Fix
This commit is contained in:
10
Dockerfile
10
Dockerfile
@ -22,19 +22,11 @@ FROM oven/bun:latest AS runtime
|
|||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
# Create non-root user for security
|
|
||||||
RUN addgroup --system --gid 1001 bunjs && \
|
|
||||||
adduser --system --uid 1001 bunjs
|
|
||||||
|
|
||||||
# Copy built application from builder stage
|
# Copy built application from builder stage
|
||||||
COPY --from=builder --chown=bunjs:bunjs /app .
|
COPY --from=builder --chown=bunjs:bunjs /app .
|
||||||
|
|
||||||
# Create necessary directories with proper permissions
|
# Create necessary directories with proper permissions
|
||||||
RUN mkdir -p data public/podcast_audio && \
|
RUN mkdir -p data public/podcast_audio
|
||||||
chown -R bunjs:bunjs data public
|
|
||||||
|
|
||||||
# Switch to non-root user
|
|
||||||
USER bunjs
|
|
||||||
|
|
||||||
# Expose ports
|
# Expose ports
|
||||||
EXPOSE 3000 3001
|
EXPOSE 3000 3001
|
||||||
|
|||||||
Reference in New Issue
Block a user