AI/dify
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/langgenius/dify.git synced 2025-08-14 14:06:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: Improvement- use non root user for Web container (#8928)

Browse Source
This commit is contained in:
Sergio Sacristán 2024-10-08 05:12:21 +02:00 committed by GitHub
parent b933c9d206
commit a8b4d1ac2a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
web/Dockerfile
View File

@ -46,21 +46,27 @@ ENV TZ=UTC
RUN ln -s /usr/share/zoneinfo/${TZ} /etc/localtime \ RUN ln -s /usr/share/zoneinfo/${TZ} /etc/localtime \
&& echo ${TZ} > /etc/timezone && echo ${TZ} > /etc/timezone
# global runtime packages
RUN yarn global add pm2 \
&& yarn cache clean
WORKDIR /app/web WORKDIR /app/web
COPY --from=builder /app/web/public ./public COPY --from=builder /app/web/public ./public
COPY --from=builder /app/web/.next/standalone ./ COPY --from=builder /app/web/.next/standalone ./
COPY --from=builder /app/web/.next/static ./.next/static COPY --from=builder /app/web/.next/static ./.next/static
COPY docker/pm2.json ./pm2.json COPY docker/pm2.json ./pm2.json
COPY docker/entrypoint.sh ./entrypoint.sh COPY docker/entrypoint.sh ./entrypoint.sh
# global runtime packages
RUN yarn global add pm2 \
&& yarn cache clean \
&& mkdir /.pm2 \
&& chown -R 1001:0 /.pm2 /app/web \
&& chmod -R g=u /.pm2 /app/web
ARG COMMIT_SHA ARG COMMIT_SHA
ENV COMMIT_SHA=${COMMIT_SHA} ENV COMMIT_SHA=${COMMIT_SHA}
USER 1001
EXPOSE 3000 EXPOSE 3000
ENTRYPOINT ["/bin/sh", "./entrypoint.sh"] ENTRYPOINT ["/bin/sh", "./entrypoint.sh"]