mirrors/cobalt
1
0
Fork 0
mirror of https://github.com/imputnet/cobalt.git synced 2025-07-17 18:58:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: Harden Dockerfile

Browse Source
This commit is contained in:
Myzel394 2023-11-11 00:27:15 +01:00
parent 463ece02c7
commit cbfb8432f8
No known key found for this signature in database
GPG Key ID: 79CC92F37B3E1A2B
2 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.dockerignore Normal file
View File

@ -0,0 +1,5 @@
node_modules
.gitignore
Dockerfile
README.md
docs

21
Dockerfile
View File

@ -1,15 +1,20 @@
FROM node:18-bullseye-slim FROM node:20-slim
WORKDIR /app WORKDIR /app
EXPOSE 9000
RUN apt-get update RUN apt-get update
RUN apt-get install -y git RUN apt-get install -y git
RUN rm -rf /var/lib/apt/lists/* RUN apt-get install -y git
COPY package*.json ./
RUN npm install
RUN git clone -n https://github.com/wukko/cobalt.git --depth 1 && mv cobalt/.git ./ && rm -rf cobalt
COPY . . COPY . .
EXPOSE 9000
RUN npm install
# Drop privileges
RUN groupadd cobalt && useradd -g cobalt cobalt
RUN chown -R cobalt:cobalt /app
RUN chmod -R 755 /app
USER cobalt
CMD [ "node", "src/cobalt" ] CMD [ "node", "src/cobalt" ]