It would be a good practise to run the container as a non root user
I found this documentation on the nginx docker hub:
It is possible to run the image as a less privileged arbitrary UID/GID. This, however, requires modification of nginx configuration to use directories writeable by that specific UID/GID pair:
$ docker run -d -v $PWD/nginx.conf:/etc/nginx/nginx.conf nginx
where nginx.conf in the current directory should have the following directives re-defined:
pid /tmp/nginx.pid;
And in the http context:
http {
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
...
}
It would be a good practise to run the container as a non root user I found this documentation on the nginx docker hub: