From c7abe2976271a6ed98fc7574e5878e5c9eaae5a2 Mon Sep 17 00:00:00 2001 From: Devlin Cashman <55607117+devlincashman@users.noreply.github.com> Date: Sat, 17 Dec 2022 20:35:31 -0500 Subject: [PATCH] reduce image size by setting permissions at copy stage --- .dockerignore | 6 +----- Dockerfile | 29 ++++++++++++++--------------- 2 files changed, 15 insertions(+), 20 deletions(-) diff --git a/.dockerignore b/.dockerignore index f0a5832f..e71adaa9 100755 --- a/.dockerignore +++ b/.dockerignore @@ -8,10 +8,6 @@ Dockerfile dockerfiles/LICENSE dockerfiles/README.md docs -install/pialert_install.sh -install/pialert_install_no_webserver.sh -install/pialert_uninstall.sh -install/pialert_update.sh LICENSE.txt README.md -tar +CONTRIBUTING diff --git a/Dockerfile b/Dockerfile index dcc7172c..e10c7c0a 100755 --- a/Dockerfile +++ b/Dockerfile @@ -15,27 +15,26 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* \ && rm -rf /var/www/html \ && ln -s /home/pi/pialert/front /var/www/html - - -# now creating user + +# create pi user and group +# add root and www-data to pi group so they can r/w files and db RUN groupadd --gid "${USER_GID}" "${USER}" && \ useradd \ - --uid ${USER_ID} \ - --gid ${USER_GID} \ - --create-home \ - --shell /bin/bash \ - ${USER} + --uid ${USER_ID} \ + --gid ${USER_GID} \ + --create-home \ + --shell /bin/bash \ + ${USER} && \ + usermod -a -G ${USER_GID} root && \ + usermod -a -G ${USER_GID} www-data -COPY . /home/pi/pialert +COPY --chmod=775 --chown=${USER_ID}:${USER_GID} . /home/pi/pialert/ -# Pi.Alert +# Pi.Alert RUN rm /etc/nginx/sites-available/default \ - && ln -s /home/pi/pialert/install/default /etc/nginx/sites-available/default \ + && ln -s /home/pi/pialert/install/default /etc/nginx/sites-available/default \ && sed -ie 's/listen 80/listen '${PORT}'/g' /etc/nginx/sites-available/default \ # run the hardware vendors update && /home/pi/pialert/back/update_vendors.sh -# it's easy for permissions set in Git to be overridden, so doing it manually -RUN chmod -R a+rxw /home/pi/pialert/ - -CMD ["/home/pi/pialert/dockerfiles/start.sh"] \ No newline at end of file +CMD ["/home/pi/pialert/dockerfiles/start.sh"]