mirror of
https://github.com/CodeforLeipzig/stadtratmonitor.git
synced 2025-04-24 08:41:33 +02:00
run docker container without root users, fix broken links
This commit is contained in:
Joerg Reichert
parent
f006eed660
commit
19c29ef021
12 changed files with 151 additions and 90 deletions
61
Dockerfile
61
Dockerfile
|
|
@ -1,37 +1,72 @@
|
|||
FROM ruby:3.2.2
|
||||
|
||||
RUN apt-get update && apt-get install -y curl
|
||||
RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
|
||||
RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
|
||||
|
||||
RUN apt-get update && apt-get install -y ruby ruby-dev ruby-bundler \
|
||||
build-essential zlib1g-dev libsqlite3-dev libxml2-dev libxslt1-dev pkg-config nodejs
|
||||
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
RUN gem install bundler
|
||||
|
||||
ENV DOCKERIZE_VERSION v0.6.1
|
||||
RUN curl -sSLO https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
|
||||
&& tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
|
||||
&& rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
|
||||
|
||||
RUN mkdir -p /app
|
||||
COPY ./docker-entrypoint.sh /
|
||||
RUN chmod +x docker-entrypoint.sh
|
||||
|
||||
WORKDIR /tmp
|
||||
RUN mkdir -p /home/srm/tmp
|
||||
#COPY Gemfile.lock /home/srm/tmp/Gemfile.lock
|
||||
|
||||
RUN groupadd -r srm && useradd -r -g srm srm
|
||||
RUN chown -R srm:srm /home/srm
|
||||
USER srm
|
||||
|
||||
WORKDIR /home/srm
|
||||
|
||||
RUN git clone https://github.com/sstephenson/rbenv.git .rbenv
|
||||
RUN git clone https://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
|
||||
|
||||
RUN echo 'export PATH="/home/srm/.rbenv/bin:$PATH"' >> .bashrc && echo 'eval "$(~/.rbenv/bin/rbenv init -)"' >> .bashrc && . ~/.bashrc
|
||||
RUN /home/srm/.rbenv/bin/rbenv install 3.2.2
|
||||
RUN /home/srm/.rbenv/bin/rbenv rehash
|
||||
RUN /home/srm/.rbenv/bin/rbenv global 3.2.2
|
||||
|
||||
|
||||
RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash
|
||||
|
||||
ENV NODE_VERSION 18.16.0
|
||||
ENV NVM_DIR /home/srm/.nvm
|
||||
RUN \
|
||||
. ~/.nvm/nvm.sh \
|
||||
&& nvm install $NODE_VERSION \
|
||||
&& nvm alias default $NODE_VERSION \
|
||||
&& nvm use default;
|
||||
|
||||
ENV NODE_PATH $NVM_DIR/v$NODE_VERSION/lib/node_modules
|
||||
ENV PATH $NVM_DIR/versions/node/v$NODE_VERSION/bin:$PATH
|
||||
|
||||
RUN gem install bundler
|
||||
|
||||
RUN mkdir -p /home/srm/app
|
||||
ADD . /home/srm/app
|
||||
USER root
|
||||
RUN chown -R srm:srm /home/srm/app
|
||||
|
||||
USER srm
|
||||
WORKDIR /home/srm/app
|
||||
|
||||
COPY Gemfile Gemfile
|
||||
COPY Gemfile.lock Gemfile.lock
|
||||
RUN bundle config build.nokogiri --use-system-libraries
|
||||
RUN bundle update
|
||||
RUN bundle install
|
||||
|
||||
ADD . /app
|
||||
WORKDIR /app
|
||||
COPY package.json package.json
|
||||
USER root
|
||||
RUN chown -R srm:srm package.json
|
||||
USER srm
|
||||
|
||||
RUN npm install -g yarn sass
|
||||
|
||||
COPY ./docker-entrypoint.sh /
|
||||
RUN chmod +x docker-entrypoint.sh
|
||||
|
||||
EXPOSE 3000
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
CMD ["rails", "server", "-b", "0.0.0.0"]
|
||||
CMD ["bundle", "exec", "puma" "-C", "config/puma.rb"]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue