docker image as non-root user

[DavidHenryThoreau]

Inside the docker image the app seems to run as root user:

docker exec -it workout-tracker sh
/data # ps -ef|grep workout
    1 root      0:00 /app/workout-tracker
   20 root      0:00 grep workout

Maybe it would be great to create a user with less privileges ?

[jovandeginste]

You can pass the -u flag to docker run; if the volume is writable for that user, everything should work (you may need to use an unprivileged port too)

[DavidHenryThoreau]

For all docker compose pull && docker compose up -d app I'm using these env vars :

    environment:
      - PUID=1000
      - PGID=1000

I'm looking at -u if that fix this error. My first message was to create a workout-tracker user directly in the Dockerfile I will try this option too, if you're ok i'll do a PR.

[jovandeginste]

Yes that's how linuxserver build their images; I have nothing against it, but seems like an extra layer which is not per se necessary...

[jovandeginste]

I tested with:

docker run --rm -i -p 8080:8080 -u 1000:1000 -v $(pwd):/data workout-tracker

This seems to work, as long as $(pwd) is owned by the uid (1000).

Otherwise, you get a weird error:

failed to initialize database, got error unable to open database file: out of memory (14)