fix: run app as spejstore user, not root
This commit is contained in:
parent
401f9c3761
commit
0f45ab9cd1
2 changed files with 4 additions and 2 deletions
|
@ -45,5 +45,6 @@
|
|||
"yzhang.markdown-all-in-one"
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"containerUser": "spejstore"
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ ADD requirements.txt /code/
|
|||
RUN pip install --no-cache-dir -r requirements.txt
|
||||
ADD . /code/
|
||||
|
||||
RUN python -m pip install gunicorn
|
||||
RUN groupadd --gid 1000 spejstore && useradd --uid 1000 --gid 1000 --home /code --shell /bin/bash spejstore
|
||||
USER spejstore
|
||||
|
||||
CMD bash -c "python manage.py collectstatic --no-input --clear && python manage.py migrate && gunicorn --workers 1 --threads 4 -b 0.0.0.0:8000 --capture-output --error-logfile - --access-logfile - spejstore.wsgi:application"
|
||||
|
|
Loading…
Reference in a new issue