From e3014e1b8eeb213a4b3d9ec679cd798e541befa4 Mon Sep 17 00:00:00 2001 From: Jakob Schlyter Date: Mon, 25 Nov 2024 15:16:07 +0100 Subject: [PATCH 1/3] fix JSONArgsRecommended --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a04051b..57bb166 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,4 +8,4 @@ FROM python:3.12 WORKDIR /tmp COPY --from=builder /src/dist/*.whl . RUN pip3 install *.whl && rm *.whl -ENTRYPOINT aggrec_server +ENTRYPOINT ["aggrec_server"] From e2852108551fd8830a6d98af648d0abfcef0445e Mon Sep 17 00:00:00 2001 From: Jakob Schlyter Date: Mon, 25 Nov 2024 15:20:36 +0100 Subject: [PATCH 2/3] add CMD and create user --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index 57bb166..378b939 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,4 +8,7 @@ FROM python:3.12 WORKDIR /tmp COPY --from=builder /src/dist/*.whl . RUN pip3 install *.whl && rm *.whl +RUN useradd -r -u 1000 -g root aggrec +USER aggrec +CMD ["--host", "0.0.0.0", "--port", "8080"] ENTRYPOINT ["aggrec_server"] From 701da2db089cfadade4af248aea8f7f6dbc869ac Mon Sep 17 00:00:00 2001 From: Jakob Schlyter Date: Mon, 25 Nov 2024 15:32:20 +0100 Subject: [PATCH 3/3] disable login, create homedir, order --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 378b939..b9b11ec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ FROM python:3.12 WORKDIR /tmp COPY --from=builder /src/dist/*.whl . RUN pip3 install *.whl && rm *.whl -RUN useradd -r -u 1000 -g root aggrec +RUN useradd -u 1000 -m -s /sbin/nologin aggrec USER aggrec -CMD ["--host", "0.0.0.0", "--port", "8080"] ENTRYPOINT ["aggrec_server"] +CMD ["--host", "0.0.0.0", "--port", "8080"]