From: Jeff Halter Date: Sun, 7 Jul 2024 00:51:45 +0000 (-0700) Subject: Remove user from Dockerfile X-Git-Url: https://git.r.bdr.sh/rbdr/mobius/commitdiff_plain/d4207f0da06f9578a5d89f47f126ce5343c162bd?hp=6dabc6b44f27f0aa936a7f9518aa6bc1243d9001 Remove user from Dockerfile --- diff --git a/Dockerfile b/Dockerfile index 75f324b..ee33b0e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,18 +5,11 @@ COPY . . RUN CGO_ENABLED=0 go build -o /app/server cmd/mobius-hotline-server/main.go && chmod a+x /app/server -FROM debian:stable-slim - -# Change these as you see fit. This makes bind mounting easier so you don't have to edit bind mounted config files as root. -ARG USERNAME=mobius -ARG UID=1001 -ARG GUID=1001 +FROM scratch COPY --from=builder /app/server /app/server COPY --from=builder /app/cmd/mobius-hotline-server/mobius/config /usr/local/var/mobius/config -RUN useradd -d /app -u ${UID} ${USERNAME} -RUN chown -R ${USERNAME}:${USERNAME} /app + EXPOSE 5500 5501 -USER ${USERNAME} ENTRYPOINT ["/app/server"] diff --git a/README.md b/README.md index fc73a15..42ed9d3 100644 --- a/README.md +++ b/README.md @@ -16,16 +16,37 @@ The goal of the Mobius client is to make it fun and easy to connect to multiple ### Docker -If you run Docker, you can quickly try out the Mobius server with the official image from Docker hub: +### Docker + +To quickly run a Hotline server with ports forwarded from the host OS to the container, run: + + docker run --rm -p 5500:5500 -p 5501:5501 ghcr.io/jhalter/mobius:latest - docker run --pull=always --rm -p 5500:5500 -p 5501:5501 jhalter/mobius-hotline-server:latest +You can now connect to localhost:5500 with your favorite Hotline client and play around, but all changes will be lost on container restart. -This will start the Mobius server with the Hotline ports 5500 and 5501 exposed on localhost using a default configuration from the image. +To serve files from the host OS and persist configuration changes, you'll want to set up a [bind mount](https://docs.docker.com/storage/bind-mounts/) that maps a directory from the host into the container. -To edit the configuration and serve files from your host OS, include the `-v` option to setup a Docker [bind mount](https://docs.docker.com/storage/bind-mounts/): +To do this, create a directory in a location of your choice on the host OS. For clarity, we'll assign the path to the `HLFILES` environment variable and re-use it: - export HLFILES=/Users/foo/HotlineFiles # - docker run --rm -p 5500:5500 -p 5501:5501 -v $HLFILES:/usr/local/var/mobius/config jhalter/mobius-hotline-server:latest -init +``` +export HLFILES=/home/myuser/hotline-files +mdkir $HLFILES + +sudo docker run \ + --pull=always \ + --rm \ + -p 5500:5500 \ + -p 5501:5501 \ + -v $HLFILES:/usr/local/var/mobius/config \ + ghcr.io/jhalter/mobius:latest \ + -init +``` + +It's a good security practice to run your server as a non-root user, which also happens to make editing the configuration files easier from the host OS. + +To do this, add the `--user` flag to the docker run arguments with a user ID and group ID of a user on the host OS. + +`--user 1001:1001` You'll now find a configuration directory on your host OS populated with a default configuration: @@ -44,7 +65,6 @@ drwxr-xr-x 4 jhalter staff 128 Jun 12 17:11 Users Edit `config.yaml` to get started personalizing your server. - ### Mac OS For Mac OS the easiest path to installation is through Homebrew.