提交 adfd2ff0 编写于 作者: R rsercano

non-root user docker

上级 1ba5d81f
......@@ -6,7 +6,7 @@ set -e
if [[ "${MONGO_URL}" == *"127.0.0.1"* ]]; then
if hash mongod 2>/dev/null; then
printf "\n[-] External MONGO_URL not found. Starting local MongoDB...\n\n"
exec gosu node mongod --storageEngine=wiredTiger > /dev/null 2>&1 &
exec mongod --storageEngine=wiredTiger &
else
echo "ERROR: Mongo not installed inside the container."
echo "Please supply a MONGO_URL environment variable."
......@@ -20,22 +20,6 @@ if [[ $STARTUP_DELAY ]]; then
sleep $STARTUP_DELAY
fi
if [ "${1:0:1}" = '-' ]; then
set -- node "$@"
fi
# allow the container to be started with `--user`
if [ "$1" = "node" -a "$(id -u)" = "0" ]; then
exec gosu node "$BASH_SOURCE" "$@"
fi
if [ "$1" = "node" ]; then
numa="numactl --interleave=all"
if $numa true &> /dev/null; then
set -- $numa "$@"
fi
fi
# Start app
echo "=> Starting app on port $PORT..."
exec "$@"
\ No newline at end of file
......@@ -2,24 +2,20 @@
set -e
printf "\n[-] Installing MongoDB ${MONGO_VERSION}...\n\n"
printf "\n[-] Installing MongoDB 3.4.2...\n\n"
apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys 0C49F3730359A14518585931BC711F9BA15703C6
cd /tmp
curl -O -L https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-debian81-3.4.2.tgz
tar xvzf mongodb-linux-x86_64-debian81-3.4.2.tgz
rm mongodb-linux-x86_64-debian81-3.4.2.tgz
echo "deb http://repo.mongodb.org/apt/debian jessie/mongodb-org/$MONGO_MAJOR main" > /etc/apt/sources.list.d/mongodb-org.list
rm -rf /opt/mongodb
mv mongodb-linux-x86_64-debian81-3.4.2 /opt/mongodb
apt-get update
ln -sf /opt/mongodb/bin/mongo /usr/bin/mongo
ln -sf /opt/mongodb/bin/mongod /usr/bin/mongod
apt-get install -y \
${MONGO_PACKAGE}=$MONGO_VERSION \
${MONGO_PACKAGE}-server=$MONGO_VERSION \
${MONGO_PACKAGE}-shell=$MONGO_VERSION \
${MONGO_PACKAGE}-mongos=$MONGO_VERSION \
${MONGO_PACKAGE}-tools=$MONGO_VERSION
mkdir -p /data/{db,configdb}
mkdir -p /data/db
chown -R node:node /data
rm -rf /var/lib/apt/lists/*
rm -rf /var/lib/mongodb
mv /etc/mongod.conf /etc/mongod.conf.orig
\ No newline at end of file
printf "\n[-] MongoDB installed successfully\n\n"
......@@ -6,11 +6,6 @@ RUN groupadd -r node && useradd -m -g node node
ENV NODE_VERSION 4.7.3
ENV GOSU_VERSION 1.10
# install MongoDB
ENV MONGO_VERSION 3.4.2
ENV MONGO_MAJOR 3.4
ENV MONGO_PACKAGE mongodb-org
# default values for Meteor environment variables
ENV ROOT_URL http://localhost
ENV MONGO_URL mongodb://127.0.0.1:27017/meteor
......@@ -45,7 +40,7 @@ RUN cd $APP_SOURCE_DIR && \
RUN cp -R $APP_BUNDLE_DIR/bundle/programs/server/npm/node_modules/tunnel-ssh $APP_BUNDLE_DIR/bundle/programs/server/npm/node_modules/meteor/modules-runtime/node_modules/
EXPOSE 3000
USER node
WORKDIR $APP_BUNDLE_DIR/bundle
# start the app
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册