Fix Docker segfault
This commit is contained in:
antanst
parent
d9158437e9
commit
a43e1c29fe
2 changed files with 24 additions and 20 deletions
32
Dockerfile
32
Dockerfile
|
|
@ -42,25 +42,31 @@ RUN npm cache clean --force && \
|
|||
####################
|
||||
# Production stage #
|
||||
####################
|
||||
FROM node:22-alpine AS production
|
||||
FROM ubuntu:22.04 AS production
|
||||
|
||||
ENV APP_UID=1001
|
||||
ENV APP_GID=1001
|
||||
|
||||
RUN addgroup -g ${APP_GID} -S app && \
|
||||
adduser -S app -u ${APP_UID} -G app
|
||||
|
||||
RUN apk add --no-cache --virtual .runtime-deps \
|
||||
sqlite \
|
||||
openssl \
|
||||
# Install Node.js 22 and runtime dependencies
|
||||
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
||||
curl \
|
||||
procps-ng \
|
||||
ca-certificates \
|
||||
sqlite3 \
|
||||
openssl \
|
||||
procps \
|
||||
dumb-init \
|
||||
bash \
|
||||
su-exec && \
|
||||
rm -rf /var/cache/apk/* /tmp/* && \
|
||||
gosu && \
|
||||
curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
|
||||
apt-get install -y nodejs && \
|
||||
apt-get clean && \
|
||||
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
|
||||
rm -rf /usr/share/man /usr/share/doc /usr/share/info
|
||||
|
||||
# Create app user and group
|
||||
RUN groupadd -g ${APP_GID} app && \
|
||||
useradd -m -u ${APP_UID} -g app app
|
||||
|
||||
# Set working directory
|
||||
WORKDIR /app
|
||||
|
||||
|
|
@ -82,10 +88,8 @@ COPY --from=builder --chown=app:app /app/package.json /app/
|
|||
RUN mkdir -p /app/backend/db /app/backend/certs /app/backend/uploads
|
||||
|
||||
# Cleanup
|
||||
RUN apk del --no-cache .runtime-deps sqlite openssl curl && \
|
||||
apk add --no-cache sqlite-libs openssl curl dumb-init su-exec && \
|
||||
rm -rf /usr/local/lib/node_modules/npm/docs /usr/local/lib/node_modules/npm/man && \
|
||||
rm -rf /root/.npm /tmp/* /var/tmp/* /var/cache/apk/*
|
||||
RUN rm -rf /usr/local/lib/node_modules/npm/docs /usr/local/lib/node_modules/npm/man && \
|
||||
rm -rf /root/.npm /tmp/* /var/tmp/*
|
||||
|
||||
VOLUME ["/app/backend/db"]
|
||||
VOLUME ["/app/backend/uploads"]
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
# Runtime UID/GID Configuration
|
||||
|
|
@ -32,15 +32,15 @@ set_db_file_permissions() {
|
|||
if [ "$CURRENT_UID" != "$PUID" ] || [ "$CURRENT_GID" != "$PGID" ]; then
|
||||
echo "Configuring user permissions..."
|
||||
|
||||
deluser app 2>/dev/null || true
|
||||
delgroup app 2>/dev/null || true
|
||||
userdel app 2>/dev/null || true
|
||||
groupdel app 2>/dev/null || true
|
||||
|
||||
if getent group "$PGID" >/dev/null 2>&1; then
|
||||
TARGET_GROUP=$(getent group "$PGID" | cut -d: -f1)
|
||||
echo "Using existing group '$TARGET_GROUP' with GUID $PGID"
|
||||
else
|
||||
# Create group "app" with our target group id
|
||||
addgroup -g "$PGID" -S app
|
||||
groupadd -g "$PGID" app
|
||||
TARGET_GROUP="app"
|
||||
echo "Created 'app' group with GID: $PGID"
|
||||
fi
|
||||
|
|
@ -50,7 +50,7 @@ if [ "$CURRENT_UID" != "$PUID" ] || [ "$CURRENT_GID" != "$PGID" ]; then
|
|||
echo "Using existing user '$TARGET_USER' with UID $PUID"
|
||||
else
|
||||
# Create user "app" with our target user id
|
||||
adduser -S app -u "$PUID" -G "$TARGET_GROUP"
|
||||
useradd -m -u "$PUID" -g "$TARGET_GROUP" app
|
||||
echo "Created 'app' user with UID: $PUID"
|
||||
TARGET_USER=app
|
||||
fi
|
||||
|
|
@ -69,4 +69,4 @@ set_db_file_permissions
|
|||
|
||||
# Drop privileges and execute the original start script
|
||||
echo "Starting application as user $TARGET_USER"
|
||||
exec su-exec "$TARGET_USER" dumb-init -- /app/backend/cmd/start.sh
|
||||
exec gosu "$TARGET_USER" dumb-init -- /app/backend/cmd/start.sh
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue