Update Dockerfile
Browse files- Dockerfile +18 -10
Dockerfile
CHANGED
|
@@ -16,27 +16,35 @@ RUN apt-get update && apt-get install -y \
|
|
| 16 |
docker.io \
|
| 17 |
&& rm -rf /var/lib/apt/lists/*
|
| 18 |
|
| 19 |
-
# Create necessary directories for Coolify and
|
| 20 |
RUN mkdir -p /data/coolify/{source,ssh,applications,databases,backups,services,proxy,webhooks-during-maintenance} \
|
| 21 |
&& mkdir -p /data/coolify/ssh/{keys,mux} \
|
| 22 |
-
&& mkdir -p /data/coolify/proxy/dynamic
|
| 23 |
-
&& chown -R root:root /data/coolify \
|
| 24 |
-
&& chmod -R 777 /data/coolify
|
| 25 |
|
| 26 |
-
#
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 27 |
#RUN ssh-keygen -f /data/coolify/ssh/keys/id.root@host.docker.internal -t ed25519 -N '' -C root@coolify \
|
| 28 |
# && cat /data/coolify/ssh/keys/id.root@host.docker.internal.pub >>~/.ssh/authorized_keys \
|
| 29 |
-
|
| 30 |
|
| 31 |
-
# Download Coolify resources and ensure write permissions
|
| 32 |
RUN curl -fsSL https://cdn.coollabs.io/coolify/docker-compose.yml -o /data/coolify/source/docker-compose.yml \
|
| 33 |
&& curl -fsSL https://cdn.coollabs.io/coolify/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml \
|
| 34 |
&& curl -fsSL https://cdn.coollabs.io/coolify/.env.production -o /data/coolify/source/.env \
|
| 35 |
&& curl -fsSL https://cdn.coollabs.io/coolify/upgrade.sh -o /data/coolify/source/upgrade.sh
|
| 36 |
|
| 37 |
-
#
|
| 38 |
-
RUN chown -R
|
| 39 |
-
|
|
|
|
|
|
|
| 40 |
|
| 41 |
# Modify the environment file with dynamic values
|
| 42 |
RUN sed -i "s|APP_ID=.*|APP_ID=$(openssl rand -hex 16)|g" /data/coolify/source/.env \
|
|
|
|
| 16 |
docker.io \
|
| 17 |
&& rm -rf /var/lib/apt/lists/*
|
| 18 |
|
| 19 |
+
# Create necessary directories for Coolify and set the correct ownership and permissions
|
| 20 |
RUN mkdir -p /data/coolify/{source,ssh,applications,databases,backups,services,proxy,webhooks-during-maintenance} \
|
| 21 |
&& mkdir -p /data/coolify/ssh/{keys,mux} \
|
| 22 |
+
&& mkdir -p /data/coolify/proxy/dynamic
|
|
|
|
|
|
|
| 23 |
|
| 24 |
+
# Create a non-root user
|
| 25 |
+
RUN useradd -ms /bin/bash coolifyuser \
|
| 26 |
+
&& mkdir -p /home/coolifyuser/.ssh \
|
| 27 |
+
&& chown -R coolifyuser:coolifyuser /data/coolify /home/coolifyuser
|
| 28 |
+
|
| 29 |
+
# Switch to the non-root user for the following operations
|
| 30 |
+
USER coolifyuser
|
| 31 |
+
|
| 32 |
+
# Generate SSH key (as coolifyuser)
|
| 33 |
#RUN ssh-keygen -f /data/coolify/ssh/keys/id.root@host.docker.internal -t ed25519 -N '' -C root@coolify \
|
| 34 |
# && cat /data/coolify/ssh/keys/id.root@host.docker.internal.pub >>~/.ssh/authorized_keys \
|
| 35 |
+
# && chmod 600 ~/.ssh/authorized_keys
|
| 36 |
|
| 37 |
+
# Download Coolify resources and ensure write permissions (as coolifyuser)
|
| 38 |
RUN curl -fsSL https://cdn.coollabs.io/coolify/docker-compose.yml -o /data/coolify/source/docker-compose.yml \
|
| 39 |
&& curl -fsSL https://cdn.coollabs.io/coolify/docker-compose.prod.yml -o /data/coolify/source/docker-compose.prod.yml \
|
| 40 |
&& curl -fsSL https://cdn.coollabs.io/coolify/.env.production -o /data/coolify/source/.env \
|
| 41 |
&& curl -fsSL https://cdn.coollabs.io/coolify/upgrade.sh -o /data/coolify/source/upgrade.sh
|
| 42 |
|
| 43 |
+
# Change ownership of files (to ensure everything is accessible by coolifyuser)
|
| 44 |
+
RUN chown -R coolifyuser:coolifyuser /data/coolify
|
| 45 |
+
|
| 46 |
+
# Switch back to root to perform Docker setup
|
| 47 |
+
USER root
|
| 48 |
|
| 49 |
# Modify the environment file with dynamic values
|
| 50 |
RUN sed -i "s|APP_ID=.*|APP_ID=$(openssl rand -hex 16)|g" /data/coolify/source/.env \
|