Fix #2680 - Run processes in Docker as non-root user (#3159)

author: Wonderfall <wonderfall@targaryen.house> 2017-05-20 15:12:29 +0200
committer: Eugen Rochko <eugen@zeonfederated.com> 2017-05-20 15:12:29 +0200
commit: d972845ff663605becec1dde904271897fe2e347 (patch)
tree: efa009a5451fd7f4c7c0f0498999484a7b05879e /docker_entrypoint.sh
parent: 2c405aed553067bfba2daf1b235a27f7ba52c956 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/docker_entrypoint.sh b/docker_entrypoint.sh
new file mode 100644
index 000000000..e53261340
--- /dev/null
+++ b/docker_entrypoint.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon
+find /mastodon -path /mastodon/public/system -prune -o -not -user mastodon -not -group mastodon -print0 | xargs -0 chown -f mastodon:mastodon
+su-exec mastodon:mastodon /sbin/tini -- "$@"
author	Wonderfall <wonderfall@targaryen.house>	2017-05-20 15:12:29 +0200
committer	Eugen Rochko <eugen@zeonfederated.com>	2017-05-20 15:12:29 +0200
commit	d972845ff663605becec1dde904271897fe2e347 (patch)
tree	efa009a5451fd7f4c7c0f0498999484a7b05879e /docker_entrypoint.sh
parent	2c405aed553067bfba2daf1b235a27f7ba52c956 (diff)