Dockerfile: do not run as root

[marco-m]

This switches off the warning

************************************************************
You are running fabio as root without the '-insecure' flag
This will stop working with fabio 1.7!
************************************************************

and makes all of us feel better :-)

See #369

NOTE In my limited tests it just works (using the tutorial https://learn.hashicorp.com/tutorials/nomad/load-balancing-fabio?in=nomad/load-balancing and stopping before section "Place Nomad client nodes behind AWS load balancer"), but since I am learning Nomad/Consul/Fabio, I might be missing something.

Fastest way to test:

$ docker build -t <USER>/fabio:test-nonroot .
$ docker push <USER>/fabio:test-nonroot

job spec:

task "fabio" {
  driver = "docker"
  config {
    image        = "<USER>/fabio:test-nonroot"

[CLAassistant]

All committers have signed the CLA.

[marco-m]

Hello @leprechau, pinging you here since you suggested this change in #369 and it seems that this project activity has slowed down, so I just wanted to be sure somebody is aware of this PR. Thanks!

[nathanejohnson]

I am not going to merge this, though I do think there is validity to running as non-root. The issue is running as user 1001 is not appropriate, this will actually be the second user created by default on many host operaating systems, and 1001 has no meaning inside of alpine as-is. I may revisit this in the future - perhaps do the rube goldberg approach that mongodb uses where they have a script as an entrypoint that tries to create a user on the fly, chown some files and run the mongod daemon as that user. This makes more sense for a database where it will be writing to persistent volume mounts. But at present, Traefik and Caddy both run as root in their official docker images, and so will fabio (for now).