libretic/etherpad-lite
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
etherpad-lite/Dockerfile
Pierre Prinetti 50142f6580 docker: Set the home directory for the user 
Before this change, the docker user had home in a directory it had no
permissions on. The inability of creating a cache directory in `$HOME`
prevented npm to work properly.

Additionally, the `node_modules` in the base working directory had its
owner set to root, preventing further changes.

With this change, the `etherpad` user has a home directory.
Additionally, `npm i` is now run by `etherpad` rather than the root
user; this way, it is possible to dynamically change the `node_modules`
content in day 2 operations.

Note that while switching to the `useradd` builtin, a conflict was
discovered with the GID 65534 that was previously used. This change is
changing the `etherpad` user's UID to 5001 to avoid said conflict. As a
consequence, a `chmod -R 5001:5001` must be run prior to attaching
volumes created from previous Etherpad versions.
2019-12-02 22:14:11 +01:00

50 lines
1.5 KiB
Docker
Raw Blame History

# Etherpad Lite Dockerfile
#
# https://github.com/ether/etherpad-lite
#
# Author: muxator
FROM node:10-buster-slim
LABEL maintainer="Etherpad team, https://github.com/ether/etherpad-lite"
# plugins to install while building the container. By default no plugins are
# installed.
# If given a value, it has to be a space-separated, quoted list of plugin names.
#
# EXAMPLE:
# ETHERPAD_PLUGINS="ep_codepad ep_author_neat"
ARG ETHERPAD_PLUGINS=
# Set the following to production to avoid installing devDeps
# this can be done with build args (and is mandatory to build ARM version)
ENV NODE_ENV=development
# Follow the principle of least privilege: run as unprivileged user.
#
# Running as non-root enables running this image in platforms like OpenShift
# that do not allow images running as root.
RUN useradd --uid 5001 --create-home etherpad
RUN mkdir /opt/etherpad-lite && chown etherpad:etherpad /opt/etherpad-lite
USER etherpad:etherpad
WORKDIR /opt/etherpad-lite
COPY --chown=etherpad:etherpad ./ ./
# install node dependencies for Etherpad
RUN bin/installDeps.sh && \
rm -rf ~/.npm/_cacache
# Install the plugins, if ETHERPAD_PLUGINS is not empty.
#
# Bash trick: in the for loop ${ETHERPAD_PLUGINS} is NOT quoted, in order to be
# able to split at spaces.
RUN for PLUGIN_NAME in ${ETHERPAD_PLUGINS}; do npm install "${PLUGIN_NAME}"; done
# Copy the configuration file.
COPY --chown=etherpad:etherpad ./settings.json.docker /opt/etherpad-lite/settings.json
EXPOSE 9001
CMD ["node", "node_modules/ep_etherpad-lite/node/server.js"]
Reference in a new issue View git blame Copy permalink