kiwix
/
kiwix-tools
mirror of https://github.com/kiwix/kiwix-tools.git
1
0
Fork 1
Code Issues Releases Wiki Activity

Merge pull request #755 from Sedetius/rootles-docker

Browse Source 
[Docker] kiwix-serve image to use unprivileged user
pull/734/merge
Kelson 8 months ago committed by GitHub
parent e22cfea9d9 869b08cf71
commit 90f4562408
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File

2
docker/Dockerfile
Unescape View File

@ -1,5 +1,5 @@
FROM alpine:3.18
LABEL org.opencontainers.image.source https://github.com/openzim/kiwix-tools
LABEL org.opencontainers.image.source=https://github.com/openzim/kiwix-tools
# TARGETPLATFORM is injected by docker build
ARG TARGETPLATFORM

6
docker/server/Dockerfile
Unescape View File

@ -2,13 +2,17 @@ ARG VERSION=latest
# kiwix-tools is multi-arch
FROM ghcr.io/kiwix/kiwix-tools:$VERSION
LABEL org.opencontainers.image.source https://github.com/openzim/kiwix-tools
LABEL org.opencontainers.image.source=https://github.com/openzim/kiwix-tools
# expose kiwix-serve default port and workdir
EXPOSE 8080
VOLUME /data
WORKDIR /data
# running as a named unprivileged user
RUN addgroup -S user && adduser -S user -G user
USER user
COPY ./start.sh /usr/local/bin/
ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/start.sh"]

Write Preview
Loading…
Cancel
Save