Added silverbullet user with 1000:1000 IDs, runnign deno as this user (#401)

- Fixing permissions for /deno-dir as well
2023-05-11 09:40:29 +02:00 · 2023-05-11 09:40:29 +02:00 · f0f04b8569
parent c8d0b2df14
commit f0f04b8569
1 changed files with 8 additions and 3 deletions
--- a/11
+++ b/11
@ -12,13 +12,18 @@ ARG TARGETARCH
 # Adding tini manually, as it's not included anymore in the new baseimage
 ENV TINI_VERSION v0.19.0
 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
-
 # Copy the bundled version of silverbullet into the container
 ADD ./dist/silverbullet.js /silverbullet.js

+ENV SILVERBULLET_UID_GID 1000
+ENV SILVERBULLET_USERNAME silverbullet
+
 # Make sure the deno user has access to the space volume
 RUN mkdir -p /space \
- && chown -R deno:deno /space \
+ && addgroup --gid ${SILVERBULLET_UID_GID} silverbullet \
+ && adduser --uid ${SILVERBULLET_UID_GID} --gid ${SILVERBULLET_UID_GID} ${SILVERBULLET_USERNAME} \
+ && chown -R ${SILVERBULLET_USERNAME}:${SILVERBULLET_USERNAME} /space \
+ && chown -R ${SILVERBULLET_USERNAME}:${SILVERBULLET_USERNAME} /deno-dir \
 && chmod +x /tini \
 && echo "**** cleanup ****" \
 && apt-get -y autoremove \
@ -31,7 +36,7 @@ RUN mkdir -p /space \
    /usr/share/man

 # deno user id is 1000 in alpine image
-USER deno
+USER ${SILVERBULLET_USERNAME}

 # Expose port 3000
 # Port map this when running, e.g. with -p 3002:3000 (where 3002 is the host port)