Closed dr-orlovsky closed 4 years ago
I agree.
I think that another point to discuss is that it's safer to run container processes using an unprivileged user instead of root
.
Good point! Actually with the latest refactoring in #21 it is already done
After some discussions with @zoedberg in https://github.com/LNP-BP/docker/pull/17 I propose to discuss and then codify design principles we are using for dockerization (Dockerfile design and docker-compose containers). Right now this is an issue, but later once we agree on it I propose to put it as a part of README.md file in this repo.
So my initial take on that:
expose
but notport
commandenvironment variablesARG
variablesENTRYPOINT
in a way that it can be extended with composecommand
args later;but if this conflicts with (3) the (3) must have a higher priority and customization in compose file with customentrypoint
is should be preferred.