libretic/etherpad-lite
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
etherpad-lite/Dockerfile
Paul Tiedtke ffc718e8c0 docker: add support for arbitrary user ids (for OpenShift compatibility) 
This solves a compatibility problem with OpenShift. In OpenShift security
model, the containers are run by arbitrary user ids, but the users are always
a member of the root group.

This PR adjusts the permissions accordingly.

Documentation reference:
https://docs.openshift.com/container-platform/3.11/creating_images/guidelines.html#use-uid
2020-04-08 15:06:08 +02:00

53 lines
1.5 KiB
Docker
Raw Blame History

# Etherpad Lite Dockerfile
#
# https://github.com/ether/etherpad-lite
#
# Author: muxator
FROM node:10-buster-slim
LABEL maintainer="Etherpad team, https://github.com/ether/etherpad-lite"
# plugins to install while building the container. By default no plugins are
# installed.
# If given a value, it has to be a space-separated, quoted list of plugin names.
#
# EXAMPLE:
# ETHERPAD_PLUGINS="ep_codepad ep_author_neat"
ARG ETHERPAD_PLUGINS=
# Set the following to production to avoid installing devDeps
# this can be done with build args (and is mandatory to build ARM version)
ENV NODE_ENV=development
# Follow the principle of least privilege: run as unprivileged user.
#
# Running as non-root enables running this image in platforms like OpenShift
# that do not allow images running as root.
RUN useradd --uid 5001 --create-home etherpad
RUN mkdir /opt/etherpad-lite && chown etherpad:0 /opt/etherpad-lite
USER etherpad
WORKDIR /opt/etherpad-lite
COPY --chown=etherpad:0 ./ ./
# install node dependencies for Etherpad
RUN bin/installDeps.sh && \
rm -rf ~/.npm/_cacache
# Install the plugins, if ETHERPAD_PLUGINS is not empty.
#
# Bash trick: in the for loop ${ETHERPAD_PLUGINS} is NOT quoted, in order to be
# able to split at spaces.
RUN for PLUGIN_NAME in ${ETHERPAD_PLUGINS}; do npm install "${PLUGIN_NAME}"; done
# Copy the configuration file.
COPY --chown=etherpad:0 ./settings.json.docker /opt/etherpad-lite/settings.json
# Fix permissions for root group
RUN chmod -R g=u .
EXPOSE 9001
CMD ["node", "node_modules/ep_etherpad-lite/node/server.js"]
Reference in a new issue View git blame Copy permalink