absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-08 12:19:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't run apps in Docker as root

Browse Source
This commit is contained in:
Luke Parker
2023-07-30 07:23:14 -04:00
parent 9b79c4dc0c
commit 4c801df4f2
7 changed files with 56 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
orchestration/coins/bitcoin/Dockerfile
View File

@@ -25,16 +25,20 @@ RUN grep bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz SHA256SUMS | sha256s
# Prepare Image
RUN tar xzvf bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz
RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind .
FROM debian:bookworm-slim as image
WORKDIR /home/bitcoin
COPY --from=builder /home/bitcoin/* .
RUN mv bin/* /bin && mv lib/* /lib
COPY ./scripts /scripts
# Upgrade packages
RUN apt update && apt upgrade -y
# Switch to a non-root user
RUN useradd --system --create-home --shell /sbin/nologin bitcoin
USER bitcoin
WORKDIR /home/bitcoin
COPY --from=builder --chown=bitcoin /home/bitcoin/bitcoind /bin
COPY ./scripts /scripts
EXPOSE 8332 8333 18332 18333 18443 18444
VOLUME ["/home/bitcoin/.bitcoin"]
# VOLUME ["/home/bitcoin/.bitcoin"]