mirror of
https://github.com/bigbluebutton/docker.git
synced 2025-06-19 19:29:02 +02:00
webrtc-sfu: run as a non-root user #27
https://github.com/alangecker/bigbluebutton-docker/issues/27
This commit is contained in:
parent
d69de30c9d
commit
f0e734a2cf
@ -1,6 +1,7 @@
|
||||
FROM node:14-alpine
|
||||
|
||||
RUN apk update && apk add git
|
||||
RUN apk add git \
|
||||
&& adduser -D -u 2004 -g webrtc-sfu webrtc-sfu
|
||||
|
||||
ADD . app
|
||||
|
||||
@ -13,16 +14,17 @@ ENV NODE_ENV production
|
||||
# npm ERR! fatal: Not a git repository: ../.git/modules/bbb-webrtc-sfu
|
||||
# we simply delete the .git file
|
||||
RUN cp config/default.example.yml config/production.yml \
|
||||
&& chown -R webrtc-sfu:webrtc-sfu config \
|
||||
&& rm .git \
|
||||
&& npm install --unsafe-perm \
|
||||
&& npm cache clear --force
|
||||
|
||||
EXPOSE 3008
|
||||
|
||||
# remove automatic IP detection (broken in alpine)
|
||||
# and use sh instead of bash
|
||||
RUN sed -i 's/CONTAINER_IP=.*/CONTAINER_IP=10.7.7.10/' /app/docker-entrypoint.sh \
|
||||
&& sed -i 's/bash/sh/' /app/docker-entrypoint.sh
|
||||
|
||||
USER webrtc-sfu
|
||||
ENTRYPOINT [ "./docker-entrypoint.sh" ]
|
||||
CMD [ "npm", "start" ]
|
||||
|
Loading…
x
Reference in New Issue
Block a user