From fa2d00005738f702b5c49182c6afceebb2d55d5b Mon Sep 17 00:00:00 2001 From: Thomas Bernard Date: Thu, 31 Aug 2023 10:47:09 +0200 Subject: [PATCH] Make frontend image rootless --- frontend/Dockerfile | 2 +- frontend/nginx.conf | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/frontend/Dockerfile b/frontend/Dockerfile index 05f9612db..5cbb4e499 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -22,7 +22,7 @@ FROM base as build # RUN npm ci --production RUN npm run build -FROM nginx:1.21.4-alpine as prod +FROM nginxinc/nginx-unprivileged:1.21.4-alpine as prod COPY nginx.conf /etc/nginx/nginx.conf diff --git a/frontend/nginx.conf b/frontend/nginx.conf index bbc780b36..f72c168dc 100644 --- a/frontend/nginx.conf +++ b/frontend/nginx.conf @@ -2,6 +2,9 @@ worker_processes 4; events { worker_connections 1024; } +# Directive to run nginx as non-root user +pid /tmp/nginx.pid; + http { server { listen 8080;