mirror of
https://github.com/tmdinosaurcenter/kiosk-guestbook.git
synced 2026-06-04 02:29:09 -06:00
steve
0c8491ce7a
Create appuser with configurable UID/GID (default 1000, matching example.env PID/GID vars) and switch to it before starting Gunicorn. Override at build time with --build-arg UID=... --build-arg GID=... Note: the /data volume mount must be owned by the matching UID on the host for the DB to remain writable.
37 lines
1.1 KiB
Docker
37 lines
1.1 KiB
Docker
# Use a lightweight Python image
|
|
FROM python:3.9-slim
|
|
|
|
# Set the working directory
|
|
WORKDIR /app
|
|
|
|
# Install system dependencies (including gettext for envsubst)
|
|
RUN apt-get update && apt-get install -y gettext && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install Python dependencies
|
|
COPY requirements.txt .
|
|
RUN pip install --no-cache-dir -r requirements.txt
|
|
|
|
# Copy the application code and template files
|
|
COPY . .
|
|
|
|
# Copy the entrypoint script into the container and make it executable
|
|
COPY entrypoint.sh /entrypoint.sh
|
|
RUN chmod +x /entrypoint.sh
|
|
|
|
# Set environment variables (can be overridden by .env)
|
|
ENV FLASK_ENV=production
|
|
|
|
# Expose the port (Gunicorn will run on 8000)
|
|
EXPOSE 8000
|
|
|
|
# Create a non-root user. UID/GID match the PID/GID vars in example.env (default 1000).
|
|
# Override at build time with: docker build --build-arg UID=1001 --build-arg GID=1001
|
|
ARG UID=1000
|
|
ARG GID=1000
|
|
RUN groupadd -g ${GID} appuser && useradd -u ${UID} -g ${GID} -s /bin/sh -M appuser
|
|
RUN chown -R appuser:appuser /app /entrypoint.sh
|
|
USER appuser
|
|
|
|
# Use the entrypoint script as the container's command
|
|
CMD ["/entrypoint.sh"]
|