This commit is contained in:
+2
-14
@@ -2,27 +2,15 @@
|
||||
FROM python:3.11-slim
|
||||
|
||||
# Create a non-root user for running the bot
|
||||
RUN groupadd -g ${GROUP_ID:-1000} botgroup && \
|
||||
useradd -u ${USER_ID:-1000} -g botgroup -m botuser
|
||||
|
||||
WORKDIR /app
|
||||
COPY requirements.txt .
|
||||
RUN pip install --no-cache-dir -r requirements.txt
|
||||
|
||||
COPY bot.py .
|
||||
COPY config.py .
|
||||
COPY entrypoint.sh .
|
||||
|
||||
# Make entrypoint.sh executable
|
||||
RUN chmod +x /app/entrypoint.sh
|
||||
|
||||
# Create DB directory with proper permissions
|
||||
RUN mkdir -p /app/DB && chown -R botuser:botgroup /app
|
||||
# Create DB directory
|
||||
RUN mkdir -p /app/DB
|
||||
|
||||
ENV PYTHONUNBUFFERED=1
|
||||
|
||||
# Switch to non-root user
|
||||
USER botuser
|
||||
|
||||
ENTRYPOINT ["/app/entrypoint.sh"]
|
||||
CMD ["python", "bot.py"]
|
||||
|
||||
@@ -1,15 +1,8 @@
|
||||
services:
|
||||
testpostsbot:
|
||||
image: slfhstd.uk/slfhstd/testpostsbot:dev
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
- USER_ID=${USER_ID:-1000}
|
||||
- GROUP_ID=${GROUP_ID:-1000}
|
||||
env_file:
|
||||
- prod.env
|
||||
user: "${USER_ID:-1000}:${GROUP_ID:-1000}"
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./DB:/app/DB
|
||||
entrypoint: ["/app/entrypoint.sh", "python", "bot.py"]
|
||||
|
||||
@@ -1,6 +0,0 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
## Skipping chown for bind-mounted DB folder to avoid permission errors
|
||||
|
||||
exec "$@"
|
||||
Reference in New Issue
Block a user