Rooba
/
tacticalrmm
mirror of https://github.com/amidaware/tacticalrmm.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make NATS & NGINX container run as same UID (1000), fix NATS supervisord permission

This commit is contained in:
Joel DeTeves 2022-01-17 00:08:31 -08:00
parent 0235f33f8b
commit a1bb265222
4 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docker/containers/tactical-nats/dockerfile
View File

@ -11,19 +11,19 @@ COPY natsapi/bin/nats-api /usr/local/bin/
RUN chmod +x /usr/local/bin/nats-api
RUN touch /usr/local/bin/config_watcher.sh
RUN chown 1001:1001 /usr/local/bin/config_watcher.sh
RUN chown 1000:1000 /usr/local/bin/config_watcher.sh
RUN mkdir -p /var/log/supervisor
RUN mkdir -p /etc/supervisor/conf.d
RUN touch /etc/supervisor/conf.d/supervisor.conf
RUN chown 1001:1001 /etc/supervisor/conf.d/supervisor.conf
RUN chown 1000:1000 /etc/supervisor/conf.d/supervisor.conf
COPY docker/containers/tactical-nats/entrypoint.sh /
RUN chmod +x /entrypoint.sh
ENTRYPOINT [ "/entrypoint.sh" ]
USER 1001
USER 1000
EXPOSE 4222

1
docker/containers/tactical-nats/entrypoint.sh
View File

@ -44,6 +44,7 @@ supervisor_config="$(cat << EOF
[supervisord]
nodaemon=true
logfile=/tmp/supervisord.log
pidfile=/tmp/supervisord.pid
[include]
files = /etc/supervisor/conf.d/*.conf

6
docker/containers/tactical-nginx/dockerfile
View File

@ -4,8 +4,14 @@ ENV TACTICAL_DIR /opt/tactical
USER root
RUN deluser --remove-home nginx \
&& addgroup -S nginx -g 1000 \
&& adduser -S -G nginx -u 1000 nginx
RUN apk add --no-cache openssl bash
RUN chown -R nginx:nginx /etc/nginx
SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
COPY docker/containers/tactical-nginx/entrypoint.sh /docker-entrypoint.d/

2
docker/containers/tactical/entrypoint.sh
View File

@ -41,7 +41,7 @@ if [ "$1" = 'tactical-init' ]; then
mkdir -p ${TACTICAL_DIR}/tmp
touch /home/node/app/meshcentral-data/.initialized && chown -R 1000:1000 /home/node/app/meshcentral-data
touch ${TACTICAL_DIR}/tmp/.initialized && chown -R 1000:1000 ${TACTICAL_DIR}
mkdir -p ${TACTICAL_DIR}/certs && chown -R 101:101 ${TACTICAL_DIR}/certs
mkdir -p ${TACTICAL_DIR}/certs && chown -R 1000:1000 ${TACTICAL_DIR}/certs
mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/exe
mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/log
touch ${TACTICAL_DIR}/api/tacticalrmm/private/log/django_debug.log