Browse Source
Merge pull request #266 from CatalystCode/enhancement/docker-avoid-root
Enhancement/Avoid running docker image as root
pull/271/head
Hiroki Nakayama
5 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with
14 additions and
3 deletions
-
Dockerfile
-
README.md
-
azuredeploy.json
|
|
@ -29,18 +29,21 @@ RUN cd /doccano \ |
|
|
|
|
|
|
|
|
FROM python:${PYTHON_VERSION}-slim AS runtime |
|
|
FROM python:${PYTHON_VERSION}-slim AS runtime |
|
|
|
|
|
|
|
|
|
|
|
RUN useradd -ms /bin/sh doccano |
|
|
|
|
|
|
|
|
COPY --from=builder /deps /deps |
|
|
COPY --from=builder /deps /deps |
|
|
RUN pip install --no-cache-dir /deps/*.whl |
|
|
RUN pip install --no-cache-dir /deps/*.whl |
|
|
|
|
|
|
|
|
COPY --from=cleaner /doccano /doccano |
|
|
|
|
|
|
|
|
COPY --from=cleaner --chown=doccano:doccano /doccano /doccano |
|
|
|
|
|
|
|
|
ENV DEBUG="True" |
|
|
ENV DEBUG="True" |
|
|
ENV SECRET_KEY="change-me-in-production" |
|
|
ENV SECRET_KEY="change-me-in-production" |
|
|
ENV PORT="80" |
|
|
|
|
|
|
|
|
ENV PORT="8000" |
|
|
ENV WORKERS="2" |
|
|
ENV WORKERS="2" |
|
|
ENV GOOGLE_TRACKING_ID="" |
|
|
ENV GOOGLE_TRACKING_ID="" |
|
|
ENV AZURE_APPINSIGHTS_IKEY="" |
|
|
ENV AZURE_APPINSIGHTS_IKEY="" |
|
|
|
|
|
|
|
|
|
|
|
USER doccano |
|
|
WORKDIR /doccano |
|
|
WORKDIR /doccano |
|
|
EXPOSE ${PORT} |
|
|
EXPOSE ${PORT} |
|
|
|
|
|
|
|
|
|
|
|
@ -130,7 +130,7 @@ Depending on your installation method, there are two options: |
|
|
First, run a Docker container: |
|
|
First, run a Docker container: |
|
|
|
|
|
|
|
|
```bash |
|
|
```bash |
|
|
docker run -d --name doccano -p 8000:80 chakkiworks/doccano |
|
|
|
|
|
|
|
|
docker run -d --name doccano -p 8000:8000 chakkiworks/doccano |
|
|
``` |
|
|
``` |
|
|
|
|
|
|
|
|
Then, execute `create-admin.sh` script for creating a superuser. |
|
|
Then, execute `create-admin.sh` script for creating a superuser. |
|
|
|
|
|
@ -271,6 +271,14 @@ |
|
|
"linuxFxVersion": "[concat('DOCKER|', parameters('dockerImageName'))]", |
|
|
"linuxFxVersion": "[concat('DOCKER|', parameters('dockerImageName'))]", |
|
|
"alwaysOn": true, |
|
|
"alwaysOn": true, |
|
|
"appSettings": [ |
|
|
"appSettings": [ |
|
|
|
|
|
{ |
|
|
|
|
|
"name": "WEBSITES_PORT", |
|
|
|
|
|
"value": "8000" |
|
|
|
|
|
}, |
|
|
|
|
|
{ |
|
|
|
|
|
"name": "PORT", |
|
|
|
|
|
"value": "8000" |
|
|
|
|
|
}, |
|
|
{ |
|
|
{ |
|
|
"name": "WEBSITES_ENABLE_APP_SERVICE_STORAGE", |
|
|
"name": "WEBSITES_ENABLE_APP_SERVICE_STORAGE", |
|
|
"value": "false" |
|
|
"value": "false" |
|
|
|
