🔀 Merge pull request #287 from mvhirsch/feature/su-node

uses non-root user
This commit is contained in:
Jan 2020-02-07 16:45:46 -08:00 committed by GitHub
commit c877df0fdd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 4 deletions

View file

@ -6,7 +6,7 @@ RUN if [ -z "$N8N_VERSION" ] ; then echo "The N8N_VERSION argument is missing!"
RUN \ RUN \
apt-get update && \ apt-get update && \
apt-get -y install graphicsmagick apt-get -y install graphicsmagick gosu
# Set a custom user to not have n8n run as root # Set a custom user to not have n8n run as root
USER root USER root
@ -15,4 +15,5 @@ RUN npm_config_user=root npm install -g n8n@${N8N_VERSION}
WORKDIR /data WORKDIR /data
CMD "n8n" COPY docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]

View file

@ -0,0 +1,9 @@
#!/bin/sh
if [ -d /root/.n8n ] ; then
chmod o+rx /root
chown -R node /root/.n8n
ln -s /root/.n8n /home/node/
fi
exec gosu node n8n

View file

@ -5,7 +5,7 @@ ARG N8N_VERSION
RUN if [ -z "$N8N_VERSION" ] ; then echo "The N8N_VERSION argument is missing!" ; exit 1; fi RUN if [ -z "$N8N_VERSION" ] ; then echo "The N8N_VERSION argument is missing!" ; exit 1; fi
# Update everything and install needed dependencies # Update everything and install needed dependencies
RUN apk add --update graphicsmagick tzdata git RUN apk add --update graphicsmagick tzdata git tini su-exec
# # Set a custom user to not have n8n run as root # # Set a custom user to not have n8n run as root
USER root USER root
@ -18,4 +18,5 @@ RUN apk --update add --virtual build-dependencies python build-base ca-certifica
WORKDIR /data WORKDIR /data
CMD ["n8n"] COPY docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"]

View file

@ -0,0 +1,9 @@
#!/bin/sh
if [ -d /root/.n8n ] ; then
chmod o+rx /root
chown -R node /root/.n8n
ln -s /root/.n8n /home/node/
fi
exec su-exec node n8n