappe-nginx/Dockerfile +++ b/build/frappe-nginx/Dockerfile @@ -44,13 +44,17 @@ RUN git clone --depth 1 https://github.com/frappe/bench /tmp/bench \ RUN cp -R apps/frappe/frappe/public/* sites/assets/frappe \ && cp -R apps/frappe/node_modules sites/assets/frappe/ -FROM nginx:latest +FROM nginxinc/nginx-unprivileged:latest COPY --from=builder /home/frappe/frappe-bench/sites /var/www/html/ COPY --from=builder /var/www/error_pages /var/www/ COPY build/frappe-nginx/nginx-default.conf.template /etc/nginx/conf.d/default.conf.template COPY build/frappe-nginx/docker-entrypoint.sh / +USER root + +RUN usermod -u 1000 nginx && groupmod -g 1000 nginx + RUN apt-get update \ && apt-get install --no-install-recommends -y \ rsync \ @@ -61,5 +65,9 @@ RUN echo "#!/bin/bash" > /rsync \ VOLUME [ "/assets" ] +RUN chown -R nginx:nginx /assets /etc/nginx/conf.d/ + +USER nginx + ENTRYPOINT ["/docker-entrypoint.sh"] CMD ["nginx", "-g", "daemon off;"]