Open gav- opened 1 month ago
Overall your docker image makes running dmarcts-report-viewer and dmarcts-report-parser a neat solution.
You might consider changes to your build to run the services as a non-root user however.
For anyone who wants to do this immediately, the following Dockerfile makes this possible for the current gutmensch/dmarc-report:latest image:
FROM gutmensch/dmarc-report:latest ARG BUID=1000 ARG BGID=1000 USER root RUN addgroup -g ${BGID} dmarc && \ adduser -D -u ${BUID} -G dmarc -h /home/dmarc dmarc && \ sed -i 's%.*listen [::]:80 default_server;% listen [::]:8080 default_server;%g' /etc/nginx/nginx.conf && \ sed -i 's%.*listen 80 default_server;% listen 8080 default_server;%g' /etc/nginx/nginx.conf && \ sed -i "s%echo 'user%#echo 'user%" /entrypoint.sh && \ sed -i "s%echo 'group%#echo 'group%" /entrypoint.sh && \ sed -i "s%echo 'listen.owner%#echo 'listen.owner%" /entrypoint.sh && \ sed -i "s%echo 'listen.group%#echo 'listen.group%" /entrypoint.sh && \ chown -R dmarc:dmarc /etc/php* /etc/nginx /var/lib/nginx /var/log /var/www /run /etc/supervisor* USER dmarc HEALTHCHECK --interval=1m --timeout=3s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping EXPOSE 8080
Overall your docker image makes running dmarcts-report-viewer and dmarcts-report-parser a neat solution.
You might consider changes to your build to run the services as a non-root user however.
For anyone who wants to do this immediately, the following Dockerfile makes this possible for the current gutmensch/dmarc-report:latest image: