Jay commited on
Commit ·
d4485e3
1
Parent(s): 3695557
fix: ad-blocker hosts — download at build, apply at runtime
Browse files/etc/hosts is read-only during docker build. Now:
- Dockerfile: download hosts to /opt/huggingmes/adblock-hosts.txt
- start.sh: cat into /etc/hosts at runtime (runs as root before dropping privs)
- Dockerfile +2 -1
- cloudflare-proxy-setup.py +0 -0
- hermes-sync.py +0 -0
- start.sh +5 -0
Dockerfile
CHANGED
|
@@ -32,8 +32,9 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
| 32 |
|
| 33 |
# ── Ad/tracker blocker — prevent HF abuse detection from browser fan-out ──
|
| 34 |
# Steven Black unified hosts: 170k+ ad/tracker/malware domains → 0.0.0.0
|
|
|
|
| 35 |
RUN curl -sSL https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts \
|
| 36 |
-
| grep '^0.0.0.0' >
|
| 37 |
|
| 38 |
COPY --chown=hermes:hermes start.sh /opt/huggingmes/start.sh
|
| 39 |
COPY --chown=hermes:hermes health-server.js /opt/huggingmes/health-server.js
|
|
|
|
| 32 |
|
| 33 |
# ── Ad/tracker blocker — prevent HF abuse detection from browser fan-out ──
|
| 34 |
# Steven Black unified hosts: 170k+ ad/tracker/malware domains → 0.0.0.0
|
| 35 |
+
# /etc/hosts is read-only during build, so save to a file and apply at runtime
|
| 36 |
RUN curl -sSL https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts \
|
| 37 |
+
| grep '^0.0.0.0' > /opt/huggingmes/adblock-hosts.txt
|
| 38 |
|
| 39 |
COPY --chown=hermes:hermes start.sh /opt/huggingmes/start.sh
|
| 40 |
COPY --chown=hermes:hermes health-server.js /opt/huggingmes/health-server.js
|
cloudflare-proxy-setup.py
CHANGED
|
File without changes
|
hermes-sync.py
CHANGED
|
File without changes
|
start.sh
CHANGED
|
@@ -7,6 +7,11 @@ umask 0077
|
|
| 7 |
# HuggingMes — Hermes Gateway for HF Spaces
|
| 8 |
# ════════════════════════════════════════════════════════════════
|
| 9 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 10 |
# ── Startup Banner ──
|
| 11 |
APP_DIR="${HUGGINGMES_APP_DIR:-/opt/huggingmes}"
|
| 12 |
HERMES_HOME="${HERMES_HOME:-/data/hermes}"
|
|
|
|
| 7 |
# HuggingMes — Hermes Gateway for HF Spaces
|
| 8 |
# ════════════════════════════════════════════════════════════════
|
| 9 |
|
| 10 |
+
# ── Apply ad-blocker hosts (built during docker build, applied at runtime) ──
|
| 11 |
+
if [ -f /opt/huggingmes/adblock-hosts.txt ]; then
|
| 12 |
+
cat /opt/huggingmes/adblock-hosts.txt >> /etc/hosts 2>/dev/null || true
|
| 13 |
+
fi
|
| 14 |
+
|
| 15 |
# ── Startup Banner ──
|
| 16 |
APP_DIR="${HUGGINGMES_APP_DIR:-/opt/huggingmes}"
|
| 17 |
HERMES_HOME="${HERMES_HOME:-/data/hermes}"
|