fix: run app as spejstore user, not root

2024-02-01 12:36:39 +01:00 · 2024-02-01 12:36:39 +01:00 · 8812e6c0d3
parent b94ab204d8
commit 8812e6c0d3
2 changed files with 4 additions and 2 deletions
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -45,5 +45,6 @@
        "yzhang.markdown-all-in-one"
      ]
    }
-  }
+  },
+  "containerUser": "spejstore"
 }
--- a/3
+++ b/3
@ -12,6 +12,7 @@ ADD requirements.txt /code/
 RUN pip install --no-cache-dir -r requirements.txt
 ADD . /code/

-RUN python -m pip install gunicorn
+RUN groupadd --gid 1000 spejstore && useradd --uid 1000 --gid 1000 --home /code --shell /bin/bash spejstore
+USER spejstore

 CMD bash -c "python manage.py collectstatic --no-input --clear && python manage.py migrate && gunicorn --workers 1 --threads 4 -b 0.0.0.0:8000 --capture-output --error-logfile - --access-logfile - spejstore.wsgi:application"