eecavanna
commented
2 weeks ago Hi @mflynn-lanl, it is being done via the --ingroup CLI option to the adduser program.
# Create a group having the specified GID (Group ID) and group name, and create
# a user (in that group) having the specified UID (User ID) and user name.
# Reference: https://gist.github.com/utkuozdemir/3380c32dfee472d35b9c3e39bc72ff01
RUN addgroup -g $GROUP_ID $GROUP_NAME && \
adduser --shell /sbin/nologin --disabled-password \
--ingroup $GROUP_NAME --uid $USER_ID $USER_NAMEHere's the help snippet (source) for the adduser program:
adduser [OPTIONS] USER [GROUP]
Create new user, or add USER to GROUP
-h --home DIR Home directory
-g --gecos GECOS GECOS field
-s --shell SHELL Login shell named SHELL by example /bin/bash
-G --ingroup GRP Group (by name)
-S --system Create a system user
-D --disabled-password Don't assign a password, so cannot login
-H --no-create-home Don't create home directory
-u --uid UID User id
-k SKEL Skeleton directory (/etc/skel)
In this branch, I made it so the developer can customize which user PM2 is launched as within the web app container. I also included a commented-out sample snippet in the
docker-compose.prod.ymlfile to facilitate the use of a spontaneously-built image instead of an image present in a registry.