From: Chris Jones <redacted>
Date: Sun, 21 Jan 2024 22:44:44 +0000 (-0500)
Subject: Making it so mobius does not run as root in Docker.
X-Git-Url: https://git.r.bdr.sh/rbdr/mobius/commitdiff_plain/5f81c5c8e4cae2d2aad0301a0fc6ad08ae0c417e

Making it so mobius does not run as root in Docker.
---

diff --git a/Dockerfile b/Dockerfile
index 421cfb5..bd7de5e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,12 +5,18 @@ COPY . .
 
 RUN CGO_ENABLED=0 go build -o /app/server cmd/mobius-hotline-server/main.go && chmod a+x /app/server
 
-FROM scratch
+FROM debian:stable-slim
+
+# Change these as you see fit. This makes bind mounting easier so you don't have to edit bind mounted config files as root.
+ARG USERNAME=mobius
+ARG UID=1001
+ARG GUID=1001
 
 COPY --from=builder /app/server /app/server
 COPY --from=builder /app/cmd/mobius-hotline-server/mobius/config /usr/local/var/mobius/config
-
+RUN useradd -d /app -u ${UID} ${USERNAME}
+RUN chown -R ${USERNAME}:${USERNAME} /app
 EXPOSE 5500 5501
 
+USER ${USERNAME}
 ENTRYPOINT ["/app/server"]
-CMD ["/app/server"]