fix: run container as non-root user (node)

2026-05-12 00:00:41 +02:00
parent bf6e80ad25
commit bacac8ed8b
1 changed files with 4 additions and 1 deletions
@@ -15,7 +15,8 @@ COPY server/src/ ./server/src/
 RUN cd server && npm ci && npx tsc

 FROM node:22-slim
-RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates && rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates && rm -rf /var/lib/apt/lists/* && \
+    mkdir -p /app /data && chown -R node:node /app /data

 WORKDIR /app

@@ -25,6 +26,8 @@ COPY --from=server-build /app/server/node_modules ./server/node_modules

 COPY .env.example ./.env.example

+USER node
+
 EXPOSE 3001
 VOLUME ["/data"]